you’ll enjoy this.
Category: Tech Page 7 of 10
The Consumerist goes to town on just how ridiculous Sprint’s “security” is, when it comes to customer accounts.
(And yeah, I’m posting this because I’ve suffered Sprint for the past decade or so, and it’s well past time to send some suffering their way. The latest bit of fun was finding ~$500 in overcharges over the past few months, and then being offered a $150 “credit” to make up for it.  As in no refund of the ~$500 I’d been wrongly debited, and a $150 credit against future billings. Seriously? GTFO.)
they will watch. And listen. And examine.
I was talking with a friend last week about my concerns over the proliferating CCTV camera network in DC. He pointed out that there were no documented abuses, and that it seemed entirely sensible to put technology in the service of safety.  And I suppose that when you take it in the narrowest sense – that the cameras will only be used to investigate specific crimes that have occurred, it’s not entirely objectionable. But the problem is that the narrow purpose rarely stays narrow – if there’s a way for the state to expand its surveillance of citizens and collection of information, I think it almost always will.
Case in point: Britain’s MI5 intelligence service wants to regularly monitor the movements of London’s Oystercard users (an RFID pass used for Tube/public transport trips, similar to DC’s SmarTrip).  This isn’t a case of MI5 wanting to follow up on an individual already of interest to the authorities – they already have the power to access those records. Rather, MI5 wants to look at everyone’s trips, matching it to other information they’ve collected, ostensibly to identify patterns that might prevent some act of terrorism. Of course, any public transport riding terrorist could just eat the extra cost of paying with untraceable paper tickets.
So rather than addressing an actual intelligence need, I think MI5 is – without any real need – just automatically grabbing for as much as it can. And it’s this natural expansion of powers that we need to think about when agreeing to implement public information collection systems. The original purpose may well be perfectly sensible, but we need to consider what other purposes these tools can be appropriated for in the future.
And on that note, nothing could possibly go wrong with this, eh?
Primary school children should be eligible for the DNA database if they exhibit behaviour indicating they may become criminals in later life, according to Britain’s most senior police forensics expert.
Gary Pugh, director of forensic sciences at Scotland Yard and the new DNA spokesman for the Association of Chief Police Officers (Acpo), said a debate was needed on how far Britain should go in identifying potential offenders, given that some experts believe it is possible to identify future offending traits in children as young as five.
Eliza’s father died. Mark Frauenfelder gives an appropriate eulogy, here.
~
Arlington works – last Monday night, I told Arlington County that there was a problem with a portion of the road that runs near my place, and is marked as a bike route. 8 days later, they’re out there and filling 24 potholes. Color me impressed.
~
I well and truly hate poison ivy. There is no good purpose of that scourge on this planet.
~
On Elliot Spitzer: yes, he should resign. But really, you GOP folk, you have exactly *zero* room to make moralizing pronouncements on it.  And really, this screwup strikes me as something as should be mostly dealt with between him and his wife. Still, I find it somewhat appropriate that Spitzer was snagged by the financial transaction rules he himself pushed into place.
I’m in the habit of collecting examples of government attempts to control content on the Internet. Places like China or UAE provide easy pickings. There are plenty of examples from other places, but they’re usually couched in terms of voluntary filtering for “obscenity” – Australia’s latest proposal comes to mind. But this is something I didn’t expect to see:
Steve Marshall is an English travel agent. He lives in Spain, and he sells trips to Europeans who want to go to sunny places, including Cuba. In October, about 80 of his Web sites stopped working, thanks to the United States government.
The sites, in English, French and Spanish, had been online since 1998. Some, like www.cuba-hemingway.com, were literary. Others, like www.cuba-havanacity.com, discussed Cuban history and culture. Still others — www.ciaocuba.com and www.bonjourcuba.com — were purely commercial sites aimed at Italian and French tourists.
[ . . . ]
It turned out, though, that Mr. Marshall’s Web sites had been put on a Treasury Department blacklist and, as a consequence, his American domain name registrar, eNom Inc., had disabled them. Mr. Marshall said eNom told him it did so after a call from the Treasury Department; the company, based in Bellevue, Wash., says it learned that the sites were on the blacklist through a blog.
So, advice to everyone on the planet: make sure what you’re talking about on the Internet doesn’t bother the U.S. Treasury Department, lest they try and shut you down.
It’ll be interesting to see how this resolves:
A controversial website that allows whistle-blowers to anonymously post government and corporate documents has been taken offline in the US.
Wikileaks.org, as it is known, was cut off from the internet following a California court ruling, the site says.
The case was brought by a Swiss bank after “several hundred” documents were posted about its offshore activities.
Other versions of the pages, hosted in countries such as Belgium and India, can still be accessed.
Wikileaks, in case you’ve never heard of it, has been gaining profile as the place to put information that someone is trying to keep under cover:
The site was founded in 2006 by dissidents, journalists, mathematicians and technologists from the US, Taiwan, Europe, Australia and South Africa.
It so far claims to have published more than 1.2 million documents.
Here’s a mirror of the Wikileaks site. A bit popular, at the moment.
Update: here’s a list of all the various “cover names” for the Wikileaks site. Clearly, the court didn’t have the first idea of how these things work.
That was not a foul, woman! – A private high school in Kansas, center of American enlightenment, refuses to let a woman referee a high school boys’ basketball game, because – as described by the referees – the “[woman] could not be put in a position of authority over boys because of the academy’s beliefs[.]” You know, I try not to mock people for their religious beliefs, but . . .
What could possibly go wrong? – Was I the only person that thought that, when hearing about the US plans to shoot down the satellite it says is falling out of orbit? When I first heard that the US was talking about the decaying orbit last month, it struck me as a bit odd – this isn’t really an Administration known for its open and straightforward approach. Well, surprise of surprises, it turns out that the claimed justification for shooting it down – dangerous gas clouds forming from the remaining satellite fuel – is most likely bullshit. Shocker. I’m giving it, at best, even money that they hit the damn thing on their first try.
Don’t like it? Tough. That, essentially, is how Sen. Jim Webb’s (D-VA) office has responded to a request for an explanation of his vote for telecom immunity and the subsequent Senate FISA bill. Get the details (along with a tidy explanation of this history of FISA) in Mark Levine’s diary at Raising Kaine. I was particularly impressed with Webb staffer Jessica Smith’s attempt to get the proprietors of Raising Kaine to delete/edit what Mark wrote. Fortunately, the RK folks did the right thing and ignored her request, but it should put the rest of us on notice that this is something thought to be acceptable.
Well, okay. But just not when you’re hitting the ball. In response to this earlier article on the BOA’s attempt at muzzling its athletes, a Blacknell.net reader and friend sent in this Guardian story outlining BOA’s walking back of the restrictions. Apparently, athletes can say what they like, but just not when they’re in Beijing. I suspect that by the time we get to Beijing, the restrictions will be gutted (as they should be).
You might have already been sent this Rawstory advance preview of Lawrence Wright’s article on a purported US government plan to “giv[e] the government the authority to examine the content of any e-mail, file transfer or Web search.” The article is slated to appear in this week’s New Yorker (but not online). Within a few minutes of posting to Slashdot, the Rawstory preview showed up on a couple of listservs I’m on and has generally spread far and wide at a rapid clip. I suspect we’ll see a lot more about this in the next few days.
Frankly, I’m skeptical about the central claim. But I’m also curious enough that I just went to a bookstore, a coupe of magazine stands, and a library trying to find the latest New Yorker. No dice, unfortunately. Rawstory has failed to deliver the goods on hyped stories before, and I wouldn’t be surprised if this was a bit of pot stirring here. On the other hand, National Intelligence Director Mike McConnell isn’t a fan of the Fourth Amendment, and we’ve got a fair bit of evidence that NSA has (or has attempted to) engage in “dragnet” surveillance of Internet traffic before. I suppose I really shouldn’t be surprised if they really are planning to expand the infrastructure required for wholesale surveillance. You can be sure to read more about it here when I can put my hands on the article.
Today brings us new Federal guidelines related the REAL ID Act. Passed in 2005, the Act purports to “prevent terrorism, reduce fraud, and improve the reliability and accuracy of identification documents that State governments issue.” Well, that’s how the Department of Homeland Security puts it, anyway. And how is it going to accomplish that? Well, by essentially turning your state-issued driver’s license into a Federal national ID card. As I’ve mentioned before, I’m rather opposed to national ID cards, for a number of reasons:
- It’s a completely unnecessary invasion of my privacy. The REAL ID Act requires that my driver’s license contain machine readable biometric details, residential address, and hi-res picture of me. While my local DMV has a perfectly legitimate interest in having my details and address, the doorman to the Federal Trade Commission most certainly does not. And today’s rules make it clear that in order to enter any Federal building in 2014, the doorman will get those details. Further, before a REAL ID can be issued, the DMV will need to verify your birth certificate with the original issuing authority. Not so hard to do for me, perhaps, but my father? Not likely. And if someone else has used your Social Security number? Be prepared for a thorough government investigation into your identity.
- It creates one stop shopping for identity theft. Think not? Ask 25 million Britons how they feel about that. Sure, you can suffer from identity theft now, but there is no single repository that contains as much information about citizens as there would be in a post-REAL ID world.
- This is yet another industry-generated “security problem” in search of an industry-generated solution in the form of massive government contracts. Like so many other ineffective and pointless schemes to “keep us safe”, much of the impetus behind the REAL ID Act can be traced to the companies that would provide the technology and services to implement it. Digimarc (reaching beyond the DRM mines it has mastered) has latched onto the REAL ID Act, spending $350k to lobby for implementation of the REAL ID Act. And that was just in the first half of 2007. Further, the cost to state governments to implement the Act is massive. Oh, and remember that rule about showing REAL ID to get into a Federal building in 2014? Well, that’s only if you’re 50 or younger.  Clearly a system focused on safety, eh?
- Once this universal identity system is in place, it is ripe for expansion and abuse. This, by far, is my biggest problem with a national ID. I think we’ve got some pretty awful historical lessons in the abuses governments are capable of when they can clearly identify members of a given minority or collect and store information on individual citizens. Further, looking forward, I think there’s a real risk of limiting your access to communications and travel, depending on your identity. Don’t believe me? As far as DHS is concerned right now, unless you get one of these IDs, you’ll not be able to board a plane in 2014. And just wait until the MPAA/RIAA start convincing Congress that the way to cut down on piracy (and keep our children safe!) is requiring that everyone use their REAL IDs to log in when using the Internet.
So, what can you do?
- Well, you can learn more about the REAL ID Act and its impact. I hope I’ve given a good summary of the risks here, but many organizations have put a lot of work into summarizing and analyzing the impact. I recommend checking out EPIC’s and the ACLU’s REAL ID sites.
- You can urge your Senators and Representative to repeal the act. EFF makes that very easy, with this tool.
- You can urge your state to reject the REAL ID Act. In doing so, it would be joining 17 other states that have passed anti-REAL ID legislation. The results range from simply urging the Federal gov’t to repeal the act, to outright declarations that a state will not comply with the act. What’s happening in your state? Find out here. If you live in Virginia, you can urge your delegate to work with Del. Chris Peace (R-97) to improve HJ42.
I discovered a new dimension to my recent frustration with Google, today.  In addition to being arbitrarily locked out of web mail, site stats, and browser syncing, I’m no longer able to comment on blogs that only permit comments from registered Blogger users. Like the other items, however, this is more of an inconvenience than a real loss, as I generally don’t participate on sites that require registration to comment.  However, I tried to offer something substantive and useful (an exception, I know) on another site concerning the FCC’s approach to the multiple ownership rules, only to discover that it wouldn’t post because, well, Google hates me (temporarily, I hope). That’s a real shame, I think.
Registration for comments is cumbersome and time consuming, and it provides yet another vector through which an email address can be lost to the aggressions of spam lists. I suspect that the proprietors of most sites with registration requirements don’t realize that they’re closing the doors to many would-be commenters.  Further, to the extent that registration requirements are imposed to prevent spam or ban certain people, those can be efficiently handled on the back-end without too much work (ask anyone who uses Akismet, for example).
So what do I like? Open comments that permit a user to pick her own name, attach a URL (if desired), and aren’t moderated by default. An option to be notified of future comments on that thread is gravy (which I recently added here, by the way). This can be one of many identity options in a commenting system including Blogger, OpenID, etc., but it should always be an option.
Who does it right? Well, most anyone with an open commenting system. It’s easy to participate at any of these places, because they’ve chosen to offer simple and open commenting. A good example of a hybrid system is over at the Freewheeling Spirit, where not only do you have the option of simply using your own chosen ID and url, but you can pick from a plethora of existing ID systems that you probably already use (e.g., OpenID, Blogger, Typepad, etc.). And, for gravy, you can simply pick “anonymous.” I’ve not asked, but I suspect it wasn’t all that hard to set up.
Who does it wrong? Lazy sites that restrict comments to registered Blogger users. Sites based on SoapBlox or similar infrastructure that require far too many hoops to jump through to leave a simple comment.* Sites that show a commenting option, but then say “Comments restricted to team members only” when you try to post (and, of course, there are no team members).  Sites run by such control freaks that each and every comment must be approved before posting, making it impossible to carry on any sort of conversation there.
That’s enough meta for now. I just ask that, if you run a site where you welcome conversation, please take a look at your commenting process. A few easy tweaks here and there could improve the conversation for everyone. Thanks.
*Big community sites (such as DailyKos or RaisingKaine) are another matter entirely.Â