[OpenID] [security] Trust + Security @ OpenID

Meng Weng Wong mengwong at pobox.com
Sat Jul 21 23:19:17 UTC 2007


On Jul 22, 2007, at 6:14 AM, Eric Norman wrote:
> On Jul 21, 2007, at 1:37 PM, Peter Williams wrote:
>
>> What we need now are  protocols hooks and UI concepts that implement
>> these raw technologies in a fashion that consumers can manage – and
>> thus impose their view of trustworthiness on the world – as they see
>> it.
>
> I will assert one thing that you can take as "Gospel",
> if you so choose.  This is not a problem that technology
> can totally solve, but it can make a contribution.  Ergo,
> technophiles that connote things like, "We'll solve that
> problem for you" are really doing the world a disservice
> in the grand scheme of things.
>

Hear, hear.  This is one of those messy situations where the problems  
are fundamentally social, and so we run into the old saw "don't try  
to apply a technological solution to a social problem!  You! Will!  
Fail!".

But our job is still to create technologies -- in this case,  
technologies that are explicitly social.  What are we to do?

The tradition of "technology is value neutral!" says our mission is  
to expose affordances that permit human psychology to express itself.

The tradition of humanism says: expose affordances, sure, but load  
the deck in favour of the better angels of our nature.

As Lessig said, code is law.

But the delta between what people should want, and what people do  
want, promptly gets Google into trouble in China.

This is why Ehrenfeld calls humanism "arrogant".
http://www.amazon.com/Arrogance-Humanism-Galaxy-Books/dp/0195028902/

Could you imagine if programmers wrote programs only for other  
programmers?  Half the world would look like emacs and the other half  
would look like vi.  We've learned the hard way that end-users use  
applications in ways that don't always make sense to the programmers  
who build them, and so now we write marketing requirements documents.

Maybe we also need to write "political requirements documents".

The MRD is to the PRD what a single user app is to a socially  
networked app.

Can American programmers living in Berkeley really guess how OpenID  
will be used in Serbia?

The recent "libertarian paternalism" exchange between Sunstein/Thaler/ 
Mitchell is worth checking out.
	http://en.wikipedia.org/wiki/Soft_paternalism




More information about the general mailing list