Submitted by brad on Thu, 2006-04-20 16:47.
We all know that racecar drivers wear jumpsuits plastered with the logos of the companies that have sponsored them.
Why not have the same system for members of the legislature? When they vote on bills, they would need to wear a suit with patches from Halliburton, Exxon, AT&T or any other companies that have given them major contributions. Larger contribution, larger patch.
Ok, not going to happen, but perhaps it’s less wild to suggest that as an alternative to having to register to donate money (which many people still feel is a violation of freedom of speech), we have politicians publish a list of all their donors, and the amount, for any given bill whom they feel have a special interest in the bill. They would have to say the top entries while voting, and publish a complete written list.
They would need to be liberal in listing contributors, because if a relationship were revealed later it would look bad, and possibly criminal. Ideally we would have a Caesar’s Wife approach, there they make sure to avoid even the appearance of impropriety.
Submitted by brad on Mon, 2006-04-17 23:18.
Watching 60 minutes last night on the fact that in China’s new generation, there are 120 boys for every 100 women, due to the one-child-policy and the abortion of girls by those who insist on a son, an obvious answer came to me.
Instead of a one-child policy, have a one-son policy. Ie. after you have your first boy, you must stop. (China actually forces sterilization or insertion of an IUD under surveillance, which I obviously don’t think is a great way to do things.)
A one-son policy, would obviously increase the population pressure, since strice one-child means 1 child for every woman (though in practice it is not perfect, so it’s a bit more than that,) while one-son probably results in about 1.7 children per woman.
But in theory, there would be far less aborting of girls. There might be a cap of 3 children, which would mean that after 2 girls, the parents might consider abortion of a third, but this would apply to a much smaller fraction of pregnancies than it does today. In addition, a number of couples would stop with all girls after 2 or many times even 1, both because they can’t afford more children, or state pressure still pushes them to stop. The policy would actually be that one should still have only one child, but that draconian measures would not be taken on those who have daughters who insist on trying for a son.
The key is simply to present the easiest path. Right now aborting a child based on sex is illegal, it’s illegal for a doctor to tell the parents the sex of a child, and that would probably remain true. They just have to make it so that those daring enough to break the law to identify and then abort a girl would take the slightly easier, if perhaps more bureaucratic, path of having another child.
And of course, as long as you’re not aborting based on sex, you will get an even sexual balance no matter what rules you place on when to stop.
They need to do something. Lots of evidence suggests that a giant surplus of men who will never find women will sharply increase the crime rate and cause other problems. (Though perhaps it will cause revolution which would probably not be all bad.) Already one new nasty crime of desperation has sprung up — kidnapping girls, sometimes just as babies, to be future brides. I had hoped that being so valuable would increase the women’s power, but this may have been a false hope.
A search reveals I am not the only one with this idea, but it has not yet gathered much of a foothold. Both approaches are draconian, of course, and have no place in a free society.
Submitted by brad on Sat, 2006-04-15 12:07.
I’ve been writing a bunch about transportation of late, and I got the chance to have lunch with Robin Chase, founder of Zipcar, and talk about the economics.
She proposes that we really need to make the true cost of our transportation visible to solve many of our problems (congestion, pollution, etc.) It’s often been described just how much of a subsidy the U.S. and in particular California gives to the car driver, but to most people it’s not too visible.
She’s particularly interested in changing the rules on parking. We subsidize parking a lot. Most people are aware of the use of roadsides for free or cheap parking on public land. Robin proposes getting rid of the requirements that force building developers to provide adequate parking for their building. Most people think these are a good idea, because otherwise developers would not provide parking, and the cars coming to the building would suck up all available parking in the area and there would quickly not be any. read more »
Submitted by brad on Thu, 2006-04-13 23:43.
I get a lot of party invites by Evite, and it’s very frustrating. I’ve missed some events because they refuse to improve their interface.
When I get event invites, I save them to a mail folder. Then I can browse the mail folder later to check dates. If I am not in front of my calendar (which alas is not available everywhere) I can go back and enter items I save.
When I am on the road, sometimes my connectivity is bursty. That means I download mail and read it offline. But this is useless with Evites, as they don’t tell you anything about the event except a usually vague title if you are offline. After that it’s easy to forget you needed to go back and re-read the thing while online. Almost all other invites I get put the party date into the subject line, as it should be.
I’ve complained to Evite several times about this. So have many other people. They say they “are taking it under advisement.” One friend pushed Evite (using the threat of spam complaint, which is not really valid here) to put in a block so she doesn’t get evites. Her friend get told to send her a direct invitation. I’ve concluded that since this change is pretty easy to do, Evite has decided deliberately to be user-unfriendly here, in order to get more people to click on the links to see the ads.
While Google gets a lot of ribbing over the “don’t be evil” mantra, the truth is it started out with a simple principle like this one. Don’t do things deliberately against user interest because it seems they might generate a bit more advertising revenue. Examples of this sort of “evil” include pop-up ads, animated ads and paying for search results, which are all things other sites did. I would have hoped more companies would have learned the lesson of that, and try to emulate the successful strategy of Google. No luck, at least with Evite.
Do don’t be Evite. If you use their product, stuff at least the date, and if necessary the place, into what they consider the short title of the party, even if you must shorted the title. Yes, you will then enter it again, but your guests will thank you.
Submitted by brad on Thu, 2006-04-13 18:27.
TONIGHT, April 20th, there will be a debate on the issue of per-message charges for E-mail, sparked by the recent debate over Goodmail and AOL.
The debate will feature former EFF Chair Esther Dyson, who has become a surprising supporter of pay-to-send E-mail, and EFF Activist Danny O’Brien, NTK author and coordinator of EFF’s involvement in the efforts against Goodmail. Esther is also publisher of Release 1.0, host of the PC Forum conference and former chair of ICANN.
Alas, I won’t be able to be there, as I am at a conference out of town, but those who followed the debate in my blog may wish to attend.
EFF will be fundraising, suggested donation $20 but donations are not mandatory.
You can get full details at the BayFF page
Submitted by brad on Thu, 2006-04-13 10:39.
Earlier, when proposing the term Schizophonic to describe people who wander the streets, waving their arms and apparently talking to themselves, I said the only difference between those folks and crazy homeless folks was the earbud.
I suggest we get manufacturers of phone headsets to donate the defective ones to the homeless. Then, they can wear and earbud and it will be much harder to tell the difference.
Submitted by brad on Mon, 2006-04-10 11:37.
These days a lot of conferences are being recorded and even live broadcast on the net. So they make a rule that people asking questions must wait for the microphone, causing long pauses that ruin the momentum of a debate or discussion.
I recommend conferences doing this get one of those small parabolic microphones if they can (mount it on the video camera if there is operator controlled video) or give it to an assistant. They can point it at the asker, and then they can talk until a better microphone arrives.
Another option (which might actually be good for coordinating questions) would be to tell question askers to phone a special number on their cell phone. When they are acknowledged to talk, they would press a key, and the sound mixer guy could unmute their channel. They could talk, at low fidelity until the wireless mic arrives. This could also be a way to line up for questions. The moderator could announce a the last few digits in the participant’s phone number (enough to be unique) and allow that phone into the sound
People with laptops could also use a voice app (perhaps even through the non-connected AP described in the prior blog post) if they had a microphone on their laptop!
Submitted by brad on Mon, 2006-04-10 10:47.
Most people use wireless access points to provide access to the internet, of course, but often there are situations where you can’t get access, or access fast enough to be meaningful. (ie. a dialup connection quickly gets overloaded with all but the lightest activity.)
I suggest that AP firmwares be equipped with local services that can be used even with no internet connection. In particular, collaboration tools such as a simple IRC server, and a web server with tiny wiki or web chat application. Of course, there are limitations on flash size, so it might be you would make a firmware for some APs which rips out the external connection stuff to make room for collaboration.
There are a variety of open source firmwares out there, particularly for the Linksys WRT54 line of APs, where these features could be added. There are a few APs that have USB ports where you can add USB or flash drives so that you have a serious amount of memory and could have lots of collaborative features.
Then, at conferences, these collaboration APs could be put up, whether or not there is a connection. Indeed, some conferences might decide to deliberately not have an outside connection but allow collaboration.
Submitted by brad on Fri, 2006-04-07 11:03.
There already are some drive-by-wire cars being sold, including a few (in Japan) that can parallel park themselves. And while I fear that anti-terrorist worries may stand in the way of self-driving and automatic cars, one early application, before we can get full self-driving, would be tele-operated cars, the the remote driver in an inexpensive place, like Mexico.
Now I don’t know if the world is ready, safety-wise for a remote chauffeur in a car driving down a public street, where it could hit another car or pedestrian, even if the video was very high-res and the latency quite low. But parking is another story. I think a remote driver could readily park a car in a valet lot kept clear of pedestrians. In fact, because you can drive very slowly to do this, one can even tolerate longer latencies, perhaps all the way to India. The remote operator might actually have a better view for parking, with small low-res cameras mounted right at the bumpers for a view the seated driver can’t have. They can also have automatic assists (already found in some cars) to warn about near approach to other cars.
The win of valet parking is large — I think at least half the space in a typical parking lot is taken up with lanes and inter-car spacing. In addition, a human-free garage can have some floors only 5’ high for the regular cars, or use those jacks around found in some valet garages that stack 2 cars on top of one another. So I’m talking possibly almost 4 times the density. You still need some lanes of course, except for cars you are certain won’t be needed on short notice (such as at airports, train stations etc.)
The wins of remote valet parking include the ability to space cars closely (no need to open the doors to get out) and eventually to have the 5’ high floors. In addition, remote operators can switch from vehicle to vehicle instantly — they don’t have to run to the car to get it. They can switch from garage to garage instantly, meaning their services would be 100% utilized.
Read on… read more »
Submitted by brad on Sun, 2006-04-02 22:47.
I’ve blogged several times before about my desire for universal DC power — ideally with smart power, but even standardized power supplies would be a start.
However, here’s a way to get partyway, cheap. PC power supplies are really cheap, fairly good, and very, very powerful. They put out lots of voltages. Most of the power is at +5v, +12v and now +3.3v. Some of the power is also available at -5v and -12v in many of them. The positive voltages above can be available as much as 30 to 40 amps! The -5 and -12 are typically lower power, 300 to 500ma, but sometimes more.
So what I want somebody to build is a cheap adapter kit (or a series of them) that plug into the standard molex of PC power supplies, and then split out into banks at various voltages, using the simple dual-pin found in Radio Shack’s universal power supplies with changeable tips. USB jacks at +5 volts, with power but no data, would also be available because that’s becoming the closest thing we have to a universal power plug.
There would be two forms of this kit. One form would be meant to be plugged into a running PC, and have a thick wire running out a hole or slot to a power console. This would allow powering devices that you don’t mind (or even desire) turning off when the PC is off. Network hubs, USB hubs, perhaps even phones and battery chargers etc. It would not have access to the +3.3v directly, as the hard drive molex connector normally just gives the +5 and 12 with plenty of power.
A second form of the kit would be intended to get its own power supply. It might have a box. These supplies are cheap, and anybody with an old PC has one lying around free, too. Ideally one with a variable speed fan since you’re not going to use even a fraction of the capacity of this supply and so won’t get it that hot. You might even be able to kill the fan to keep it quiet with low use. This kit would have a switch to turn the PS on, of course, as modern ones only go on under simple motherboard control.
Now with the full set of voltages, it should be noted you can also get +7v (from 5 to 12), 8.7v (call it 9) from 3.3 to 12, 1.7v (probably not that useful), and at lower currents, 10v (-5 to +5), 17v (too bad that’s low current as a lot of laptops like this), 24v, 8.3v, and 15.3v.
On top of that, you can use voltage regulators to produce the other popular voltages, in particular 6v from 7, and 9v from 12 and so on. Special tips would be sold to do this. This is a little bit wasteful but super-cheap and quite common.
Anyway, point is, you would get a single box and you could plug almost all your DC devices into it, and it would be cheap-cheap-cheap, because of the low price of PC supplies. About the only popular thing you can’t plug in are the 16v and 22v laptops which require 4 amps or so. 12v laptops of course would do fine. At the main popular voltages you would have more current than you could ever use, in fact fuses might be in order. Ideally you could have splitters, so if you have a small array of boxes close together you can get simple wiring.
Finally, somebody should just sell nice boxes with all this together, since the parts for PC power supplies are dirt cheap, the boxes would be easy to make, and replace almost all your power supplies. Get tips for common cell phone chargers (voltage regulators can do the job here as currents are so small) as well as battery chargers available with the kit. (These are already commonly available, in many cases from the USB jack which should be provided.) And throw in special plugs for external USB hard drives (which want 12v and 5v just like the internal drives.)
There is a downside. If the power supply fails, everything is off. You may want to keep the old supplies in storage. Some day I envision that devices just don’t come with power supplies, you are expected to have a box like this unless the power need is very odd. If you start drawing serious amperage the fan will need to go on and you might hear it, but it should be pretty quiet in the better power supplies.
Submitted by brad on Sun, 2006-04-02 11:17.
GPS receivers with bluetooth are growing in popularity, and it makes sense. I want my digital camera to have bluetooth as well so it can record where each picture is taken.
But as I was drivng from the airport last night, I realized that my cell phone has location awareness in it (for dialing 911 and location aware apps) and my laptop has bluetooth in it, and mapping software if connected to a GPS — so why couldn’t my cell phone be talking to my laptop to give it my location for the mapping software? Or ideed, why won’t it tell a digital camera that info as well?
Are people making cell phones that can be told to transmit their position to a local device that wants such data?
Update: My Sprint Mogul, whose GPS is enabled by the latest firmware update, is able to act as a bluetooth GPS using a free GPS2Blue program.
Submitted by brad on Fri, 2006-03-31 17:24.
April 1, 2006, San Francisco, CA: In a surprise move, Department of Justice (DoJ) attorneys filed a subpoena yesterday in federal court against the National Security Agency, requesting one million sample Google searches. They plan to use the searches as evidence in their defence of the constitutionality of the Child Online Protection Act.
The DoJ had previously requested a subpoena against Google, Inc. itself for the records, but Google mounted a serious defence, resulting in much more limited data flow. According to DoJ spokesperson Charles Miller, “Google was just putting up too much of a fight. The other sites and ISPs mostly caved in quickly and handed over web traffic and search records without a fuss, but Google made it expensive for us. We knew the NSA had all the records, so it seemed much simpler to just get them by going within the federal government.”
“Yahoo, of course, gave in rather easily. If they hadn’t, we could have just asked our friends in the Chinese government to demand the records. Yahoo does whatever they say.”
The White House revealed in December that the NSA has been performing warrentless searches on international phone, e-mail and internet traffic after the New York Times broke the story. Common speculation suggests they have been tapping other things, to data mine the vast sea of internet traffic, looking for patterns that might point to enemy activity.
“The NSA has the wires into all the hubs already, it’s just a lot faster for them to get this data.”
“We can neither confirm nor deny we have these search records,” said an un-named NSA spokesperson. “In fact, even asking if we have them makes you suspect.”
(Thanks to John Gilmore for the suggestion.)
Submitted by brad on Fri, 2006-03-31 02:25.
Next week (Mon-Tuesday) I will be speaking at David Isenberg’s “Freedom To Connect” conference, on an open net, in Silver Spring, Maryland (Washington DC.)
April 10 I will be at UCSB’s CITS conference (Santa Barbara, obviously) on growing network communities.
The next week April 19-21 sees the annual Asilomar Microcomputer Workshop, always a good time.
See you there.
Submitted by brad on Wed, 2006-03-29 13:16.
Today many services offer MRI scans for a fee. DNA testing services are getting better and better — soon they will be able to predict how likely it is you will get all sorts of diseases. Many worry that this will alter the landscape of insurance, either because insurance companies will demand testing, or demand you tell them what you learn from testing.
Many criticise the MRI scan services because they quite often show up something that’s harmless but which inspires a medical demand to check it out just to make sure. That check-out may be expensive or even be invasive surgery.
So people are suggesting, “don’t get tested because you don’t want to know.” However there is stuff you do want to know, and stuff that may be useful in the future.
I propose escrowed testing services that promise not to tell you, or anybody, certain things that they find. For example, they would classify genetic tendencies for diseases for which there is no preventative course, like Parkinsons or Alzheimer’s. Many would say they have no desire to know they might get Parkinson’s as they get older, since there is nothing they can do but worry.
The service might escrow the data themselves with the big added plus that they would regularly re-evalutate the decision about whether you might want to know something. Thus, if a preventative treatment comes along that is recommended for people with your genes, then they would recognize this and tell you the thing you formerly didn’t want to know. They would also track what new things can be tested, and tell you when a re-test might make sense as technology improves.
The information could also be escrowed with a trusted friend or relative. You might have a buddy or spouse who could get the full story, and then decide what you need to know. A tough role of course, perhaps too tough for a spouse, who would worry about your pending Parkinson’s almost as much as you. You can’t easily use relatives, because they share lots of your DNA, at least for DNA scans.
Of course, your doctor is an obvious person for this, but this goes against their current principles and training.
Of course there is a legal minefield here. One would need a means to provide pretty good immunities for the escrowers, while at the same time not allowing them to be totally careless. The honest belief that information was in the don’t-tell profile should be enough to provide immunity.
There is another risk here, of course, which is that strangers, even doctors, can’t be fully trusted with the final decisions on your health. You will be taking a risk that the 3rd parties won’t work quite as hard at solving problems or even paying attention to them as you would. In fact, you’re doing this because you would worry too much.
There’s another benefit to this. Many people, if told to expect something, will invent it. This is very common with things like drug side-effects. In order to avoid this, when I take a new drug, I don’t read the long PDR list of side-effects. Instead, I have Kathryn read them. Then I can wait until I truly sense something and ask if it’s a side effect, rather than expecting it. The same principle applies here, though that suggests you need somebody very close as your health escrow. Of course again your doctor would be the right choice here, so that when you went there to say “I’m feeling numbness in my fingers” she could say, “Ah, well now it’s time to tell you about this thing we found in your gene scan.” Possibly a system that lets the doctor search, but not read, the gene scan, could help.
Submitted by brad on Tue, 2006-03-28 21:18.
Jeff Pulver is a giant fan of the SlingBox, a small box you hook up to your TV devices and ethernet, so you can access your home TV from anywhere. It includes a hardware encoder, infrared controllers to control your cable box, Tivo or DVD player, and software for Windows to watch the stream. The creators decided to build it when they found they couldn’t watch their San Francisco Giants games while on business trips.
And I get that part. For those who spend a great deal of time on the road, the hotel TV systems are pretty sucky. They only have a few channels (and rarely Comedy Central, which has the only show I both watch on a daily basis and which needs to be watched sooner rather than later) as well as overpriced movies. But at the same time you have to be spending a lot of time on the road to want this. My travel itineraries are intense enough that watching TV is the last thing I want to do on them.
But at the same time it’s hard not to be reminded of the kludge this is, especially hooked to a Tivo. And if you have a Tivo or simliar device, you know it’s the only way you will watch TV, live TV is just too frustrating. I don’t have Tivo any more, I have MythTV. MythTV is open, which is to say it stores the recorded shows on disk in files like any other files. If I wanted to watch them somewhere else, I could just copy or stream them easily from the MythTV box, and that would be a far better experience than decoding them to video, re-encoding them with the SlingBox and sending them out. Because of bandwith limits, you can’t easily do this unless you were to insert a real-time transcoder to cut the bandwidth down, ideally one that adapts to bandwidth as the Slingbox does. And I don’t think anybody has written one of these, because I suspect the MythTV developers are not that too-much-time-on-the-road SlingBox customer.
(Admittedly the hardware transcode would be useful, but a 3GHZ class machine should be capable of doing it in software, and really, this should just be software.) For watching live TV, if you cared, you probably could do that in Myth TV. If you cared.
So the SlingBox… read more »
Submitted by brad on Fri, 2006-03-24 15:00.
As I’ve written before, Google’s Adsense program is for many people bringing about the dream of having a profitable web publication. I have a link on the right of the blog for those who want to try it. I’ve been particularly impressed with the CPMs this blog earns, which can be as much as $15. The blog has about 1000 pageviews/day (I don’t post every day) and doesn’t make enough to be a big difference, but a not impossible 20-fold increase could provide a living wage for blogging. Yahoo publisher’s blog ads, which some of you are seeing in the RSS feed have been a miserable failure, and will be removed next software upgrade. They are poorly targetted and have earned me, literally, not even a dollar.
Recently however I noticed a way in which the Google targetting engine is too good, from my standpoint. From time to time my web sites or blog will get linked from a very high traffic site. This week the 4th amendment shipping tape was a popular stumble-upon, for example. I’ve also been featured from time to time in Slashdot, boingboing and various other popular sites.
When this happens, it’s not a money maker because the click-throughs and CPMs drop way down. This is not too surprising. The people following a quick link are less likely to be looking for the products Google picks to advertise. However, more recently I saw high traffic bringing down not just the CPM, but even the total dollars! I theorize that Google, seeing poor clickthrough, cycles out the normally lucrative ads to try others. So even the normal visitors, who have not gone away, are seeing more poorly chosen ads. Or it could just be randomness that I’m seeing a pattern in.
Solution: Consider the referer when placing ads. If the clickthrough is poor on a given referer (like slashdot or boingboing) then play with the ads to hunt for better clickthrough. For the more regular referers (which are typically internal, the result of searches and regular readers) stick to the ads that typically perform well with that group.
Submitted by brad on Thu, 2006-03-23 19:02.
I’ve done a few threads on eBay feedback, today I want to discuss ways to fix the eBay shipping scam. In this scam, a significant proporation of eBay sellers are listing items low, sometimes below cost, and charging shipping fees far above cost. It’s not uncommon to see an item with a $1 cost and $30 in shipping rather than fairer numbers. The most eBay has done about it is allow the display of the shipping fees when you do a search, so you can spot these listings.
I am amazed eBay doesn’t do more, as one of the main reasons for sellers to do this is to save on eBay fees. However, it has negative consequences for the buyer, aside from making it harder to compare auctions. First of all, if you have a problem, the seller can refund your “price” (the $1) but not the shipping, which is no refund at all. Presumably ditto with paypal refunds. Secondly, the law requires that if you are charged more than actual shipping (ie. handling) there is tax on the total S&H. That means buyers pay pointles taxes on shipping.
Again, since eBay would make more fees if they fixed this I don’t know why they have taken so long. I suggest:
- Let buyers sort by shipping fees. Pretty soon you get a sense of what real shipping on your item should be. A sort will reveal who is charging the real amount and who isn’t. Those who don’t provide fees get listed last — which is good as far as I am concerned.
- Let buyers see a total price, especially on Buy-it-now, shipping + cost, and sort on that or search on that. Again, those who don’t provide a sipping price come last.
- Highlight auctions wthat use actual shipping price, or have a handling fee below a reasonable threshold. This will be unfair on certain high-handling items.
- Of course, charge eBay fees on the total, including handling and shipping. Doesn’t help the buyer any but at least removes the incentive.
Now let’s talk about the reputation dynamics of the transaction. The norm is buyer sends liquid money sight unseen to the seller, and the seller sends merchandise. Why should it necessarily be one way or the other? In business, high reputation buyers just send a purchase order, get the item and an invoice, and pay later.
I think it would be good on eBay to develop a norm that if the buyer has a better reputation thant he seller, the seller ships first, the buyer pays last.
If the seller’s rep is better, or it’s even, stick with the current system.
Sellers could always offer this sort of payment, even when the seller is high-rep, to high-rep buyers as an incentive.
There should also be special rules for zero-rep or low-rep sellers. By this I don’t mean negative reputation, just having few transactions. Who is going to buy from a zero-rep seller? The tradition has been to build up a buyer rep, and then you can sell, which is better than nothing but not perfect.
When the seller has a very low rep, the seller should just automatically assume it’s going to be send-merchandise-first, get money later except with very low rep buyers. Low rep sellers should be strongly encouraged to offer escrow, at their expense. It would be worth it. Often I’ve seen auctions where the difference in price is quite large, 20% or more, for sellers of reputations under 5. eBay should just make a strong warning to the low-rep sellers that they should consider this, and even offer it as a service.
Update: I’ve run into a highly useful Firefox extension called ShortShip. This modifies eBay search pages to include columns with total price. Their “pro” version has other useful features. You can sort by it, but it only is able to sort what was on that particular page (ie. the auctions close to ending, typically) so the price sort can be mistaken, with a cheaper buy-it-now not shown. eBay is so slow in adding software features that extensions like this are the way to go.
Submitted by brad on Wed, 2006-03-22 21:46.
For some time in my talks on CALEA and VoIP I’ve pointed out that because the U.S. government is mandating a wiretap backdoor into all telephony equipment, the vendors putting in these backdoors to sell to the U.S. market, and then selling the same backdoors all over the world. Even if you trust the USGov not to run around randomly wiretapping people without warrants, since that would never happen, there are a lot of governments and phone companies in other countries who can’t be trusted but whom we’re enabling. All to catch the 3 stupid criminals who use VoIP and don’t use an encrypted system like Skype.
Recently this story about a wiretap on the Greek PM’s phone was forwarded to me by John Gilmore. Ericsson says that they installed wiretap backdoors to allow legal wiretaps, and this system was abused because Vodaphone didn’t protect it very well — a claim they deny. As a result there was tapping of the phone of the prime minister for months, as well as foreign dignitaries and a U.S. Embassy phone. Well, there’s irony.
We’re hearing about this because there is accountability in Greece. But I have to assume it’s going to happen a lot in countries where we will never hear about it. If you build the apparatus of the surveillance society, even with the best of intentions, it will get used that way, either here, or in less savoury places.
It would be nice if U.S. companies would at least refuse to sell the wiretap functions, or charge a fortune for them, to countries without legal requirements for them like the USA. Of course, soon that won’t be very many, thanks to the US lead, and the companies will have to include the backdoors to do business in all those nations. Will U.S. companies have the guts to say, “Sorry China, Saudi Arabia, et al. — no wiretap backdoors in our product, law or not. Add it yourself if you can figure it out.”
Submitted by brad on Wed, 2006-03-22 14:16.
New York, March 22, 2006 (CW) Bell South and AT&T, two of the remaining Baby Bell or “iLec” companies announced today, in conjunction with GoodPackets Inc., a program to charge senders for certified delivery of internet packets to their ISP customers.
William Smith, CTO of Bell South, together with AT&T CEO Ed Whitacre, who will be his new boss once the proposed merger is completed, made a joint announcement of the program together with Dick Greengrass, CEO of GoodPackets.
Under the program, customers of GoodPackets interested in better delivery of their packets to AT&T and BellSouth DSL customers will pay GoodPackets a fee to get their packets certified. Certified packets will bypass blocks and filters in the routers of the ISPs for premium delivery to customers, and be tagged as certified to the end-user.
“We’re just seeing too many bad packets these days, and we have to block some of them. But serious, professional sites on the internet don’t want their packets blocked, and are willing to pay to assure they aren’t,” said Whitacre. According to Greengrass, a portion of the money paid to GoodPackets will be given to the ISP in question.”
According to Smith, “his firm should be able, for example, to charge Yahoo Inc. for the opportunity to have its search site load faster than that of Google Inc.”
“A lot of these extra packets filling our pipes are of dubious origin, in any event. A large portion of internet traffic comes from peer to peer filesharing systems which are often infringing copyright, or from companies like Skype bypassing the telcom tarrifs we all have to pay. Charging money will let the legitimate companies out there distinguish their traffic from all this unknown traffic, and assure delivery,” said Whitacre.
Traffic originating from BellSouth and AT&T servers would not need to pay for the premium access. “It’s our network, after all, and our video servers don’t go through the routers to the outside world to get to our users,” said Smith.
Greengrass insisted the fees were not for delivery, but for certification that the packets come from a known and trusted source. Users and ISPs can then decide if they want to give them more reliable delivery and acceptance. That the charges are per packet is simply a way to differentiate the market, and not overcharge low-volume senders.
For those who don’t get it, this is a satire comparing the AOL/Yahoo/Goodmail program to the network neutrality debate.
Submitted by brad on Wed, 2006-03-22 11:27.
Very technical post here. Among the children of Unix (Linux/BSDs/MacOS) there is a convention that for a program to open a TCP or UDP port from 0 to 1023, it must have superuser permission. The idea is that these ports are privileged, and you don’t want just any random program taking control of such a port and pretending to be (or blocking out) a system service like Email or DNS or the web.
This makes sense, but the result is that all programs that provide such services have to start their lives as the all-powerful superuser, which is a security threat of its own. Many programs get superuser powers just so they can open their network port and, and then discard the powers. This is not good security design.
While capability-based-security (where the dispatcher that runs programs gives them capability handles for all the activities they need to do) would be much better, that’s not an option here yet.
I propose a simple ability to “chown” ports (ie. give ownership and control like a file) to specific Unix users or groups. For example, if there is a “named” user that manages the DNS name daemon, give ownership of the DNS port (53) to that user. Then a program running as that user could open that port, and nobody else except root (superuser) could do so. You could also open some ports to any user, if you wanted. read more »