Quotulatiousness

June 15, 2013

Cory Doctorow explains why you should care about PRISM

Filed under: Britain, Government, Liberty, Technology — Tags: , , , — Nicholas @ 09:28

In the Guardian, Cory Doctorow spells out a few good reasons why you should be bothered by PRISM and other governmental data-trawling efforts:

The revelations about Prism and other forms of NSA dragnet surveillance has got some people wondering what all the fuss is. When William Hague tells us that the innocent have nothing to fear from involuntary disclosure, it raises questions about exactly what harms might come about from being spied upon. Here are some reasons you should care about privacy, disclosure and surveillance.

We’re bad at privacy because the consequences of privacy disclosures are separated by a lot of time and space from the disclosures themselves. It’s like trying to get good at cricket by swinging the bat, closing your eyes before you see where the ball is headed, and then being told, months later, somewhere else, where the ball went. So of course we’re bad at privacy: almost all our privacy disclosures do no harm, and some of them cause grotesque harm, but when this happens, it happens so far away from the disclosure that we can’t learn from it.

You should care about privacy because privacy isn’t secrecy. I know what you do in the toilet, but that doesn’t mean you don’t want to close the door when you go in the stall.

You should care about privacy because if the data says you’ve done something wrong, then the person reading the data will interpret everything else you do through that light. Naked Citizens, a short, free documentary, documents several horrifying cases of police being told by computers that someone might be up to something suspicious, and thereafter interpreting everything they learn about that suspect as evidence of wrongdoing. For example, when a computer programmer named David Mery entered a tube station wearing a jacket in warm weather, an algorithm monitoring the CCTV brought him to the attention of a human operator as someone suspicious. When Mery let a train go by without boarding, the operator decided it was alarming behaviour. The police arrested him, searched him, asked him to explain every scrap of paper in his flat. A doodle consisting of random scribbles was characterised as a map of the tube station. Though he was never convicted of a crime, Mery is still on file as a potential terrorist eight years later, and can’t get a visa to travel abroad. Once a computer ascribes suspiciousness to someone, everything else in that person’s life becomes sinister and inexplicable.

Hiding your data in plain sight

Filed under: Liberty, Media, Technology — Tags: , , , , , — Nicholas @ 09:12

Ronald Bailey gathers up some resources you might want to investigate if you’d prefer not to have the NSA or other government agencies watching your online activities:

First, consider not putting so much stuff out there in the first place. Wuergler devised a program he calls Stalker that can siphon off nearly all of your digital information to put together an amazingly complete portrait of your life and pretty much find out where you are at all times. Use Facebook if you must, but realize you’re making it easy for the government to track and find you when they choose to do so.

A second step toward increased privacy is to use a browser like DuckDuckGo, which does not collect the sort of information — say, your IP address — that can identify you with your Internet searches. Thus, if the government bangs on their doors to find out what you’ve been up to, DuckDuckGo has nothing to hand over. I have decided to make DuckDuckGo my default for general browsing, turning to Google only for items such as breaking news and scholarly articles. (Presumably, the NSA would be able to tap into my searches on DuckDuckGo in real time.)

Third, TOR offers free software and a network of relays that can shield your location from prying eyes. TOR operates by bouncing your emails and files around the Internet through encrypted relays. Anyone intercepting your message once it exits a TOR relay cannot trace it back to your computer and your physical location. TOR is used by dissidents and journalists around the world. On the downside, in my experience it operates more slowly than, say, Google.

Fourth, there is encryption. An intriguing one-stop encryption solution is Silent Circle. Developed by Phil Zimmerman, the inventor of the Pretty Good Privacy encryption system, Silent Circle enables users to encrypt their text messages, video, and phone calls, as well as their emails. Zimmerman and his colleagues claim that they, or anyone else, cannot decrypt our messages across their network, period. As Wuergler warned, this security doesn’t come free. Silent Circle charges $10 per month for its encryption services.

However, your mobile phone is a beacon that can’t be easily masked or hidden:

Now for some bad news. Telephone metadata of the sort the NSA acquired from Verizon is hard — read: impossible — to hide. As the ACLU’s Soghoian notes, you can’t violate the laws of physics: In order to connect your mobile phone, the phone company necessarily needs to know where you are located. Of course, you can avoid being tracked through your cell phone by removing its batteries (unless you have an iPhone), but once you slot it back in, there you are.

For lots more information on how to you might be able to baffle government monitoring agencies, check out the Electronic Frontier Foundation’s Surveillance Self-Defense Web pages.

June 11, 2013

The elephant in the IT room – who can you trust?

Filed under: Technology — Tags: , , , — Nicholas @ 10:00

At The Register, Trevor Pott explains why trust is the key part of your personal online security:

Virtually everything we work with on a day-to-day basis is built by someone else. Avoiding insanity requires trusting those who designed, developed and manufactured the instruments of our daily existence.

All these other industries we rely on have evolved codes of conduct, regulations, and ultimately laws to ensure minimum quality, reliability and trust. In this light, I find the modern technosphere’s complete disdain for obtaining and retaining trust baffling, arrogant and at times enraging.

Let’s use authentication systems as a fairly simple example. Passwords suck, we all know they suck, and yet the majority of us still try to use easy to remember (and thus easy to crack) passwords for virtually everything.

The use of password managers and two-factor authentication is on the rise, but we have once more run into a classic security versus usability issue with both technologies.

[. . .]

Trust as a design principle

The technosphere doesn’t think like this. Very few design their products around trust, or the lack thereof. We’ve become obsessed with how the technology works and what that technology can enable; technology is easy, people are hard. How the technology we create integrates into the larger reality of politics, law, emotion and the other people-centric elements, is often overlooked.

In some cases it is simply a matter of having a limited target audience; American firms designing for American users, for example. It is impossible for most to really understand the intricacies of trust issues in all their variegated permutations. It is human to be limited in our vision, and scope of understanding.

H/T to Bruce Schneier for the link.

Federal government denies collecting electronic data on Canadians

Filed under: Cancon, Government, Media, Technology — Tags: , , , , , — Nicholas @ 08:55

Oh, well, if the government denies doing something I guess they pretty much have to be telling the truth, right? Unfortunately, the photo accompanying this Toronto Star article doesn’t show if Peter MacKay is crossing the fingers on his left hand:

The Conservative government flatly denies Canadian spy agencies are conducting any unauthorized electronic snooping operations.

After facing questions from the NDP Opposition about how far he has authorized Ottawa’s top secret eavesdropping spy agency to go, a terse Conservative Defence Minister Peter MacKay left the Commons, telling the Star: “We don’t target Canadians, okay.”

A former Liberal solicitor general says that doesn’t mean other allied spy agencies don’t collect information on Canadians and share it with the Canadian spying establishment.

Liberal MP Wayne Easter, who was minister responsible for the spy agency CSIS in 2002-03, told the Star that in the post-9/11 era a decade ago it was common for Canada’s allies to pass on information about Canadians that they were authorized to gather but Ottawa wasn’t.

The practice was, in effect, a back-door way for sensitive national security information to be shared, not with the government, but Communications Security Establishment Canada (CSEC) and, if necessary, the Canadian Security Intelligence Service (CSIS).

CSEC is a new bit of alphabet soup in the public sphere … I’d never heard of the organization until yesterday. Tonda MacCharles explains what the agency is empowered to do:

The CSEC, an agency that is rarely in the public eye, has far-reaching national security powers to monitor and map electronic communication signals around the globe.

It is forbidden by law to target or direct its spying on Canadians regardless of their location anywhere in the world, or at any person in Canada regardless of their nationality.

The National Defence Act says CSE may, however, unintentionally intercept Canadians’ communications, but must protect their privacy in the use and retention of such “intercepted information.” The agency’s “use” of the information is also restricted to cases where it is “essential to international affairs, defence or security.”

CSEC’s job is to aid federal law enforcement and security agencies, including the military, in highly sensitive operations. It was a key component of Canadian operations in Afghanistan, for example.

June 10, 2013

No surprise here – there’s also a maple-flavoured PRISM

Filed under: Cancon, Government, Media — Tags: , , , , , — Nicholas @ 11:05

In the Globe and Mail, Colin Freeze covers the Canadian data collection program that was approved by the Martin government in 2005 and “renewed” by the Harper government in 2011:

Defence Minister Peter MacKay approved a secret electronic eavesdropping program that scours global telephone records and Internet data trails — including those of Canadians — for patterns of suspicious activity.

Mr. MacKay signed a ministerial directive formally renewing the government’s “metadata” surveillance program on Nov. 21, 2011, according to records obtained by The Globe and Mail. The program had been placed on a lengthy hiatus, according to the documents, after a federal watchdog agency raised concerns that it could lead to warrantless surveillance of Canadians.

There is little public information about the program, which is the subject of Access to Information requests that have returned hundreds of pages of records, with many passages blacked out on grounds of national security.

It was first explicitly approved in a secret decree signed in 2005 by Bill Graham, defence minister in Paul Martin’s Liberal government.

It is illegal for most Western espionage agencies to spy on their citizens without judicial authorization. But rising fears about foreign terrorist networks, coupled with the explosion of digital communications, have shifted the mandates of secretive electronic-eavesdropping agencies that were created by military bureaucracies to spy on Soviet states during the Cold War.

The Canadian surveillance program is operated by the Communications Security Establishment Canada (CSEC), an arm of the Department of National Defence.

June 6, 2013

QotD: The CBC is “nothing but a zombie, slowly sucking up a dwindling fund of goodwill and nostalgia”

Filed under: Business, Cancon, Media, Quotations — Tags: , , , — Nicholas @ 08:22

As Postmedia and other newspaper empires pull paywalls down over their digital incarnations, CBC minions on Twitter have been caught crowing about their “no paywall” status, purchased by the taxpayer at the sensational bargain price of $1.2 billion a year.

It may be hard for readers to feel bad for the cartelizing Paywall Gang, but it is surely a tactical error for the CBC to call attention to its incredibly expensive “free” nature. The Broadcasting Act says the Corporation shall operate “radio and television” services; it doesn’t say anything about a website, much less a website that functions as a telegraphic gazette. Of course, times change and new media paradigms develop and blah blah blah, but the distinction here is crucial: The original pretext for the creation of the CBC was the limited, theoretically public nature of broadcast spectrum. To the degree that the CBC is now just one digital content provider among many, with a hypothetized mandate that puts it in a position to compete with newspapers, it can rightly be privatized, or destroyed, or handed over to its own employees, in order to unburden the public treasury.

Polls always demonstrate high levels of purported political support for the CBC. The public subsidy to the CBC is a forced transfer of wealth from people who don’t like it to people who do, and the “dos,” unsurprisingly, like the set-up just fine. In the U.S., donor-funded, non-profit “public” radio is equally adored by fans; the only difference is that they’re asked to chip in for their preferred electronic smarm or go without. No social or economic arguments against privatization of the CBC are possible. It’s nothing but a zombie, slowly sucking up a dwindling fund of goodwill and nostalgia. Mr. Dressup is dead, folks.

Colby Cosh, “Why the CBC has outlived its usefulness”, Maclean’s, 2013-06-06

June 4, 2013

Email issues

Filed under: Administrivia, Personal — Tags: — Nicholas @ 07:43

I’d just sent an email to Jon, my former virtual landlord, thanking him for sending me the last item I posted when my email client UI was replaced with this:

Yahoo mail outage

So, if you are expecting me to respond to an email, it may be a while before I can do that…

June 1, 2013

QotD: Internet espionage

Filed under: China, Humour, Quotations, Technology — Tags: , , , — Nicholas @ 08:26

A new report says that the Chinese are hacking American computer networks at an alarming rate. This is hardly news. I’ve been including the phrase “早安,我抱歉有沒有在這封電子郵件中的商業秘密或加拿大色情。請停止殺害酷動物啄木鳥醫學。剛剛買了一些偉哥了” at the bottom of every e-mail for months (I put it just above where it says “Hello Mr. Holder!”). It means, according to Google translate: “Good Morning, I’m sorry there’s no trade secrets or Canadian porn in this e-mail. Please stop killing cool animals for pecker medicine. Just buy some Viagra already.”

What is new is the scope of the problem the report lays out. This is a thorny issue and I think the U.S. needs to be much, much more aggressive in combating it. Why it’s not a bigger issue for the WTO, for instance, is baffling to me. They are stealing our stuff, which strikes me as a bigger deal than taxing it at the border.

Explaining to the Chinese leadership that they shouldn’t be doing this because it’s wrong is like explaining to a dog licking its nethers that what he’s doing is bad manners: To the extent they understand at all, they couldn’t care less. They respect power. They understand when you put a price on bad behavior. So we need to put a price on Chinese hacking. It’s really that simple. The hard thing to figure out is how.

Jonah Goldberg, “Chiiiiiicoms in (Cyber) Spaaaaaaaaaaaace!”, The Goldberg File, 2013-05-31

May 28, 2013

Breaking new (legal) trails

Filed under: Cancon, Law, Media — Tags: , , , — Nicholas @ 08:10

Colby Cosh on the fascinating attempt by former Toronto Maple Leafs general manager Brian Burke to sue his alleged defamers on the internet:

Question: if you can defame someone on the internet, should they be able to sue you over the internet? Grouchy former Leafs GM Brian Burke intends to find out. His lawyers are set to appear in B.C. Supreme Court in Vancouver today, where they will argue that Burke should be able to serve notice of his defamation lawsuit against pseudonymous members of various internet forums by means of those forums themselves. “Ding! You’ve… got… mail.”

Early commentary on Burke’s lawsuit over claims he had an affair with a broadcaster was focused on the difficulty of tracking down internet anonymice and serving them with the right papers. The established pathway is to go through internet service providers to get them to disclose the identities behind IP addresses — but privacy-conscious tech firms don’t like to give up that info without a court order, and if Johnny Flapgums did not happen to post from home or work, a plaintiff is more or less out of luck anyway. In an unforeseen development, Burke is now asking the court to let him sue internet usernames as usernames, notifying the users of the action through the personal-messaging apparatus of the sites on which they posted their allegedly scurrilous comments.

If Burke succeeds with today’s motion, defendants such as “CamBarkerFan” and “Slobberface” will be forced into a tricky choice between fighting the lawsuit, and thus exposing themselves to a verdict, or laying low and allowing a default judgment to be entered against them, thus exposing themselves to the risk of being identified and penalized later without any chance of a defence.

May 20, 2013

Yahoo’s Tumblr purchase

Filed under: Business, Media — Tags: , , , — Nicholas @ 09:15

Yahoo is spending $1.1 billion to acquire Tumblr:

Despite the breadth and diversity of life online, there are relatively few opportunities to make the kind of acquisitions that make the industry stop and take stock. Yahoo’s $1.1bn deal to buy Tumblr is one of those moments: a bold acquisition that says chief executive Marissa Meyer means business.

Comparisons to Yahoo’s 1999 $3.6bn acquisition of Geocities are too simplistic. In internet years, 1999 is more like two centuries ago and Yahoo is in a completely different place, led by a woman with all the zeal of a convert. Repeatedly passed over for promotion during her previous (another internet lifetime) 13 years at Google, she has an opportunity to do something impressive with Yahoo, which seemed in terminal decline. One venture capital executive told me that during the tenure of Carol Bartz, Mayer’s predecessor once removed, the investors were expecting Yahoo to ditch all but essential staff, focus on core revenue-building products and then rinse the company hard for maximum profit until it ran into the ground.

[. . .]

Yahoo was easy to write off in the tech community because it lacks the cool factor and developer kudos of Facebook and Google. But Yahoo’s power has always been in its more mainstream (though ageing) user base and its powerful display advertising business. Herein lies the key to its Tumblr acquisition. Though the fit with this hipster lite-blogging, photo-heavy platform could seem a little awkward, it makes sense in the context of Yahoo’s ad strategy.

Tumblr founder David Karp has always said its advertising model is based on Twitter’s “the tweet is the ad” principle. That is, that being embedded in a customised, personal flow of information, being relevant to an influential and proactive community is the most valuable and meaningful way of presenting display advertising right now. That makes Tumblr, integrated with Yahoo’s enormous expertise in display advertising, a diverse and demographically important platform for Yahoo that is mobile-heavy and social-focused.

May 18, 2013

The booming market in pre-owned high fashion clothing

Filed under: Business, Economics — Tags: , , — Nicholas @ 08:14

A market I have to admit I was almost completely ignorant about, but it’s poised to become a very busy, competitive market if it can overcome a few hurdles:

There’s been a digital explosion in the market for pre-owned fashion. In the past year, we’ve seen a veritable land grab in the online consignment and resale space with the number of “re-commerce” sites now exceeding 50 — and many more, no doubt, incubating in Silicon Valley, New York, London and beyond. Several market levels are being addressed: mall/high street (Threadflip, Tradesy), thrift (LikeTwice, NiftyThrifty), upmarket (TheRealReal), haute vintage (Byronesque) and boutique (ReFashioner, my own company).

It may seem like these sites are dealing in a mere by-product of the fashion industry. But no, this is the product. Everything that’s bought becomes pre-owned. A tidal wave is building and it has the power to undermine or even destroy. Indeed, the stockpile of merchandise is overwhelmingly vast. I did the math in 2009 for ReFashioner’s beta, a luxury fashion swap site: $880 billion trapped in closets. And that’s just high-end womenswear in the US.

[. . .]

As with flash sales, this inventory is delimited by the retail market. And it’s wayward. The ROI sucks when every SKU is singular and inventory is locked up — literally — in houses. And there’s something of a standoff between buyer and seller: the non-professional seller, accustomed to seeing 100 percent mark-ups in the real world, wants top dollar for her career basics and contemporary designer wear, while the buyer wants Zappos-like service, Etsy pricing and Net-a-Porter merchandising. There are other issues too: resistance to higher ticket items without fittings, sketchy return policies, knock-off trading.

But there’s more. This merchandise is personal. It’s not just a numbers game, it’s about everything fashion means to us. It’s about honouring the past of the clothes and their place in our lives. If this is going to work, we need to add content and context. Idealistic, maybe. But idealism is how things get changed and idealism can work to the advantage of this category.

H/T to Virginia Postrel for the link.

May 11, 2013

The “Liberator” isn’t really a gun … it’s a political theatre prop

Filed under: Liberty, Media, Politics, USA, Weapons — Tags: , , , , — Nicholas @ 00:01

In The Register, Lewis Page points out that the 3D printed “Liberator” isn’t actually much of a gun at all:

People are missing one important point about the “Liberator” 3D-printed “plastic gun”: it isn’t any more a gun than any other very short piece of plastic pipe is a “gun”.

You can take my Liberator ... and shove it

You can take my Liberator … and shove it

Seriously. That’s all a Liberator is: a particularly crappy pipe, because it is made of lots of laminated layers in a 3D printer. Attached to the back of the pipe is a needlessly bulky and complicated mechanism allowing you to bang a lump of plastic with a nail in it against the end of the pipe.

An actual gun barrel is a strong, high quality pipe — almost always made of steel or something equally good — capable of containing high pressure gas. It has rifling down the inside, making it narrow enough that the hard, tough lands actually cut into the soft bullet jacket (too small for the bullet to actually move along, unless it is rammed with massive force). At the back end there is a smooth-walled section, slightly larger, into which a cartridge can be easily slipped.

It’s not much of a gun at all. But as with the old saying about the dancing bear, it’s not how well it dances but that it dances at all. After some 100,000 downloads, the company was requested to take the files offline on Thursday:

May 9, 2013

The NSA’s guide to hacking Google searches

Filed under: Technology, USA — Tags: , , , , — Nicholas @ 10:34

Wired‘s Kim Zetter on how the NSA recommends its own analysts get the best intelligence use out of Google and other online tools:

There’s so much data available on the internet that even government cyberspies need a little help now and then to sift through it all. So to assist them, the National Security Agency produced a book to help its spies uncover intelligence hiding on the web.

The 643-page tome, called Untangling the Web: A Guide to Internet Research (.pdf), was just released by the NSA following a FOIA request filed in April by MuckRock, a site that charges fees to process public records for activists and others.

The book was published by the Center for Digital Content of the National Security Agency, and is filled with advice for using search engines, the Internet Archive and other online tools. But the most interesting is the chapter titled “Google Hacking.”

[. . .]

Stealing intelligence on the internet that others don’t want you to have might not be illegal, but it does come with other risks, the authors note: “It is critical that you handle all Microsoft file types on the internet with extreme care. Never open a Microsoft file type on the internet. Instead, use one of the techniques described here,” they write in a footnote. The word “here” is hyperlinked, but since the document is a PDF the link is inaccessible. No word about the dangers that Adobe PDFs pose. But the version of the manual the NSA released was last updated in 2007, so let’s hope later versions cover it.

May 4, 2013

Ron Paul on the so-called “Marketplace Fairness Act”

Filed under: Business, Economics, Government, USA — Tags: , , , , , , — Nicholas @ 09:28

As you probably guessed, he’s against it:

David French, Senior Vice President of the National Retail Federation, the major industry group lobbying for the so-called “Marketplace Fairness Act,” (more aptly named the “National Internet Tax Mandate”) recently commented that “…the law [governing Internet sales] today is a 20th-century interpretation of an 18th-century document…” Mr. French’s comments are typical of those wishing to expand government power beyond the limits established by the United States Constitution.

[. . .]

The National Internet Tax Mandate overturns the Supreme Court’s 1992 Quill v. North Dakota decision that states can only force businesses to collect sales tax if the business has a “physical presence” in the state. Quill represented a rare instance where the Supreme Court properly interpreted the Commerce Clause. Thanks to the Quill decision, the Internet has remained a tax-free zone, though some states require consumers to later pay taxes on products they purchased online. This freedom has helped turn the Internet into a thriving and dynamic sector of the economy, to the benefit of entrepreneurs and consumers.

Now that status is threatened by an alliance of big business and tax-hungry state governments seeking new powers to force out-of-state business to collect state sales taxes. Far from updating the Constitution to fit the needs of the 21st century, the National Internet Tax Mandate is a throwback to 18th century mercantilism.

The National Internet Tax Mandate will raise the costs of doing business over the Internet. Large, established Internet companies, such as Amazon, can absorb these costs, whereas their smaller competitors cannot. More importantly, the Mandate’s increased costs and regulations could prevent the creation and growth of the next Amazon.

May 3, 2013

What could kill Google Glass? Terminal dorkiness.

Filed under: Technology — Tags: , , , — Nicholas @ 00:02

In Wired, Marcus Wohlsen theorizes that the inherent dork factor will be the biggest hurdle for Google Glass:

The Segway. The Bluetooth headset. The pocket protector.

What do these three technologies have in common? They all pretty much work as promised. They all seem like good ideas on paper. And they’re all too dorky to live.

Now, far be it from me to claim that nerdiness equals lack of popularity potential. But I contend that dorkiness and nerdiness are two different qualities. While nerdiness implies a certain social awkwardness that’s ultimately endearing, dorkiness connotes social obliviousness that opens you to deserved ridicule.

Guess which category Google Glass will fall under when it goes “mainstream?”

Forget about the privacy concerns for a second. I don’t think you have to get that serious to recognize the inherent antisocialness of Google Glass. All you have to do is look at the guy in the picture at the top of this post. Or any of the rest of the guys on White Men Wearing Google Glass, a new Tumblr that serves up the data needed to transform the hypothesis “Google Glass is too dorky to succeed” into a proven scientific theory.

Disagree? The floor is open for falsification. Start your own Tumblr: People Who Look Cool While Wearing Google Glass.

« Newer PostsOlder Posts »

Powered by WordPress