A QR code is not a way of life

For years I have adopted and used the phrase “a tool is not a way of life,” and almost started a blog with that title. I’m glad I didn’t, because…well, because a tool is not a way of life, and who would want to read an entire blog with posts about THAT?

One tool that I have used off and on is the QR code. Years ago, one of my annual corporate goals was to explore how my then-employer could use QR codes; at the time, there wasn’t any pressing need to adopt them.

I have since chosen to adopt QR codes for some of my Bredemarket work, especially in cases where an online reader may need additional information.

For more information about the Bredemarket 2800 Medium Writing Service, scan the QR code above. My content creation process didn’t fit on this brochure.

Of course, I’m not the only one who has adopted QR codes, and dissemination of detailed information isn’t the only reason to use QR codes.

For example, you may want to use QR codes to prevent yourself from dying due to a global pandemic.

And when that particular use case emerged about two years ago, restaurants rushed to adopt it, and vendors of QR code solutions rushed to promote them.

[M]any of these fortune tellers have something to sell. The most recent of these visionaries are those who have declared that QR codes are here to stay. Leaders in the online ordering and pay-by-phone business offer statistics to prove that the technology has been fully embraced and will continue to outlive the pandemic as the norm for restaurants. Operators who have fully leaned into QR code integration celebrate the news, broadcasting to investors that the technological investments and the pivots to less employee-reliant labor models were prudent, if not prescient, moves.

But now that the pandemic is (hopefully) receding, the shakeout (no, not THAT shakeout) is occurring. For some restaurants, ordering and paying with QR codes and other technological devices is a benefit, but for others, it is a detriment.

If your product is an immersive experience—or the facilitation of relationships—QR code usage may turn out to be counterproductive….

At Barcelona Wine Bar, we heard early on the frequent complaints from guests about QR fatigue and pivoted back to paper menus. Sales increased as each of our restaurants returned to in-person service. More importantly, so did guest satisfaction. We have recently returned thick, leather-bound wine lists to our tables for guests to leaf through instead of asking them to do more mindless online scrolling. QR ordering and payment will remain an option out of courtesy to those who feel safer or find it more convenient. However, as hosts, we would much prefer the opportunity for a final check-in and good-bye.

Here is another example of using a tool when it makes sense, and not using it when it doesn’t.

And this doesn’t have to do with “authenticity,” since the Barcelona Wine Bar concept is just as much a manufactured concept as that of Cracker Barrel and Starbucks (which have embraced QR codes and related technologies).

I only have one complaint that applied to both the Barcelona Wine Bar concept AND the Starbucks concept.

If you are an operator who puts little stock in on-site dining, recognize that customers on their phones often do not hear music, notice artwork and architectural details, nor care if the bartender is smiling or not. 

Perhaps there’s a reason why customers do not hear your music.

Perhaps the customers do not like your music.

If a restaurant truly wants to facilitate conversation, turn the danged music off!

The (possible) Afghan data treasure trove doesn’t just threaten the Taliban’s enemies

Recent events in Afghanistan have resulted in discussions among information technology and security professionals.

Taliban fighters in Kabul, Afghanistan, 17 August 2021. By VOA – https://www.youtube.com/watch?v=nAg7egiXClU, Public Domain, https://commons.wikimedia.org/w/index.php?curid=109043891

One August 17 article from the Intercept hit close to home for me:

THE TALIBAN HAVE seized U.S. military biometrics devices that could aid in the identification of Afghans who assisted coalition forces, current and former military officials have told The Intercept.

This post talks about the data the Taliban could POTENTIALLY get from captured biometric devices and other sources, and how that data could conceivably pose a threat to the Taliban’s enemies AND the Taliban itself.

What data could the Taliban get from biometric devices?

The specific device referenced by the Intercept article was HIIDE…and let’s just say that while I don’t know as much about that device as I should, I do know a little bit about it. (It was manufactured by a company that was subsequently acquired by Safran.)

Another source implies that the Taliban may have acquired another device that the Intercept DIDN’T reference. The Taliban may not only have acquired live HIIDE devices, but also may have acquired devices from another company called SEEK.

(Yes, folks, these devices are called HIIDE and SEEK.)

At the time that this was revealed, I posted the following comment on LinkedIn:

Possession is not enough. Can the Taliban actually access the data? And how much data is on the devices themselves?

Someone interviewed by the Intercept speculated that even if the Taliban did not have the technological capability to hack the devices, it could turn to Pakistan’s Inter-Service Intelligence to do so. As we’ve learned over the years, Pakistan and the Taliban (and the Taliban’s allies such as al Qaeda) are NOT bitter enemies.

As I said, I don’t know enough about HIIDE and SEEK, so I’m not sure about some key things.

  • For example, I don’t know whether their on-board biometric data is limited to just biometric features (rather than images). While there’s the possibility that the devices stored biometric images, that has a drawback because of the large size of the images. Features derived from the images (which are necessary in matching anyway) take up much less storage space. And while biometric images are necessary in some cases (such as forensic latent fingerprint examination), there’s no need for images in devices that make a hit/no-hit decision without human intervention.
  • In addition, I don’t know what textual data is linked to the features (or images) on these devices. Obviously the more textual information that is available, such as a name, the more useful the data can be.
  • Also, the features stored on the devices may or may not be useful. There is no one standard for the specification of biometric features (each vendor has its own proprietary feature specification), and while it may be possible to convert fingerprint features from one vendor system to be used by another vendor’s system, I don’t know if this is possible for face and iris features.

Best-case scenario? Even if the Taliban or its friends can access the data on the devices, the data does not provide enough information for it to be used.

Worst-case scenario? The data DOES provide enough information so that EVERY PERSON whose data is stored on the device can be identified by a Taliban-equivalent device, which would presumably be called FIND (Find Infidels, Neutralize, Destroy).

I’ll return to that “every person” point later in this post.

But biometric data isn’t the only data that might have fallen into the Taliban’s hands.

What data could the Taliban get from non-biometric devices?

Now Politico has come out with its own article that asserts that the Taliban can potentially acquire a lot of other data. And Politico is not as pessimistic as the Intercept about the Taliban’s tech capabilities:

That gives today’s technologically adept Taliban tools to target Afghans who worked with the U.S. or the deposed Afghan government with unprecedented precision, increasing the danger for those who don’t get out on evacuation flights.

Before looking at the data the Taliban may have acquired, it’s useful to divide the data sources between data acquired from clients and data acquired from on-premise servers. HIIDE and SEEK, for example, are clients. (I’m only talking about on-premise servers because any data stored in a US government cloud can hopefully be secured so that the Taliban can’t get it. Hopefully.)

Unlike HIIDE and SEEK, which are mobile client devices, the Politico article focuses on data that is stored on on-premise Afghan government servers. It notes that American IT officials were more likely than Afghan IT officials to scrub their systems before the Taliban takeover, and one would hope that any data stored in US government cloud systems could also be secured before the Taliban could access it.

So what types of data would the Afghan government servers store?

Telecom companies store reams of records on who Afghan users have called and where they’ve been. Government databases include records of foreign-funded projects and associated personnel records.

More specifics are provided regarding telecom company data:

Take call logs. Telecommunications companies keep a record of nearly every phone call placed and to whom. U.S. State Department officials used the local cell networks to make calls to those who were working with the United States, including interpreters, drivers, cooks and more…

And mobile phone data is even more revealing:

Cell phones and mobile apps share data about users with third-party apps, such as location data, that the Taliban could easily get…

The geolocation issue has been known for years. Remember the brouhaha when military users of a particular fitness app effectively revealed the locations of secret U.S. military facilities?

Helmand province in Afghanistan. Photograph: Strava heatmap. Reproduced at https://www.theguardian.com/world/2018/jan/28/fitness-tracking-app-gives-away-location-of-secret-us-army-bases

In locations like Afghanistan, Djibouti and Syria, the users of Strava seem to be almost exclusively foreign military personnel, meaning that bases stand out brightly. In Helmand province, Afghanistan, for instance, the locations of forward operating bases can be clearly seen, glowing white against the black map.

Now perhaps enemy forces already knew about these locations, but it doesn’t help to broadcast them to everyone.

Back to Afghanistan and other data sources.

Afghan citizens’ ethnicity information can also be found in databases supporting the national ID system and voter registration.

This can be used by digital identity opponents to argue that digital identity, or any identity, is dangerous. I won’t dive into that issue right now.

Politico mentions other sources of data that the Taliban could conceivably access, including registration information (including identity documents) for non-governmental organization workers, tax records, and military commendation records.

So if you add up all of the data from all of the Afghan servers, and if the Taliban or its allies are able to achieve some level of technical expertise, then the data provides enough information so that EVERY PERSON whose data is stored on the servers can be identified by the Taliban.

Before we completely panic…

Of course it takes some effort to actually EMPLOY all of this data. In the ideal world, the Taliban would create a supercomputer system that aggregates the data and creates personal profiles that provide complete pictures of every person. But the world is not ideal, even in technologically advanced countries: remember that even after 9/11, it took years for the U.S. Departments of Justice, Homeland Security, and Defense to get their biometric systems to talk to each other.

Oh, and there’s one more thing.

Remember how I’ve mentioned a couple of times that the Taliban could conceivably get information on EVERY PERSON whose data is stored on these devices and servers?

One thing that’s been left unsaid by all of these commentaries is that this data trove not only reveals information about the enemies of the Taliban, but also reveals information about the Taliban itself.

  • The HIIDE and SEEK devices could include biometric templates of Taliban members (who would be considered “enemies” by these devices and may have been placed on “deny lists”).
  • The telecommunications records could reveal calls placed and received by Taliban members, including calls to Afghan government officials and NATO members that other Taliban members didn’t know about.
  • Mobile phone records could reveal the geolocations of Taliban members at any time, including locations that they didn’t want their fellow Taliban members to know about.
  • In general, the records could reveal Taliban members, including high-ranking Taliban members, who were secretly cooperating with the Taliban’s enemies.

With the knowledge that all of this data is now available, how many Taliban members will assist in decrypting this data? And how many will actively block this?

Oh, and even if all of the Taliban were completely loyal, any entity (such as the Pakistani Inter-Service Intelligence) that gets a hold of the data will NOT restrict its own data acquisition efforts to American, NATO, and former Afghan government intelligence. No, it will acquire information on the Taliban itself.

After all, this information could help the Pakistanis (or Chinese, or Russians, or whoever) put the, um, finger on Taliban members, should it prove useful to do so in the future.

Then again, Pakistan may want to ensure that its own digital data treasure trove is safe.

Technology without a revenue plan will not survive

This tweet is trending.

And while Confidently Zay is missing the old MySpace, I myself run in circles that miss the former social service FriendFeed.

So what happened to these two innovative services?

  • Well, Tom may be long gone, but MySpace still exists today. It is branded as part of the “People / Entertainment Weekly Network.” And there are a number of people on the network, like a guy with the name Kanye, another guy with the name Avicii (yes I know he’s dead, but he has a MySpace profile), and others.
  • As for FriendFeed, if you try to go to friendfeed.com you end up at facebook.com. The service survived for several years after Facebook acquired it, but Facebook finally shut down the servers in 2015.

Let’s dig into the details of why these services are not what they used to be.

So what happened to MySpace?

At one point MySpace was the king of all social media, having acquired the title from Friendster. After being founded in 2003, it boasted one million members in 2004 and 16 million users in 2005, and was recognized as the social network until Facebook surpassed it in users in 2008.

MySpace offered several advances over Friendster, including an emphasis on scalability and the inclusion of various tools to allow people to build their own personal communities.

Yet MySpace’s founders chose to sell the service to News Corp. (Rupert Murdoch’s outfit) in 2005 for $580 million. A few years later, in 2011, News Corp. sold it again…for only $35 million. Tom, who stayed with the company after News Corp. acquired it, retired in 2009.

Why did Tom et al sell the service to News Corp. in the first place? And why did News Corp. buy it?

  • For the owners of Intermix (the company that ran MySpace), the attraction was money. MySpace wasn’t a big money-maker; recorded monthly revenues in March 2004 were $135,000. Presumably it made more money in future months, but even as late as December 2004 the service was only valued at $46 million. After the sale to News Corp., Tom Anderson signed an employment agreement giving him $30 million.
  • As for News Corp., it didn’t acquire MySpace for MySpace. It acquired MySpace because it added value to the Fox properties.

“Intermix is an important acquisition for News Corp., instantly doubling the number of visitors to our sites and providing an ideal foundation on which to meaningfully increase our Internet presence,” News Corp.’s Chairman and CEO Rupert Murdoch said in a statement.

Basically, MySpace was worth more as a feeder to Fox Sports et al than it was as a standalone service. And it became worth even more when it inked a lucrative $900 million advertising deal in 2006.

But as MySpace enjoyed the profitability it never had in its first year, its original users were being driven away.

MySpace became inundated with intrusive ads, many of which led to dubious pages asking users to sign up for credit cards and other services. Money was hemorrhaged out of developer resources as a “massive spaghetti-ball mess” of sections were created to try and generate revenue that would meet News Corp’s unattainable targets. Ultimately, a failure to focus on what its community wanted and the usability of the site saw users leave for other platforms.

Now the common version of the story is that Confidently Zay’s MySpace utopia was ruined by Murdoch’s takeover. In this version of the tale, Moneygrubbing Murdoch killed the golden goose.

The truth, however, is that the utopia of MySpace was ruined by its founders BEFORE Murdoch came on the scene. After all, if the original MySpace had enjoyed nice profits, Tom et al would never have had to sell the service to Murdoch in the first place.

Let’s face it: the Confidently Zay version of MySpace that had no ads was never going to survive anyway, unless the founders had come up with another monetization method. They didn’t.

When Murdoch’s company sold the firm, and when it was sold again, MySpace was rebranded as a music site, and survives as such today. But Tom’s out taking scenic photos, so he’s happy. Maybe he even bought a new t-shirt.

Whoops, I guess he didn’t.

And what happened to FriendFeed?

As News Corp. was working on monetizing MySpace, and Mark Zuckerberg was planning for Facebook world domination, other social media services entered into the fray.

In 2006 and 2007 alone, three notable services were launched: Twitter, Tumblr, and FriendFeed. Today Twitter is by far the most popular of the three, Tumblr is still around somewhere, and FriendFeed no longer exists.

Even those of us who used FriendFeed often forget this, but FriendFeed actually started as a feed aggregator. It wasn’t known for content creation, but was instead known as the place where you could share all of your social content from other services. The benefit was that readers didn’t have to visit every single walled social service to see your content; they could see all of it on FriendFeed. This in itself was a relatively new concept, as “lifestreaming” became a thing.

Eventually FriendFeed expanded from resharing content from other places began to host original content…coupled with new innovations:

When I post something to FriendFeed, all of my friends see it. If one of them comments on it or “likes” it, then two things happen that don’t happen on Facebook. First, our conversation suddenly appears in the news feed of all the friends of the person who commented on my item – whether they know me or not. That doesn’t happen on Facebook. I can see the names of people who comment on my friends’ items – but if my friends comment on items shared by their friends I don’t know – there’s no notification of that in my news feed.

Second, whenever anyone comments on or “likes” any item that’s appeared in my stream of friends’ updates – it’s pushed back up to the top of my FriendFeed page. That makes it all the more likely that I will comment on it again or for the first time.

This 2009 comment highlights two things that are common in social media today, but were rarities 12 years ago.

  • Liking things. Yes, FriendFeed pioneered the “Like” button, although other companies (including Facebook) quickly copied it. There used to be a video that noted one FriendFeed user had amassed tens of thousands of likes. Now everyone does it.
  • Dynamic feeds. Previously, feeds were chronological and static, but FriendFeed advanced some changes to the feed, including one that was very unpopular with certain segments of the FriendFeed community: updating of those static feeds as new content was posted. And, as noted above, comments and likes could also push old content to the top of the feed.

When dynamic feed updates, Michael Arrington (who was still with TechCrunch at the time) talked about it.

Of course, the impact of the innovation is dampened somewhat when you read the post today, because FRIENDFEED NO LONGER EXISTS. But you get the drift.

So FriendFeed was clearly innovative. In addition to the advances that I noted above, FriendFeed was also extremely stable, especially when compared to “fail whale” Twitter.

Revenue-wise, however, FriendFeed was subpar. During its existence before its acquisition by Facebook, FriendFeed had only participated in one funding round, and in that case the funding was from the founders. In terms of establishing a constant revenue stream, FriendFeed claimed to be ahead of other “lifestreaming” services (Plaxo, Iminta, Socialthing, Lifestream.fm and Zude). But FriendFeed had other competition:

However, Facebook, MySpace and Google are all ahead in the battle to become the preferred aggregators of social data, which is crucial if they are to build any significant revenue streams.

And while MySpace wasn’t exactly innovating at the time, Facebook and Google definitely WERE, with Facebook experimenting with the like and eventually acquiring FriendFeed itself. Google, of course, would launch Google+ in 2011 in an attempt to create a social network that united all of Google’s disparate services.

As it turned out, FriendFeed’s founders decided to cash out rather than try to keep FriendFeed independent. The founders stayed with Facebook for a while before leaving, but worked on projects other than FriendFeed for their new corporate overlords: Facebook’s acquisition of FriendFeed was clearly a talent acquisition, although most of the talent (Benjamin Golub being a notable exception) has long since departed.

FriendFeed’s founders were clearly cool technologists. Ironically, they were such cool technologists that they could have lived on their past glories (Gmail, Google Maps) and didn’t NEED for FriendFeed to make money. Perhaps that’s why a revenue model never really entered the equation.

How Facebook was different

In the Internet world, companies fail more often than not. Those companies that survive and thrive for years are rare. For every Microsoft and Apple (formerly Apple Computer) there is an Ashton-Tate or Lotus.

And in the world of social networking, Facebook (and probably Twitter) are unusual.

Why did Facebook survive while MySpace declined and FriendFeed disappeared?

While technological advances and scalability obviously contributed, the important thing about Facebook is that it established a recurring revenue stream. Five years after Facebook was founded in a dorm, it turned a profit from “from applications sold through the website and online advertising.” This ability to generate its own profits, rather relying on funding from outsiders, allowed Facebook to continue to expand. While short-term profits were bumpy around the time of Facebook’s IPO, the company weathered this storm. These days, revenues are…pretty good.

The founders of MySpace and FriendFeed could only dream of such revenue numbers.

Or, more accurately, they DIDN’T dream of those revenue numbers.

This is just a reminder of something that I’ve seen in a lot of situations: the coolest technology won’t amount to anything if it doesn’t produce revenue.

Yes, Walmart IS a technology company

I recently wrote something that mentioned various technology companies, and I initially included Walmart in the list.

Initially.

The post cataloged the companies that former coworkers were now working, and I wrote it knowing that one of my former coworkers was a Walmart. Well, you don’t know what you think you know. It turns out that this former coworker is no longer at Walmart (as I write this, she is at Comcast), but I had THIS entire post written up about Walmart as a technology company. So I’m going to go ahead and post it anyway.

Technology for better living

While many of us don’t think of Walmart as a tech company, in truth it is a tech company, and technology innovations play a key part in Walmart’s corporate dominance in its markets over many other players.

Sometimes Walmart dominates so much that other stores go out of business. This is a 2011 photo of a Sears big box store with subway station in Rego Park, QueensNew York CityNew York. This location closed in 2017. By Jim.henderson – Own work, CC0, https://commons.wikimedia.org/w/index.php?curid=17912322

I was first exposed to Walmart’s technology orientation many years ago, even before Walmarts began opening in earnest in Southern California. At the time I was working for a consumer goods company, and Walmart was one of my company’s customers. Obviously Walmart was a big customer, and big customers have the power to tell their suppliers what to do.

Today’s acronym is EDI

And Walmart wanted the consumer goods company to do EDI.

EDI stands for “Electronic Data Interchange,” and it offers a computerized method for two business entities to communicate business data between each other. Thus, Walmart was asking my employer to transmit data relating to our shipments of product to various Walmart stores, and Walmart incorporated this data into its internal inventory systems.

EDI has progressed a long way since I worked for that consumer goods company (the graphic above does NOT illustrate the flow that my former employer was using), but the basics remain the same.

Electronic data interchange (EDI) is a standard format for exchanging business documents. These documents are exchanged between suppliers and retailers. EDI is made up of two components: translation and communication. During the translation process, the business data is changed into a standardized EDI format.

Once the business document is translated into a standardized EDI format it is communicated (electronically sent) to the intended recipient. Just like with translation, there are various methods of EDI communications available. The method that is used by Walmart and their suppliers is AS2.

Not AS3, not AS1. AS2. Walmart is Walmart.

But not just EDI

And as you may guess, Walmart uses a number of other technologies to keep its mammoth business running. Such as blockchain.

How do you know your food is safe to eat?

This isn’t a question many of us often ask ourselves. But lately, food safety has been in the public eye: 2018 has already seen a large outbreak of E. coli in romaine lettuce and Salmonella in a number of products from eggs to breakfast cereal….

Today, Walmart and Sam’s Club sent a letter to suppliers of fresh, leafy greens asking them to trace their products all the way back to the farm using blockchain technology. Suppliers are expected to have all these systems in place by this time next year.

Again, Walmart is Walmart, and it wanted the suppliers to comply. And the suppliers had some work to do to come into compliance.

The basic requirement for those in far-flung rural areas includes a mobile device with geolocation features, so that other information such as date of harvest and size of the crop can be associated with specific coordinates. In cases where a farm might not be covered by wireless access, the information can be uploaded when there is coverage.

And yes, agriculture has moved far away from the family farm and is now accurately described by the term “agribusiness,” but I’m sure these agribusinesses weren’t thrilled about requiring the capture of geolocation, date, and harvest size data as a mandatory step in harvesting. And if there are any family farms left, they REALLY weren’t thrilled. (Not that small family farms are doing business with Walmart, but these requirements are going to flow down to smaller food sellers also.)

So yes, these data capture and blockchain requirements are onerous from the suppliers’ perspective. But think of Walmart’s perspective for the moment. If Walmart can convince its customers that its foods won’t make them sick, and if Walmart’s competitors can’t do this, then Walmart has a clear competitive advantage.

The retailer was motivated to focus its first “substantive, not symbolic” declaration as a result of several highly publicized E. coli outbreaks in the United States… — including five deaths — that were related to tainted romaine lettuce, according to Frank Yiannis, vice president of food safety and health for Walmart.

And not just Walmart

And these and other modern technologies are necessary for Walmart or any multi-billion dollar firm, or even much smaller firms. As I said, eventually consumers will demand blockchain or similar food tracing from all grocery stores.

Dollar General store in Arlington, Georgia. By Michael Rivera – Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=61224685

Yes, even Dollar General is embracing technology, but as far as I can tell it is concentrating on consumer-facing technology and hasn’t adopted blockchain yet. But I could be wrong.

These days, long after my former consumer goods employer went out of business, you’re not going to run your business on a Lotus 1-2-3 spreadsheet, even if Lotus IS integrated.