brad's blog

Browser support for "sessions" to make them longer

I'm actually not a fan of login and sessions on the web, and in fact prefer a more stateless concept I call authenticated actions to the more common systems of login and "identity."

But I'm not going to win the day soon on that, and I face many web sites that think I should have a login session, and that session should in fact terminate if I don't click on the browser often enough. This frequently has really annoying results -- you can be working on a complex form or other activity, then switch off briefly to other web sites or email to come back and find that "your session has expired" and you have to start from scratch.

There are times when there is an underlying reason for this. For example, when booking things like tickets, the site needs to "hold" your pending reservation until you complete it, but if you're not going to complete it, they need to return that ticket or seat to the pool for somebody else to buy. But many times sessions expire without that reason. Commonly the idea is that for security, they don't want to leave you logged on in a way that might allow somebody to come to your computer after you leave it and take over your session to do bad stuff. That is a worthwhile concept, particularly for people who will do sessions at public terminals, but it's frustrating when it happens on the computer in your house when you're alone.

Many sites also overdo it. While airlines need to cancel your pending seat requests after a while, there is no reason for them to forget everything and make you start from scratch. That's just bad web design. Other sites are happy to let you stay "logged on" for a year.

To help, it would be nice if the browser had a way of communicating things it knows about your session with the computer to trusted web sites. The browser knows if you have just switched to other windows, or even to other applications where you are using your mouse and keyboard. Fancier tools have even gone so far as to use your webcam and microphone to figure if you are still at your desk or have left the computer. And you know whether your computer is in a public space, semi-public space or entirely private space. If a browser, or browser plug-in, has a standardized way to let a site query session status, or be informed of session changes and per-machine policy, sites could be smarter about logging you out. That doesn't mean your bank still should not be paranoid if you are logged in to a session where you can spend your money, but they can be more informed about it.

Topic: 

Take it easy, Don Henley

Yesterday, Don Henley (of the Eagles) penned an editorial in USA Today supporting the Protect IP Act (PIPA) which has serious free speech implications and turns web sites into copyright police. Don called out both the EFF (of which I am a Director) and Google (which is a consulting client of mine) so I have this whimsical response for him:

How the internet and its pricing really work

Today an op-ed by John Sununu and Harold Ford Jr. of "Broadband For America" (a group of cable companies and other ISPs which says it is really a grass-roots organization) declared that the net needs a better pricing model for what Netflix is doing. For a group of ISPs, they really seem to not understand how the internet works and how pricing works, so I felt it was worthwhile to describe how things work with a remarkably close analogy. (I have no association with Netflix, I am not even a customer, but I do stream video on the net.)

You can liken the internet to a package delivery service that works somewhat differently from traditional ones like the postal service or FedEx. The internet's pricing model is "I pay for my line to the middle, and you pay for your line to the middle and we don't account for the costs of individual traffic."

In the package model, imagine a big shipping depot. Shippers send packages to this depot, and it's the recipient's job to get the package from the depot to their house. The shippers pay for their end, you pay for your end, and both share the cost of creating the depot.

Because most people don't want to go directly to the depot to get their packages, a few "last mile" delivery companies have sprung up. For a monthly fee, they will deliver anything that shows up at the depot addressed to you directly to your house. They advertise in fact, that for the flat fee, they will deliver as many packages as show up, subject to a fairly high maximum rate per unit of time (called bandwidth in the internet world.) They promote and compete on this unlimited service.

To be efficient, the delivery companies don't run a private truck from the depot to your house all the time. Instead, they load up a truck with all the packages for your neighbourhood, and it does one delivery run. Some days you have a lot of packages and your neighbours have few. Other days you have few and they have a lot. The truck is sized to handle the high end of the total load for all the neighbours. However, it can't handle it if a large number of the neighbours all want to use a large fraction of their total load on the same day, they just didn't buy enough trucks for that, even though they advertised they were selling that.

This is not unreasonable. A majority of the businesses in the world that sell flat rate service work this way, not just internet companies. Though there are a few extra twists in this case:

  • The last mile companies have a government granted franchise. Only a couple can get permission to operate. (In reality -- only a few companies have got permission to have wires strung on poles or under the street.)
  • Some of the last mile companies also used to be your exclusive source for some goods (in this case phone service and TV) and are concerned that now there are competitors delivering those things to the customers.

The problem arises because new services like Netflix suddenly have created a lot more demand to ship packages. More than the last mile companies counted on. They're seeing the truck fill up and need to run more trucks. But they proudly advertised unlimited deliveries from the depot to their customers. So now, in the op-ed, they're asking that companies like Netflix, in addition to paying the cost of shipping to the depot, pay some of the cost for delivery from the depot to the customer. If they did this, companies would pass this cost on to the customer, even though the customer already paid for that last mile delivery.

Topic: 

Gallery of regular photos from Burning Man 2010

As I prepare for Burning Man 2011, I realized I had not put my gallery of regular sized photos up on the web.

Much earlier I announced my gallery of giant panoramas of 2010 which features my largest photos in a new pan-and-zoom fullscreen viewer, I had neglected to put up the regular sized photos.

Opening US immigration

Tuesday we and Aneesh Chopra, CTO of the USA come to Singularity University and among many things, he was asked about immigration. (In part because our class comes from 35 countries and many of them would love to be entrepreneurs in the USA.) Chopra announced some immigration rule clarifications that had come out that day which will help things somewhat. They did rule clarifications because getting congress to do meaningful reform is very hard.

Topic: 

The Allocation problem, assigning students to sessions

This is a challenge to blog readers to come up with (or find examples in practice) of good systems to allocate students to parallel sessions based on their preferences. I've just concluded one round of this, and the bidding system I built worked OK, but is not perfect.

The problem: Around 80 students. On 10 days over 4 weeks they will be split into 3-5 different parallel sessions on those days. Many sessions have a cap on the number of students, and more students will have them as a 1st choice than can fit. Some sessions can take many students and won't fill up. The students can express their preference as ranking, or with numeric values.

This is known in the literature as the Allocation problem, and there are various approaches, though none I found seemed to fit just right, either being easy to code or having existing running code. But I am keen on pointers.

The goals:

  • Maximize student satisfaction/minimize disappointment. Giving a student their 1st choice is good. Giving 3rd or 4th choices is bad.
  • The system must be easy for the students to understand and use.
  • Fairness. This has many meanings, but ideally mismatches that can't be avoided should be distributed. If somebody gets a 4th choice one day, they perhaps should have a better shot at a 1st choice on another day.
  • It's nice if there's a means of applying penalties to students who violate rules, sneak into sessions etc. Academic violations can result in less chance at getting your 1st choice.
  • It should be flexible. Sessions may have to be changed or many not fully finalize until a week before the session.
  • It is nice to handle quirks, like duplicated sessions a student takes only once, but where the student might have preferences for one of the instances over another. There may also be pre-requisites, so only students who take one session can have the sequel.
  • Things change and manual tweaking can be advised.

Rank sessions in order, 1st come, 1st served

This was used in the prior year. Much like a traditional sign-up sheet in some ways, students could indicate their choices in order. If more students had a session as 1st choice than would fit, the ones who filled out their form first got in. This gave priority over all 10 days and so it was changed to rotate each week to distribute who was first in line.

Topic: 

Robocar legality in Nevada, Germany and more news

A wrapup of robocar news from the past couple of weeks:

Nevada governor Brian Sandoval rides in Google Car

After Nevada's recent legislation directing their DOT to explore legal operations for robocars in the state, the governor "took the wheel" of a Google car. Very positive impressions from the governor and DMV head.

Topic: 

A solar panel on a robocar

I often see people say they would like to see solar panels on electric cars, inspired by the solar-electric cars in the challenge races, and by the idea that the solar panel will provide some recharging for the car while it is running and without need to plug it in.

It turns out this isn't a tremendously good idea for a variety of reasons:

Canada has a giant zombie in it

I discovered this year that something I've seen a zillion times, the standard map of Canada, features a giant, brain-eating zombie. I'm naming the zombie "Hudson" because that's the Bay that makes up most of him. He's a plump undead with stubby legs, a big blank eye (Price Charles Island,) and a slack jaw, and it looks like Newfoundland is in trouble.

Topic: 

Car users frustrated with their tech

The latest JD Power survey on car satisfaction has a very new complaint that has now the second most annoying item to new car owners namely problems with the voice recognition system in their hands-free interface. This is not too surprising, since voice recognition, especially in cars, is often dreadful. It also reveals that most new tech has lots of UI problems -- not every product is the iPod, lauded from the start for its UI.

Robocar projects, laws and other news

An update on the backlog of robocar related news caused by my recent travel and projects:

Nevada law

Many people have noticed the new law recently passed in Nevada which directs the Dept. of Transportation to create guidelines for the introduction of self-driving cars on Nevada roads. Here is the text of the law. Because Google, whom I consult for on robocars, helped instigate this law, I will refrain from comment, other than to repeat what I've said before: I predict that most transportation innovation will take place in robocars because they will be built from the ground up and bought by early adopters. The government need merely get out of the way and do very basic facilitation. This is very different from things like PRT and new transit lines, which require the government's active participation and funding.

You'll find lots of commentary on the story in major news media.

Volkswagen announces simple self-driving car

Topic: 

The efficacy of trusted traveler programs

A new paper on trusted traveler programs from RAND Corp goes into some detailed math analysis of various approaches to a trusted traveler program. In such a program, you pre-screen some people, and those who pass go into a trusted line where they receive a lesser security check. The resources saved in the lesser check are applied to give all other passengers a better security check. This was the eventual goal of the failed CLEAR card -- though while it operated it just got you to the front of the line, it didn't reduce your security check.

The analysis shows that with a "spherical horse" there are situations where the TT program could reduce the number of terrorists making it through security with some weapon, though it concludes the benefit is often minor, and sometimes negative. I say spherical horse because they have to idealize the security checks in their model, just declaring that an approach has an X% chance of catching a weapon, and that this chance increases when you spend more money and decreases when you spend less, though it has diminishing returns since you can't get better than 100% no matter what you spend.

The authors know this assumption is risky. Turns out there is a form of security check which does match this model, which is random intense checking. There the percentage of weapons caught is pretty closely tied with the frequency of the random check. The TTs would just get a lower probability of random check. However, very few people seem to be proposing this model. The real approaches you see involve things like the TTs not having to take their shoes off, or somehow bypassing or reducing one of the specific elements of the security process compared to the public. I believe these approaches negate the positive results in the Rand study.

This is important because while the paper puts a focus on whether TT programs can get better security for the same dollar, the reality is I think a big motive for the TT approach is not more security, but placation of the wealthy and the frequent flyer. We all hate security and the TSA, and the airlines want to give better service and even the TSA wants to be hated a bit less. When a grandmother or 10 year old girl gets a security pat down, it is politically bad, even though it is the right security procedure. Letting important passengers get a less intrusive search has value to the airlines and the powerful, and not doing intrusive searches that seem stupid to the public has political value to the TSA as well.

We already have such a program, and it's not just the bypass of the nudatrons (X ray scanners) that has been won by members of congress and airline pilots. It's called private air travel. People with their own planes can board without security at all for them or their guests. They could fly their planes into buildings if they wished, though most are not as big as the airliners from 9/11. Fortunately, the chance that the captains of industry who fly these planes would do this is tiny, so they fly without the TSA. The bypass for pilots seems to make a lot of sense at first blush -- why search a pilot for a weapon she might use to take control of the plane? The reality is that giving a pass to the pilots means the bad guy's problem changes from getting a weapon through the X-ray to creating fake pilot ID. It seems the latter might actually be easier than the former.

Back from Botswana, I want better audio for my video

This blog has been silent the last month because I've been on an amazing trip to Botswana and a few other places. There will be full reports and lots of pictures later, but today's idea comes from experiments in shooting HD video using my Canon 5D Mark II. As many people know, while the 5D is an SLR designed for stills, it also shoots better HD video than all but the most expensive pro video cameras, so I did a bit of experimenting

The internal mic in the camera is not very good, and picks up not just wind but every little noise on the camera, including the noises of the image stabilizer found in many longer lenses. I brought a higher quality mic that mounts on the camera, but it wasn't always mounted because it gets a little in the way of both regular shooting and putting the camera away. When I used it, I got decent audio, but I also got audio of my companion and our guide rustling or shooting stills with their own cameras. To shoot a real video with audio I had to have everybody be silent. This is why much of the sound you see in nature documentaries is actually added later, and very often just created by Foley artists. I also forgot to turn on my external mic, which requires a small amount of power, a few times. That was just me being stupid -- as the small battery lasts for 300 hours I could have just left it on the whole trip. (Another fault I had with the mic, the Sennheiser MKE 400, was that the foam wind sleeve kept coming off, and after a few times I finally lost it.)

Topic: 

Terminal mode or a standard mounting port for mobile phones in cars?

It's very common to use mobile phones for driving activities today. Many people even put in cell phone holders in their cars when they want to use the phones as navigation systems as well as make calls over a bluetooth. There's even evidence that dashboard mounting reduces the distracted driving phenomenon associated with phones in cars.

Selling empty middle seats by dutch auction

I have written before about letting passengers pay for an empty middle seat next to them and recently about ANZ's cuddle class and related programs which partially implement this.

While I believe airlines could sell the empty middle for somewhere in the range of 30-40% of a regular ticket, this still has issues. In particular, are they really going to bump a poor standby passenger who had a cancelled flight and make them stay another night so that people can get a more comfortable seat?

One idea is to allow the sale of empty middles by dutch auction. In effect this would say, "If there are going to be empty middles on this plane, those who bid the most will get to sit next to them." If this can be done, it's a goldmine of extra revenue for the airline. What they sell costs them nothing -- they are just selling the distribution of passengers on the plane. If the plane fills up, however, they sell it all and nobody is charged.

The dutch auction approach would let each passenger make an offer. If there are 5 empty middles, then the 10 people who sit next to them win, but they all pay the 10th highest bid price. If only 9 passengers bid, the 10th highest price is zero, and everybody pays zero -- which is what happens today, except it's semi-random. While this may seem like a loss for the airline, many game theory tests suggest that dutch auctions often bring the best result, as they make both sides happy, and people bid more, knowing they will actually pay the fair price if they win.

(On the other hand, airlines are masters at having two people pay vastly different prices for exactly the same thing and have managed to avoid too much resentment over it.)

There is one huge problem to solve: How do you arrange that matched bidders are sitting together to share the empty middle? Each empty middle benefits two passengers.

Google Robocars at TED, Shanghai bubble cars, Robot Week, lives saved

Here's a few Robocar updates.

First of all, the TED talk given by Sebastian Thrun, leader of the Google self-driving car team (disclaimer: they are a consulting client) is up on the TED web site. This is one of the short TED talks, so he does not get to go into a lot of depth, but notable is one of the first public showings of video of the Google car in action on ordinary city streets. (The first was at PodCarCity, but video was not made available on the web.)

Topic: 

Pages