I have finally figured out what it is that makes Frogger so difficult. It offers you a ‘weapon’ that is one of the most difficult to control of all, namely choice.

There are few games I know of, retro or modern, that have so perfected the sense of “I’ve got this.” You think, “I can make that jump,” or “I can get that bonus fly”, and before you know it the croc is dining on your frog’s legs. It is difficult because it is easy. You underestimate everything about it, the timing, the distances, the enemies. And every time bitter experience has taught you to be extra careful, the bonuses and the wide gaps and the forgiving collision masks give you a false sense of security and lure you right back into offering one of your few frogs onto the altar of your inflated ego.

I’m pretty sure early reviews mentioned this aspect of the game, but I am nothing if not stubborn, although a good second would be easily distracted and a third would be forgetful.

Frogger is one of the first video games I encountered in my life (the very first must have been Pong) and yet after forty years it still stumps me. That is quite an achievement.


ISDS is coming this way and it is disastrous

A disease going by the name of ISDS is threatening the citizens of Europe.

Its symptoms are a very strong pain in the wallet, a pain of the sort you’ve probably never felt before.

ISDS is a court of law in which companies (and only companies) can sue countries for large sums of money, even though the countries broke no law. We are talking billions here. Small countries can easily be bankrupted by ISDS. All that is required for a country to be found guilty is that some measure taken by the country is affecting the company’s bottom line.

The abbreviation ISDS stands for Investor-State Dispute Settlement. Feudal courts for robber barons, that is what ISDS really means. Courts that are an instrument for companies rather than an arbiter between two parties.

Imagine that you go to school and every day a much older bully beats you up and takes your lunch money. Sometimes you get lucky and the head master catches the bully. In this analogy, ISDS is when the head master hates you and the head master is actually the parent of the bully and only believes their story.

Here is a real life example. The sovereign and presumably democratic country of Australia recently committed to ISDS. In 2011 Australia proposed to implement its Tobacco Plain Packaging bill. This bill makes it obligatory to sell cigarettes in packages from which almost all brand information has been stripped. This is I guess because tobacco kills people and Australia wants to make smoking seem less attractive.

In April 2011 tobacco manufacturer Philip Morris started an ISDS procedure against Australia. The company argued that since it no longer could brand its cigarette packages clearly, the law would cost them money. They told the Australian government to kill or amend its law. Their extortion letter (if anyone has a better word, please let me know) claimed that they would lose billions of dollars if the law were to pass. (At the time of writing one Australian dollar is worth slightly less than an American one.)

That year Australia passed its Tobacco Plain Packaging law which went into effect on January 2012. In November 2011 Philip Morris started the second phase of its procedure, telling Australia one last time to revoke its law or suffer the consequences. Again the ‘damage’ to Philip Morris was claimed to be ‘an amount to be qualified but of the order of billions of Australian dollars’.

In 2012, 2013 and 2014 the ISDS court has been setting up and outlining the way the proceedings would go. As is the case when you let multi-nationals write your laws for you, vast parts of the proceedings are off limits to the public. The document for instance in which Philip Morris tells the court how much money it wants (the so-called Statement of Claim) is a secret.

It probably doesn’t come as a surprise that Australia now wants to get rid of its ISDS agreements.

It’s clear why multi-nationals want ISDS. It’s not at all clear why politicians want ISDS, but they do ever so much. When politicians aren’t wringing their hands while whining about how little voters understand them, they’re walking around with rock hard erections (men and women alike) while thinking of ISDS.

ISDS is a fairly new phenomenon. In a 2013 overview published by UNCTAD (PDF) you can see how the world has gone from 0 cases in 1992 to dozens per year now. In 2012 alone there were nine wins for the multi-nationals who managed to steal over 2 billion dollars from the public. These are the damages awarded, the number excludes compound interest and I cannot be bothered to figure out who payed for the proceedings, although that doesn’t seem hard to guess.

Is there anything we can do about ISDS? It seems very unlikely. If the state wants complete sovereignty except where multi-nationals are concerned, something is very rotten with the way the state works. Puttering around the edges isn’t going to help much.

Meanwhile I’m not too bad. It is the people that always say politics don’t interest them that will get hit the worst. Cynical this may be, but I will allow myself a little wry smile when ISDS comes to these shores wrapped in secret trade agreements such as TTIP, CETA or TiSA.

Default browser cookie settings in 2014

(TL/DR? Skip to results.)

Yesterday I wrote that even though social networks currently combine targeted advertising and private user data collection, doing them both is not a requirement for running a profitable social network. The networks can just focus on the former, that is focus on the harvesting and selling of user data, and dispose of the advertising part altogether.

Having the social network and the ad network on the same domain (for example does make things slightly easier for the social network operator, because users may have switched off so-called third party cookies which are stored and read from a different domain (for example

The reason why the average user would block third-party cookies is because these cookies are almost exclusively abused for tracking users behind their backs.

How much of a problem is it to advertisers that users block third-party cookies? Not much. Users are typically reluctant to tinker with browser settings, therefore it depends on the web browser makers and the sensible defaults they choose whether an aspiring social network can plant cookies that another domain may read.

I decided to look into the defaults of modern web browsers, but could not find much information.

Here are some data points:

That leaves some browsers unexplored. Since checking the browsers on my computer was probably going to be easier than Googling anyway, I decided to take that route.

Table: default cookie settings for some web browsers in 2014.
Browser + version Operating system Default cookie setting
Google Chrome 37 Microsoft Windows Allow (all?) cookies
Microsoft Internet Explorer 11 Microsoft Windows Allow some third-party cookies
Mozilla Firefox 32 Microsoft Windows Allow third-party cookies
Apple Safari Apple iOS 7 Allow local cookies?
Android browser Google Android 4.0 Allow (all?) cookies?

As you can see the answers are ambiguous at times and don’t square with the results I linked to, but it would appear that currently most web browser will let sites track you across domains using third-party cookies.

A note about methodology. This was a quick study to find out what the default cookie settings are. For that, I needed to restore browser defaults and that was not always possible. The mobile devices (iOS and Android) had no way to restore settings to a default so I had to assume that these were the default settings.

I do tinker with my desktop browsers but I rarely do so with my mobile devices, so it’s a reasonable guess that the aforementioned settings are the default ones, I just cannot be absolutely sure.

Another problem was that browser manufacturers use different settings, different terminology and sometimes translations which can make it hard to find out which is which.

Most browsers speak of ‘allowing’ cookies, iOS Safari speaks of blocking them.

The reason I report Chrome’s default as “allow (all?) cookies” rather than “allow all cookies” is because I don’t know if “indirecte cookies” is their Dutch translation of “third-party cookies”. If it is, you can remove the question mark and conclude that Chrome allows all cookies by default.

Internet Explorer has a return-to-default button just for privacy settings, which is much appreciated, and a number of sensible settings collections. Unfortunately the explanation of what these settings mean is rather opaque. For instance I don’t know what are “cookies that can be used to contact you”.

Firefox’ default is also a ‘sensible’ setting which tells you only in the most general terms what it does, namely that the browser “will remember your browsing, download, form and search history, and keep cookies from websites you visit”.

You can choose to use custom settings and if the defaults for these settings can be assumed to be the same as the ‘sensible’ settings, then their third-party policy is clear if perhaps not sensible: “Accept third-party cookies? Always.”

Safari lets you choose to block cookies: “Always”, “From third parties and advertisers” and “Never”. I assume “and advertisers” is not a separate category from “third parties” and was just inserted to make it clear that these are tracking cookies, but again, that’s just an assumption.

The Android Browser’s setting is the least complicated of all, you can choose Cookies or No cookies, and if you choose the latter I assume most of the useful services on the web become off limits to you. But are there really people who bank online using their smart phone and an operating system made by Google?

If browsers all blocked third-party cookies, you still wouldn’t be safe though. For one thing, what we generally understand as cookies, small bits of data that are written and read using two standard Javascript functions, only make up a small part of all the different types of tracking technologies there are.

Ello doesn’t need to sell ads and here’s why

The latest Facebook-killer in a long line of Facebook-killers has arrived and its name is Ello.

Ello is—like Facebook—a social network, and the reason why it probably won’t kill Facebook is that it’s got pretty much the same value proposition. If it poses a threat, all Facebook has to do is become a little more Ello-like.

Facebook will die in the end but only because that is how these things go. The current threat to Facebook, as people tell me, is Twitter. Unlike Facebook’s users, Twitter users don’t share a space with their parents. That’s a feature Facebook may be able to tweak on a technological level, but perhaps not on an emotional one.

Ello’s main attraction is that it allows users (for now) to use pseudonyms, allowing people with multiple personae to use the one that fits their role in society best. Facebook on the other hand forces you to use the name on your passport.

Ello is also ad free.

The site claims that it ‘will always remain an “ad-free network.”‘ (Business Insider)

And: “We set out to prove that a social network will survive and thrive that doesn’t have a business model of selling ads to its users,” says CEO and co-founder Paul Budnitz. (IPR)

I want to talk about the no-advertising model for a bit. The articles I’ve read so far seem to suggest that people are tired of being treated like a product and they understand that ads play some sort of key role in this process. The process is understood to work as follows. Facebook sells or gives user data to advertisers who customize their ads to fit Facebook users. The advertisers then sell those advertisements to Facebook to place on the users’ pages.

Since Ello doesn’t do ads, it is assumed that the users are spared from these practices and that users’ privacy is kept intact.

I don’t see how that follows.

In the model above Facebook is both the provider of user data and the manager of the ad network. That is to say, they both own the user data and the advertising space.

There is no reason however why these two should be connected. Ello could easily set itself up as a provider of user data.

How that works is how privacy-busting online advertising has always worked. The owner of the user space places user tracking technology (also called: a cookie) on the computer of the user. It then tells the owner of the advertising space (this could be any website) everything about the user and its cookie. The advertiser reads the cookie and asks Ello or Facebook: “what can you tell me about the person that has this cookie” and adapts its advertisement to the answer.

Whether that is going to happen with Ello remains to be seen. At the moment places four tracking cookies in my browser even though I am not logged in. That’s three more than say a fresh WordPress install. (WordPress places a cookie called wordpress_test_cookie on login screens in order to check whether it needs to work with Javascript or needs to fall back to another tracking technology. This in turn is so that when you log in, it doesn’t need to keep asking you for your password every time you go to another page. The European anti-cookie directive defines this as a permissible cookie necessary for the proper functioning of the website.)

Food for thought: Ello is currently not making money, that is I doubt it is. The site is probably haemorrhaging money and its backers will soon want to see something more than just losses.