Monthly Archive for December, 2010

The RunOrg Poll

Published
by
Victor Nicollet
on December 20, 2010
in Strategy
. Comments

This week-end, we published on the RunOrg website a poll about the use and misuse of information technologies in associations. Why? Because we’re Start-Up founders, and working week-ends is part of the package. Ha ha, I mean, why this poll? Oh, right. I’ll get to that in a minute, but first, if you’re one of my french readers and happen to be a member of an association, please visit the poll page and respond. It won’t take long, and it might also answer that question.

So, why this poll? Well, there’s a distinct lack of statistical information on the topic — and although our market analysis answers the critical question of whether there’s money to be earned, it’s not nearly as precise or global as our curiosity would expect. There are many problems that information technology can solve in association, and until we take over the world in Q4 2011 we don’t expect RunOrg to solve more than a handful of these by itself, but we would still be happy to know what these other problems really are and how they are solved so far.

Gathering information about unexplored topics is also a great way to build a reputation of expertise and excellence. The results of the poll will be made available freely on the internet, in the same fashion as OkCupid’s How Races and Religions Match in Online Dating and the Mint infographics, which should improve our google ranking bring us more customers help people find the Association IT experts they have been looking for.

The results should be interesting, but the questions themselves are hopefully quite helpful: most of them are pretty obvious to natives of the information age, yet a complete surprise to everyone else. A significant number of associations from our initial sample still rely on a pen-and-paper system for handling everything, with a nice web site designed for them by a tech-savvy member that left two years ago (and that hasn’t been updated ever since). If something as simple as getting the web site right is so hard, what about handling a newsletter or mailing list? Letting members pay their subscription fee online? That our poll asks associations whether they do it hints at the possibility of doing it.

Oh, you can have people pay their subscription online? Asked one early participant (well, poll beta-tester, actually), who has since set up a PayPal subscription process.

If we’re in the business of building wondrous solutions to pervasive problems, I’d rather have everyone know that these problems can be solved. I strongly suspect one of the biggest issues with our product is that our potential clients believe no solution exists — anything we can do to alleviate this issue is welcome, even if it means those potential customers will also become more aware of our competitors’ products in the process.

Really, I’d rather have everyone using our competitors’ products than using pen and paper in the XXIst century.

Gifts

Published
by
Victor Nicollet
on December 9, 2010
in Random
. Comments

Are you having trouble with the search for presents for everyone around you? Worry no longer : this one-page helpful guide will take you through the difficult steps of having a great idea, and provides helpful tips for escaping from the melee on the morning of December 25th.

Creative Commons License
The font used for the headings is Tusj, and there’s a link to a downloadable and printable PDF file here. And don’t forget to support the Switzerland.

Ovh-WikiLeaks sets a Reassuring Precedent

Published
by
Victor Nicollet
on December 4, 2010
in Random
. Comments

I mentioned recently that Amazon ousted WikiLeaks from its servers without waiting for a confirmation of its illegality, and how this implied huge risks for anyone using the Amazon Cloud.

So, WikiLeaks moved elsewhere, and one of these locations was OVH, a hosting company in France that happens to host the RunOrg servers as well. As expected, a combination of public outcry and government pressure appeared as soon as the location of the WikiLeaks hosting was revealed on Thursday, December 3rd.

The OVH CEO, Octave Klaba, penned a response to the ongoing crisis the next day, which I have translated into english for your convenience.

Hello,
As you certainly know, the wikileaks site is hosted on our infrastructure since yesterday in the early morning. A client ordered a dedicated server with RIPE blocks and protection against attacks. Their bill, paid with a credit card, is less than 150 euro. And that client hosts the wikileaks site. On a strict legal definition, Ovh does not host that site. Ovh is only the technical support of the technical solution that said client has ordered.

In short, this is an ordinary and daily occurrence. The [ordering and delivery] system is entirely automatic and works 24/7. We discovered just like you did that this site was on our infrastructure yesterday … in the media.

Ovh is neither condones nor condemns this site. The question is off topic. Ovh is a company that provides infrastructure, the famous cloud computing available within hours …, and our role is to provide this technical service. That is all. We did not ask to host, or not to host, that site. Now that they’re using our infrastructure, we will honor the contract. That is our job. The site works.

Given the recent political statements, and the increasing pressure put on us even here in Roubaix Valley, we have decided to refer the topic in emergency to a judge, who could then determine whether this site may legally be hosted on French soil. It is the role of neither the political world nor Ovh to demand or decide the removal of a site, that is the role of judges alone. That is how it should work in a state of law.

We hope that the judge will take a decision tonight or tomorrow. And Ovh will apply that decision immediately.

All the best,
Octave

I am overjoyed to see that, at least in my country, my web site will not be ousted from the servers that are hosting it unless a judge says so, regardless of the political or economical pressure. I guess that’s too bad for Amazon.

Here’s the original French text, for those interested:

Bonjour,
Comme vous savez certainement, le site wikileaks est hébergé sur nos infrastructures depuis hier très tôt le matin. Il s’agit d’un client qui a commandé un serveur dédié, avec les blocs RIPE et de protections contre les attaques. Sa facture payée par CB s’élève à moins de 150euro. Et donc il héberge le site wikileaks. Juridiquement parlant Ovh n’est pas l’hébergeur de ce site. Ovh est, juste, le prestataire technique de la solution technique que le client a commandé.

Bref, l’histoire est banale et quotidienne. Le système est totalement automatique et fonctionne 24 heures sur 24. Nous avons découvert comme vous tous que ce site est chez nous hier … dans la presse.

Ovh n’est ni pour ni contre ce site. La question hors sujet pour nous. Ovh est une entreprise qui fournit les infrastructures, le fameux cloud computing disponible en quelques heures …, et notre rôle est d’assurer cette prestation technique. C’est tout. On n’a pas demandé d’héberger ce site ou ne pas l’héberger. Maintenant qu’il est chez nous on assure le contrat. C’est notre boulot. Il est fonctionnel.

Compte tenu de dernières déclarations politiques, et de pressions qui commencent réellement à se sentir, même ici à Roubaix Valley, nous avons décidé de saisir le juge en référé afin qu’il se prononce sur la légalité ou pas de ce site sur le territoire français. Ce n’est pas au monde politique ni à Ovh de demander ou de décider la fermeture ou pas d’un site mais à la justice. C’est comme que ça doit marcher dans un pays de droit.

Nous espérons que le juge donnera sa décision avant ce soir ou demain. Et Ovh appliquera la décision immédiatement.

Amicalement
Octave

Be Careful What You Ask For

Published
by
Victor Nicollet
on December 3, 2010
in People
. Comments

Jumo is a brand new social network that lets you connect with the causes and organizations that you support. They started their open beta recently, so I chimed in to see what was going on over there.

I didn’t get past the signup form. Not because of any bugs or technical difficulties, but because of this:

So, it turns out that to connect to Jumo, you need to have a valid Facebook account. Why not? Letting your users connect through Facebook is a good strategy to gather information easily (it lets the user import his personal information from Facebook instead of typing it by hand). Requiring a Facebook account is probably a bit too extreme in my opinion, especially when it’s technically unnecessary, but I can live with it, especially since my Facebook profile is designed to contain only public information.

The showstopper here is that I need to grant permission to post on my wall. I’m utterly and irrevocably paranoid about my online image, so anything that looks like me saying things I don’t actually want to say is grounds for immediate rejection. I have absolutely no idea what Jumo is going to do with this permission once granted, and the last few times I’ve seen that permission granted by my friends, shady applications flooded their walls with advertising for other third party sites said friends knew nothing about. I’m pretty sure Jumo is not going to do that, but them asking for permission can only mean one thing: sooner or later, a message from Jumo will appear on my wall without letting me review its contents first.

Ultimately, this is a gamble: by asking for wall access, Jumo is willingly throwing away all the reputation-obsessed people who will not grant that permission, but earns the right to post a message on the walls of all those people who don’t care enough about Jumo to write that message of their own accord. And they’re playing their cards just right, because people like me are a minority. But that doesn’t mean it’s not a cheap, dirty trick.

It’s payback time. Not.

Published
by
Victor Nicollet
on December 3, 2010
in People
. Comments

Why do generosity and sharing survive? Giving stuff away without asking for something in return is irrational. In a cold, rational society, those who give willingly would be taken advantage of by free riders until they wither and go away. Well, it sounds like humans are conditioned to find and punish free riders, and unfair behavior in general.

A recent experiment by Ryan McKay illustrated this quite clearly. Subjects were grouped in pairs, one of the two was given a lump of money and told he could share any or all of it with the other. The second subject could then spend the money he received to reduce the first subject’s earnings at a 3:1 ratio (so spending $1 would reduce the first subject’s earnings by $3), thereby punishing him for being unfair. Priming the second subject with words related to religion caused the second subject to have a significantly more aggressive punishment behavior — they would rather lose $1 than have an unfair individual earn $3.

Combine this with Dan Ariely‘s conclusions in a cheating-based experiment: subjects were given a timed examination, and were rewarded based on how many questions they said they had answered — so you could cheat and say you answered all the questions, and get the maximum payout, even if you did pretty badly on the test. The first conclusion was that everyone cheated by a little amount, which is fairly interesting in itself, but the second conclusion was very surprising: by asking the participants to remember the Ten Commandments before taking the test, all cheating was eliminated, including those people who self-identified as atheists and therefore had no earning-points-for-the-afterlife motivation to respect the Ten Commandments. Ariely’s entire talk is pretty interesting for that matter:

In short, we’re nice to each other because 1° that’s the way we were conditioned to be and 2° the others will punish us if we don’t. The problem with the Internet is that it’s a mostly anonymous environment, so reason 2° goes out the window. You can’t punish someone you don’t know and probably lives in a different country. It follows that people who are not affected by reason 1° and find out reason 2° does not apply will take advantage of everyone else.

The New York Times ran a moving piece about Vitaly Borker, who has set up a fairly interesting business model: he waits for people to land on the web page of his DecorMyEyes online shopping site, and buy a pair of designer glasses. Once this happens, he buys fake glasses from eBay, ships an incomplete package and charges more than what was billed. From the New York Times piece:

[She] placed an order for both the Lafonts and a set of doctor-prescribed Ciba Vision contact lenses on that site, DecorMyEyes.com. The total cost was $361.97. [...] The next day, a man named Tony Russo called to say that DecorMyEyes had run out of the Ciba Visions. Pick another brand, he advised a little brusquely. [...] With the contacts issue unresolved, her eyeglasses arrived two days later. But the frames appeared to be counterfeits [...] Soon after, she discovered that DecorMyEyes had charged her $487 — or an extra $125.

And once the customers ask for a refund or threaten to get their money back from their bank, DecorMyEyes threatens them with lawsuits, and stalks them on Google Earth and sends them a picture of their home to bully them into giving up their money.

The elegant part of this business model is that this outrageous customer «service» means those people who ended up on the wrong side of a DecorMyEyes transaction will complain about it on the internet. The typical Google search for DecorMyEyes yields pages upon pages of angry «don’t buy from DecorMyEyes» customer reviews. This should even the odds and let everyone know it’s a hellish scamlike business, right? Wrong. Most people will never do a search for DecorMyEyes, even if they’re about to give them their credit card number. Silly humans. On the other hand, since all those angry reviews invariably linked to the company’s website, their Google rating blew through the roof, which in turn let them end up in delicious spots in searches that really matter, like «Ciba Vision» and incidentally prove me right as far as my earlier theories about scamming go:

  • Relying on repeat business is impractical — glasses are a rare, costly expense.
  • There are no dominant brands that own the market — at least, not on the Internet selling French glasses in the US.
  • There is little to no contact between potential customers — because humans don’t do reputation research.

Customer losses are estimated at $1.7 billion. Nice one. Vitaly Borker has been going at it for at least two years, and there’s still no public righteous avenger wrath going on. The Internet is too busy righteous-avenger-wrathing a lady who puts a cat in a trash bin to go after a billion-dollar bully.

Silly Internet.

Amazon-WikiLeaks sets a Scary Precedent

Published
by
Victor Nicollet
on December 2, 2010
in Strategy
. Comment

For those of you living under a rock and not having an internet connection down there, here’s the story so far:

  • WikiLeaks, originally hosted in Sweden, announces that it will publish several hundred thousand U.S. classified documents.
  • A hacker runs a denial of service attack on WikiLeaks, bringing them down.
  • WikiLeaks uploads some of their data to Amazon’s S3 file hosting service, and goes live
  • Amazon pulls the plug on the WikiLeaks hosting within 48 hours.

I will not under any circumstances condemn or condone what either WikiLeaks or Amazon did there. That topic is too complex for me (and, I suspect, most people) to form an adequately justified opinion, and my biased unjustified opinions are best kept off the Internet.

On the other hand, what Amazon did was terrifying. After toiling for years to convince the general business public that moving to the Cloud does not imply accidental data loss or vicious hackers accessing your secrets, Amazon have reminded us of a basic, uncomfortable truth: they who handle your data can kill you on a whim.

«But WikiLeaks is not dead!»

I know. Keep in mind that WikiLeaks team has backup copies with strong encryption stored by a multitude of anonymous individuals, access to international hosting in a variety of safe havens, a dedicated team of sysadmins on call to move around the site and the data whenever something dies, and a willingness to fight for the availability of that information even if it entails going to jail. The reliability of their data storage exceeds that of almost any other entity on the planet, including Amazon S3. To them, having their hosting shut down is a minor inconvenience. To a normal business with their data to the Cloud, and all the bills, orders, paychecks, contracts and documents for the last year are lost: it’s an unmistakable death sentence.

How can Amazon S3 do this? Here’s the relevant part of the Amazon Web Services customer agreement:

3.4. Termination or Suspension by Us for Cause. We may suspend your right and license to use any individual Service or any set of Services, or terminate this Agreement in its entirety (and, accordingly, your right to use all Services), for cause effective as set forth below:

3.4.1. Immediately upon our notice to you in accordance with the notice provisions set forth in Section 15 below if:

[...]

(vii) we receive notice or we otherwise determine, in our sole discretion, that you may be using AWS Services for any illegal purpose or in a way that violates the law or violates, infringes, or misappropriates the rights of any third party;

This grants Amazon the right to terminate your service by snapping their fingers (and sending you an email) if there’s any hint of you doing something that might be construed as illegal.

«You’re another guy who stumbled upon a piece of legalese in a customer agreement, misunderstood it, and tells everyone how evil that corporation actually is…»

No, I’m not. I knew this termination clause had to be in there before I even looked, because it’s a fairly standard one and even my own business has it. Amazon needs this part to be able to eliminate child pornography or copyrighted books/songs/movies stored on its servers without waiting for a judge to determine that the content is actually illegal. There’s nothing evil about having that clause, and the reason we accept this situation is that we expect Amazon (and any other service) to use this power responsibly: as long as you don’t store any illegal files, you need not fear anything.

Keep in mind that while obtaining those leaked documents was illegal, distributing them has not yet been ruled illegal. It might happen in the near future on the grounds that it endangers individuals and/or governments, or it might end up under the protection of the First Amendment, and there seem to be fairly intelligent and reasonable people arguing for both sides.

You just moved your data/computations to Amazon to eliminate any data loss or denial of service risks. But now, there’s the risk of Amazon shutting down your account — what are you doing to make sure that isn’t going to happen? How do you intend to get back up once it happens? Is it really worth it?

1342 feed subscribers
(readers who polled a feed this week)