You are here


Photo editors: Embed your text in the jpegs

Hey photo editing programs -- I'm looking at you, Photoshop -- a lot of you allow people to place text into graphic images, usually as a text layer. Most graphics with text on the web are made this way. Then we export the image as a jpeg or png/gif, flatting the layers so our artful text is displayed. This is how all the buttons with words are made, as well as the title banner graphics on most web sites.


We're #12. We're #12!

From the shameless narcissism department: I was surprised to see myself and the EFF picked by PC World today at #12 on their 50 most important people on the web list. I'm really there as a proxy for the EFF, I suspect, but it's great to see our work recognized. I'm pleased to say the EFF is going like gangbusters right now with so many cases under our wing, and many thousands of new members in the last year, thanks in part to the AT&T lawsuit and others.

Calendar software, notice when I fly

Most of us, when we travel, put appointments we will have while on the road into our calendars. And we usually enter them in local time. ie. if I have a 1pm appointment in New York, I set it for 1pm not 10am in my Pacific home time zone. While some calendar programs let you specify the time zone for an event, most people don't, and many people also don't change the time zone when they cross a border, at least not right away.

Without knowing it, we're all in the gene databases already

I have written before how future technology affects our privacy decisions today. DNA collection is definitely one of these areas. As you may know, law enforcement in the USA is now collecting DNA from people convicted of crimes, and even those arrested in a number of jurisdictions -- with no ability to expunge the data if not found guilty. You may feel this doesn't affect you, as you have not been arrested.

As DNA technology grows, bioinformatics software is becoming able to determine that a sample of DNA is a "near match" for somebody in a database. For example, they might determine that a person in the database is not the source of the DNA being studied, but is a relative of that person.

In a recent case, a DNA search turned up not the perpetrator, but his brother. They investigated the male relatives of the brother and found and convicted the man in question.


Zphone and the "rich little attack"

I was discussing his Zphone encrypting telephone system with Phil Zimmermann today. In his system, phone calls are encrypted with opportunistic, certificateless cryptography, which I applaud because it allows zero user interface and not centralization. It is vulnerable to "man in the middle" attacks if the MITM can be present in all communications.

His defence against MITM is to allow the users of the system to do a spoken authentication protocol at any time in their series of conversations. While it's good to do it on the first call, his system works even when done later. In their conversation, they can, using spoken voice, read off a signature of the crypto secrets that are securing their conversation. The signatures must match -- if they don't, a man-in-the-middle is possibly interfering.

I brought up an attack he had thought of and called the Rich Little attack, involving impersonation with a combination of a good voice impersonation actor and hypothetical computerized speech modification that turns a good impersonator into a near perfect one. Phil believes that trying to substitute voice in a challenge that can come at any time, in any form, in any conversation is woefully impractical.

A small amount of thought made me produce this attack: Two impersonators. Early on in a series of conversations, the spy agency trying to break in brings in two impersonators who have listened to Alice and Bob respectively (we are hearing their calls) and learned their mannerisms. A digital audio processor helps convert the tones of their voice. That's even easier on an 8khz channel.


Subsidize customers, not phones

As you may know, if you buy a cell phone today, you have to sign up for a 1 or 2 year contract, and you get a serious discount on the phone, often as much as $200. The stores that sell the phones get paid this subsidy when they sell to you, if you buy from a carrier you just get a discount. The subsidy phones are locked so you can't go and take them to another carrier, though typically you can get them unlocked for a modest fee either by the carrier or unlock shops.


It's OK, the internet will scale fine

I've been seeing a lot of press lately worrying that the internet won't be able to handle the coming video revolution, that as more and more people try to get their TV via the internet, it will soon reach a traffic volume we don't have capacity to handle. (Some of this came from a Google TV exec's European talk, though Google has backtracked a bit on that.)

A solar economics spreadsheet

In light of my recent threads on CitizenRe I built a spreadsheet to do solar energy economic calculations. If you click on that, you can download the spreadsheet to try for yourself. If you don't have a spreadsheet program (I recommend the free Gnumeric or Open Office) it's also up as a Google Solar Spreadsheet but you may need a Google account to plug in your own numbers.


Do taxi monopolies make sense in the high-tech world?

Many cities (and airports) have official taxi monopolies. They limit the number of cabs in the city, and regulate them, typically by issuing "medallions" to cabs or drivers or licences to companies. The most famous systems are in London and New York, but they are in many other places. In New York, the medallions were created earlier in the century, and have stayed fixed in number for decades after declining from their post-creation peak. The medallion is a goldmine for its "owner." Because NY medallions can be bought and sold, recently they have changed hands at auction for around $300,000. That 300K medallion allows a cab to be painted yellow, and to pick up people hailing cabs in the street. It's illegal for ordinary cars to do this. Medallion owners lease the combination of cab and medallion for $60 to $80 for a 7-9 hour shift, I believe.

Here in San Francisco, the medallions are not transferable, and in theory are only issued (after a wait of a decade or more) to working cab drivers, who must put in about 160 4-hour shifts per year. After that, they can and do rent out their medallion to other drivers, for a more modest rental income of about $2,000 per month.

On the surface, this seems ridiculous. Why do we even need a government monopoly on taxis, and why should this monopoly just be a state-granted goldmine for those who get their hands on it? This is a complex issue, and if you search for essays on taxi medallions and monopoly systems you will find various arguments pro and con. What I want to get into here is whether some of those arguments might be ripe for change, in our new high-tech world of computer networks, GPSs and cell phones.

In most cities, there are more competitive markets for "car services" which you call for an appointment. They are not allowed to pick up hailing passengers, though a study in Manhattan found that they do -- 2 of every 5 cars responding to a hail were licenced car services doing so unlawfully.

CitizenRe, real or imagined -- a challenge

Recently I opened up a surprising can of worms with a blog post about CitizenRe wondering if they had finally solved the problem of making solar power compete with the electrical grid. At that post you will see a substantial comment thread, including contributions by executives of the firm, which I welcome. At first, I had known little about CitizenRe and the reputation it was building. I thought i should summarize some of the issues I have been considering and other elements I have learned.

CitizenRe's offer is very appealing. They claim they will build a plant that can make vastly cheaper solar. Once they do, they will install it on your roof and "rent" it to you. You buy all the power it produces from them at a rate that beats your current grid power cost. Your risks are few -- you put down a deposit of $500 to $1500 depending on system size, you must cover any damage to the panels, and they offer removal and replacement for a very modest fee if you need to reroof or even move. You lock in your rate, which is good if grid rates go up and bad if grid rates go down or other solar becomes cheaper, but on the whole it's a balanced offer.

In fact, it seems too good to be true. It's way, way cheaper than any offering available today. Because it sounds so good, many people are saying "show me." I want to see just how they are going to pull that off. Many in the existing solar industry are saying that much louder. They are worried that if CitizenRe fails to deliver, all their customers will have been diverted to a pipedream while they suffer financial ruin. Of course, they are also worried that if CitizenRe does deliver, they will be competed out of business, so they do have a conflict of interest.

Here are some of the things to make me skeptical.


When should a password be strong

If you're like me, you select special unique passwords for the sites that count, such as banks, and you use a fairly simple password for things like accounts on blogs and message boards where you're not particularly scared if somebody learns the password. (You had better not be scared, since most of these sites store your password in the clear so they can mail it to you, which means they learn your standard account/password and could pretend to be you on all the sites you duplicate the password on.) There are tools that will generate a different password for every site you visit, and of course most browsers will remember a complete suite of passwords for you, but neither of these work well when roaming to an internet cafe or friend's house.

However, every so often you'll get a site that demands you use a "strong" password, requiring it to be a certain length, to have digits or punctuation, spaces and mixed case, or subsets of rules like these. This of course screws you up if the site is an unimportant site and you want to use your easy to remember password, you must generate a variant of it that meets their rules and remember it. These are usually sites where you can't imagine why you want to create an account in the first place, such as stores you will shop at once, or blogs you will comment on once and so on.

Strong passwords make a lot of sense in certain situations, but it seems some people don't understand why. You need a strong password in case it is possible or desireable for an attacker to do a "dictionary" attack on your account. This means they have to try thousands, or even millions of passwords until they hit the one that works. If you use a dictionary word, they can try the most common words in the dictionary and learn your password.

Anti-gerrymandering formulae

A well known curse of many representative democracies is gerrymandering. People in power draw the districts to assure they will stay in power. There are some particularly ridiculous cases in the USA.

I was recently pointed to a paper on a simple, linear system which tries to divide up a state into districts using the shortest straight line that properly divides the population. I have been doing some thinking of my own in this area so I thought I would share it. The short-line algorithm has the important attribute that it's fixed and fairly deterministic. It chooses one solution, regardless of politics. It can't be gamed. That is good, but it has flaws. Its district boundaries pay no attention to any geopolitical features except state borders. Lakes, rivers, mountains, highways, cities are all irrelevant to it. That's not a bad feature in my book, though it does mean, as they recognize, that sometimes people may have a slightly unusual trek to their polling station.

Now that virtualizers are here, let's default to letting you run your old system

Virtualizer technology, that lets you create a virtual machine in which to run another "guest" operating system on top of your own, seems to have arrived. It's common for servers (for security) and for testing, as well as things like running Windows on linux or a Mac. There are several good free ones. One, kvm, is built into the lastest Linux kernel (2.6.20). Microsoft offers their own.


Social networking sites -- accept you won't be the only one, and start interoperating.

So many social networking sites (LinkedIn, Orkut, Friendster, Tribe, Myspace etc.) seem bent on being islands. But there can't be just one player in this space, not even one player in each niche. But when you join a new one it's like starting all over again. I routinely get invitations to join new social applications, and I just ignore them. It's not worth the effort.


Farewell, Studio 60 on the Sunset Strip

I've decided to stop watching Studio 60. (You probably didn't even know I was watching it, but I thought it was worthwhile outlining the reasons for not watching it.)

Studio 60 was hailed as the most likely great show of this season, with good reason, since it's from Aaron Sorkin, creator of one truly great show (the West Wing) and one near-great (Sportsnight.) Sorkin is deservedly hailed for producing TV that's smart and either amusing or meaningful, and that's what I seek. But I'm not caring about the characters on Studio 60.


Digital cameras should have built-in tagging

So many people today are using tags to organize photos and to upload them to sites like flickr for people to search. Most types of tagging are easiest to do on a computer, but certain types of tagging would make sense to add to photos right in the camera, as the photos are taken.

Updating the Turing Test

Alan Turing proposed a simple test for machine intelligence. Based on a parlour game where players try to tell if a hidden person is a man or a woman just by passing notes, he suggested we define a computer as intelligent if people can't tell it from a human being through conversations with both over a teletype.

The giant security hole in auto-updating software

It's more and more common today to see software that is capable of easily or automatically updating itself to a new version. Sometimes the user must confirm the update, in some cases it is fully automatic or manual but non-optional (ie. the old version won't work any more.) This seems like a valuable feature for fixing security problems as well as bugs.

But rarely do we talk about what a giant hole this is in general computer security. On most computers, programs you run have access to a great deal of the machine, and in the case of Windows, often all of it. Many of these applications are used by millions and in some cases even hundreds of millions of users.

When you install software on almost any machine, you're trusting the software and the company that made it, and the channel by which you got it -- at the time you install. When you have auto-updating software, you're trusting them on an ongoing basis. It's really like you're leaving a copy of the keys to your office at the software vendor, and hoping they won't do anything bad with them, and hoping that nobody untrusted will get at those keys and so something bad with them.


Internet oriented supper club

At various times I have been part of dinner groups that meet once a month or once a week at either the same restaurant or a different restaurant every time. There's usually no special arrangement, but it's usually good for the restaurant since they get a big crowd on a slow night.


Understand the importance of a key in crypto design

I've written before about ZUI (Zero user interface) in crypto, and the need for opportunistic encryption based upon it. Today I want to further enforce the concept by pointing to mistakes we've seen in the past.



Subscribe to RSS - blogs