Apparently freeconference.com is now sending notes to its customers (one of whom forwarded an example to me) because Sprint, Cingular, Qwest and some others finally got around to blocking calls to their numbers. They pitch it as the big companies trying to block their free service so the giants can sell expensive services, and are trying to whip up support by suggesting this is akin to a network neutrality violation.

In fact, it's an example of the big guys actually doing something right, and fixing a loophole caused by bizarre legacy telco regulation. The number you called for freeconference, and many other services, were served by telcos in rural areas such as Iowa. The phone regulations are set up so that when you make a long distance call on the PSTN, the long distance company pays the remote local phone company to complete the call. Usually that fee is about half a cent per minute in cities, and even free for cell phones. (Frankly, it should always be zero, and this should be paid for as part of my local phone fee, but that's another story.) In Iowa, however, in order to, in theory, help pay the costs of being a phone company that has to send the call out to a lonely Iowa farmhouse, the rural telcos get to charge as much as 6 cents or more per minute to complete the call.

It's nice to have a headset on your desk telephone, for handsfree conversations. A number of phones have a headset jack, either of the submini plug used by cell phones, or using a phone handset jack. Many companies buy headset units that plug into the handset line to provide a headset, some of them are even wireless.

But bluetooth headsets today are cheap, standardized and have a competitive market. And they are of course wireless. Many people already have them for their cell phone. I have seen a very small number of desk phones support having a bluetooth headset, and that shouldn't be al that expensive, but it's rare and only on high-end phones.

Here's the idea: Put bluetooth headset support into the PBX. Bluetooth headsets can't dial, they can effectively only go on-hook and off-hook with a single button. You would associate (in the PBX) your bluetooth headset with your desk phone. A bluetooth master would be not too far from your desk, and tied into the PBX, or into a PC that talks to the PBX. When your BT headset was in range of this master, it would be tied to ith with Bluetooth. (You would have to do an actual bluetooth pairing in advance. In addition, many people have bluetooth headsets normally linked to their cell phone, and call attempts from the headset go to the cell phone. The system would have to switch that over to the PBX.)

When I watch the boundless energy of young children, and their parents' frustration over it, I wonder how high-tech will alter how children are raised in the next few decades. Of course already TV, and now computers play a large role, and it seems very few toys don't talk or move on their own.

But I've also realized that children, both from a sense of play and due to youthful simplicity, will tolerate some technologies far before adults will. For example, making an AI to pass the Turing Test for children may be much, much simpler than making one that can fool an adult. As such, we may start to see simple AIs meant for interacting with, occupying the minds of and educating children long before we find them usable as adults.

Another technology that young children might well tolerate sooner is virtual reality. We might hate the cartoonish graphics and un-natural interfaces of today's VRs but children don't know the interfaces aren't natural -- they will learn any interface -- and they love cartoon worlds.

I've ranted before about just how hard it has become to configure and administer computers. And there are services where you can hire sysadmins to help you, primarily aimed at novice users.

But we advanced users often need help today, too. Mostly when we run into problems we go to message boards, or do web searches and find advice on what to do. And once we get good on a package we can generally fix problems with it in no time.

Lots of people love model airplanes, and I bet they would love to simulate dogfights. They can't fire actual projectiles, as that would be dangerous, expensive, unworkable due to the weight and actually damage planes.

I wrote earlier about the bluetooth vibrator watch. I pushed this in part to promote the idea that phones should (almost) never ring. That ringing is rude to others and violates your own privacy, too.

I have written several times before about Peerflix -- Now that I've started applying some tags as well as categories to my items you can now see all the Peerflix stories using that link -- and the issues behind doing a P2P media trading/loaning system. Unlike my own ideas in this area, Peerflix took a selling approach. You sold and bought DVDs, initially for their own internal currency. It was 3 "Peerbux" for new releases, 2 for older ones, and 1 for bargain bin disks.

That system, however, was failing. You would often be stuck for months or more with an unpopular disk. Getting box sets was difficult. So in December they moved to pricing videos in real dollars. I found that interesting because it makes them, in a way, much closer to a specialty eBay. There are still a lot of differences from eBay -- only unboxed disks are traded, they provide insurance for broken disks and most importantly, they set the price on disks.

One can trade DVDs on eBay fairy efficiently but it requires a lot of brain effort because you must put time into figuring good bid and ask prices for items of inconsequential price. Peerflix agreed that this is probably a poor idea, so they decided to set the prices. I don't know how they set their initial prices, but it may have been by looking at eBay data or similar information.

Hey photo editing programs -- I'm looking at you, Photoshop -- a lot of you allow people to place text into graphic images, usually as a text layer. Most graphics with text on the web are made this way. Then we export the image as a jpeg or png/gif, flatting the layers so our artful text is displayed. This is how all the buttons with words are made, as well as the title banner graphics on most web sites.

From the shameless narcissism department: I was surprised to see myself and the EFF picked by PC World today at #12 on their 50 most important people on the web list. I'm really there as a proxy for the EFF, I suspect, but it's great to see our work recognized. I'm pleased to say the EFF is going like gangbusters right now with so many cases under our wing, and many thousands of new members in the last year, thanks in part to the AT&T lawsuit and others.

Most of us, when we travel, put appointments we will have while on the road into our calendars. And we usually enter them in local time. ie. if I have a 1pm appointment in New York, I set it for 1pm not 10am in my Pacific home time zone. While some calendar programs let you specify the time zone for an event, most people don't, and many people also don't change the time zone when they cross a border, at least not right away.

I have written before how future technology affects our privacy decisions today. DNA collection is definitely one of these areas. As you may know, law enforcement in the USA is now collecting DNA from people convicted of crimes, and even those arrested in a number of jurisdictions -- with no ability to expunge the data if not found guilty. You may feel this doesn't affect you, as you have not been arrested.

As DNA technology grows, bioinformatics software is becoming able to determine that a sample of DNA is a "near match" for somebody in a database. For example, they might determine that a person in the database is not the source of the DNA being studied, but is a relative of that person.

In a recent case, a DNA search turned up not the perpetrator, but his brother. They investigated the male relatives of the brother and found and convicted the man in question.

I was discussing his Zphone encrypting telephone system with Phil Zimmermann today. In his system, phone calls are encrypted with opportunistic, certificateless cryptography, which I applaud because it allows zero user interface and not centralization. It is vulnerable to "man in the middle" attacks if the MITM can be present in all communications.

His defence against MITM is to allow the users of the system to do a spoken authentication protocol at any time in their series of conversations. While it's good to do it on the first call, his system works even when done later. In their conversation, they can, using spoken voice, read off a signature of the crypto secrets that are securing their conversation. The signatures must match -- if they don't, a man-in-the-middle is possibly interfering.

I brought up an attack he had thought of and called the Rich Little attack, involving impersonation with a combination of a good voice impersonation actor and hypothetical computerized speech modification that turns a good impersonator into a near perfect one. Phil believes that trying to substitute voice in a challenge that can come at any time, in any form, in any conversation is woefully impractical.

A small amount of thought made me produce this attack: Two impersonators. Early on in a series of conversations, the spy agency trying to break in brings in two impersonators who have listened to Alice and Bob respectively (we are hearing their calls) and learned their mannerisms. A digital audio processor helps convert the tones of their voice. That's even easier on an 8khz channel.

As you may know, if you buy a cell phone today, you have to sign up for a 1 or 2 year contract, and you get a serious discount on the phone, often as much as $200. The stores that sell the phones get paid this subsidy when they sell to you, if you buy from a carrier you just get a discount. The subsidy phones are locked so you can't go and take them to another carrier, though typically you can get them unlocked for a modest fee either by the carrier or unlock shops.

I've been seeing a lot of press lately worrying that the internet won't be able to handle the coming video revolution, that as more and more people try to get their TV via the internet, it will soon reach a traffic volume we don't have capacity to handle. (Some of this came from a Google TV exec's European talk, though Google has backtracked a bit on that.)

In light of my recent threads on CitizenRe I built a spreadsheet to do solar energy economic calculations. If you click on that, you can download the spreadsheet to try for yourself. If you don't have a spreadsheet program (I recommend the free Gnumeric or Open Office) it's also up as a Google Solar Spreadsheet but you may need a Google account to plug in your own numbers.

Many cities (and airports) have official taxi monopolies. They limit the number of cabs in the city, and regulate them, typically by issuing "medallions" to cabs or drivers or licences to companies. The most famous systems are in London and New York, but they are in many other places. In New York, the medallions were created earlier in the century, and have stayed fixed in number for decades after declining from their post-creation peak. The medallion is a goldmine for its "owner." Because NY medallions can be bought and sold, recently they have changed hands at auction for around $300,000. That 300K medallion allows a cab to be painted yellow, and to pick up people hailing cabs in the street. It's illegal for ordinary cars to do this. Medallion owners lease the combination of cab and medallion for $60 to $80 for a 7-9 hour shift, I believe.

Here in San Francisco, the medallions are not transferable, and in theory are only issued (after a wait of a decade or more) to working cab drivers, who must put in about 160 4-hour shifts per year. After that, they can and do rent out their medallion to other drivers, for a more modest rental income of about $2,000 per month.

On the surface, this seems ridiculous. Why do we even need a government monopoly on taxis, and why should this monopoly just be a state-granted goldmine for those who get their hands on it? This is a complex issue, and if you search for essays on taxi medallions and monopoly systems you will find various arguments pro and con. What I want to get into here is whether some of those arguments might be ripe for change, in our new high-tech world of computer networks, GPSs and cell phones.

In most cities, there are more competitive markets for "car services" which you call for an appointment. They are not allowed to pick up hailing passengers, though a study in Manhattan found that they do -- 2 of every 5 cars responding to a hail were licenced car services doing so unlawfully.

Recently I opened up a surprising can of worms with a blog post about CitizenRe wondering if they had finally solved the problem of making solar power compete with the electrical grid. At that post you will see a substantial comment thread, including contributions by executives of the firm, which I welcome. At first, I had known little about CitizenRe and the reputation it was building. I thought i should summarize some of the issues I have been considering and other elements I have learned.

CitizenRe's offer is very appealing. They claim they will build a plant that can make vastly cheaper solar. Once they do, they will install it on your roof and "rent" it to you. You buy all the power it produces from them at a rate that beats your current grid power cost. Your risks are few -- you put down a deposit of $500 to $1500 depending on system size, you must cover any damage to the panels, and they offer removal and replacement for a very modest fee if you need to reroof or even move. You lock in your rate, which is good if grid rates go up and bad if grid rates go down or other solar becomes cheaper, but on the whole it's a balanced offer.

In fact, it seems too good to be true. It's way, way cheaper than any offering available today. Because it sounds so good, many people are saying "show me." I want to see just how they are going to pull that off. Many in the existing solar industry are saying that much louder. They are worried that if CitizenRe fails to deliver, all their customers will have been diverted to a pipedream while they suffer financial ruin. Of course, they are also worried that if CitizenRe does deliver, they will be competed out of business, so they do have a conflict of interest.

Here are some of the things to make me skeptical.

If you're like me, you select special unique passwords for the sites that count, such as banks, and you use a fairly simple password for things like accounts on blogs and message boards where you're not particularly scared if somebody learns the password. (You had better not be scared, since most of these sites store your password in the clear so they can mail it to you, which means they learn your standard account/password and could pretend to be you on all the sites you duplicate the password on.) There are tools that will generate a different password for every site you visit, and of course most browsers will remember a complete suite of passwords for you, but neither of these work well when roaming to an internet cafe or friend's house.

However, every so often you'll get a site that demands you use a "strong" password, requiring it to be a certain length, to have digits or punctuation, spaces and mixed case, or subsets of rules like these. This of course screws you up if the site is an unimportant site and you want to use your easy to remember password, you must generate a variant of it that meets their rules and remember it. These are usually sites where you can't imagine why you want to create an account in the first place, such as stores you will shop at once, or blogs you will comment on once and so on.

Strong passwords make a lot of sense in certain situations, but it seems some people don't understand why. You need a strong password in case it is possible or desireable for an attacker to do a "dictionary" attack on your account. This means they have to try thousands, or even millions of passwords until they hit the one that works. If you use a dictionary word, they can try the most common words in the dictionary and learn your password.

A well known curse of many representative democracies is gerrymandering. People in power draw the districts to assure they will stay in power. There are some particularly ridiculous cases in the USA.

I was recently pointed to a paper on a simple, linear system which tries to divide up a state into districts using the shortest straight line that properly divides the population. I have been doing some thinking of my own in this area so I thought I would share it. The short-line algorithm has the important attribute that it's fixed and fairly deterministic. It chooses one solution, regardless of politics. It can't be gamed. That is good, but it has flaws. Its district boundaries pay no attention to any geopolitical features except state borders. Lakes, rivers, mountains, highways, cities are all irrelevant to it. That's not a bad feature in my book, though it does mean, as they recognize, that sometimes people may have a slightly unusual trek to their polling station.

Virtualizer technology, that lets you create a virtual machine in which to run another "guest" operating system on top of your own, seems to have arrived. It's common for servers (for security) and for testing, as well as things like running Windows on linux or a Mac. There are several good free ones. One, kvm, is built into the lastest Linux kernel (2.6.20). Microsoft offers their own.