When Danish craft brewer Mikkeller decided to open a Copenhagen brewpub in conjunction with Indiana brewer 3 Floyds, the company quickly decided to look for a location in Kødbyen, the city's historic meatpacking district.

"There was no doubt in Mikkeller's mind that this was the area," says Kamilla Hannibal, event and communication manager for the recently opened brewpub, which serves beer and American-style barbecue under the name WarPigs. "For this place, it was quite a natural choice because of its location, but also because of its reputation."

Mixing Business With Pleasure
Not that long ago, Kødbyen was an isolated hub of industrial-scale butcher shops, slaughterhouses, and food wholesalers, seldom visited by residents without some sort of ties to the industry. But the neighborhood has recently seen an influx of trendy art galleries, co-working spaces, bars and restaurants. Tourists are increasingly drawn to the area to visit businesses like Tommi's Burger Joint, a kind of Icelandic answer to Shake Shack, and Jolene, a dance club named after the Dolly Parton song.

As some traditional butchers and meatpackers have migrated outside of the city, the transformation of the neighborhood has drawn natural comparisons to the now uber-chic Meatpacking District on Manhattan's West Side, where landmark status preserved many old buildings but not the old businesses.

"Greenwich Village had been a fashionable district for some time, but the [adjacent] Meatpacking District was not, until about 15 years ago," says Andrew Berman, executive director of the Greenwich Village Society for Historic Preservation.

Berman's group successfully pushed for official designation of the Gansevoort Market Historic District, which since 2003 has granted landmark status to much of the area's central core, limiting the scale of new construction and preserving hundreds of historic buildings.

Before that time, Manhattan's Meatpacking District was essentially off most New Yorkers' radar. Similarly, Kødbyen "was not part of the mental map of an average citizen in Copenhagen," says architect Serban Cornea, a partner in the firm Mutopia, which was commissioned by Copenhagen's municipal government—which owns the district's real estate, leasing it to businesses—to help plan Kødbyen's future.

Mutopia and city officials worked to balance the needs of the traditional businesses—which need places to drive and park delivery trucks through the neighborhood—and new businesses, which were reliant on safe walkways and bicycle routes as well as areas for outdoor dining. For reference, Cornea says they looked at transformed historic quarters in cities around the world, including New York's Meatpacking District.

Where's the Beef?
New York's Meatpacking preservation effort focused on the architectural details of the historic neighborhood, some of which dates to the mid-19th century. "The key to the Meatpacking District is that it preserves the old cobblestone streets and some of the key older buildings, but allows them to be renewed and reinvigorated," says Mitchell Moss, a professor of urban policy and planning at New York University and an expert on New York City development. "The greatest success was the conversion of the Western Beef store to the Apple Store," says Moss, referring to a landmarked building on West 14th Street that once housed a discount wholesale and retail supermarket before being renovated to sell iPhones and Macs.

A former Nabisco plant now hosts mostly upscale food and retail vendors as Chelsea Market, and shoppers can dine on macarons, gelato, and Thai curry at Gansevoort Market, once a bustling wholesale meat market.

New construction associated with the Meatpacking District, like the chic Gansevoort and Standard hotels and the soon-to-open new home of the Whitney Museum of American Art, has been restricted to areas outside of the landmarked area, especially along Ninth and Tenth avenues and the High Line elevated park. "Outside of the designated [historic] district but still within the neighborhood there's been some pretty dramatic changes," says Berman.

There's regret over the migration of long-standing meat and produce businesses from the Meatpacking District as well as other downtown neighborhoods. "At one time we had cheese and eggs down at Washington Street, and we had meat down at Gansevoort," says Moss, noting that over time the vendors all moved to the Hunts Point area of the South Bronx. This was thanks to the advent of refrigerated trucking, which meant it wasn't necessary to slaughter and butcher animals close to where they would be consumed.

To Berman, relying on trucking is a loss for the city in terms of environmental considerations—meat and other goods now have to be transported from the Bronx through Manhattan—and in terms of economic diversity. "Certainly we would have liked to have kept many more of the meatpacking businesses there or have more market-related uses there," he says. "So much of Manhattan has skewed to the high end of the socioeconomic spectrum and towards jobs that are either very high-end jobs or service industry jobs that serve people at the high end."

But New York's preservationists and planners are limited to working with the city's zoning code, and, in a developer-driven real estate economy, that's ultimately a blunt instrument, says Berman. The area is generally zoned for light industrial use, which allows everything from actual meatpacking to high-end office space, he says. "Hotels, offices, and things like meatpacking plants are all the same category of use under the city's zoning regulations, so you can't allow one without allowing the other in a district like this."

There Will Be Blood
Officials in Copenhagen have taken a different approach to the renaissance of their city's old meatpacking quarter. While visitors to the New York district's boutiques and nightclubs would be unlikely to stumble upon a functioning abattoir, Copenhagen has taken pains to make sure Kødbyen still has room not only for its distinctive pre-war buildings but also for its traditional businesses.

"In the morning, you see butchers in white coats with blood on their hands walking around the streets of the meatpacking district," says Jakob Munk, a partner and brand director at Kødbyen's Butchers and Bicycles, a bike maker based in what was a 19th-century stable turned falafel factory. "During the day, the people in the meatpacking district slowly change from butchers in white suits to hipsters with beards and hats on their bikes."

Mutopia's plan, first released in 2007, came to be known as the "K-plan," both for the neighborhood's initial and the shape of the transportation routes through the area. The plan carefully considers parking and traffic for both businesses and pedestrians.

"What we did was a number of different things to organize time slots for the parking of the big trucks, the big vehicles, and using the in-between time slots which were available to organize and support the implementation of temporary activities within these areas," says Cornea. "Part of the heavy traffic has been moved from a strategic area, which is the probably the most interesting in terms of sun exposure, to make the space available for cafes and outdoor life."

As in New York, the city also set rules for preserving the interiors and exteriors of buildings in the area, particularly in the White Meat District, about 12 acres of glistening 1930s-modern structures seen as part of the city's cultural legacy.

"There's still a lot of restrictions on what you can build and what you can change, since they want to preserve that look," says Hannibal, explaining WarPigs will be in a former butchery in the White Meat District. "We still have the hooks in the ceiling where the carcasses used to hang from the ceiling, and all the walls are proper butchers' walls that are easy to wipe."

Butchers and Bicycles also made few changes to the space it took over in 2013, says Munk—besides spending about 12 hours power-washing years of caked-on fry oil off the walls. "It was kind of messed up in a way that only a falafel factory can be messed up," he says. The newly degreased tile walls and historic architecture help attract visitors to the space, and the diverse environment keeps the company's bike designers inspired, says Munk. "It influences our creativity," he says. "It gives us a lot of energy to come down to our really cool showroom, and it's also a workshop."

Munk was happy to see a nearby longstanding food wholesaler sign a new 15-year lease.

The new district plan would add some new mixed-use retail, office, and residential buildings to less-dense parts of the neighborhood and add roof gardens to some of the existing structures. A second phase of Mutopia's plan, called Kødbyen 2025, was released in 2013 to plan for the neighborhood's continued evolution.

Longer-term planning is more feasible in Copenhagen thanks to greater city government control, whereas market-driven New York is characterized by relatively rapid changes in its urban environment. "I think anyone who says they can predict what New York would be like in 10 or 15 years is kidding themselves," says Berman. For example, the Whitney Museum's relocation to the Meatpacking District from the Upper East Side is a move that no one would have predicted 20 years ago.

As the landlord in Kødbyen, the city can take a more hands-on approach to shaping its meatpacking neighborhood into the ideal mix of business and pleasure, but don't expect it to happen in a New York minute. Comparing her home to New York, WarPigs' Kamilla Hannibal admitted, "Everything moves incredibly slow in Copenhagen."

A lawyers' group called this week for greater oversight of a program giving law enforcement officials access to metadata from private communications for criminal investigations and national security purposes.

But while the recommendations from the National Association of Criminal Defense Lawyers (NACDL) ring familiar from recent debates over warrantless surveillance of email and phone records, the program in question traces back to long before the Internet and even before the modern telephone network.

Recent revelations that the U.S. Postal Service photographs the front and back of all mail sent through the U.S., ostensibly for sorting purposes, has brought new scrutiny to an obscure surveillance program run by its law enforcement division, the Postal Inspection Service.

The program lets state or federal law enforcement agencies request what's called a "mail cover," giving them access to address information from envelopes and packages sent or received by people targeted in criminal investigations, without a search warrant. Because a mail cover involves reading only information on the outside of the envelope or package that could be seen by any observer, courts have not ruled it a violation of the Fourth Amendment. But that hasn't stilled concerns about privacy and abuse.

"If your mail's gonna be monitored—every single thing you send and receive—I would certainly feel that my privacy has been violated," Steven R. Morrison, an assistant professor of law at the University of North Dakota who wrote the report for the NACDL, told Fast Company.

In 2013, an internal audit found, the Postal Service approved nearly 50,000 requests, through a process with "insufficient controls" to prevent abuse. About 20% of the requests from outside law-enforcement agencies were not approved by authorized personnel, the report said, and 13% were either unjustified or not correctly documented.

A related initiative called the Mail Isolation Control and Tracking Program, which the Postal Service says has been used only in a handful of cases where poisoned or contaminated mail was found in the system, was launched after the anthrax attacks in 2001, which killed five people including two postal workers. But the mail cover program predates it by over a century.

"The mail cover has been in use, in some form, since the 1800s," Chief Postal Inspector Guy J. Cottrell told Congress in November. The program targets a range of criminal activity including fraud, pornography, and terrorism, but, he said, "today, the most common use of this tool is related to investigations to rid the mail of illegal drugs and illegal drug proceeds."

A New Legal Theory Around Privacy

Historically, the rules around mail covers have been much more lenient than around opening mail, which generally requires a warrant, since it's assumed there's inherently less privacy in what's written on the outside of an envelope than what's sealed within. But the NACDL report suggests the long-established program might raise a very modern concern, if the postal metadata, possibly combined with other data, can be used to build a sophisticated portrait of a suspect's day-to-day communications.

"Mail covers are virtually explicitly meant to create a mosaic," according to the report, referring to a recent legal theory that government surveillance efforts should be scrutinized, under the Constitution, not just as individual steps—like looking at the address on a letter or recording who called whom—but in aggregate, especially since technology can make it substantially easier to gather huge swaths of data in each of those steps.

The thinking, say advocates of the theory, is that long-term surveillance of ostensibly public information, like letters mailed or places visited, is more intrusive than a single glance over the shoulder at the post office or a few hours of tailing on the highway.

Under current postal regulations, the Postal Inspection Service is only allowed to authorize mail covers when agencies have "reasonable grounds" to believe it's necessary for ongoing investigations. But, privacy advocates say, leaving that decision in the hands of postal inspectors, rather than the courts, leaves out an important safeguard.

"It should be the same thing as any other surveillance—get a warrant," said security researcher Bruce Schneier. "You should not be allowed to surveil somebody without going to a judge and saying, 'This is why I want to violate his privacy.'"

Stamps And Rubber Stamps

An audit report issued last May by the Postal Service's Office of the Inspector General found the Inspection Service, which fulfilled about 49,000 such requests in its 2013 fiscal year, frequently didn't follow the existing guidelines designed to preserve the privacy of Americans' mail. Some mail covers were authorized by officials who legally didn't have the authority to sign off, and about 13% of the audited mail covers lacked documentation showing they were justified under the "reasonable grounds" standard.

Of about 6,000 requests received from outside agencies in that year, the Inspection Service rejected only 10, the OIG's Deputy Inspector General Tammy Whitcomb told Congress in November. The vast majority of requests apparently originate with the Postal Inspection Service itself, though it's not immediately clear how many involve joint investigations with other agencies.

"Insufficient controls over the mail covers program could hinder the Postal Inspection Service's ability to conduct effective investigations, lead to public concerns over privacy of mail, and harm the Postal Service's brand," the audit report warned.

Privacy of mail is indeed a concern for the NACDL, which said in its report that the modern guidelines only came about in the 1970s, after the Federal Bureau of Investigation and other agencies were alleged to have abused the mail cover process to track purported subversives.

In one case, the group said, a 15-year-old girl became the subject of an FBI investigation after writing to a political organization that was the subject of a mail cover for alleged subversive activities. The girl was simply asking the group about its positions and policies as part of a homework assignment, and had actually intended to send the questionnaire to another organization with a similar name, according to court records cited by the NACDL.

"As a result of these abuses, mail cover regulations were promulgated in 1975, and now appear [in the Federal Register]," according to the NACDL report. "Based on concerns about the vagueness and overbreadth of authorizing mail covers for 'national security,' the regulations were amended in 1979 to include a more precise definition of that term."

In a more recent case, Phoenix-area politician Mary Rose Wilcox secured a nearly $1 million settlement last year from Arizona's Maricopa County, over what she said was a trumped-up corruption investigation launched by Joe Arpaio, the county's controversial sheriff, with whom she had frequent disagreements while on the county Board of Supervisors. Among the investigative tactics used by the sheriff's office was a mail cover tracking Wilcox's correspondence, according to the NACDL report. That led the sheriff to obtain search warrants for the banking information of two restaurants Wilcox and her husband owned. After he raided a company that hired Wilcox to provide concessions at the local airport, she lost the contract.

The Metadata Of Snail Mail

After the initial audit report was released, the Postal Inspection Service said it had taken steps to review its own procedures and ensure compliance with existing regulations. And while a 2013 report in The New York Times suggested mail images generated for automated sorting could also be used for surveillance—the kind of long-term, aggregate scrutiny adherents of the mosaic theory envision—the Inspection Service denies that they're regularly used for surveillance.

They can however be requested by law enforcement, and the Postal Service has acknowledged they've been used in certain cases, including one in which ricin-laced mail was addressed to President Barack Obama and then-New York Mayor Michael Bloomberg.

"Those images reside locally at the processing plant," Chief Postal Inspector Cottrell said in Congressional testimony. "They are not stored in a database, nor do they reside in a format that allows them to be mined or analyzed electronically." The postmaster general told the Associated Press that photographs of the front of envelopes and packages are stored on machines for periods of up to 30 days before they are destroyed.

Still, the very act of saving the images—regardless of how they're currently used—has drawn the suspicion of privacy advocates from multiple sides of the political spectrum.

"If they're saving it, they're surveilling—you don't need to save it to route mail," Schneier said. "You possibly need to OCR the address, print the bar code on the bottom of the level, and you're done.

The NACDL argues the existing mail cover standards should be tightened further. Postal Inspection Service officials should be explicitly required to conclude that surveillance requests are necessary and to "record and maintain the articulable facts and reasons the supporting evidence is reliable," not just rely on the word of outside agencies. If the evidence is later found not to be enough to justify a mail cover, courts shouldn't allow the postal metadata into evidence, the NACDL suggests.

The report also called for some sort of internal review system to help protect against potential abuses, something the NACDL acknowledges has also been suggested for digital surveillance.

"Much like current proposals to have a privacy advocate in Foreign Intelligence Surveillance Courts to challenge what have been viewed as one-sided, rubber-stamping procedures to obtain surveillance orders in the national security context, mail cover procedures should be subject to similar internal controls," the lawyers' report said.

Recently, a pair of artists in New York put forward an unusual plan for teaching middle school students about the Internet: specifically, by teaching them how to get off it and build their own.

The plan will combine two series of lessons: one on building a social network, and the other dedicated to constructing a private Wi-Fi network, or "darknet," in the classroom, disconnected from the Internet at large. In the process, write Joanne McNeil and Dan Phiffer in their proposal, students will learn important concepts about how the Internet works. Last week the project, called "OurNet," was awarded a $35,000 grant from a MacArthur Foundation digital learning initiative.

Unlike the physical networks of Time Warner and Verizon or the virtual networks of Facebook and Instagram, however, the networks they and their students build will be noncommercial, and limited to people in their Wi-Fi range. That's not just a way to simplify the lesson: It's a deliberate choice to help students think about alternatives to corporate Internet providers and platforms built around advertising and tracking.

"This is an opportunity for the students to see what kind of middlemen they don't need to connect—the idea that you can socialize with people without going on Facebook, or the idea that you can actually have a network that's not through an ISP," says McNeil.

The OurNet networks are part of a growing movement that aims to consider and build alternative digital networks. Using affordable, off-the-shelf hardware and open-source software, hundreds of communities around the world are assembling small, independent, nonprofit wireless networks, often organized as so-called "mesh networks" for their weblike, decentralized design, in which each node—a phone, for instance, or a sophisticated wireless router—relays the connection onwards to the next node. OurNet's darknet, with its one central classroom router, will have a simpler structure, though it shares the mesh networks' philosophy of decentralization.

For years, independent mesh networks have been used in places like Berlin, Athens, and Barcelona to help expand Internet access across neighborhoods that lack it, but they have also gained attention for their usefulness in more extreme circumstances. Various mesh networks have been deployed to build independent communication networks at Occupy Wall Street and at Hong Kong's Occupy Central, for instance, and the State Department has helped to fund their installation in Detroitand Tunisia. They've also been used to improve communications after disasters to replace severed communications links.

One network in Red Hook, Brooklyn, built by activists as a way to help the neighborhood stay connected and get emergency updates after superstorm Sandy struck New York in 2012, and supported by the New America Foundation's Open Technology Institute, was selected last week to be part of the city's new resiliency initiative.

While mesh networks still pose a number of technical challenges, communities around the U.S. are slowly assembling their own meshes as a way to provide alternatives to ISPs, spread Internet access across neighborhoods, or just experiment with the boundaries of the existing network.

The concept of localized wireless networks goes back at least to the 1970s, when University of Hawaii researchers built ALOHANet, connecting computers across the Hawaiian islands. In a "mesh," instead of relying on a central network, users wirelessly transmit information directly between each other, relaying messages across a network of computers whose connections are chained together.

As inspiration for their private anonymous social network, Phiffer and McNeil cite writer and programmer Paul Ford's deliberately retro but still Internet-accessible Tilde.club network, as well as various other networks built around shared interests, limited geographical areas, and often, anonymity.

"The internet once provided users the space to share their ideas without prejudice against their age, race, gender, sexual orientation, or other aspects of their identity," Phiffer and McNeil wrote. "These workshops offer the opportunity to experience what the Internet used to be like, and could be like again—as an open forum for many people to share their ideas."

Phiffer knows these platforms well. In 2011, he built Occupy.here, an open source software toolkit that turns off-the-shelf Wi-Fi routers into wireless servers for community forums that are limited, by design, to those within reach of the signal. It's a portable network, with one central node, often trading in data directly relevant to its physical location.

The project took its name from Occupy Wall Street, when Phiffer first deployed routers equipped with the forum software for use as a digital bulletin board during the original 2011 demonstrations in Manhattan's Zuccotti Park. A few routers equipped with the software—each hosting their own independent forum available to anyone who connects to them—are still active across the city.

"I kind of felt like it was more useful after the park, potentially, as a way to create alternate spaces where people could come and go and leave messages," says Phiffer, who also works as a developer at The New Yorker. "The one that was in the park was always competing with other things that people were doing in the park."

You're The Network

Sarah Grant, a Brooklyn-based artist and programmer, imagined an interesting sociological use for a wireless mesh network. If deployed in a place like a coffee shop, she thought, a local network might be a more comfortable forum for strangers to communicate than, say, speaking face-to-face.

That hypothesis seemed to pan out during Grant's 2012 residency at the art and technology center Eyebeam, when she debuted Subnodes, an open source project that turns the under-$50, credit-card-sized Raspberry Pi computer into a Wi-Fi router equipped with its own local web server and chat room. "Obviously people thought it was fun," she says. "It also gave people a space to kind of talk about the work really candidly—what they liked, what they didn't like—maybe just a way for people to more openly express their feelings about what's in front of them while also just having fun and goofing off."

Subnodes could help artists set up local digital art galleries, or help activists or events organizers set up local, short-term message boards without having to work with big ISPs like Comcast or Time Warner Cable. "They could set up a network in a place that wouldn't normally have connectivity, like a subway, or in a park, or really anywhere, because you're the source of the network: you're the server," she says. "To me, that was really interesting and empowering."

Nearby Raspberry Pis running Grant's software can also connect with one another through a popular mesh networking protocol called BATMAN.

Grant took some inspiration from the pre-Web, dial-up bulletin-board systems that connected computer users in the 1980s and early '90s. Since long distance calls were expensive at the time, users generally connected to BBS's in their own areas, meaning each local server developed its own culture, she says.

Local BBS servers weren't entirely disconnected from one another—a complex network called FidoNet would slowly transfer email from server to server through late-night modem calls scheduled to minimize long-distance calling charges—but BBS's were ultimately eclipsed by national networks like AOL and CompuServe, and by the global Internet itself.

Mesh Networks' Uphill Climb

For modern-day community networks that grow beyond a single wireless router and the phones and laptops that connect to it, organizers face similar challenges in gaining the interest of the public and network infrastructure challenges, not unlike those that would be seen by a commercial ISP.

In New York, a previously somewhat dormant effort that was revitalized last year, NYC Mesh, hopes to eventually blanket the city in a mesh Wi-Fi network that could share community information in the event of a disaster, or let its users reach the Internet through mesh-connected gateway computers when their own connections are down. It has about 20 publicly accessible access points, including in a bar and a video-game store in the East Village, says Brian Hall, a volunteer contributor to the project.

"My personal interest was sort of a dissatisfaction with the monopoly by cable companies and other Internet service providers to consumers," says Kurt Snieckus, an engineer who worked on NYC Mesh before moving to Chicago last year. "I saw a mesh network as a sort of way to create a more competitive or another option to having Internet service for the consumer public."

To add to the network, volunteers can either use a powerful $90 router that can communicate with other nodes within about a mile's range, provided they establish a a line-of-sight connection to other routers, or a $22 router with a few buildings' range—about the same as a home router. The more routers that join the network and expand its coverage, the more useful it is to the average person, providing a backup connection to the Internet and access to local information stored on the network itself at https://nycmesh.net/, Hall says. (To get started building a mesh with Cjdns, the protocol used by NYC Mesh, see the Project Meshnet wiki.)

And yet, while the decentralized, ad hoc network architecture appeals philosophically to tech-savvy users fed up with monopolistic ISPs, nobody's found a way to make mesh networks work easily and efficiently enough to replace home Internet connections. Built more for resiliency than for speed, each participating router must continuously search for the best paths to far-flung machines. For now, that makes them of limited interest to many ordinary consumers who simply want to check their email and watch movies.

"The density of a mesh network adds reliability—somebody comes in and out of the network, the routing table updates itself, and you can still get messages from one place to another," explains Jeff Lunt, a developer who works on a mesh in Chicago, ChicagoMeshNet. But keeping track of those routes can get messy. "[With] so many redundant connections, the bandwidth can start to get saturated just with routing table traffic."

That is, while the mesh network architecture works well for sending small bits of data from one loosely connected set of computers to another—like disaster relief information or other short messages—it is less useful for holding data for far-flung machines until a path can be found. Mesh networks can quickly get too saturated with data too quickly send a large file, or reliably maintain a connection to a streaming media service. "If you were trying to watch Netflix on a mesh network because you're trying to use it for Internet service, that's not going to work," says Snieckus.

Participants in the effort say the group has been somewhat divided between those more interested in building an emergency-ready network for transmitting local information and those interested in building an alternative to ISPs. This, according to Snieckus, "was one of the biggest stumbling blocks we had."

A lack of funds has also slowed progress, Hall says. "If we got the money, the first thing we'd do is hire someone full time to help us out."

There's also some difficulty in connecting nodes operated by far-flung volunteers across the city. "Today someone said he wants to set up a node in Staten Island, and he could he do that, but it might be a while before we reach that far, so it would just be isolated."

Scaling Up

To address some of the technical challenges of distributing data across a mesh, Lunt's project in Chicago has transitioned to more of a traditional ISP-style hub-and-spoke model network, making the matter of routing data much simpler.

By offering a Virtual Private Network service that lets users access ChicagoMeshNet-specific services like chat and message boards via the ordinary Internet, the developers have allowed the community network to spread to a larger geographic area.

A growing international network of local meshes, called Hyperboria, takes a similar approach. Organizers have said they hope the network develops into "a viable alternative to the regular Internet."

Lunt and others point to Guifi.net, a 30,000-node community network centered mostly in rural areas of Spain's Catalonia region and in parts of Northern Europe that are underserved by traditional ISPs, as a model for what they'd hope to accomplish.

The network lets anyone join by connecting a wireless router or fiber-optic line, so long as they agree to let others connect on the same terms, says Roger Baig, a full-time staff member on the project. Members can connect to chat and other services hosted on the network, access limited web services through public proxy servers, or connect to the Internet through competing ISPs who offer connections through the network, he says. Independent Guifi-inspired networks have also launched around the world, including in Kansas City, where the KC Freedom Network aims to bring wireless access to underserved parts of the community.

But while the network aims for transparency and openness in its organizational structure, it's moved away from the ad hoc mesh model in its engineering. "The ad hoc model is the one that the hackers love, because everybody has the same right to talk and to listen, so it's a very horizontal architecture, but it has a lot of technical challenges," says Baig, so Guifi's adopted a more hierarchical network model.

"We came up with a network that performs much better rather than the mesh networks," he says. "Our network is used by companies to deliver services, and other companies are using the [network] on a daily basis in their work—I don't think this could be done with an ad hoc network."

Meshing For Science (And Philosophy)

But in some cases, ad hoc networks are the most attractive solution available. Consider the need to connect to scientific and industrial equipment located in areas too remote or chaotic to set up more traditional data links.

"It's very different from the urban example, but we do it conceptually for the same reasons: the sort of areas that are underserved by Internet," says Jer Thorp, an artist and data visualization consultant who'll be helping to build a small mesh network during an expedition through remote regions of the Okavango River delta in Angola and Botswana this summer. Wireless sensors deposited during the expedition will monitor water quality in remote parts of the region and form a mesh network to relay data through Internet connections at nearby safari camps.

"The plan is to leave the sensor nodes out there and get their data over time," says Shah Selbe, an engineer and conservation technologist on the project. "Overall, we want to get an idea of how things shift month after month and, ultimately, year after year."

In New York, McNeil and Phiffer hope their high school experiments won't just educate students about network technology, but will offer a more meta lesson, shining a light back on the network itself.

"People of my generation, Dan's generation, grew up watching the Internet develop," McNeil says. One benefit of seeing the global network evolve the way they did, Phiffer adds: "We kind of realize that none of these systems that we use are inevitable."

If there's one thing Facebook is good at, it's getting people to share their data and using it to track the relationships between people, places, and things. Knowing which of its 1.39 billion monthly users are friends with each other or have friends in common helps Facebook learn, for instance, what kind of updates and ads are going to keep them clicking and tapping through their news feeds.

And as one of the highest-profile online properties in the world, Facebook also needs to keep track of which of those users are trying to scam, spam, or hack one another, sabotage or slow the site, or use it as a conduit for viruses and spyware, and what tools, servers, and sites they're using to do so.

To do that, the company realized that the social graph—the approach that helps it keep track of which users went to the same college or share an interest in Kanye West—can also help it more rapidly identify dubious postings and users, and determine which shady messages pushing malware came from the same ring of hackers.

Earlier this year, Facebook announced it had invited other web companies, including Tumblr, Twitter, Bitly, and Dropbox, to share and swap information about common threats to their systems and networks inside an industry-wide database, using the same Facebook Graph API system they use to post and access data from the Facebook network itself. "The notion of using a graph database is somewhat a bit of a lazy decision by me, in that we use similar technology or the same technology at Facebook to represent the entire social graph," says Mark Hammell, manager of the network's threat infrastructure team.

The initiative, called ThreatExchange, originated during a heavy spam-driven malware attack on Facebook last year, when Hammell decided to contact other companies to see if they were experiencing similar attacks. Already, the approach has shed light on security threats that Facebook had not previously discovered, Hammell says, including a "polymorphic malware family"—different versions of the same malware that had spread to numerous computers—that it found "pretty much immediately after we turned that technology on."

Facebook would not disclose details or statistics about cyberthreats. But in an April Securities and Exchange Commission filing, the company said that fraudulent or "undesirable" accounts may have represented "less than 2%" of its monthly active users, including both outright spammers and other terms-of-service violations, like business pages incorrectly registered as individual users. These accounts, it noted, tended to originate in "developing markets such as India and Turkey." In 2013, security researchers estimated that Facebook spammers were making around $200 million per year, based on prices found in spammer forums.

Conrad Rushing, director of engineering at Tumblr, which helped Facebook build ThreatExchange, says its utility "was obvious from the very beginning."

"The thing that has been really excellent about it has been that the turnaround time of new concerted action—our counterstrategy to new spammer strategies—has taken far less time, at least half the time," he says.

Spammers and hackers often try to take advantage of multiple social networking sites and infrastructure providers to spread spam and trick users into downloading malware, says Rushing.

"All of the different social media groups were being used against one another as points on a long chain that a spammer would use," he says. "A Facebook page would be created pointed to a Tumblr page pointing to another social media page eventually ending up as some sort of fraud or abuse or other bad action."

ThreatExchange evolved from an internal system called ThreatData, which Facebook announced last year had helped the company quickly spot and quash malware and run automated analyses of where malicious content was coming from, and who it was affecting, using its existing data-crunching infrastructure.

A graph—the term programmers and mathematicians use for a representation of the nodes and connections in any kind of a network—can store relationships between viruses, the Facebook accounts used to disseminate them, the other Internet domains they use to circulate them and the like just as easily as it can store the connections between users.

But the same type of clustering algorithms that suggest two users should be friends, or that a user who likes Kill Bill might also like Pulp Fiction, can also help detect when two security threats have a common cause.

"You have a piece of malware talking to a domain—that's two nodes with an edge between them. That domain's hosted on an IP [address]—maybe that IP has hosted other domains," says Hammell, describing the detective work involved in identifying threats. Graphs are also a familiar enough family of data structure that security experts outside the company can quickly grasp how the system works, he says. "The interest and engagement in ThreatExchange from a range of industries has far surpassed our expectations." (Other companies can apply to join the network through an online form.)

Across the web, attacks by hackers and spammers are on the rise. A survey by PricewaterhouseCoopers conducted last year found that the number of detected information security incidents has grown 66% year over year since 2009. By 2019, breaches will cost global industry some $2 trillion, Juniper Research said in a report this month.

"One Person's Trash Is Another's Treasure"

While sometime competitors like Tumblr and Facebook have been willing to work together to help keep their users safe, until recently, the Internet giants' security teams didn't have a good way to share data beyond tried-and-true but labor-intensive means of interoffice communication, like email and shared spreadsheets, says Rushing of Tumblr. "That was really the genesis of the idea for having a more formal system for exchanging this kind of [data]."

Cooperation, even between long-time competitors, has become an emergent theme in cybersecurity efforts. Earlier this month, Intel Security partnered with a California-based company called AlienVault to offer a similar real-time collaborative threat assessment and prevention service for small- and medium-size businesses.

At a cybersecurity summit in January, President Obama proposed a similar data-sharing program that would connect industry with government agencies to stem cyberattacks."This has to be a shared mission," Obama said. He suggested that sharing threat information in such a system could come with "liability protections so that... they're not vulnerable to future lawsuits," although Congress has failed to pass similar legislation in the past four years. The CEOs of Facebook and Google, who have sought to distance themselves from government surveillance initiatives, declined to attend the summit.

Hammell says that ThreatExchange includes privacy safeguards, so member companies can decide what data they want to keep private and what data they want to share with other companies or industry groups. And some internal data from various networks and organizations won't be uploaded into the system at all, since it includes too much private information about users. "We'll be continually making enhancements to the privacy code to support more types of sharing models that different organizations want to support," he says.

The network keeps track of what organization reported a particular site or link or which user is malicious or benign, and the confidence it indicated in the assessment. In the original version of ThreatExchange, Hammell says, Facebook tried to merge all of these opinions together to provide a unified view of what the system thinks of particular threats.

But that proved difficult, since different organizations might have a different view of, for instance, what kind of content constitutes spam. "One person's trash is another person's treasure," he says. "If we try to make that condensed decision, we'll probably end up just end up annoying a lot of people 'cause it's us Facebook making that decision instead of letting everybody decide for themselves, which we think it probably the better way to go."

Ultimately, says Rushing, there's an ongoing "arms race" between digital criminals and security experts who want to keep their networks safe.

But while different hackers and spammers remain in competition with one another for user eyeballs or for control of vulnerable computers, industry giants are increasingly banding together to keep their users safe, he says. Staving off hackers faster doesn't just protect users, but reinforces the trust that keeps users coming back.

"All of us in the industry are heavily incentivized to give all of our users the best experience we possibly can," he says.

Does your boss even appreciate how much time you're spending in meetings every week? Probably not.

Even though it might be easy to count the hours by looking at your Outlook or Google calendar, until recently, it was hard for organizations to compute those kinds of numbers on a companywide basis. In many companies, that's led to a situation where managers invite employees to an ever-increasing set of recurring status updates, brainstorming sessions, and weekly check-ins. Kick-offs and roundtables; team meetings and all-hands meetings.

Rank-and-file cubicle dwellers might privately gripe they're spending too much time in meetings they don't really need to attend, and higher-ups might silently wonder why there are always so many faces around the conference table, but workers are naturally loathe to ask their bosses to stop bringing them to meetings. Managers, meanwhile, are wary of marginalizing their staff by taking them off the invite list.

"It's like everybody's trapped," says Ryan Fuller, the CEO and cofounder of "people analytics" startup VoloMetrix. "I think most companies are in a vicious cycle of this getting worse and worse."

Fuller believes data can change all that, and solve a few other workplace headaches too. His Seattle-based company builds software that mines information like employees' Outlook calendar entries, email headers, and instant messenger logs to help companies figure out how their employees are spending their time—how much time salespeople are spending with customers, which divisions of the company are staying in touch by email, and how much time employees are spending in meetings. With those numbers, Fuller says companies can make changes, like bridging connections between loosely connected divisions that could stand to talk more, or setting goals for time spent in meetings that give everyone license to revisit those invite lists.

VoloMetrix, founded in 2011, is part of a wave of startups aiming to let employers track new measures of employee behavior, happiness, and engagement as readily as they monitor sales numbers and online traffic. And much like companies tracking consumer behavior on the web, they're taking advantage of new number-crunching and data storage capabilities—"the processing power really wouldn't have been there a couple of years back," Fuller says—and navigating uncharted legal and ethical territory regarding expectations of privacy.

New Territories

"What we spent the first couple of years building was a very robust, enterprise-grade security infrastructure, as well as educating ourselves on the all the legal issues, all the privacy issues, all the different things out there," says Fuller. "We found that most companies don't have a policy that applies to what we do, so we have to help them invent it."

For instance, the tool doesn't delve into the bodies of individual messages or IMs: only the header information—the metadata—is captured, he says.

"We never go below the line of headers—to, from, subject line, date, time," says Fuller. "We don't touch message content or attachments or anything like that."

And the stats are anonymized and generally only presented to employers as aggregate information about groups of employees, not as reports on individual worker behavior, he says.

"We default to 100% anonymous, group-level data with no PII included for company employees," the company says in its privacy policy, using a common abbreviation for personally identifiable information. "No business user can remove the anonymity."

Individual employees can also see how they stack up against the company at large and company goals, helping them work to adjust time spent sending emails, attending meetings, or working with customers.

Analytics For Face Time Too

A Boston-based startup called Sociometric Solutions goes even further, looking beyond email records and meeting schedules to actually monitor how employees are interacting in face-to-face conversations using wearable electronic badges that track who's talking to whom. The badges are also capable of registering the tones of voice and body language workers are using.

The company's been able to help its clients find productivity-boosting patterns, says cofounder and CEO Ben Waber. One financial-services firm learned that back-office employees benefitted from interacting more frequently with their customer-facing colleagues, and another client, a pro sports team, got insights into how, and even where in the stadium, their top salespeople converted game-going fans into season ticket holders.

"If you spend 5% more of your time talking to customers in this part of the arena, here's how much more money you'll make," Waber says they were able to advise sales staff.

The company makes sure to get individual workers' consent and takes steps to protect privacy, says Waber.

"We don't record what people are saying," he says. "We don't count how many times you go to the bathroom."

And, as with VoloMetrix, data are only presented in aggregate, Waber says. Companies can see how members of different teams interact, or how the set of top performers in each group behaves differently from others, but only individual employees get access to their own individual data.

Waber has previously said the company even allows opting-out employees to wear dummy badges with no actual sensors, so their bosses don't know they've chosen not to participate.

But tools exist that allow companies to do more personalized monitoring, now that cloud-based systems have largely eliminated the storage costs and IT department headaches involved in storing and analyzing employee data in arbitrary detail.

When Workers Don't Know They're Being Watched

One tool, called ActivTrak, lets employers automatically log how long each of their workers spends in particular applications and visiting individual websites. It doesn't log individual keystrokes, but it can be configured to take regular screenshots throughout the day, or when employees trigger alerts by visiting certain sites, says Herb Axilrod, president of Dallas-based Birch Grove Software, ActivTrak's maker.

"You can begin recording screenshots of a certain window as long as that window is active," he says. "It doesn't record text of email messages or chat sessions, although that can be captured via screenshots if the alarm is set up to do that."

Axilrod says the company encourages customers to let their staff know they're being monitored, but it's ultimately up to individual employers whether they choose to do so. ActivTrak's frequently asked questions page explains users won't be able to detect when the software's installed, and advises employers looking to keep that fact a secret, not to accidentally leave behind any clues.

"You will probably not want to use their browser to download and install the Agent, as that would leave a browser history record that you might forget to delete," the page warns.

Installing the software and monitoring computer usage without employees' knowledge is generally perfectly legal in the U.S., though European law is stricter, says Axilrod.

Legislative gridlock has essentially prevented Congress from tackling the issue, explains Corey Ciocchetti, an associate professor of business ethics and legal studies at the University of Denver's Daniels College of Business, who's written about workplace monitoring.

Even as far back as 2007, a widely cited survey by the American Management Association and the ePolicy Institute found about two-thirds of employers polled monitored their workers' web use, and 45% said they monitored how employees were spending their time on company computers, the content they viewed, or the actual keystrokes they entered. As the organizations prepare to conduct a new survey this year, legal experts have suggested that the numbers have likely only increased as technology has spread throughout the workplace since 2007—a time when, according to the same survey, only 10% of companies reported monitoring how their brands were being discussed on social media.

Workers often don't realize how much existing technology—from Internet monitoring tools to access card systems that can track their comings and goings—lets their employers track their activities, says Ciocchetti.

"I think at a minimum, you should have to notify employees what you're doing," he says. "I would like to know in plain English, not legalese, how are you monitoring me, and give me that information when I'm hired."

One risk is that unscrupulous bosses can use all that data to get away with firing an employee for legally dubious reasons by trolling for otherwise unnoticed policy violations, like an off-color joke sent through company email or late arrivals logged by a keycard system. "It's the way that they fire you, and nobody bats an eyelash about it," Ciocchetti says. "It lets them obfuscate their bad intentions."

At least for well-intentioned companies, though, ethical concerns could lead to self-imposed curbs on employee surveillance and sensible disclosure policies, he says.

And the sense of surveillance can easily damage morale. "If your employees are happier, they're more efficient and more productive," he says.

Some research suggests that excessive monitoring can itself curb productivity and innovation, says Karen Levy, a fellow at New York University's Information Law Institute and the Data & Society Research Institute.

"We don't know exactly what that mechanism is," she says, though one influential paper she cites by Harvard Business School assistant professor Ethan Bernstein suggests overly aggressive monitoring and measurement leads workers to hide or simply refrain from any deviations from established practice—even those that benefit the company.

How Do You Look At All That Data?

Beyond the ethical and psychological questions, how does a company and its employees begin to make sense of the piles of data being collected in the office? A recent project by Microsoft's Envisioning group and The Office for Creative Research, a New York data visualization consultancy, explored some of the visual and interface possibilities for examining big data sets, using custom visualization software intended to be as easy as Excel.

"We think there's a really massive opportunity to have new sets of tools that allow you to interact with these massive datasets," says Harald Becker, a Microsoft Envisioning senior design strategist.

And the dataset used for the project, called Convene, was one that would be familiar to Microsoft employees: an anonymized slice of Microsoft's internal Outlook calendar database, which shows meeting patterns across tens of thousands of employees and contractors at the company's Redmond office.

The Convene team built interactive network visualizations that tracked what OCR cofounder Jer Thorp calls meeting "breadth"—the number of distinct teams represented in meetings—and "depth," essentially the range of rank of employee in particular meetings. The visualizations are displayed on enormous touch screens, using gestures reminiscent of the computers in Steven Spielberg's Minority Report.

"One of the things that Microsoft is really trying to do is increase connectivity across departments," Thorp says. "I think all organizations in general are moving away from being these siloed beasts to being these networked entities."

In the future, the tool could be used to help Microsoft or other organizations see how their employees are interacting, or to help individual users track their own meeting schedules—kind of a FitBit-style quantified self tool to help workers optimize the time they spend in meetings, says Thorp.

"If you had a running app, you might be trying to ramp up to a marathon," he says. "If you have a meeting app, you're trying to ramp down."

In 2013, a pair of private investigators in the Bay Area embarked on a fairly run-of-the-mill case surrounding poached employees. But according to a federal indictment unsealed in February, their tactics sounded less like a California noir and something more like sci-fi: To spy on the clients' adversaries, prosecutors say, they hired a pair of hackers.

Nathan Moser and Peter Siragusa were working on behalf of Internet marketing company ViSalus to investigate a competitor, which ViSalus had sued for poaching some of its former employees. Next, the government alleges, Moser and Siragusa—a retired, 29-year veteran of the San Francisco police department—recruited two hackers to break into the email and Skype accounts of the competing firm. To cover their tracks, they communicated by leaving messages in the draft folder of the Gmail account "krowten.a.lortnoc"—"control a network" in reverse, according to the indictment.

Federal prosecutors did not specify how the defendants found their hackers, but an email address apparently belonging to one of the hackers, Sumit Gupta of Jabalpur, India, was also used last year on the freelancer message board WorkingBase by someone seeking software that could compromise computers running Windows and Microsoft Office. The poster, who was offering $250 to $750, wrote, "Code should be FUD," meaning fully undetectable, "and fully working. Looking a cheap cost."

The California case sheds light on a burgeoning cybercrime market, where freelance hackers, both on public forums and in black markets, cater to everyone from cheating students and jealous boyfriends to law firms and executives, according to Jeffrey Carr, president of Seattle-based security firm Taia Global. He calls the industry "espionage as a service."

While it is difficult to verify the legitimacy or the quality of the hacker postings on a half-dozen online exchanges that Fast Company examined, some sites boast eBay-like feedback mechanisms that let users vouch for reliable sellers and warn each other of scams. Carr describes a range of expertise, from amateur teenagers wielding off-the-shelf spyware who may charge up to $300 for a single operation, to sophisticated industrial espionage services that make tens of thousands of dollars or more smuggling intellectual property across international lines. "The threat landscape is very complex," he says. "A hacker group will sell to whoever wants to pay."

At Hackers List, for instance, hackers bid on projects in a manner similar to other contract-work marketplaces like Elance. Those in the market for hackers can post jobs for free, or pay extra to have their listings displayed more prominently. Hackers generally pay a $3 fee to bid on projects, and users are also charged for sending messages. The site provides an escrow mechanism to ensure vendors get paid only when the hacking's done.

While Hackers List says it's intended only for "legal and ethical use" like recovering lost passwords, it boasts about a dozen job listings a day, in some cases to anyone capable of hacking into private websites, social media accounts, and online games.

In a report released in March, Europol, the European Union's law enforcement arm, predicts online networking sites and anonymous cash-transfer mechanisms like cryptocurrencies will continue to contribute to the growth of "crime as a service" and to criminals who "work on a freelance basis . . . facilitated by social networking online with its ability to provide a relatively secure environment to easily and anonymously communicate."

The environment isn't always secure. Earlier this month, one security sleuth unmasked the apparent owner of Hackers List as Charles Tendell, a Denver-based security expert. Soon after, Stanford legal scholar Jonathan Mayer crawled the site's data, revealing the identities of thousands of the site's visitors and their requests for hacks.

Mayer found only 21 satisfied requests, including "i need hack account facebook of my girlfriend," completed for $90 in January, "need access to a g mail account," finished for $350 in February, and "I need [a database hacked] because I need it for doxing," done for $350 in April. A majority of requests on the service involve compromising Facebook (expressly referenced in 23% of projects) and Google (14%), and are sparked by a business dispute, jilted romance, or the desire to artificially improve grades, with targets including the University of California, UConn, and the City College of New York.

While most requests "are unsophisticated and unlawful, very few deals are actually struck, and most completed projects appear to be criminal," Mayer wrote on his blog, the requests were a "fair cross-section of the hacks that ordinary Internet users might seek out." Still, he wrote, Hackers List "certainly isn't representative of the market for high-end, bespoke attacks."

Whatever the software or however expert the hackers, the basic methods of intrusion are often the same: the age-old technique of tricking a target into installing malware by opening an email attachment or a malicious website. "It's like we still use gasoline in gasoline-driven engines," says Carr, "'cause it just works."

A Silk Road For Hackers

On the message board site HackForums.net, users openly post ads offering to hack into computers and online accounts, knock servers offline with denial-of-service attacks, and track down strangers' personal information, all for a fee. Hackers are ranked through a rating system, and high-reputation users even offer "middleman" services, holding cryptocurrency payments in escrow until sellers deliver what they've promised.

"I will Hunt someone for you and get you all the informations of the person. ( emails, IMs, Social accounts, location, phone number, Home address etc)," says one post on the site, which is registered in the Cayman Islands. "I will hack someone for you and get you all the files, key logs, webcam videos, anything from his system. on your need, i can transfer them on your rat/botnet, so you can play with him." A RAT is a remote administration trojan: a piece of software that, once surreptitiously installed on your target's computer, tablet, or phone, allows you to read files, intercept keystrokes, and generally take control of the machine's operations.

One forum user named Hax0r818 said in a Skype chat that his service, which mentors neophyte RAT users, has had about 300 customers in roughly a year. "I just help them get started because R.A.T.s are not for hacking they were made for parents to check what there children are looking on the net," he wrote. "I dont aks them anything I dont because I don't care I just give them a warning that using R.A.T.s for iligal purpeses can get them to jail and I let them agree to my Terms."

Hax0r818, who would say only that he is under 21 and based in Australia, charges $5 a month in exchange for training RAT novices in using the tools and providing a testbed virtual machine for them to practice on.

In addition to websites accessible through the web, a dozen deep web markets—with names like Hell, Agora, Outlaw, and Nucleus, and only reachable through the Tor browser—offer menus of RATs and other hacking software and services, with transactions conducted in Bitcoin.

"Hacking and social engineering is my business since i was 16 years old, never had a real job so i had the time to get really good at hacking and i made a good amount of money last +-20 years," writes the owner of Hacker for Hire, a dark web site that charges 200 euros for small jobs and up to 500 euros for larger ones, including "ruining people, espionage, website hacking.""I have worked for other people before, now im also offering my services for everyone with enough cash here."

Typical prices for RATs—with names like darkcomet, cybergate, predator pain, and Dark DDoser—range from $20 to $50, according to a December Dell SecureWorks report. This represents a significant drop from the previous year, when the tools typically sold for between $50 and $250. (The price drop may have resulted from the recent leak of some RATs source code.) The price for hacking into a website has also dropped, from a high of $300 to $200, according to the Dell report.

One RAT-making group called Blackshades took in more than $350,000 over four years selling a $40 RAT on hacker forums and its own website to thousands of buyers around the world, according to a federal indictment unsealed last May in New York. Customers had used the software to steal financial information and spy on unsuspecting victims through their webcams, officials said.

"The RAT is inexpensive and simple to use, but its capabilities are sophisticated and its invasiveness breathtaking," Manhattan U.S. Attorney Preet Bharara said at the time. His investigation, part of an "unprecedented" and ongoing global effort, has so far resulted in more than 90 arrests.

Big Business And Big Crime

Hacking software, which can cost up to $3,000 and more, isn't itself illegal, and can be used for benign tasks like remotely administering servers and monitoring corporate computers. But in practice, these software toolkits and related services are often used for fraud, denial-of-service attacks, or network intrusion.

"If someone is gaining unauthorized access to another computer system, anything digital, that is against the law, that is criminal," says Jonathan Rajewski, a computer forensic examiner and assistant professor at Vermont's Champlain College.

Hacker marketplaces, meanwhile, exist "in legal limbo," according to Mayer, the Stanford law lecturer. While websites are generally not liable for user misdeeds, there is an exception for federal criminal offenses, including violations of the Computer Fraud and Abuse Act, which governs hacking. That leaves the operators of these markets open to possible accomplice or conspiracy charges, which could land them in prison.

The operator of the Silk Road, where hackers advertised alongside drug sellers, was convicted on hacking conspiracy charges, along with six other counts. A newer dark net marketplace called TheRealDeal Market, also accessible through the anonymized Tor network, focuses specifically on exploit code, though the terms of service say the site allows the sale of anything except child pornography, human trafficking, or "services which involve murder."

Last week, the U.S. Commerce Department published a proposal that would require anyone selling unpublished "zero-day" exploits internationally to have a license, classifying intrusion software, like other "dual use" items, as potential weapons. The number of zero-day exploits discovered in the wild hit an all-time high last year of 24, according to a recent Symantec report.

The new law could help law enforcement fight hacker black markets, but it would also hinder a number of companies that openly sell intrusion software and software exploits. The French security firm Vupen, which bills itself as a provider of "offensive cyber security," charges clients—including the NSA—up to $100,000 per year for access to techniques letting them compromise widely used software, from Microsoft Word to popular web browsers and Apple's iOS. The Italian company Hacking Team has sold RATs to the FBI. Other firms that buy and sell exploits include Netragard and Endgame, as well as larger defense contractors like Northrop Grumman and Raytheon.

Recent estimates have predicted industrial espionage and other digital crime costs companies hundreds of billions of dollars per year. A new study by the Ponemon Institute found that the average cost of a compromised record for a corporate hacking victim rose to $154 in 2014, up 8 percent over the previous year.

Selling To The Highest Bidder

To Carr, the security researcher, the consumer hacking-for-hire market is only the tip of the iceberg. Now, more sophisticated hacker groups are offering their services to wealthy overseas businesses and governments interested in buying "on demand" hacking. An entrepreneur or a C-level executive might hire a hacker to gain an edge over competitors, for instance, or to "hack back" against cyber intruders, a practice that Sony reportedly employed in its effort to fight websites hosting the company's leaked data.

With so much recent focus on allegations of hacking by government agencies, Carr thinks threats from sophisticated commercial operations have been somewhat overlooked.

"We've completely missed until recently the espionage-as-a-service game, and most likely we've confused these guys with actual government intelligence agencies or government military operations," he said.

Hacker groups will generally find work by exploiting connections to unscrupulous companies, either striking deals to obtain particular data or by stealing valuable information themselves and selling it to the highest bidder they can find, according to a white paper recently released by Carr's firm, Taia Global.

Carr pointed to the case of a Chinese businessman named Su Bin, who was arrested in Canada last year on charges he worked with two unidentified hackers to steal and sell trade secrets about the F-35 and other military aircraft from U.S. defense contractors. In one email, one of Bin's alleged accomplices attempts to buy an undetectable copy of "the Poisonivy Program," a well-known RAT tool that is available in encrypted form, from a HackForums.net seller for just a few dollars.

But in spite of widespread reports about hackers stealing secrets for the Chinese government, Bin, who lived and worked in Canada, seemed more motivated by financial rather than nationalistic interests. "These buyers weren't necessarily Chinese companies," according to the Taia Global publication. "One email from Bin . . . indicated that he was unhappy with how cheap one Chinese company's offer was and that he would look for other buyers."

One sophisticated espionage-focused group, dubbed Hidden Lynx by security firm Symantec, used two pieces of custom malware to penetrate hundreds of organizations around the world. Based on the variety of targets the group has targeted, Symantec believes it to be an "adaptable and determined" hacker-for-hire organization.

"We believe they're specifically tasked with going after information and then passing that information to the clients that want it," said Symantec senior threat analyst Stephen Doherty, one of the authors of the paper, who says his firm has been following dozens of similar groups. "Symantec is tracking over 70 groups from all around the world that fit into the various buckets of those involved in direct espionage, those involved in cybercrime, those maybe doing a bit of both," he said.

Hidden Lynx, which Symantec says employs between 50 and 100 hackers operating mostly out of China, breached the servers of security firm Bit9 in 2012, making off with security certificates used to digitally sign software Bit9 has certified as safe. The hackers then gained access to computers belonging to political, defense, and financial organizations in the Boston and Washington areas by penetrating web servers likely to be visited by employees of target companies and using them to distribute malware, some of it signed with the stolen Bit9 credentials.

Playing Defense (And Offense)

As hacker groups have become more sophisticated, defensive efforts by international law enforcement and private security groups have grown more coordinated, with the ultimate goal of making such attacks that much less worthwhile, said Doherty. Last year, the tide against Hidden Lynx changed: A coordinated effort by a number of security vendors helped develop better protections against the malware used by the group, Symantec says. "All our indications are that the activity involved with this group has very much gone underground," he said.

"I think you're seeing a breakdown of the kind of silos where everyone's fixing their own, or looking after their own client base," said Doherty. Previously, he said, "whether it's an [antivirus] company, or whether it's a bank, they all would have very much worked close to home, but now we're seeing a much broader effort. There's much more visibility into what's going on."

Doherty said people and companies hoping to defend against these kinds of attacks should take traditional online security precautions: Keep up to date with software upgrades and security patches, watch for unusual network activity, and take special care to lock down systems known to store valuable company secrets.

Companies should also take careful stock of which third-party vendors have access to their sensitive information, said Carr. "You also need to do due diligence on all of your supply chain," he said. "You have to be aware of who you're sharing your data with: Just because they're your vendor doesn't mean you can trust them."

One tactic Carr advises against: "hacking back," the risky and legally murky technique of retaliating against the networks of criminals who infiltrate corporate networks.

"That's always a bad idea," he said. "It's like that old saying, never pick a fight with a stranger—you don't know who you're throwing a punch at. It could be a commando."

In the two years since Edward Snowden's revelations about pervasive government monitoring of the Internet first made the news, developers have worked to build hardware and software to help Web users reap many of the benefits of cloud-based services while retaining personal control of their data.

But while recent studies indicate that plenty of consumers wish their online activities were more private, even the creators of many of these privacy tools acknowledge that all but the simplest of them are still too complex to win over the majority of the Internet-using public.

"Unless you understand everything from the ground up, it's really, really hard to own your data," says Alex Payne, the creator of a free, open-source, private-cloud toolkit called Sovereign. It equips a stock Linux server with open-source alternatives to standard cloud offerings, including email, calendars, a Dropbox-style file hosting, and even an Instapaper-style Web bookmarking tool.

Payne, who was previously a cofounder and the CTO of Simple, the online banking service, says he created Sovereign in 2013 as a cheaper and more private alternative to Google Apps.

Since it's a privacy-oriented project, he says he hasn't looked very deeply at who the users and open-source contributors are. But Payne believes the project—which has a GitHub page heavy with technical acronyms and command-line transcripts—probably isn't used much by the general public.

"I don't think that this is a realistic solution for most people," he says. "It's technical folks who want to use this for themselves, their businesses, their families and [if] they feel like they can kind of confidently administer a server that's set up with Sovereign, I think it's great."

Even some makers of commercial private-cloud tools have had difficulties winning the public's attention and getting their products to market.

"We believe that government and corporate snooping are the biggest threats to personal liberty and democracy that we're facing," wrote the creators of the Community Cube, a privacy-focused personal server and firewall project that successfully funded a Kickstarter campaign this month.

Scheduled to ship this fall to backers who pledged at least 140 euros, the Community Cube is a customized Linux machine designed to boost users' privacy on some existing Web services and replace others with private, encrypted alternatives. Its creators, based in Spain and Germany, say the cube will provide services similar to toolkits like Sovereign, bundling personal, open-source alternatives to commercial cloud services. But unlike other purely software packages, their product comes on a preconfigured computer, ready to be plugged in and connected to the Internet.

Recent research indicates that the Community Cube's creators and backers aren't alone in their concern for privacy, but suggests that consumers feel there's just little they can do about the matter. A University of Pennsylvania report released this month called the notion that consumers deliberately trade access to their data for free or discounted online services a fallacy, arguing that the public is, instead, simply resigned to losing their privacy.

"Rather than feeling able to make choices, Americans believe it is futile to manage what companies can learn about them," the authors wrote. "Our study reveals that more than half do not want to lose control over their information, but also believe this loss of control has already happened."

Some consumers have migrated to digital services that pledge not to track their users' online activities: privacy-centric search engine DuckDuckGo has seen steady growth since Snowden's leaks, and secure messaging service Wickr has raised $39 million in funding and claims millions of users around the world.

But neither of those technologies has yet become a household name, and recent reports show that giants Google, Microsoft, and Yahoo still control upwards of 90% of the online search market, and familiar names like WhatsApp, Facebook Messenger, Skype, and China-based QQ dominate digital messaging.

For many Internet users, boosting online privacy may still be a daunting task. A Pew Research Center report released in March found that more than half of Americans surveyed said it would be "somewhat" or "very" difficult to find ways to boost their privacy on the Internet and their cell phones.

The Community Cube team hopes to change that. "At the end, it seems like we have a good recipe with the best ingredients to make that open source easy to use," says Enrique, a Community Cube developer. "We have open hardware and open software device that can offer people the alternative they need, with the privacy and security."

Community Cube Web traffic will be routed over a peer-to-peer anonymizing service I2P, and email will be encrypted by the open-source webmail tool Mailpile before being sent through users' existing providers like Yahoo or Gmail, its creators say. Video chats conducted through the device would be routed over a direct, encrypted connection instead of through services like Skype and Google Hangouts, and a distributed, encrypted storage-and-backup system called Tahoe-LAFS would be the devices' answer to Dropbox or Google Drive.

"At the end, the result is that we have a product that is a competitor of everybody—a competitor of Google, a competitor of Gmail, a competitor of Dropbox, a competitor of Skype," says Enrique.

Of course, no security solution is 100% foolproof—given enough time, money, and resources, skilled government or even private hackers can probably find their way around most safeguards—and Enrique acknowledges not all users will even want to use all of the features of Community Cube. The system, he says, will warn users if they take actions that could compromise their privacy, like logging into a mainstream webmail provider's site, but ultimately the choice will be up to the customers, he says. (The company's motto: "The Spooks Hate Us.")

"I used to make risk analyses [for] companies, and some companies say, you know what, I assume the risk: it's my budget; it's my way, and I cannot put more controls to safeguard that asset in the company, so I assume the risk," he says. "If they assume that risk you cannot say, no, you cannot assume that risk."

But so far, while the Kickstarter campaign did exceed its $55,000 goal, and the team's thinking of launching a second campaign on Indiegogo, the project has had some trouble convincing the public and the press. Marketing consultants suggested sending free Community Cube prototypes to tech journalists for review, but the company didn't have the funds for such a campaign, Enrique says.

"There are some people that said, I don't understand what you're trying to sell," he says. "There are some other people that say, it is too much technical."

Earlier this year, the Manchester, U.K., creators of a similarly privacy-focused personal file and email server called the Wedg raised about $200,000 in an IndieGogo campaign of its own, and drew widespread media coverage. (Backers who offered at least £249—about $400—were eligible for a machine.) Since then, though, the creators have said the product's scheduled launch is indefinitely on hold, due to an intellectual property dispute with a former Wedg developer's employer. Wedg's creators didn't respond to emails requesting comment for this story.

Wedg isn't the first crowdfunded privacy-focused project to face setbacks. Last fall, a project called Anonabox had its Kickstarter listing suspended after allegations the creators misrepresented which parts of the project were original creations. A similar fate befell an earlier project, TorFi, and another effort, called Cloak, failed to reach its funding goal.

Other, more successful, private-cloud projects have drawn attention beyond technical circles. One project, called Mail-in-a-Box, is intended to relatively simply convert commodity Linux servers into relatively private and secure email servers. Joshua Tauberer, a developer and government transparency advocate perhaps best known for the legislation-tracking site GovTrack.us, says he created the project as much to be a starting point for other engineers who wanted to tinker with the intricacies of email as to be a tool for privacy.

But while the project's been the subject of a technical blog post by hosting provider Digital Ocean and a few active Hacker News discussions, it was also a semifinalist for last year's Knight News Challenge grant competition, attracting attention from journalists and others looking for more control over who has access to their email. And Tauberer says that as the software gets easier to install, he hopes it continues to reach a wider audience.

"When I first started working on this two years ago, you really had to be an expert to set it up," he says. "Only now in the last month is it possible for someone who's not technical, or at least not particularly technical, to set it up."

Still, even the technical audience on Hacker News freely admits having difficulties understanding the intricacies of the alphabet soup of programs and protocols surrounding email, from spam filtering to sender authentication, so it's easy to imagine a less savvy user struggling to understand and trust even a simple version of Mail-in-a-Box or a commercial private cloud tool.

Ultimately, suggests Julia Horwitz, consumer protection counsel at the Electronic Privacy Information Center, the real privacy solutions may have to come from the law, not from hardware or software.

"I'm often asked the question about what consumers can do to protect their privacy, and I think really the answer is, it shouldn't be up to the consumer to try to protect his or her own privacy," she says. "There should be a robust enough legal framework in place that would be incumbent on the company to comply with the law, rather than on the consumer to shop around for the most privacy-protecting service, when by the nature of the service, the consumer's not going to have all of the relevant information."

That ultimately applies to both privacy from corporate data gathering and from government surveillance, Horwitz says. "I think both kinds of surveillance are unfortunately too present currently, and both need better checks from Congress."

While much of the financial world is focused on whether Greece will abandon the euro, the country's financial troubles have also brought new attention to a different currency: bitcoin.

The digital currency's value in dollars has risen more than 17% since the start of June, according to data from bitcoin news site CoinDesk. Operators of exchanges swapping bitcoin for traditional money report that trading volumes have greatly increased as the Greek crisis has unfolded.

"We're seeing about a 300% increase in bitcoin buys across all Europe in past few weeks," reported San Francisco-based exchange Coinbase in a Tuesday morning tweet.

But, the company's Twitter post explains, not much of that boost in volume is from Greece itself. After the country's leadership failed to reach a deal with creditors on spending and tax reform, emergency financial restrictions have blocked Greek citizens from sending funds abroad and capped bank withdrawals at €60, or about $67, per day.

While the country's precarious situation may have inspired others to seek out the potential safety of bitcoin, those most directly affected simply can't access their funds to exchange for bitcoin or anything else.

"For Greece, it's probably too late now—they're in a pretty bad situation," says Coinbase cofounder and CEO Brian Armstrong. "It's the rest of Europe that's taking this as a warning sign."

Coinbase announced Monday it's waiving transaction fees for customers buying and selling bitcoin in euros through July 5, promoting the sale as an opportunity for Europeans to explore the advantages of a currency not controlled by a central authority.

"This is a great kind of moment in history where people are looking at this, and thinking more about things like capital controls," says Armstrong.

Unlike traditional currencies, bitcoin is produced not by a central bank but by an algorithm that doles out the currency in predictable intervals to bitcoin miners—power users who maintain the blockchain, a shared record of all verified transactions in the currency's history. Those digital coins can then be transferred simply by recording additional transactions to the blockchain, or stored on a hard drive or cell phone in a cryptographic wallet, without needing to involve traditional banks or services like Western Union and MoneyGram.

Advocates have argued those characteristics make bitcoin safer than traditional, so-called fiat currencies, which can see their values slashed by inflationary government policy or their use curtailed by regulations like the ones now in play in Greece.

"Situations like this crisis in Greece shows [people] that money in banks is not 100% there," says Filip Godecki, a spokesman for Poland-based bitcoin exchange Bitcurex, which has also seen an increase in volume from European users. "They're trying to find alternatives, and bitcoin is an alternative."

But, Godecki says, while the three-year-old startup has seen a burst of new accounts based in Greece and waived fees for its customers there, many of those new users will be largely unable to buy bitcoin until the current restrictions are lifted. Greek officials have said that likely won't happen until at least July 6, the day after a popular vote is scheduled on European proposals to resolve the economic stalemate.

"What I can see is a really increased interest in the idea," says Godecki. "However, from a practical point of view, I'm just not sure of bitcoin as an emergency option on a daily basis, because I'm still not sure how much they can transfer from their accounts to exchanges like ours."

An online marketplace called LocalBitcoins lists standing offers from private sellers around the world willing to trade bitcoin for cash, and the site lists a handful of vendors around Greece, mostly in the Athens area.

But even those transactions have been curtailed by the capital controls, says Peter Dimitrakos, a futures trader and cryptocurrency enthusiast who advertises on LocalBitcoins under the name uzitgc. Many buyers have limited cash after the bank withdrawal limits, and sellers are limited to whatever bitcoin they have on hand, since they can't transfer funds to an exchange to buy more when their supplies run out.

"The problem now is that there is no cash available anymore, which makes it impossible to buy or sell, because when I sell bitcoin, I immediately buy them back on the exchange," says Dimitrakos, who spoke via Google+.

Dimitrakos says he saw a "spike in interest" over the past month, with customers new to the virtual currency purchasing "small amounts" of bitcoin before the capital controls were in place. For those who did manage to buy bitcoin, the currency is a way to store value in case the value of funds in Greek bank accounts and wallets plummets—not a day-to-day replacement for the euro, he says.

"People can still work with cash, they can withdraw €60 per day, supermarkets still have food, etc.," he says, adding that few merchants in Greece accept the alternative currency.

But, some bitcoin advocates argue, that may change in the near future.

"This ecosystem is still an infant, because we can't just go to, say, a barber and pay with bitcoin yet, but maybe it will be a spark to make such changes," says Godecki. "Maybe this crisis is just another push to the bitcoin ecosystem, and maybe this will fuel the change."

The ongoing financial crisis in Greece has left some tech companies struggling to pay the bills—but not because they don't have money in the bank.

Like businesses around the world, Greek startups often rely on cloud services for everything from web hosting to email to credit card processing. But those services are generally provided in the U.S. or elsewhere outside Greece, and strict capital controls imposed this week sharply limit Greeks in spending money abroad.

Credit card payments and bank transfers outside of Greece are essentially blocked, forcing some Greek businesses to ask cloud vendors to delay charging their cards and keep their accounts active until the controls are lifted.

"If they're doing business in Greece and generate revenues only in the country, it's really tough to overcome these barriers," wrote Nick Drandakis, the CEO and founder of Taxibeat, an Athens-based cab-hailing app startup.

Drandakis says his company was able to make payments from a U.K. bank account, but that option is not available to companies without operations outside of Greece.

"Other fellow entrepreneurs in the country are facing big hurdles in paying their costs," he wrote.

Some companies are relying on help from friends and family overseas, while others are shifting gears to delay buying new digital services until the crisis is resolved.

"On July 1 we were going to launch the weather service we have been working on in stealth mode all this time, but news caught us and we canceled it," wrote Manolis Nikiforakis, the CEO and founder of weather forecast aggregator Weather ex Machina, in an email. "Capital controls would disable our ability to set up additional server nodes for our backend system and would have made our service almost unusable and our launch a failure."

The company will now wait until "things settle down" before launching the service, he says.

"Obviously this was not a major problem for us," writes Nikiforakis. "I am sure there are many startups out there in far more difficult situations."

To help fellow entrepreneurs keep their digital doors open, Bugsense cofounders John Vlachoyiannis and Panos Papadopoulos have been leading a volunteer effort to assist Greek startups with no way to pay for necessary online services.

"We could identify with them because we have been through similar situations—of course not so bad, because there were no controls back then," says Papadopoulos. He and Vlachoyiannis moved from Athens to San Francisco for the mobile device analytics company, which was acquired by Splunk in 2013.

Papadopoulos tweeted about the program on Monday, and soon received both requests for assistance and offers of help, including from Andreessen Horowitz and Netscape cofounder Marc Andreessen.

"What we do is we get all the requests by people, and we just dispatch it to different people who are helping out," says Papadopoulos.

As of Wednesday afternoon, the effort had received about 35 inquiries from companies in need of assistance and helped fund requests from about 15, according to Papadopoulos.

"Some of them dropped because they got some help from a friend or family member in the U.K. or Germany," he says.

The actual payments probably only came to about $1,000 in total, he says, mostly paying for essentials like web hosting for small-scale startups. At the moment, the ad hoc group's structure is informal, but that may change if the capital controls last much longer.

"A lot of people, they're having payables coming up," he says.

Some digital vendors have also offered assistance to customers affected by the Greek situation.

"We made our best effort to identify a few thousand Greek customers who might be impacted by the banking restrictions and changed our backend billing code to provide them with an exemption for at least the first seven days of July," wrote Zach Bouzan-Kaloustian, director of support at cloud computing provider DigitalOcean, in an emailed statement.

So far, the Greek government has given no clear sense of how long the capital controls, imposed Monday after the country's leaders failed to forge an agreement with international creditors, will stay in place. The rules restrict Greek residents to cash withdrawals of €60 per day and aim to limit credit card payments to vendors within Greece.

But even some domestic credit card payments have been affected by the capital controls, says Georgios Gatos, cofounder and COO of Incrediblue, an online platform for booking sailing vacations with operations in Greece and the U.K.

In addition to asking cloud providers for delayed payment while shifting billing to U.K.-registered accounts, the company had to ask its Greek customers to make payment by domestic wire transfer. Incrediblue handles credit card purchases through Braintree, the PayPal-owned payment processor, and those transactions were blocked by the Greek banking system as overseas payments, Gatos says.

While Greece isn't the first country to impose capital controls in times of economic crisis, its restrictions do come at a time when even essentially domestic transactions and local digital businesses still rely on international payments.

Even in 2008, when Iceland saw its own set of capital controls imposed in the wake of the , startups weren't yet so reliant on the cloud, and Iceland had spent the pre-crisis "boom years" building up a network of data centers, says Bala Kamallakharan, the founder of the Startup Iceland initiative.

Kamallakharan says he hopes the current Greek economic situation, and the need to innovate around it, can ultimately be a boon to the Greek startup sector.

"Every crisis is a great opportunity to reinvent the local startup community," he wrote in an email. "This is what happened in Iceland, and I am pretty sure the resilient founders and entrepreneurs in Greece will see this as a unique opportunity to build valuable companies."

Bunny Inc., which runs an online marketplace for voice-over actors, has more than 50 employees scattered between its offices in San Francisco and Bogota, Colombia, and remote work sites around the world.

That can make it hard to ensure employees are satisfied with how things are going at the company, says cofounder and chief people officer Tania Zapata.

"Working remotely with people can potentially create a lot of issues in terms of cohesion and things like that," she says.

So for quick daily happiness check-ins, the company uses an app called Niko Niko that lets employees quickly swipe across their smartphone screens to indicate their overall moods, or to answer more specific survey questions. A touch-and-drag happiness meter and corresponding smiley (or frowny) face let Bunny employees say how they're feeling about everything from their relationship with their managers to the cleanliness of the corporate offices.

"You can actually act upon things that are not going very well sort of faster than you would if you just wait for the person to say something," says Zapata.

For Bunny, one source of virtual frowns was the Internet speed in the Bogota office, she says.

"Internet was not as reliable as here [in San Francisco], but it has improved," she says. "We probably haven't gotten [a frown] in a while."

Companies collectively spend about $720 million a year trying to measure and boost employee engagement, according to a 2012 report by human resources consultancy Bersin & Associates, since acquired by Deloitte, and for good reason: Studies have long found that better engaged workforces boost productivity and profit, employee retention, and even worker safety.

Research has also shown workers with higher job satisfaction are, by many measures, healthier, and warned that excess work stress can take its toll on the well-being of workers' families.

Still, despite the high level of corporate spending on engagement, survey results released in January by polling giant Gallup estimated that less than one-third of U.S. workers were engaged in their jobs—meaning "involved in, enthusiastic about, and committed to their work and workplace"—in 2014.

Startups hope to change that by applying some of the same data-oriented techniques publishers and advertisers have used in recent years to boost engagement with online content, like notifications, apps, and emojis.

Employee-engagement surveys have long been a staple at many offices, but new survey and data-analysis technology like Niko Niko, an app developed by a New Orleans startup of the same name that first launched about two years ago, has recently made it possible for employers to attempt to track employee sentiment in essentially real time. If they can do that, managers could be better poised to boost that sentiment too.

"If you think of the last 10 or 20 years of marketing, and how we use data from our customers to improve our companies, there's been a torrent of innovation," says Didier Elzinga, cofounder and CEO of Melbourne engagement polling startup Culture Amp. "We thought, why did the marketers get to have all the fun?"

Culture Amp lets companies administer questionnaires from new-hire and exit surveys to periodic engagement surveys and one-question polls, all through a flexible web and mobile interface.

"One of the key things is making the user experience better, so it's something you can do on an iPad, you can do on an iPhone, you can do on the web," Elzinga says.

And the tool automatically provides interactive visualizations of results to managers based on company-specific privacy settings, often in real time.

Kiss Of Death

It wasn't that long ago that engagement surveys typically took months to put together, distribute, and analyze, says Ken Oehler, global employee engagement practice leader at consultancy Aon Hewitt. Now, he says, firms can ask their workers how they're feeling and respond essentially instantaneously.

"It's all about speed and transparency," he says. "It becomes so instant that the employee knows they have a voice."

Aon Hewitt offers its own quick survey smartphone app called Mood Ring to get quick input from employees on a monthly, weekly, or daily basis. Because smartphone surveys are still new, it's hard to know the ideal polling interval for every situation, Oehler says, but he and others in the field say one aspect that's beyond debate is the importance of quickly responding to employee concerns as soon as they surface.

"Regardless of frequency, this kiss of death is to ask questions and do nothing about it," says Oehler.

The biggest boosts in employee engagement and satisfaction come from focused efforts by managers, not simply from new survey technology, he says.

"I think technology is simply an enabler," he says. "I think if you had all this technology and you didn't have the focus of executive leadership, it wouldn't really work."

To help get managers and employees on the same page, one Boulder, Colorado, company called RoundPegg looks to quantify the often imprecise notion of corporate culture and how individual employees' personalities fit into a company or team's own culture.

"The heart of the matter, according to RoundPegg, is that there's these 36 values that define how we show up in the workplace," says David Lyon, RoundPegg's chief revenue officer.

Understanding those values—things like willingness to take risks, creativity, and informality—and where employees stand relative to the organization as a whole, can help managers figure out what keeps workers happy and what kinds of rewards they respond best to, like boosts in pay or opportunities for professional growth, he says.

Companies can also use RoundPegg's surveys with potential hires, but the purpose isn't necessarily just to weed out employees who aren't a good "culture fit," Lyon says. The tool doesn't make any hiring recommendations, but aims to guide interviewers in understanding differences between employees and current staff, and help them formulate questions to understand how prospective employees might fit in.

For example, Lyon says, if the prevailing corporate culture is rules-oriented, and a potential hire scores high for informality, the tool might suggest the hiring manager discuss that difference in the interview, and ask the candidate for examples of times where he or she successfully dealt with similar differences at previous jobs.

"Having that common [language] to talk about what drives us in the workplace is part of the beauty in what RoundPegg brings to the table," says Lyon.

Important Questions

While survey and visualization tools have changed dramatically, the questions employers are looking to have answered about how to keep their workers happy and productive seem almost timeless. Indeed, one of the most well-known employee-engagement surveys, Gallup's Q12, has purposely featured the same questions in the same order for close to 20 years, whether it's administered on the web, on paper, or through a phone system.

"We've had a chance to study those same elements—the Q12—across very different environments," says Jim Harter, chief scientist for workplace management and well-being at the 80-year-old consulting and polling company.

The survey asks employees to what extent they agree with 12 proprietary statements about their work environment and relationships with coworkers and management: whether they have a "best friend at work," for example, and whether their "opinions seem to count." It's been administered to about 29 million people over the years and extensively studied by Gallup's scientists, he says.

And despite economic, cultural, and technical changes, Gallup reports the survey questions have continued to be good predictors of employee performance: A 2012 Gallup study found companies and teams that did better on the survey continued to have lower turnover, better safety and product quality records, better customer-service ratings, and even higher earnings per share.

"Knowing what's expected of you at work is still important," Harter says. "Having an opportunity to do what you do best is still important."

Gallup generally recommends employers take a company-wide engagement "census" twice a year, giving workers time to respond and managers time to digest and respond to employee concerns, with the possibility of periodic "pulse" surveys in between to track any changes in sentiment.

That's essentially the approach taken by the United Way for Southeastern Michigan, a Detroit-area charity that decided to take a serious look at boosting employee engagement about a year ago, after employees took the Q12 and managers felt "scores weren't awesome," says Ursula Adams, the nonprofit's director of employee engagement.

Since then, the organization worked to change that by training managers on engagement-boosting techniques: giving workers roles suited to their talents, and making sure to recognize their accomplishments, for example. And, it's used Niko Niko to track how employees are feeling on a day-to-day basis, even posting average percent scores on a physical board at its headquarters, Adams says.

"Now it's very unusual for us to go below 80," she says. "What used to be completely acceptable—mid-70s—now people are trying to diagnose what's going on, when it used to just be normal."

Kristen Holt, the organization's chief operating officer, says she's used the Niko Niko app's comment field to help herself keep track of what kinds of experiences at work generally brought her positive energy.

"If the email [with the Niko Niko survey invitation] would come through after maybe I had a frustrating internal meeting, that would be something that wouldn't bring me energy," she says. "If I had the opportunity to collaborate with somebody on the team and really accomplish something, that's when I would have a lot of energy."

Holt has mostly stopped taking the daily Niko Niko surveys herself, however, since the survey results are reviewed by lower-level employees within the charity. She doesn't want her noting when she's "having a bad moment" to negatively impact other people's engagement, she says. That's not as much of a concern with the Q12, since it's based on longer-term trends instead of day-to-day experiences, says Holt.

"I think the organization has really valued the transparency around the Q12 results, as well," she says, and notes that members of the leadership team share their results with the organization at large.

The nonprofit doesn't intend to entirely replace the Q12 with Niko Niko, since it still appreciates Gallup's years of research and the ability to see how the organization stacks up against comparable employers in the polling giant's databases, Adams says.

"We're taking the Q12 again in August of this year, and I think it will be fascinating to see where this goes," she says.

Alex Sanz probably gets more mail than anyone you know.

He's the founder and CEO of Virtual Post Mail, a company that has helped, since 2009, thousands of customers turn their daily delivery of physical, postal mail into electronic, digital data.

Virtual Post Mail customers pay to receive their mail at its California location, where workers scan a picture of the outside of each envelope or package to upload to the company's servers. Then, customers can decide with the click of a mouse whether to have Virtual Post Mail open and scan the contents of a particular parcel, forward it to another address, or simply shred it.

Users range from frequent travelers who want to read their mail while they're on the road to expats looking to keep a U.S. address to startups eager to outsource the business of handling and archiving their incoming correspondence, Sanz says.

"We are becoming almost a part of the backend of their business," he says. "We're part of their support."

Mailing, Addressed

Virtual Post Mail is one of a number of companies working to turn old-fashioned snail mail into yet another service in the cloud, with some handling more business correspondence, some processing more personal mail, and some focused more on packaged merchandise.

Most of these services have had to custom-build technology and carefully craft workflows to turn the messy, three-dimensional world of hand-lettered envelopes and oddly shaped packages into uniform images they can load onto a website or smartphone app.

"We have to photograph thousands of items every day, and they range from a pair of underwear for kids to skis or giant golf club sets and things like that," says Ernest Fata, the founder and CEO of Fishisfast, which mostly caters to overseas customers who need to receive deliveries in the United States.

"Over the years, we've done iterating and iterating to create a system that can do that, 'cause I don't know of any [commercially available] warehouse management system that has the ability to photograph thousands and thousands of items in quality photographs every day," he says.

Many of Fishisfast's customers are running small import-export businesses and buying goods from American e-commerce merchants to resell in their home countries. Others are families and individuals just looking to take advantage of U.S. online deals, Fata says.

Fishisfast not only scans and weighs packages and the goods inside, it will consolidate individual packages into bigger boxes to save on shipping costs, wrap individual items in Bubble Wrap or even, for an added $5 fee, shoot video of electronic items powering on to verify they're in working order.

To capture photos, the company's gradually moved from Wi-Fi-enabled digital cameras to tablets with specialized software and, most recently, to customized desktop machines with built-in cameras, Fata says.

"Basically it's a full custom thing where basically you place an item in a square and our system photographs it and gives you a barcode, and then you're ready to move on to the next one as quickly as possible," says Fata.

The service's focus is purely on shipping merchandise, not letters and documents, he says.

"In order to do parcels, we would have to probably go and figure out a whole new system for handling that," he says.

That's essentially what Virtual Post Mail has done, says Sanz, who compares the company's mail-handling system to an automobile assembly line. Since Virtual Post Mail's facility is technically just one address, the U.S. Postal Service doesn't sort its customers' mail, leaving the company to index, barcode, and photograph each individual envelope, says Sanz.

"The logistical and technical aspects of processing mail is, I think, extremely, extremely difficult," he says, explaining that attention to operational detail makes the company reliable and efficient as the customer base grows. "Certain parts of the process cannot be automated."

Handling With Care

While startups in the purely digital world can often deal solely in abstraction—storing email attachments or uploaded files without caring too much about the contents—Virtual Post Mail's website is practically a catalog of the many special cases involved in handling snail mail.

There are policies for scanning credit and debit cards and the fronts and backs of checks. There are rules for forwarding mail, returning it to its sender, and picking it up in person. There are procedures for handling books and magazines, for depositing checks, and for securely shredding documents.

"When you're talking about digitizing mail, it's not just about software, it's not just about the software engineering aspect to it," says Sanz. "There's also a physical operations aspect to it."

Still, the company just introduced a new mobile-friendly interface. While operators of digital mail services take on the complexities of physical mail, their customers benefit from the relative simplicity of computerized data.

One of the oldest mail digitization services, called Earth Class Mail, integrates with Google Drive, Box, and Dropbox to upload scanned mail and with Bill.com to process invoices and payments.

"Ninety percent of our mail that we actually need, after you weed out the junk, we can digitize it and just have it in our [cloud storage] and that's good enough," says Alex Polvi, the founder and CEO of server software company CoreOS, which uses Earth Class Mail as its virtual mailroom.

CoreOS has moved offices as it's grown to its present size of about 40 employees, but it's maintained a consistent, and somewhat anonymized, mailing address thanks to Earth Class Mail.

Administrative staff can simply handle the company's mail online, storing necessary documents digitally and having packages forwarded to CoreOS's physical office address, he says.

While Oregon-based Earth Class Mail dates back to 2006, the company was acquired just last month by a new parent company created by tech investor Jonathan Siegel. The acquisition came after Earth Class Mail filed for Chapter 11 in late February, with the company's chief financial officer writing in a court filing that the company had "been in financial distress since the economic downturn in 2008."

Doug Breaker, the company's new CEO as of July 13, says the financial troubles had more to do with debt Earth Class Mail was carrying than with the underlying business model.

"The interesting thing is, the company other than some really restrictive debt they took in the last bit of funding was operating pretty profitably, and with a customer base that really loved the product," Breaker says. "So what we plan to do is to go and really invest again—to go invest in the product to make it that much more valuable for small and medium businesses and startups and companies like that."

That'll likely mean more software integrations and auto-processing of incoming deliveries, he says.

For businesses already running their own mail operations—from office mailrooms to traditional mailbox stores—a startup called Anytime Mailbox launched in 2014 offers mail-digitization apps that can run on a standard laptop, smartphone, or tablet, letting mailroom workers snap pictures of mail, tag recipient accounts, and upload the data to the cloud.

"Our approach was, let's use existing technology," says cofounder and president Matt Going. "People are very used to taking photos with their mobile device, tagging their friends, and then uploading on social media—same kind of idea."

Going says the company has more than 100 locations currently using the service.

Thinking Outside The Post

Even the Postal Service itself is gradually moving toward a world of digital mail, with an ongoing pilot test in areas of Virginia of a program called Real Mail Notification that lets participants see digital previews of the mail they're receiving that day. The program currently emails customers images captured as part of the mail sorting process, and a Postal Service spokesperson says the agency's considering options to include additional images submitted by mail senders.

The Postal Service says it's received a positive response in Virginia and plans to expand the pilot program into New York City later this year.

"We generated a high level of engagement," Postmaster General Megan Brennan told a mailing industry conference in May. "Nine out of 10 people were checking their mobile device to see what's in their mail every day."

For his part, Earth Class Mail's Breaker says his company welcomes any competition.

"It's actually very encouraging to see others entering the space," he says. ""That's a sign that this is an important market, where others see opportunity as well."

Reddit calls itself "the front page of the Internet." But unlike a traditional newspaper's front page, the stories and comments on the site aren't picked by professional editors.

Instead, they're submitted by everyday users and reviewed by an army of about 20,000 volunteer moderators across the site's roughly 9,000 active, user-created forums, or subreddits, covering topics from science to soccer to nail art. They're in charge of enforcing a handful of sitewide rules—no spam, no child pornography, no harassment or doxxing—and the individual policies of the subreddits they manage.

"Moderators are essential to Reddit," wrote the company's community manager Kristine Fasnacht to Fast Company in an email. "While we provide the platform and enforce rules to maintain the integrity of the site, they are the ones who work day in and day out to make subreddit communities function and thrive."

But the relationship between Reddit's volunteer moderators and corporate management has long been rocky. Moderators often complain there's little they can do about issues like spotty communication from Reddit headquarters, abrupt policy changes, and antiquated moderation software, yet a quickly organized moderator protest over a popular employee's firing earlier this month brought international media coverage and led to the resignation of interim CEO Ellen Pao.

But while the protests, which temporarily shut the virtual doors of dozens of popular subreddits, drew plenty of attention, moderators say their role typically involves little corporate intrigue. Instead, they spend hours a day fielding user questions through the site's modmail system and culling off-topic or offensive posts, hoping to make the site a better place and, perhaps, make an online name for themselves.

Sussing Out Subreddits

"It's a bit like why people pick up litter off the street, or go into politics, or try to tend their front lawn for whoever's in the neighborhood," says Daniel Allen, a Chicago-area designer who until recently moderated several large subreddits under the name solidwhetstone. "It's sort of like this: if you don't contribute to improving communities, and you want to consume or enjoy good content, you're kind of expecting something that you're not putting into it."

Allen says he got his start on the /r/Chicago subreddit and began to moderate other subreddits when they asked for experienced volunteers.

"Kind of the way that it works on Reddit is it's very much a trust-and-reputation-based structure, so if you do a good job on a subreddit and foster the growth of your community and other people start to take notice, then they might offer you a mod position elsewhere," he says.

He says he often focused personally on content standards for the subreddits he moderated: polling users on what kinds of material they want to see, posting guidelines, and removing content that breaks the rules.

"Without guidelines, once a community gets to 50,000 people, the quality of the content starts to decline drastically," says Allen, who watched the Chicago forum grow from about 5,000 subscribers to more than 70,000. The /r/Art subreddit, which he also moderated, itself rose from 50,000 members to more than 3 million on his watch.

Users who don't agree with existing moderators' guidelines—or the lack thereof—can, and often do, start their own rival subreddits. The cannabis-focused subreddit /r/trees, for instance, famously spun off from /r/marijuana after such a dispute, and when fans of non-intoxicating varieties of trees, like oaks and maples, found the name taken, they jokingly gave their own subreddit "for all things dendrologic" the name /r/marijuanaenthusiasts.

On some subreddits, growth without strict guidelines just leads to generic posts like references to popular memes, but others can take a nastier turn. On the Chicago page, for instance, Allen says he and other moderators patrolled comment threads for racist commentary of a type they had seen on other local sites.

"There are Chicago newspaper websites that have comment sections that are full of hate speech, and we wanted the Reddit community to be something different," he says. "We banned them. We silenced them. We removed their comments. We told them to go away."

The Taming Of The Trolls

Trolls are a notorious problem on Reddit, just as they are on many Internet forums, and moderators are typically the ones forced to deal with them.

"They can wreak havoc on our threads and really mess with people's heads," writes the lead moderator of the /r/sex subreddit, who uses the name Maxxters. "I don't think most people realize what little it takes to seriously damage someone because of a way you respond to their question or sexual information they've divulged."

Users can flag inappropriate or spammy posts, and moderators can remove them from the site and ban repeat offenders from their subreddit. Many moderators use a scripting tool called AutoModerator—initially created as a third-party extension, and later made an official part of the site after its developer Chad Birch was hired by Reddit—that lets them define certain automated filtering rules, but posts often require human review to see if they violate the complex rules of individual subreddits.

"You can call an action an abomination," wrote /r/Christianity subreddit moderator RevMelissa in deleting one post. "You are not allowed to call a person an abomination, as that is a personal attack."

An ordained minister, she leads an online ministry called Fig Tree Christian that takes prayer requests and holds Bible discussions through its own subreddit. Fig Tree is part of the Disciples of Christ denomination, but on the general Christianity subreddit, she and the other moderators work to enforce the forum's rules of civility, not the doctrine of a particular church.

"It's a difficult sub to moderate because Christianity is defined differently depending on your denomination or sect," she wrote in a Reddit private message. "Some people want moderation to run down certain denominational lines, and they get very frustrated when it doesn't."

But the forum's intended to be welcoming to members of all beliefs, she writes.

"I believe all people deserve a place where they can feel safe and can connect with others," she writes. "/r/Christianity stands apart from other subs as just that. I want to keep it safe."

That's a sentiment echoed by moderators from across the site.

"That's the main job, really helping shape the community to be a friendly, welcoming and useful space," says Randal Olson, an artificial intelligence researcher and head moderator, under the name rhiever, of /r/DataisBeautiful. "For me it's more community building—I love the fact that we have this massive community that's focused on data analysis and visualization."

He does have to deal with spammers, and with racists posting dubious data about human genetics, but also gets a unique look at developments in the field.

"Most or maybe getting close to all of the data visualizations that come out on the web end up on /r/DataisBeautiful," says Olson, who usually spends a few hours a day reviewing posts. "it really helps me keep up with what's going on, who's talking about what, what's the latest cool data visualization."

This Mod World

While moderators continue to contribute their time and energy to the site, many wish Reddit's management would take steps to make their lives easier, like clarifying the company's own rules on acceptable conduct and improving the aging suite of tools used to filter posts and communicate with rank-and-file users.

"Modmail is one of the most unpleasant, confusing, and downright frustrating things to use, and we have to rely on it to communicate directly with subscribers," writes user K_Lobstah, who moderates a number of prominent subreddits. "One of the most prevalent problems for which moderators have zero solutions is ban evasion—when a subscriber receives a ban and just makes a new account in the next two minutes to continue doing whatever got them banned in the first place."

Moderators' dissatisfaction became more apparent on July 2, when dozens of popular subreddits effectively shut down after Reddit's surprise firing of communications director Victoria Taylor. Taylor worked extensively with moderators of the popular IAmA subreddit, helping them host "Ask Me Anything" question-and-answer sessions with public figures from President Barack Obama to Parks and Recreation star Amy Poehler.

Upon her sudden departure, moderators at IAmA said they were given little information by Reddit about transition plans or even a reliable way to contact scheduled AMA guests. IAmA's moderators made the page invite-only to regroup, and other subreddits' moderators followed to protest what they saw as the latest evidence of Reddit's neglect of the site's volunteers.

"The shutdown was about communication and better mod tools,"wrote the moderators of the 9-million-subscriber subreddit AskReddit. "This was about problems moderators have been complaining about for years."

Days before her departure, Pao apologized on behalf of Reddit's managers, vowing better communication and better moderator software were in the works.

"We haven't communicated well, and we have surprised moderators and the community with big changes," she wrote on the site. "We have apologized and made promises to you, the moderators and the community, over many years, but time and again, we haven't delivered on them."

Reddit's since said it assigned AutoModerator creator Birch and community manager Fasnacht to focus on improving tools for moderators, though both have acknowledged the company just doesn't have the ability to make sweeping updates overnight, perhaps especially to the creakiest parts of the site's infrastructure.

"Modmail was written a long time ago as an extension of the current user to user messaging system, which itself was an extension of the current commenting system," Fasnacht wrote in her emailed statement. "As a result, it's connected pretty strongly with other parts of the system and is difficult to make changes to."

The company also continues to wrestle with the ongoing problem of better defining sitewide content standards. It's taken steps this year to ban revenge porn and, under a new harassment policy, purge subreddits, such as /r/FatPeopleHate, that were essentially serving as nests for trolls.

Those changes come at a time when many online publications are moving away from the anything-goes, free speech absolutism of the early Internet toward something more civil—and more welcoming to the advertisers keeping their sites afloat. Earlier this month, Gawker CEO Nick Denton removed a story alleging a married, male publishing executive attempted to hire a male prostitute, citing both "the 2015 editorial mandate to do stories that inspire 'pride' and 'business concerns.'"

Denton's decision wasn't without consequence for the company—two high-ranking editors left the company over the article retraction and general concerns about editorial independence—but imposing such policy changes is certainly still easier at a publishing organization like Gawker than at a user-driven site like Reddit. Reddit's moderators are unlikely to accept any new sweeping mandates about what constitutes acceptable discourse or relish being caught between angry users and site management, and paid administrators likely lack the resources to enforce any radical new standards on their own.

Any changes the company does make or suggest inevitably bring apprehension to moderators and users afraid their communities will suddenly be on the wrong side of a new policy. The site's paid administrators are ultimately in the same position as many of its volunteer moderators—trying to govern communities where they quickly discover disagreement is the rule, not the exception.

"At first I thought /r/Christianity was the next evolution in church, but that could never be the case," writes RevMelissa. "To be a church you have to have community and doctrine. That particular sub would never agree on doctrine. It just couldn't happen. But they are the most ecumenical (hoity toity word for multiple faith traditions getting along) I have ever found."

Soon after this week's apparent leak of user data from Ashley Madison, users of the cheating-focused dating site searched frantically for ways to retroactively scrub their accounts from the massive data release.

One listing on the hacker-for-hire marketplace site Hackers List offered to pay up to $2,000 to anyone who could remove account information from the leaked files, which reportedly contain records for up to 36 million users of the site. "For what it is worth, I did not cheat, going through a tough time right now, but this is a wakeup call," says the listing. "Need a skilled hacker to remove my information from wherever it appears as soon as possible. Please help."

An anonymous New York Craigslist advertiser claims to be able to remove individual data from the release for a fee, and even Ashley Madison site operator Avid Life Media vowed Tuesday to do its best to undo the effects of the leak, in a statement strongly condemning the hack.

"We are actively monitoring and investigating this situation to determine the validity of any information posted online and will continue to devote significant resources to this effort," the company said. "Furthermore, we will continue to put forth substantial efforts into removing any information unlawfully released to the public, as well as continuing to operate our business."

But, say security researchers who've analyzed the data and tracked its progress online, it would be impossible at this point for anyone to effectively suppress any of the information found in the leak. "Unfortunately that's simply not possible – once information has been sufficiently socialised and redistributed (which the Ashley Madison data has certainly been), the exposure is irretrievable,"wrote security researcher Troy Hunt in a Q&A post about the leak. "At this point it is better to focus on damage control – consider the impact of your Ashley Madison membership being known by everyone and what actions you might take in order to minimise the impact (i.e. discussing with a spouse)."

The 10-gigabyte data dump was initially published Tuesday on a website accessible through Tor, the anonymous browsing tool, and quickly redistributed through the BitTorrent file-sharing network. The leak followed a statement last month by a hacking group called The Impact Team, which threatened to release the data if Avid Life failed to shut down both Ashley Madison and a second dating site called Established Men. The hackers condemned the site's operators for offering a $19 "full delete" feature, which they say failed to always expunge members' data from the database.

Security researchers say the released information includes names, email addresses, physical descriptions, and even sexual and romantic preferences provided to the site, along with some records of credit card transactions for paying subscribers. Full credit card numbers apparently weren't leaked or, says Avid Life, even stored by the company.

The release was quickly found to contain verified account information, with journalists from Gawker and The Guardian announcing they'd found accounts they'd previously created for reporting purposes in the data dump. Security writer Brian Krebs reported that Ashley Madison accounts posted on BugMeNot, a site that allows users to publicly share website credentials, also appeared in the dump, and he and other security experts confirmed other users found their information in the dataset. "I've verified both the credit card info and the account info with people I trust," says researcher Robert Graham of Errata Security.

Journalists and anonymous users of forums like 8chan quickly dove into the data released on Wednesday, loading the files into database software and finding the names, occupations, and official email addresses of government officials, business executives, and celebrities. And for Internet users looking to search for themselves or their significant others in the data, a number of websites quickly launched offering email address services. Hunt's Have I Been Pwned? site, which identifies email addresses released in a number of high-profile breaches, promised to only let users search for their own, verified addresses "due to the sensitivity of the data," but other sites allowed users to search for any address.

Dustin Puryear, who created one site offering to let users search the database for a $5 fee, says the search service ultimately isn't too dissimilar from search engines like Google. "This is information that's already available," he says. "It's just very difficult to get to, and very difficult to understand."

Puryear says he hasn't decided yet whether he'd let users request that listings be removed under extenuating circumstances, though he emphasized he wouldn't charge users a fee to remove their information.

The data release was cryptographically signed by the hackers, which will make it hard for anyone to release any fake data from the site in the future, whether that's pranksters looking to maliciously add names to the list or cheating spouses looking to circulate substitute files without their own information, says Graham.

"They can claim things, like their credit card was hacked, or someone [else] used their email address," he says. "For example, Tony Blair, the former Prime Minister of Great Britain, he's on the list, but it's unlikely to be the real Tony Blair. You can try to deny things that way."

While experts have warned the release could cause serious and even life-threatening consequences for Ashley Madison users for years to come, there seems to be little that can be done to stop the data from continuing to circulate. Avid Life has condemned the hackers for leaking its customers' data, though a note apparently circulated with the release argues the blame lies squarely with the company for not better securing the sensitive information.

"Prosecute them and claim damages," the hackers apparently wrote to users of the site. "Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you'll get over it."

Next week will mark the 10th anniversary of a dark chapter in New Orleans' long and storied history, when Hurricane Katrina devastated the city and the surrounding area. Now, a growing startup community is hopeful the city will soon be known as a center for new and innovative businesses.

"I think, by 2018, there's an opportunity for New Orleans to be viewed around the country, around the world, as a hub of entrepreneurship for the South," says Tim Williamson, the CEO and cofounder of incubator The Idea Village, referring to the year the city will celebrate its 300th anniversary.

That would have been hard to imagine in 2005, when the storm flooded 80% of the New Orleans and cut its population by more than half, while leading to the deaths of more than 1,800 people across the Gulf region.

But after the floodwaters receded, lifelong residents and newcomers from around the country organized to piece the city back together: rebuilding houses, clearing debris, and even restoring street signs, says Andrea Chen, executive director of New Orleans social entrepreneurship incubator Propeller.

"I lived here before the storm, and there was just not a lot of energy around entrepreneurship and problem solving," she says. "A lot of that changed after the storm, and a lot of that was out of necessity."

As the city rebuilt, Chen and her cofounders sought to preserve that energy, creating what would become Propeller. Today, the incubator operates a 10,000-square-foot coworking space and offers an accelerator program for startups focusing on problems to do with food, health, education, and water management. It also offers a variety of Crescent City-focused tech programming, like a class on building Arduino-powered Mardi Gras costumes.

One Propeller-backed company, called Clear Health Analytics, uses statistical techniques to help people pick health insurance plans. Another, the VEGGI Farmers Cooperative, has helped fishermen from the city's Vietnamese community shift to growing local vegetables after the 2010 BP oil spill contaminated the Gulf of Mexico.

"A lot of people already had outdoor gardens—it was something that was part of the culture," says Chen, explaining that members of the cooperative now sell produce to high-end restaurants around the city.

But while those kinds of turnaround stories are now growing common, the years before Katrina had been marked by pessimism in New Orleans. Problems like crime, political corruption, and a slowly shrinking economy had just seemed intractable, and many talented residents felt they had no choice but to seek their fortunes elsewhere, says The Idea Village's Williamson, a native of the city.

"In my lifetime, we grew up thinking we could never win," he says. "We could never succeed."

But as the city came together to rebuild, long-term residents and natives returned to help with rebuilding efforts began to feel more empowered to change the status quo, he says.

"Because of Katrina, people started to reframe about who we are and how we do things—maybe we can solve our own problems," he says.

At the same time, the rebuilding efforts brought newcomers to the city, including many with an entrepreneurial bent and a love of the city's unique culture.

"After Katrina, New Orleans became the leading Teach for America city in the country, so you have a lot of very smart people moving down to become teachers through the Teach for America fellowship," says Chris Schultz, cofounder of the coworking space and startup community Launch Pad. "A number of them became entrepreneurs."

That's led to a number of growing New Orleans startups in educational technology—like Kickboard, which builds analytics tools to track student performance and got its start at Launch Pad. Some Teach for America participants even went on to start companies in other fields, like Brian Bordainick, the founder of Dinner Lab, which puts together chefs, hosts, and diners for one-night pop-up restaurants around the country.

Bordainick says his company has benefitted from one advantage New Orleans has over more established startup hubs like New York and the Bay Area: significantly cheaper costs for housing and office space.

"The startup costs were a lot cheaper," he says. "We were able to make a pretty small investment last a long way."

Michael Hecht, the CEO of economic development nonprofit Greater New Orleans Inc., estimates a business can save 30% to 40% in overall costs by starting in New Orleans rather than New York or San Francisco. He's also seen housing cost savings help companies from startups to giants like General Electric woo new technical hires from out of state.

"it's been our experience, that we're pleased to see that if people from New York, from San Francisco, from Chicago are offered the chance to get a good job with a company in New Orleans where their dollar goes 30% further, and they can have a much greater quality of life in general, almost everybody says yes to that opportunity," he says.

Louisiana also offers tax incentives for angel investors and software businesses in the state, but many acknowledge raising larger levels of capital in New Orleans can still be harder than in Silicon Valley.

"I think that there's no doubt that being in New Orleans as a CEO or [in] business development, you are going to need to be on a plane," says Schultz. "If you're in San Francisco, you can kind of walk down the street, there are VCs everywhere, you can kind of take a lot of meetings very easily."

Fundraising may become easier if and when New Orleans has a big enough tech company get acquired or go public, suggests Bordainick. That could create a class of millionaires looking for new startups to back, just as Microsoft's success helped make Seattle a tech hub, and Dell's IPO helped establish Austin's tech industry.

It's unclear, though, if the city currently has the infrastructure to support a new employer on a Microsoft or Dell scale: Housing prices have already risen dramatically since Katrina, leading to widespread debate about gentrification. While rental prices are still significantly lower than in the big coastal cities, so are many paychecks outside tech and other high-salary industries, and public transit advocates continue to argue officials haven't done enough to restore service cut after the storm.

Still, Hecht argues, a growth-driven housing crunch might be a better alternative to the slow stagnation he says the city saw not long ago.

"The fact that you're going to have these growing pains is in some ways a good thing, because that means you're actually growing," he says.

It's the oldest Internet advice in the book: Keep your personal and professional online lives separate.

That's probably why a Slate political correspondent effectively scolded Hillary Clinton this week for making an "obvious mistake" using a personal email server for official business as secretary of state, and a recent New York Times opinion piece mocked Ashley Madison customers who were "too stupid" to avoid using their work accounts on the cheating site.

After all, the arguments against mixing work and personal online communication are fairly clear and well-trodden.

Use your work email or office hardware for personal correspondence, and your bosses are legally entitled to monitor every word you type or scour the machine's hard drive any time they see fit.

"Courts have repeatedly, repeatedly, repeatedly ruled that employers have every right to do that," says Eric Rzeszut, an IT manager at the University of Virginia and the coauthor of 10 Don'ts on Your Digital Devices.

Even if your employer's not deliberately monitoring your activity, any private email you send through the company server or files you save on your office hard drive can still end up automatically backed up, mirrored, and archived on systems outside your control, perhaps long after you've left the company.

And if you use your personal email or other cloud services for work purposes, you risk violating company policies or even legal privacy and data retention rules, and are liable to take the blame if anything confidential gets leaked or you inadvertently bring malware into the company network. You can even find your personal emails and files subject to unwanted scrutiny if there's any question about what data you've transferred and exactly what you've done with it, says digital privacy and security consultant Jonathan Bari.

"The corporation may very well wonder, what is the employee trying to do here and is the employee trying to do something wrong?" he says.

Yet despite all the arguments against it, plenty of people continue to mingle their personal and professional data.

One recent study conducted by document management software company Alfresco suggested Clinton is far from alone in using personal email for government work: A third of public employees polled acknowledged doing so. Even Homeland Security Secretary Jeh Johnson and other senior officials in the department apparently got special permission to check their personal webmail accounts on work computers after the practice was generally banned last year, though it's not clear if they used the accounts for government purposes.

And in the private sector, research has repeatedly found such practices are at least equally widespread. One 2011 report by email security firm Mimecast found that 79% of those surveyed used their personal email accounts for work. Another study, released in 2013 by research firm Frost & Sullivan and security giant McAfee, found that 80% of respondents had used some kind of unauthorized cloud software for work purposes.

But according to both survey reports, employees mostly weren't trying to do anything nefarious—often, they were just trying to transfer larger files than their corporate inboxes could handle or using cloud-based tools that were better than what they had at work.

"It turns out users overwhelmingly turn to nonapproved apps for one reason: They need to get their jobs done," wrote the authors of the Frost & Sullivan report.

But even with the best intentions, experts say, workers should still be wary of using unauthorized email accounts and other online tools in the office, says Robert Douglas, the president of Bay Area IT consultancy PlanetMagpie.

"I wouldn't circumvent—it kind of opens yourself up to repercussions from management," he says.

Instead, employees should talk to their bosses and IT departments about the best way to handle tasks like sharing large files—there might be an officially approved tool that's simply not well-advertised, he says.

"If I were an employee of one of those companies, that's how I would approach it: Please tell me what the official way to share this is, and that's how I'll do it," he says.

And companies can make matters easier by deciding on one approved solution, publicizing it to employees and potentially even blocking other cloud services, says Douglas.

Of course, many companies simply don't have clear policies or workable solutions in place. At the same time, bosses often still expect that employees have ready access to work data to answer quick questions even when they're out of the office, says Rzeszut.

In those kinds of situations, workers should try to take reasonable precautions about what kinds of data they allow on outside systems, he says.

"A lot of it is kind of analogous to paper files," he says. "There are certain paper files in our offices that we might leave just sitting around on our desk or in a conference room, and then there are other files in a typical office where they have to be kept under lock and key in a file cabinet or they're stored in a secure room where you have to swipe your badge to verify your identity."

Workers can also take other precautions, like deleting project data from cloud services when it's no longer in use, says Rzeszut, though he acknowledges most probably don't.

"People aren't great at performing any sort of cleanup on their cloud storage," he says. "In an ideal world, you'd go in and pull that down off the cloud once the project is complete, but because in most cases people don't run up against the storage limit in their cloud storage providers, they're not incentivized to do that."

Setting up work-specific accounts with cloud providers even if they're not employer-issued, as opposed to simply mingling personal and employer data, can also be a good idea —and another one that's not often practiced, says Rzeszut.

Still, even for experts, it can take some diligence to keep your personal and professional email lives fully segregated.

"People send me a lot of personal stuff to my company email, and I purposely push it to my private email and respond to them there," Murphy says.

Like many tech-conference organizers, the people behind The Email Design Conference made sure to email attendees well ahead of time with the Twitter hashtag for the event.

But when they opened that email, those going to the conference were amazed to find not just a link to the Twitter feed for the convention, but a live, scrolling collection of just-posted Tweets using the hashtag.

"We embedded a live, dynamic Twitter feed in the email itself, so as people were opening the email and started to tweet about the conference hashtag, it started to appear in the email," says Justine Jordan, the marketing director at Litmus, the Boston-area email testing and analytics company that organized the August conference.

In an era where Twitter feeds appear everywhere, from wristwatches to billboards, simply embedding one in another familiar type of digital message might not seem like much of a feat. But adding live data and interactivity to email, a decades-old medium that most haven't associated with innovation since the golden age of AOL, is actually a new and surprisingly intricate technique that experts say can help change how businesses connect with their busy customers.

"Certainly, it seems like every year, people are in more and more of a hurry, and that definitely is the case with email users," says Chad White, research director at Litmus. "If you can give them something actually in the email that's actionable, they're way more likely to engage with that, versus forcing them to click through to a website where they have to regain their bearings and find the things that they're interested in."

That means taking marketing features traditionally found in a website or app, like a rotating carousel showing different versions of a product, or an animated GIF highlighting an ongoing sale, and adding them directly to marketing emails. New York startup RebelMail has even demonstrated early versions of an online shopping app contained entirely within an email message, where buyers would only need to be redirected to a store's website to make their final checkouts.

"That's one of our concepts—one of our apps that we're building and working towards," says Mark Robbins, a developer at RebelMail.

The challenge, he and other developers say, is making sure that emails render properly across the huge variety of email programs commonly in use.

Before an interactive or heavily styled email can be sent to customers, it needs to be tested on multiple versions of desktop email programs like Microsoft Outlook and Apple Mail, on webmail services like Gmail and Yahoo, and on iOS and Android apps from many of the same vendors.

"It's not just inboxes but also browsers," says White. "Your email in Gmail can look different, whether or not the user is using Chrome, Firefox, or Internet Explorer."

A big part of Litmus's business involves automating those tests, sending clients' draft marketing messages to an array of physical and virtual machines, each of which takes a screenshot of the email in a different combination of operating system and email program.

"We automate that entire process of taking the screenshot and sending it back to the customer," says Jordan, explaining that Litmus customers can generally see an array of screenshots within 10 seconds.

Most modern email software lets email contain some subset of the HTML and CSS languages used to structure and style websites, but the exact features allowed and how they're handled can vary drastically, leading to lots of trial and error.

"On the web, you have things like Bootstrap, things like jQuery, where it's kind of, hey, you want to do a carousel, you use this method, and it creates a carousel for you," says email developer Justin Khoo, an independent developer and the author of the email design blog FreshInbox. "Email, it's still really new—people are still figuring out what works and what doesn't."

Supporting old clients also forces email coders to write HTML in ways most web developers abandoned years ago, Khoo says.

"Nobody designs websites with tables any more, but if you look at the source of every email, that's a table in there—there's tables everywhere," he says.

And for security's sake, almost no email software allows JavaScript, the language typically used to add interactivity and live data updates to websites, so email developers have had to find clever ways to build that same functionality using CSS.

The styling language is far from a full-fledged programming tool, but it has enough support for animation and reacting to where users have clicked and tapped to let developers build surprisingly complex apps: RebelMail's Robbins even developed an email-embeddable whack-a-mole game that moves the rodents and keeps score without a line of JavaScript.

Email developers using more advanced features typically try to make sure their emails degrade gracefully when they're opened in more primitive clients, says Geoff Phillips, a senior email specialist at testing and analytics firm Email on Acid. That's because experiments have shown most email recipients will quickly give up on a broken email rather than try it in another program or on another device, he says.

"You don't want there to be a broken box where a video should be," he says. "With video in email, usually the fallback is to have an image that has a playback on it and then link that to your YouTube page that has the video."

But despite the complexities, marketing companies say they've found getting email right is well worth it.

"Really, email marketing for businesses continues to be, as recent as this year, the highest performing marketing channel for companies," says Kraig Swensrud, the chief marketing officer of email marketing firm Campaign Monitor.

A McKinsey report published last year found email helped surveyed companies attract nearly 40 times as many customers as Facebook and Twitter combined. Marketing companies have also reported that adding video, animation, and other modern features can boost email engagement and click-through rates. One oft-cited Oracle Marketing Cloud report found a British e-commerce client boosted its email response rate by 32% after making improvements like integrating interactive features and mobile-responsive design.

"Companies don't want to just send an email," says Swensrud. "They want the recipient to open the email multiple times. They want the recipient to really engage with the content. They want the recipient to click on things within the email."

And with the variety of email clients in use growing, not shrinking, those complex emails are going to continue to require complex programming techniques.

Still, not having the full power of the web in email messages—which are essentially placed in users' inboxes by other people, not downloaded in response to a search or click like web pages—might not be entirely a bad thing, says Robbins.

"It's the equivalent to a door-to-door salesman as opposed to going out to a shop," he says. "You have to be careful with that, and you have to respect the users because of that."

A decade after Hurricane Katrina devastated southern Louisiana, a nonprofit New Orleans startup accelerator called Propeller is part of a push to change how the region approaches the water that surrounds and defines it.

Founded to channel a post-Katrina burst of entrepreneurial energy in the city, Propeller helps companies that work on economically sustainable approaches to social and environmental issues. Late last month, the organization was awarded a $300,000 grant from the federal Economic Development Administration to support its work with organizations dealing with water issues, from urban drainage to coastal erosion.

One of the critical aspects of the program is bridging a traditional divide between groups working in the city and those working to preserve the area's coastal wetlands, says Propeller programs coordinator Ginny Hanusik. "The problems we're facing now are because there has been such a separation of the two areas throughout history," she says.

The flood-prone Crescent City's approach has traditionally been to wall off neighboring Lake Pontchartrain and the Mississippi River, while building sophisticated drainage systems to rush rainwater away from the city and its suburbs. But drying out the urban area has paradoxically pulled much of the city further below sea level as the soil it's built on settles and shrinks. That's made storm-related flooding that much worse and weakened buildings on the sinking ground.

"New Orleans cutting itself off from water—that's kind of been the trajectory of, we're afraid of water, put up levees, don't let any in," says Hanusik. "That's caused incredible subsidence in the city and has made flooding worse when it does rain."

A tendency by area landowners to pave parts of their front yards, giving water less room to seep into the ground, has made matters worse, says Dana Eness, the executive director of The Urban Conservancy. The advocacy group participated in Propeller's accelerator earlier this year, working on what it calls its Front Yard Initiative, spreading the word about fighting subsidence through landscaping.

"It's PowerPoint presentations to neighborhood associations," says Eness. "It's one-on-one with thought leaders within the communities."

Alongside Eness in the accelerator program was landscape designer Dan Johnson, a natural supporter of the Front Yard Initiative. His company, called Greenman Dan, markets and installs systems for collecting rainwater from lawns and parking lots so it can be used for irrigation or simply gradually released into the soil. That requires easing property owners away from an instinct to divert rainwater away from their land, generally into the street. Johnson's system stores water in underground tanks built from modular blocks.

"It's basically cubes that we could put in the ground and build to whatever size we need," says Johnson. "If someone has a permeable parking lot, we can absorb the water there in the tank, and then we can have it slowly percolate out of the tank into the surrounding soil, so it's recharging the ground."

In the nearby city of Hammond, another Propeller accelerator alum, called Wetland Resources, harnesses streams of fresh water it can find to support newly planted cypress and tupelo trees. Those trees serve as a kind of natural levee, buffeting the effects of a storm surge even during powerful cyclones like Katrina.

"Just a few hundred meters of cypress can completely take the waves out of the surge," says Gary Shaffer, a biology professor at Southeastern Louisiana University, who cofounded Wetland Resources with his wife, Demetra Kandalepas. "They just baffle those waves."

Efforts led by Shaffer and Kandalepas, who also holds a doctorate in biology, have led to the planting of more than 100,000 of the trees in the past decade, but those efforts are futile if the plants don't get a steady supply of fresh water. Overly saline water will kill the trees—a challenge in a state said to lose more than a football field's worth of wetlands to the Gulf of Mexico every hour.

"We've tried to reforest areas that didn't have that reliable source of fresh water, and they died," says Shaffer. "Now we will not take on any business unless we know we have a reliable source of fresh water."

One practical source of water is the output of wastewater treatment plants, whose sterilized product is essentially fresh water mixed with nutrients that can be absorbed by the trees. But just as allowing rainwater to collect to reduce flooding can be counterintuitive for New Orleanians, the concept still needs frequent explaining to residents concerned that the treated material could be toxic or otherwise upset the wetlands ecosystem.

"One way to refute that is by doing things like town meetings," says Kandalepas, who explains that the nutrients in the treated water are simply absorbed by the trees.

Business leaders who serve as mentors in the Propeller program have helped the scientist couple learn to better promote their work, Shaffer says.

"Neither Demetra nor I are business people—we don't actually like business and marketing," he says. "We're scientists. We're very naive. This just isn't something we're good at."

Still, the two were adept enough for Wetland Resources to win a Propeller-affiliated water business pitch competition this spring. The company plans to use the $10,000 prize to patent and produce a specialized container for the tupelo trees that helps protect them from nutria, a rodent variety common in the area, and makes planting saplings substantially faster.

"We would very much like to see 10 million cypress and tupelo planted in coastal Louisiana in the next decade," says Shaffer. "If we did that, we would really make a dent on storm protection."

The Propeller program's business mentoring is also a plus for Chris Spring, the founder of Connected Earth Sciences, set to take part in the water accelerator's next round starting this month. Spring, a software engineer with a background in coastal geology, is developing inexpensive water quality sensors to measure changing conditions in the wetlands.

"We're going to look at water temperature, salinity, dissolved oxygen, and redox potential—the water's ability to cause redox reactions like rust strains that's an indicator of all sorts of stuff—and then clarity," he says.

Spring says collecting that kind of data has historically been costly and laborious. He's previously worked on projects where scientists took airboat rides into the marsh with expensive equipment, then analyzed results with high-powered computer workstations. He says newer sensor technologies should make the devices cheap enough that they can be mounted on fishing boats to continuously gather data.

He's hoping Propeller can help figure out the right incentives to offer boat owners to install the devices. Once the sensors are in place and recording numbers, modern computing platforms should make it easy to compute and release the numbers to interested scientists, he says.

"I'm really excited about that, because this wouldn't have been possible two years ago without the virtualized cloud infrastructure at such low cost," says Spring.

The Public Laboratory, a nonprofit that promotes citizen environmental science, also took part in Propeller's program this year, working on an inexpensive, open source tool to measure water temperature, conductivity, and other data. The organization and interested volunteers are testing the device, dubbed the Riffle, in waterways from Boston to New Orleans to Colombia, says Public Lab outreach manager Stevie Lewis.

Since the tool design is public, anyone is free to tweak it and use it for their own purposes, she says.

"Everybody comes with their own objective and interest, but the idea with open source is that you can take that idea of what the tool is and does and apply it to your interests," says Lewis.

The group even held a hackathon late last year, exploring ways to make the device more useful for potential local users. That kind of collaboration is precisely the goal of the accelerator program, says Propeller's Hanusik.

"Our vision is that by bringing together entrepreneurs that are working together in the greater New Orleans region with coastal restoration efforts, it can be this kind of critical mass that's building a more sustainable region that's able to live with water," she says.

In the latest sign that the technology behind bitcoin is being embraced by the corporate world, IBM says it's exploring how the cryptocurrency's shared ledger system can be used in fields from banking to the Internet of Things.

"It's a completely novel architecture for business—a foundation for building a new generation of transactional applications that establish trust and transparency while streamlining business processes," wrote Arvind Krishna, senior vice president and director of IBM Research, in a blog post Wednesday. "It has the potential to vastly reduce the cost and complexity of getting things done."

The notion of a blockchain was first developed by Bitcoin's pseudonymous inventor Satoshi Nakamoto to record transactions in the currency without the need for banks or any central authority. All transfers of Bitcoin are announced to the currency's network of users, and Bitcoin miners are rewarded with newly generated coins for bundling those transactions into specially formatted records called blocks. New blocks need to satisfy certain mathematical properties when taken in conjunction with those already generated, and the complete historic transaction record is known as the blockchain.

The Blockchain, And Self-Updating Appliances

Rival cryptocurrencies like Litecoin and Dogecoin each have their own blockchains, and various projects have experimented with using blockchains to store data besides financial transfer records. A project called Namecoin uses its blockchain to record Internet domain name registrations, and the Ethereum project allows its blockchain to store simple programs called "smart contracts" that can automatically transfer funds when certain conditions are met.

To IBM, which has seen data processing systems evolve from the mainframe-based systems of the 1960s and '70s to today's distributed SQL databases, the blockchain concept might just be the next big thing in sharing data. The company says blockchains future blockchain-based systems could make it significantly easier to share records and execute all kinds of transactions, including those based on more traditional currency.

"We always have our eye out for the next innovation around these things," says IBM Middleware CTO Jerry Cuomo. "When you look at blockchain—that notion of a decentralized database that is peer-to-peer and based on shared ledger and public and private key cryptography with smart contracts—it kind of turns the model on its side a bit."

Cuomo says IBM's working on proof-of-concept projects with clients in a variety of industries to explore how blockchain technology can make their businesses more efficient.

Companies could store transactions with suppliers around the globe in a shared blockchain, rather than manually exchanging data from separate databases, for example. Car rental agencies could use smart contracts that automatically allow rentals when payment's received and insurance information is confirmed through a blockchain record, he says.

"When all of these three agreements are out there on the chain, we kind of form the final agreement, which is, it's yours," he says. "You own this thing for this period of time, or whatever the contract says."

And smart appliances might even be able to use a blockchain instead of a connection to a traditional cloud server to interact with the outside world.

"For instance, a refrigerator equipped with sensors and connected to the Internet could use blockchain to manage automated interactions with the external world—anything from ordering and paying for food to arranging for its own software upgrades and tracking its warranty," Krishna wrote in the blog post.

Before the systems can be used for potentially sensitive transactions, it'll be important to get privacy and security settings right, Cuomo says, just as cloud computing providers have adapted to storing protected information like health records.

A lot of that will come down to basic encryption of the data stored on the chain, along with some tweaks to existing protocols to make it harder to track who's doing business with whom based on the cryptographic keys that are used as identifiers.

"You can look over time and say, 'Hey, every Monday morning, public key A is doing something with public key B,' and, 'Hey, I do something with public key B every Tuesday,' and you might be able to deduce something from that, which in some cases just wouldn't not be allowed," Cuomo says.

Members Only

And while current projects like Bitcoin and Ethereum have relied on public blockchains where all users are essentially equal, enterprise blockchain projects could use invite-only chains where different users have different privileges to initiate and validate different transactions, he says.

IBM's announcement of its push into blockchain technology—which Cuomo says has been the focus of research within the firm for at least the past year—follows Tuesday's news that nine major banks, including Goldman Sachs, JP Morgan, Credit Suisse, and Barclays, are working with tech firm R3 to test and standardize blockchain tools for the financial industry.

Overstock.com, the online retailer that began accepting bitcoin last year, is also developing its own blockchain-based securities trading platform called T0. The company made proof-of-concept sales of so-called cryptobonds through the platform earlier this year to Overstock CEO Patrick Byrne and to financial firm First New York, and says T0 will settle transactions significantly faster than traditional exchanges.

Cuomo says IBM plans to release source code and other data from its blockchain research within the next few months—possibly including an internal flowchart he says the company uses to illustrate when using a blockchain makes sense and when it doesn't.

"A blockchain is the new shiny object, but in some cases, if it's used for the wrong thing, it might be twice as slow and twice as expensive as using a traditional database," he says.

As a teenager in the early 2000s, London artist Alexander Taylor and his friends shot videos on their Motorola Razr-era cellphones. They swapped the movies they made with one another in the already largely forgotten .3gp file format.

"It used to be quite a thing for all my friends to create these 3G videos," says Taylor, now 24.

Years later, Taylor discovered a treasure trove of amateur feature-phone videos from around the world can be found on YouTube by searching for that .3gp extension. Many of them, he says, appear to have been bulk-uploaded from their creators' phones or hard drives, with the filenames, complete with extension, becoming the YouTube titles.

Most of these videos have been watched only rarely—but that may soon change. Earlier this month, Taylor was awarded a grant from the New York digital art organization Rhizome to support a project he calls, simply, ".3gp." He plans to build a web app, likely modeled after a classic cellphone interface, using YouTube's API to let visitors digitally channel surf through the collection of videos, including the ones with only a handful of views.

"I'm going to try to make it random, so those get an equal viewing chance," says Taylor.

The project, which he aims to launch within the next two months, comes as the art world is increasingly concerned with preserving digital and electronic works, from amateur digital videos like the ones Taylor's celebrating to experimental pieces by international art stars like digital artists Cory Arcangel and video artist Nam June Paik, shown in museums and galleries. And as new media artists increasingly incorporate fleeting digital formats and even Internet content and commercial APIs into their work, curators are grappling with what it even means to preserve these pieces for future generations.

New media art's become popular enough with collectors to sell for thousands of dollars and even tens of thousands, and digital art's often seen as a way to interest younger generations in what art museums have to offer. But without effective conservation techniques, it's hard to know if the artworks—the artistic explorations of the technologies that defined life in the 20th and 21st centuries—will survive long enough for collectors and future museum visitors to appreciate.

Moving Code, Hearts

"There is nothing to indicate that somehow this process is slowing down and maybe becoming stable," says Jon Ippolito, a professor of new media at the University of Maine, where he leads the school's graduate program in digital curation. "If anything, they're becoming more unstable, and the conservators are just racing to find ways to capture them."

For some digital art, that can mean finding ways to move code and images from failing machines to new ones, virtualizing old operating systems, or recompiling aging source code on modern machines. In 2004, while working as an associate curator at New York's Guggenheim Museum, Ippolito was involved in an exhibition exploring the limits of emulation in new media conservation.

One piece in the exhibition, a 1980s interactive video installation called The Erl King, created by artists Grahame Weinbren and Roberta Friedman, was on the technological cutting edge of its day. A Sony computer, running the pre-DOS CP/M operating system from a floppy disk, used user input to cue up video from an array of analog laserdisc players. The piece let viewers explore a landscape inspired by an 1800s Goethe poem and the work of Sigmund Freud.

"It was remarkable for how the software was written," says Ippolito. "It was remarkable for how people were able to interact with video in a way they hadn't really before."

But 20 years later, the piece was showing its age, and it was becoming impossible to replace parts like the laserdisc players as they began to fail.

"You can't find them on eBay anymore, which means unless the work was sort of exhumed from its current body and injected in a new body, it was going to be dead to history," says Ippolito.

The Guggenheim team decided to virtualize the project—moving the code to modern hardware, digitizing the video footage, and even programming an emulation layer to translate the original Pascal code's commands to all those laserdisc players into 21st-century digital playback triggers. Importantly, Ippolito says, they were able to preserve the look and feel of the original—so much so that when the two were exhibited side by side, some museumgoers were confused as to why there were two identical works on display.

"The Erl King was an example where the artist had very clearly not intended it to be reduced to a particular technology," he says. "He said, 'I would have made it with Linux and a Java interpreter if I could have—I just didn't have that available in 1982.'"

The Forensics Front

Over time, emulation's gotten easier—museum curators aren't the only ones interested in running old software, and the art world's benefitted from work done by professional software makers and open source code from the video game community.

"There are a lot of issues involved in preserving born digital art that also apply to born digital culture, broadly writ," says Richard Rinehart, the director of Bucknell University's Samek Art Museum and the coauthor with Ippolito of Re-collection: Art, New Media, and Social Memory, a scholarly book on digital preservation released last year.

But even the most sophisticated emulator still requires a clean copy of each program and, ideally, the source code to help diagnose any bugs—something museums haven't always thought to collect and artists have sometimes been reluctant to part with, Rinehart says.

To at least make clean archival copies of existing works, curators and archivists are increasingly experimenting with using digital forensics software, designed to make byte-for-byte drive images accurate enough to use in court, he says.

Last year at Miami's Art Basel show, a digital artwork by artist Alexandra Gorczynski sold for $5,000, with the purchaser acquiring the work's domain name, files to display the piece online, and on a standalone computer and source files "which can be used for future restoration," according to a carefully crafted contract.

Still, migrating digital art to new hardware isn't as simple as figuring out how to open an old email on a new laptop. In the Guggenheim exhibit, Ippolito says the team determined emulation just wasn't the right way to preserve every work. In Nam June Paik's 1960s TV Crown series, for instance, modified televisions display an audio signal as a colorful, oscillating visual pattern.

At the time, the idea of physically rewiring an analog television to create, rather than receive, a message seemed groundbreaking, and there's no way to capture that on today's hardware, meaning the piece will survive only as long as there are parts to maintain the analog televisions.

"This work we decided not to emulate, because to do so would basically be to just take a video of that and project it on a flat screen," he says. "It would lose all its character—that subversive quality that made it exciting to begin with."

Similarly, digital artist Cory Arcangel has said he'd only want his project I Shot Andy Warhol—a modified Nintendo game where viewers use the classic Nintendo light gun to shoot at cartoon images of figures like John Paul II and Colonel Sanders—exhibited with the original Nintendo hardware.

Still, Arcangel makes the game available for download for home play on his website, and he's even sold the code for Andy Warhol and other projects in archival-friendly print formats, printed on acid-free paper, and optimized for scanning and character recognition. That's also somewhat of an art project in its own right, but Arcangel's one of a number of digital artists increasingly thinking about preservation, says Museum of Modern Art digital repository manager Ben Fino-Radin.

"I think that's definitely an impulse that has existed with filmmakers and video artists for decades," he says. "We're just starting to see it emerge for artists that are working in digital media."

Probing Pixels

It's also a relatively new impulse for many museums and galleries, and it can still be a challenge for many smaller institutions to find the financial resources necessary to archive digital works. At MoMA, though, Fino-Radin says conservators work carefully to understand new digital acquisitions, the formats in which they're stored and displayed, and the condition in which they're received. That's not always simple to do with interactive work, where it can be difficult to even ensure you're seeing the entirety of a work, and hard to tell malfunctions from deliberate features, he says.

"How do you condition-assess a video game if it has 12 levels and it's really, really hard?" Fino-Radin asks, speaking from a museum that made headlines a few years ago by formally acquiring a collection of classic video games, from Pac-Man to Dwarf Fortress.

Of course, museums aren't the first to ask that question. It's one that's bedeviled game publishers and unhappy buyers of buggy games for years. And just as digitally focused art museums have benefitted from general-purpose emulation software and from forensic copying tools, they'll also stand to benefit from any industry push toward better tools for working with old data and software.

And that's something that seems almost inevitable as millions of people outside the formal art world build up their own collections of digital creations. The conservation problems facing the art world are increasingly also faced by ordinary people looking to hold on to their own digital photo albums, videos, blog posts, and other digital creations.

Earlier this year, Overstock.com CEO Patrick Byrne bought a $500,000 bond issued by the online retailer.

But it wasn't the size of the bond that drew attention. It was the way it was sold: through Overstock's new digital trading platform T0, which records securities trades through the same shared ledger technology that backs cryptographic currencies like bitcoin.

Advocates of the digital ledger technology, known as the blockchain, say its use in traditional financial transactions could prove far more revolutionary than the alternative currencies for which it was first created.

Storing transactions in one automatically shared, tamper-proof database could eliminate the need for complicated procedures and clearinghouses now used to make sure banks have their records in sync, saving time and money and reducing the risk of error.

And that has startups and established companies lining up to design the trading platforms, programming tools, and other infrastructure that'll soon be needed if blockchain-based finance goes mainstream.

"The main event isn't bitcoin," says Byrne. "It's using the blockchain to disrupt other industries and Wall Street."

T0 takes its name from its ability to finalize transactions essentially instantaneously. Traditional stock and bond sales take three business days—or T+3 in industry jargon —to fully settle, before the assets are available in the buyer's account and the purchase value is available to the seller.

Those traditional transfers are generally logged by an industry body called the Depository Trust Company, created in the 1970s to track the ownership of securities. But with blockchain-based securities, records are automatically shared between all of the participants in the market in close to real time, so the transaction's effectively settled as soon as it's recorded to that collective ledger, without the need for an intermediary like the DTC.

"What blockchains do is allow for a transaction to occur between financial institutions or people but without the need of that intermediary, because you can reliably send the assets to each other very quickly and in basically near real time and without any chance of having that transaction be reversed or changed," says Peter Shiau, the cofounder and CEO of financial blockchain startup Blockstack.io.

The blockchain concept was first developed by bitcoin's pseudonymous (and mysterious) creator Satoshi Nakamoto as a way to track ownership of the digital currency. When bitcoin owners spend or transfer the currency, their digital wallet software publishes a cryptographically signed record of the transaction to the global network of bitcoin users.

Bitcoin miners are then rewarded with new bitcoin for bundling those individual records into groups called blocks and recording them to a permanent shared ledger called the blockchain. Only blocks satisfying certain mathematical properties in relation to the previous block on the chain are considered valid, making it effectively impossible to tamper with records of previous transactions.

But while blockchains were first created to track bitcoin, experts say there's no reason why they can't be used to track other types of assets, from securities to event tickets to old-fashioned U.S. currency.

"A blockchain's just a ledger—it just tells you who has what and that someone sent something to somebody else," says Shiau. "The ability to know with certainty that something happened is what's critical."

Overstock transferred the bond bought by Byrne, as well with a second "proof-of-concept"bond bought by financial firm First New York for $5 million, by recording the transaction to the actual public bitcoin blockchain, using a standard called Open Assets designed to record any kind of transfer to that shared ledger.

And other companies, such as Blockstack, are developing technology to let financial institutions create their own private blockchains, changing features from bitcoin and other cryptocurrencies to better suit their own purposes.

"If you take the software and install it in a private context, you can do whatever you want," says Shiau.

Banks might wish to adjust the size limits of transaction blocks, or the speed at which they're added to the network, security features, or other settings, or keep their blockchains only accessible to their trading partners over a secure network. They may also incorporate support for so-called smart contracts—essentially simple programs embedded within the blockchain that define rules for when assets get transferred, allowing procedures such as dividend and interest payments and escrow arrangements to be automated with logic stored in the same shared database as the assets themselves.

Some experts say the actual requirements banks have could be satisfied by data structures other than blockchains—once banks control who has access to a shared ledger, they could really rely on pre-bitcoin technology to achieve the same goals, argued Arvind Narayanan, an assistant professor of computer science at Princeton University, in a recent blog post.

Indeed, banks might be better off in many cases just sticking with traditional database technology, says Paul Chou, the CEO of LedgerX, a startup building trading infrastructure for bitcoin derivatives.

"If you restrict access to trusted parties, then an intelligently managed shared database is a fast and proven solution—there is no need for a blockchain," he wrote in an email to Fast Company.

And if banks find they won't benefit enough in terms of efficiency from blockchain-based systems, switching likely won't be worth the risk, he argues.

"Imagine how terrifying it is to design a whole new system from scratch with a datastore that has only been around for a few years," he wrote. "Only if banks find a technology that can improve things by an order of magnitude, say 10 times more efficient, will it make sense to totally abandon a slow, but proven platform to gain those efficiencies.

Still, Princeton's Narayanan wrote in his blog post, the excitement around bitcoin and the math that makes it work may have motivated banks to start thinking more seriously about updating some aging technology and processes.

"In my view, it's not the novelty of blockchain technology but rather its mindshare that has gotten Wall Street to converge on it, driven by the fear of missing out," wrote Narayanan. "It's acted as a focal point for standardization."

And banks may end up relying on different blockchains for different purposes, says Makoto Takemiya, the chief blockchain officer at Japanese startup Mijin, which plans next year to begin beta testing its private blockchain technology with industry partners and release open source code.

"I think there's going to be room for multiple blockchains that institutions can have," he says.

One London-based startup, called Everledger, is developing blockchain tools for the diamond industry, designed to log information on ethical sourcing, insurance claims, and theft investigations, associated with detailed digital descriptions of the valuable stones. Private information on police investigations or private transactions will be stored on a private blockchain, and information like diamonds' conflict-free certification will be logged to the public bitcoin blockchain, says CEO Leanne Kemp.

"You would be able to identify whether those diamonds are truly certified or not certified," she says.

Everledger participated earlier this year in an accelerator program backed by Barclays, the giant U.K.-based bank, as large financial institutions around the world are beginning to seriously investigate the benefits of blockchain technology.

Financial technology firm R3 announced last month that it's working with 22 major financial institutions, including Barclays, Goldman Sachs, Deutsche Bank, and Mitsubishi UFJ Financial Group, to develop and test software and standards the banks can use to build blockchain-based services. The firms have looked at a number of potential use cases—from issuing and settling the transfer of securities to transferring the rights to loans—but they're focusing first on devising lower-level protocols on which those services can be built, says R3 CEO David Rutter.

"We kind of think setting the foundation first is the right thing before we start worrying about the wallpaper in the bedroom," says Rutter.

R3 aims to develop, and potentially make open source, basic blockchain protocols analogous to telephone or Internet networking standards upon which financial services tools can be built. And, Rutter says, they're working closely with the banks to make sure those firms' needs are met.

"Let's pause the mad rush for a second, and make sure that we have the basic requirements that are needed to build this technology, especially if we think that it's going to be a solution that's going to provide benefits for the next 10, 20 or 30 years," he says.

That's not an unrealistic requirement, when the current system of securities settlement, revolving around the DTC, dates back to 1970s reforms led by Congress and the Securities and Exchange Commission. It, too, evolved from a push for efficiency, after increased transaction volume proved too much for the paper-based stock certificate system it replaced: A Wall Street "paperwork crisis" had led to increasing numbers of errors, canceled trades, and millions of dollars in hard-to-catch fraud.

Rutter says it's still too early for the company to have had detailed discussions with regulators like the SEC, though he says a move toward blockchain could make their lives easier as well, since it'll be easier to analyze transactions recorded in one shared ledger rather than looking at disparate databases across multiple financial firms.

"You can build software that would allow regulators to peek at that data in a way that would make sense for them in a more timely fashion and with absolute confidence that what they're looking at is a clean picture," he says.

As far as Overstock, which has said it plans to offer blockchain-recorded securities to a wider audience, Byrne says the company's had productive talks with the agency so far.

"I think," he says, "that they're gonna let the crypto-revolution occur."