2011: Year of The Media App

This is my weekly Loose Wire Service column.

By Jeremy Wagstaff

I predict this year that we’ll settle on a way to make people pay for stuff they so far have proven reluctant to pay for—namely information. This won’t be done by pay walls, exactly, but by what we’re now calling apps. Apps are applications that people seem very willing to pay for when they’re doing it from a device that isn’t a desktop computer.

So people are buying these things because what’s a buck when you know you can get to hurl Angry Birds onto flimsy structures sheltering evil pigs on your device in a couple of seconds? Or listen to Yesterday on your iPod Touch a few seconds after buying it?

Compare this with the laborious process of signing up for an online subscription, or having to download, install and pay for some software and then have to enter a serial number longer than most emails you’ve written.

Others are now trying this route. Google has the Android Marketplace, which lets you do more or less the same thing. In fact, it’s even easier—you don’t get prompted for your password when you buy something. And now they’re trying something on your computer: their own browser, Chrome, now have apps which you can buy or get for free. (Google’s own operating system, Chrome OS, will revolve around these apps.)

In fact these aren’t really anything new—they’re what we might call web-services which are accessible via a website, rather than by downloading software. But by packaging them up as apps Google make it easier for us to get at them and, crucially, break down our resistance to buying something online.

This is how we’ll pay for news in the future. Smart companies like The Economist will give the print edition away free with the iPad version, or vice versa, since we’ll start resisting the idea that we have to pay twice for the same information, whether it’s all glitzy and interactive or not. We will expect to be rewarded for paying for something we know we can get from somewhere else if we tried hard enough. If you’re a news organization use whatever lure you can think of to get the reader back into the paying habit again.

This is the point of the payment process. It has to be easier than getting the information/music/entertainment/book through another means. If I find a book for my Kindle ereader on Amazon I’ll check to see whether there’s a cheaper version—which there quite often is. If it’s under ten bucks I’ll buy it. If not, I’ll read the reviews below to see whether there is a free version somewhere—which is sometimes possible. If there isn’t, I’ll check out Google books to see whether the chapters I’m interested in are there.

OK, I’m a cheapskate. But my thinking is basically this: $10 is my threshold for an eBook. It might be more if I got access to a physical version, or was able to clip bits from it and store it somewhere else. But I’m not, so I won’t pay more than that. Moreover, I don’t want to be the mug who pays for something others get for free.

Everyone else has their own logic, but they’re probably not dissimilar to mine. We pay for things if we think the price is right for the convenience, and if we think that we’re not being suckered—which means that other people aren’t shelling out for it.

This is basically micropayments. It’s what we’d been hoping would happen for some time, and it took Apple’s megalomania and micromanagement to get us there. Now we’re nearly there, but we could still mess up. Some newspapers try to charge us for single articles, for example, misunderstanding that micropayment doesn’t mean microproduct. I don’t want to pay every time I visit your site: I want to pay for something that gets me seamless access to your product.

In other words, we’re paying for not having to pay (or register, or download, or enter codes, or any of that kind of nonsense.) This is why the term pay wall is so revealing—and why it’s doomed as a concept. We’re not buying information with our iPhone or Android app, we’re buying frictionless access to something—an icon on our display that may be a shortcut to a web page, or open an application,  we don’t care. All we care about is that it gets us to where we want to go, when we want to go there.

We’ve some ways to go before this works well. I can’t stand the idea that my Kindle book doesn’t belong to me in the way a real book does, and I refuse to buy any music that I can’t move around as I wish. I succumbed to buying some apps for an iPad I borrowed but Steve Jobs will rue the day if I can’t easily move them onto another iDevice if I ever end up getting one.

But the good thing is that we’ve found a way to make this palatable to people, and I am optimistic that the media, booksellers, music sellers and web developers can turn this into revenue streams that keep them going.

Facebook’s ‘Locality of Friendship’

This visualization by Facebook intern Paul Butler illustrates what he calls

the locality of friendship. I was interested in seeing how geography and political borders affected where people lived relative to their friends. I wanted a visualization that would show which cities had a lot of friendships between them.

It’s a magnificent effort and scores marks for beauty:

and for the amazing amount of data it carries within it.

Look at how the world of social media breaks down into clusters:

Europe is hard to subdivide: 

image

But Australia and New Zealand are almost three countries:

image

But of greatest interest to me is my own patch, Southeast Asia:

image

Indonesia, Malaysia and Singapore are, perhaps unsurprisingly intimately connected:

image

North vs South

While the links between the southern  half of the region and Thailand and Indochina are by comparison quite weak:

image

Philippines stands alone

But the links between the Philippines and Hong Kong appear as strong as those between the Philippines and the southern half of Southeast Asia:

image

The other point to take into account is how spread out Facebook is in Southeast Asia. Indonesia is about as densely packed as Italy or England.

Facebook is not a phemenon limited to the country’s major cities (and this is true of the Philippines and Malaysia, of course.)

I’ll be updating my Facebook Asia Pacific data later this week.

(Thanks to the Guardian’s Simon Rogers.)

Podcast: Truthiness

The BBC World Service Business Daily version of my piece on Truthiness.  (The Business Daily podcast is here.)  

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.

To listen to Business Daily on the radio, tune into BBC World Service at the following times, or click here.

Australasia: Mon-Fri 0141*, 0741 
East Asia: Mon-Fri 0041, 1441 
South Asia: Tue-Fri 0141*, Mon-Fri 0741 
East Africa: Mon-Fri 1941 
West Africa: Mon-Fri 1541* 
Middle East: Mon-Fri 0141*, 1141* 
Europe: Mon-Fri 0741, 2132 
Americas: Tue-Fri 0141*, Mon-Fri 0741, 1041, 2132

Thanks to the BBC for allowing me to reproduce it as a podcast.

Data, WikiLeaks and War

I’m not going to get into the rights and wrongs of the WikiLeaks thing. Nor am I going to look at the bigger implications for the balance of power between governed and governing, and between the U.S. and its allies and foes. Others have written much better than I can on these topics.

I want to look at what the cables tell us about the sorting, sifting and accessing of this information. In short, what does this tell us about how the world’s most powerful nation organized some of its most prized data?

To start, with, I want to revisit a conversation I had sitting in the garden of a Kabul pub called the Gandermack a few weeks back when it struck me: the biggest problem facing NATO in winning the war in Afghanistan is data.

I was talking to a buff security guy—very buff, in fact, as my female companions kept remarking—who was what might have once been a rare breed, but are now in big demand in Afghanistan. He was a former marine (I think), but was also a computer guy with an anthropology or sociology degree under his black belt somewhere. This guy knew his stuff.

And he was telling the NATO forces where they were going wrong: data management.

The problem, he explained, is not that there isn’t enough of it. It’s that there’s too much of it, and it’s not being shared in a useful way. Connections are not being made. Soldiers are drowning in intelligence.

All the allied forces in Afghanistan have their own data systems. But, I was told, there’s no system to make sense of it. Nor is there one to share it. So data collected by a garrison from one country in one part of the country is not accessible by any of the other 48 nations.

On the surface it seems this problem was fixed. In the wake of 9/11 U.S. departments were told to stop being so secretive. Which is why we got to WikiLeaks–one guy apparently able to access millions of classified documents from pretty much every corner of the planet. If he could do then so could thousands of other people. And, one would have to assume, so could more than a few people who weren’t supposed to have access. To give you an idea of the trove unearthed, WikiLeaks has released about 1,000 so far, meaning it’s going to take them nearly seven years to get all the cables out. Cable fatigue, anyone?

So, it would seem that the solution to the problem of not having enough pooled information is to just let anyone have it. But that, it turns out, isn’t enough. That’s because what we see from the WikiLeaks material is how old it looks.

I spent much of the early 1980s trawling through this kind of thing as a history student. Of course, they were all declassified documents going back to the 1950s, but the language was remarkably similar, the structure, the tone, the topics, the look and feel. A diplomatic cable in 2010 looks a lot like a cable from 50 years ago. In the meantime communication has gone from the telegraph to the fax to email to blogs to the iphone to twitter to Facebook.

This, to me, is the problem. It’s not that we’ve suddenly glimpsed inside another world: We would have seen a lot of this stuff at some point anyway, though it’s useful to see it earlier. Actually we can take some succour from the fact that diplomats seem to be doing a pretty good job of reporting on the countries they’re posted to. Journalists shouldn’t be surprised; we’ve relied on diplomats for a while. (And they might rightly feel somewhat aggrieved we now do this to them.)

No, the problem that WikiLeaks unearths is that the most powerful nation on earth doesn’t seem to have any better way of working with all this information than anyone else. Each cable has some header material—who it’s intended for, who it’s by, and when it was written. Then there’s a line called TAGS, which, in true U.S. bureaucratic style doesn’t actually mean tags but “Traffic Analysis by Geography and Subject”—a state department system to organize and manage the cables. Many are two letter country or regional tags—US, AF, PK etc—while others are four letter subject tags—from AADP for Automated Data Processing to PREL for external political relations, or SMIG for immigration related terms.

Of course there’s nothing wrong with this—the tag list is updated regularly (that last one seems to be in January 2008). You can filter a search by, say, a combination of countries, a subject tag and then what’s called a program tag, which always begins with K, such as KPAO for Public Affairs Office.

This is all very well, but it’s very dark ages. The trouble is, as my buff friend in the Kabul garden points out, there’s not much out there that’s better. A CIA or State Department analyst may use a computer to sift through the tags and other metadata, but that seems to be the only real difference between him and his Mum or Dad 50 years before.

My buff friend made a comparison with the political officer in today’s ISAF with a political officer (sometimes called an agent) back in the days of the British Raj. Back then the swashbuckling fella would ride a horse, sleep on the ground and know the Afghan hinterlands like the back of his hand, often riding alone, sipping tea with local chieftains to collect intelligence and use it to effect change (in this case meaning extend the already bulging British sphere of influence.) He would know the ins and outs of local tribal rivalries, who hated whom, etc. All of it stored in his head or in little notebooks.

His modern equivalent may actually have the same information, but it’ll be gleaned from the occasional photo opportunity, a squillion intelligence reports, all suitably tagged, and perhaps footage from a couple of drones. If the chieftain he’s interested in coopting straddles a regional command, chances are that he won’t be able to access anyone else’s information on him–assuming they have any.

In short, the problem in the military and diplomatic world is the same we’re facing in the open world. We have a lot more information than we can use—or keep track of—and it’s not necessarily making us any smarter. Computers haven’t helped us understand stuff better—they’ve just helped us collect, share, and lose more of it.

I must confess I’ve not made much progress on this myself. My main contribution is persuading a researcher friend to use a program called PersonalBrain, which helps you to join the dots between people, things, organisations, whatever you’re trying to figure out. It’s all manual though, which puts people off: What you mean I have to make the connections myself? Well, yes. Computers aren’t magic.

Yet. It’s clear to me that 10 years down the track, I hope, we’ll finally get that writing in prose, and then adding a hierarchy of labels to a document, is no longer the way to go. Instead, we’ll be writing into live forms that make connections as we write, annotate on the fly, draw spindly threads to other parts of our text, and make everything come to life. I will be able to pull into the document visuals, audio, other people, old records, chronologies, maps, and work with the data in three dimensions.

If this sounds familiar, it’s probably because it sounds like science fiction, something like Minority Report. But it’s not; it’s a glimpse inside the mind of our imperial political agent; how he would make those connections because they were all in his head—neurons firing transmitters, axons alive, binding synapses.

If I were the U.S. government, I would take Cablegate as a wake up call. Not at the affrontery of this humiliation, but as a chance to rethink how its data is being gathered and made use of. Cablegate tells us that the world of the cable is over.

Singapore Details ‘Waves’ of Cyberattacks

Officials and delegates from APEC economies were targeted ahead of last year’s Singapore meeting with malware-laden emails faked so they appeared to have been sent by Singapore government officials on the Organising Committee.

Singapore officials have said the attacks were not the first on the country. Although Singapore regularly highlights threats to national security—including Islamic terrorism—the admission that it has been the victim of cyber attacks is, according to the Straits Times, its most detailed account.

Although it’s hard to read too much into the statements made to judge who may have been behind the attacks, it’s interesting that Singapore is drawing attention to this—not least because there’s bound to be speculation about just this point. The current flood of WikiLeaks cables about this very issue is a coincidence. But the description of the attacks fits a pattern familiar to security experts:

Between September and November 2009 APEC officials, and delegates of several APEC economies were targeted with Trojan-laden emails “with the aim of infiltrating their computers and extracting privileged information.” There were at least seven waves of such attacks, focusing on members of the APEC organising committe and APEC delegates whose email addresses were published on websites or in APEC mailing lists. (APEC, Asia-Pacific Economic Cooperation, is a forum for 21 regional economies set up in 1989. Singapore hosted meetings throughout 2009 culminating in a leaders’ meeting in Singapore from November 14-15.) 

The attacks were first mentioned in a speech by Ho Peng Kee, Senior Minister Of State For Law & Home Affairs, who told a seminar on Sept 28 that “Singapore has its fair share of cyber attacks.” More details were  added in an internal but publicly accessible Ministry of Home Affairs magazine, the Home Team Journal, by Loh Phin Juay, head of the Singapore Infocomm Technology Security Authority and reported in the Straits Times on Saturday, December 4.  (The Straits Times called the perpetrators “cyberterrorists”.)

Loh wrote in the magazine article that “between 2004 and 2005, the Singapore government saw waves of Trojan email attacks which were commonly referred to as the Trojan Riler attacks.” The attacks came in four waves over a span of two years, he said, in the form of more than 900 emails targeting officials in several ministries.  

Loh Phin Juay said that the first two waves in the 2009 attacks used PowerPoint and PDF attachments to emails puportedly warning about possible terrorist attacks on the meeting. A subsequent wave included “legitimate information relevant to the APEC 2009 meetings”—in this case an invitation to an actual APEC symposium.

Some of the malicious emails “contained details of actual APEC events (date, time, venue) not known to the general public.” This suggests to me that either the first wave was successful in gaining access to some sensitive information, or, less likely, that those perpetrating the attack were already privy to it (raising the question why they didn’t use that information in the first wave.) Both officials said no significant disruption was caused by the APEC attack.

Singapore last year set up a special body, the Singapore Infocomm Technology Security Authority (SITSA), “to safeguard Singapore against infocomm technology (IT) security threats. SITSA will be the national specialist authority overseeing operational IT security. SITSA’s mission is to secure Singapore’s IT environment, especially vis-à-vis external threats to national security such as cyber-terrorism and cyber-espionage.”

Neither official speculates about the origin of the attacks. In his speech Ho Peng Kee referred separately to Operation Aurora, a cyber attack from mid 2009 to December 2009 on dozens of Western companies including Google, which alleged the attacks began in China. Loh Phin Juay referred in his article to GhostNet, a cyber espionage network which had its command and control network based in China and which penetrated government and embassy computers in a number of countries, including some in Southeast Asia. (Singapore was not mentioned in reports of the compromised computers.)

But he writes that “to date, the perpetrators of GhostNet remain unknown,” and neither man links the Singapore attacks to either event. The Trojan Riler was, according to Symantec, first discovered on September 8, 2004; It has been associated with corporate espionage but also the GhostNet attacks.