Recently I replied to couple of posts in Peerlyst, and someone asked if I wanted to write an actual blog entry. After some thinking, I decided it would not be easy for me to write blog posts for Peerlyst. I don’t think it is a suitable platform for personal/professional blog posts.
If you don’t know what Peerlyst is, just go over there and you will find out it is all about Information Security Pro’s doing their thing online. Is like a Linkedin for Cyber Spooks.
Why do I think Peerlyst is not a good platform to publish content (personal/professional blog entries)?
Two reasons, which I will summarize as:
I think it will be hell for me.
If you have never read anything else other than this blog entry, please go and read some other blog entries. I would be happy to have a reader counter bigger than 2.
What you will find is that I don’t hold back, and use (or abuse) humour. I express my opinions as they pop into my head, and I have also opinions about everything and anything.
Back to to the main theme: this is going to be a post about Peerlyst, and I will add some InfoSec stuff to keep the theme going. I will also have to be very careful, as Peerlyst guards their content like Smaug guards the gold. That means I will not be providing any links to Peerlyst content. If you want to see what I have posted (a meagre number of replies to other people), search for Blocksec. Obvious, isn’t it?
I am going to end with a blockchain reference, as mandated by my sponsor (my wife), site operator (me), editor (my wife), and executive team (me and my wife). We have a big team.
Ah! Be warned this blog will have an unseemingly high number of bullet points. It happened because I am bending my imaginary fingers, to count my arguments and for emphasis. Please bear with me (and my imaginary fingers). I recommend you bend your real fingers, and let me know how it goes. Or…. better idea, don’t.
And now, and advertisement from our sponsors, in the form of a Second Warning.
I read the TOS and looked the site content, and I concluded that:
That line of thinking means I would have to work at writing posts for Peerlyst, to mind what I am willing to give up in terms of content ownership. It is a cold, cynical and calculated approach towards a site professing community building. Sadly, being an Infosec professional has the unfortunate side effect of becoming cold, cynical and calculative about corporations and their motivations. I remember how Facebook started by trying to connect people, and Google’s “don’t be evil” no-longer-a-motto. I think by now we are all less naive about such things.
I am also confused by the fact that Peerlyst has been around since 2010 (or so the internet says), so by now it would have to sell something, or run out of funding. Enter the FAQ. There is something odd in there:
Why is it odd? Because:
I am obviously missing something here. Security vendors tend to be aggressive with their sales. I attended a “free” event recently, and I have been getting calls twice a day, every day, since. So, what could be happening here? Some thoughts:
Aha! All becomes clear. Bonus points for writing the policy in plain english instead of legalese! It says in plain english that Peerlyst collects the data and it makes it available to:
My assessment on vendors getting “the goods” via data collection is right. Peerlyst is a treasure trove of people who can “influence or approve” purchases for security products.
It seems the “mutually beneficial arrangement”, between the site and its users, is on Peerlyst deriving value from the quantity and quality of its community. The users get a place where to share opinions, and blogs they don’t own. The site gets to build a nice dataset to sell. I call this “people farming”, which sound sinister as it should.
The obvious question: is this a fair arrangement ? I don’t think so, because one day site owners will sell it and walk away into the sunset (or laughing to the bank, you pick the metaphor), and the site users would not receive any benefits from that transaction at all. They will be sold as the product they are (or I am, as I am a user).
Is this how a community is built? Yes, if you are being farmed by Google, Apple, Facebook or Amazon (aka GAFA).
I am not done yet with Peerlyst TOS and community building. I am going to be very unfair, and compare Peerlyst TOS with Medium.
Side note: I repost on Twitter, Facebook and sometimes Linkedin. I indicate who owns the content, which tracks to my personally owned site and blog. (I think I have 1 reader, but whatever).
It is interesting how Medium has managed to turn cynical me into a contributor, and I am not even trying to get paid. I am just happy to own my stuff, and share it with whomever happens to find it. No interests other than sharing. That is proper community building, according to cynical me. It is possible that I am nuts, and Medium is the Evil Empire but I just don’t see it.
Here is a thought experiment: what would happen if I re-posted in Peerlyst some content that I clearly own? It would be an interesting experiment I am not willing to undertake. I am scared of Peerlyst legal team!
Patience! I am getting there.
But first, this is one of those opinions I warned you about: as a security professional, and a person, I am deeply concerned about data ownership by social platforms. I am even more concerned about those platforms business models for the data, and the the unfairness of the business model. I don’t think we are getting fair value for out data, as we cant even control any aspects of the “free” service.
Unless you have been living under a rock, or recently arrived to this planet, I don’t need to include any references to recent events regarding Personal Data and Privacy. If you know about this and don’t care, I feel bad for you, your children and your children’s children (and all the other generations that follow).
Personal data will be (or already is) the fuel for the digital economy, and some people have designs on the data. They all think they will walk into the sunset (or go laughing to the bank) as a result of “monetizing” personal data (I deeply dislike that word). One of the “monetizing” ideas for personal data is “Decentralized AI”, and I will write a blog entry about it.
So.. right… blockchain. Let’s think about it. What technology is out there able to:
You guessed it! Blockchain it is!
There is a little twist here. You need two things, both blockchain related:
At this point you are thinking I pulled that Identity thing out of a hat. I kind of did (applause?), but not really. It is a deep topic, that I can’t explain in this blog alone. I will have to write about it some time in the future.
For now just take my word: you mix those two, add some tokenizing elbow grease, and you get a Personal Data Ownership anti-GAFA cocktail. If you spray GAFA with it, they will hiss and avoid you like a vampire hit with holy water.
To close this blog entry, here are two thoughts:
Oh! In case you are wondering about that little thing on top of the “ó” and the “é”: it means the sound is emphasized on that vowel (is accented). It follows some dastardly grammar rules, and you don’t know how glad I am that English Language does not have it. It is also the reason I sound funny in English.
¡Adiós!