Very technical post here. Among the children of Unix (Linux/BSDs/MacOS) there is a convention that for a program to open a TCP or UDP port from 0 to 1023, it must have superuser permission. The idea is that these ports are privileged, and you don't want just any random program taking control of such a port and pretending to be (or blocking out) a system service like Email or DNS or the web.

This makes sense, but the result is that all programs that provide such services have to start their lives as the all-powerful superuser, which is a security threat of its own. Many programs get superuser powers just so they can open their network port and, and then discard the powers. This is not good security design.

While capability-based-security (where the dispatcher that runs programs gives them capability handles for all the activities they need to do) would be much better, that's not an option here yet.

I propose a simple ability to "chown" ports (ie. give ownership and control like a file) to specific Unix users or groups. For example, if there is a "named" user that manages the DNS name daemon, give ownership of the DNS port (53) to that user. Then a program running as that user could open that port, and nobody else except root (superuser) could do so. You could also open some ports to any user, if you wanted.

The phone companies failed at the fiber to the curb promise in most of the USA and many other places. (I have had fiber to the curb at my house since 1992 but all it provides is Comcast cable.)

You may be familiar with Stegonography, the technique for hiding messages in other messages so that not only can the black-hat not read the message, they aren't even aware it's there at all. It's arguably the most secure way to send secret data over an open channel. A classic form of "stego" involves encrypting a message and then hiding it in the low order "noise" bits of a digital photograph. An observer can't tell the noise from real noise. Only somebody with the key can extract the actual message.

I wrote an essay here a year ago on the internet cost contract and how it was the real invention (not packet switching) that made the internet. The internet cost contract is "I pay for my end, you pay for yours, and we don't sweat the packets." It is this approach, not any particular technology, that fostered the great things that came from the internet. (Though always-on also played a big role.)

A buzzword in the cable/ilec world is IPTV, a plan to deliver TV over IP. Microsoft and several other companies have built IPTV offerings, to give phone and cable companies what they like to call a "triple play" (voice, video and data) and be the one-stop communications company.

In most browsers, the default style presents text adjecent to all sides of the browser window, with no margin. This is a throwback to early days of screen design, when screen real estate was considered so valuable that deliberately wasting it with whitespace was sacrilige.

Of course, in centuries of design on paper, nobody ever put text right up to the margins. Everybody knows it's ugly and not what the eye wants. Thus, when you see a web page using the default style, which I end up with myself out of laziness, people have a reaction to it as ugly.

George Carlin once proposed a system where people would shoot suction cup darts at cars when they did something annoying, like cutting you off, and if you got too many darts the cops would pull you over. Another friend recently proposed a lot of interest in building some sort of reputation system for cars using computers.

Though Carlin's was a satire, it actually has merits that it would be hard to match in a computerized system. Sure, we could build a system where if somebody was rude on the road, you could snap a quick photo of their licence plate, or say it into a microphone or cell phone for insertion into a reputation database. But people could also just do this to annoy you. There's no efficient way to prove you actually were there for the rude event. The photos could do that but it's too much work to verify them. The darts actually do it, since you could not just stick them on my car when I'm stopped, or I would pull them off before driving.

One problem I want to solve with such a system is the selfish merge. We've all seen it -- lanes are merging, and the cooperating drivers try to merge early. Then the selfish drivers zoom ahead in the vanishing lane until they get to its end. And always, somebody lets them in. Selfishly zooming up does get you through the jam faster, but at the same time these late mergers are a major contributor to the very jam they are bypassing.

We'll never stop people from letting in the drivers, and indeed, from time to time innocent drivers get into the free lane because they are not clear on the situation or missed the merge.

...More...

When I was in high school, I did a project on PRT -- Personal Rapid Transit. It was the "next big thing" in transit and of course, 30 years later it's still not here, in spite of efforts by various companies like Taxi 2000 to bring it about.

With PRT, you have small, lightweight cars that run on a network of tracks or monorail, typically elevated. "Stations" are all spurs off the line, so all trips are non-stop. You go to a station, often right in your building, and a private mini-car is waiting. You give it your destination and it zooms into the computer regulated network to take you there non-stop.

The wins from this are tremendous. Because the cars are small and light, the track is vastly cheaper to build, and can often be placed with just thin poles holding it above the street. It can go through buildings, or of course go underground or at-grade. (In theory it seems to me smart at-grade (ground-level) crossings would be possible though most people don't plan for this at present.)

The other big win is the speed. Almost no waiting for a car except at peak times, and the nonstop trips would be much faster than other transit or private cars on the congested, traffic-signal regulated roads.

Update: I have since concluded that self-driving vehicles are getting closer, and because they require no new track infrastructure and instead use regular roads, they will happen instead of PRT.

Yet there's no serious push for such systems...

Read on.

I'll admit that female endocrinology is not something I know a great deal about, but I do know that most of the birth control pills today follow a general strategy of fooling the body into thinking it is pregnant. This stops ovulation and implantation.

Looking at printed wedding gift ribbon some time ago, Kathryn thought it would be amusing to put the 4th amendment on the ribbon, and tie it around our suitcases.

That turned out to be hard to make, but I did make a design for shipping tape which you can see below. The printed shipping tape has the text slant so that as the pattern repeats, the 4th amendment appears as a long continuous string, as well as a block.

Password security on the web is a troublesome issue. We have hundreds of web accounts, some of them with access to all our money, and it must be secure, not just from phishers and people snooping the web line, but from viruses and keyloggers that can take over our own computers or roaming computers we want to use to access password protected web sites.

The only way to be secure if you can't trust the very computer you're logging in from is to have a security dongle which contains the real secrets and does the logon negotiation, plus confirmation of any big actions like large cash transfers. People have carried login dongles for years, typically which have a screen with a constantly changing number (securid) or which can do challenge/response.

Most of the world is moving now to having a smart phone, in particular one with a standardized data protocol such as bluetooth. I propose a protocol so that web sites can, given a limited channel to the phone, do a login dialog with the phone. The computer would just be a conduit for the data, it would not matter if it were compromised, as the passwords would not be sent in the clear.

More thoughts...

The sound of digital pianos continues to improve, and expensive ones also have a good feel, often by building individually weighted keys that go beyond simulating a key on a real piano.

What might be done with more modern technologies, such as super-fast servos, and fluids whose viscoscity can be varied based on the strength of electric or magnetic fields applied to them. (Some of these fluids are being applied to the development of dynamicly responding shock absorbers.)

There is buzz about how Jason Kottke, of kottke.org, has abandoned his experiment of micropayment donations to support his full-time blogging. He pulled in $40,000 in the year, almost all of it during his 3 week pledge drive, but that's hardly enough. Now I think he should try adsense, but I doubt he hasn't heard that suggestion before.

However, PBS/NPR are able to get a large part of their budgets through pledge drives, so it's possible to make this happen. I think we should be able to do it better on the web.

Each year since 1992 the EFF has given out the EFF Pioneer Awards to a wide array of online pioneers. Check out the lists on the web site.

We're seeking new nominees for this year's awards, to be given at CFP 06. We need them by Feb 28. Check out the web page, and e-mail us the nominee's name and contact info with a description of their contribution. Organizations and Systems can be nominated, as well as individuals.

Who do you think has helped make the cyberworld what it is? Get them recognized.

Found a thread on avsforum where NBC's engineers are participating. Turns out it would be very simple for them to include a second audio stream without the commentary. In addition, this has apparently been done by some European broadcasters.

I'll be moving soon to the Canon 5D camera from my 20D. It's better in just about every way, but like many "pro" cameras it does not have a built in flash.

It's not that there isn't a reason for this. Built in flashes usually suck, and nobody would use them for any sort of serious photography, except for fill. So if you're going out on a shoot, you would of course carry along some quality flashes and the built-in would be a waste of space.

Ok, like a lot of people I find it fascinating to browse Zillow and see the estimated values of my neighbour's houses, and yes, I admit it, my friends. Another example of the little shock you get when data that was always technically public becomes truly public thanks to some new internet application.

We've been working on an inherited house in the Irving Street/23rd avenue neighbourhood of the Outer Sunset of San Francisco. This is one of SF's "new chinatowns" -- the original one on Grant St. long ago given over to the tourists. Irving is where the real asians go to shop and eat. I've been impressed at the incredible quality to price ratio of the food here, I think it's the best locus of value in the city.

I'm not in the business of helping countries be repressive, but I started thinking what I would do if I were the Chinese internet censor. I don't think I'm giving them any secrets, but these thoughts may affect our own plans on how to fight such censors.

The most important realization was that I wouldn't want to make my great firewall really strong. That it was not only easier, but possibly better, to make it possible to bypass it with a moderate amount of determination. Not trivial, as in "hold down the shift key" but not requiring cypherpunk level skills.

The reason is that if I allow such holes, I can watch who uses them, and watching them is more valuable to the secret police than plugging them. And if the holes don't require fancy data encryption and hiding techniques, most people seeking to bypass the firewall will do so unencrypted, making it far easier to watch what is done. But even if people encrypt, they do reveal who they are. So long as there are not immense numbers, that's enough to give me a good dissident watchlist.

My goal as censor would be to tune the filtering so that the true dissidents can all bypass it, but make it hard enough that I don't get so many people on my watchlist that I can't handle the size of it. The censors know they can't keep information from the truly determined, even in the most repressive regimes. They just need to keep it from the masses. (Even the masses will hear rumours in any society, but they will always just be rumours.)

This explains why many of the proxies people have put up to let people bypass the firewall remain themselves unblocked. This also can be explained by inefficiency of maintaining the block-list, but this time I am prepared to attribute something to malice rather than incompetence. Especially if the proxies are unencrypted I would not want to block them -- unless they go so popular that I could no longer track the users.

This is one of the problems with the Google China decision. In the past, use of the firewall-blocked google.com was not suspicious, though typing certain phrases into it may have been. Now, with censored google.cn, use of google.com suggests you are trying to get past the censorship at least. A big win for surveillance. Google is, wisely, not keeping logs in China, but that doesn't stop the international gateways from keeping the logs.

(Read on for some anti-censor techniques.)

I haven't been to a laundromat in ages, but we're fixing up a house that has no washer/dryer yet and has a laundromat 200' away. Long ago, when I lived in an appartment tower, I would go to the basement laundry room, and leave my clothes there. Worst case was they ran out of machines and somebody tossed them in a basket. And even though the odds of somebody stealing your clothes are low, most people are not as willing to leave their stuff unattended in a city street laundromat.

So how about combining the machines with a timed airport style locker system. You would insert the coins and pull out a key which you could use to open the washer or dryer. The lock would auto-reset about 10 minutes after the cycle ends, so in addition, you could put in more coins, which would act as insurance. If you didn't get to the machine in time, these coins would be taken, and give you more time on the lock. If you did get to the machine shortly after the cycle ended, you could get back your extra coins in the coin return...