October 13, 2005
Potato, potatoe
Looks like Bob has gotten himself into a bit a of a sticky situation with regards to his blog. Not exactly the normal type of event I'm used to hearing about from Bob, but an interesting fight none the less for reasons of personal liberties.
The interesting bits to me are really the pieces behind the scenes. It seems the plaintiff in this situation has a notion of how computers work, or at least can get on the Internet to conduct a search. Unfortunately there seems to be no understanding of the technologies being employed, which only aggravates the situation. While no one outside of the Googleplex really understands exactly how Google's search algorithms work, there is generally a vague public idea and consensus on the basic behavior.
First, the
Second, crawlers. Googlebot currently visits my site about once a week. On pages that have a higher update frequency, Googlebot's arrival reflects this as well. It stands to reason that Google employs some type of LRU algorithm on pages, as it does not consistently request upon each visit every page from my site. Even if the index were updated, and changes were made by the defendant in this case, it's very possible that a Google search will still respond with the erroneous results. That is until the LRU reaches an update point and has Googlebot request every single page again. Bob seems to be pushing his luck a little bit with his responses. Anyone have some good advice or help to offer?
Posted by Dan at 02:08 AM
| Comments (0)
Picked up on an article in The Register, wherein a man in Connecticut was caught trying to sell the source code of Windows to an FBI agent. The reason this caught my attention is not that someone has access to the Windows source code, but rather the charge he was brought up on: "unlawfully distributing a trade secret". Huh? I'm not a lawyer, nor do I follow the law that closely, but when did we enact a law that protected corporate trade secrets? I mean, isn't that the point of a trade secret, you're not supposed to tell anyone so that you may profit from what you know? This sounds like a completely bogus and made up charge, but seems to carry a stiff sentence with it.
Posted by Dan at 11:44 PM
| Comments (0)
Politech has recently been spurred back to life, presumably by the return of Declans PowerBook. A recent posting talked about an effort in Ohio to remove the date of birth and address from the drivers license, under the guise of protecting domestic violence/stalking victims from being discovered via voting registration records. While I like the general premise for the change (protecting victims of location based crimes), and I like the idea of being able to control what information is on a drivers license, I find this route of implementation to be rather ass backwards. Having worked in a small town precinct on election day, the address of a potential voter often comes into play. It's easy to dismiss such a detail in an area where precincts are clearly defined, but let's use my hometown for an example where my house lies directly on the border line between two counties. This is clearly evident come every winter when snow plows from each county will approach and not clear the snow located directly in front of our house. But if you want to be more technical we have 4 addresses two from each county. Yes, 4 postal addresses for a single house not subdivided into multiple dwellings. Depending upon which address is used at registration time, I may or may not be able to vote in precinct A, but since all the voter ID cards look the same there is no reason to believe I can't just walk into a precinct and vote. The simple solution of course is, change the voter registration cards to indicate which precinct you can or cannot vote in. Okay, but now you've essentially invalidated the reasoning behind the initial cause of this legislation, protecting the identity of a location based crime victim. How? Well you've limited the search radius for a potential repeat offender to locate their victim. How does that help? Any potential assailant will only need to wait at said precinct for their victim to arrive, follow them home, and continue about their way for another time. The part about this that really throws me off though is accountability. By removing the addresses from the voter registration record, you can no longer verify that a voter was a legitimate voter. There is no way to identify the difference between John Smith next door and John Smith who died in 1870 and rests at gravestone D-14-3 at 100 Grassy Knoll St. By removing accountability, we now remove the ability of the American public to ensure/prove that their election process was {in}correct at any point in time, which in turn is a dramatic shift in power for the democratic process from the general public to those who try to rig an election. This is bad. I'd urge those in Ohio to vote against this legislation.
Posted by Dan at 01:22 AM
| Comments (0)
The power of the Intar-net can now be seen with BugMeNot! Wired news has an article on the temporary demise and return of my favorite anti-registration site. Why do I prefer it? Mainly because I hate having to make up a new identity each time I want to go back to the site. Why do I make up new identities? Mainly because there is no need to track that specific amount of user data for news. None. Sorry, but marketing efforts will need to be spent in other ways. As an odd side note, it seems that BugMeNot shows up under Apple's spell checker as wrong. The alternative suggested: arguement.
Posted by Dan at 08:30 PM
| Comments (0)
Found an article today on NYTimes.com (remember use BugMeNot for login and password) discussing the research of two Columbia University scientists; algorithms to pinpoint what an eye within a photograph is looking at (research paper here). After reading the NYT article, the most interesting paragraph in my mind was:November 10, 2004
When Did This Happen?
October 05, 2004
Protecting the Innocent
August 24, 2004
The Power of the Internet
July 29, 2004
Files: Did They Stop to Think...
Because the algorithms can track exactly where a person is looking, the system may one day find use in surveillance cameras that spot suspicious behavior or in interfaces for quadriplegics who use their gaze to operate a computer.
While there seems to be one angle of use with handicap interfaces, the surveillance camera option frightens me. Although I don't entirely believe the "no one has thought of using the cornea as a mirror" before concept. In 1992, Michael Critchton wrote a book titled "Rising Sun" where a major portion of the crime was answered thanks to the reflective surfaces in the room (the eye wasn't used due to the low quality of the video recording).
It seems that in the time it took me to actually fully think this through and post it, Slashdot discovered the same article. D'oh.
Posted by Dan at 07:40 PM | Comments (0)
July 07, 2004
Bannination of iPods
Over at suspended conversation, Chris Riley muses on an article from P2P net about why companies should not allow portable storage devices connected to their computers, which invariably leads to them being connected to their networks.
Chris is correct that you have to trust your employees at some basic level, and there really isn't anything stopping them from emailing, printing, faxing, or dispersing the data by some means to a competitor (possibly even using corporate resources). Depending upon the data though, you may wish to keep it completely secured to itself, in which case even the computers won't be connected to a publicly accessible network. Banning at that point does make sense, but overall data isn't that sensitive to encourage such action.
What Chris (and others) has failed to consider is not the theft or infection of data from the portable storage device, but the possible infliction of violating intellectual property rights. Imagine the scenario where an employee has illegally downloaded a series of MP3s (any copyrighted data will do, MP3s happen to be the most common) from the internet, placed them on an iPod (or any portable storage device), brought the device in, and connected it to their office computer. Fine no real harm done yet as the files haven't gone anywhere, but now this is a locally connected drive that can be shared among other machines on the network. Most importantly it can be shared/detected among the IT departments backup server.
There now stands a reasonable chance that the data will be replicated onto a corporate server or archive for the length of time of the archival policy set forth by the IT department. If either the SPA or BSA decide to conduct a search/raid, or are tipped off by an disgruntled employee, the company is now placed into a position of difficulty having to explain how/why these files are there. More than likely, they will also be forced to pay restitution for the violations discovered.
To me, this is the most obvious reason why such devices should be banned.
Posted by Dan at 06:20 PM | Comments (0)
June 17, 2004
For those about to rock...
Following some news today it seems that HR107 has actually found some subtantial backing to it. HR107 is probably the best bet at this point to get any portions of the DMCA re-examined, more particularly the fair-use portions. I'd suggest writing your representatives, but following a bit from Wired:
The bill's sponsor, Rep. Rick Boucher (D-Virginia), already has 19 co-sponsors, including powerful House Commerce Committee Chairman Joe Barton (R-Texas). It's unlikely the bill will become law this year, but its proponents see the backing as a good sign.
Posted by Dan at 09:44 AM | Comments (0)
April 19, 2004
Patriotism and laws
In the days following the events of September 11th, the US Congress passed a bit of legislation better known as the Patriot Act. The act provided law enforcement a broad interpretation of it's power, hoping to allow the capture of any future terrorist in the country. Thankfully, this act was implemented only as a temporary measure, and is set to expire in the next year. Today, President Bush urged Congress to renew all parts of the Patriot Act with the reasoning that it enabled counter-terrorism groups to communicate. There lies the problem with this statement. The Patriot Act didn't really remove any legal barriers, rather it provided incentive for the counter-terrorism groups to begin discussions with each other. Effectively, it provided a means with which to remove the ego in each organization, a process that has now been utilized for almost three years.
The Sunday New York Times (no link because I hate the registration crap) printed an article this week asking if privacy advocates have forgotten that safety is also a right. An article well worth reading if you have an NYT registration, and an interesting question to ponder.
In the end though, I'd like to urge those of you of voting age in the US to write your senators demanding that the Patriot Act not be renewed. My reasons are my own, but I've provided a rather valid link that reviews the Patriot Act as a whole. Give it a read and really consider the implications that can occur with it. There are already numerous articles online discussing the demerits of it. Sorry to inject political punditry on this blog, but now is the time to act on this one.
Posted by Dan at 08:59 PM | Comments (0)
October 30, 2003
TIA2: The MATRIX
From a message on PolitechBot (which seems to have been sent only to the list, not to the web page):
Date: Thu, 30 Oct 2003 16:11:05 -0500
From: Barry Steinhardt
To: Declan McCullagh
Subject: The MATRIX: TIA Reloaded
Declan,
Politech readers may be interested in an "issue brief" we've just released on "MATRIX, -- Total Information Awareness Reloaded." The Matirx is the state level data-mining program being funded by the Federal Government, which bears a striking similarity to the now defunct TIA. We've also filed "Freedom of Information Act" requests with five states and the Federal Government seeking the details about the program.
http://www.aclu.org/Privacy/Privacy.cfm?ID=14240&c=130
Regards,
Barry Steinhardt
Director Technology and Liberty Program
American Civil Liberties Union
125 Broad Street,NYC 10004
[EDIT: fixed line feeds]
Posted by Dan at 03:50 PM | Comments (0)
September 13, 2003
Song for the Day
Posted by Dan at 06:39 AM | Comments (1)
March 25, 2003
Internet Security
I had a chance today to listen to a discussion today on Internet security by some of the luminaries of the field. Dr. Steve Bellovin, Mr. Bill Cheswick, and Dr. Avi Rubin were presenting a talk, which was presumed to be about their recent book update and re-release Firewalls and Internet Security 2nd Edition.
Initially, I had expected this to be a propaganda bit to promote the book. In 1994 when the original version came out, I had bought a copy (hard cover too!). This book had taught me an awful lot of the details I was missing in my unix knowledge, and as such I just had to try and meet these two just once and say thanks. Book promotion or not I decided it would be worth the time.
The interesting thing to discover was that the presentation didn't revolve around the book. Instead it was a brief overview of many of the current research areas each is working on. While not heavy on the technical details, the broad overview was to bring people up-to speed in new security concern areas.
Presentation wise things worked fairly well. Each author spoke for about 20 minutes on whatever topic they found of interest (typically their research). This trade off happened, with a fairly clean transition process between speakers. The speakers themselves though were what made the material more interesting. Dr Bellovin and Mr. Cheswick are both entertaining presenters with a dynamic style and lots of good laughs in there. I've heard Dr. Rubin speak numerous times now and while it was exactly what i expected, he did slide some nice jokes in there.
Brief rundown of each speakers topics:
Dr. Bellovin discussed two forms of Internet hijacking that consist of domain name hijacking and routing hijacking. Neither bit went into great detail about the concepts, but rather provided an outline idea for how things could (and do) go wrong.
Dr. Rubin followed up with a bit about security and trust. Essentially his speech boils down to we all place inherent trust in the software we have, but why? What happens when this trust is broken without our knowledge? What about with our knowledge?
Mr Cheswick followed up with a bit about pretty much everything. He did a run through about basic security, BGP security, passwords, WEP, and just about everything else in the alloted 20 minutes.
After all of this though, I never had the chance to shake hands and say thanks to these two. Kind of bummed about that, but at least I did get to hear them present their own ideas in their own words.
Posted by Dan at 09:12 PM | Comments (1)