
An open challenge to PandoDaily - davewiner
http://scripting.com/stories/2012/03/02/anOpenChallengeToPandodail.html
======
tatsuke95
Pando Daily appears to be trying to recreate the TechCrunch of last year,
rather than the TechCrunch of 3+ years ago. This is the same guy who wrote the
mocking article on Ireland's startup scene. I guess he's filling the MG
Siegler role.

You know what would be awesome? Some solid technology journalism. The last
thing we need is another conflicted, industry mouthpiece. If this is the
content they're pushing, I hope it fades into oblivion.

~~~
jerhewet
And, if I might be so bold:

Technology != Consumer-Oriented Devices

Edit (before the downvotes hammer this comment into oblivion): The subject
here is "tech journalism". I don't consider puff pieces about smartphones, MP3
players, your cell carrier, or anything else related to consumer-grade
products to be "tech journalism".

I've pretty much stopped listening to "tech podcasts" and subscribing to "tech
magazines" because of this problem. They're not delivering anything even
vaguely related to technology any more. They're telling me about the latest
iPhone or iPad press release, or how some cell carrier is doing something that
I really could care less about. Just like I don't care about the latest
digital camera, or the latest MP3 player.

~~~
athesis
Which tech magazines do you read and recommend?

~~~
jerhewet
Maximum PC. Hands down the absolute best computer tech magazine on the market.
Also highly recommend "This Week In Computer Hardware"
(<http://twit.tv/show/this-week-in-computer-hardware>) for a tech-related
podcast.

I've stopped listening to "Buzz Out Loud" because of its wall-to-wall
smartphone coverage. And I'm about to give up on "This Week In Tech" (along
with four or five other podcasts) for the same reason.

------
xpose2000
To put it another way:

If your address book data was stolen and made public because of poor practices
by one of your apps, you'd be pretty upset right? PandoDaily mocking that type
of situation is somewhat alarming.

However, if PandoDaily doesn't care about that type of scenario then go ahead
and publish their address books. Otherwise, it's no laughing matter.

Edit: I agree with Dave's point. They wouldn't share it because no one wants
this to happen. Therefore they shouldn't be mocking something that is fairly
serious.

~~~
davewiner
Thank you. That was the point of the challenge.

------
laconian
The author of the Pando article is 18 years old. He's not at the age where he
has been burned by something he did when he was young and dumb. He's hard at
work building a great foundation for what that moment arrives, though!

~~~
davewiner
A net naive.

------
redthrowaway
My open challenge to PandoDaily is to stop being utter shit. That's it. No
clever attempts to trap them into defending their beliefs, just improve to the
point where they in some way, shape or form resemble a credible journalism
outfit.

------
michaelmior
I think the point of the PandoDaily post was that you're already trusting apps
with access to your data. You've granted permission for the app to access it
any time. When I grant permissions for an app to access by data, this doesn't
mean I am allowing my data to be published for the world to see. That's what
privacy policies are for.

~~~
jimbobimbo
...and Dave response's point is that there's no way to guarantee the privacy
policy is obeyed, unless it is enforced one way or another. User expectations
with regards to the private data were supposed to be guarded by App Store
approval process and Apple's iOS access restrictions, however this and now
photos somehow slipped through.

Pando's mocking of the situation with clipboard example is off the mark.
User's expectations from the clipboard is to actually share data (between the
applications). Yes, there's a chance that app will publish the contents of
your clipboard, but I don't think many users will _store_ sensitive data in
the clipboard anyway. In other words - vulnerability of the clipboard is an
acceptable trade-off, however accessibility of contacts, photos, other private
data is really not.

~~~
michaelmior
Privacy policies can rarely if ever be enforced or guaranteed. This isn't
something new. I can't think of many cases where a third party guarantees
adherence to privacy policies. Ultimately if you give someone access to your
data, you have to trust that they treat that data appropriately.

------
bsimpson
The whole point of the PD article was that you trust developers to not do
these things because market forces keep them in check. If an app was abusing
your privacy, it would be revoked by the marketplace (Apple, Google, BN, or
Amazon) and its developer's reputation would be tarnished.

Of course, maintaining a database of sensitive information is rife with risk,
and it's completely fair for journalists to point that out. However, Path,
Hipster, Instagram, etc. have no intention of leaking your data. An article
reminding us to give developers the benefit-of-the-doubt in these cases is not
even remotely the same thing as an article defending leaking personal data.

It's therefore disingenuous of the author to suggest that reminding people to
be civil in the ways they react to these situations implies that we should all
be comfortable publicly posting our personal rolodexes.

Someone else's contact information is not your IP to divulge; however, that
doesn't mean we need to start a witch-hunt about it.

~~~
davewiner
There are hundreds of thousands of apps. Not all of them have reps that can be
tarnished.

------
kmfrk
Here is another great article about the credibility issues the Silicon Valley
industry has because of its conflict of interest:
[http://www.latimes.com/business/la-fi-
hiltzik-20120222,0,704...](http://www.latimes.com/business/la-fi-
hiltzik-20120222,0,704588.column).

------
untog
This is a false comparison.

Uploading your address book to Path is _not_ the same as an app locally
reading the contents of your clipboard and asking if you want to use that
data. It's not even in the same league.

And, loathe though I am to defend PandoDaily, the OP misses the point of their
article. Uploading your address book to an app is different than posting it
publicly because people trust Path their their data. If they didn't then the
really shouldn't be using it in the first place.

~~~
smacktoward
> Uploading your address book to an app is different than posting it publicly
> because people trust Path their their data.

Are you sure about this?

Has every Path user really reviewed Path's data security policies and deemed
them satisfactory? Do Path users even have access to that information? And if
they did, would most of them be in any position to evaluate it knowledgeably?

Or isn't it more likely that they trust Path because _they don't know the full
scope of what Path has access to?_ Blind trust is easier to extend to someone
the less information you're trusting them with, after all.

~~~
billpatrianakos
I'd argue that ven if they read the security policy they wouldn't understand
it anyway. When you're surrounded by hackers it's easy to think everyone has
some basic understanding of computers but in reality most people are lucky if
they know how print a damn Word document.

This really is a false comparison. Accessing an address book for the app's use
only and accessing the address book for public publishing are so far apart
it's ridiculous. Security policies don't mean anything. If data is stored
digitally there will always be a way to compromise its security no matter how
much encryption, SSL, etc. you use. Security, especially on the web is a total
misnomer. All you can really do is make it inconvenient to access.

Trusting a company isn't about their data privacy and security policies. It's
about their brand to a large degree. Their track record and other peoples'
experiences with the app. I'm in the camp that understands these policies and
what they mean but thats not the reason I trust the company behind an app. I
trust Google with my docs because they have a good track record. Facebook I
trust as a necessary evil. Scratch that, I don't trust Facebook but I use it
anyway because I'm banking on the odds. I think that's what it boils down to
for most average folks. If the odds are that they'll have no trouble then
that's a risk they're willing to take. If there's a breach of security and a
bunch of people have their data exposed (but I'm not affected) well that makes
me think twice not because of the breach itself but because of all the pile-on
press coverage.

I'm one who firmly believes that people don't make their own minds up about
this stuff. The average person's view of this whole app uploading address
books thing is based purely in whichever side of the manufactured debate is
the loudest and seemingly most expert-y. After watching how people use the
web, their computers, and their smartphones for some time now I've become
really cynical when it comes to this stuff. People don't seem to care until
someone writes a blog post that tells them they should care.

~~~
smacktoward
_> People don't seem to care until someone writes a blog post that tells them
they should care._

But that's the point, isn't it? They shouldn't have to care! People shouldn't
have to be security experts to use a phone. The phone should protect them _by
default_ and make them have to jump through hoops to waive that protection,
rather than the other way around.

~~~
billpatrianakos
The phome ismt what's insecure though in this case. We're talking about the
security of the servers that these apps are sending data to. For some reason
people think about phones differently than any PC running whichever OS. If the
app store didn't exist and we got smartphone apps the way we all used to (and
to large degree still do) download PC programs I doubt anyone would be upset
with Apple. All the blame would be solely on the app developers. Apple polices
the app store and locks down iOS a lot as it is. If Path were a native Mac or
Windows program and it was accessing data from other programs we'd all be
screaming that it's some kind of spyware. We'd probably sayng that Path itself
should be asking permission to access data, not the OS. But because we have
the app store and have come to have this strange relationship with Apple where
we bitch about how locked down the devices are but at the same time want them
to protect us from apps like Path we're placing some responsibility on Apple.
I don't think it's right. We need to decide if we like our locked down devices
or if we want Apple to stop playing babysitter for us.

------
moadeel
This is apples to oranges. Most users, use applications because they find
about it from trusted sources. They are more interested in just using the
application and moving on. Users have shown time and again that as long as the
source is trusted (friends, media, overhyping blogs) then they leave it up to
the company to make sure their data is _private_. Calling to a challenge of
posting everything to public is misstating what users actually provide: a
permission to take their data and keep it private versus here is my data for
the rest of the world to see. There is a social contract between the user and
the company that is bound by the trust that "my info will not be leaked" and
looking at the history of the web I think the companies backed by competent
teams take this contract very seriously.

~~~
methoddk
So it's okay that Twitter, Facebook, Path, etc, all have my contact list and
possibly more? The point isn't that users trust they are keeping the data
safe, its that they took it without asking up front. Those apps may be out to
make its users lives easier, but I would like to know when they are taking my
personal data and _keeping it for 18 months in an archive_

Either way, TC was/is lame. PandoDaily is too.

~~~
moadeel
It is not okay in the legal sense. But it has been given a green light far too
many times by tacit approval of the users who could care less so long as the
info is not leaked.

------
byrneseyeview
"When you said X, you probably meant Y. But I bet you don't believe Y, thus
you were lying about X."

How many pointless arguments take this form? He should articulate why he
considers the situations comparable, so the Pando people have something to
disagree with.

~~~
davewiner
This is a little abstract for me, so I'm not sure I understand the objection.

Their point is that we are being silly for caring where our personal data
goes.

If we're being silly, here's an easy way to prove it. Show us how careless you
are with your own personal data.

If there's a limit, something you won't do to show how casual you are about
it, then we found something that we agree on.

My belief is they haven't thought it through, and are just being cute for the
sake of being cute, about something that is very serious.

Actually trying to help them find a good place. Because where they are now, is
not good.

Of course imho and ymmv.

~~~
pbreit
The article referenced an app accessing the clipboard (x) and your challenge
involved uploading all of one's contact information and pictures (y).

~~~
davewiner
You missed the bigger story that they were making light of.

~~~
pbreit
I didn't miss it.

------
nutanc
Nice post. If an application on our computers would upload all our contact
details, our bookmarks etc to their servers to make it "easy" for us, would we
agree to that. Guess we are just using these apps without worrying about the
security. Good that people like Dave are bringing it out to the open.

------
alexwilliams
Pando Daily's cynicism is only matched by society's indifference to data
privacy.

~~~
newman314
s/cynicism/trolling/

FTFY

------
bigtech
PandoDaily appears opaque about their bias to me, so I don't read it.

------
wyclif
Edit: needs a question mark after "editing".

------
shpoonj
Don't download an app unless you trust the folks who made it. It's not on the
company, it's on you. You are responsible for yourself and the security of
your information. It's not Instapaper's job to watch your shit.

Also, call a spade a spade. If you want to issue them a challenge, ask them to
download the Facebook app or the Path app or any of the other infringing apps.
But they already have. They have already done the thing they're being accused
of being uncomfortable with.

How sharing information from your iPhone with a company and publishing it
online for the world to see are equivalent, I can't fathom.

------
falling
So, since every single application in your computer can access all of the same
data and do whatever they please, has had that ability since forever and we
see that as an advantage (see problems with adding sandboxing on the Mac), why
are we so concerned about it on our phones and completely ignore the issues
otherwise?

The only reason I could come up with is that on the phone we have apps that
actually use that data, social networks of various fashions, while on our
computers we mostly use apps to do stuff and social networks stay in the
browser.

Should we be asking OS vendors to add those checks to our computers too?

~~~
davewiner
People are much less careful with what they download and install on their
iPads and iPhones because of Apple's assurance that the apps are safe.

~~~
jsavin
Exactly. There's an implicit promise to Apple's sandbox and theirs and Jobs'
statements about how they're protecting users from Internet scaries (including
porn and other "offensive" content) has given users an incorrect impression
that data on their phones is safer than data on their computer. Add to that
the fact that most adults remember an era when cellphones had no connectivity,
or only USB or serial connections, and its not hard to see how people missed
this.

Now the platform owners (Apple, Tootle, Microsoft, etc) must respond to keep
the promise they've made, whether stated or implied, or eventually users will
rebel. But until the response or rebellion happens, how much damage will be
done?

The platforms will adapt, and users will eventually upgrade or move to
competitors, but it will take months or years.

------
AznHisoka
Nice try. No Pagerank for you!

~~~
cheald
....do...you even know who Dave Winer is?

~~~
AznHisoka
why does that matter? I'm judging the content of the article, and it's just
accusing another blog of something, just drama.. no valuable content here.
just pointless, trivial drama looking for an ego boost.

~~~
cheald
Hint: scripting.com has a better pagerank than PandoDaily.

He's the guy who practically _invented_ blogging.

~~~
AznHisoka
again, that doesn't matter. Even after knowing who he is now, trivial content
is still trivial content. And he might've invented something, but blogging
most definitely isn't it. Blogging was going to be come about inevitably once
someone invented the internet - that was the hard part. Blogging is just an
extension of people expressing themselves.

~~~
hking329
Please, please. Why go there? You've got this thread where you could be having
a discussion on an interesting and important topic, but you're wanting to fork
it into a personal attack over something that's irrelevant to the topic and
that has been discussed ad ad nauseum on tens of thousands of other such
threads.

