October 8, 2004
paris doors
Yes, I am still in Paris.
Paris apartment buildings are interesting. To get inside the building you first need to pass through 2 doors– the outside street door and the inside courtyard door.
Say you are visiting a friend in Paris and you want to ring his doorbell. The doorbell is only on the inside, by the courtyard door. To ring that, first you have to get through the street door. The only way to do that is by pressing a five digit code (say, 12B45) known only by the people in the building and their friends and people they trust.
So if you have an apartment in Paris and you have a friend coming over for the first time, you’ll say to him, “I’m at 56 Rue de Whatever. My code is 12B45. Then ring my doorbell once you get into the courtyard.“
Unless you already know the code, you don’t get in. Only people who are already trusted get to ring the doorbell. Door-to-door solicitations just don’t happen.
A simple method that works.
It’s Permission Marketing at its finest. Somebody should invent an application that does the same for e-mail. Or perhaps other gizmos that makes mass-advertising and unsolicited marketing pretty much impossible.
Perhaps something like a new daily code that changes every 24 hours, available via RSS…?
I love Paris.
[UPDATE: 6pm]
Kim Polese introduced Spikesource and suddenly Fred Wilson plans to sell his Microsoft stock.
We’re only just getting used to the idea of the recorded music industry being toast. Bill Gates being toast is a bit harder for us mere mortals to get our heads around.
Whatever. There’s a fun new space that’s opening up in the business world:
“Be the best in the world or die.“
Some companies can handle that space; others can’t. Spikesource obviously thinks it can, which is what’s driving the current excitement.
Like the old song says, it ain’t whatcha do, it’s the way that you do it.
The proportion of companies that have to be able to handle that space just in order to survive (let alone grow and prosper) is expanding at such a fast rate it’s starting to get kinda thrillseeker-scary etc.
[UPDATE: SATURDAY]
Hmmm… Coca Cola has started blogging, it seems. Using Typepad software, it seems. Quite an amusing story how it wasn’t password-protected at first, and how it was soon spotted by the outside world.
Somebody’s head is rolling at the moment, I am sure.
OK, I’ll shut up about blogs now.
I’m still in Paris. Having fabulous time. Drawing wee cartoons on the back of business cards and handing them out to sweetheart Montparnasse waitresses.
Heh.
"Hugh's Daily Cartoon" Newsletter.
A new cartoon sent out every weekday morning to your inbox [RSS version here.].
A wee chuckle to start your day off right etc.
I’ve been following gapingvoid for a while, I think I found it though del.icio.us and Warren Ellis.
I’ve been living in Paris for 6 months now. Your observation today is the smartest thing I’ve heard in weeks.
Seems to me that cellphones work similiarly, as there is no central directory of numbers. You have to give someone your code “phone number” before they can interupt you.
If only “dialing emails at random” wasn’t so cheap and easily automated.
I think that you have described a low-tech public-key encryption system. To apply this to email one would have the server reject any mail addressed to you that was not encoded with your public key.
If I’m understanding all the ramifications correctly.
there is an email service that does this…a few, actually, but the one i’m familiar with is earthlink’s spam blocker – you send someone an email and if the person does not have you on a list of approved email addresses, your email is redirected to a special folder and you get an autoreply with a link that takes you to a page where you fill out a form to request that the recipient add you to the list.
Yeah, I know what you mean… Mailblocks.com and whatnot. The Parisian solution seems more elegant, somehow…
Only people who read my blog know my email address because it’s the only place I give it out. My business card only has my gapingvoid URL on it.
Peter: It’s actually symmetrical encryption (shared key) rather than any concept of a public or private key. Pretty insecure in computer terms.
In an asymmetrical system, you’d take the building number, put it through a function with your private key, enter that combination, and the building would decrypt the combination with your public key (that the inhabitant already entered, showing that you’re welcome). The person inside the building wouldn’t need to provide any of his private keys to let you in, just his keyring of public keys, one of which should be yours.
That’s how digital signing would be analogized, anyway. And it’s the closest thing to what should be done (as someone at the door, you should be able to prove that you are who you claim you are.)
I don’t see why you’d try to implement asymmetrical *encryption* – there is no message. You’d only use someone else’s public key if you’re sending them information that nobody else should read (only they should be able to decrypt with their private key).
Sorry to ramble, but a signature system sounds much easier to remember than a new daily code via RSS. If your public key is in the building’s keyring, and you have the private key to match that public key, you’re in. Just remember your private key and you can get into any building with the same key. The downside is of course that the building’s software can log exactly who came in when.
Wow, there so many people reading this post who are far smarter than me on this subject. Heh.
A whitelist solution (mailblocks.com) is what access cards are. Swipe your card through a reader and if your ID is authorized to enter, you’re in.
The reason public key signing doesn’t work this way is that the card reader now knows your password (ID) and someone who has access to it can get into other places only you should be able to.
I hardly get any spam since I replaced the “dot com” bit of my e-mail address at the top of my homepage with the word “etc.“
The “outside door”, in this case, is not a bit of tech, but the sender’s power of reason.
Works very well
seems like there would be a way in gmail to route (using filters) any email that comes from a ‘trusted address’ — or an address you’ve already added to your contacts list — to your inbox, and the rest to trash/spam. I’ll have to play with that now…
tho gmail does a pretty superb job of routing spam away from me anyway. i get about 2 a month that should go to spam, but don’t. not bad considering how much my address is out there…
great idea though.
The funny thing is that most of the time when you don’t know the code, you give a phone call to your friend to get the code. Some time, your friend opens his window and tell you the code letting all people in the street kowing this stupid code…
Marc Jolivet, who is a French humorist, has done a very funny story about this.
French are this way
(I’m French !)
It’s not quite an access card solution. A code, rather than a card, is easier to use (but less secure) because it isn’t tied to a physical object. You can write it down, email it to someone, etc.
Maybe the electronic analog *is* shared key encryption. Yes, that’s pretty insecure, but for this application, who cares? You’re using the key to demonstrate that you have permission to send the person email, *not* to secure the content of the email.
On a completely different note to all of the above encryption theory (Oh, the computer science lectures come flooding back…) I’d like to comment on:
“Be the best in the world or die“
Cos it sounds cool. Like a Hollywood high-concept movie. But like a high-concept pitch, there are very few Aliens out there (Jaws on a spaceship) and far more Aliens vs. Predators (Aliens and Predators do 10 rounds). I’m talking about the homogenisation of individual expression into the singular over-riding brand; one brand will solve all your needs; we know how you liked stuff before and now we’re gonna give it to you on a very big, very welcoming plate.
Investors don’t look at cultural wealth in terms of diversity, in the creation of choice by supporting a multitude of small business all making small, dependable profits. No, they want huge growth to create huge returns. That’s where the mortality rate goes up and the numbers at the head of the food chain goes way down.
Spikesource shouts out proud about its ground-breaking way of bringing order to the new open source community. But isn’t it just doing the very same thing? Making life simple for us simple folk, letting someone else do the “hard work” — reducing the thought involved, reducing the choices we have to make — reducing choice?
It never starts that way, but success breeds the desire for control. Control is survival and you can’t control staying small.
Dressing up age-old business strategies with hard-hitting, lapel-grabbing slogans may be the American way, but it ain’t no paradigm shift in my book.
It’s what the Chinese would call “Te”, Ben– Harmony between thought, word and action.
Of course, I agree with what you say. Any fool dime store operation can have “world class ambition”. World class execution is far harder.
Oh how funny that we have a thread of technology when the solution has to be based on personal interaction. No technology with out the personal decision is going to work. Access to the doorbell was by personal choice.
This thinking is more about the personal control of our information than some arbitrary software. Again right on
“This thinking is more about the personal control of our information than some arbitrary software…“
Agreed, Victor. I just threw the tech out there as a possible example…
hello!!! my name’s Sergey Brin. I like your site. BIG thanx… blog’s forever!!!