Lessons from Facebook’s Stock Slide

So as Facebook continues to trade at a little over half of their market capitalization of 3 months ago, I think we can learn a few very interesting things. My goal here is not to pick on Facebook, but rather to see what we can take away and perhaps apply elsewhere. I think there are three key lessons that we can take away:

  • The Privacy Invasion Gnomes are Wrong
  • Intent Beats Identity
  • Maximizing your IPO returns may be a short term strategy

Let me start with the “Privacy Invasion Gonmes.” The short form of their strategy is:

  1. Gather lots of data on people
  2. ???
  3. Profit

This is, of course, a refinement of the original Gnome Strategy. But what Facebook shows us is:

The Privacy Invasion Gnomes are Wrong

Gathering lots of data on people is a popular business strategy. It underlies a lot of the advertising that powers breathless reporting on the latest philosophical treatise by Kim Kardashian or Paris Hilton.

But what Facebook shows us is that just gathering data on people is actually insufficient as a business strategy, because knowing that someone is a a Democrat or Republican just isn’t that valuable. It’s hard to capitalize on knowing that a user is Catholic or Mormon or Sikh. There’s a limit to how much money you make being able to identify gays who are still in the closet.

All of which means that the security industry’s love affair with “identity” is overblown. In fact, I’m going to argue that intent beats identity every time you can get it, and you can get it if you…keep your eye on the ball.

Intent beats Identity

The idea that if you know someone, you can sell them what they need is a powerful and intuitive one. We all love the place where everyone knows your name. The hope that you can translate it into an algorithm to make it scale is an easy hope to develop.

But many of the businesses that are raking in money hand-over foot on the internet aren’t doing that. Rather, they’re focused on what you want right now. Google is all about that search box. And they turn your intent, as revealed by your search, into ads that are relevant.

Sure, there’s some history now, but fundamentally, there’s a set of searches (like “asbestos” and “car insurance”) that are like kittens thrown to rabid wolves. And each of those wolves will pay to get you an ad. Similarly, Amazon may or may not care who you are when they get you to buy things. Your search is about as direct a statement of intent as it gets.

Let me put it another way:
Internet company revunue per user

The graph is from Seeking Alpha’s post, “Facebook: This Is The Bet You Are Making.”

So let me point out that two of these companies, Facebook and LinkedIn, have great, self-reinforcing identity models. Both use social pressure to drive self-representation on the site to match self-representation in various social situations. That’s pretty close to the definition of identity. (In any event, it’s a lot closer than anyone who talks about “identity issuance” can get.) And both make about 1/9th of what Google does on intent.

Generally in security, we use identification because it’s easier than intent, but what counts is intent. If a fraudster is logging into Alice’s account, and not moving money, security doesn’t notice or care (leaving privacy aside). If Alice’s husband Bob logs in as Alice, that’s a failure of identity. Security may or may not care. If things are all lovey-dovey, it may be fine, but if Bob is planning a divorce, or paying off his mistress, then it’s a problem. Intent beats identity.

Maximizing your IPO returns may be a short term strategy

The final lesson is from Don Dodge, “How Facebook maximized the IPO proceeds, but botched the process.” His argument is a lot stronger than the finger-pointing in “The Man Behind Facebook’s I.P.O. Debacle“. I don’t have a lot to add to Don’s point, which he makes in detail, so you should go read his piece. The very short form is that by pricing as high as they did, they made money (oodles of it) on the IPO, and that was a pretty short-term strategy.

Now, if Facebook found a good way to get intent-centered, and started making money on that, botching the IPO process would matter a lot less. But that’s not what they’re doing. The latest silliness is using your mobile number and email to help merchants stalk find you on the site. That program represents a triumph of identity thinking over intent thinking. People give their mobile numbers to Facebook to help secure their account. Facebook then violates that intent to use the data for marketing.

So, I think that’s what we can learn from the Facebook stock slide. There may well be other lessons in an event this big, and I’d love to hear your thoughts on what they might be.

Calyx and the Market for Privacy

So there’s a new startup in town, The Calyx Institute, which is raising money to create a privacy-protecting ISP and phone company. I think that’s cool, and have kicked in a little cash, and I wanted to offer up some perspective on the market for privacy, having tried to do this before.

From 1999 until 2002, I was Director of Technology and Most Evil Genius at Zero-Knowledge Systems, a Montreal-based startup devoted to delivering privacy-enhanced internet services. Zero-Knowledge raised approximately $71 million dollars to deliver internet privacy, and then had to pivot its business model (before pivoting was trendy). Because management pivoted and found value in what we had built, it didn’t deliver on the privacy dream, but the company did make good money for shareholders.

It’s my hope that Calyx can deliver more privacy to more people over a longer time, and make money for shareholders as it does so. To do that, they’ll need to move from the excitement accompanying their announcements to delivering products in the market. So let me turn to:

The market for privacy
There’s a lot of excitement. Nearly a thousand people have donated cash. They’ve put together a nice advisory board. That’s because people care about privacy. A lot of folks claim that there’s no market for privacy (pointing to things like Zero-Knowledge), but I believe that they’re wrong. There is a market, and it’s hard to tap into.

One of the key reasons it’s hard to tap into the market is because privacy means different things to different people. It means so many things that there’s a good book on “Understanding Privacy.” (My review.) So, does privacy mean the same thing to consumers as it will to Calyx? Resisting demands from 193 national intelligence services is great, but what about protecting me from advertisers? The disjointed things people mean by privacy make it challenging to ensure that you line up with people’s concerns.

Another issue is that privacy is rarely a thing sold in and of itself. Privacy is an aspect of some service, either by providing a privacy-protecting version of the service, or privacy protection against the service. A privacy-protecting ISP has to offer me ISP service equivalent to what I get today, or some bundle that makes sense for me. For example, I pay extra because Speakeasy didn’t demand my SSN, and had technically competent people answering the support phones. They’re less awesome since Megapath bought them, but they’re not Comcast, and they’re not running for most infuriating company in the country. Tor is an example of privacy protection against your ISP. You have to get the whole bundle right, which is likely going to be harder than getting the bundle right without privacy. Of course, sometimes it’s easier. By billing my credit card, Speakeasy doesn’t need to collect my SSN, doesn’t need to protect it, and doesn’t need to pay for a credit check. (They do have to pay a monthly cut to the credit card company, but Comcast probably also pays that for most of their customers.)

That said, consumers do care about privacy, and do spend money on it when they can understand the threat and defense. It requires entrepreneurs and hackers willing to experiment. and eventually someone’s going to make a boatload of money doing so.

For more in-depth comments on this, see my home page, especially the end of 2002 and the start of 2003.

With that, let me turn to some questions about…

What Calyx is doing
Let me start with two quotes, which is the sum of my knowledge:

This project’s goal is to raise funds for my nonprofit organization, Calyx Institute, which will launch a privacy-focused Internet Service Provider and mobile phone service using end-to-end encryption technology.

and

Through other partnerships, we are poised to offer Internet service in 70 markets in the US using wireless spectrum which we will bundle with end-to-end encrypted Virtual Private Network (VPN) technology in order to keep the customer’s data as private as possible. The next products on the roadmap include hosted email and cloud storage/sync systems that utilize public key cryptography so that only the user possesses the key required to decrypt their email or files. This means that the provider (Calyx) will not be able to read your email or files even if it wanted to. And if Calyx can’t read it, it can’t be targeted by unconstitutional surveillance tactics. (Both quotes from “The Calyx Institute fundraising page“)

So running a privacy-preserving ISP is great. And again, I want what I have to say to be heard in the context that I’ve given them money to help them get going.

My first questions are around the ISP part of the business. Is this an ISP in the form of “I can buy a DSL line from them?” (or otherwise, get internet service directly?) If it’s a partnership, how are we protected from the partner? Encryption is all well and good, but if I don’t have cover traffic, then my use or non-use of the service gives out information. Someone at the entry node (say the partner) who choses to collaborate with someone who can watch the exit node (say the NSA, or the FSB/KGB) can figure things out over time. This issue is fundamental to all low-latency internet-based privacy systems, including the Freedom Network that Zero-Knowledge operated, Tor, etc. The fix is approximately sufficient and continuous cover traffic that exceeds the bandwidth in use.

The second comment, which derives from that is “if Calyx can’t read it, it can’t be targeted by … surveillance tactics.” That is simply untrue. An observer which can see more can apply more clever analysis. I’m willing to forgive this as an aspirational statement today, but it’s important for privacy providers to ensure that they don’t over-promise.

My next question is why New York? Because the founder is there? The NYPD has done some bad things in the civil liberties camp, including for example surveillance of mosques without cause, kettling and rounding up protesters and bystanders without cause during the 2004 Republican Convention. Does New York have the most favorable laws in the US for this sort of thing?

When we get to the phone company idea, I’m in favor of the idea, but operating a nation-wide mobile phone service is expensive. If you don’t do so yourself, you can operate a “Mobile Virtual Network Operator.” But if Calyx does so, then the network operator from whom it leases bandwidth can see IMEI numbers and otherwise fingerprint phones. There are some interesting challenges here, and we need to know more to understand what Calyx can deliver.

In conclusion
There is a market for privacy, and there is a market for private internet services. Calyx has an opportunity to tap into such a market, but it’s tricky and complicated to do so successfully. There are a lot of hard questions to be addressed along the way. However, it’s important to remember that privacy is an important and cherished value for excellent reasons. Calyx is unlikely to be either perfect, or as bad as the main players in today’s market. So they deserve your support, your attention, and perhaps even your money. Why not go donate?

Fascinating Storyline around Instagram & Facebook

First, congratulations to the folks at Instagram, who built something that was so valuable to Facebook and managed to get a great exit.

Me, I suspect that Facebook did it so they can gradually sepia-tone all your photos, but that’s not important right now.

I was struck by the nature of this article by the fine folks at Petapixel: “Instaport Lets You Download All Your Instagram Photos as a Zip File.” The article starts “Unhappy with Facebook’s acquisition of Instagram and want to flee the photo sharing service?”

Wow.

Fleeing Facebook is no longer something for the digerati and the privacy nuts. Now it’s presented as a reasonable response to Facebook acquiring Instagram.

That’s a good sign for the theory that all general purpose social networks eventually get overwhelmed with people you don’t care about, and perhaps a bad sign for those who bought Facebook stock at a $100 Billion valuation.

Lady Ada books opening May 11

Ada’s Technical Books is Seattle’s only technical book store located in the Capitol Hill neighborhood of Seattle, Washington. Ada’s specifically carries new, used, & rare books on Computers, Electronics, Physics, Math, and Science as well as hand-picked inspirational and leisure reading, puzzles, brain teasers, and gadgets geared toward the technically minded customer.

From the store’s blog, “Grand Opening: June 11th

I’ve been helping David and Danielle a little with book selection because they’re good folks and I love great bookstores. I encourage Seattle readers to stop by.

Facebook, Here’s Looking at You Kid

The last week and a bit has been bad to Facebook. It’s hard to recall what it was that triggered the avalanche of stories. Maybe it was the flower diagram we mentioned. Maybe it was the New York Times interactive graphic of just how complex it is to set privacy settings on Facebook:

facebook-privacy.jpg

Maybe it was Zuckerberg calling people who trust him “dumb fucks,” or the irony of him telling a journalist that “Having two identities for yourself is an example of a lack of integrity.” Or maybe it was the irony that telling people you believe in privacy while calling them dumb fucks is, really, a better example of a lack of integrity than having two identities.

Maybe it was the Facebook search (try ‘my dui’), or Facebook: The privatization of our Privates and Life in the Company Town. Maybe it was getting on CNN that helped propel it.

It all generated some great discussion like danah boyd’s Facebook and “radical transparency” (a rant). It also generated some not so great ideas like “Poisoning The Well – A Response To Privacy Concerns… ” and “How to protect your privacy from Facebook.” These are differently wrong, and I’ll address them one at a time. First, poisoning the well. I’m a big fan of poisoning the wells of mandatory data collectors. But the goal of Facebook is to connect and share. If you have to poison the data you’re trying to share with your friends, the service is fundamentally broken. Similarly, if you’re so scared of their implicit data collection that you use a different web browser to visit their site, and you only post information you’re willing to see made public, you might as well use more appropriate and specialized sites like Flickr, LinkedIn, Okcupid, Twitter or XBox Live. (I think that covers all the main ways people use Facebook.)

But Facebook’s problems aren’t unique. We’ve heard them before, with sites like Friendster, MySpace, Tribe and Orkut. All followed the same curve of rise, pollution and fall that Facebook is going to follow. It’s inevitable and inherent in the attempt to create a centralized technical implementation of all the myriad ways in which human beings communicate.

Play it Sam…once more, for old time’s sake

I think there are at least four key traps for every single-operator, all-purpose social network.

  1. Friend requests The first big problem is that as everyone you’ve ever had a beer with, along with that kid who beat you up in 3rd grade sends you a friend request, the joy of ‘having lots of friends’ is replaced with the burden of managing lots of ‘friends.’ And as the network grows, so does the burden. Do you really know what that pyronut from college chemistry is up to? Do you want to have to judge the meaning of a conversation in light of today’s paranoia? This leads us to the next problem:
  2. Metaphors Facebook uses two metaphors for relationships: friend and network. Both are now disconnected from their normal English meanings. An f-friend is not the same as a real friend. You might invite a bunch of friends over for drinks. Would you send the same invite to your f-friends list? Similarly, if I were to join Facebook today, I could join a Microsoft network, because I work there (although I’m not speaking for them here). Now, in the time that Facebook has been open to the world, lots of people have gained and lost Microsoft email addresses. Some have been full time employees. Some have been contractors of various types. Some have been fired. Is there a process for managing that? Maybe, we have a large HR department, but I have no idea. One key point is that membership in an f-network is not the same as membership in a real network. The meaning of the words evolve through practice and use. But there’s another issue with metaphors as made concrete through the technical decisions of Facebook programmers: there aren’t enough. I think that there’s also now “fans” available as an official metaphor, but what about salesguy-you-met-at-a-conference-who-won’t-stop bugging-you? The technical options don’t match the nuance with which social beings handle these sorts of questions, and even if they do, telling a computer all that is too much of a bother. (See the chart above for an attempt to make it do something related.)
  3. Privacy means many things Privacy means different things to different people. Even the same person at different times wants very different things, and the costs of figuring out what they will want in some unforeseen future is too high. So privacy issues will keep acting as a thorn in the side for social network systems, and worse for centralized ones.
  4. Different goals Customers & the business have different desires from the system. Customers want fast, free, comprehensive, private, and easy to use. They don’t want to worry about losing their jobs or not getting one. They don’t want to worry about stalkers. They don’t want their sweetie to look over their shoulder and see an ad for diamond rings after talking to their friends about engagement. But hiring managers want to see that embarrassing thing you just said. (Hello, revenue model, although Facebook has not, as far as I know, tapped this one yet.) Stalkers are heavy users who you can show ads to. Advertisers want to show those diamond ring ads. Another example of this is the demand to use your real name. Facebook’s demand that you use your real name is in contrast to 4 of the 5 alternatives up there. Nicknames, psuedonyms, handles, tags are all common all over the web, because, in fact, separating our identities is a normal activity. This is an idea that I talk about frequently. But it’s easier to monetize you if Facebook has your real name.

So I’m shocked, shocked to discover that Facebook is screwed up. A lot of other shocked people are donating to Diaspora ($172,000 of their $10,000 has been pledged. There’s interesting game theory about commitment, delivery on those pledges, and should they just raise a professional round of VC, but this post is already long.) There’s also Appleseed: A Privacy-Centric Facebook Slayer With Working Code.

Now, before I close, I do want to say that I see some of this as self-inflicted, but the underlying arc doesn’t rely on Zuckerberg. It’s not about the folks who work for Zuckerberg, who, for all I know are the smartest, nicest, best looking folks anywhere. It’s about the fundamental model of centralized, all-purpose social networks being broken.

To sum it all up, I’m gonna hand the microphone to Rick:

If you don’t get off that site, you’ll regret it. Maybe not today, maybe not tomorrow, but soon and for the rest of your life. Last night we said a great many things. You said I was to do the thinking for both of us. Well, I’ve done a lot of it since then, and it all adds up to one thing: you’re getting off that Facebook. Now, you’ve got to listen to me! You have any idea what you’d have to look forward to if you stayed here? Nine chances out of ten, we’d both wind up with our privacy in ruins. Isn’t that true, Louie?

Capt. Renault: I’m afraid that Major Zuckerberg will insist.

How to Make Your Dating Site Attractive

bookio.jpg

There’s a huge profusion of dating sites out there. From those focused on casual encounters to christian marriage, there’s a site for that.

So from a product management and privacy perspectives I found this article very thought provoking:

Bookioo does not give men any way to learn about or contact the female members of the site. Men can join for free, if they have been invited—and if a current Bookioo member can vouch for their information. They can then post a profile for the perusal of the female—and paying—members of the site. It’s those paying women, however, who get to call the shots.

As interesting as the approach is, what’s more interesting is how they came to it. They focused on a set of female customers, and asked what is it that they worry about, and what do they want? Co-founder David Olmos:

We think that women don’t feel comfortable with the current dating sites. The latter are too masculine: they were designed by men and they fundamentally address men’s needs. We know that many women prefer a different approach: they’re eager to socialize, to meet new people, and we propose to do that through activities. It may lead them to find a partner, of course, but they may as well enjoy an afternoon in a museum with a new girl friend whom they met Bookioo! So we propose to socialize through activities, common hobbies and common tastes.

As you can see, we actually want to revamp the “dating” concept, taking the perspective of women. The key issue for us is to make sure that women enjoy the level of privacy they wish and that the males’ profiles are fully validated. (“Bookioo: dating and social networking site gives women full control.”)

It’s also a very different approach to “creep management,” which we’ve covered in past posts like “Emerging dating paranoia,” “Dating and Background Checks in the UK” or “Dating & Background Checks in China

Ten Years Ago: Reminiscing about Zero-Knowledge

zks-logo.jpgTen years ago, I left Boston to go work at an exciting startup called Zero-Knowledge Systems. Zero-Knowledge was all about putting the consumer in control of their privacy. Even looking back, I have no regrets. I’m proud of what I was working towards during the internet bubble, and I know a lot of people who can’t say that.

We struggled with the tremendously hard problem of privacy. We did it for something bigger and more important than ordering your groceries online. We didn’t succeed at the first business plan, or the second, but we plugged away at it, listened to prospective customers and partners, and the company is still in business and going strong as RadialPoint.

We learned an awful lot. We learned that people are awfully passionate about privacy. Hundreds of thousands of people signed up to try our software. We had a guy who called support after buying a new computer to get privacy. I remember the woman who took his call telling me how sad she was she had to get off the phone and take other calls. And we learned that what we meant when we said privacy wasn’t what other people meant.

I think too much of today’s privacy debate is wrapped up in a similarly nebulous term, identity theft. It’s hard to address a problem that’s so vague. But that’s a post about today, not about ten years ago.

We hired a lot of great people who I knew. I met a lot of great people, too. Went to work with one of them, Dave Clauson at another startup, Reflective. Work with some of them again (Hi Christian! Hi Stefan!).

For me, the key lesson was to really drink deep of your prospective customer’s pain. To accept that they may have a label that you really understand better than them (“privacy”) and that it doesn’t matter. What matters is how they see it, and how they understand your solution. Zero-Knowledge made me skeptical of great technology as a problem solver, when the customer is asked to understand it or care. Your customers never care about your technology anymore. They care about what pain it solves.

I’d love to go back and tell myself ten years ago to love the customer better. There’s other lessons. I’d love to seized the day and some of its opportunities better. But in the end, that flight to Montreal put me on the path to where I am today.

So a huge thank you to all of our customers and prospective customers. Thank you to Ian for introducing me to Austin. Thank you, Austin and Hamnett for offering me the job. Thank you to all of my co-workers, employees and friends of the company.

Origins of time-sync passwords

watchclock.jpg


In “Who Watches the Watchman” there’s an interesting history of watchclocks:

An elegant solution, designed and patented in 1901 by the German engineer A.A. Newman, is called the “watchclock”. It’s an ingenious mechanical device, slung over the shoulder like a canteen and powered by a simple wind-up spring mechanism. It precisely tracks and records a night watchman’s position in both space and time for the duration of every evening. It also generates a detailed, permanent, and verifiable record of each night’s patrol.

The market for these devices was well established when John Brainard Ken Weiss invented the SecurID token. In fact, either John or Vin McLellan told me that the reason Security Dynamics built a time-based system was so that it could play in the wandering guard market. The guard needed the SecurID to write a code in a book, and with that, you could determine when he was at a given watch station. Only later did they discover that their device had value for information security. [Update: Vin corrects some of my historical details in the comments.]

Security Dynamics did an impressively good job of building a complete system, and an ecosystem for their devices, but creating plug-in authentication modules for all sorts of things. Frankly, their security wasn’t really great in any theoretical sense. There were relatively obvious flaws like Mudge’s ‘listen and guess’ attack on the last digit being sent over a cleartext channel. His “Vulnerabilities in OTP’s – SecurID and S/key” was presented at DefCon IV, but I can’t find a copy of the paper. There were more difficult to find flaws as I pointed out in my “Apparent Weaknesses in the Security Dynamics Client Server Protocol“. Later Biryukov, Lano and Preneel presented “ Cryptanalysis of the Alleged SecurID Hash Function.”

What John, and later Art Covellio understood far better than Mudge or I understood at the time was that the security didn’t really matter all that much. The system and its components needed a baseline of security, and they invested in that, and beyond. They had their system reviewed by top outside experts. They needed to be able to handle the baseline questions about someone tampering with the card, and the algorithms and protocols were kept secret in accordance with practice at the time. (John told me that I settled a debate between their engineers and marketing when I published them. Had I known that, I would have included the hash function in my paper, but on advice of counsel I’d removed it. He called it “waving a red flag in front of Security Dynamics just because you can.”)

What did matter was that their customers were doing better than static passwords, and they mostly delivered, unless Bart Preneel or I was your adversary.
securid.gif

Security Dynamics also won on the usability of the system, relative to other tokens. Some alternatives, implemented challenge/response systems. To use them, you needed to enter a challenge, then press enter, your PIN and then enter, and then type in the response. All prompts and errors were in an 8 character LCD display. It was hard to deploy to real people.

Another advantage that Security Dynamics delivered was integration into everything. They had a server of their own. Clients to replace /bin/login on a dozen unixes, Netware and a GINA plugin for Windows. Radius and TACACS integration. They made themselves the easiest system to actually deploy. That’s important. A system with much greater security and double the cost of deployment would have been hard to justify.

Anyway, Security Dynamics was a good enough business that when they went to get an RSA license, it turned out to be “easier to buy the company than to get a license.” (As Art Covellio says in this Hearsay podcast with Dennis Fisher.)

And at the end of the day, developing products that people can actually understand and deploy for their protection and risk management is what it’s about. Knowing where to start innovating is a key part of that.

UnClear where the data will go

So Clear’s Verified Line Jumper service has shut down. Aviation Week has a blog post, “
Clear Shuts Down Registered Traveler Lanes
.”

Clear collected a lot of data:

The information that TSA
requires us to request is full legal name, other names used, Social Security number (optional), citizenship, Alien Registration
Number (if applicable), current home address, primary and secondary telephone numbers, current email address, date of birth,
place of birth, gender and height. TSA also lists as optional, but helpful, the following personal information: home addresses,
driver’s license number and employer’s name and address…digital photo and digital images of all of your fingerprints and your irises…your credit card.

This raises a very serious problem with a company like Clear/Verified Identity Pass, Inc. The in-depth, validated customer data is likely to count amongst such a company’s most valuable assets. Their privacy policies make no mention of what would happen to it in the event that the company goes bust.


Does anyone know where Clear was incorporated? Maybe I’ll bid at the bankruptcy auction.

[Update: Tamzen points out that there's an update on their site, promising that Clear will abide by the "Transportation Security Administration’s Security, Privacy and Compliance Standards" and "take appropriate steps to delete the information." Google thinks that those standards might refer to "Transportation Security Administration’s Security, Privacy and Compliance Standards." Me, I wonder why they say "take appropriate steps" rather than just promising to delete it. Back in the day, Brill's Content might have taken them to task for that.]

Covering the Verizon Breach Report

As you probably know by now, the pattern of 1s and 0s on the cover of the 2009 Verizon Data Breach Investigations Report contains a hidden message. I decided to give it a whirl and eventually figured it out. No doubt plenty of people managed to beat me to it, as evidenced by the fact that I didn’t get my solution in early enough to win the cash prize — but so far, I haven’t seen anybody write up a walkthrough, so I thought I’d do one. (Chris Eng, “Decoding the Verizon DBIR 2009 Cover“)

Zero Knowledge Poster.jpg

This reminds me a lot of the posters we did at Zero-Knowledge. I’m not sure who came up with the idea, but we decided to encode a secret message in the bar codes. It was pretty tricky. We didn’t have the hundreds of bytes that Verizon had on their cover, we had 8 bytes per barcode, meaning we had no more than 40 characters in which to encode a message.

I remember a brainstorming session at a nearby bar (le Cheval Blanc?). We wanted something meaningful. We wanted something relating to privacy, anonymity and freedom. Something evocative and memorable. We kept running into that 40 character limit. The ads were expensive to produce, and we had already decided that we only wanted five, so that there would be recognition and people would see them repeatedly in Fast Company and Wired.

I don’t remember who came up with “Who is John Galt” as the slogan. We had bounced around some 1984 references (too negative), but kept hitting that limit. When we decided we needed to get them out, we settled on the Ayn Rand reference, and Ian Goldberg encoded them as bar codes. He just happened to have some bar code fonts sitting around.

Even with those constraints, it was a lot of fun tossing ideas around and seeing them in print all over the place.

Like Verizon, we hinted at there being something there to get people to look. Maybe one of these days someone will manage to keep it a secret for a while, and get a second wave of publicity out of their secret messages.

Anyway, I had fun reminiscing about the posters. Thanks to Austin Hill and Jean Bernard for hooking me up with high quality images of the posters.