April 24, 2017

A new anti-censorship tool – Slitheen

Filed under: Cancon, Liberty, Technology — Tags: , , — Nicholas @ 03:00

The Register‘s Thomas Claburn on a new tool being developed in Canada to aid internet users in countries with hard censorship access material their governments don’t want them to see:

Computer boffins in Canada are working on anti-censorship software called Slitheen that disguises disallowed web content as government-sanctioned pablum. They intend for it to be used in countries where network connections get scrutinized for forbidden thought.

Slitheen – named after Doctor Who aliens capable of mimicking humans to avoid detection – could thus make reading the Universal Declaration of Human Rights look like a lengthy refresher course in North Korean juche ideology or a politically acceptable celebration of cats.

In a presentation last October, Cecylia Bocovich, a University of Waterloo PhD student developing the technology in conjunction with computer science professor Ian Goldberg, said that governments in countries such as China, Iran, and Pakistan have used a variety of techniques to censor internet access, including filtering by IP address, filtering by hostname, protocol-specific throttling, URL keyword filtering, active probing, and application layer deep packet inspection.

In an email to The Register, Goldberg said the software is based on the concept of decoy routing.

“The basic idea behind decoy routing is that the (censored) user’s computer makes an Internet connection to some non-censored (‘overt’) site, such as a site with cute cat videos,” said Goldberg. “However, it embeds a hidden cryptographic tag in its connection, which only a particular Internet router somewhere on the path between the user and the cute cat site can see. That router, seeing the tag, then redirects the traffic to a censored (‘covert’) site, say Wikipedia.”

As Bocovich and Goldberg explain in a paper [PDF] they co-authored, these tags make the web session’s master TLS secret available to a cooperating ISP. This allows the ISP to conduct what amounts to a friendly man-in-the-middle attack by having a network relay it controls open a proxy connection to the censored website.

March 31, 2017

“You can’t buy my internet data. You can’t buy your internet data. That’s not how this works

Filed under: Government, Liberty, Technology, USA — Tags: , , , — Nicholas @ 04:00

At Techdirt, Mike Masnick bravely attempts to tamp down the hysteria over this week’s vote in Congress to kill broadband privacy protections (which, as he notes, hadn’t yet come into effect anyway):

People are rightfully angry and upset about this. The privacy protections were fairly simple, and would have been helpful in stopping truly egregious behavior by some dominant ISPs who have few competitors, and thus little reason to treat people right. But misleading and misinforming people isn’t helpful either.


But here’s the real problem: you can’t buy Congress’ internet data. You can’t buy my internet data. You can’t buy your internet data. That’s not how this works. It’s a common misconception. We even saw this in Congress four years ago, where Rep. Louis Gohmert went on a smug but totally ignorant rant, asking why Google won’t sell the government all the data it has on people. As we explained at the time, that’s not how it works*. Advertisers aren’t buying your browsing data, and ISPs and other internet companies aren’t selling your data in a neat little package. It doesn’t help anyone to blatantly misrepresent what’s going on.

When ISPs or online services have your data and “sell” it, it doesn’t mean that you can go to, say, AT&T and offer to buy “all of Louis Gohmert’s browsing history.” Instead, what happens is that these companies collect that data for themselves and then sell targeting. That is, when Gohmert goes to visit his favorite publication, that website will cast out to various marketplaces for bids on what ads to show. Thanks to information tracking, it may throw up some demographic and interest data to the marketplace. So, it may say that it has a page being viewed by a male from Texas, who was recently visiting webpages about boardgames and cow farming (to randomly choose some items). Then, from that marketplace, some advertisers’ computerized algorithms will more or less say “well, I’m selling boardgames about cows in Texas, and therefore, this person’s attention is worth 1/10th of a penny more to me than some other company that’s selling boardgames about moose.” And then the webpage will display the ad about cow boardgames. All this happens in a split second, before the page has fully loaded.

At no point does the ad exchange or any of the advertisers know that this is “Louis Gohmert, Congressional Rep.” Nor do they get any other info. They just know that if they are willing to spend the required amount to get the ad shown via the marketplace bidding mechanism, it will show up in front of someone who is somewhat more likely to be interested in the content.

That’s it.

* Amusingly, Rep. Gohmert voted to repeal the privacy protections, which makes no sense if he actually believed what he was saying in that hearing a few years ago…

H/T to Amy Alkon for the link.

On a related note, LifeHacker posted a recommendation for “The Laziest, Cheapest Way to Circumvent Your Snooping ISP“. (Spoiler: it’s Opera). I use Opera, but not exclusively … I also use Brave, Chrome, and Firefox on a daily basis.

March 5, 2017

The three kinds of prostitution

Filed under: Business, Law, Liberty — Tags: , , — Nicholas @ 04:00

Kim du Toit on the world’s oldest profession:

The problem is that there are in essence three kinds of prostitution: the age-old “selling yourself on the street kind” — i.e. to all comers [sic] — and the more formal transactions, whereby women contract for sex on a more formalized basis, or marry for money. In all cases, the motivation is the same: women are trading themselves to men for financial support, only the first kind is frowned upon by society, the second kind winked at, and the last is pretty much the glue whereby society is held together. (As my friend Patterson once commented: “All women fuck for money if they’re going to be honest about it, but they seldom are.”)

And, of course, as with all things, there is a murky area between these two extremes: the “contracted” kind whereby young women (and it seems to be mostly the young ones, for obvious reasons) rent their bodies out to wealthy men in order to pay off college loans, or get through some other adverse financial circumstance — hence the popularity of websites like Sugardaddy. This is what I call a “part-time prostitute”, and the exchange is quite cynical — as are most transactions of this kind. But this is different from the “brief encounter” or street-corner type of prostitution, because older men (usually older, because younger men don’t have the financial wherewithal to pay a young woman thousands of dollars a month just for “companionship”) set up an ongoing financial support system, buying Little Miss Hotbody expensive clothing, jewellery, cars and even sometimes a condo. (Note that I’m not saying that this is better than the street-corner kind of prostitution, just that it’s different. The process is the same — women having sex for money — but the terms of congress, as it were, are dissimilar.) If I’m going to be really cynical about it, I’d call this kind of prostitution a “halfway house” between street-corner sex and marital sex.


We can argue all day about the morality of the activity of women selling their bodies for sex, and about the disappearance of public morality which allows Sugardaddy.com to exist, nay flourish, but this is where we find ourselves today, for better or for worse. As the modern idiom goes, it is what it is, and it seems like we pretty much have to live with it.

Fine. Let us at least acknowledge that street-corner prostitution presents a greater danger to women — slavery, forced prostitution, human trafficking, violence and murder — than does the Sugardaddy – and Anna Nicole-style prostitution. (We can leave class out of it because, as with most Marxist thought, that’s just an overlay of political theory on an age-old situation, and no class warfare is ever going to “solve” or end street-corner prostitution.) I do think, however, that in this regard there is a real need for law enforcement attention, simply because of the many dangers to which poorer women are exposed. Honestly, though, I think that the law should go after the management of the street-corner prostitution industry — that would be the pimps and procurers of women — rather than the actual participants (the women and their clients), because the former are the ones who generally cause real harm to the hapless women under their control. I’m not advocating State-run brothels because both the concept and likely execution are going to be foul. (To put it in perspective: imagine a State-run restaurant, e.g. managed and staffed by the same kind of people at the average DMV office, and you’ll see why I think State-run whorehouses are a bad idea.) Nevertheless, they are the lesser evil than those managed by the (illegal) private sector, who as a rule do not have the interests of their employees at heart.

March 3, 2017

QotD: Is the Internet itself making us less tolerant and more prone to confirmation bias?

Filed under: Media, Quotations — Tags: , , , — Nicholas @ 01:00

I think it’s time to declare the internet a failure. At least with respect to its early promises of increased knowledge sharing and positive impact on collaboration.

Decentralization of media, Social media, has increased the rate in which misinformation is being transmitted. Once learned invalid information has to be unlearned and that is a much harder task than educating people with accurate information in the first place.

Social media also appears to have increased the rate that people cluster around misinformation and create specialized groups of individuals that aggressively seek to disseminate their ideas.

The asocial aspect of social media encourages individuals to behave in ways that they normally wouldn’t when face-to-face with people that don’t share their views. It has made intolerant people more belligerent and it has forced tolerant people to adopt less tolerant stances.

The trend seems to be to continue to partition people into increasingly specialized and narrowly focused groups. At the extreme we see individuals with highly individualized views agitating groups with more generally accepted views.

People have become more militant, intolerant, and unaccepting of society. The impact on society is a weakening of collaborative spirit, increased cynicism, and further increases to militancy.

In the mid-90s I was very excited at the opportunities collective information sharing could produce. We’ve realized some of those but I simply didn’t foresee the degradation of democratic values that reveal the best in the humanity.

Social media has increased the ability to create social anxiety by pouring misinformation into peoples’ lives with ideas that they are directly threatened or that there are limits to resources, ideas that are often mere fabrication.

Today we are bombarded daily with absurdity, aggression, fear mongering, and intolerance. It’s as if we unwound the clock a hundred years and abandoned the great freedom experiment. Only now the weapons to resolve differences of opinion are much more destructive.

Hard to be bullish on the consequences of increased nationalism around the globe.

The world does face some difficult issues we need to address but things are not nearly as bad as what has become status quo thinking.

Douglas Gunn, posting to Facebook, 2017-02-20.

February 3, 2017

“In a secular age … it is inevitable that people will attach themselves like limpets to miniature religions”

Filed under: Cancon, History, Media, USA — Tags: , , , — Nicholas @ 02:00

Colby Cosh draws some parallels between the early Federalists in post-revolutionary America and the mainstream media today: both groups attempted to retain their privileged position in society as that society changed dramatically all around them:

But now the seeds of fleeting confusion have fallen into the fertile soil of Internet crap-mongering. On social media there were immediate, unabashed, conflicting total lies circulating about the identities of the “two” perpetrators. Now, before much is known at all of the actual killer, we are seeing deliberately engineered hints at some kind of inexplicable cover-up by the (Muslim-controlled?!) police of Quebec, or by higher authorities — Liberals, reptoids, George Soros clones? Pick your poison!

Those trivial little wobbles in the initial news coverage are being exploited by journalists and commentators who have abandoned respect for facts like “there are always reports of a second shooter” in favour of efficient, direct manipulation of “the narrative.” The actual full-fledged conspiracy theories are being designed as we speak, and soon will be ready for harvest.

We live in a post-revolutionary media environment, and traditional newspapers and broadcasters are like the American Federalists: we are hoping to stay on top as trusted, sensible informers and teachers. I make no claim that this hope is well-founded or appropriate, but either way, the strategy did not end very well for the Federalists. One notices that they are already in irreversible, humiliating retreat at the moment when Wood’s book begins.

There is money in offering an alternative account, any alternative account of anything important or dramatic, to the gullible. Build a suspicious audience of millenarians and ignoramuses, and some of them will keep following you until you can start selling them protein supplements, bulk food for the apocalypse, religious knick-knacks, or penis pills. (Which business line will Rebel Media break into first? It’s only a matter of time!)

In a secular age, like ours or like the late 18th century, it is inevitable that people will attach themselves like limpets to miniature religions. Today they range from gold-bugs to survivalist “preppers” to disturbingly overenthusiastic Harry Potter fans to Gwyneth Paltrow’s Goop. (My apologies to those readers, and I’m sure there are a few, who are devotees of all four faiths.) Such subcultures are the reliable basis of a bulletproof “news” media model. The horrible part is this: they might be the only such model.

January 1, 2017

Blog traffic in 2016

Filed under: Administrivia, Media — Tags: , , — Nicholas @ 03:00

The annual statistics update on traffic to Quotulatiousness from January 1st through December 31st, 2016. Overall, the traffic dropped slightly from 2015, which in turn was down a bit from the peak traffic year of 2014:

Over eight and a half million hits. That’s a pretty good number for an obscure Canadian blog.

The final count of visitors to the blog will be about 2,500-3,500 higher, as I did the screen captures at around 10:30 in the morning.

December 8, 2016

Why do some men send unsolicited photos of their “junk”?

Filed under: Media, Science, Technology — Tags: , , , — Nicholas @ 02:00

Scott Adams says that the “Moist Robot Hypothesis” explains why dick pics are a thing:

The Moist Robot Hypothesis also assumes that most, if not all, of our “decisions” are little more than rationalizations for our instinct to procreate in the most productive way. And by that I mean mating with people who have genetic advantages that would make the offspring successful. That’s why people are attracted to beauty, because it is a visual proxy for good health and good genes. For the same reason, women are naturally attracted to successful men that have talent, money, or some other sort of advantage. (Obviously these are generalizations and don’t apply to all.)


Our sex drive is so strong that it largely eliminates the option for rational behavior. And as you know, the hornier you get, the stupider you are. Once a guy reaches a critical level of horniness, his rational brain shuts off and he becomes primal. And when he’s primal, he sometimes signals his availability for mating in the most basic way possible: He displays his junk in full preparedness.

If you think the men doing this behavior are extra-dumb, or extra-rude, that might be true. But it is just as likely that such men are extra-horny. That gets you to the same decision no matter your IQ because the rational brain is shut down during maximum arousal.

It is also true – as far as I can tell from discussions with women over the years – that sometimes a dick pic actually results in dating and sex. I realize how hard that is to believe. But sometimes (maybe one time in 500) it actually works. You would think those odds would be enough to discourage even a man with a temporarily suspended intellect, but that view ignores the basic nature of men: We’re risk takers when it comes to reproduction.

November 2, 2016

Online security theatre: “We sell biometric authentication systems to people who need a good password manager”

Filed under: Technology — Tags: , , , — Nicholas @ 09:06

Joey DeVilla linked to this discussion of the Mirai botnet and the distressing failures of online security … not for the brilliance and sophistication of the attack (it was neither), but the failure to address simple common-sense security issues:

I’ve written about 1988’s Morris worm, and I wanted to dig into the source of the Mirai botnet (helpfully published by the author) to see how far we’ve come along in the past 28 years.

Can you guess how Mirai spreads?

Was there new zeroday in the devices? Hey, maybe there was an old, unpatched vulnerability hanging — who has time to apply software updates to their toaster? Maybe it was HeartBleed 👻?


Mirai does one, and only one thing in order to break into new devices: it cycles through a bunch of default username/password combinations over telnet, like “admin/admin” and “root/realtek”. For a laugh, “mother/fucker” is in there too.

Default credentials. Over telnet. That’s how you get hundreds of thousands of devices. The Morris worm from 1988 tried a dictionary password attack too, but only after its buffer overflow and sendmail backdoor exploits failed.

Oh, and Morris’ password dictionary was larger, too.

October 26, 2016

A primer on last week’s IoT DDos attacks

Filed under: Technology, USA — Tags: , , — Nicholas @ 09:18

Joey DeVilla provides a convenient layman’s terms description of last Friday’s denial of service attacks on Dyn:

A map of the parts of the internet affected by Friday’s attack. The redder an area is, the more heavily it was affected.

A map of the parts of the internet affected by Friday’s attack. The redder an area is, the more heavily it was affected.

If you’ve been reading about the cyberattack that took place last Friday and are confused by the jargon and technobabble, this primer was written for you! By the end of this article, you’ll have a better understanding of what happened, what caused it, and what can be done to prevent similar problems in the future.


Hackread’s animation of what happened last Friday. Click the image to see the source.

Hackread’s animation of what happened last Friday. Click the image to see the source.

On Friday, October 21, 2016 at around 6:00 a.m. EDT, a botnet made up of what could be up to tens of millions of machines — a large number of which were IoT devices — mounted a denial-of-service attack on Dyn, disrupting DNS over a large part of the internet in the U.S.. This in turn led to a large internet outage on the U.S. east coast, slowing down the internet for many users and rendered a number of big sites inaccessible, including Amazon, Netflix, Reddit, Spotify, Tumblr, and Twitter.

Flashpoint, a firm that detects and mitigates online threats, was the first to announce that the attack was carried out by a botnet of compromised IoT devices controlled by Mirai malware. Dyn later corroborated Flashpoint’s claim, stating that their servers were under attack from devices located at millions of IP addresses.

The animation above is a visualization of the attack based on the devices’ IP addresses and IP geolocation (a means of approximating the geographic location of an IP address; for more, see this explanation on Stack Overflow). Note that the majority of the devices were at IP addresses (and therefore, geographic locations) outside the United States.

October 23, 2016

QotD: The coalition of the cool

Filed under: Politics, Quotations, USA — Tags: , , , — Nicholas @ 01:00

[T]here’s this fundamental problem where so many people who identify themselves as being part of the broad left define their coalition based on linguistic cues, cultural overlap, and social circles. The job of politics, at its most basic, is finding common cause with people who aren’t like you. But current incentives seem to point in the opposite direction — surveying the people who are just like you and trying to come up with ways in which that social connection is actually a political connection.

As usual, I blame the internet, which I’m more and more convinced is one of the worst things to ever happen to the left. It encourages people to collapse any distinction between their work life, their social life, and their political life. “Hey, that person who tweets about the TV shows I like also dislikes injustice,” which over time becomes “I can identify an ally by the TV shows they like.” The fact that you can mine a Rihanna video for political content becomes, in that vague internety way, the sense that people who don’t see political content in Rihanna’s music aren’t on your side. The fact that you are part of the tiny sliver of humanity that lives in very small geographical and social enclaves in a handful of coastal cities and can identify some such thing as the “litbro” doesn’t change the fact that 99.9% of the people who use the term “bro” would find the conflation of that term with a love for literature totally, utterly confusing. But since those enclaves are vastly overrepresented in digital media, so is the concept of the litbro, which then becomes another means through which potential allies are alienated by the obscurity and insiderism of left discourse. With no one particularly intending it to be so, left discourse becomes indistinguishable from a social discourse that is exclusive rather than inclusive.

Fredrik deBoer, “getting past the coalition of the cool”, Fredrik deBoer, 2015-11-09.

October 14, 2016

Twitter’s ailing business model

Filed under: Business, Technology — Tags: , , — Nicholas @ 02:00

I’ve been on Twitter for several years, and I have to admit that along with John Brandon, I’m finding it less useful as time goes by:

What does it mean when a major tech company starts slipping like a seal on wet rocks? Rumors about an acquisition start to rumble then quiet down, the CEO seems beleaguered and frustrated, there’s more news about Internet trolls beating up on people than the firm adding any new features, and an identity crisis becomes so pronounced it obfuscates any real purpose. Who you once were becomes less important; the big news is that you’ve lost all momentum. That’s essentially the story of Twitter, a company that seems perpetually stuck in the past. They created micro messaging and now they can’t seem to do anything else.

I use Twitter all day, but the truth is — tweets are becoming like white noise on a lost FM radio station. A colleague mentioned how the service is mostly used by celebrities, journalists and Donald Trump. That’s a vast oversimplification, but of 20 or 30 friends, not a single one bothers with the service anymore. That means my friends not only removed their account long ago, they don’t browse the feeds anymore and don’t care what anyone posts. Guess what? They’re too busy using Facebook, which provides all of the social networking they will ever need. Twitter has lost the mass market.

The phrase “pedaling backwards” comes to mind. Also, the one about “reliving former glories”. Oh, and you might as well throw in “retracing your steps” to the mix.

My primary use of Twitter these days is my various lists: my Vikings list, my Military list, and my Libertarian list are the ones I most frequently look at. My main Twitter feed? Too busy and too unfocussed to be worth more than a few minutes of scrolling. That, plus the “shadowbanning” of certain controversial users (so they’re not actually banned, but their tweets aren’t being propagated to their followers, who have to actually visit the poster’s feed to see the tweets), help to make the service less than it used to be.

H/T to Andrew Torba on Gab.ai for the link.

QotD: You can’t fix network security by changing the users

Filed under: Quotations, Technology — Tags: , , , — Nicholas @ 01:00

Every few years, a researcher replicates a security study by littering USB sticks around an organization’s grounds and waiting to see how many people pick them up and plug them in, causing the autorun function to install innocuous malware on their computers. These studies are great for making security professionals feel superior. The researchers get to demonstrate their security expertise and use the results as “teachable moments” for others. “If only everyone was more security aware and had more security training,” they say, “the Internet would be a much safer place.”

Enough of that. The problem isn’t the users: it’s that we’ve designed our computer systems’ security so badly that we demand the user do all of these counterintuitive things. Why can’t users choose easy-to-remember passwords? Why can’t they click on links in emails with wild abandon? Why can’t they plug a USB stick into a computer without facing a myriad of viruses? Why are we trying to fix the user instead of solving the underlying security problem?

Bruce Schneier, “Security Design: Stop Trying to Fix the User”, Schneier on Security, 2016-10-03.

October 13, 2016

If we’re living in a simulation, do we even want to break out?

Filed under: Gaming — Tags: , , — Nicholas @ 02:00

I have no expertise in this area, but it appears to me that if the “Silicon Valley billionaires” are right and we are living in a simulated reality there are only two likely options. First, we’re (if you’ll pardon the simplification) “players in the game” — whether we’re aware of it within our simulation or not — and we can leave the simulation in the same way a World of Warcraft or Final Fantasy XIV or Guild Wars 2 player can log off and resume life in “meat space”. Second, most or all of us are actually NPCs and there’s no way to leave the simulation because (some|most|all) of us have no objective existence outside the simulation we currently occupy. If the second option is true … and mathematically it’s the one that’s overwhelmingly likely if we’re actually in a simulation, then there’s little point in discovering that it’s true, as we’ll all cease to exist when our home simulation is turned off.

August 22, 2016

For newspapers, paywalls are (not) the answer

Filed under: Business, Football, Media — Tags: , , — Nicholas @ 03:00

At Techdirt, Mike Masnick uses small, easily understood words to explain why your local newspaper is cutting its own financial throat by implementing a paywall:

For many years, while some journalists (and newspaper execs) have been insisting that a paywall is “the answer” for the declining news business, we’ve been pointing out how fundamentally stupid paywalls are for the news. Without going into all of the arguments again, the short version is this: the business of newspapers has never really been “the news business” (no matter how much they insist otherwise). It’s always been the community and attention business. And in the past they were able to command such attention and build a community around news because they didn’t have much competition. But the competitive landscape for community and attention has changed (massively) thanks to the internet. And putting up a paywall makes it worse. In most cases, it’s limiting the ability of these newspapers to build communities or get attention, and actively pushing people away.

And, yes, sure, people will point to the NY Times, the Wall Street Journal and the Financial Times as proof that “paywalls work.” But earth to basically every other publication: you’re not one of those publications. The paywalls there only work because of the unique content they have, and even then they don’t work as well as most people think.

Not surprisingly, more and more newspapers that bet on paywalls are discovering that they don’t really work that well and were a waste of time and effort — and may have driven away even more readers.

In my case, I look at various newspapers for links to share with my tiny audience of regular readers. Once upon a time, I’d frequently link to the two big Minnesota newspapers, the Minneapolis Star Tribune and the St. Paul Pioneer Press, mostly because I was reading their sports pages for information about my favourite football team, but fairly often when they carried other news of interest, I’d share the link with my readers. When the Star Tribune implemented a paywall, I pretty much stopped going there (they allow 10 free articles per month, and even if I only read the odd Jim Souhan column, I’d already be beyond my limit). Given the thriving fan community for the Vikings, I barely miss the mainstream coverage (but I suspect they miss me and the thousands of other out-of-state visitors they used to get in the pre-paywall days).

February 9, 2016

How John Perry Barlow might have revised his 20-year-old Declaration

Filed under: Liberty, Media, Technology — Tags: , , — Nicholas @ 03:00

From a short interview in The Economist:

I probably wouldn’t have imitated the grandiloquent style of a notorious former slave holder. And I would have been a bit more humble about the “Citizens of Cyberspace” creating social contracts to deal with bad behavior online. The fact remains there is not much one can do about bad behavior online except to take faith that the vast majority of what goes on there is not bad behavior. Yeah, I hate spam, and viruses, and worms, and surveillance [by America’s National Security Agency], but the fact remains that if you can censor one of these bad behaviors, you’ve endowed yourself with the ability to censor almost anything you don’t like online. This is not an ability I wish to extend to any existing government in the physical world. If we assert it, what’s to prevent Saudi Arabia from doing the same.

And I would make it more obviously clear that I knew that cyberspace was not sublimely removed from the physical world, with which it has exactly the same relationship that the mind has with the body: deeply interdependent but qualitatively different. I think that point often got lost.

Over the decades, it has been continuously fashionable to make a straw man of my declaration, to hoist it up as the sort of woolly-headed hippie nonsense you’d expect from techno-utopians like me. This is done largely by people who have never read it, or take a strong interest in believing that government is about to come stomping into town, there to “civilize cyberspace.

Older Posts »

Powered by WordPress