Categories
biz

Thoughts on Steam Trade Holds (Escrow)

Valve’s Steam service is set to roll out an escrow on non-two-factor-authorized trades. They are calling this a “Trade Hold.”

Alice wants Bob’s hat and Bob wants Alice’s key. They agree to trade.

Alice has Steam Guard Mobile Authenticator (SGMA), Bob does not. After the trade, they wait three days to get their items.

At this point, it’s unknown whether Alice could know at the point of trade whether she was risking the trade hold. It seems likely she will, and thus she could avoid it.

Problems with the system include:

  1. People without Android or iOS devices being unable to use SGMA.
  2. Automated trades via bots being unable to deal with escrow without major changes.
  3. People feeling that, generally, they are being disadvantaged due to a minority of users who fall for scams or install malware.

Valve has a scam/malware problem masquerading as a customer service problem. They have looked at improving customer service, but correctly realize that will not really solve the problem. They do need better customer service, but they also need to do more to address the problem of fraudulent trading. The escrow is supposed to be a pressure valve, to relieve some stress by limiting the damage that fraud traders can mete out.

Education of users is important, but simultaneously unrealistic short of Valve creating a trading simulator game that people want to play and it teaching them the hard-learned lessons of what to avoid. Users that would be helped by education either already educate themselves or will be a minority. Forcing education (e.g., through testing prior to granting trade privileges) would deter users from trading altogether.

Previously, Valve has used e-mail confirmations. This failed for hijacked accounts, because the users would simply have their e-mail accounts compromised in the hijacking. SGMA differs in that the likelihood of also compromising a mobile device is much lower.

If machine learning is mature enough, Valve may be able to leverage it to identify fraudulent trading patterns in a bulk of cases, in a manner similar to the credit card industry. It isn’t clear if it is up to this task, nor is it clear how easily Valve could implement such a filter. It seems reasonable to expect that will be a large part of their eventual strategy in fraud prevention.

What does not seem likely is Valve Customer Service becoming a peudo-law-enforcement agency. Investigating claims of fraud and trying to uncover the realities of events after the fact is just not in the cards for a video game services company. They will undoubtedly continue to seek to prevent the fraud.

It seems reasonable to say nobody wants to wait three days for a trade to go through, including Valve who will have to keep track of the trades. But Valve also does not want to have the volume of scammed items and problems sustain their current rates or grow. So they have to keep trying stuff, even if the community feels burdened.

Some minority of users may circumvent the protections of SGMA via emulators and desktop applications implementing the HMAC technology that SGMA uses. It’s a risk, and there doesn’t seem to be a easy way to avoid it, but that user count will likely stay small, sustaining the general integrity of SGMA/trade holds.

Categories
biz

Reading the TPP

Probably not much use, but I skimmed the TTP and noted some things along the way.

  1. Rules of origin decide whether and how much of a product came from a country. Important because stuff gets made over many steps and things like tariff classification may depend on it. Often companies try to cheat on this, so that they can avoid tariffs. The cheating, in some circumstances, is referred to as a spaghetti bowl effect, due to the criss-crossing and subterfuge involved.
  2. The obvious remark that legal documents themselves often suffer from the spaghetti bowl effect, insofar as they (see annex IV.3 of subchapter 0x0b9) are half-constructed of references to other sections, documents, etc. Reading any legal document (law, treaty, or otherwise) often requires reading every other legal document in existence (in triplicate).
    I do wonder whether there are any formal studies done of this, and whether there is some sort of mathematical law describing the length of a document to the length of a document’s references/incorporations.
  3. The amount of effort involved in tracking the origin of goods would seem to suggest that the system is ripe for augmentation with information such as the wage-of-creation-to-poverty-level information that could result in economic pressure for better wages across the globe.
  4. Emergency measures for a variety of causes including large swings in volume of import/export of food and other goods in cases of famine, ability to protect in cases of health, safety, civil war, etc.
  5. “For Peru, all distilled spirits with less than 10% alc/vol must have a date of minimum durability.” That’s a footnote which seems to contradict the language it’s noted on (that “[n]o Party may require… a date of minimum durability… except… on account of their packaging… or the addition of perishable ingredients…”). Shrug.
  6. Can’t require a producer of commercial software to give up their private key as a condition of sale (unless it’s being sold to a government). But: doesn’t stop law enforcement from requiring they decrypt, either.
  7. Can’t require sale or financial data on pharmaceuticals (and should “endeavor not to require pricing data”) when determining whether drugs can be sold.
  8. British English: “programme” keeps coming up, which I always read as an invitation to brainwash the writer.
  9. Some anti-spam stuff (among other consumer protection measures), but we’ll see how much it helps.
  10. Can’t require source code for importation, except for critical infrastructure.
  11. “The Parties recognise the importance of a rich and accessible public domain.” And yet, they do nothing to strengthen it. They even use the cliche “fallen into the public domain” instead of something more appropriate like, “lofted up into the public domain, now unfettered by the mortal whims of the fools that created it.”
  12. Chapter 20, “Environment,” mentions the ozone layer, but nothing about climate change.

Well, that was fun.

Categories
biz

Advertising and Blocking

Journalists online often make their money from advertising. And there have been a number of stories over the years about the damage of ad blocking. Seldom (never?) do you see the exact amount they make per view or per impression or however you want to measure how much money they make from me looking at their articles.

I read a bit of stuff from Ars Technica, and a rough count for the past month is at least looking at (which is admittedly different than reading) about 70 different URLs (some might be little more than photo galleries, so they aren’t all necessarily articles). They have two subscription options that would apparently supplant any money they would otherwise make off my visits if I saw their ads:

  1. $50 per year, which is about $4.17 per month.
  2. $5 per month.

Assuming the past month is my average viewing of their site, it would work out to between $0.0595 and $0.071 per URL, if I subscribed. The problem is that I don’t believe they make anything like ¢5 or ¢7 per view from advertising. If that were the model, that I actually paid them a nickel per URL, I would probably read less, at least until I got a handle on how much it was costing.

Loyalty is also a hard argument to make on the web, when I find my reading habits shift over time. If I have to go to each content site and manage subscriptions, figure out whether I want to give $5 to Ars Technica or $5 to some other site, that’s time I’d rather spend doing something else. Anything else.

But if they told me they make $0.007 per view (my completely blind guess), I might gladly pay $0.01 per URL (on average), especially if it were a cross-site system, and I doubt I read more than 100 articles per day. That is the micropayment model.

In other words, if sites like Ars Technica or Business Insider want to shift the model, they should get together and try to build the system that lets that happen. Because right now there’s a lot of difference to me between $0.49/month (the $0.007 ad rate), $0.71/month (if I paid a cent per article), and $5.00/month (if I paid their subscription rate).

Now, I’m sure their argument is that not everybody who reads will subscribe, so the $5 is designed to subsidize the freeloaders and still be low enough that people with modest incomes can afford it. The counter to that is that there are many articles I do not read from them. I would prefer to pay for the ones I actually read, to encourage the journalism I care about.

It’s the difference between paying for access to all the music from some record label and paying for specific albums by specific artists.

On the other hand, I do have my Ars whitelisted in my ad blocker. Edit 20150910: I have removed the whitelisting, as Ars Technica uses moving ads and Adobe Flash ads.

Categories
biz

Exernalities and Products

Externalities are costs in a market not borne by the consumers of the products or services. Pollution is the common example. Waste management (be it unused excess or things like packaging) is another. Anti-competitive practices are a third. In general, they are marked by market distortion.

For example, take waste management rather than some system where corporations have to directly account for product waste. Call a company LeafRing Inc. They manufacture decorative jewelry for you to put on your trees’ leaves. Each piece is sold for $1 and comes in a throw-away wrapper.

Let’s say that suddenly LeafRing had to pay for the waste, all those wrappers, plus damaged LeafRings, plus ones that people quit using. That might raise their unit price to $2, but people will only pay $1. They can’t sell LeafRings, so they go bust.

Instead, we have the externality system, where the true cost is still $2, but LeafRing only cares about the first dollar. The other dollar is up to the whole system (which, it isn’t, due to the way certain government and business funding actually works) to bear.

Basically, the system is designed such that a product that might otherwise be unviable can exist by everyone else paying for certain costs.

Now, that’s not to say society isn’t better off for having LeafRing. Nor to say it is. It’s a tradeoff people can disagree about. And they might choose to call it an effective subsidy instead of an externality.

The problem comes when, in response to externalities, people expect the solution to be free or profit-making.

Take public transportation, for example. The semi-private automobile system is too expensive or otherwise exclusive for some people, and so they need alternative transportation. But enough people get past the velvet rope that public transport is underutilized (a form of de facto segregation, though not entirely along racial lines). The fact that some people are not able to use the dominant transportation is an externality caused by high prices of cars and fuel, plus the demands placed upon operators.

Public transport is effectively the cost of the system we have, but critics often pretend that it should pay for itself. They want a free lunch: cars not having to account for the costs they impose on society, plus the therapy coming at no cost. Indeed, there are car drivers who look at a bus and think they’re paying for transportation twice: once for the car, and once when they pay taxes that support the busline.

In fact, the latter is just paying the hidden costs in the former. And the fact that’s not made clear, that politicians and media portray costs of externalities as though they’re facts of life, rather than as a problem of market distortion, only distorts the political system further.

Categories
biz

When Ads will Target Computers

Mug of robots asking, "Can I borrow a cup of robots?"
Lightly modified; original by hobvias sudoneighm (Flickr: striatic)

With the rise of the cloud, and the expected future of autonomous systems, we will start to need advertising to computers. That is, a system may want to buy itself increased capability, or buy its humans goods or services based on calculated needs.

There is an important question of what computer-targeted advertising would look like. It seems entirely plausible that the advertising industry is not equipped to deliver compelling advertisements for computers. Traditional advertisements rely heavily on appeals to emotion and cultural triggers.

Computer Ads for Computer Needs

So the first type of advertising for computers is selling them things they need. More storage space, software upgrades, that sort of thing. Computers will likely only want to know the specifications of their potential purposes, eliminating the need for stylized advertising and flowery language.

They may want more data than many vendors currently deliver. Computers will want to more heavily study production quality and vendor reputation, at least for components or upgrades that are critical to their continued operation (e.g., for a cloud-based backup the computer may want to know about dependability, but also lock-in costs more than a human would).

The other factor here is that as computers do begin to engage in commerce, it is expected that services themselves will begin to cater to computers. Instead of building products that appeal to IT managers or individual humans, the products will be designed to fit the computer’s needs. The marketing schtick will fall by the wayside, as will value-added items like training services.

Finally, computers will also want to advertise themselves to other computers. If they have extra resources, they will want to use them for offsetting their own costs, for example. Or they might do volunteer work, like testing software they use for bugs, in their spare time.

Computer Ads for Fulfillment of Human Needs

The second type of advertisement for computers involves telling computers about products and services that they will buy on behalf of humans. This sort of advertising will be much harder to nail down. Will a human tell their computer they want edgy or fashionable items when available? Will the computer recognize when the products offered to it are being skewed based on data mining?

It seems plausible that computers will gain some ability to seek out occasional alternatives to consumable products, to give humans the opportunity to try to switch between alternatives. Marketing materials will likely shift to try to trigger that mechanism more frequently.

If you are buying Foo™ Food and only trying alternatives every six months or when the cost of an alternative saves you 10% or more, Bar™ Food might try to figure out your computer’s alternatives cadence, and then hit it with a 10% discount the next month, to see if a double-period of the alternative convinces you to switch brands. Of course, other factors besides an alternative schedule and price discount may be used to determine computed purchasing decisions.

The other side of that is that computers may find novel ways to avoid price discrimination. This might take the form of pre-shipment secondary markets where one computer buys an item and resells it to another at a slight markup but relative discount to the advertised price.

Ad-blocking Computers?

Would computers see any value in blocking advertisements? Given they do not have the same attention deficits as humans, it is unlikely. If other constraints compel it, they will, but otherwise computers seem like great candidates for honest advertising.