Live Mesh – initial thoughts

Experimenting with the tech preview of Live Mesh was a curious experience – my first reaction was a mixture of “that’s cool!” and “so what?” – the kind of private techie moment where you do something pointless but technically impressive. So I ended up remotely controlling the laptop on my right from the netbook on my left and filmed it and er… blogged it and er…. so what?

Well the “what” isn’t very developed yet, but the thing that really jumps out at you (and the reason I sound a bit, surprised, in the vid) is how easy it is – this is consumer grade technology. Give a 7 year old a Windows Live id and administrative permissions over their equipment and they’d have it meshed in about 10 minutes per device – *that* easy – you just keep clicking “ok” until it works.

So I’ve got my Mesh now – big deal. What can I do with it? Well, I can connect into my work PC from anywhere and sync any files that I have access to on my local desktop to anywhere. As an experiment I logged into my work machine via the Mesh, browsed to a network location that contains the most confidential files I have access to (network config stuff) and tried to sync it – no go: the server they’re hosted on isn’t part of my Mesh. So I copied the folder down to my desktop (Mesh has allowed me to log-on authenticated to the domain) – right clicked, and bingo.

Cool – I work remotely, I can never know when I might need this information so I’ll add it to my Mesh, problem solved! Except. I set up the EeePC that’s part of my Mesh in a rush. It’s like my personal machine isn’t it – not connected to the domain, so……. I didn’t set a password on it ;) Boot it up – hit return and you’re in (not now of course, but you get my drift).

In security terms I think of this as “leakage” – there’s no intention to distribute the information outside it’s proper audience, it just ends up in places where it’s no longer protected by the mechanisms that we put in place to keep it restricted – and once it’s “free” of those restrictions you’re just trusting in luck to keep it safe.

Of course this isn’t new – pod slurping – usb keys – staff taking home or printing out confidentially supplied information all produce the same potential for leakage, but it seems to me that Live Mesh raises the bar a bit and challenges what I’ve always thought of as a security principle, which is:

“if remote access becomes trivial, then local access controls become meaningless”

These are initial thoughts because I’m still trying to understand the pragmatic utility of Live Mesh in a Cloud based world. I can see that it’s Groove v2 – but I never “got” Groove. I can see that as a domestic technology it will make it easy for people with Windows Live ID’s to share files in “private” (but why wouldn’t you just put your pictures on flickr?) and I can see people having fun with remote access “just because they can” but apart from that?

Bottom line is that I think it’s toxic to Microsoft’s enterprise security model – if there is anything that is going to convince you that storing precious information in a stand alone file format that can be copied willy-nilly around the globe is a bad idea, it ought to be this. Put your *secrets* in a safe place – and that safe place is the Cloud, not the Mesh.

lingro – marvellous translation/learning service

There are tons of translation services out there but Lingro, I think, is a little slice of genius. You paste a url into it’s search bar – as below:

It then opens the page with all the text (including the hyperlinks) clickable for translation – so if there’s a word you don’t recognise – click on it and you get a pop-up (quickly too) with a translation into the language you’ve chosen, and an audio snippet of the word in it’s native tongue. This is what it looks like:

The little slice of genius comes because it remembers what words you’ve clicked on – so as you work through a document/page it’s automatically building a wordlist of the words you didn’t know. You can review them in that browser session without having to sign up – and you can sign up in 20 secs without even giving an email address. Once you’ve signed up you can save your wordlists – organise them into groups and test yourself with a flash-card game. You get a quick flash of the full definitions – then you can test yourself with cards that flip between word and definition.

It’s only available for English, Spanish, French, German, Italian and Polish at the moment (though they are adding languages) and it was a bit wobbly on a couple of sites I tried it with (mainly because they had a very cluttered structure), but all in all I’d say it’s just about a perfect Web2.0 service – light-touch, does one thing well, doesn’t make you jump through hoops: and you can upload txt, docs or pdf’s to it if you want help with something not on the web. Bravo Lingro!

Africa’s Web 2.0 Sites

Excellent clickable photo of Web2.0 start-ups based in Africa put up by a group Blog called Black Looks – highly recommended. As is the way when something like this gets widely blogged some of the sites may have been knocked off-line by the attention, but I’d expect them to be back up again by Monday :)

(picture will open in Flickr – where it *is* clickable)

via Read/WriteWeb

imran khan – hiding in plain sight

Imran Khan calls for civil disobedience and mass action against Pervez Musharraf through youtube:

via opendemocracy.net

what are you *twittering* about?

Google have just bought Jaiku – so I think you can be fairly certain that micro-blogging (or lifestreaming) is going to continue it’s growth.  Seems as good a time as any to try it out.  A lot of the people who’s blogs I’m following seem to think it has value, particularly in a mobile context – so if you want to know what I’m twittering about, I’m s0apy.

reCAPTCHA

You know those funny squiggly words that some sites use when you sign up with them, to confirm that you’re human? Well I didn’t realise that they’re not just there to protect sites against spam-bots – they’re also being used to help Computers learn how to read Old Books.

Zamzar – file conversion

Zamzar is an online service that converts a humongous number of different file formats – it’s worth trying out if someone sends you an attachment that you can’t open – or you need to convert between different office/av/audio/multimedia formats.

The caveat is that it shouldn’t be used to convert confidential files/documents, as the converted file is left on their servers on a publicly accessible page for a day (it’d be pretty unlikely that anyone would find it, but still.)

vocalfruits – testing, testing, testing

Vocalfruits is a site that promises to take an RSS feed and turn it into a Voice feed (it’s tagline is “Compose your vocal information system”). I’ve only just signed up for it and don’t really get how it works yet – but as a test I’ve registered my first feed (this page) and I’m supposed to get a voice called KATE to read it back to me.

If I’m being a bit vague it’s because the site isn’t massively clear – translated from French I would guess and without much of a tour – it’s a partner to a site called xFruits that offers a variety of widgets for mashing RSS feeds and/or converting them to post/mobile/mail formats – but it made me go “Wow!” when I saw it and Web2.0 is a lot about the wow. So I’ve stuck some code in a text widget at the top of the page – lets see what it does.

older people are sticky

Interesting article in the New York Times about social networking sites for the baby boomer generation. Lists a whole slieu of sites pitching at the over 40’s (gulp – that’s me!) which I’d never heard of. I’m not sure I’m that impressed with their titles though, Eons – Multiply -TeeBeeDee?

via TheGuardian

10 steps to Web2 loveliness

1 – Think up a new password.

You’re going to need it. You can’t do Web2 without signing up to a ton of stuff and it helps if you’ve got a password where you can think – “Web2! – thats….. b2telishus” or whatever. Not the same as work. Trust me – in 18 months time you’ll be glad you made the distinction.

2 – Get a Google account.

Now. Go here and sign up. If you don’t have one already jettison the feeling that it’s all moving too fast and just get on the wave – it takes about 60 seconds. (and once you’re on the wave….things look different).

3 – Get a blog.

Now. Go here, or here or here. If you don’t have one already…. whatever, I said that already, but you get my drift. At some point when you’re signing up it will ask you if you want your blog to be “public” or “private”. Check “private”. (This means you can play in peace – no-one goes live from Day1).

4 – Get a reader.

Now. Go here or here or here. If you don’t have one already jettison….repeating myself again. Just do it. Now.

5 – Pause.

You’ve done all the easy bits – now it’s time to think about content/purpose. This is the good bit, because once you’ve got all the tools sorted out you can start thinking about what you really want to say, (and what you really want to learn).

6 – Say what you want.

There are 2 clear rules in blogging:

1. Talk about what you know – what you’re passionate about.
2. Be your own authority (My blog – my rules)

7 – Find the Motherlode.

Whatever field you are expert in, someone has already blogged it – which means there are exemplars on-line now, who have already gone through steps 1-6 above. Find them.

8 – Don’t be afraid to share.

No-one expects a blog to be full of unique/original content, it’s not that egoistic. Even if 150,000 people have already blogged a presentation/post/service it’s ony boring to post it if your friends have already been there.

9 – Read your peers.

It’s not a one way thing – that’s why you need to get a reader.

10 – This page intentionally left blank.