We should all be disturbed by the story of a man who was questioned and missed his flight because he spoke on his cell phone in Tamil. Some paranoid thought it was suspicious, reported it, and so the guy gets pulled and misses his flight.

This is not the first time. People have been treated as suspicious for speaking in all sorts of languages, including Arabic, Hebrew, Urdo or just being Arabs or Sikhs. Sometimes it's been a lot worse than just missing your flight.

More cars are being made "drive-by-wire" where the controls are electronic, and even in cars with mechanical steering, throttle and brake linkages, there also exist motorized controls for power steering and cruise control. (It's less common on the brakes.)

As this becomes more common, it would be nice if one could pop in a simple, short duration control console on the passenger's side. It need not be large, full set of controls, it might be more of the video game console size.

Some time ago I modified this blog softare (Drupal) to ask a very simple question of people without accounts posting comments. It generally works very well at stopping robot posting, however the volume of spam has been increasing, so I changed the question. Volume may have dropped a touch but I still got a bunch, which means the spammers are actually live humans, not robots.

As most people in the VoIP world know, the FCC mandated that "interconnected" VoIP providers must provide E911 (which means 911 calling with transmission of your location) service to their customers. It is not optional, they can't allow the customer to opt out to save money.

It sounds good on the surface, if there's a phone there you want to be able to reach emergency services with it.

The meaning of interconnected is still being debated. It was mostly aimed at the Vonages of the world. The current definition applies to service that has a phone-like device that can make and receive calls from the PSTN. Most people don't think it applies to PBX phones in homes and offices, though that's not explicit. It doesn't apply to the Skype client on your PC, one hopes, but it could very well apply if you have a more phone like device connecting to Skype, which offers Skype-in and Skype-out services on a pay per use basis and thus is interconnected with the PSTN.

Here's the kicker. There are a variety of companies which will provide E911 connectivity services for VoIP companies. This means you pay them and they will provide a means for you to route your user's calls to the right emergency public service access point, and pass along the address the user registered with the service. Seems like a fine business, but as far as I can tell, all these companies are charging by the customer per month, with fees between $1 and $2 per month.

This puts a lot of constraints on the pricing models of VoIP services. There's a lot of room for innovative business models that include offering limited or trial PSTN connection for free, or per-usage billing with no monthly fees. (All services I know of do the non-PSTN calling for free.) Or services that appear free but are supported by advertising or other means. You've seen that Skype decided to offer free PSTN services for all of 2006. AIM Phoneline offers a free number for incoming calls, as do many others.

Read on...

It's common in the blogosphere for bloggers to comment on the posts of other bloggers. Sometimes blogs show trackbacks to let you see those comments with a posting. (I turned this off due to trackback spam.) In some cases we effectively get a thread, as might appear in a message board/email/USENET, but the individual components of the thread are all on the individual blogs.

At the blogger panel at Fall VON (repurposed to be both video on the net as well as voice) Vlogger and blip.tv advocate Dina Kaplan asked bloggers to start vlogging. It's started a minor debate.

My take? Please don't.

In an earlier blog post I attempted to distinguish TVoIP (TV over internet) with IPTV, a buzzword for cable/telco live video offerings. My goal was to explain that we can be very happy with TV, movies and video that come to us over the internet after some delay.

Trade show booths are always searching for branded items to hand out to prospects. Until they fix the airport bans, how about putting your brand on a tube of toothpaste and/or other travel liquids now banned from carry-on bags?

(Yeah, most hotels will now give you these, but it's the thought that counts and this one would be remembered longer than most T-shirts.)

As a hirsute individual, I beg the world's makers of medical tapes and band-aids to work on an adhesive that is decent at sticking to skin, but does not stick well to hair.

Not being versed in the adhesive chemistries of these things, I don't know how difficult this is, but if one can be found, many people would thank you.

Failing that would be an adhesive with a simple non-toxic solvent that unbinds it, which could be swabbed on while slowly undoing tape.

While it will be a while before I get the time to build all my panoramas of this year's Burning Man, I did do some quick versions of some of those I shot of the burn itself. This year, I arranged to be on a cherry picker above the burn. I wish I had spent more time actually looking at the spectacle, but I wanted to capture panoramas of Burning Man's climactic moment. The entire city gathers, along with all the art cars for one shared experience. A large chunk of the experience is the mood and the sound which I can't capture in a photo, but I can try to capture the scope.

I'm back fron Burning Man (and Worldcon), and though we had a decently successful internet connection there this time, you don't want to spend time at Burning Man reading the web. This presents an instance of one of the oldest problems in the "serial" part of the online world, how do you deal with the huge backup of stuff to read from tools that expect you to read regularly.

One of the few positive things over the recent giant AOL data spill (which we have asked the FTC to look into) is it has hopefully taught a few lessons about just how hard it is to truly anonymize data. With luck, the lesson will be "don't be fooled into thinking you can do it" and not "Just avoid what AOL did."

You probably heard yesterday's good news that the ACLU prevailed in their petition for an injunction against the NSA warrentless wiretapping. (Our case against AT&T to hold them accountable for allegedly participating in this now-ruled-unlawful program continues in the courts.)

However, the ruling was appealed (no surprise) and the government also asked for, and was granted a stay of the injunction. So the wiretaps won't stop unless the appeal is won.

But this begs the question, "Why do you need a stay?"

Last week at ZeroOne in San Jose, one of the art pieces reminded me of a sneaky idea I had a while ago. As you may know, many camcorders, camera phones and cheaper digital cameras respond to infrared light. You can check this out pretty easily by holding down a button on your remote control while using the preview screen on your camera. If you see a bright light, you're camera shoots in infrared.

Everybody's pulling out IBM PC stories on the 25th anniversary so I thought I would relate mine. I had been an active developer as a teen for the 6502 world -- Commodore Pet, Apple ][, Atari 800 and the like, and sold my first game to Personal Software Inc. back in 1979. PSI was just starting out, but the founders hired me on as their first employee to do more programming. The company became famous shortly thereafter by publishing VisiCalc, which was the first serious PC application, and the program that helped make Apple as a computer company outside the hobby market.

Quite frequently in non-HTML documents, such as E-mails, people will enclose their URLs in angle brackets, such as <http://foo.com> What is the origin of this? For me, it just makes cutting and pasting the URLs much harder (it's easier if they have whitespace around them and easiest if they are on a line by themselves.) It's not any kind of valid XML or HTML in fact it would cause a problem in any document of that sort.

Many universities are now setting up to broadcast lectures over their LANs, often in video. Many students simply watch from their rooms, or even watch later. There are many downsides to this (fewer show up in class) but the movement is growing.

The blogosphere is justifiably abuzz with the release by AOL of "anonymized" search query histories for over 500,000 AOL users, trying to be nice to the research community. After the fury, they pulled it and issued a decently strong apology, but the damage is done.

Many people have pointed out obvious risks, such as the fact that searches often contain text that reveal who you are. Who hasn't searched on their own name? (Alas, I'm now the #7 "brad" on Google, a shadow of my long stint at #1.)

Those who know about my phone startup Voxable will know I have far more ambitious goals regarding presence and telephony, but during my recent hospital stay, I thought of a simple subset idea that could make hospital phone systems much better for the patient, namely a way to easily specifiy whether it's a good time to call the patient or not. Something as simple as a toggle switch on the phone, or with standard phones, a couple of magic extensions they can dial to set whether it's good or not.

There are many proposals out there for tools to stop Phishing. Web sites that display a custom photo you provide. "Pet names" given to web sites so you can confirm you're where you were before.

I think we have a good chunk of one anti-phishing technique already in place with the browser password vaults. Now I don't store my most important passwords (bank, etc.) in my password vault, but I do store most medium importance ones there (accounts at various billing entities etc.) I just use a simple common password for web boards, blogs and other places where the damage from compromise is nil to minimal.

So when I go to such a site, I expect the password vault to fill in the password. If it doesn't, that's a big warning flag for me. And so I can't easily be phished for those sites. Even skilled people can be fooled by clever phishes. For example, a test phish to bankofthevvest.com (Two "v"s intead of a w, looks identical in many fonts) fooled even skilled users who check the SSL lock icon, etc.

The browser should store passwords in the vault, and even the "don't store this" passwords should have a hash stored in the vault unless I really want to turn that off. Then, the browser should detect if I ever type a string into any box which matches the hash of one of my passwords. If my password for bankofthewest is "secretword" and I use it on bankofthewest.com, no problem. "secretword" isn't stored in my password vault, but the hash of it is. If I ever type in "secretword" to any other site at all, I should get an alert. If it really is another site of the bank, I will examine that and confirm to send the password. Hopefully I'll do a good job of examining -- it's still possible I'll be fooled by bankofthevvest.com, but other tricks won't fool me.

The key needs in any system like this is it warns you of a phish, and it rarely gives you a false warning. The latter is hard to do, but this comes decently close. However, since I suspect most people are like me and have a common password we use again and again at "who-cares" sites, we don't want to be warned all the time. The second time we use that password, we'll get a warning, and we need a box to say, "Don't warn me about re-use of this password."

Read on for subtleties...