Author: Rahul

A comment I wrote on a post where someone wondered if the sea was what made Bombay special:

It’s the sea. It’s the sea off the slightly rustic beaches at Aksa and Manori and Uttan, and Madh; the sea that stubbornly insists at northern Versova beach that it will not take shit, then switches mood, laps at the fringes of a competing sea of humanity at Juhu, then alternately cools and steams Khar along Carter Road, plays background to a thousand selfies an evening at Bandstand, skulks anonymously under the Sea Link, letting the structure take all the attention. As suburbia turns to City, it’s the sea that runs placidly, featurelessly along Worli Seaface so as to not distract from an art gallery’s worth of sunsets, plays hide and seek with Haji Ali’s approach road, then quite literally defines the graceful queen’s necklace, lets Bombay run a few kilometres to the south before sweeping it back up north and east, creating Apollo Bunder and Gateway and the Tajs and disappearing behind military walls, docks hosting cargo both mundane and not, north north north before finally welcoming the Ulhas river at its flamingo-festooned creek, saying to its waters No matter what you’ve seen inland it’s nothing compared to what you’re going to sweep against every day now.

This long post on the threat to the Internet’s open nature, which we take for granted, is worth every one of the twenty minutes you’ll spend reading it.

The Internet is far more centralized than it was when it began to gain widespread acceptance, with the vast amount of our communication and data routed through a handful of companies. Access to the Internet is also a lot more concentrated than one commonly thinks. Finally, as it becomes a utility, the Internet has attracted more regulation than before, not always in individuals’ favour.

Lawmakers in the United States are bent on dismantling net neutrality (which would make Internet access a lot like cable TV). China has made ‘unauthorised VPNs’ illegal. The Indian IT Act’s notorious section 66A (struck down, but not quite) has been used to arrest people who’ve done nothing more than ‘like’ a Facebook post.

It’s important we understand at a high level how access to the Internet works. It’s just important we look at how the telephone, radio and television industries – the previous dominant communication media – became highly protected oligopolies, so we can guard ourselves against the same happening to the Internet.

Personally identifiable information (name, bank account, aadhaar number among others) has been leaked a number of times from government websites (“Details of over a million Aadhaar numbers published on Jharkhand govt website“) and from companies with Aadhaar-based eKYC (“Jio users’ names, email addresses & more leaked online, but it is in denial“).

Because these departments and companies have gotten this information from the UIDAI’s Aadhaar infrastructure, calls for de-linking Aadhaar from other customer accounts grow stronger with every leak. This is barking up the wrong tree:

1. In Reliance Jio’s case, the company (likely registered as a KYC User Agency, KUA) requested data from UIDAI’s Aadhaar database by sending it the customer’s Aadhaar number. The customer then signalled his/her assent by having a fingerprint scanned and sent to UIDAI, which verified it and then sent Jio the KYC data packet. This packet has the personally identifiable information in question – name, date of birth, gender, phone, email, address and photograph – which serves as proof of identity and address, and which has since been leaked. (see Aadhaar eKYC API 2.0 specification, PDF)

I don’t see why any company that registers itself as a KUA to perform an eKYC should receive this data about the customer. UIDAI ‘knows’ the customer, and Jio (or any other company performing eKYC) trusts UIDAI. The KUA gains nothing from keeping its own copy of the data other than automatically filling in its customer profile. KYC is completely different from customer signup; data from one shouldn’t be used for another. As a customer I may want to give such entities a different phone number or email address than the one on record with UIDAI (which is likely my private, primary one).

The Authentication API (which returns a yes/no answer to prove identity) can be extended for KYC purposes: for example, whether a customer is 18 and over – to sign up for a SIM card – is also a yes/no question that UIDAI can answer. Nothing is gained by sending the KUA the exact date of birth.

2. Even if the entity receives no personally identifiable information (PII) from UIDAI, it still has the customer’s Aadhaar number, linked to a customer profile. When that data is breached, the customer’s PII and Aadhaar number are now public. Ideally, that shouldn’t be a security risk; any transaction involving Aadhaar requires either an OTP to the registered mobile number or a biometric scan as authentication. Simply showing up with an Aadhaar card is no proof of identity, nor is it meant to be – that is why the Aadhaar card is printed on simple paper and not on a smart card with a PIN – it’s laughably easy to forge an Aadhaar card because possession means nothing.

It turns out though that this isn’t widely known or understood in India. Therefore an Aadhaar card’s treated just like a driver’s license or voter ID card or PAN card: if the photograph on the card matches the holder’s, it’s taken as proof. This – a fundamental misunderstanding of how Aadhaar’s designed to work – is why such a data leak is problematic.

It is this misunderstanding we should tackle, not the linking of Aadhaar to mobile number, bank and other accounts. There are tremendous benefits to having a ubiquitous national ID that is digitally – and only digitally – verifiable – just look at how efficient Estonia’s interfaces to government are; it was the first country to design and issue such digital national cards over a decade ago. Aadhaar’s design in many ways is superior to Estonia’s (which relies on a chip and PIN card). Let’s stop making Aadhaar the bogeyman and identify and resolve the actual problems of misunderstanding and misuse.

Raising money by offering part of your equity and/or profits through ‘initial coin offerings’ is gaining momentum. Companies raised over 600 million dollars through ICOs in June alone:

Here’s a primer on this:

Such a purchase of digital tokens only has value if such a token is central to the company’s business model, else it is little more than toy currency. In other words, the company much be built on the blockchain on which this currency is issued:

This is a draft of an article I’d been invited to write for a magazine:

The experience of shopping is the best part of retail, isn’t it? Shelves of attractive packaged goods; rich photographs online; the joy of home delivery (which every e-commerce ad makes sure to include).

Retail’s least desirable part, though, is the experience of actually paying for stuff. If you’ve waited in queue while the guy ahead fumbles for change, or at the petrol pump while the attendant walks all the way to the ‘card machine’, or gotten up to fetch your credit card so you can peck sixteen digits (and an OTP!) online, you know. Clearly, there are strong incentives to make this part easier – or even get rid of it.

The Holy Grail of retail payments is elusive: (a) easy to adopt for people and retailers, (b) quicker, cheaper than cash and cards, and (c) works in-store, online, at cash-on-delivery, and between retailers & suppliers. What’s taking so long, and what can we look forward to?

Well, the Japanese have long bought from their ubiquitous vending machines by scanning a bar-code on their phones, charged to their cell bill. China’s retailers, large and small, also use QR codes in the wildly popular WeChat and Alipay apps. Sweden’s Klarna made buying online from a retailer instant, by simply having customers pay them (Klarna) later instead. Uber charges your card silently so you simply walk out of a cab at your destination. Amazon’s prototype store uses cameras and artificial intelligence to identify & bill your purchases; you just leave.

This is the stuff of magic. All of it headed here.

An exploding number of stores, kiranawallas, even toll booths in glitzy cities and tatty towns accept wallets via QR codes, especially after November’s Giant Currency Crunch. Starbucks’ India app uses a bar code linked to your prepaid card. Online cab companies (Uber, Ola) also use prepaid wallets for instant payment. Online, a handful of startups are building Klarna-like experiences (including EMIs). Bajaj Electricals & Yes Bank have trialled automating supplier payments using a blockchain, the cryptographic transaction-logging ledger, bringing payment down from four days to instantaneous – something retailers are likely to explore with their suppliers.

So. What more before you confidently shop at a store with only a phone (without being embarrassed at the register?)

A payment system spans identification (“it’s definitely me”), authorization (“it’s ok to pay this guy”), and moving money (from customer account to retailer). Elements at each step limit an elegant experience.

Take identification. Scanning a QR code is fast, but you still need a specific app, linked to a wallet, and topped up. Retailers display QR codes for multiple wallets, making accounting tedious. Customers lock up money in multiple wallets because they aren’t sure which a store (online or real-world) will take. Think Europe before the euro and way less fun.

Authorizing a card payment is an elaborate process of swiping a card, dialing the network over a land line, a PIN and two paper receipts. Wallet authorization is simple because only the amount in that wallet is at risk. But you can only topup 20,000 rupees monthly (before KYC). Barely enough for bills, fees and groceries, leave alone the good stuff. Oh, and repaying instant credit? Welcome to the nightmare that is NetBanking on a payment gateway.

Finally, moving money routinely takes a day or more, winding through card networks, intermediary accounts, end-of-day NEFT transfers and excel sheets. It works, but so does driving a bullock cart down the highway.

As it turns out, in 2016 the RBI and the National Payments Corporation (NPCI) introduced solid bank-wide standards for digital payments that rival or outdo the best in the world. Yep. For real.

UPI, a digital-only payment system that makes identifying, authorizing and instantly moving money easy, if done right. That last is a big caveat, but UPI improves so many things that banks will compete to make super-simple UPI kits for retailers and startups. It works across banks, like sending an SMS from Airtel to Idea (wallets can’t interoperate – think WhatsApp to Hike). UPI IDs can also be displayed as QR codes in-store, as buttons in-app, and even just typed into a UPI payment app – most bank apps, or Flipkart’s PhonePe, or NPCI’s BHIM (send me $$ at rahulgaitonde@ybl, people!) You authorize with a PIN set once (unlike waiting for an OTP). UPI’ll get standing instructions in a few weeks, for truly silent payments (you set limits for specific retailers though). Finally, UPI moves money via India’s Immediate Payment System, IMPS. At typically under 5 seconds, immediate is right.

Now that (1) most retailers and customers have smartphones (2) mobile data speeds have improved manifold and (3) one doesn’t need to build around hobbled payment instruments, the ecosystem is free to experiment. Wave and pay with one ID, at the register, at delivery and in-app without picking one of a dozen ways. Pay back credit automatically, without paper and signatures. Make automated, instant, paperless, trackable supplier payments.

And hey, simple payments means undiluted shopping pleasure, no? It’s going to be a fun next couple of years!

We now have a set of tools with us which blend typing and handwriting, paper and screen. It’s chaotic but quite effective.

Just in the last couple of days:
– I imported parts of a pitch deck to review, into Notability on the iPad – I screenshotted specific slides and sent them to the app, then commented on the slides using Notability’s excellent support for the Apple Pencil: annotations, circles, colors, sketches. Finally exported to PDF and emailed it.

– Today I reviewed a document sent over WhatsApp by taking notes on a paper notebook while looking at the document on my iPad (iCloud Photo Library syncs pictures pretty much instantly between the iPhone and iPad). I scanned to PDF via CamScanner and replied on the same WhatsApp thread.

– Finally, more conventionally, I’m writing this draft on pen and paper (I still prefer hand-writing first drafts). I’ll then transcribe this on the iPad, editing as I do so, and post it to WordPress from there.

It’s very liberating to be able to use both whatever is at hand OR whatever is the right tool for what you want to do – brainstorm, annotate, draft, edit – knowing that you’ll be able to publish/message whenever you want at the end of the pipe. There are many factors – technically and culturally – that have come together to make this happen. I’m thinking about this and maybe write about it.

There are some things physical you can never get used to, I heard or read someplace. You can get used to smell and to sights – the brain will soon filter them out – but you can never get used to noise. And pain.

I remember chronic pain. For a period in 2012 I had migraines twice a week for 48 hour stretches. A dose of pills for three months got rid of it, mostly, something I’ll be ever thankful to the neurologist I saw.

Noise, though, is a constant. I’ve always been sensitive to sounds but this is different. The utter pervasiveness of noise pollution in this country hit me at some point a few years ago. At home. On our streets. On the highway. In public spaces and private Day and night. Weekday or weekend. Rain or shine. Bombay or Bengal.

I am, at this moment, in my living room, subjected to trains and traffic, each honking on either side of the building, the constant rattle of passing rickshaws, a community celebration blaring from loudspeakers from the hall across the street, kids paying cricket with a plastic ball, sometimes yelling in celebration, sometimes contentiously, but always yelling. This is an average evening. A sound measurement app shows the following:

100dB, in context:

I bought a few types of earplugs and settled on one, of which I now have several pairs. I wear them at home. I wear them when out walking. I wear them in cafés. I wear them to bed. I wear them in cabs, in trains, in rickshaws.

But it’s a poor compromise. No, acquiescence. I can’t wear them when in company of course. I can’t wear them when driving. It’s dangerous to wear them on the streets because the pedestrian is at the very bottom of the safety chain. It isn’t hygienic to wear them for extended periods – nor are they comfortable for that long. And no earplugs can drown out all sound across all frequencies: from the rumble of passing trains and trucks and processions to the whine of drills to the angry screech of horns, unwelcome sound has encroached on the entire aural spectrum.

I think it has a very real and substantial impact on my quality of life in ways bith physiological and psychological. I suppose there are many studies that have shown the correlation between physically measurable stress and noise levels.

But I also feel trapped because of the realisation that there truly is no other escape than to create my own, even louder sound balloon of music or white noise, pumped directly into my ears. Knowing that the only artificial respite is in the centre of some large high end urban housing complex, dozens of meters away from the nearest public space, shielded by rows of dampening trees, which also means disengaging from all society but that which lives within this sound fortress. There is no bucolic ideal in this country that is quiet; traffic, loudspeakers and generators are as much a part of rural life as it is here.

Perhaps this seems like a #upperclassproblems rant, I having the luxury of comparing from a privileged flat in an upscale area of Bombay. But that is also my point. If those with means (earplugs, soundproof panes, AC cars with sealed windows) in some of our most expensive urban places suffer so, what do those not so fortunate go through? What is the collective Indian population, across place, across class doing to itself.

… after Steve.

Curiously enough, there was no sense of sadness. That emotion was for when he resigned as CEO. The end-of-an-era sadness.

But there was a rush of rudderlessness. Perhaps this is what Nehru felt when he said ‘the light has gone out of our lives‘.

Who will take the floppy drive out of the flagship computer in fucking 1999? Who will convince all major labels to sell their songs for never-before-imaginable 99cents? Who will no longer offer his flagship operating system on a CD/DVD? Who will refuse USB ports on any of his mobile devices? Who will refuse to display the filesystem on those mobile devices? Who will drop wired Ethernet ports on his flagship computer? Who will, in other words, in a world of obfuscation, equivocation, careful risk-free hedging, will refuse bullshit in all its forms? Who will build something he himself truly wants? Who will say ‘We can’t ship junk’ to his customers and walk that talk?

Saying no has become a rare trait today, one to be admired. Still, you could make a case that he has built Apple in his own image, one that does refuse bullshit, that does say no straight up and unapologetically.

But that’s just one half. The easier half.

Who will say ‘this is what a computer will be’ and build the Macintosh, the NeXTStation, the iMac, the Macbook Air and the iPad, say ‘this is what a phone will be’, ‘this is what a music player will be’, ‘this is how we will experience music/movies/TV/games’ and build iPhone, iPod, iTunes, say ‘this is what computer programs will be’ and inaugurate the app era?

You can’t do that by saying no. You can only do that if you’re someone who ‘does his market research by looking at himself in the mirror every morning’.

Who will do that now? And deliver?

This is the article in question. Equating the human species to pests that are, through overpopulation and overconsumption, a grave danger to their environment, the writer makes a moral case for humans to drastically reduce their own population, even make themselves extinct by ceasing to reproduce, or at least reflect on doing so, for the alternative is the destruction of not just the human species but also all life on earth.

Here is some thinking about this, including why any moral case is ultimately doomed. Originally an email to a friend:

If the problem definition is ensuring a sustainable, quality life for our species’ future generations, halting procreation temporarily is one of the many options humans have. Further down this response I’ll list a few others. There are, though, fundamental issues that will prevent us from exercising any of them meaningfully. 

I think human beings, even at their relatively advanced state of evolution, are incapable, when it comes to procreation, of rational thought, in depth, length and breadth. Let me explain.

Consider depth of thought. Assuming humans have perfect birth control, ie conceiving a baby is always a conscious choice, I would wager few if any consider whether they are themselves capable of bringing up a child. Have they figured out for themselves how to live without conflict with themselves, with others? Have they found the peace they wish their children to have? Have they understood how to live in harmony with others who are fundamentally self-interested, so that their child might too? If not, what upbringing do they provide their child beyond food, shelter, clothing? What concepts of self, of ownership, of rights, of obligations, of purpose do they instil? What response do they teach when these above are threatened? Do they teach at all or allow the child to learn on its own? If it’s a balance, where do they draw the line, for they – the parents – are themselves conditioned to protect the child and have expectations from it, imposing pretty onerous constraints on its development. But try having a rational, honest, respectful, deep discussion on this with the father (or mother) of one’ child, or its grandparents, and you’ll see how quickly you reach not just an impasse, but an actual repudiation of the necessity of considering any of these.

What of length? Of time? How far into the future do we think for ourselves, much less that plus one generation? Are we confident that the environment – in the broadest sense – that the child will live in in not five or ten years but thirty, forty years from now will be one in which he or she can thrive? What are we doing to maximize the odds before conception? And do we have any individual control over climate change, or pervasive pollution, or resource crunches (water primarily but also others)? Simply moving from say Bombay to one of the most liveable cities doesn’t solve for any of these in the long – even intermediate – term, but have we a plan to bring up our child in one of these places? 

Which brings us to the question of breadth. Our entire toolset of values and actions to ensure that our child thrives presupposes that others don’t have as effective a toolset. To complete the previous example, moving to say Copenhagen to bring up our child also carries an implicit expectation that the city won’t open its doors to all and sundry to move in. That there is a certain high bar of exclusion so that the baby, the child can grow up unsullied by the very environment you have worked so hard to escape. If the problem is one of sustainable quality of life for the species, this isn’t the right strategy, and we haven’t even gotten to morality yet. Preserving the bubble means your new homeland erects walls (hopefully ones of policy not concrete), and years later deals with the issue of underpopulation, where an increasingly small base of the young (grown-up baby now part of this!) supports the old. With calls for and incentives to have more children, couched in some form of appeal to nationality/identity but really just a call for more drones for the colony (Baby’s babies mere drones? Never. Let us look for another society to move to).

We are yet incapable of thinking as a species. We have only just (relatively speaking) reached a point where we consciously identify ourselves as such, distinct from other species. No pan-species organization (league of nations, UN), no pan-species policy (global free immigration, global free trade, global health care) has worked, or even has a shot at becoming anything more than a farce. The ideals we create and invoke – of mother/fatherland, of gods, are so abstract as to be meaningless, and are for our individual benefit, not our species’.

If we could think as a species, we’d be able to realistically consider several options for not just survival but much higher ideals. We know, have invented so many such options that could support much higher populations: vertical farms, renewable energy sources, cities two orders of magnitude larger than today, with fast, comfortable, ubiquitous public transport. Self-paced, universally distributed learning. Self-learning, self-replicating automation. And so on and on, in different spheres of human lives.

Yet we see each of these as threats, not opportunities. We artificially constrain the availability of learning so that a ‘degree’ from a particular institution has value derived primarily for its scarcity than its inherent content. We resist automation and preserve ‘jobs’. We resist renewable energy, resist moving to newly built cities (the Jing-jin-ji experiment in China or Manhattan, NYC?), we resist GM foods, resist public transport (freedom!). Many of us can see the end point (more honestly, some far-off point down an infinite path of progress as a species) that involves all of the above solutions, but we refuse to change to begin the move from this point to that, because we do not think of ourselves as a species. 

We are yet far too much a dramatically, fanatically individualistic animal for morals to have any meaning, much less any motivation.