Authoritas: One Student's Harvard Admissions and the Founding of the Facebook Era
This book is odd. It's well written and the narrative is compelling; enough for me to read it all in one go.
The stories of inadequate ego-driven teachers and students early on in the book are relayed well. The book's exposure of incompetence, back-scratching and favoritism from supposedly upstanding academic leaders is excellent. This is a good reason to read this book, and for excellently depicting an often overlooked part of academic life, this book deserves 4 stars.
The problem is, that's not why I bought the book. I was expecting a book about the "founding of the Facebook era" as the sub-title suggests. This is certainly not a focus. From 335 pages in all, the name "Mark Zuckerberg" first appears on page 287, and any facts relating to Facebook's rise are within only the last 40 pages and are mostly tainted by disdain.
Initially the author developed a system called CriticalMass that allowed students to rate their satisfaction of different academics at Harvard. Textbook Central, a textbook trading site, followed. Another system called FAStWebmail allowed Harvard students to access their official Harvard e-mail accounts over the Web. These were eventually rolled into a system called houseSYSTEM that included some other features like course preselection and calendars.
For a few chapters after explaining how these systems were developed, the focus is on how the administration and some other students considered houseSYSTEM to be insecure and flawed, due to its pseudo-requirement to have users' official Harvard passwords (in order for the webmail function to work) and a lack of proper SSL (HTTPS) security.
In dealing with these concerns the author showed a lack of technical knowledge. He protested that only an MD-5 hash of users' passwords were stored, but if this were the case, how did his system then access the users' official e-mail accounts? The author doesn't provide a proper level of detail to make a judgment as an independent reader, and the way he portrays it may just be poor.
The author also says "Brian Wong is telling people that MD-5 generates 16-byte hashes, when it doesn't! There are 32 characters in all of them! Each ASCII character is one byte!" MD-5 generates a 16 byte hash (128 bits). That a textual hexadecimal representation of that 16 byte hash takes 32 characters does not make it a "32 byte hash."
The author has a habit of "quoting" his mental monologue, nearly all of which is negative in nature, and assuming whoever he's talking to is either an idiot or out to get him. The author's paranoia (warranted or not) permeates the last half of this book enough to make for uneasy reading. He jumps to exaggerated conclusions. Shortly after the initial security concerns, the university decides that Greenspan needs to delete the password hashes he had collected so far and "forward the list of all those whose information you have collected" in order that those students could have their passwords reset. Instead of complying with this reasonable request, the author rants about how the users table has other information like phone numbers in it and asks "What, do they want those, too?" The e-mail he quotes requested a list of people who signed up for his site, not other details. This doesn't stop the author from eventually sending the whole user table anyway!
On the SSL issue, the text implies that a self-signed certificate was used, but the author appears not to understand the identification issues with this (though those who e-mail him appear to). It's a common theme that the author, IMHO, quotes well-thought-out e-mails and refutes them poorly. He argues that a wildcard certificate would be necessary - costing some $1000, though InstantSSL had them for under $500 at the time - not realizing he could use a regular SSL certificate (under $50) for the password transfer (the parts where security really counted), and a wildcard cookie for cross sub-domain authentication beyond that.
On Facebook, he seems to feel that Zuckerberg's developments, though independent, were a rip off of his own even though Zuckerberg is constantly quoted as remaining separate. houseSYSTEM did have a "face book" feature where pictures of students were located along with their names, but this had no social networking aspect. Zuckerberg's did. Nothing the author relays gives me the impression he "founded" the "Facebook" era.
On page 302, I feel that Greenspan relays a tale of attempting to blackmail Facebook. Despite considering Zuckerburg "inarticulate and naive," he suggested that he join Facebook. When told they needed an engineer with 15 years' experience, Greenspan highlighted Facebook's problems with ConnectU (who were suing Facebook for allegedly copying their idea and stealing code) and suggested that he had "grounds to sue both of you" before suggesting that if Facebook would hire him, he'd be on their side and help the lawsuit go away.
The last 20 pages are dire. The author claims that having a full Facebook profile "would have meant I endorsed intellectual property theft" without realizing that information willingly shared is not "thieved."
Lastly, the author appears to rub most people in the book up the wrong way. Other than his closest associates and his family, almost every social interaction seems to result in the author antagonizing someone or being ignored. In many cases, he relies on his father to write e-mails and letters on his behalf (mostly unsuccessfully), rather than fight his own battles. "If Mark can get $2 billion for my ideas, I should at least be able to get a couple million!" sums up what I see as a jealous individual who, as it happens, has written a gripping and interesting book.
As good as this book is, I sense Greenspan isn't the sort of person to get over a slight easily and it saddens me that he appears restricted him from achieving all that someone with his talents could be.