A library of snippets
xxx
“Close to 60 per cent of WeChat revenue comes from payments. Less than a third is from advertising. If Facebook could create a digital currency that ties together multiple payments services it would also gain access to a wealth of new information that would make its advertising business more valuable.”
xxx
xxx
“In 1954, UK-based technology company Pye Radio came up with a neat little cost-cutting innovation. In order to avoid the expense that came with collecting cash from the bank, guarding it, checking it and sorting it into individual wage packets, they decided they would pay their (mostly very skilled) workers by cheque.
It did not go well. Employees weren’t keen on having to do the extra work of collecting the cash themselves. Protests were made on the basis that the system contravened the Truck Act of 1831, which forced employers to pay wages in the ‘current coin of the realm’ (rather than in scrip). The labour market was tight at the time; unemployment in the UK was under 2 per cent. Pye went back to cash.
It was another six years until they could try again: the 1960 Payment of Wages Act finally allowed employers to pay wages by cheque, something the banks had long been pushing for (people with cheques often like to have bank accounts).”
From “Workers will be paid when they please in a tight market | Financial Times”.
xxx
xxx
“Businesses exempted from the [Philadelphia] law include parking garages and lots, wholesalers like Costco that have memberships, and those that typically need large deposits unlikely to be paid in cash like hotels, the Journal wrote. It also has a carve-out for ‘retail stores selling consumer goods exclusively through a membership model that requires payment by means of an affiliated mobile device application’”
xxx
xxx
“Cities with immigrant communities also tend to have higher rates of unbanked residents, like Los Angeles, where 8.6 percent of the population doesn’t have bank accounts. People avoid financial institutions for numerous reasons, including in order to stay away from monthly charge fees, overdraft penalties, or minimum balance requirements. Some people also don’t have credit cards if they aren’t documented or don’t have a strong enough line of credit.”
From “Philadelphia bans cashless stores, moving against a cashless society – Vox”.
xxx
xxx
According to the complaint, in October 2017, Edwards downloaded thousands of FinCEN files containing highly sensitive information relating to Russia, Iran and terrorist groups such as ISIS, to a flash drive. Edwards does not appear to have been involved in any official projects or tasks relating to these files. Throughout the course of 2018, Edwards unlawfully disclosed numerous SARs — and emails and investigative memoranda related to the SARs — to a reporter by taking photos of the SARs and texting them to the reporter through an encrypted application.
From Arrest of FinCEN Employee for Unlawful Disclosure of SARs and SAR Information – Lexology.
xxx
The British approach to creating a national digital identity scheme is, to say the least, unusual. Sky News recently summarised the situation well by saying “thanks to its ill-conceived porn block, the government has quietly blundered into the creation of a digital passport – then outsourced its development to private firms”. One of these private firms is Mindgeek, who run the world’s biggest porn site, Pornhub. I make no comment on them or any of the other companies that has stepping to provide digital identity and the same time that the government has stopped funding its own digital identity scheme (gov.verify) which was, in any case, not being used for the important and obvious use of age verification for adult services.
But why does Sky called the mandatory age verification for adult services “ill-conceived”? Let’s pop over to the New York Times for a quick lesson in the history of what uncharitable persons call the “Hancock Wall” because it was pushed into law by Matt Hancock when Minister over at the Department of Culture, Media and Sport (DCMS). Age verification rule grew from a Conservative party campaign promise in 2015, and came into law via the Digital Economy Act 2017, a “wide-ranging bundle” (ie, random jumble) of internet rules and regulations. As the NYT reported, “among the bill’s consequential but stultifying provisions about telecommunications infrastructure, copyright enforcement and government data sharing, the porn rule [was] hastily rubber-stamped before Britain’s 2017 general election, and questions about how exactly it would be enforced, as well as concerns about user privacy, were set aside to be dealt with later”.
The questions (from, to choose one example, me) about how to create necessary infrastructure were ignored and the government said that people could use credit cards or whatever.
xxx
lmost 800,000 account holders on porn site Brazzers have had their details breached thanks to a vulnerability in the vBulletin forum software, potentially exposing some to online extortion attempts.
Some 790,724 unique email addresses, as well as user names and plain text passwords, were exposed in the data dump
From Brazzers Porn Site Users Caught Out in Data Breach – Infosecurity Magazine.
xxx
xxx
I lost north of $100,000 last Wednesday. It evaporated over a 24-hour time span in a “SIM port attack” that drained my Coinbase account.
From The Most Expensive Lesson Of My Life: Details of SIM port hack.
xxx
xxx
Venture capitalists have all aligned on the best solution: kitchens that only serve delivery customers, known as “cloud”, “ghost” or “dark” kitchens, that use a combination of advanced food preparation, underused real estate and algorithm-driven optimisation to lower overheads and increase output.
From The start-ups building ‘dark kitchens’ for Uber Eats and Deliveroo | Financial Times.
xxx
A few years ago, along with colleagues at Consult Hyperion, I was looking at the potential for the blockchain in the identity space.
(Put to one side what is meant by blockchain and what is meant by identity.)
One of the ideas that came out at that time was to record the create, read, update and delete (CRUD) operations on the virtual identities (personas, if you like, each containing an identifier and credentials) in a virtual shared ledger (VSL, aka the “CRUDchain”) and then anchor the VSL in one or more actual shared ledgers, including one or more public blockchains.
As it turned out, no-one was much interested in this idea. Three years ago I took it to the Dutch Blockchain Innovation Conference in Amsterdam. Here are a couple of diagrams from that presentation. First here’s the CRUDchain…
And here is the idea of gathering the CRUDchain transactions and putting them on the blockchain.
Of course, what I envisaged those CRUD transactions operating on were public key certificates rather than W3C decentralised identifiers (DIDs) but you get the general point.When you want to prove to a web site that you are over 18, you point them to an entry the CRUDchain contains the relevant credential. This entry (whether a PKC or DID) contains a public key. The web site generates a challenge using this key: only you can answer the challenge because you are the only person with the corresponding private key. Therefore the web site can be sure that you are the holder of the credential. It all works.
Hence I was interested to note Microsoft’s Consensus 2019 announcement that they intend to implement something along these lines, as adumbrated in their October 2018 white paper on Decentralized Identity. They are creating an Identity Overlay Network (ION) using the Sidekeep protocol. This project uses IFPS to manage the CRUD entries at scale and Microsoft intend, in the short term at least, to anchor these transactions in the Bitcoin blockchain which is, as the respected cryptographer Ari Juels (a professor at Cornell and former chief scientist at RSA) said in Wired magazine, “surprising”. If the approach gains transaction, however, I’m sure they will use other shared ledgers.
As Microsoft put it in their blog post on the topic, “All nodes of the network are able to arrive at the same Decentralized Public Key Infrastructure (DPKI) state for an identifier based solely on applying deterministic protocol rules to chronologically ordered batches of operations anchored on the blockchain, which ION nodes replicate and store via IPFS”. In this architecture, you don’t use “the blockchain” to store personal information, you use it to prove the ordering of identity transactions elsewhere. If I’ve understood things correctly, they key point is this: the public blockchain is used as a verification platform, not as a transaction platform. And I think that makes sense.
What’s probably most important about the Microsoft approach is the integration with Active Directory. If anything is a step towards corporates accepting some new identity service (whether decentralised, self-sovereign or anything else) it is this integration. It’s first step, but an important step.
xxx
“Where does an alleged war criminal accused of torture and directing mass executions look for work while living in the United States? For Yusuf Abdi Ali, there was an easy answer: Uber and Lyft. Within a couple of days of applying to be a ride-share driver, Ali said he was approved to shuttle passengers from place to place. He’s been doing it for more than 18 months, according to his Uber profile. When CNN reporters recently caught a ride from Ali, the former Somali military commander was listed on Uber’s app as an ‘Uber Pro Diamond’ driver with a 4.89 rating.”
xxx
Snippings