The second release candidate for Fedora 16 Alpha is now out for validation testing. See this email for more details. We have to make a call on whether to ship the Alpha on Wednesday, so we don't have much time to get through the whole set of validation tests - if people could help out with running through these tests, it'd really be great. Just downloading the images and making sure they work for you is awesome, of course, but we need a full set of validation results before the release can go ahead.

There's three sets of validation tests: installation, base, and desktop. We aim to do all the validation tests for each candidate, but we need to get through the ones marked as Alpha. You can chip in just by doing one or two of the tests, many of them are very simple and often are things you're pretty much testing just by doing an install and running it. There's full instructions on the pages (I hope!)

Pet grammar hate of the day:

"As a lawyer, this bill is ridiculous" - FAIL. Do not pass Go, do not collect $200.

You are the lawyer. The bill is not the lawyer.

"As a lawyer, I find this bill ridiculous" - correct.

Next time - "hopefully"!

I can read whatever it is you have to say in 30 seconds. I do not want to spend five minutes watching a tortuously padded video version of it, with 30 seconds of ads tacked on the front. Do Not Want. It's especially annoying if the story looks interesting and there's no goddamn text version of it. Would it kill you to have a write-up under the video?

It's time for an out-of-cycle Test Day: this Thursday, 2011-08-04, will be the Fedora 15 on Amazon EC2 Test Day. We'll have AMIs - pre-built 'appliance type' Fedora 15 images for the EC2 cloud - available for testing, so all you have to do is start one up and carry out the test instructions. As you need an account to use EC2, and it costs real money, we'll be offering up to $5 per person in repayments to the first 10 people to help out with the Test Day. If you're a cloud-y type - especially if you use EC2 - please come join us in #fedora-test-day on Freenode IRC on Thursday! You can join in via WebIRC if you're not a regular IRC user.

Naming issues are one of those fascinating 'victim of success' problems. When you're a lean, hungry startup about to revolutionize the world of cellphones, vacuum robots, macrame or whatever it is, you generally don't have a marketing department or even someone who could play one on TV. So someone who actually does something useful for a living makes up a name, and you go with that.

Fast-forward a year, and you're a success! What do you call your next product? Well, there's two basic approaches: come up with a new name that's kinda along the same lines as the first, or stick a '2' on the end. Either works fine for now.

Fast-forward five years, and suddenly you've got twenty naturally and/or artificially market segmented cellphones / vacuum robots / macrame cords or whatever it is, and a naming scheme that was probably hastily retrofitted onto the ad-hoc scheme you went with for the first two years, or invented just when you started diversifying your product portfolio with some sort of coherent overall scheme.

Fast-forward another five years, and you're Nokia. I love one particular line from that (Andrew Orlowski) article: "Nokia's names were now composed of an impenetrable, super-dense matter, incomprehensible to any outsider." This happens to just about any company which churns out a lot of products every year, especially if the vaguely coherent naming/numbering scheme they came up with when they first hired a marketing department gets overhauled every so often when some new whizkid comes along with a boffo new scheme (viz Nokia's 'E' and 'N' lines).

I suspect you can evaluate the age, long-term planning capability and firmness of resistance to idiotic marketing schemes of any particular company just by taking a look at their product names...

There's now a BrowserID plugin for Wordpress, so I installed it. I have a couple of nits with the design of BrowserID, but I think it's a great fit for a pretty low-value site like this, where all I'm really verifying is that you have an email address anyway. I did an ugly job of hacking up the login button so it tells you what it is, otherwise the form looks a bit confusing. It's a bit ugly now with three different buttons to log in three different ways, but never mind!

Note that the login methods actually work together pretty well: if you already have an account on my blog, and you set up BrowserID for that email address, then logging in with BrowserID will log you in to your existing account, it doesn't create some new one. And you can associate an OpenID with that account from the dashboard, too. So you could log in any one of three ways - user / password, BrowserID, OpenID - to the same account. Neato.

I just deleted the Google account I'd associated with Google+. I mean, really, the scariness gets to a certain level at some point and...ick.

I still have a couple of test accounts, but there's nothing useful in any of them. I won't be on Google+, well, ever, so far as I can see things going. Sorry, anyone who wants to use it.

(Thanks to Penny Arcade's Internet Dickwad Theory for the title idea.)

I wrote at some length about online identity recently. Today I saw an article by Tim Adams about abusive and trollish behaviour on the internet, which made an attempt to relate it to the idea of 'online anonymity'. This rather frustrated me, because I thought Tim's model of identity was far too simplistic and incomplete to allow him to reach the correct conclusions about the causes of (and potential solutions to) this kind of online activity. So here's my take on it, which I posted as a couple of comments on the article. This post has an extra bit at the end which I didn't fit into my comments on the article, too. This has a bit of overlap with my earlier post, but not too much.

tl;dr ('too long; didn't read') summary for the impatient:

• All interactions require all parties to those interactions to assert a consistent identity
• People assert a huge range of different identities to perform different interactions, both online and offline
• The value of each identity, as perceived by the person asserting it and the other parties involved in interactions with that identity, is inextricably bound up with the significance of the interactions associated with that identity
• The potential negative consequences of destructive behaviour depend on the value of the identity associated with the behaviour
• Both moderators of and participants in online interactions are naturally adept at requiring and asserting (respectively) identities of appropriate value to the normal significance of those interactions
• As online interactions become more significant, the identities associated with them will become of more value to the people asserting those identities
• Consequently, the quality of online behaviour will improve
• These mechanisms do not require oppressive and intrusive centralized arbitration of identity

The problems of Tim's article stem from the inadequacy of its model of identity: a simple binary distinction between 'anonymity' and 'true identity'. The truth is far more complex. There is a broad continuum with true anonymity at one end, an absolute concrete single identity at the other, and various degrees of pseudonymity and incomplete / multiple identities in the middle.

The cases at either end of the scale are vanishingly rare, or possibly actually impossible. It's just about impossible to be truly and absolutely anonymous in any kind of interaction; getting close to it on the Internet is a very complex engineering task (see Tor). Equally, no society has ever come very close to ensuring that everyone carries out all their interactions under a single concrete identity; the most totalitarian dictatorships tend in this direction, and do the best they can to get close to it, but it's extremely difficult to really achieve. There are too many casual interactions which it's simply impractical (not to mention extremely oppressive) to tie into a single, formally constituted, centrally administered identity. No-one's yet managed to require people to present identification cards to each other on the street (or wear them on their chests at all times), before buying a stick of gum at a store, and so on.

So almost all interactions actually take place under one of a huge range of identities we all carry around with us (occasionally on little bits of plastic, but usually in our minds) everywhere. To a local restaurant's staff I might be 'Adam'; but this isn't the same identity as the one asserted by my government identity card under the name 'Adam Williamson', which isn't the same identity as the 'AdamWill' I'm posting this under. They're all different identities, whose signifiers happen to be similar. It's possible to infer, with a high degree of probability, that these are all identities asserted by the same conscious entity, but it's a surprisingly complex process that we all manage all the time without thinking about it (see my other post for more on this).

So it is on the Internet. Thinking simplistically about 'anonymity' and 'real names' really isn't going to get us very far at all. It's much more interesting to think in terms of many different identities, which may have greater or lesser degrees of relationship to each other, and which certainly have different values both to we who assert them and others who perceive them.

None of the invective cited in Tim's article was posted anonymously - none of it at all. All of it was posted under some kind of identity. The interesting questions are about how those identities are constituted, how they are related to each other, and how we value them. The answer is that online identities are frequently perceived by those who assert them as having little value - especially ongoing value. As an example, a comment I could see on the article as I wrote the first draft of this was attributed to the identity 'DrJazz'. The person who asserts the identity 'DrJazz on this comment site' probably doesn't consider that identity as having much practical significance. It could disappear tomorrow with little consequence to that person. The perception of value in the identity is the key. This is the reason people are more polite when asserting their Facebook identities: it is not really because these identities are signified by their 'real names', although that is an imperfect understanding of the second reason cited below, but because these identities are intrinsically valuable to the people asserting them. There are two reasons for this perception of value.

First, people tend to perceive the interactions associated with their Facebook identities as important. As I argued in my other post, identities are essential to meaningful social interaction: a coherent interaction between different entitites requires that those entities assert consistent identities. It follows logically that the value of an identity and the perceived significance of the interactions associated with that identity are inextricably interrelated.

Second, the identity people assert on Facebook is closely related to, or the same as, the one they use for many offline interactions. Facebook, like email before it, for many people is used as a continuation of existing relationships: we use Facebook as a convenient way to carry on existing relationships which we consider very important. The identities we assert in these existing relationships are consequently perceived as of high value; and when we extend that interaction to the online realm with Facebook, we assert that same high value identity. Remember that the signifier associated with these identities - our 'real name' - isn't really the point. Someone might choose to go by different names in different social circles - it's unusual, but it happens - but no matter the signifier, those identities have a value defined by the importance of the interactions we carry out while asserting them. When we extend one or more of those identities to the realm of Facebook, we transfer that high value and hence the polite behaviour associated with it or them. For many people, email works much the same way, and of course the result is the same: when extending an existing, important relationship to the realm of email, we necessarily associate the pre-existing high value identity with the email address we choose. We add a new signifier to an existing, valuable identity in order to continue interactions that we value, and hence we apply the same high standards of behaviour to those interactions in the new venue. (Yes, nitpickers, I know email is inherently an insecure system and most people don't know how to securely assert an identity when using email, and you can look at things like phishing quite usefully in this context, but it's a bit of a sidetrack).

Let's compare this with the classic cases of trollish and abusive interactions. Let's take an online forum as an example. The identity we assert in an online forum is not usually an extension of, or even very closely related to, any pre-existing identity. We don't take existing interactions which we perceive as important into online forums. Usually we have no pre-existing relationship with any member of an online forum we've just joined. Even if we happen to choose a signifier that's the same as, or similar to, the signifier we use for our pre-existing, high value identities, that doesn't mean the identity we are now asserting is the same as, or closely related to, any of those identities. It's unlikely that anyone I have an existing relationship with is going to be in the community formed by a given comment thread on the Guardian website, or an online forum about headphones, or something like that. So even if I use the signifier 'AdamWill' in that comment thread or on that forum, the identity I'm asserting is not at all the identity I assert using the signifier 'Adam' when I talk to a close friend. The people I interact with in the comment thread or forum have no knowledge of or relationship to that other identity. If I do something really really evil, it would be possible for people in the forum to do some detective work and infer a relationship between these identities, but that's a pretty major step that isn't going to happen very often, and it would be problematic for them to prove it definitively, or do much with the knowledge: even if they inferred that the person asserting the identity 'AdamWill' on their forum was probably the same one who asserts the identity 'Adam Williamson' in other contexts, what can they do with this information? They probably have no knowledge of the relationships I have under the various identities signified by 'Adam Williamson'. They couldn't call my Mom or my best friend and point out my evil behaviour. Only if it was so abusive as to be illegal would it be likely that my other, more valuable identities ('Adam Williamson, friend of Joe Bloggs', for instance) could suffer some sort of consequence from the behaviour associated with the identity 'AdamWill on some random forum'.

When we look at the issue this way, several things become clear. Firstly, the 'problem' of online rage becomes less of a problem. I suggested that people act worse when they are acting under an identity that has little value to them. Usually, when we're acting under an identity that has little value, this means the context in which we are acting is itself not very valuable. To put this simply, most Internet comment threads (for instance) don't really mean very much. If we really want to achieve something concrete, we don't post it in an internet comment thread. We perceive the identities associated with most online discussion as being of little value because most online discussion is of little value, quite simply. Since the discussion is of little value, most of the rage has little in the way of practical impact. Usually, if we're interacting in a way which is of some significance, we will be acting under an identity which has value, and this is as true online as it is anywhere else. The author of this article makes his living as a journalist; to him the identity 'Tim Adams, journalist at The Guardian and The Observer' is a valuable one. Crucially, even if he had written all his journalism under a pseudonym - if Tim Adams was not the name he was born with - the value of the identity would not be much affected. He would be very unlikely to use that identity to post an abusive comment of the kind discussed in the article, because the identity has substantial intrinsic value to him; if it were to become tarnished, it would have real consequences to his ability to command respect as a writer (and to earn a living). Our perceptions of the value of our identities tend to map quite well to the actual importance of the contexts in which we assert those identities.

Secondly, when we look at the reality of online interactions, we can see that conventions have broadly evolved that map the value of online identities quite accurately to the value of their contexts. We do this quite well in practical terms even without thinking much about the theoretical background. Very few forums and comment sites allow content to be submitted with no public identity associated with it at all (what we would usually think of as 'anonymity'), and those that do tend to immediately de-value that content. You can post as 'Anonymous Coward' on Slashdot, but you get a starting value of 0 for your comment, which usually means just about no-one will read it. It's interesting how few people actually do this, as well: it seems when you give people a choice, they choose to assert an identity, because they want to exercise the value others perceive in that identity due to previous content associated with it - their reputation. The people who run the communities have discovered, through conscious thought or trial and error, that the best practice is to require an identity to be associated with submitted content; those who participate in communities seem to perceive the value of those identities - both their own, and those of other members - quite accurately.

Finally, I also think that what problem there is will be self-correcting. The process of evolving online conventions that appropriately map the value of online identities to the importance of their contexts, discussed above, will continue; there's no reason to believe it wouldn't. The value of online interactions is, I think, trending upwards. As this trend occurs, we will perceive more value in the identities associated with those interactions, and hence the quality of our behaviour in those interactions will increase. Facebook is the most obvious example of this, but there are many others. Twitter is an interesting case study: it's instructive to compare the behaviour of people who use Twitter as a venue for low-value interactions, like commenting on the posts of others they don't know, with those who use Twitter as a value for high-value interactions, in the same way they use Facebook or email. I think it's inarguable that the latter behave better than the former.

The scary thing about the school of thought typified by Tim's article is that it results in an over-problematizing of the situation and consequently falsely implies a need for unnecessarily invasive and oppressive solutions, of the 'let's have the government / Google / Facebook / all three control identity on the Internet' type. The truth is that we don't need such an invasive 'solution'. As I argued above, we're innately very good at accurately assessing the value of our various identities based on the importance of the interactions we use them for; this mechanism in itself will be enough. We can use less totalitarian and decentralized identity mechanisms, and if the interactions for which we use these identities are significant, we will value the identities, and behave appropriately. We do not need the compulsive element of external identity arbiters in order to produce good behaviour in the contexts in which it is truly needed.

While I'm dumping thoughts from CLS, Dan Allen had a great thought on boot / startup times which he mentioned while he was showing me the awesome work his team had been doing on optimizing the startup time of JBoss AS7. Quite a few people have pointed out that a startup time of a minute versus a startup time of ten seconds isn't really a big deal on something you only start maybe once a day, yet people seem to be really sensitive to it. Dan pointed out that the difference between ten seconds and a minute is the difference between you just sitting there and waiting for it, versus getting bored and starting something else. If your system takes ten seconds to boot, you press the button and wait; if it takes a minute, you press the button then go fill the time by making a coffee or something. Then you get into a conversation with the mail carrier, trip over the dog, realize your yak needs a shave...so the one minute startup time winds up being more like a three, five or even ten minute startup time. I'd never thought about it that way, but he's dead right.

Yep, as mentioned last time, I decided at CLS it was really probably time to get a twitter account. So, now I'm on Twitter as @AdamW_Fedora and Identi.ca as adamwfedora. I'll be using these just for Fedora-related stuff (hence the domain-specific account names), probably mostly QA news, so if you're into that kinda thing, feel free to add me.

Naturally, both of these accounts are really just IRC.