Month: April 2008

Categories
dab digital radio radio technology

Too much technology

YouFM by NickPiggott@flickr

This week I was lucky enough to meet up with my colleagues and peers in the German commercial radio industry, and spend a day at a seminar organised by VPRT in Berlin. It gave me an insight into their world, and their situation, which I’ve been lacking for a long time. It also made me realise that they’re being let down by some technologists.

DAB Digital Radio has been dominated by public service broadcasters, and the membership of WorldDMB is testament to that fact. Of the hundreds of members of WorldDMB, only 3 commercial radio companies are represented; GCap Media (UK), Channel 4 Radio (UK) and Commercial Radio Australia. The UK’s approach of co-operation between the public and commercial sectors has been an exceptional undertaking. Only recently have commercial broadcasters begun to engage with DAB, visibly in Switzerland, France, Australia, Germany, and the mood is changing elsewhere.

What I’ve learnt in my two days with my German colleagues is that they’re asking very good questions, and indeed probably more informed and relevant questions than we did when we kicked off DAB in the mid-90’s. There are lots of questions that need answers, and when those answers have been gathered and assessed, then there will be a decision on a commitment to Digital Radio.

Not unsurprisingly, quite a lot of their questions are about making the right technology choices, and this is where I believe they’re being let down by some technologists.

Technologists love to create technology. There is always a better solution to a problem, a better framework to work within, a new concept, a new library. COMET, XMPP, Ruby on Rails, Java – technologists thrive and survive on new ideas and new, cleverer, solutions to problems. German technologists are no exception, and their innovations have been exceptional – DAB, MP3, RDS – all have significant input from German technologists, and my personal experience is that they have some incredibly agile and intelligent technologists. I would trust my life with some of the guys at Fraunhofer.

But sometimes technologists’ ability to create endless solutions means uncertainty and instability. And sometimes technologists create problems in order to create solutions to justify their existence.

One of the difficulties I see my German colleagues grappling with is whether they are using the right technology for Digital Radio. Should it be DAB? Or DAB+? Or “DMB Audio”? Or DAB-IPDC? Or DXB? Or IBOC? Or…..? Nobody wants to make the wrong decision, and buy into an out of date technology. And whenever it looks like the number of choices is narrowing, a technologist pops up and throws another suggestion in the ring. And, of course, they all claim to offer the ultimate, most future proof, elegant, scalable and cheapest solution.

Of course, I can help a bit. Don’t use DAB. It’s out of date. But if the UK had hung on in 1998 waiting for a “better” technology, we’d never have got on-air, never sold 7m+ receivers, and never made a success of DAB. And at least we have a relatively obvious migration path to DAB+.

Indeed, it analogous with buying a computer. Just accept that whatever you buy will be superceded in 6 months (or indeed, may already be superceded). If you keep waiting, you’ll never buy a computer and you’ll still be scratching on stone tablets when everyone else is sending e-mail and chatting on Facebook.

It’s a shame that some technologists can’t be a bit more market aware, and look beyond their ability to cook up new ideas and bring a bit more balanced assessment. It’s not providing a solution to keep creating new solutions. Answer more questions, provide more data. Which solution is most elegant? Most spectrum efficient? Most backwards compatible? Most closely matches the requirements list? (Is the requirements list reasonable?). How much will devices cost? Who will be building them? When will they be available? And of course, who else is using this technology set?

I hope the technology issue in Germany can be closed down fairly soon. They’re definitely suffering from too much technology, and it’s not helping. If they can slim down the candidates against a list of reasonable requirements, say “no” to people trying to bounce new/unproven solutions onto them, and make a technology choice, it will tick another box on the check-list marked “Things To Do To Launch Digital Radio”.

I also caught up with Sebastian Kett and Michael Reichert from SWR, home of the rather marvellous DasDing. A blog on what they’re up to will follow….

Categories
real life technology

(In)security through obfuscation

cutting loose by SqueakyMarmot @ flickr

Any security expert worth his salt will tell you that trying to achieve security by hiding things from people is doomed to failure. This week, I had a worrying reminder of how imperfect the security around banking can be.

I have been scanning in credit card receipts from a journey I made recently to a well-developed, technically advanced, Western country. Indeed, I was able to pay for absolutely everything on my plastic, hence the forest size collection of receipts.

Ironically, the trip started with a bump because my bank refused to authorise a withdrawal from a cash machine, necessitating a (long) phone call to their customer service department to get the mandatory foreign roaming block lifted. Apparently I have to do it every time I leave the country.

But it’s the credit card receipts which were most interesting. I’m not going to reproduce them here, because the security risks are extreme.

Once upon a time, all the digits of a credit card and its expiry date were visible on the receipt, which make it a fraudsters paradise. Simply by stealing a receipt, particularly one with a signature on, you could relatively easily make fraudulent transactions until the genuine cardholder noticed and called stop.

So, in the UK at least, the digits are now obscured. Only the last 4 digits remain visible, along with the expiry date, thus leaving somewhere around 50,000,000 permutations to guess my card details. (Assuming that there is a smaller subset of card issuer codes than the 9999 allocated, and that some cards will indeed share the same expiry date as mine). I find the last 4 digits invaluable to work out which card I’ve put something on, so I consider the risks acceptable for the benefit I gain, and obviously UK banks too. I’ve never seen a UK credit card receipt show anything other than last 4 digits and expiry date. (Let me know if you have seen different – excepting the old manually swipe receipts!).

Flicking through my foreign receipts, I noticed that the obfuscated digits varied from receipt to receipt. One of the showed last 4 digits. One blanked out 4 digits in the middle (starting at position 10) and another blanked out 4 digits (starting at position 12). So my three receipts looked like this:

XXXXXXXXXXXXDDDD
DDDDDDDDXXXXDDDD
DDDDDDDDDDXXXXDD

The observant of you will now have noticed that, by holding those three receipts, only TWO digits of my card remain unknown. That’s 100 guesses. And to add interest to the matter, credit cards use a CRC-style validation, so you wouldn’t need to crank this through much of a Visual Basic programme to find the unique number that matched that particular validation code.

I’m amazed that this obfuscation isn’t standardised to prevent this kind of risk occurring. I think that the second and third examples are hideously insecure anyway, giving away the type and issuer of the card (first four digits) allowing an attack on a wider number of vectors. Why does anyone need to see so many digits of a card number?

In none of the above cases was I asked for a PIN number, nor was the CVV of the card checked. Just a simple scribble on the paper copy of the receipt. It’s incredible.

There doesn’t seem to be much I can do to reduce this risk, other than keeping a very tight grip on my own receipts (which I do as a matter of course), and check my credit-card on-line every couple of days. But if those three merchants ever get together with my (and other peoples’) receipts, they could have a heck of a party.

Categories
radio technology

Timeshifted Interaction

Macromote by jbwan @ flickr

The digitisation of media comes with costs and justifications.

One often touted justification for the cost of digitisation is that digital media will be more interactive, and that interactivity will lead to new revenues, increased profitability and so on.

Great theory. But the practice is proving rather difficult, because the interactivity isn’t happening as much as people had hoped. And less interactivity means that the potential revenues aren’t being realised. Falling at the first hurdle, and all that.

Let me make a postulation as to why. Maybe your moment of interest doesn’t coincide with the time to do anything meaningful about it. Maybe you don’t have time to interact right there and then. Maybe the device you’re using is particularly bad at doing interactivity.

Here’s two examples to explain better what I mean:

  • You’re watching The Simpsons / Family Guy / American Dad (insert wittily written, Korean drawn animation of your choice). The adverts start, and one of them is an advert for a car you’re kinda interested in. Pop quiz: What do you want to do now? a) Spend 10 minutes waiting for the interactive app to download, fill in the form “SMS-style” with the numeric keypad on the remote control, and confirm your ideal time to take a test drive whilst missing the programme you sat down to watch or b) ignore or that and watch the programme you sat down to watch in the first place.
  • You’re driving in your car (maybe the one you bought off the TV?), listening to the radio. You think the presenter’s quite funny, worth hearing more of. Do you a) stop to write down the URL of the show podcast and webpages or b) keep driving and keep repeating the URL in your head until something far more important (like traffic lights, or a speed camera) causes it to pop, irrevocably, out of your head.

It seems strange to me that we demand that people go immediately from “oh yes, that’s interesting” to full scale engagement. Why on earth do we expect people to try and do complex interaction on devices with tiny little screens and a single rotary-push dial?

If we can timeshift and pause media, why can’t we timeshift and pause interaction?

Why not let people do the “complicated” business of providing their personal information using a proper browser on a proper computer, and at a time that suits them? With better user interfaces, you can design experiences that will draw people in, maybe show them other things around that time, or around that event, that they might also be interested in. It’s simply a richer environment, in terms of time, attention and presentation.

I think it’s smarter to let people simply tag / pop / bookmark what they’re interested quickly and simply across their day, and then allow them to review what they’ve thought was interesting in their own time, in their own space. Let people take control of their interactions, and do it more on their own terms. Who knows, maybe they’ll do more of it?

There some interesting work going on around this subject; updates to follow.