Quotulatiousness

April 24, 2011

Unhappy tax day for online poker players

Filed under: Gaming, Law, USA — Tags: , — Nicholas @ 12:07

Well, tax day generally isn’t a happy day, but online poker players were especially unhappy:

Last week, while many people reported their income to the Internal Revenue Service, others suddenly found their source of income shut off. On a day now known among online poker players as “Black Friday,” the Department of Justice did us Americans the favor of saving us from ourselves by shutting down the three most popular and trusted online poker platforms.

Not only did the department seize the three domain names, it also froze 77 accounts around the world and charged the founders of PokerStars, Full Tilt Poker and Absolute Poker, among others. What’s there crime? While the charges very carefully center on bank fraud, the heart of the department’s clampdown on Internet gambling stems from the Unlawful Internet Gambling Enforcement Act (UIGEA). Passed during a midnight vote in 2006, the UIGEA doesn’t actually prohibit online gambling but rather bans credit-processing companies from processing payments from “unlawful” online gambling activities. However, the bill never clarifies what it means by “unlawful” activities.

After the law’s passage, several online poker companies continued to operate in the United States, and Justice has turned the prosecution of those entities into a very lucrative endeavor. United Kingdom-based SportingBet, an online betting platform, signed a non-prosecution agreement with the U.S. government last year in return for a payment of $33 million, and in 2008, the co-founder of PartyGaming.com paid authorities $300 million in a settlement. In last week’s indictment, Justice announced that it was seeking a total of $3 billion from the poker companies. Compare this with the $105 million fine that Wachovia, which was found to be laundering billions of dollars in drug money, paid to the U.S. government, and one must wonder what kind of metric Justice uses when deciding which injustices to pursue.

April 14, 2011

DANE to address weaknesses in internet security?

Filed under: Technology — Tags: , — Nicholas @ 12:05

The Economist looks at a possible way to address the known weaknesses of the current internet security defaults:

[A] comprehensive solution would let domain owners confirm that the names and machine numbers issued by a given CA are kosher. Under DNS-based Authentication of Named Entities (DANE), a standard being developed by Mr Schultze and others at the Internet Engineering Task Force, a browser retrieves a certificate from a web server, but checks with the DNS whether the certificate is in fact the one that was issued to a given domain owner. So, though a CA will still provide a validation step, the domain owner will have had to give it the thumbs up first. To prevent malevolent fiddling the DNS infrastructure itself needs to be secured, too. A long-running effort to do this, known as DNSSEC, hit a key milestone in 2010 and may have enough pieces in place soon to be usable. This is important because DANE would be incomplete without it.

Whilst all current browsers must be updated to take advantage of DANE, the new system can coexist with the old, and a gradual transition can be made. Browser plug-ins could bridge the gap before browser makers build in DANE, too. Those that want the added robustness of the new system — whether individuals, companies, or governments — may accelerate the adoption of updated browsers as DANE becomes available.

These moves do not provide total assurance that what your browser is told about an internet site’s identity and security is true. Trust, but verify — and verify again.

April 13, 2011

Never seen this before

Filed under: Randomness, Technology — Tags: — Nicholas @ 11:28

My Rogers email account appears to have a nasty case of rot-13 encoding in the address book. I’d include a screen capture, but now that I’ve told you the trick of decoding it, it’d expose folks’ email addresses, which would be a bit unethical of me. At first, I thought it was just a garble, but I noticed that a lot of the addresses ended in “.pbz” and “.pn” (that’d be “.com” and “.ca” rotated 13 characters).

It’s not crippling, as I can just copy and paste from existing email messages, but it is annoying.

Update, 14 April: It appears to be fixed now.

April 11, 2011

SSL is “just an illusion of security”

Filed under: Technology — Tags: , , , , — Nicholas @ 10:09

SSL (Secure Sockets Layer) is critically important to safe communications on the internet. It may also be “hopelessly broken“:

SSL made its debut in 1994 as a way to cryptographically secure e-commerce and other sensitive internet communications. A private key at the heart of the system allows website operators to prove that they are the rightful owners of the domains visitors are accessing, rather than impostors who have hacked the users’ connections. Countless websites also use SSL to encrypt passwords, emails and other data to thwart anyone who may be monitoring the traffic passing between the two parties.

It’s hard to overstate the reliance that websites operated by Google, PayPal, Microsoft, Bank of America and millions of other companies place in SSL. And yet, the repeated failures suggest that the system in its current state is hopelessly broken.

“Right now, it’s just an illusion of security,” said Moxie Marlinspike, a security researcher who has repeatedly poked holes in the technical underpinnings of SSL. “Depending on what you think your threat is, you can trust it on varying levels, but fundamentally, it has some pretty serious problems.”

Although SSL’s vulnerabilities are worrying, critics have reserved their most biting assessments for the business practices of Comodo, VeriSign, GoDaddy and the other so-called certificate authorities, known as CAs for short. Once their root certificates are included in Internet Explorer, Firefox and other major browsers, they can’t be removed without creating disruptions on huge swaths of the internet.

April 9, 2011

Upheaval in Finnish politics?

Filed under: Europe, Government, Media, Politics — Tags: , , , , — Nicholas @ 00:03

Ilkka is enjoying the spectacle of the “right-thinking” (i.e., left-thinking) folks in Finland who are horrified at the rise of a new party:

Canada will have yet another federal election that will bring yet another minority government, and back in the old country, the parliamentary elections have begun with the first early voting days, and the right-wing protest party True Finns is predicted to grab a significant chunk of the parliamentary seats. The impotent tantrum of the SWPL greens and leftists, along with the media that they still mostly control, reacting to the cognitive dissonance of the working class abandoning them has certainly been a laugh riot. Besides, this whole surge illustrates how just one voice of just the right pitch can smash a sufficiently ossified, smug and complacent echo chamber to little shards of glass by its mere existence. One can only imagine what the Finland of the 1970’s would have been like, had the Internet existed back then to give these voices a voice, as all leftism and progressivism can keep the reality at bay only if they get to have a totalitarian control of all media to constrain the parameters of debate.

April 4, 2011

Totally underground band loses millions to illegal downloads…or do they?

Filed under: Cancon, Economics, Media, Technology — Tags: , , , — Nicholas @ 09:39

An interesting article looks at a claim by an obscure band that their debut CD had been pirated over 100,000 times:

Late last week, TorrentFreak was contacted by a guy called Wayne Borean who alerted to us to a somewhat heated debate he’d been participating in on the ‘Balanced Copyright For Canada’ Facebook page.

“There’s a Rock Band called One Soul Thrust. They have a debut album, which I like (bought it off iTunes). However the first I heard of the band was when there were complaints that the band had gone Platinum — because of illegal Torrent downloads!” Borean explained.

Indeed, according to a press release from the band’s manager, Cameron Tilbury, the situation is very serious.

“The Canadian Recording Industry Association (CRIA) states that, to achieve Platinum status, an album must achieve sales of 100,000 copies/downloads of an album. Sales…that’s the key. A random polling of several torrent site’s downloads — ILLEGAL downloads — has shown that 1ST, the debut cd by ONE SOUL THRUST has been downloaded over 100,000 times,” he wrote.

That’s really terrible, isn’t it? An obscure band, hoping to make it big by selling their CD have an illegal audience more than 300 times their number of Facebook fans? How did all these illegal downloaders even find out about the band? Well, perhaps they didn’t:

At this point, since we couldn’t find any torrents on any site (Borean tried everywhere too), we have to admit we were beginning to wonder if this 100K download claim was some kind of publicity stunt. Furthermore, since Wayne Borean and Tilbury were starting to publicly tear each other apart (and getting pretty personal at times) it seemed sensible to get to the bottom of this, particularly since the band’s manager claimed that the all-powerful CRIA is supporting the band’s stance.

[. . .]

As many readers will now be aware, there is a huge problem. These results are completely fake and are generated from user input to draw traffic to site advertisers. You can type anything in the search boxes on some of these torrent sites (these apparently came from LimeTorrents) and anyone can appear to be pirated into oblivion [. . .]

We wrote back to Tilbury and explained our findings. We also asked him to comment on how he feels now that he realizes that people aren’t downloading the band’s music at all. He hasn’t responded to that question which is a real shame, because personally I think this is the most important part of the whole story.

I’m absolutely confident that there was no attempt to mislead with the band’s ‘piracy problem’ press release and that the band and their manager sincerely believed that 100K people had downloaded their album without paying for it. However, it would be intriguing to know what happened, when emotions of supposedly being ripped off by 100,000 pirates were replaced by other, perhaps more confused feelings.

Update, 5 April: Apparently you have two choices in a situation like this. 1) Own up to being mistaken and apologize for making a stink about a non-issue. 2) Double-down on stupid:

A day after One Soul Thrust’s manager had the entire Internet explain to him that his band’s music wasn’t being downloaded 100,000 times on BitTorrent sites, he’s still in deep denial. Today’s post is all about how the pirates attacked him “[b]ecause a debut album by an independent Canadian band is listed on torrent sites around the world and we had the audacity to point that out.” Um, no it’s not. It’s not listed on any torrent sites. As far as anyone can tell, not one human being on this planet has torrented this band’s CD. Dude, you made a mistake, you freaked out, you looked a little naive. Now you’re looking like an ass. Quit while you’re ahead, maybe?

Creative comments to that last post include 1) someone, somewhere actually upload the album to a torrent site, just so the band doesn’t look quite as pathetic, and 2) replace each track with varying length versions of a certain Rick Astley tune.

April 3, 2011

Richard Glover: “the internet may bring about the death of human civilisation”

Filed under: Environment, Media, Technology — Tags: , , , — Nicholas @ 12:26

Mr. Glover, a professional broadcaster and columnist, has determined that the collapse of civilization will come from internet trolling denialists:

It’s increasingly apparent that the internet may bring about the death of human civilisation, beating out previous contenders such as nuclear holocaust and the election of George W. Bush.

The agents of this planetary death will be the climate-change deniers who, it’s now clear, owe much of their existence to the internet. Would the climate-change deniers be this sure of themselves without the internet?

Somehow I doubt it. They are so damn confident.

They don’t just bury their heads in the sand, they fiercely drive their own heads energetically into the nearest beachfront, their bums defiantly aquiver as they fart their toxic message to the world. How can they be so confident, in the face of so much evidence to the contrary?

It’s the internet, of course, and the way it has given climate-change deniers the perfect forum — one in which groups of quite dim people can swap spurious information, reassuring each other there’s no evidence on the other side, right up to the point they’ve derailed all efforts to save the planet. Call it ”mutually reassured destruction”.

April 1, 2011

Google introduces “Gmail Motion”

Filed under: Humour, Technology — Tags: , , — Nicholas @ 07:35

Erasing your (digital) past

Filed under: Liberty, Media, Technology — Tags: , , — Nicholas @ 00:08

Eric Schmidt, former CEO of Google said: “I don’t believe society understands what happens when everything is available, knowable, and recorded by everyone all the time.” Privacy is dying, if not already clinically dead, in the online world. If you really want (or need) to airbrush yourself out of the picture, here are some suggestions on how to go about doing it.

The Internet has made our world a lot smaller. It has also made our histories a lot better-catalogued and more-searchable, and those developments — coupled with the weird phenomenon that people’s common sense tends to fly out the window when it comes to posting information and pictures — aren’t always beneficial to us.

[. . .]

Instead of popping you into a Witness Protection program — or changing your name — let us show you five steps on how to disappear from the Internet.

Step 1: Know Thine Enemy

Before you take any action, you need to know what you’re trying to get rid of. So first, do a search for your name — don’t just search Google, though, search online people search aggregation sites such as ZabaSearch, Intelius, Pipl, and Spokeo.

Here’s how to run an online background check (on yourself) for free.

March 29, 2011

Amazon’s “Cloud Drive” announcement

Filed under: Media, Technology — Tags: , , — Nicholas @ 08:17

Tired of moving your music from machine to machine? Feel constricted in your choices? Amazon.com thinks they’ve got an offering you won’t turn down:

Amazon.com, Inc. (NASDAQ:AMZN) today announced the launch of Amazon Cloud Drive (www.amazon.com/clouddrive), Amazon Cloud Player for Web (www.amazon.com/cloudplayer) and Amazon Cloud Player for Android (www.amazon.com/cloudplayerandroid). Together, these services enable customers to securely store music in the cloudand play it on any Android phone, Android tablet, Mac or PC, wherever they are. Customers can easily upload their music library to Amazon Cloud Drive and can save any new Amazon MP3 purchases directly to their Amazon Cloud Drive for free.

“We’re excited to take this leap forward in the digital experience,” said Bill Carr, vice president of Movies and Music at Amazon. “The launch of Cloud Drive, Cloud Player for Web and Cloud Player for Android eliminates the need for constant software updates as well as the use of thumb drives and cables to move and manage music.”

“Our customers have told us they don’t want to download music to their work computers or phones because they find it hard to move music around to different devices,” Carr said. “Now, whether at work, home, or on the go, customers can buy music from Amazon MP3, store it in the cloud and play it anywhere.”

Don’t get too excited, fellow Canadians: this is the .com company, not the .ca flavour. Since amazon.ca still can’t sell you MP3 tracks, I doubt that the Amazon Cloud will be available north of the border any time soon.

March 27, 2011

Rogers is actively throttling bandwidth for World of Warcraft players

Filed under: Cancon, Gaming, Technology — Tags: , — Nicholas @ 11:14

In what isn’t really a surprise, Justin Olivetti reports on how Canadian WoW players have been suffering from deliberate throttling:

If you play World of Warcraft in Canada and were wondering why your connection seemed a bit slow, it turns out there may be a good explanation: Rogers Communications has been deliberately throttling the game across the country.

[. . .]

Rogers said that it was Blizzard’s use of BitTorrent to deliver updates that triggered the throttling, and said that customers who disabled this setting — as well as any other peer-to-peer applications — would not see a slowdown in speed. “Rogers will engage our customers to ensure they are aware of these recommendations, while continuing to work on a longer term solution,” a spokesperson said.

March 24, 2011

Online security: compromised HTTPS certificates

Filed under: Technology — Tags: , , , — Nicholas @ 09:25

Iranian hackers (or someone trying to cast blame on Iran) managed to get a number of HTTPS certificates issued under false colours:

On March 15th, an HTTPS/TLS Certificate Authority (CA) was tricked into issuing fraudulent certificates that posed a dire risk to Internet security. Based on currently available information, the incident got close to — but was not quite — an Internet-wide security meltdown. As this post will explain, these events show why we urgently need to start reinforcing the system that is currently used to authenticate and identify secure websites and email systems.

[. . .]

Comodo also said that the attack came primarily from Iranian IP addresses, and that one of the fraudulent login.yahoo.com certs was briefly deployed on a webserver in Iran.

March 20, 2011

Hacking a secure WiFi connection not illegal, says Dutch court

Filed under: Europe, Law, Technology — Tags: , , , , — Nicholas @ 11:09

An interesting legal precedent may not be as far-reaching as the headline might imply:

Breaking in to an encrypted router and using the WiFi connection is not an criminal offence, a Dutch court ruled. WiFi hackers can not be prosecuted for breaching router security.

A court in The Hague ruled earlier this month that it is legal to break WiFi security to use the internet connection. The court also decided that piggybacking on open WiFi networks in bars and hotels can not be prosecuted. In many countries both actions are illegal and often can be fined.

[. . .]

The Judge reasoned that the student didn’t gain access to the computer connected to the router, but only used the routers internet connection. Under Dutch law breaking in to a computer is forbidden.

A computer in The Netherlands is defined as a machine that is used for three things: the storage, processing and transmission of data. A router can therefore not be described as a computer because it is only used to transfer or process data and not for storing bits and bytes. Hacking a device that is no computer by law is not illegal, and can not be prosecuted, the court concluded.

The key here is the definition of a computer under the law: I expect the Dutch to update this definition in response to the outcome of this case.

March 8, 2011

Lastest boon to spammers? The move to IPv6, apparently

Filed under: Technology — Tags: , , , — Nicholas @ 08:50

John Leyden reports that with all the good things about moving to the vastly larger address space of IPv6, we can expect at least one negative:

The migration towards IPv6, which has been made necessary by the expansion of the internet, will make it harder to filter spam messages, service providers warn.

The current internet protocol, IPv4, has a limited address space which is reaching exhaustion thanks to the fast uptake of internet technology in populous countries such as India and China and the more widespread use of smartphones. IPv6 promises 3.4 x 1038 addresses compared to the paltry 4.3 billion (4.3 x 109) addresses offered by IPv4.

While this expansion allows far more devices to have a unique internet address, it creates a host of problems for security service providers, who have long used databases of known bad IP addresses to maintain blacklists of junk mail cesspools. Spam-filtering technology typically uses these blacklists as one (key component) in a multi-stage junk mail filtering process that also involves examining message contents.

“The primary method for stopping the majority of spam used by email providers is to track bad IP addresses sending email and block them — a process known as IP blacklisting,” explained Stuart Paton, a senior solutions architect at spam-filtering outfit Cloudmark. “With IPv6 this technique will no longer be possible and could mean that email systems would quickly become overloaded if new approaches are not developed to address this.”

March 5, 2011

xkcd re-interprets the Nolan Chart

Filed under: Humour, Liberty, Media — Tags: , , , — Nicholas @ 11:36

Nolan Chart

« Newer PostsOlder Posts »

Powered by WordPress