Dylan’s Desk: Our phones have a constitutional right to privacy. It’s up to us to use it

Dylan’s Desk: Our phones have a constitutional right to privacy. It’s up to us to use it

Above: If only it were so easy to enable privacy on our mobile devices.


How can you leverage mobile to increase profitability for your company? Find out at MobileBeat, VentureBeat’s 7th annual event on the future of mobile, on July 8-9 in San Francisco. Register now and save $200!


The Supreme Court ruling yesterday that police cannot search your phone without a warrant is a recognition of what most of us already know intuitively: Our phones are deeply personal extensions of ourselves. As such, they deserve the same level of privacy protection as our own homes.

Now if only the companies that make those phones would see things the same way.

As Chief Justice John Roberts wrote in the unanimous opinion, cell phones are “now such a pervasive and insistent part of daily life that the proverbial visitor from Mars might conclude they were an important feature of human anatomy.” The court recognized the vast amount of information these devices contain — or provide access to, via the cloud — and the potential for that information to reveal every detail about a person’s life. In fact, a search of your phone would reveal far more about you than a full search of your house would, the court noted.

“The sum of an individual’s private life can be reconstructed through a thousand photographs labeled with dates, locations, and descriptions; the same cannot be said of a photograph or two of loved ones tucked into a wallet,” the court wrote.

Legal protection against warrantless searches is one thing, and a very important thing it is. But the niceties of the law only go so far, particularly when, as we know, there are spy agencies that regularly tap our communications without a warrant — or with the most superficial oversight and blanket approvals of a secret court. Yes, that blanket approval is changing, as the courts and Congress move to restrict the NSA’s purview. But the fact remains that much of what we do with our phones can be and often is monitored and searched.

We need better protections. And not just against government intrusions: We need to protect ourselves, if we choose, from the very companies that make our phones and the software that runs on them. Time and again we have learned that our phones, or their apps, are tracking us, collecting data on us that they don’t need. That may be harmless now, since that data is primarily being used to determine which ads to show you — which you will ignore anyway. But any large collection of deeply personal data on millions of people is a rich target for bad actors of all kinds: hackers, less-principled corporations, out-of-control surveillance states, or in some parts of the world, dictators.

As tech journalist Quinn Norton recently wrote, everything is broken when it comes to security — badly broken. Everything is riddled with holes and vulnerabilities of various kinds that, if exploited, give attackers complete control of your devices and your data. Heartbleed was a security disaster of epic proportions, but it was mostly just better publicized than other, similarly disastrous vulnerabilities. The only question is whether those vulnerabilities have been found yet and are being used against you.

Why do we put up with this shoddiness? Partly it’s because most of us don’t care. We don’t have a sense of privacy for our own devices, or we don’t worry about it, because we don’t do anything with them — or don’t believe we do — that could embarrass us or get us in trouble.

Partly, also, it is because we value convenience so highly. Automatically syncing your email, contracts, and calendar? Sign me up. Backing up all your photos to the cloud? Wonderful.

Wonderful, that is, until hackers use that very interconnectedness to delete all your family photos.

It is time for us to demand more. If the Supreme Court recognizes how deeply personal and private our phones are to us, maybe we should too.

“There are plenty of schemes that could federate or safely encrypt our data, plenty of ways we could regain privacy and make our computers work better by default,” Norton wrote. “It isn’t happening now because we haven’t demanded that it should, not because no one is clever enough to make that happen.”

Let’s demand it. If the highest court in the U.S. can figure out that privacy is needful when it comes to our phones, maybe it’s time for us to wake up to that need.

Technology does not have a mind of its own, and it does not evolve by itself, independent of human intervention. We have choices. Let’s make them.

Fundraiser to support ‘NSA-proof’ email gets off to a roaring start

Fundraiser to support ‘NSA-proof’ email gets off to a roaring start

Above: ProtonMail founders Jason Stockman, Wei Sun, and Andy Yen.

Image Credit: ProtonMail

ProtonMail, an encrypted email service that advertises itself as “NSA-proof,” launched to much acclaim about a month ago.

Since then, the company says it has signed up 200,000 users – and it just launched a fundraising campaign on Indiegogo because, co-founder Andy Yen says, “that is the best way to get financing and also keep ProtonMail independent.”

Three days after the Indiegogo campaign kicked off, the team has already raised $160,000 — 60 percent more than its initial goal.

“We could be on track to become one of the largest software crowdfunding campaigns ever,” Yen boasted.

Accounts on ProtonMail are free (though at the moment you have to sign up for a waiting list before you can create an account). Yen said basic accounts would always be free, but that in the future the company would charge power users a “modest monthly fee” for additional storage, in order to make ProtonMail into a self-sustaining business.

End-to-end encryption is one of the few ways to ensure true privacy in any communications channel. The trouble is that setting up encrypted email has generally been a difficult matter. Encrypted chats have, until recently, been almost as problematic.

(One notable exception: Many chat clients, including Adium — but not Google Talk — offer an off-the-record (OTR) chat mode that is extremely simple to set up and offers “perfect forward secrecy,” meaning each chat session is encrypted with a unique key. If you want to chat securely with me, ask me for my AIM account.)

Other attempts to simplify the process of secure chat or secure email have occasionally been curtailed either by doubts about their technical security. CryptoCat, for example, is quite controversial among security experts because of a vulnerability an an earlier version of the chat tool. Security can also be compromised if the companies don’t have legal jurisdiction to ensure true privacy in the event of a subpoena — HushMail, for instance, has said that it will hand over your emails if subpoenaed.

So we asked Yen: Why should anyone trust ProtonMail?

“The main idea is to encrypt data before it even comes to our servers, using an encryption password that we do not have access to, so we don’t have the ability to decrypt the encrypted data on our servers,” Yen told us.

In other words, even if the NSA got hold of emails cached on ProtonMail’s servers, they would not be able to decrypt them — and ProtonMail won’t have the keys either.

Yen added that the team — which is comprised of CERN and MIT computer scientists — is being careful to get its technology vetted by security experts. “We’ve had constant input from the computer security team at CERN and hundreds of computer scientists on the staff there,” Yen said.

“We believe in crowdsourcing security and we have a growing list of experts helping us to perform security cross checks and make improvements throughout the beta. We will get even more of the community involved by open sourcing the relevant parts of the codebase when the code becomes more mature and changes less often.”

In addition, the company is headquartered in Switzerland, which — so far — has a pretty good record of independence from other governments’ intrusions.

The fact that 200,000 people have signed up for ProtonMail already is a sign that there’s a small but significant number of people who care enough about their privacy to use encrypted email systems. And other encrypted messaging services, such as SilentCircle and Wickr, have seen some traction — though they haven’t come close to rivaling the giants, like WhatsApp, Tango, or the big email services.

Maybe that’s because people don’t care much about privacy. Or maybe it’s because encryption is still too hard to use, or too mysterious of a concept.

“We feel the security community has an obligation to lower the entry barrier so people can get used to the idea of encryption and we can begin to educate them about encryption,” Yen said.

“That is how you get an installed user base that you can then gradually transition to more and more secure systems over time.”

Published on VentureBeat, June 21, 2014

Amazon CEO Jeff Bezos is looking at something pretty amazing.
Image Credit: James Duncan Davidson/Flickr

Amazon’s Fire phone — and what it means

Hello everyone!

I wrote this post about the Amazon Fire phone yesterday morning.

At the time I wrote it, I didn’t yet know what the phone was called or any of its exact details — that came later in the day, with Amazon’s official unveiling. But, thanks to excellent reporting by VB writer Mark Sullivan and solid context from the rest of the VB team, I was able to put together a pretty good picture of what it would likely mean.

What Amazon’s ‘Fire Phone’ means — and why it could be a real contender

Why does a company that started as a bookseller, evolved into an e-commerce giant, and has seen some success selling Android tablets think that it can take on the ruthless market of smartphones?

What we have, in Amazon’s Fire phone, is a first draft of a smartphone from a company that has all the advantages of an Apple or a Google — and then some.

Amazon, in my opinion, is one of the few companies with a “full stack” of technology to back up a consumer electronics business: cloud services, software, an app store, content. In addition, it has an enormously efficient retail operation and it has credit card details for millions of consumers, making its phone a powerful potential digital wallet.

What we didn’t know is the extent to which Amazon would try to use its product knowledge — via its “Firefly” image recognition feature — to insert a wedge between its customers and the retail outlets they usually frequent. Imagine standing in the aisle at Walgreens, picking up a bottle of Excedrin, and pointing your phone at it. The phone recognizes the bottle, gives you details on what it contains — perhaps more than you can easily get from the label — and offers to ship you the bottle for substantially less. Because it has text recognition capabilities, the phone knows exactly what price Walgreens is selling it for, so Amazon can always undercut that price.

So far, nobody seems excited enough about this phone to actually buy it. But this is just the first version. I will say this, I’m getting a little scared of Amazon.

I’d like to hear what you think!

Some more coverage of the Amazon Fire phone from VB’s team:

 

 

In other news, I went to Paris last week to learn about the French tech economy. (I had some pretty good meals too.) What I saw was substantially different from what I expected. Here are some of the highlights:

 

 

Nicolas Sadirac of Ecole 42

This French tech school has no teachers, no books, no tuition — and it could change everything

PARIS — École 42 might be one of the most ambitious experiments in engineering education.

It has no teachers. No books. No MOOCs. No dorms, gyms, labs, or student centers. No tuition.

And yet it plans to turn out highly qualified, motivated software engineers, each of whom has gone through an intensive two- to three-year program designed to teach them everything they need to know to become outstanding programmers.

The school, housed in a former government building used to educate teachers (ironically enough), was started by Xavier Niel. The founder and majority owner of French ISP Free, Niel is a billionaire many times over. He’s not well known in the U.S., but here he is revered as one of the country’s great entrepreneurial successes in tech.

He is also irrepressibly upbeat, smiling and laughing almost nonstop for the hour that he led a tour through École 42 earlier this week. (Who wouldn’t be, with that much wealth? Yet I have met much more dour billionaires before.)

Niel started École 42 with a 70 million euro donation. He has no plans for it to make money, ever.

Free founder Xavier Niel, speaking at Ecole 42, the free engineering school he created.

“I know one business, and that’s how to make software,” Niel said. “I made a lot of money and I want to give something back to my country,” he explained.

To make the school self-sustaining, he figures that future alumni will give back to their school, just as alumni of other schools do. If a few of them become very rich, as Niel has, perhaps they, too, will give millions to keep it going.

The basic idea of École 42 is to throw all the students — 800 to 1,000 per year — into a single building in the heart of Paris, give them Macs with big Cinema displays, and throw increasingly difficult programming challenges at them. The students are given little direction about how to solve the problems, so they have to turn to each other — and to the Internet — to figure out the solutions.

A student at Ecole 42 explains how he created a ray tracing program. Six months before he knew nothing about programming.

The challenges are surprisingly difficult. One student I talked with was coding a ray tracer and building an emulation of the 3-D dungeon in Castle Wolfenstein within his first few months at the school. Six months earlier, he had barely touched a computer and knew nothing of programming. He hadn’t even finished high school.

In fact, 40 percent of École 42’s students haven’t finished high school. Others have graduated from Stanford or MIT or other prestigious institutions. But École 42 doesn’t care about their background — all it cares about is whether they can complete the projects and move on. The only requirement is that they be between the ages of 18 and 30.

“We don’t ask anything about what they’ve done before,” Niel said.

Yet École 42 is harder to get into than Harvard: Last year, 70,000 people attempted the online qualification test. 20,000 completed the test, and of those, 4,000 were invited to spend four weeks in Paris doing an intensive project that had them working upwards of 100 hours a week on various coding challenges. In the end, 890 students were selected for the school’s inaugural class, which began in November, 2013. (The average age is 22, and 11 percent of the first class is female.)

890 students out of 70,000 applicants means an acceptance rate a little north of 1 percent, or if you only count those who completed the test, 4.5 percent. By contrast, Harvard accepts about 6 percent of its applicants. And, even with financial aid, it charges a whole lot more than zero for its classes.

The upshot: If it works, the school’s course of education will produce coders who are incredibly self-motivated, well-rounded in all aspects of software engineering, and willing to work hard. (The four-week tryout alone, with its 100-hour weeks, blows away the French government’s official 35-hour-work week.)

Nicolas Sadirac, a French entrepreneur and educator, is the school’s director. Before École 42 he ran Epitech, a well-regarded, private, for-profit school that trained software engineers.

Ecole 42 includes a few extra amenities -- like a hot tub on the roof deck.

All of École 42’s projects are meant to be collaborative, so the students work in teams of two to five people. At first glance, the École’s classrooms look a little bit like a factory floor or a coding sweatshop, with row after row of Aeron-style chairs facing row after row of big monitors. But a closer look reveals that the layout is designed to facilitate small-group collaboration, with the monitors staggered so that students can easily talk to one another, on the diagonals between the monitors or side by side with the people next to them. Students can come and go as they please; the school is open 24 hours a day and has a well-appointed cafeteria in the basement (with a wine cellar that can hold 5,000 bottles, just in case the school needs to host any parties).

Students share all of their code on Github (naturally). They communicate with one another, and receive challenges and tests, via the school’s intranet. Everything else they figure out on their own, whether it means learning trigonometry, figuring out the syntax for C code, or picking up techniques to index a database.

Tests are essentially pass-fail: Your team either completes the project or it doesn’t. One administrator compared it to making a car: In other schools, getting a test 90 percent right means an A; but if you make a car with just three out of four wheels, it is a failure. At École 42, you don’t get points for making it part way there — you have to make a car with all four wheels.

The no-teachers approach makes sense, as nearly anything you need to know about programming can now be found, for free, on the Internet. Motivated people can easily teach themselves any language they need to know in a few months of intensive work. But motivation is what’s hard to come by, and to sustain — ask anyone who has tried out Codecademy but not stuck with it. That has prompted the creation of “learn to code” bootcamps and schools around the world. École 42 takes a similar inspiration but allows the students to generate their own enthusiasm via collaborative (and somewhat competitive) teamwork.

Exterior view of Ecole 42.

Sadirac and Niel say that some prestigious universities have already expressed interest in the school’s approach. The two are considering syndicating the model to create similar schools in other countries.

But even if they never expand beyond Paris, École 42 could become a significant force in software education. France already has a reputation for creating great engineers (in software as well as in many other fields).

If École 42 adds another thousand highly-motivated, entrepreneurial software engineers to the mix every year, it could very quickly accelerate this country’s competitiveness in tech.

And the model will force schools like Harvard to make an extra effort to justify their high tuitions. If you can get training like this for free, and you want to be a software engineer, why go to Harvard?

Disclosure: My airfare and hotel to France were paid for by BPIFrance, a state-owned investment bank.