Month: October 2009

ebooks: price + DRM = piracy + waste

Posted on by evercurio

amazon_kindle_2As the recent owner of an amazon Kindle ebook reader , I’m thrilled with the ability to carry and read thousands of books in a tiny little device. The screen is crystal clear and easy on the eyes. The wireless and note-taking capabilities are handy features, too.

Yet while ebook readers and electronic distribution of books and other published material offers convenience and environmental advantages, ebook DRM irresponsibly encourages both piracy and waste.

Falling costs

book costs

According to general estimates, most of the costs traditionally associated with the publishing industry vaporize in the digital age. Notice how all of the various components are nullified with ebooks except for author royalties and retailer profit. If we assume $10 for a paperback, this means about $2.00 ends up going to the author, publisher, and retailer as profit. Everything else is to cover the costs.

If eliminating production and distribution costs of printed materials means reduced costs (as well as a greener earth), why aren’t these savings passed along to consumers? Like the music, software, and gaming industries, piracy will be the natural alternative to those who balk at the illogically high prices of ebooks.

Ownership

Digital ownership has plagued every industry in recent years. Music, movies, software, and games have all experimented unsuccessfully with digital rights management (DRM) to control the distribution of digital goods. But all of these models are inherently flawed.

Think about it: many current ebooks cost about $10. This may seem reasonable until you realize that for $10, you’re purchasing a book that you don’t really own. Like iTunes songs, an amazon ebook includes DRM which ties it to your account and your Kindle. This means that when I buy a book on amazon, I’m stuck with it. Unlike the $15 paper book I could purchase and then give awayresell, or even loan to a friend, my digital copy is mine forever. Heaven forbid I decide to switch ebook readers in the future and have to abandon (or repurchase) all of my ebooks (which would likely be equally locked to the new reader).

Remember the library?

I honestly find very few books worth purchasing, simply because I don’t tend to re-read many tomes (Lord of the Rings trilogy notwithstanding). Why hasn’t anyone figured out a secure and convenient way to connect with public libraries to borrow books (that people actually want to read) on a Kindle?

The current model for ebooks encourages waste in an already disposable-focused society. When I buy a physical book, I try to get it used rather than new, both for cost savings and to contribute to “reuse” over waste. From both the buyer’s and seller’s perspective, the used book economy is equally wonderful: I buy a book, enjoy it, then sell it to someone else for a discount (good for them) and recoup some of my investment (good for me). However, with the Kindle, once I’m done reading the latest Grisham novel, my only option is to delete it from my device.

The Inevitable Solution

Barnes & Noble’s announcement this week of their new ebook reader, the nook, encouraged me. The nook matches most of the capabilities of the Kindle, but raises the stakes with the option to lend ebooks to other nook and iPhone/iPod Touch users. This, I feel, is a step forward for ebook users, but there is still much ground to cover. For example, you can only lend an ebook for 14 days. Why? Why can’t I set my own timeframe?

One thing I’ve pondered is, “Why don’t I have the same problem with digital music?” The simple answer is that I just don’t want to get rid of music like I used to. Back when I bought full albums just to enjoy two tracks, I quickly tired of it and sold it used. By purchasing individual tracks from iTunes or amazon, however, I’ve found that I’m much more satisfied with my collection.

Until the book industry figures out a better model of digital ownership, I can only imagine that users will turn to one of two methods:

  1. Skirting legitimacy by hacking the DRM out of their ebooks, or
  2. Avoiding legitimacy through outright piracy.

I would hope that with the brilliant technological minds of the 21st century, someone can invent a non-evil DRM method with which I can legally and easily transfer ownership to someone else.

Change your stories, challenge your stereotypes [TED talk]

Posted on by evercurio

In a TED talk, novelist Chimamanda Adichie tells her story of growing up in middle-class Nigeria and confronting her own stereotypes. She talks about how the “stories” she grew up with impacted her perception of the world and how she’s seen similar biases in people and cultures around the world.

Her story challenged me to expand my own story collection and examine my stereotypes. Too often, the media bombards us with a single perspective that begins to form a picture of a country or people group that is lopsided. Recently my church launched an initiative called “Greater Things.” Part of this initiative is to launch the Hope Partnership to partner our church with four organizations that are targeting the issues of HIV/AIDS and the plight of orphans and widows in the countries of Zambia, Malawi, and Kenya. This is a beautiful and admirable goal and I’m excited to see the impact it has.

Yet, as with many other stories of Africa, this continues to reinforce my image of that continent as one plagued with poverty, disease, and destitution. Yet there is so much more to Africa than just those in dire straits!

In fact, I’m challenged by my public school education and its focus on an Americentric/Eurocentric take on world history. As my wife and I homeschool our kids, we’re purposefully seeking out resources and curriculum that provide a more balanced view of history and the events that have shaped the world.

Chimamanda’s talk is engaging, humorous, and often convicting. Enjoy!

http://video.ted.com/assets/player/swf/EmbedPlayer.swf

Hacked!!! [lessons learned]

Posted on by evercurio

I’ve been a web hobbyist/enthusiast since the mid-90s and in all that time, I’ve maintained a fairly high level of trust mixed with a healthy amount of skepticism. That balance shifted recently my personal web site was “hacked.”

pirate flagLet me explain what happened: My site is designed to keep family and friends up to date on what’s going on with our family (mostly the kids). When I first launched it and for many years, I kept the commenting wide open. After all, who would take the time and energy to vandalize a little-visited family web site?

About a year ago, I was forced to control and monitor comments a little more closely. I changed the WordPress settings to require someone to register first or have a previously approved comment before they could comment. But I set WordPress to auto-approve new user accounts. After all (uh-oh), who would go through the trouble to set up a user account just to vandalize a little-known family web site?

I found out this past week that even these measures were woefully inadequate. Apparently, within the span of a few hours, “someone” (presumable a bot) created several user accounts, then used those accounts to leave comments on my posts with links to “badware” sites and embedded script code. Google immediately flagged the site as “distributing badware.” That’s when the fun began.

A Slashdot article provided insight into what Google did:

In an effort to promote the ‘general health of the Web,’ Google will send Webmasters snippets of malicious code in the hopes of getting infected Web sites cleaned up faster. The new information will appear as part of Google’s Webmaster Tools, a suite of tools that provide data about a Web site, such as site visits. ‘We understand the frustration of Webmasters whose sites have been compromised without their knowledge and who discover that their site has been flagged,’ wrote Lucas Ballard on Google’s online security blog. To Webmasters who are registered with Google, the company will send them an email notifying them of suspicious content along with a list of the affected pages. They’ll also be able to see part of the malicious code.

What happened to me specifically was:

  • If anyone attempted to get to my site, they’d get a warning page saying the site was flagged by Google.
  • If they chose to click through, they got a version of the site rendered without CSS or images (i.e., horribly ugly).
  • If I, as the admin, tried to log in to WordPress, I merely got looped back to the login screen, preventing me from logging in.

After a few exchanges with my web hosting company (MidPhase), I realized that the onus to fix the problem fell to me. While I’ve been a tinkerer, I’m no PHP expert. That means that while I can install and configure applications like WordPress and MediaWiki, I don’t really know everything that’s going on under the hood. That means that I have no idea what’s supposed to be there and what isn’t. How the heck was I going to fix this?

After panicking for about a day, I came to a solution. I scoured the database tables looking for rogue user accounts and comments and deleted them. I then archived my WordPress files, replacing them with a fresh install. I scrapped my theme (in the event it was outdated and adding vulnerabilities) and installed a recently published theme.

I then submitted a request for Google to reevaluate my site. After one unsuccessful “rescan,” they finally cleared my site with a clean bill of health.

While it caused me to miss nearly an entire night’s sleep on Sunday (as well as hours of time that I would preferred to have spent with my kids…), it seems like everything is back up and running.

A few lessons learned:

  1. Google is quick to protect, slow to educate. I’m glad Google flagged “badware” on my site as I was unaware that someone had hacked it. This was done to protect the general Internet public from being infected. However, while Google blocked my site very shortly after discovering the malicious links, I would have appreciated more information on the pages that were affected. Instead, I got an abbreviated list and a  vague description of the problem.
  2. Security is, indeed, everything. Bad people are out there. I know that now. Why would someone care to hack my measly personal web site? Most likely to simply spread malware. Because of this, I had to tightly restrict commenting on my site. I now require users to get approved for an account on the site before they can comment. This additional hassle will probably stem the already meager flow of comments, but I simply don’t have the time to go through this mess again.
  3. I need to be more cautious. I’ve been somewhat recklessly installing plugins and extensions for WordPress and MediaWiki without attempting to understand how each one works. Some of these pull in information from other sites. Were those sites to be affected/infected with badware, it would instantly stream to my site. By removing these plugins, I hopefully will increase my security, clean up the visual appeal of the site itself, and speed up the web site load time.
  4. Separate your domains. In addition to the main site, I had also created a sub-site for my wife to keep daily records as she homeschools our kids. This site was blocked along with the main site. I have since used another URL for her blog to isolate the two and prevent future collateral damage.
  5. A webmaster’s job is tough. I admit that maintaining this site is just a fun hobby. That said, it’s times like this that make me appreciate the job of a webmaster who must maintain 24/7/365 vigilance over the security of a web site. While I had the potential to lose years’ worth of stories, photos, and personal interest information, this is nothing compared to the personal, financial, and other sensitive data that is at risk every day on millions of web sites around the world. My hat is off to you folks!