If you suffer from any of the above, or any pain at all, and haven’t come across the writings of Dr. Jolie Bookspan, I recommend highly you take a look.

She just put something I wanted to get off my chest on her blog at Healthline.

For somebody with an engineering background like me, I understand and totally relate to her particular view on how to fix pain. As I wrote there, it’s working better for me than anything else ever, and apparently I’m not the only one.

Her blog is very worthwhile to read, and her books should be required reading for all physical therapists, chiropractors, or anybody who has ever taken or prescribed a pain killer. Sadly, they are not. (They are also often very funny, in the "why didn’t I think myself that that kind of conventional wisdom simply has to be wrong" kind of category.)

She also has one of the most impressive resumes that I’ve ever come across.

If you have any kind of pain, I virtually guarantee you will be glad to have spent a bit a time on this.

[Additions in red in response to Bavo's comments.]

Should have guessed that Phriend Phishing was first going to happen to somebody famous.

Now, how could that have been prevented?

What if:

• Twitter adopted OpenID as the only way of authenticating.
• Twitter showed the authenticated OpenID identifier instead of a (possibly made up) user handle on all tweets.
• Kanye West would have used his official website URL as his OpenID.
• Ergo, everybody could follow the OpenID to determine whether any phriend phishing is going on or not if it is clear to the user that the chosen OpenID URL represented the official site of Kanye West.

I admit that scenario is not entirely viable yet. For example, users are not familiar and comfortable enough yet with OpenID that a major-volume site like Twitter could switch to OpenID-only. But it’s close, and that’s the kind of adoption barriers that we need to work on over the next 12-18 months in the OpenID community.

Bavo points that that by itself, the OpenID identifier is no more authoritative than any arbitrarily chosen user name on Twitter. I agree. However, by establishing the link between Kayne’s website and the Twitter account via OpenID, it would be cryptographically proven that the website owner owns the particular Twitter account, which reduces the attack surface for Phriend Phishing by half. That is not too shabby and unobtainable by any other means that I’m aware of that works on the web. That was intended to be my point with this post. In case of famous people with fans, like here, the types of people who will follow their idol on Twitter are very very likely to know their authoritative website, so this would work very well.

For completeness: this scenario also requires trust that the relying party (here: Twitter) isn’t hostile, has implemented OpenID correctly, and communicated clearly in their user interface that the OpenID has been verified. That would be a reasonable assumption in case of Twitter. Now we just need them to implement OpenID

Deducted meticulously, and hard to disagree with, he finds:

The popularity of a social networking site will be in inverse proportion to the goodness of its privacy controls.

Time to be depressed, or time to get on with the show?