That’s what I think of every time when I look at the landscape of security “solutions” for credit card payments.

I had a vendor call me last week to tell me that my credit card had been declined by my bank. So I called my bank. After listening carefully (because they tell me that their “menu has changed,”) I talked to a customer service rep. The guy I spoke with cheerfully informed me that the bank had turned down a transaction I’d requested because it didn’t fit the pattern of other recent transactions. By turning down my request, my bank was doing me a favor by protecting me from fraud. They do me this favor fairly frequently, particularly when I’m traveling overseas.

I was also recently sent a new credit card (by another bank) because my card number had been compromised somehow. No unauthorized charges ever appeared, but it was pretty clearly a precautionary measure taken by the bank because of a data leak somewhere.

I’m not opposed to anti-fraud measures by any means. Banks and merchants wind up having to absorb losses when fraud occurs. And customers ultimately have to absorb the loss, since the associated costs are baked into everything.

And some of the anti-fraud measures are genuinely clever. I’m sure there’s a lot of data mining science behind the software that analyzes a transaction stream in order to look for suspicious activity. And fraud tracing is clever, too. Card issuers look at the transaction data of a large number of cards that have been used fraudulently; if a single merchant shows up in the legitimate transaction stream of many compromised cards, this suggests dishonesty and/or a data leak by that merchant may have led to the compromise. That’s probably what happened when the bank told me it was replacing a card for security reasons.

But why is this necessary in the first place?

It’s necessary because the financial services industry still authenticates transactions using a 16-digit account number and expiration date that are the same for every single transaction. Sometimes another number, the three- or four-digit CVV2 code, is also used. That’s a little better, I suppose, since the CVV2 code doesn’t show up on the card’s magnetic stripe.

But the bottom line is this: the data used to validate a transaction is shared widely (with everyone you choose to transact business with) and is typically valid for years. It’s somewhat surprising to me that fraud isn’t more rampant than it already is. In the security engineering world, we have a technical term to describe this sort of data management practice: stupid.

I admire the sophistication of anti-fraud systems. But they exist mostly to avoid solving the obvious problem: that the card number itself is a crummy way to validate a transaction. The industry ought to be aiming for a system where the account number isn’t very helpful in perpretating fraud, and where the data used to validate one transaction isn’t useful for another.

One bank I know of has “virtual card numbers,” where you can generate one-time-use account numbers online. That’s a baby step in the right direction.

But consider a system where the customer could digitally sign each transaction–and the transaction to be signed encoded information like the account number, merchant ID, the amount of money being exchanged (or a ceiling on the amount of money to be exchanged), and a validity timeframe (one-time, monthly for a year, etc.)

Account numbers would still be compromised in the future, as would transaction data. The difference: this information wouldn’t be so directly useful for fraud since the information is different for every transaction.

This would require some non-trivial infrastructure to accomplish. For one thing, customers would have to be issued smart cards or other convenient hardware capable of doing the required cryptography. Merchants would have to have equipment to handle this. All of this would cost money. And we’d doubtless see a whole new threat environment develop, as fraudsters try to trick people into signing illegitimate transactions through technical and social means.

But it’s past time to begin the process of retiring reusable transaction authenticators. The anti-fraud countermeasures currently deployed are certainly impressive and clever (albeit inconvenient at times).

But at the end of the day, the financial services industry can’t escape the fact that they’ve built payment infrastructure on wheels made from bricks and little wooden wedges.

Earlier in the week, a line of powerful thunderstorms rolled through the DC area. At one point, over 25% of the region was without power. Most of the outages were brief, though there are a few places that are still awaiting power restoration two days later.

My family’s publishing business lost power for only a few seconds. But about an hour after the storm passed through, Internet service (delivered via a T1 line) failed. This was a little surprising, since they had power.

The long version of this story involves a great deal of incompetence and finger-pointing between no less than three telecom carriers. Normal behavior, in other words. But the root cause of the problem turned out to be pretty interesting. Somewhere between their office and Verizon’s central office, the T1 line is multiplexed using a remote equipment cabinet. This cabinet requires its own power. It’s battery-backed, but there’s no generator. And the batteries apparently only last a couple of hours. One the batteries are discharged, every customer downstream of one of these equipment cabinets (whether a data customer or simply an ordinary telephone user) will lose service.

A telephone company central office is a masterpiece of conservative engineering. Power is supplied by two completely separate sets of massive 48V batteries. Each set is sufficient to power the entire office. The batteries are constantly being charged by commercial power. Should the power fail, the batteries can carry the whole office for many hours–but in practice they just have to run for the few minutes necessary for a generator to come online.

This kind of reliability isn’t cheap. A switch installation can easily cost upwards of $20 million. Downtime is measured in seconds per year. And, of course, the customers of the telephone companies pay for all of this reliability in the end.

Unfortunately, all of this reliability isn’t going to do a whole lot of good if there are intermediate components that are engineered to much lower standards. And that seems to be just what’s happened.

The FCC seems to have noticed the issue. In October 2007, they issued rules that require carriers to have at least 24 hours of backup power at the central office, and at least eight hours for remote equipment. While the rules aren’t completely toothless, it looks like there’s a lot of room for carriers to maneuver: it seems to be good enough, for example, to deploy equipment that’s merely designed to meet the longevity requirement. I suspect that in practice that’ll be a lot like that laptop battery that’s designed to run the computer for four hours, but can barely manage two and a half.

I’m not trying to make the argument that the current state of affairs is necessarily bad. There’s a reasonable argument to be made that the telephone network has been overengineered at great expense. But it’s definitely true that the standards of reliability have changed, and that it’s no longer reasonable to assume that customer equipment is the weak link in the service-delivery chain.

My second weak-link experience this week also involved my family’s business.

As a publisher, they use Quark XPress layout software extensively. The cool kids are all using Adobe InDesign now, and my family’s office will eventually switch too. But they’ve got a substantial investment in training and templates, so for the moment they’re still using Quark.

Quark offers a network licensing model where you can install the software on as many machines as you like, but only N of those instances can be active at any one time. This is enforced by license management software running on a server.

I’m not a fan of software-enforced licenses. We reluctantly put up with this one because it offers some benefit and it doesn’t depend on having the license server “phone home” in order to keep the software running.

Quark XPress has quite a reputation as a bug-ridden and strange piece of software, but most of the difficulties are really pretty minor. Over the last couple of years, we’ve had serious problems with Quark XPress maybe a dozen times. 100% of these problems have been caused by the license manager.

I had another such problem today. Quark’s tech support was actually pretty good (far, far better than in the past), but the fact remains that the license manager is a persistent source of trouble. When it fails, very little work gets done.

There’s probably no way to avoid this short of licensing the software another way. License management software, by design, has to strictly enforce a set of conditions–and good software design practice (in isolation) says that failures should result in denial of service. This is indeed what happens.

In both instances (the Verizon outage and the Quark license manager failure), we lost service due to a weak link in an otherwise-robust chain. From a customer’s perspective, it’s irritating. From the designer’s perspective, it’s instructive to consider the weak-link possibilities when constructing a new system in order to avoid creating this kind of irritation.

The problems with these folks are well-documented. They participated in a promotional deal for Mac users and provided license codes. They then pushed an automatic update to their software unrequested, and this update (a major new release) then demanded additional payment for continued use of the software.

The company then engaged in a public shoving match with its users over the matter, trying to explain to customers (who largely didn’t care) the distinction between “free upgrade to a purchased product” and “free upgrade to a purchased product,” depending on where the product was purchased.

They eventually sort of relented, offering a free upgrade to the customers they wronged–though they added a whole bunch of new restrictions and required people to respond to their magnanimous offer with a deadline of a little over a week.

All of this over a fifteen-buck upgrade!

I elected to simply ditch the software rather than jump through the hoops they’d set up for the upgrade process.

Their Web site telegraphs their attitudes pretty clearly. For example: their product pricing page features a lot of ominous warnings for upgrade users that any upgrades that they can’t easily verify “will be automatically de-activated without notice and without refund.”

Yazsoft is within their rights to have these policies, of course.

But it’s kind of breathtaking to see their absolute focus on ensuring that nobody accidentally gets a better deal than absolutely necessary.

I’ve never met these developers or anyone else from the company, but now I know quite a bit about them.

That’s the kind of behavior I expect from a monopoly like my cable company, or perhaps from Microsoft. Or from a competitive industry where competition doesn’t work very well (airlines and cell phone carriers, I’m looking at you). But from a little software company that depends on word of mouth and small sales for its livelihood?

This kind of attitude seems particularly stupid in this era of easy self-publishing. Though you probably already know me if you’re reading this, I might not have had occasion to tell you that I think Yazsoft kind of hates its customers. But now you know, and I’ll bet there’s a good chance that you won’t buy from them in the future either.

My first computer had a 2-MHz eight-bit processor (the Z80) and an amazing 48K of memory. I’m writing this post on a machine with eight 3-GHz processors with 9G of memory. When adjusted for inflation, I think both machines cost about the same amount.

It’s the growth in mass storage, though, that amazes me most.

When my family was starting up The Parent Institute, the business ran on a few computers in my parents’ home. Around 1991, we decided that we needed a very large hard disk to store publications and the customer database. So I bought a 1.6-gigabyte hard drive. This was a full-height 5.25-inch device that probably weighed at least ten pounds. It cost about $3,600 and connected to an expensive SCSI controller (the venerable Adaptec 1542, which was about $400 if memory serves me correctly). MS-DOS could only address the first gigabyte of the drive, so we had a fair bit of excess capacity for the first few years. While expensive, $4,000 for even a gigabyte of storage on a single device was quite good in 1991.

Fast-forward to the present. I was standing in the checkout line at Micro Center a couple of weeks ago when I noticed that 2-gigabyte SD cards (which are the size of postage stamps) were stacked up as impulse-buy items like candy at a grocery store. The price? $6. That’s something like a thousand-fold decrease in price, after adjusting for inflation.

It’s surprising to me that so little attention has been paid by the press to this question: why is there a problem, given the existing national security wiretap process that allows warrants to be obtained a few days after the fact in emergencies?

Here’s my theory:

If large volumes of telephone/email traffic are being subjected to automatic content analysis, it would impossible to obtain warrants because literally everything is being inspected and/or retained. I have no evidence whatsoever that this is true, but note that it’s consistent with every official public explanation I’ve heard about the program, whereas most other scenarios are at odds with at least some of the observable facts. Even if it isn’t true, it’s certainly possible.

This is only possible because the contents of the communication are visible to the carrier. If the communicating parties begin to use encryption because they know they can’t trust the middleman in their message traffic, this analysis won’t be possible. There’s still traffic analysis–sometimes just knowing who’s having a conversation is useful, even if you don’t know what they’re saying. But it seems likely that the content of communication is likely to become more opaque over time as the use of encryption (by both good and evil actors) becomes more commonplace.

And this trend may be accelerated in a surprising way: by the need to shield traffic from the prying eyes of our own Internet service providers.

Many are familiar by now with the antics of Comcast with respect to peer-to-peer file sharing traffic. Comcast noticed that P2P traffic accounted for a great deal of its upstream capacity, and they don’t have that much capacity. So they deployed some hardware that listens in on the traffic going by, and then actively interferes with that traffic when it looks too much like peer-to-peer file sharing. In security parlance, this is called a man in the middle attack. And this sort of attack is a whole lot more successful when the attacker has access to the content of the communication.

Without spending a lot of time on the propriety of Comcast’s approach of network-management-by-forgery, I’ll note that it’s going to drive a whole bunch of software developers to implement cryptography at the endpoints so that it’s impossible to tinker with the information content in flight. That’s what you do when you can’t trust the path between sender and receiver, and I think that the average user (or at least the average software developer) may become aware of this approach sooner rather than later.

There ALREADY EXIST mechanisms for ensuring immunity against lawsuits/prosecution in response to a government request.

They’re called “subpoenas” and “warrants.” They convey both the authorization to release information and the immunity from legal consequence that the telecom companies need to have when they cooperate with government requests.

So no new immunities are needed.

The telecom companies have well-staffed legal departments, and it’s flatly inconceivable to me that they were surprised to learn that their actions were illegal when they participated in wiretapping without these authorizations. And, in any case, ignorance of the law is not an excuse.

The argument that shining a little light on these activities will somehow “help the terrorists” falls flat with me.

So let me be clear.

I, as a constituent and American citizen, AM WILLING TO ACCEPT THE RISK that terrorists will be enabled and emboldened by a full and complete revelation of the wiretap tactics that have been employed.

I accept this increase in the terrorist risk because I think that the far greater risk to American citizens comes from illegal activity in which powerful interests participate and cannot be called to account.

As always, CES was an interesting event to attend. The scale of the show is pretty hard to imagine if you haven’t been there before; it’s just huge. I don’t think attendance figures have been released yet, but projections were in the 140,000-person range. Exhibit space was something like 1.8 million square feet.

A couple of friends weren’t very impressed with the 2008 show. I’d agree in one sense: there weren’t a lot of revolutionary finished products on display. There were a lot of incremental improvements to existing products instead. And, of course, the usual attempts to one-up others with the biggest/thinnest/shiniest gadget out there. Panasonic had a 150-inch plasma TV on display, which was a big jump from the puny 108-inch displays from last year. Sony was showing off flat-panel displays that were 3 millimeters thick. You get the idea.

But there were quite a few interesting things on the periphery of the show, many of which are likely to have an impact on products rolled out over the next couple of years.

Several manufacturers have released really small wireless USB chipsets; these provide USB2 (480 Mbit/s) speeds over a distance of a few meters. The trajectory of these products is pretty clear: they’ll become less expensive pretty quickly and will soon be built in to all kinds of computers and peripherals. One manufacturer was even showing off a wireless laptop docking station, in which the display as well as low-bandwidth peripherals were being coupled to the laptop via wireless USB. While the idea of a wireless docking station seems pretty silly at first, it’s easier to get interested in the idea when you think about things like a standardized wireless protocol for talking to devices like computer projectors.

Sony was also demonstrating a couple of interesting wireless tools. Their “TransferJet” system is an extremely-short-range networking technology that works at a distance of a couple of inches; it’s designed to couple digital media devices to computers without resort to cables. It’s not immediately clear that this offers many advantages over wireless USB, but it’s interesting nonetheless. They also demonstrated another prototype wireless system that they claimed could deliver a lossless 1080i HD signal over a distance of nearly 100 feet. The demonstration looked great, but I’m interested in learning more about how it might work; that’s nearly 300 MHz of uncompressed bandwidth!

I also found some of the advances in OLED display technology to be pretty interesting. While it’s always been a design goal, it’s interesting to see that some relatively small manufacturers are now producing OLEDs by using inkjet printers to construct the displays!

So, in summary: 2008 wasn’t a great CES year for flashy finished products. But some of the new technologies (that haven’t yet found their way into finished products) are really interesting!

Holly and I were in Los Angeles a week ago, visiting family and friends.

Our rental car was a Toyota Prius, a gas-electric hybrid. I’ve seen these vehicles many times, but this was my first time behind the wheel. A few notes on this experience:

• In a lot of respects, the car was surprisingly normal to drive. The gasoline engine runs only when it needs to, so there’s a “READY” indicator that shows up on the dashboard when the car is prepared to move.
• Toyota’s engineers have put a lot of thought into making the thing behave like a conventional (gas-powered) car where it’s possible to do so. For example: if you take your foot off of the brake but don’t depress the accelerator, the car will begin to slowly move forward–just like an ordinary car. But it’s the electric motor doing the work at this point, so this is an entirely artificial behavior. It’s kind of hard to imagine it doing something else, but it leaves me wondering if this will be the norm many years from now, when (presumably) propulsion systems based entirely on a conventional engine are rare.
• Most of the battery charging energy comes from regenerative braking. If I took my foot off of the accelerator at speed, the car would gradually slow down, charging the battery in the process. Most of the car’s braking action also comes from using the kinetic energy of the car to charge the battery packs; friction braking is a backup used at low speeds and for more-aggressive deceleration.
• There’s a status display that shows (almost in real time) the flow of energy within the car. It’s a little confusing at first, but after you figure it out, it’s possible to see what energy source (gasoline engine, motor, or both) is being used to propel the car. When energy is being delivered to the battery (whether from regenerative braking or the engine itself), you can see that too.
• Another display (pictured above) shows you fuel economy in five-minute increments for the last half-hour of the current drive. I think this could really have an effect on one’s driving habits, as it’s so easy to correlate what you’re doing with how much fuel you’re consuming. I wonder how much less gasoline people would use if every car were equipped with this capability.
• After observing the display for a while, it’s clear how a great deal of energy being wasted in stop-and-go driving in a conventional vehicle. Every time you accelerate, the energy required to get the mass of the vehicle up to speed is consumed. Every time you brake (with a conventional braking system), the kinetic energy of the car is converted into heat. Battery technology and power generation isn’t 100% efficient, of course. But it definitely beats the 0% efficiency of braking in a conventional vehicle.
• Low-end acceleration was quite good; the car can accelerate briskly so long as it’s not moving very fast to begin with. Highways speeds are another matter; if you’re used to standing on the accelerator to blast around someone in a passing maneuver, you’re going to be disappointed. The electric motor doesn’t do much good at these speeds, and the gasoline engine…well, it delivers 76 horsepower.

I took the photo above when I stopped to refuel before returning the car to the airport. Without really trying very hard, I was able to average over 50 miles per gallon for the 200+ miles I drove. Refueling cost sixteen bucks at $3.27 per gallon; it was hard not to feel at least a little smug.

The film was presented in a digital theater. This certainly isn’t the first movie I’ve seen projected digitally, but this was the first time I’d seen a normal film (as opposed to a demo) that looked significantly better than a conventional print. Color saturation was quite a bit better than I’d seen before (deep reds in particular were impressive), brightness was good, and there wasn’t a hint of the pixel grid pattern on the screen that I’ve seen come from some digital projectors in the past.

I’m glad it looked good when projected digitally, because that was pretty well the film’s only redeeming quality.

I can, however, recommend “Charlie Wilson’s War.” It wasn’t quite as visually striking, but it’s an excellent film.

Yes, I have one high-definition set at home, but it’s only there because its predecessor spewed actual flames and then refused to power up. But even this lone HD set operates in standard-definition mode 99+% of the time.

Here’s why this early adopter is still on the sidelines.

I’ve been a user of TiVo’s excellent DVR since the first Series 1 units shipped in 1999. Over time, new features have been added and new hardware has been released. The current standard-definition hardware that I’m using can archive recorded programs to DVD-R discs, and it’s also capable of transferring recorded programs from one unit to another within a network; this is useful if, for example, you’ve recorded a program on the TiVo upstairs and then later want to watch the show on the TV downstairs. Pretty basic stuff, and it actually works reasonably well.

In January 2005, I attended the Consumer Electronics Show, where I saw TiVo was getting ready to release what I’d finally been waiting for: a TiVo device that would act as a DVR for high-definition content! They had a working model on display, which could receive HD programming using the CableCARD standard. This was significant: just a few days earlier, on January 1, a mandate from the FCC had gone into effect. The rules were basically this: that cable companies were required to support devices using CableCARD, so it would be possible to decode and display HD content on any compatible device. What could possibly go wrong?

As it turns out, plenty. CableCARD devices require certification from CableLabs. CableLabs is a “nonprofit research and development consortium” that is a membership organization for cable operators. Equipment manufacturers and service providers who don’t also happen to be cable companies can’t participate. It’s hard to imagine, I know, but it seems like this organization could also somehow slow down the deployment of technology.

January 2006 rolled around, and once again I went to CES. And once again TiVo demonstrated their fancy new Series3 CableCARD hardware. You know, the same hardware they demonstrated ONE YEAR PREVIOUSLY. The problem? The CableLabs certification process. I know it’s hard to imagine that getting certification for your equipment from a DIRECT COMPETITOR might be difficult, but apparently it was.

Just 21 short months after TiVo first demonstrated working hardware, CableLabs finally saw fit to bestow their blessing upon TiVo’s CableCARD hardware. At last! It would be possible to use the DVR capabilities I’d been enjoying since 1999 on high-definition hardware!

Well, sort of. In order to get the Series3 hardware working, it’s necessary to insert a CableCARD. In fact, there are two of them needed: one for each of the two tuners in the device. Just call up Cox (the cable company here), and they’ll be happy to (OK, at least willing to) schedule an installation appointment.

Wait. Appointment?

Yes. The CableCARDs are so precious, complicated, and delicate that only a Highly Trained Cable Company Technician Driving an Official Cable Company Truck can install them.

After all, it’s quite a complicated process. Not only does the card have to be inserted, but it’s also necessary to call the cable company and give them a code that is cleverly hidden ON THE MIDDLE OF THE TV SCREEN IN TWO-INCH-HIGH LETTERS in order to activate the card. Clearly this is beyond the capabilities of a mere mortal like me.

But, as I think about it, this process seems very similar to the installation process for a cable modem.

The key differences seem to be that (1) the cable modem doesn’t directly compete with another product that Cox would like to sell me and (2) that the end user is allowed to install the cable modem unassisted even though the process is a bit more complicated than lighting up a CableCARD.

A more cynical observer might suspect a linkage between these two clearly-unrelated facts, but not I. Cox wouldn’t find a bogus reason to burn a couple of gallons of gas and charge me sixty bucks for something I could easily do myself.

After all, Cox is My Friend in the Digital Age.

So, you can call the cable company, and they’ll send the technician out (between the hours of 8:00 a.m. and never) on a day of their choosing in order to insert the CableCARD. Even better news: if you’re installing two CableCARDs in a single device, it’s possible to get the same technician to install BOTH CARDS. And you’ll be able to take advantage of Cox’s special “two for the price of two” zero-percent discount deal for this service.

Even with this rather insulting service startup process, it was still tempting. After all, it’s TiVo in high-definition!

But not really. You see, even though it was late 2006, only the features of TiVo circa 1999 would be supported on the new hardware. The idea of recording something in one part of the house and watching it in another is Very Threatening in Some Unspecified Way. So CableLabs insisted that the home networking capabilities of the high-definition TiVo hardware be disabled. TiVo had to listen to them, since their boxes would be useless without the digital certificates that only CableLabs can provide them. That’s a very nice business you have there, TiVo. It would be such a shame if something were to happen to it.

This situation recently changed. After what I’m guessing was a lot of wrangling with CableLabs, TiVo finally won approval for its home networking implementation. So, in November 2007, barely 35 months after TiVo was first able to demonstrate working hardware, it became possible to move high-definition programming around from one TiVo box to another!

You know, just like we’ve been doing with standard-definition video on TiVo since, oh, mid-2003.

Excellent! Now perhaps it’s time to consider a high-definition television for the living room and a high-def TiVo to go along with it. Sure, it’s not possible to record things to DVD with a new system, but there are other ways to accomplish that–at least until the content industry succeeds in their ultimate goal, which I think is to get the death penalty applied to format-shifting. After all, if we format-shift, the terrorists win!

And now the cable industry is deploying “switched digital video,” or SDV.

This is cool technology; it’s basically multicast video. A given video stream will only be sent if at least one customer downstream of a switching point in the distribution network wants to receive it. That’s a great idea, and it allows a huge selection of content while remaining bandwidth-efficient.

Go, CableLabs! Perhaps I was wrong when I thought you were anti-competitive and anti-consumer!

What? You didn’t actually work with any consumer electronic manufacturers when you rolled out the SDV spec? So there’s no way to integrate existing equipment with SDV?

Isn’t this is in direct conflict with the rules the FCC rolled out in 2005 to prevent cable companies from continuing to abuse their customers? Oh yeah, that’s right! The FCC has been no match for the industry’s devious ways for years now. We don’t care because we don’t have to.

Besides, there’s a NEW AND IMPROVED specification for two-way communication that will let our hardware do the SDV dance with the cable company’s distribution equipment.

All we’ll need to do is purchase BRAND NEW HARDWARE, and the hardware manufacturers will have to agree to give the cable companies COMPLETE CONTROL over large portions of the devices’ user interfaces.

I can’t see what could possibly go wrong there, since the set-top box user interfaces are already a model of clarity and performance! Why try to improve on perfection?

Wait! Perhaps I’ve overreacted. There is some hope! The consumer electronics industry and the cable industry have agreed on a plan! A new “USB dongle” is coming, which will provide existing equipment (like the TiVo Series3 and TiVo HD) with the ability to select channels on a switched digital video system.

It’s coming, I’m told, in the second quarter of 2008. I presume it just needs CableLabs certification. And an installation visit. Perhaps two. After all, the two ends of the cable use VERY DIFFERENT TECHNOLOGIES. It would really be sort of foolish to trust that kind of complexity to just one person, don’t you think?

In seriousness: I’m not claiming that high-definition television programming and the ability to time-, format-, and/or space-shift it are intrinsic rights. But those abilities are valuable, and they’re something that we early adopters consider when making decisions about what to purchase and what to recommend to others. Flexibility matters.

The content owners and distributors can decide how much control they’d like to have over the distribution and use of their product. They have every right to make completely stupid decisions about these things if they’d like to.

The HD-TiVo-CableLabs-CableCARD debacle shows that it’s possible to do an absolutely excellent job of designing and deploying new systems that value security over all else. You know, trivial things like like usability, interoperability, and the ability to deploy interesting new technologies quickly.

I’ve basically been ready to make the jump to high-definition hardware for three years now. But I don’t really want to spend (a lot of) money in order to have less capability than I have right now. So, for now, I wait. And I suspect I’ll continue to wait until there’s some solid indication that the “SDV dongle” will actually be released. Yes, they said “second quarter 2008,” but do you see the words “HERE ON PLANET EARTH” anywhere at all on that press release? I didn’t think so. Prototypes might be available by June 87th. If we’re lucky.

Besides, perhaps this will give the content and electronics industries some time to work out the whole “Blu-Ray vs. HD-DVD” debate that’s been going on for a while now.

A couple of free hints to the players involved:

The “circular firing squad” approach you’ve been taking so far when faced with a complicated problem is endlessly entertaining to watch. But it probably isn’t doing great things for business.

And the funny thing about us early adopters? We’re smarter than you think.

[30-Dec-2007: Thanks to Fred Kuhl for suggesting the perfect title for this post.]

In complete seriousness, this section of the site is designed to contain stuff that is too inconsequential to deserve an actual formal article, but that might nonetheless be of some interest to others.

So, enjoy. And keep your eye on this “blogging” thing. Someday, I predict that quite a few people will be doing this.