Tags: trust

18

sparkline

Blockchain and Trust - Schneier on Security

Honestly, cryptocurrencies are useless. They’re only used by speculators looking for quick riches, people who don’t like government-backed currencies, and criminals who want a black-market way to exchange money.

Bruce Schneier on the blockchain:

What blockchain does is shift some of the trust in people and institutions to trust in technology. You need to trust the cryptography, the protocols, the software, the computers and the network. And you need to trust them absolutely, because they’re often single points of failure.

Google AMP - A 70% drop in our conversion rate. - Rockstar Coders

Google hijacking and hosting your AMP pages (in order to pre-render them) is pretty terrible for user experience and security:

I’m trying to establish my company as a legitimate business that can be trusted by a stranger to build software for them. Having google.com reeks of a phishing scam or fly by night operation that couldn’t afford their own domain.

Superfan! — Sacha Judd

The transcript of a talk that is fantastic in every sense.

Fans are organised, motivated, creative, technical, and frankly flat-out awe-inspiring.

Mozilla betrays Firefox users and its nominal principles

That’s a harsh headline but it is unfortunately deserved. We should indeed hold Mozilla to a higher standard.

The Evolution of Trust

Such a great primer on game theory—well worth half an hour of your time.

Distributed and syndicated content: what’s wrong with this picture? | Technical Architecture Group

Hadley points to the serious security concerns with AMP:

Fundamentally, we think that it’s crucial to the web ecosystem for you to understand where content comes from and for the browser to protect you from harm. We are seriously concerned about publication strategies that undermine them.

Andrew goes into more detail:

The anchor element is designed to allow one website to refer visitors to content on another website, whilst retaining all the features of the web platform. We encourage distribution platforms to use this mechanism where appropriate. We encourage the loading of pages from original source origins, rather than re-hosted, non-canonical locations.

That last sentence there? That’s what I’m talking about!

Christina Xu: Convenient Friction: Observations on Chinese UX in Practice on Vimeo

This was my favourite talk from this year’s Interaction conference—packed full of insights, and delivered superbly.

It prompted so many thoughts, I found myself asking a question during the Q&A.

Christina Xu: Convenient Friction: Observations on Chinese UX in Practice

Certified Malice – text/plain

Following from that great post about the “zone of death” in browsers, Eric Law looks at security and trust in a world where certificates are free and easily available …even to the bad guys.

The Line of Death – text/plain

A thoroughly fascinating look at which parts of a browser’s interface are available to prevent phishing attacks, and which parts are available to enable phishing attacks. It’s like trench warfare for pixels.

Designing digital services that are accountable, understood, and trusted (OSCON 2016 talk)

Software is politics, because software is power.

The transcript of a tremendous talk by Richard Pope.

The Case Against Google

An in-depth look at where Google is going wrong.

Maybe the effort we go to as we think about the... · Ben Ward's Scattered Mind

"Facebook has rolled out an identity system — Facebook Connect — with a slick UI that trains a gazillion tech-naïve users to slap their identity credentials into any old website."

Mickipedia » Blog Archive » Social Networking Fatigue. I has it.

Good Reads is responsible for one of the most egregious abuses of trust — using the password anti-pattern to spam your address book. Micki has the details.

Beyond CAPTCHA: No Bots Allowed! [Privacy and Trust]

Brothercake looks at the problems, issues, and alternatives to requiring a human to prove that they're not a bot.

Coding Horror: A Question of Programming Ethics

A cautionary tale that explains just why the password anti-pattern needs to die. Coding horror indeed: in this case, 1,777 GMail accounts were compromised.

QuirksBlog: Opera's antitrust complaint and political control of web standards

PPK points out a potentially dangerous aspect to Opera's actions, one that that the rest of us have missed: "Without consulting anybody, Opera is trying to give a political body the right to decide what does and what does not constitute a web standard."

Facebook's Misrepresentation of Beacon's Threat to Privacy: Tracking users who opt out or are not logged in. - CA Security Advisor Research Blog - CA

An excellent piece of research that shows how Facebook affiliates' cross-site scripting (Beacon) sends information back to the mothership regardless of whether the user has opted out.

disambiguity - » Design Ethics - Encouraging responsible behaviour

Leisa joins in on the password anti-pattern. As she says, this is a question of ethics. I've already made my position clear to my colleagues and clients. Have you?