Why Modern Technology Sucks Ass
Jan. 3rd, 2003 04:19 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
tyggerjaiFor those of you who know me who are now having heart attacks, and wondering what I've done with the Real Jai, it's ok. Modern Technology (tm) doesn't, of course, suck.
Because computers don't induce mindless, bloodboiling, psychotic homicidal rage in people. People induce mindless bloodboiling psuchotic homicidal rage in people.
Let me start by admitting what is the fault, possibly, of the actual technology.
A small percentage of hardware is genuinely flawed, due to the manufacturing process. That might be the hardwares "fault", in the sense of , well, faulty hardware. It's not the fault of technology, of course, but let's allow that. So that's it. Software is all written by people. All of it. If software sucks, that's a humans fault.
So *why* does modern technology suck?
There are several answers, but they boil down to two things. Unrealistic expectations (don't believe the hype), and ... stupid humans.
Lets start with unrealistic expectations. Modern technology (and lets face it, at the end of the day I'm talking about "computers" here) does vastly more than we realise, with less suckage than we realise, and we *still* want it to do more.
I just bought a standalone DVD player. $300 (.au dollars, for those playing overseas.). Do you know what it does? It plays DVDs. And CDs. Some of you are now looking blank, and saying "Well, yes, and?". Fair enough. That's all it should do.
It plays them well. And it took 3 minutes to set up. Piece of cake. For $300. Lets add $500 for a decent TV. And $200 for a little stereo. The TV is somewhat essential for watching DVDs, the stereo is a bonus. So I've spent $1000. And I can watch DVDs. And TV. And listen to CDs. And the radio.
That's not a very broad range of stuff, really. It sounds like a lot, but it's a narrow range, and I can only do one of them at once. Maybe two, if I don't run the DVD player through the stereo, but that defeats the purpose of the stereo.
And that's the *top* end of functionality for $1000. Spend that on a fridge, and you can keep things very cold. Spend it on a stove, and you can make things very hot. Spend it on a washing machine and dryer, and you can make things wet and warm, wet and cold and dry and warm. You don't even get dry and cold. For a grand. Big fucking deal.
Don't even *ask* what it buys you in terms of a car or a motorbike.
My point here is that in terms of doing stuff, $1000 doesn't buy you much. And the areas where it buys you *least* are traditional, well understood "old" technologies - fridges, ovens. Single use machines that haven't actually changed in decades in any meaningful way.
If we expect one single function for a thousand dollars from a fridge or an oven, why do we expect so much more from a computer? Because we've bought some weird marketing hype. And - to no small extent - because computers *can* do so much more. I have a machine that cost me $200 second hand. I can write word documents, send emails, listen to CDs and MP3s, print stuff, search the Web, watch movies.... It's a little more frustrating than the $1000 DVD/TV/Stereo combo, I'll grant. Takes longer to start up, takes more effort to set up in terms of networking.
But modern computers are getting so much better at that. Go buy a brand new $2,000 Macintosh. It'll let you watch DVDs, play CDs, do everything that the $1,000 combo does, and then some. And all you need to do is plug it in. So computers are expected to do more because they *can* do more. Much, much more. But all we see is the potential, we forget the things they Just Do.
What else do we get from other appliances that we don't get from computers?
We think we get longevity. To a certain extent that's true. Fridges are the best example. IF you buy a good, $1,000 fridge, it'll run 24/7, 52 weeks a year, for several years. Lets say ten years. Lets say ten years for washers/dryers, too.
And lets say 30 years for an oven. 30 years. So really, that's $33 per year. Much cheaper than a computer. And it makes things *really* hot! And you might use it, say an hour a day.
An hour a day. I cook quite a lot, and *I* don't use my oven an hour a day. MY stovetop, maybe. My stovetop, maybe, an hour a day if I'm cooking a lot every day. I use my computer a lot more. I would, but so do you. Really. Think about how often you use the computer. Now think about how much you cook. But even if I grant the point that mean hours of usage between failures is higher by orders of magnitude for stoves, we're left with the fact that ... they make things hot. This is not rocket science. We've understood making things hot for thousands of years. The techniques haven't changed. No - wait - they have. We have microwaves. And if you used a microwave for an hour a day every day, how long do you think it would last? Complexity reduces lifespan. Functionality increases complexity.
For what it's worth, to prove a point, I'm writing this article on a Sun SLC.
I could have written it on a Mac Classic II. I've *owned* the Classic for a decade (it cost me $850). The SLC is about the same vintage. Conservatively, 10 years old. And they do what they do *just as well* as they did when they were produced. They're toys in terms of what todays machines can do. But they haven't objectively degraded. And the SLC will connect happily to the interweb, and do everything a modern computer does. Slower, and in black and white, but because I can keep replacing the software running it, it works like a modern computer. Imagine turning your conventional oven into a microwave by installing some software.
So if other appliances have greater longevity, it's because they have vastly greater simplicity. They do one thing, and they do it well.
Moving Targets
One thing well. And it's a well understood thing. That's another very important point. Making things hotter hasnt changed much in the last thousand years. We've found a better way of doing it (microwave), but the thing itself hasn't changed, and even the microwave technology is now 50 years old.
"We can put someone on the moon, why can't my computer (stay up/not crash/do X, Y, Z)?".
Because putting a man on the moon, (apart from requiring billions of dollars and tens of thousands of man years, costing lives and *still* having problems (Challenger, to name but one), because that's all true of home computers, too), was a single problem. And a (relatively) simple one. Go up, come down. Very limited set of functionality, even by the time you include all the craft controls, and a clearly defined, well understood, and (most importantly) static requirement.
The things you need to do to put a man on the moon haven't changed in the last 40 years. The moon hasn't suddenly grown, shrunk, moved, developed excessive radiation, or anything else. Those factors do fluctuate, obviously, but in a fairly long term, observable-and-predictable way. And people still die, and problems still happen. Let me illustrate that, in case it's not quite clear. NASA have a problem in terms of hardware at the moment finding the chips they use in space shuttles - because no-one *makes* them anymore. They're obselete. And that's a *feature*. If you're sending me to the moon, I want to know that you're using hardware that you've used *thousands* of times. That you've been doing this for *Decades*. Please don't tell me that this is a brand new chip that you had to commission because the moon suddenly changed its access protocols. It's like the ad for automated backup software that *only* an advertising copywriter could have come up with - "Do you want your backups to be exciting and interesting?". And every tech (and quite a few "amateur" computer users) will reply "No. I want them to be utterly boring and predictable. I want them to be exactly the same every time with nothing out of the ordinary. I want them to PUT ME TO SLEEP with their fundamental boringness.". I want one thing, well understood.
So change is expensive and difficult. Early revisions of hardware and software are inherently less stable because the *problem domain* is poorly understood.
And we understand making things hot, cold and wet.
So that's about it for Great Expectations. Technology sucks ass because we have excessive expectations of what our dollar buys, in terms of performance and longevity, and also because the problem domains new technology deals with are, by their very nature, in a state of flux. SO go easy on your poor computer - try to remember all the things it does do, and do well. It's doing a hell of a lot more than making a leg of pork very hot for a few hours.
I go to the markets, in no small part, to get away from tech. I wander around the markets, alone, looking at food, smiling at people, having nothing to do with computers. They don't even do EFTPOS (that's an important point. Remember it).
This rant is, in no small part, prompted by something I saw at the markets today that utterly boiled my blood. Because it's one of the stupidest, most shortsighted, cockeyed, ass-backwards, fundamentally FUCKING INCOMPETENT applications of technology I've ever seen. And that's saying something.
Because you can now dial-a-Coke. Seriously. If, surrounded by shops that take nothing but cash and deal in the kinds of figures *guaranteed* to leave you with pockets full of shrapnel, you run out of change, you can dial a special number, which will debit you the cost of a Coca-Cola(tm), and tell the machine next to you that you've paid, and it should give you a Coke. Is that an inherently bad idea? Not at all. I don't own a mobile phone - can't stand them - but even I think it's a good idea. Not because I'm a Coke junkie - I drink a fair amount of it, but not in cans, generally, and not at the markets. So why is it a good idea? Because it *scales*. I could buy DVDs with my phone. Or hell, a DVD player when the tech is mature enough. Fuckin' A! Get rid of the credit card, the eftpos card, whatever. Buy it all with a phone. Automate that process !
It's a fucking *excellent* idea in terms of applying emerging tech to eternal human needs.
So why does my blood boil? Implementation. Sucky, sucky, beyond-sucky implementation.
Each Coke machine has its *own* phone number. I infer that the process works thus:
You phone the unique Coke machine number.
Your phone company (and you have to be with Telstra) bills you for the coke, and sends the Coke machine a "release" code.
That's it. Trivial. Really. Very simple. If there's a difficulty involved, it's in outfitting the Coke machines, but it wouldn't surprise me to learn that they already have GSM mobile capability for monitoring, etc.
It's a logical convergence. But it has two main problems.
You the consumer are required to punch in a different number for each machine.
what the hell is with that? I can't even program "buy me a coke" into my phone, I have to do it differently for each machine. I want to be able to press "Buy coke" in my speed dial (some of you will find that very funny. If you do, consider rehab.). But I can't. Suck ass.
You the consumer have *no* protection. If I steal your mobile, then me using it to buy a dozen Cokes is about the least of your worries. But it *does* mean that the process doen't scale to, say, DVDS, or anything else that's actually pricey. No way are companies going to scale this up if it means I can bill *you* for a thousand dollars worth of DVDs merely by stealing your phone. And in this day and age, tech that doesn't scale sucks ass.
Why?
Because it *could* be different!
It took me an hour to design the system so that it scales with about as much security as a credit card.
Seriously.
Imagine this. Your phone supplier (who almost certainly have already a "secure" website for you to check your account, pay your bills, etc, and if they don't, they should, and soon will) give you, on their website, an checkbox that you can tick to be able to buy stuff. Tick. That's it. They give you a PIN number (either on the website as part of the same checking-the-box process, or in the mail). Like all modern PINs, you can change it on their website, yadda, yadda.
That's it. From your point of view, that is, literally, *it*. The clever bit is that using the mobile *network* for this is silly. Every single mobile manufactured in the last few years has *infra-red*. And infra-red is cheaper and easier than my ex-girlfriends. So the Coke machine needs an IR receiver. You send the Coke machine an IR message that uniquely identifies your phone (and hence your account). Because that can be faked, you send it your PIN number. The Coke machine, being stupid-but-connected, sends that to the central machine (which you would have had to do otherwise). The central machine bills you, says "yeah, sure", and sends a release code to the Coke machine. It's saved you several keystrokes, it's saved you the need to use a different number each time, and it's *scalable*. There must be a downside?
Ok, there is. IR is a fundamentally "public" medium. IF I have an IR sniffer, I can sniff your PIN (oooer!). With your PIN and a phone that can fake your account info I can buy a Porsche. Ok. How do we work around that? One time passwords.
It's one of the oldest tricks in the crypto book. When you register for your PIN with your phone provider (or whoever. The hardest part about all this is *not* the tech, it's deciding who oversees the centralisation), you download a series of one-shot passwords. Much like downloading a ringtone. BEcause it's done on the web, you have existing e-commerce grade security except for the "last hop" from your PC to your phone. but that's in the privacy of your home anyway. From now on, when you buy something, the phone uses the next password in the series, and forgets it (and that's automatic - you don't need to remember the passwords, the phone will. You still just enter your PIN). The central system checks that password. Then that password is *forgotten*. Completely. USed up. So I can sniff your sessions from now until the cows come home, and I'll *never* know what the next password is supposed to be. Bingo.
Anything else? Well, someone could hijack the merchant end of things. IR being public, they could have their own connection to the central machine, and when you buy something, they could sniff the password and connect to the central machine *before* the merchant. So you have a Merchant ID - merchant machines send the merchant ID to the central server, the merchant tells you their ID (or it's written on the coke machine, or whatever), and the system SMSs you for confirmation so you can check the merchant ID against the one printed on the Coke Machine.
No, wait,our hijacker could manually replace the sign on the Coke machine. Tell you what, let's go lotech. Let's fuck it off for purchases under $5, (let them steal a Coke. Big deal. They can only use that password once, remember.), and for purchases over that, have a little IR-proof box sheilding the merchants IR receiver that you stick your phone in when you press "send". Easy and cheap.
So what have we done here? We've made it easy and secure for you the consumer
to buy pretty much anything with your phone. We've made the process as simple and consistent as possible for you - buying a coke and buying a porsche are pretty much the same, assuming you have the credit. We've shifted the complexity to the back end, where it belongs. IF Porsche think sales will increase by letting you phone-a-porsche, let *them* do the hard work. Is this reminding people of anything? Say, EFTPOS? Good. Because it *is* EFTPOS. All I've done is change the very front end. I've taken an existing, known, trusted architecture, and bolted a phone interface onto it. Rather than starting from scratch, which is what Telstra dn Coke seem to have done. Instead of your EFTPOS card, you have a phone. That's it. SO why bother? Yu tell me, I don't have a mobile :) But if you're *going* to buy things with your mobile, here's how to do it properly. Involve your bank, cross-leverage (Really. That's what it *means*) the decades of work and research they've *already done*, and GET IT RIGHT!
We've also shifted the authorisation to a central point, so we can do the following:
1) Increase or decrease security according to cost. You can set your preferences so that you don't need a PIN for purchases under $10, or so that you need a different PIN for purchases over $100. Because you might want your teenaged child or significant other to be able to borrow your phone and buy a Coke, but not a Porsche.
2) Increase or decrease purchasing power *full stop*. No Porsches on your teenaged childs phone, *ever*.
We've added a step for you-the-consumer, in that you have to log in to a website to do all this. OR go to the central provider in person. But that's trivial - build it into the process of buying the phone.
And it's as secure as your credit card. Hell, I don't even need a PIN to use your credit card online. All the info I need is printed *right* on the card. You give it to a friendly sales assistant *every time* you buy something with it. Worst case, I sniff your PIN and steal your phone. Now, I have total access. But hey, I can steal your credit card, too, and buy all the abmasters I like over the phone.
That's a boring longwinded example that I wanted to inflict on you all to show how clever I am, but really, what it shows is that the people designing new applications for technology are MORONS! My friends excluded, naturally :) And there are examples of this sort of crap *everywhere*. Not just poorly designed systems, but poorly implemented systems, and systems we just don't *need*. But I can defend even that. Because it's *progress*. See earlier point about moving goalposts. The phone-a-coke system sucks, because, well, it's New and Shiny (and really, really poorly thought out). Phone-a-Coke Version 2.0 will have the above improvements, because I'm about to sell them to Coke. Then Phone-A-Porsche will build on *that*. So Version 1.0 will always suck. Version 2.0 and beyond are the fun bits. And a lot of what we use today is Version 1.0.
After all that, I'm not sure what my point was. I think it was that technology, in terms of what your dollar buys, isn't so bad, and if it does suck, it's because people are stupid.
Update
![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif)
bunnikins points out that the dial-a-coke thing is a gimmick, and thus not really worth getting right first time in engineering terms - it's not designed to scale, and it's not worth designing to scale. That's true, to a point, but that's the kind of attitude that leads to temporary gimmicks becoming rushed-to-market prototypes becoming poorly thought out production software. And that's a big part of the problem. It doesn't take that much more effort to put in a decent infrastructure, even if you're not using all of it, or using it to its capacity. So I may be being a little unfair on the dial-a-coke guys - they may have thought all this through and be planning it already for Version 2.0. But version 1.0 sucks.
bunnikins also points out that stupid consumers are happy to jump through even suckier hoops as part of the SMS fad for even less reward. While that tends to reduce the efficacy of the above argument in terms of blaming stupid designers, it does tend to support the argument that stupid people get the technology they deserve...
Update 2
The obvious solution to the merchant hijacking is one-time pads for the merchants as well. Duh.
sol.
.
Because computers don't induce mindless, bloodboiling, psychotic homicidal rage in people. People induce mindless bloodboiling psuchotic homicidal rage in people.
Let me start by admitting what is the fault, possibly, of the actual technology.
A small percentage of hardware is genuinely flawed, due to the manufacturing process. That might be the hardwares "fault", in the sense of , well, faulty hardware. It's not the fault of technology, of course, but let's allow that. So that's it. Software is all written by people. All of it. If software sucks, that's a humans fault.
So *why* does modern technology suck?
There are several answers, but they boil down to two things. Unrealistic expectations (don't believe the hype), and ... stupid humans.
Great Expectations
Lets start with unrealistic expectations. Modern technology (and lets face it, at the end of the day I'm talking about "computers" here) does vastly more than we realise, with less suckage than we realise, and we *still* want it to do more.
I just bought a standalone DVD player. $300 (.au dollars, for those playing overseas.). Do you know what it does? It plays DVDs. And CDs. Some of you are now looking blank, and saying "Well, yes, and?". Fair enough. That's all it should do.
It plays them well. And it took 3 minutes to set up. Piece of cake. For $300. Lets add $500 for a decent TV. And $200 for a little stereo. The TV is somewhat essential for watching DVDs, the stereo is a bonus. So I've spent $1000. And I can watch DVDs. And TV. And listen to CDs. And the radio.
That's not a very broad range of stuff, really. It sounds like a lot, but it's a narrow range, and I can only do one of them at once. Maybe two, if I don't run the DVD player through the stereo, but that defeats the purpose of the stereo.
And that's the *top* end of functionality for $1000. Spend that on a fridge, and you can keep things very cold. Spend it on a stove, and you can make things very hot. Spend it on a washing machine and dryer, and you can make things wet and warm, wet and cold and dry and warm. You don't even get dry and cold. For a grand. Big fucking deal.
Don't even *ask* what it buys you in terms of a car or a motorbike.
My point here is that in terms of doing stuff, $1000 doesn't buy you much. And the areas where it buys you *least* are traditional, well understood "old" technologies - fridges, ovens. Single use machines that haven't actually changed in decades in any meaningful way.
If we expect one single function for a thousand dollars from a fridge or an oven, why do we expect so much more from a computer? Because we've bought some weird marketing hype. And - to no small extent - because computers *can* do so much more. I have a machine that cost me $200 second hand. I can write word documents, send emails, listen to CDs and MP3s, print stuff, search the Web, watch movies.... It's a little more frustrating than the $1000 DVD/TV/Stereo combo, I'll grant. Takes longer to start up, takes more effort to set up in terms of networking.
But modern computers are getting so much better at that. Go buy a brand new $2,000 Macintosh. It'll let you watch DVDs, play CDs, do everything that the $1,000 combo does, and then some. And all you need to do is plug it in. So computers are expected to do more because they *can* do more. Much, much more. But all we see is the potential, we forget the things they Just Do.
What else do we get from other appliances that we don't get from computers?
We think we get longevity. To a certain extent that's true. Fridges are the best example. IF you buy a good, $1,000 fridge, it'll run 24/7, 52 weeks a year, for several years. Lets say ten years. Lets say ten years for washers/dryers, too.
And lets say 30 years for an oven. 30 years. So really, that's $33 per year. Much cheaper than a computer. And it makes things *really* hot! And you might use it, say an hour a day.
An hour a day. I cook quite a lot, and *I* don't use my oven an hour a day. MY stovetop, maybe. My stovetop, maybe, an hour a day if I'm cooking a lot every day. I use my computer a lot more. I would, but so do you. Really. Think about how often you use the computer. Now think about how much you cook. But even if I grant the point that mean hours of usage between failures is higher by orders of magnitude for stoves, we're left with the fact that ... they make things hot. This is not rocket science. We've understood making things hot for thousands of years. The techniques haven't changed. No - wait - they have. We have microwaves. And if you used a microwave for an hour a day every day, how long do you think it would last? Complexity reduces lifespan. Functionality increases complexity.
For what it's worth, to prove a point, I'm writing this article on a Sun SLC.
I could have written it on a Mac Classic II. I've *owned* the Classic for a decade (it cost me $850). The SLC is about the same vintage. Conservatively, 10 years old. And they do what they do *just as well* as they did when they were produced. They're toys in terms of what todays machines can do. But they haven't objectively degraded. And the SLC will connect happily to the interweb, and do everything a modern computer does. Slower, and in black and white, but because I can keep replacing the software running it, it works like a modern computer. Imagine turning your conventional oven into a microwave by installing some software.
So if other appliances have greater longevity, it's because they have vastly greater simplicity. They do one thing, and they do it well.
Moving Targets
One thing well. And it's a well understood thing. That's another very important point. Making things hotter hasnt changed much in the last thousand years. We've found a better way of doing it (microwave), but the thing itself hasn't changed, and even the microwave technology is now 50 years old.
"We can put someone on the moon, why can't my computer (stay up/not crash/do X, Y, Z)?".
Because putting a man on the moon, (apart from requiring billions of dollars and tens of thousands of man years, costing lives and *still* having problems (Challenger, to name but one), because that's all true of home computers, too), was a single problem. And a (relatively) simple one. Go up, come down. Very limited set of functionality, even by the time you include all the craft controls, and a clearly defined, well understood, and (most importantly) static requirement.
The things you need to do to put a man on the moon haven't changed in the last 40 years. The moon hasn't suddenly grown, shrunk, moved, developed excessive radiation, or anything else. Those factors do fluctuate, obviously, but in a fairly long term, observable-and-predictable way. And people still die, and problems still happen. Let me illustrate that, in case it's not quite clear. NASA have a problem in terms of hardware at the moment finding the chips they use in space shuttles - because no-one *makes* them anymore. They're obselete. And that's a *feature*. If you're sending me to the moon, I want to know that you're using hardware that you've used *thousands* of times. That you've been doing this for *Decades*. Please don't tell me that this is a brand new chip that you had to commission because the moon suddenly changed its access protocols. It's like the ad for automated backup software that *only* an advertising copywriter could have come up with - "Do you want your backups to be exciting and interesting?". And every tech (and quite a few "amateur" computer users) will reply "No. I want them to be utterly boring and predictable. I want them to be exactly the same every time with nothing out of the ordinary. I want them to PUT ME TO SLEEP with their fundamental boringness.". I want one thing, well understood.
So change is expensive and difficult. Early revisions of hardware and software are inherently less stable because the *problem domain* is poorly understood.
And we understand making things hot, cold and wet.
So that's about it for Great Expectations. Technology sucks ass because we have excessive expectations of what our dollar buys, in terms of performance and longevity, and also because the problem domains new technology deals with are, by their very nature, in a state of flux. SO go easy on your poor computer - try to remember all the things it does do, and do well. It's doing a hell of a lot more than making a leg of pork very hot for a few hours.
2. Stupid People.
I go to the markets, in no small part, to get away from tech. I wander around the markets, alone, looking at food, smiling at people, having nothing to do with computers. They don't even do EFTPOS (that's an important point. Remember it).
This rant is, in no small part, prompted by something I saw at the markets today that utterly boiled my blood. Because it's one of the stupidest, most shortsighted, cockeyed, ass-backwards, fundamentally FUCKING INCOMPETENT applications of technology I've ever seen. And that's saying something.
Because you can now dial-a-Coke. Seriously. If, surrounded by shops that take nothing but cash and deal in the kinds of figures *guaranteed* to leave you with pockets full of shrapnel, you run out of change, you can dial a special number, which will debit you the cost of a Coca-Cola(tm), and tell the machine next to you that you've paid, and it should give you a Coke. Is that an inherently bad idea? Not at all. I don't own a mobile phone - can't stand them - but even I think it's a good idea. Not because I'm a Coke junkie - I drink a fair amount of it, but not in cans, generally, and not at the markets. So why is it a good idea? Because it *scales*. I could buy DVDs with my phone. Or hell, a DVD player when the tech is mature enough. Fuckin' A! Get rid of the credit card, the eftpos card, whatever. Buy it all with a phone. Automate that process !
It's a fucking *excellent* idea in terms of applying emerging tech to eternal human needs.
So why does my blood boil? Implementation. Sucky, sucky, beyond-sucky implementation.
Each Coke machine has its *own* phone number. I infer that the process works thus:
You phone the unique Coke machine number.
Your phone company (and you have to be with Telstra) bills you for the coke, and sends the Coke machine a "release" code.
That's it. Trivial. Really. Very simple. If there's a difficulty involved, it's in outfitting the Coke machines, but it wouldn't surprise me to learn that they already have GSM mobile capability for monitoring, etc.
It's a logical convergence. But it has two main problems.
You the consumer are required to punch in a different number for each machine.
what the hell is with that? I can't even program "buy me a coke" into my phone, I have to do it differently for each machine. I want to be able to press "Buy coke" in my speed dial (some of you will find that very funny. If you do, consider rehab.). But I can't. Suck ass.
You the consumer have *no* protection. If I steal your mobile, then me using it to buy a dozen Cokes is about the least of your worries. But it *does* mean that the process doen't scale to, say, DVDS, or anything else that's actually pricey. No way are companies going to scale this up if it means I can bill *you* for a thousand dollars worth of DVDs merely by stealing your phone. And in this day and age, tech that doesn't scale sucks ass.
Why?
Because it *could* be different!
It took me an hour to design the system so that it scales with about as much security as a credit card.
Seriously.
Imagine this. Your phone supplier (who almost certainly have already a "secure" website for you to check your account, pay your bills, etc, and if they don't, they should, and soon will) give you, on their website, an checkbox that you can tick to be able to buy stuff. Tick. That's it. They give you a PIN number (either on the website as part of the same checking-the-box process, or in the mail). Like all modern PINs, you can change it on their website, yadda, yadda.
That's it. From your point of view, that is, literally, *it*. The clever bit is that using the mobile *network* for this is silly. Every single mobile manufactured in the last few years has *infra-red*. And infra-red is cheaper and easier than my ex-girlfriends. So the Coke machine needs an IR receiver. You send the Coke machine an IR message that uniquely identifies your phone (and hence your account). Because that can be faked, you send it your PIN number. The Coke machine, being stupid-but-connected, sends that to the central machine (which you would have had to do otherwise). The central machine bills you, says "yeah, sure", and sends a release code to the Coke machine. It's saved you several keystrokes, it's saved you the need to use a different number each time, and it's *scalable*. There must be a downside?
Ok, there is. IR is a fundamentally "public" medium. IF I have an IR sniffer, I can sniff your PIN (oooer!). With your PIN and a phone that can fake your account info I can buy a Porsche. Ok. How do we work around that? One time passwords.
It's one of the oldest tricks in the crypto book. When you register for your PIN with your phone provider (or whoever. The hardest part about all this is *not* the tech, it's deciding who oversees the centralisation), you download a series of one-shot passwords. Much like downloading a ringtone. BEcause it's done on the web, you have existing e-commerce grade security except for the "last hop" from your PC to your phone. but that's in the privacy of your home anyway. From now on, when you buy something, the phone uses the next password in the series, and forgets it (and that's automatic - you don't need to remember the passwords, the phone will. You still just enter your PIN). The central system checks that password. Then that password is *forgotten*. Completely. USed up. So I can sniff your sessions from now until the cows come home, and I'll *never* know what the next password is supposed to be. Bingo.
Anything else? Well, someone could hijack the merchant end of things. IR being public, they could have their own connection to the central machine, and when you buy something, they could sniff the password and connect to the central machine *before* the merchant. So you have a Merchant ID - merchant machines send the merchant ID to the central server, the merchant tells you their ID (or it's written on the coke machine, or whatever), and the system SMSs you for confirmation so you can check the merchant ID against the one printed on the Coke Machine.
No, wait,our hijacker could manually replace the sign on the Coke machine. Tell you what, let's go lotech. Let's fuck it off for purchases under $5, (let them steal a Coke. Big deal. They can only use that password once, remember.), and for purchases over that, have a little IR-proof box sheilding the merchants IR receiver that you stick your phone in when you press "send". Easy and cheap.
So what have we done here? We've made it easy and secure for you the consumer
to buy pretty much anything with your phone. We've made the process as simple and consistent as possible for you - buying a coke and buying a porsche are pretty much the same, assuming you have the credit. We've shifted the complexity to the back end, where it belongs. IF Porsche think sales will increase by letting you phone-a-porsche, let *them* do the hard work. Is this reminding people of anything? Say, EFTPOS? Good. Because it *is* EFTPOS. All I've done is change the very front end. I've taken an existing, known, trusted architecture, and bolted a phone interface onto it. Rather than starting from scratch, which is what Telstra dn Coke seem to have done. Instead of your EFTPOS card, you have a phone. That's it. SO why bother? Yu tell me, I don't have a mobile :) But if you're *going* to buy things with your mobile, here's how to do it properly. Involve your bank, cross-leverage (Really. That's what it *means*) the decades of work and research they've *already done*, and GET IT RIGHT!
We've also shifted the authorisation to a central point, so we can do the following:
1) Increase or decrease security according to cost. You can set your preferences so that you don't need a PIN for purchases under $10, or so that you need a different PIN for purchases over $100. Because you might want your teenaged child or significant other to be able to borrow your phone and buy a Coke, but not a Porsche.
2) Increase or decrease purchasing power *full stop*. No Porsches on your teenaged childs phone, *ever*.
We've added a step for you-the-consumer, in that you have to log in to a website to do all this. OR go to the central provider in person. But that's trivial - build it into the process of buying the phone.
And it's as secure as your credit card. Hell, I don't even need a PIN to use your credit card online. All the info I need is printed *right* on the card. You give it to a friendly sales assistant *every time* you buy something with it. Worst case, I sniff your PIN and steal your phone. Now, I have total access. But hey, I can steal your credit card, too, and buy all the abmasters I like over the phone.
That's a boring longwinded example that I wanted to inflict on you all to show how clever I am, but really, what it shows is that the people designing new applications for technology are MORONS! My friends excluded, naturally :) And there are examples of this sort of crap *everywhere*. Not just poorly designed systems, but poorly implemented systems, and systems we just don't *need*. But I can defend even that. Because it's *progress*. See earlier point about moving goalposts. The phone-a-coke system sucks, because, well, it's New and Shiny (and really, really poorly thought out). Phone-a-Coke Version 2.0 will have the above improvements, because I'm about to sell them to Coke. Then Phone-A-Porsche will build on *that*. So Version 1.0 will always suck. Version 2.0 and beyond are the fun bits. And a lot of what we use today is Version 1.0.
After all that, I'm not sure what my point was. I think it was that technology, in terms of what your dollar buys, isn't so bad, and if it does suck, it's because people are stupid.
Update
bunnikins points out that the dial-a-coke thing is a gimmick, and thus not really worth getting right first time in engineering terms - it's not designed to scale, and it's not worth designing to scale. That's true, to a point, but that's the kind of attitude that leads to temporary gimmicks becoming rushed-to-market prototypes becoming poorly thought out production software. And that's a big part of the problem. It doesn't take that much more effort to put in a decent infrastructure, even if you're not using all of it, or using it to its capacity. So I may be being a little unfair on the dial-a-coke guys - they may have thought all this through and be planning it already for Version 2.0. But version 1.0 sucks.bunnikins also points out that stupid consumers are happy to jump through even suckier hoops as part of the SMS fad for even less reward. While that tends to reduce the efficacy of the above argument in terms of blaming stupid designers, it does tend to support the argument that stupid people get the technology they deserve...Update 2
The obvious solution to the merchant hijacking is one-time pads for the merchants as well. Duh.
sol.
.
(no subject)
Date: 2003-01-04 11:32 pm (UTC)(no subject)
Date: 2003-01-05 06:40 pm (UTC)My father sent a reply, to this effect: "If I came over and embedded an axe in my distinguished colleague, would we call that 'axe error'?"
Exactly.
Date: 2003-01-05 07:07 pm (UTC)Though it is important to acknowledge that some things are "computer error" - like the Pentium rounding bug. But that's computers that err because the person who designed them erred.
sol.
.
veOaOhyozie
Date: 2011-08-08 01:48 pm (UTC)(no subject)
Date: 2010-12-09 06:11 am (UTC)I love and deeply respect tech and computers so I can't stand seeing a negative being made out of a positive given that the nature of tech involves much more rapid evolution than that of a stove. I also love and deeply respect a good rant, especially about tech, since any aspect of it, when it goes wrong or it's not implemented right, can drive anyone crazy, but this a pointless rant (if you came up with the answer, you should either submit it or else assume someone else will come up with that same answer and be in a position to implement it soon enough), so I am unsubscribing.