Tuesday, November 20, 2007

This Blog is Rated: College Undergrad

cash advance

Get a Cash Advance

Anti-Phishing Phil on CMU's main home page

http://www.cmu.edu/homepage/collaboration/2007/fall/to-spot-a-scam.shtml



Carnegie Mellon University computer scientists have developed an interactive, online game featuring a little fish named Phil who teaches players cybersecurity tips. "Anti-Phishing Phil" helps users to better recognize and avoid email "phishing" and other Internet scams.

Crayon Physics Game

This is a really cute game that has a nice, sketchy aesthetic.

Thursday, November 01, 2007

Google's OpenSocial Platform

Many of you have probably heard about this new OpenSocial platform that Google has released, which is basically an open form of FaceBook that various other social network platforms (like Orkut, Ning, LinkedIn, Hi5, Friendster, Salesforce.com, Oracle, iLike, Flixster, RockYou, and Slide) will conform to.

What's interesting here is that we actually covered this topic in our Social Web course (with some help from Information Rules), discussing why leaders tend to opt for closed platforms (primarily because they can force a lock-in and ensure customers) while a common strategy for those not in the lead to band together under an open platform to try and beat the leader. History may not repeat itself, but it does have themes.

Some of the questions in class included what Google's strategy would be (keep in mind that this was before the OpenSocial announcement), whether it would fit into their long-term goals ("take over the world", as one student said), and whether they could get others to play ball (the answer apparently being "yes"). Another point of discussion was what kind of apps could be built on top if there were a unified "friend" network.

The real surprise, however, is that MySpace is also joining this OpenSocial platform. This suggests to me that MySpace thinks it is far, far behind the apps curve, and is hoping for a small slice of a larger pie. I find this quite surprising, given MySpace's large user base, definitely something I wouldn't have predicted.

See here for more details:
http://www.news.com/8301-13577_3-9809413-36.html

Tuesday, October 16, 2007

Why Should Any Smart Object Be Stealable?

I've been wondering for a while that, given the cost of "smart" objects, why don't more of them don't have anti-theft mechanisms built in? It seems that there are two basic approaches here: make the stolen object useless, or make it (or the thief) really easy to find.

An example of making the smart object useless comes from a post by Ed Felten talking about how DRM can be used for good, to help prevent your stuff from being stolen.

http://www.freedom-to-tinker.com/?p=1180


How might this work? One possibility is that when the device [iPod] is plugged in to a charger it hasn’t seen before, it makes a noise and prompts the user to enter a password on the iPod’s screen. If the correct password is entered, the device will allow itself to be recharged by that charger in the future. The device will become associated with a group of chargers over time.


There are obvious holes with this approach, most notably stealing the charger, but it seems to me a generally good idea.

An example of making it easier to find the thief is FlickrBooth, which uploads pictures taken from a Mac's iSight camera to Flickr. There's already been one well-publicized example of successfully catching a thief.

A variant I'd like to see: something that can fingerprint the output media of cameras, so if anyone uploads a picture from that camera, you can find it. For example, Flickr already posts a lot of metadata about the camera that took the picture. So somehow record your camera's metadata in a "safe" place, and then use that to search for it if it ever gets stolen. Another possibility: I'm sure some cameras also have unique characteristics. The one I had that was stolen had a subtle scratch mark on all photos. It would be nice to be able to scan lots of images and find if anyone is publishing photos with it.

Anti-Phishing Phil used in High School Class

Just heard about this, our game Anti-Phishing Phil is being used in a high school class, where the topic is "things that can get you in trouble online".

I like this excerpt from the teacher:

I’m doing a unit right on about plagiarism, scams, spam, phishing, urban legends, and all sorts of other things that can get you in trouble online. Students are fascinated by anything that’s illegal, so it’s actually going pretty well.

...

Even with a minimal game structure, students focus on the play and don’t seem to notice that they are being taught a whole set of skills and knowledge. But when it’s over, they can answer my questions. Great stuff.

Wednesday, October 10, 2007

Wanted: A PowerPoint Shrinker

I've noticed that you can often substantially reduce the size of PowerPoint files simply by saving the same file to a new filename. I just did this for a lecture on social networking theory, and it went from 7 megs to 3.5 megs.

I'm trying to guess why PowerPoint does this, and not coming up with any good ideas. It can't be for undo, since PowerPoint eliminates your undo queue whenever you normally save. It might be for faster saves, though I never notice any difference between saving normally and saving to a new file.

At any rate, one thing that would be really nice would be something that did this automatically before emailing it out or posting it on your web site, just imagine the savings!

Clever "Wheel of Lunch" Mashup

Finally, a technologically sound answer to the eternal question "where should we go for lunch?". Take Yahoo Local, mix with Wheel of Fortune, and you have Wheel of Lunch.

http://www.coverpop.com/wheeloflunch/

Monday, October 01, 2007

Buy that song now, through your iPhone

This is a brilliant idea and a really compelling use of ubicomp technologies.

http://www.nytimes.com/2007/10/01/technology/01impulse.html


Like that song you hear playing at Starbucks, but just cannot wait until you get to a computer to download the song?

Starting tomorrow at certain Starbucks stores, a person with an iPhone or iTunes software loaded onto a laptop can download the songs they hear over the speakers directly onto those devices. The price will be 99 cents a song, a small price, Starbucks says, to satisfy an immediate urge.

Anti-Phishing Phil in the News





Anti-Phishing Phil is in the news (1) (2) (3) (4) (5) (6) (7).

Anti-Phishing Phil is a game we've created to teach people not to fall for phishing attacks (ie those fake "please update your account" emails that lead to identity theft).

Try out the game here!

You can also read our research paper here (PDF).

Friday, September 07, 2007

Web Component Architectures

After seeing Fernanda Viegas and Martin Wattenberg's excellent talk about Many Eyes, a web site for social visualizations, it dawned on me that the web is starting to move towards a component architecture based on Application Service Providers.

To wit, if you want a video on your blog, you turn to YouTube, which makes it easy to embed one into your blog page. If you want a map, you turn to Google Maps. And now with Many Eyes, if you want an interactive visualization, you turn to them.

It's pretty clear Google has already caught on to this idea a while back, given their recent efforts in making it easier to embed Google Maps into web pages and their recent announcement about embedding embedding Google books as well.

One of my colleagues, Brad Myers, commented that there may be interesting analogies with ActiveX components. There used to be a somewhat active market for Visual Basic components about a decade ago (no idea how it's faring now). These components made it much easier to build an application, providing things like calculators, timers, clocks, graphs, and so on, rather than having to roll your own.

If this notion of web components is a viable one, it will be very interesting to see how things play out, in terms of what the market would be, viable business models (can there be any small players here?), programming these components, frameworks so that they can interact and play well with each other, distributing the content, and so on. Very interesting indeed.

Friday, August 17, 2007

Programmer Archaeologists

In his book A Deepness in the Sky, sci-fi author Vernor Vinge describes the profession of Programmer Archaeologists. The basic idea was that in the far future, pretty much every piece of software you could imagine has already been created. So, rather than creating new software, the job of the Programmer Archaeologist would be to search for software close to what you wanted, and then adapt that software for your particular needs.

There is a forthcoming paper at UIST2007 (User Interface Software and Technology)that takes us a step closer to this world. Entitled Assieme: Finding and Leveraging Implicit References in a Web Search Interface for Programmers (PDF), it describes a search engine that provides not only documentation of APIs, but also finds snippets of examples. A nice idea, and well-executed.

Monday, August 13, 2007

Google docs has an alpha feature?

This is new: companies used to release products and label them as alpha or beta. Then, web sites rolled out the perpetual beta. Now, Google Docs has a search and replace feature that is labeled alpha. I hope this is something that will not catch on, but as Software-as-a-Service becomes more pervasive, I'm afraid it will.





(FYI this screenshot also shows a working version of the syllabus for The Social Web course that I will be co-teaching this fall)

Thursday, August 02, 2007

How much is a review on Slashdot worth?

Our book, The Design of Sites, was recently reviewed on Slashdot. I actually disagree with the reviewer on several points, in particular that patterns need to be "an elusive insight or 'trick of the trade'", but the main point I want to write about today is how much a review is worth.

About once a day, I check how our book is doing on Amazon.com. Ever since our second edition came out in December 2006, it's been hovering around 2500-4000 in terms of overall sales rank. Checking this morning, our book is at #388. Assuming that Amazon's sales follow a Zipf curve (or is it power law or Pareto? I can never remember), this means a heavy increase in sales.

The problem, though, is that Amazon doesn't reveal what their rankings actually mean, and I only see how many books we sell in 6-month periods, so it's hard to say more with any precision.



Wednesday, August 01, 2007

TRANSCOM, General Norty Schwartz, and the Future of Carbon

A few weeks ago, as part of the Computer Science Study Panel, I had the opportunity to meet General Norty Schwartz, a four-star general that is currently the head of TRANSCOM. TRANSCOM is a unified command charged with all of the transportation issues in the military. As you might imagine, it is a pivotal but underappreciated part of the military.

Talking with General Schwartz was a really fun and insightful experience. He struck me as someone who is slow and steady, rock-solid reliable, the kind of person you would want managing your transportation needs.

However, the thing that pleasantly surprised me was General Schwartz' interests in carbon. Right now, among all of the cabinet departments, the Dept of Defense is the largest consumer of carbon-based fuels, and within the DoD, TRANSCOM is the largest consumer. He mentioned how this wasn't sustainable, and that they were looking into long-term solutions to this problem.

While I realize that his statement wasn't for reasons of being green, it's good to know that this issue is on the radar screen. I also hope it will translate into a shift in how transportation is handled in the DoD for the better.

Friday, July 27, 2007

Anti-Phishing Phil in Portuguese

Wow, this is really cool! Portugal Telecom has taken our Anti-phishing Phil game, but has replaced our fish with a frog. It's like I'm reliving my Frogger days!

http://seguranca.sapo.pt/phishingze/

Wednesday, July 25, 2007

Jim Morris' Notes on Venture Capitalists

My department's former dean has a blog entry about a panel of venture capitalists, hosted by Berkeley and CMU West. My favorite point:


Avoid Web 2.0 companies based upon AAA - Ajax, Adsense, and Arrogance


This makes me wonder what the carrying capacity of Adsense is. How many companies / blogs out there can Adsense fully support?

Monday, July 23, 2007

Heuristic Evaluation for PowerPoint Slides

"Death by PowerPoint" is a phrase the military likes to use to describe those presentations that cause your eyes to dry out and the drool to start coming out of your mouth. Being a tech-oriented HCI person, I figured we could actually develop heuristics, and possibly even a tool, to help address this problem.

Here's my list of heuristics that, all of which I think could be built as a plug-in for PowerPoint:

  • Fonts too small (try to stick to at least 24 points)
  • Too many animations
  • Too many sub-bullets
  • Too much text on the slide
  • Unreadable color combinations
  • Too many lines in a bullet
  • Too many fonts on the slide
  • Ugly fonts

Thursday, July 19, 2007

Alon Halevy on the Database and HCI Communities

Alon Halevy is a former professor of computer science at University of Washington, now at Google. This latest entry from his blog on databases and HCI struck me as interesting for two reasons:


It is tempting to push these problems [of how users work with structured data and their information seeking needs - JIH] to the HCI community, but I would argue this is a mistake. These problems will not be high enough on the agenda of the HCI community (there, if your device doesn’t move or perform magic, it’s uninteresting), whereas for us they are crucial for identifying good research directions and evaluating them. As a community, we need to find a way to encourage research on usability and to learn from the HCI community how to evaluate such research. We need to bring this agenda squarely into our conferences.


The first interesting point is that he sees HCI primarily as being interested in wickedly cool devices. This isn't too far off the mark, unfortunately so in my opinion.

The second is that there needs to be more collaboration between HCI and databases. Overall, I would agree (heck, I'd agree that there needs to be more collaboration between HCI and pretty much every field in computer science).

One problem is that HCI people are often given funny looks by people who don't consider it a hard science, because after all, you only get interesting results from hard sciences that give you measurable numbers.

Another problem, true of all interdisciplinary work, is that there needs to be a challenging research problem from all parties involved. HCI has to be treated as a true partner, not as a service.

A third problem, a reality I have been lamenting, is that you need money to make things happen. For money, it depends on who you get on your grant reviews. For cybersecurity, the CUPS group has been doing really well in combining hci and security. Brad Myers has also been doing really well with respect to software development and hci. For other areas, it's a real toss-up.

A fourth problem is that there aren't really all that many HCI researchers, and most of them are limited to just a few universities. It's hard to do collaborations when a partner isn't there.

I think these issues can be overcome, though. It will just take some more time and a lot more evangelism from all sides to make things happen.

Wednesday, July 18, 2007

Rick Rashid on Directions at Microsoft Research

Rick Rashid, Senior VP of Microsoft Research, has a great talk summarizing research directions at MSR. The most exciting work is perhaps helping developing countries. There is also an awareness that any help should not be done as a charity, as that isn't economically sustainable.

Sunday, July 08, 2007

An online service that airports could use - line estimators

When I got to the Pittsburgh airport today, I was shocked to see how long the line for US Air was for an early Sunday morning. It struck me that airports could offer a really nice service, which is to provide an estimate of how long the line will be at a given time, both for check-in and for security.

I don't think it would be that hard to implement either. Airlines already know how many people should be checking in, and they should know the rough rate at which people can be processed. For the security line, you just need to aggregate the number of passengers across all airlines. Afterwards, calibrate your data (ie fudge the data a little) so that the numbers match reality.

Wednesday, June 20, 2007

Nokia SensorPlanet

Just finished a meeting with some visitors from Nokia. It looks like they are launching a very ambitious program called Sensor Planet, leverage mobile phones as a large scale sensor platform. I have to say it looks pretty exciting!


SensorPlanet is a Nokia-initiated cooperation, a global research framework, on mobile device-centric large-scale Wireless Sensor Networks.

The results of SensorPlanet are 1) a test platform that enables the collection of sensor data on a never seen scale, and 2) a central repository for sharing the collected sensor data for research purposes.

CMU Research Truck

http://www.cmu.edu/news/archive/2007/June/june18_datatruck.shtml



Carnegie Mellon University will demonstrate its new Data Truck, a 36-foot mobile social science laboratory that will allow the university to conduct research involving groups of people, such as senior citizens, who cannot readily come to campus. The Data Truck can be used to interview people engaged in real-life situations to study events as they unfold — for example, the effect of exhaustion on marathon runners crossing the finishing line or the effects of alcohol on the judgment of people tailgating outside Heinz Field before a Steelers game.


I like this last example of a study. :)

Monday, June 18, 2007

A Wearable Display for Team Sports

Here's something that is heavy on the creativity scale:


TeamAwear is a next-generation basketball jersey which allows players to 'wear their performance' in order to enhance the awareness of information during game-play for all stakeholders, including: athletes, coaches, referees, and spectators.


http://www.mitchellpage.com.au/teamawear/

Sunday, June 17, 2007

Economist on "When Everything Connects"

The Economist has a special issue on ubiquitous computing, looking at such topics as different wireless technologies, sensors, and wireless energy. The articles look like a good overview of the current state of the art, I think it's likely I'll use these the next time I teach a course on ubicomp.

http://www.economist.com/specialreports/displaystory.cfm?story_id=9032088


So far, my favorite new insight from the articles:

MANY companies claim to have built a better mousetrap. Rentokil has actually done so. The British building-services firm added a small sensor and a wireless module to its traps so that they notify the building staff when a rodent is caught. This is a big improvement on traps that need to be regularly inspected. A large building might contain hundreds of them, and a few are bound to be forgotten.

Thursday, May 24, 2007

Analysis of Web-based Malware

This looks like an interesting paper:

The Ghost In The Browser: Analysis of Web-based Malware


Abstract:

As more users are connected to the Internet and conduct their daily activities electronically, computer users have become the target of an underground economy that infects hosts with malware or adware for financial gain. Unfortunately, even a single visit to an infected web site enables the attacker to detect vulnerabilities in the user’s applications and force the download a multitude of malware binaries. Frequently, this malware allows the adversary to gain full control of the compromised systems leading to the ex-filtration of sensitive information or installation of utilities that facilitate remote control of the host. We believe that such behavior is similar to our traditional understanding of botnets. However, the main difference is that web-based malware infections are pull-based and that the resulting command feedback loop is looser. To characterize the nature of this rising thread, we identify the four prevalent mechanisms used to inject malicious content on popular web sites: web server security, user contributed content, advertising and third-party widgets. For each of these areas, we present examples of abuse found on the Internet. Our aim is to present the state of malware on the Web and emphasize the importance of this rising threat.

Friday, May 18, 2007

[USAToday] Phones studied as attack detector

This is an interesting idea, related to the Hitchhiking work we've done in the past for detecting how busy a place is, and to my Worldspotting blog entry a while back.


Homeland Security officials are looking into outfitting cellphones with detectors that would alert emergency responders to radiological isotopes, toxic chemicals and biological agents such as anthrax.

...

The Homeland Security Department says the program, called Cell-All, might work this way: Detectors would be placed in cellphones, most of which are already linked to the Global Positioning System. If a detector recorded a hit, the GPS would transmit the location and time to local emergency responders and Homeland Security's operations center.


Of course, there's the question of too many false positives, as well as the very serious privacy concerns involved, especially since there is little direct benefit to end-users.

Monday, May 14, 2007

CANTINA: A Content-Based Approach to Detecting Phishing Web Sites

Our paper entitled CANTINA: A Content-Based Approach to Detecting Phishing Web Sites was presented at WWW2007.


Phishing is a significant problem involving fraudulent email and web sites that trick unsuspecting users into revealing private information. In this paper, we present the design, implementation, and evaluation of CANTINA, a novel, content-based approach to detecting phishing web sites, based on the TF-IDF information retrieval algorithm. We also discuss the design and evaluation of several heuristics we developed to reduce false positives. Our experiments show that CANTINA is good at detecting phishing sites, correctly labeling approximately 95% of phishing sites.


Paper: PDF
Presentation: PPT

Tuesday, May 08, 2007

Is J2ME going to fail for Mobiles too?

While at CHI2007 this past week, I got into a discussion with some old friends about how difficult it was to program Java on mobile phones. In fact, some students working with me have decided to switch from J2ME to FlashLite, because it was faster to do prototypes and because the GUI looked so much better.

I can't help but wonder if Java is making the same mistake it did with desktop GUIs and web browsers. It's hard for me to name compelling Java applets that run in the browser (perhaps the best one I know of is GoProblems). The fundamental problem with Java is that it makes it hard to create attractive GUIs. It just doesn't make easy things easy. Unless J2ME developers get their act together, my prediction is that J2ME will fail on mobiles too.

Wednesday, April 18, 2007

We're Number 1!


Not only has the Pittsburgh area been rated the No. 1 place in the country for Baby Boomers to find love and keep it, but the City of Boomer Love also consumes more Ho Hos than anywhere else.


http://www.post-gazette.com/pg/07108/779032-100.stm

Monday, April 16, 2007

What Happened to 18000 Votes?

I just saw this great talk by Michael Shamos detailing an investigation (that he was part of) into 18000 undervotes in the 2006 election in Florida.

Although I couldn't stay for the whole talk, it looks like there were fairly substantial HCI problems, in terms of the ballot design. When Shamos showed the actual ballot screen in question, I actually didn't see that there were two separate races being shown. The race at the top of the screen was the one that had the huge number of undervotes, but was visually overshadowed by the second race, which had a larger header and had more people running. Of course, the button to go to the next screen is right under the second race, so I could see how people could have easily missed the race that is currently in dispute.

It strikes me that we really need a single ballot design, one that can be massively user tested to ensure usability and understandability. A key problem, though, is that ballots and voting machines are done on a local basis rather than on a national scale, meaning that it would be very difficult to have any improvements translate into practice.

Or as Reagan would have said, the solutions are simple but not easy.

A copy of the full report is available here.

Wednesday, April 11, 2007

Mossberg on Usability and Security

Walt Mossberg has a nice report spotting three important computing trends, namely usability, security, and mobile phones (all three of which I coincidentally work in :)

On usability:

[M]y main criteria for judging digital consumer products have been simplicity, ease of use and reliability -- a sort of index for the burden on the user. And in 1992 most products failed miserably on that scale. They required far too much attention, knowledge and effort by users when theoretically they were supposed to do just the opposite -- namely, to make their lives easier.

...

And by then the World Wide Web had changed everything. It had vastly enriched the experience of computing, adding information, entertainment, communication and commerce on a grand scale.


On security:

[O]ver the past five years, the security problem has morphed into a major hassle for people who own and use Windows computers. Viruses and other malicious software programs are still with us, but now they've been joined by new categories of pernicious technologies, especially spyware, adware, and fake e-mail and Web sites designed to steal your privacy, your money and even your identity. Spam has gone from a nuisance to a plague. And the Internet, for all its numerous benefits, has become an engine for this digital onslaught.

The Social Web: Content, Communities, and Context

This fall, Robert Kraut and I will be teaching a course entitled The Social Web: Content, Communities, and Context (links to PDF of our course flier).




Wednesday, April 04, 2007

IEEE Pervasive Computing Special Issue on Security and Privacy

I'm a guest editor on a special issue of IEEE Pervasive Computing on security and privacy.

SUBMISSION DEADLINE: 1 May 2007

Author guidelines: www.computer.org/pervasive/author.htm
Submission address: http://cs-ieee.manuscriptcentral.com
WIP Deadline: See below
Publication date: September 2007

IEEE Pervasive Computing invites submissions to a special issue on the topic of ÎéÎíSecurity and Privacy in Pervasive Computing.ÎéÎí Example topics include, but are not limited to, the following:
  • Establishing trust in pervasive hardware
  • Preserving security in cyber foraging
  • Software and hardware attestation of remote executions
  • Authenticating with low distraction
  • Using tamper-evident hardware
  • Providing peripheral awareness of trust context
  • Combining privacy with accuracy in location sensing
  • Coping with physical threats to pervasive hardware
  • Encrypting on low-power computing devices
  • Anonymized computing with disposable devices and states
  • Security and privacy of RFID technology
  • Tradeoffs between attribution and anonymity in pervasive systems
  • Pervasive surveillance and privacy - technology and policy issues
  • Design and evaluation experience
  • Usable privacy and security
Submissions should be 4,000 to 6,000 words long and should follow the magazine's guidelines on style and presentation. All submissions will be anonymously reviewed in accordance with normal practice for scientific publications. Submissions should be received by 1 May 2007 to receive full consideration.

In addition to full-length submissions, we also invite work-in-progress submissions of 250 words or less (submit to Molly Mraz at mmraz@computer.org). These will not be peer-reviewed but will be reviewed by the Department Editor Anthony Joseph and, if accepted, edited by the staff into a feature for the issue. The deadline for work-in-progress submissions is 1 August 2007.

Guest Editors

M. Satyanarayanan, Carnegie Mellon University
George Cybenko, Dartmouth College
Jason Hong, Carnegie Mellon University

Tuesday, April 03, 2007

Thursday, March 29, 2007

GPS for Dogs

Just when you thought you've seen it all, Garmin is selling a GPS for dogs. No, not to help the dogs navigate (that would be scary), but to help owners find their dogs.

Sunday, March 25, 2007

WorldSpotting, A New Class of Ubicomp Apps

There's an interesting class of ubicomp apps that I'm calling WorldSpotting. These kinds of apps are mobile systems where people act both as sensors and as users of the system. Some examples WorldSpotting applications include:
  • Gawker Stalker, which lets you track and send updates on where celebrities are in Manhattan
  • Mobile Media Metadata, which lets you easily tag photos with place names, based on what other people have labeled
  • Wardriving, where people both collect data on the location of WiFi access points and use those, for general network access or for location positioning
  • Bustle, a system we are developing that lets you contribute information on how busy a place is, as well as query how busy places are. An example application would be to see how busy the local cafe is.
The pros of WorldSpotting applications is that you can get massive scale without having to install lots of infrastructure, as has typically been done for many ubiquitous computing applications. Thus, WorldSpotting is a hybrid between personal ubiquitous computing, that is applications that serve and describe individuals, and place-based ubiquitous computing, applications that serve and describe places.

However, there are many challenges in building WorldSpotting applications, many of which we found through a great deal of trial and error in building and evaluating Bustle. These include:
  • How to actually do sensing? Sensing can be done manually, as in Gawker Stalker, or automatically. Here, the issues include timeliness, accuracy, overhead for users, and the cost of additional sensors (which may be the greatest barrier, since manufacturers tend to be conservative due to costs). With Bustle, we overcame this problem by using WiFi, which is now a commodity on laptops.
  • How to share sensed information? Since we don't have ubiquitous wireless networking yet, it is possible to collect data and then share it later on once re-connected to the network. In some cases, this is still useful, for example WarDriving, but in other cases, stale data is useless.
  • How to detect and prevent cheating? This is a question we often get about Bustle, which is, what is to prevent cafe owners from saying that there place is only moderately busy, to fool people into going there? There isn't a clear solution yet, but one possibility is reputation management, looking for people whose data consistently matches other people's. Another is to look for anomalies, for example, a computer that only reports from one location.
  • How to calibrate world models? One of the issues we had with Bustle is that we could automatically sense the number of WiFi devices, but needed some human interaction to translate that into the number of people and the number of open tables in an area. With enough people, you could do statistical techniques to calibrate what sensed readings actually mean in practice.
  • How to manage end-user privacy? One of the potential risks in WorldSpotting is that people who contribute data can be tracked. Another potential risk is sensor data mining, looking for people whose readings are consistently similar, which can be used to infer that there is some kind of relationship. In Bustle, we tried to minimize this by using anonymous readings and by eliminating as much data as possible on the client-side, before the data is shipped to us. For example, we don't get any data about WiFi MAC addresses, nor do we want any.
  • How to provide incentives to collecting data? This is another question we often get about Bustle, which is why a person would want to collect and share data. From a game theory perspective, there is little upside to sharing data, but a fair amount of possible downside, in terms of privacy and overhead. One possible solution here is to make everything automatic, so that people don't have to do anything special at all. Another possible solution is to provide a scoreboard. One need only look at the SETI@Home statistics to see that there will be some set of people who will fight and fight hard to be on top. It's also interesting to point out that a non-trivial number of people contribute wardriving data, with little to personally gain. However, these issues point to a larger and deeper question, namely...
  • How many people does one need for coverage? This is still an open question, but our early data for Bustle suggested that we only needed about 20 participants to cover half of the buildings on the CMU campus. Obviously, more is better, but my instinct here says that you would need fewer people than you might think to get good enough data in practice.
To wrap up, I though I'd include other possibly interesting WorldSpotting applications:
  • Cars that have "bump" sensors in them, to detect potholes in the ground. With enough cars, you could have a real-time map of what roads in a city need to be fixed
  • Bus Finder. With enough people running the app on their phone, you could have real-time maps showing where the buses are and how busy they are. This is especially useful in Pittsburgh, since buses tend to be full on snowy and rainy days, and hence don't stop for new passengers.
  • Airport lines. You could have real-time data on how long the lines for tickets and for the security checks are. I've personally missed more than one flight by underestimating this.

Thursday, March 22, 2007

But Capybara Aren't Fish!

If you hang around me long enough, you'll eventually hear my story about how South Americans consider capybara's, the world's largest rodent, as fish. (If you hang around me long enough, you'll also find out that Regis Philbin is my mortal enemy and that I once found myself with a black guy and two Filipinos in the middle of a KKK march, but those are stories for another time).

To wit, one of my friends (James Lin, of Lincoln Highway fame) has just forwarded me an article from the New York Times about the world's most delicious rodent (I bet Amazon's statistically improbable phrases would have fun with that one). As you can see in the picture below, it's pretty obvious that capybara aren't fish.



So here's the Gray Lady on rodent-fish:


The annual hunt comes before Easter, when capybara has a status in Venezuela similar to that of turkey during Thanksgiving. While the Roman Catholic Church generally forbids eating meat during certain days of Lent, many Venezuelans insist that the capybara is more akin to fish than to meat.

...

That may have something to do with how salted capybara tastes, resembling a mixture of sardines and pork. Legend has it that eating capybara, known here as chigüire (pronounced chee-GWEE-reh), got a boost in the 18th century when the local clergy asked the Vatican to give capybara the status of fish.

Perceptive Pixel - Large Interactive Touchscreens

Jefferson Han, the person whose work on interactive touchscreens has been all over YouTube and featured at the TED conference, has founded a startup to commercialize his technologies.

I think it's interesting that large interactive screens have been around for quite a while. For example, Stanford's iRoom, Fraunhofer IPSI's iLand, the old Liveworks (that commercialized the LiveBoard), Smart Technologies (that sells SmartBoards), and MERL's DiamondTouch, just to name a few.

I remember being the session chair for Jefferson when he presented at UIST 2005, and thinking that there were two key differences. The first is that the technology is cheaper than anything else out there. Ridiculously cheaper by an order of magnitude. Most large interactive displays cost thousands of dollars, whereas Jefferson's work only required a cheap sheet of plexiglass, a projector, and a camera. It's cheap enough that I've been trying to encourage students in my classes to build their own (without any results yet though).

But I don't think this was enough to capture the blogosphere's attention. I think what really took hold was the smooth interaction techniques that he's developed. Most of them aren't novel from an interaction standpoint, but they highly polished and look really fun to use. Take a look at the original videos of the multi-touch screen and the videos showing the larger screens used for the startup, and you'll see what I mean. They've got a fast response rate, a certain flair, and a fun sense of play, definitely things we should pay more attention to in research.

Thursday, March 15, 2007

Motion Computing C5 Mobile Clinical Assistant

Looks like this is another push for tablet PCs in hospitals. The platform itself seems quite nice, in that it has wireless networking, barcode readers and a built-in camera to make it easy to get data, and has smooth surfaces all around to make it easy to clean and disinfect.

http://www.motioncomputing.com/products/tablet_pc_c5.asp

How Many People Does it Take to Change the World?

One interesting thing that happened last month was that I got to meet Alan Kay, one of the researchers at PARC that helped invent our modern conception of personal computing back in the 1970s. He said many things that struck me, but one stood out in particular, namely that it only took about 25 researchers at PARC to develop it all, from ethernet to GUIs, from Smalltalk to the laser printer. The key to it all, though, was having a shared vision that 25 really smart and independent people could agree on.

This is something I've noticed about the original Ubiquitous Computing project as well (also done at PARC), in that there was a grand shared vision that a lot of really smart people believed in and pushed for.

However, I'm not sure if this is something we could easily re-create today. It's hard enough to get 25 people to agree on anything, but there's also the funding issue, in that NSF can't fund projects that large and DARPA no longer will. I also don't think that this is something that could have happened in academia, since we're all fighting to establish our own independent identities and reputations. I think things like the PC and Ubiquitous Computing could have only happened in industry, where you can have a strong enough management that can bash enough heads to make things happen.

Monday, January 15, 2007

How Little Web Sites Have Changed Over the Past 6 Years

In our book, The Design of Sites, we show how little major web sites have changed over the past few years. Below is an image (click to zoom) that shows this. Here's what we wrote in our book:


Figure 2.10 shows how the homepages of some prominent Web sites have changed during the past six years. With the exception of Google, which has always stressed simplicity, it is interesting to note that the only major change has been an increase in the information density of these Web pages. In fact, Web design has already converged on what we call the “common Web look and feel.”


Saturday, January 06, 2007

The Design of Sites, 2nd Edition

The second edition of our book The Design of Sitesis finally out! It includes some new design patterns on the mobile web, AJAX technologies, and security.

There are also:

  • Seventeen new design patterns to add to the original ninety
  • More than twenty significantly updated patterns
  • 450 four-color screen shots and diagrams, including more than 150 new images


You can also check out this interview with my co-authors, James and Doug (I was out traveling at the time :)
http://www.lets-talk-computers.com/guests/awl/design_of_sites/

Kinetic Sculptures

BMW is featuring the work of Theo Jansen in one of their commercials. Mr. Jansen creates kinetic sculptures, which in this case is a large mechanical insect that uses wind to power its legs. You really have to see this video to believe it!

http://youtube.com/watch?v=sKYoLbPDyao

Thanks to Leila Takayama for telling me about this.