"I don't think the report is true, but these crises work for those who want to make fights between people." Kulam Dastagir, 28, a bird seller in Afghanistan
Wired: 27B Stroke 6- Billy Hoffman on Ajax Security at RSA
Topic: Computer Security
3:53 pm EST, Feb 8, 2007
The best conference presenters have a story to tell, and this morning, Billy Hoffman -- the lead researcher at Web application security company SPI Dynamics, had a great story to tell Wednesday morning at the RSA security conference about how all your favorite new Web 2.0 applications are a boon to criminals.
The new Congress has barely begun, but the major record labels are already up to their old tricks.
Sen. Dianne Feinstein has re-introduced the PERFORM Act, a backdoor assault on your right to record off the radio. Satellite and digital radio stations as well as Internet webcasters would have to adopt digital rights management (DRM) restrictions or lose the statutory license for broadcasting music.
Well, Congress is off to quite a start this year. In addition to killing off small webcasters they're talking writing a blank check for the DOJ to create ISP Data Retention requirements and they're back in to fining sites like MemeStreams hundreds of thousands of dollars if we fail to comply with an arcane reporting rule for child porn incidents.
They are also seeking to criminalize Internet use:
Another section of the draft bill says that anyone convicted of certain child exploitation-related offenses who also used the "Internet to commit the violation" will get an extra 10 years in prison.
Marv Johnson, a legislative counsel with the American Civil Liberties Union, said the extra 10 years in prison was an odd requirement because the Internet is not inherently dangerous like a firearm. Rather, he said, the bill proposes to punish someone for using a perfectly legal item or service in an illegal way.
"It would be like punishing someone additionally for driving a car in the commission of an offense," Johnson said.
RE: The Word Theory Must be Stricken from Scientific Thought
Topic: Miscellaneous
2:46 pm EST, Feb 7, 2007
skullaria wrote: Therefore, we must strike the word THEORY from all talk of science, unless it is indeed, purely conjecture, as the word THEORY must mean DOUBTFUL to a large percentage of the public.(2,5,6,7)
I kind of agree with this. The general use of the word theory is the same as the scientific use of the word hypothesis. If the scientific world choose a different word than theory, it would be less confusing. The problem is that I think scientists were probably here first, and that people say theory when they mean to say hypothesis because hypothesis is an awkward word.
Boing Boing: Will Steve Jobs drop iTunes DRM in a heartbeat?
Topic: Technology
10:31 am EST, Feb 7, 2007
This is a big day -- a huge day. If Steve Jobs comes through with his promise to offer DRM-free music from artists who will allow it, we're at the beginning of the end of the DRM wars.
Ha! I don't think Jobs predicted that some artists would respond to his essay by insisting that they undrm their music on the iTunes Store. He may have offered more than he bargained for.
Why Windows is less secure than Linux | Threat Chaos | ZDNet.com
Topic: Computer Security
6:51 pm EST, Feb 6, 2007
In its long evolution, Windows has grown so complicated that it is harder to secure. Well these images make the point very well. Both images are a complete map of the system calls that occur when a web server serves up a single page of html with a single picture. The same page and picture.
The second alternative is for Apple to license its FairPlay DRM technology to current and future competitors with the goal of achieving interoperability between different company’s players and music stores.
The most serious problem is that licensing a DRM involves disclosing some of its secrets to many people in many companies, and history tells us that inevitably these secrets will leak. The Internet has made such leaks far more damaging, since a single leak can be spread worldwide in less than a minute.
Apple has concluded that if it licenses FairPlay to others, it can no longer guarantee to protect the music it licenses from the big four music companies.
Steve Jobs speaks openly about DRM here, which is interesting, but he is obviously negotiating with European anti-trust entities in this essay. He presents a proposition that the two major European music companies license their music to him without a DRM requirement. Thats a bit "let them eat cake" I think. I'm sure he thinks the pressure that Europeans might put on those major music companies as a result of this essay will release some of the pressure on him, allowing him to find a better negotiating position.
Unfortunately, with regard to the passage I'm quoting, he's wrong. In order to have a DRM system you have to put the enforcement technology in the hands of all of your users. Those people can reverse engineer that technology, and spread their results via the Internet. DRM encoding systems can be just as blackbox as DRM enforcement systems, and you aren't handing them to as many people, so the idea that you can't tolerate the risk of those encoders being reverse engineered doesn't make any sense. You're already taking the greater risk that the decoders will be reverse engineered, and thats the fundamental crux of DRM. Furthermore, there is no reason why Apple couldn't support another companies DRM technology that already has shared encoders.
Microsoft has joined forces with the Web 2.0 vanguard, as Bill Gates announced Tuesday in a keynote at the RSA security conference that Microsoft was going to support a distributed identity system known as OpenID.
This is interesting. OpenID has been discussed on MemeStreams before. While it would be useful for MemeStreams to serve OpenID so that our users could use their accounts to post on blogs that accept it, accepting it here is a different story. OpenID essentially allows anonymous blog commenters to maintain a persistent identity across the Internet. As we don't accept anonymous comments, adding this sort of capability presents more challenges for us than for blogs that do. We've talked about allowing anonymous comments, but this can open the door to more spam, particularly in threads that aren't fresh. It would be nice if a real identity sharing technology was layered on top of OpenID to ease account creation. There is a system that attempts to do this, but it suffers from the same scope limitations that FOAF does. Either way, I think we've got some simpler coding work that needs to be done on this site before that bubbles up to the top of our todo list.
Exploiting people's trust in information that is professionally delivered
Topic: Humor
11:52 pm EST, Feb 5, 2007
Do you need a stronger wireless signal or greater network access? I'm Mark Erickson, and this is Infinite Solutions. In this episode, I'll show you a simple hack to extend the range of your wireless card.
Decius wrote: That is exactly correct. You don't have an inalienable right to be vulnerable to communicable diseases. This question was resolved in the 1800s.
Please provide a citation. I would like to research this.
The defendant insists that his liberty is invaded when the state subjects him to fine or imprisonment for neglecting or refusing to submit to vaccination; that a compulsory vaccination law is unreasonable, arbitrary, and oppressive, and, therefore, hostile to the inherent right of every freeman to care for his own body and health in such way as to him seems best; and that the execution of such a law against one who objects to vaccination, no matter for what reason, is nothing short of an assault upon his person....
It seems to the court that an affirmative answer to these questions would practically strip the legislative department of its function to care for the public health and the public safety when endangered by epidemics of disease. Such an answer would mean that compulsory vaccination could not, in any conceivable case, be legally enforced in a community, even at the command of the legislature, however widespread the epidemic of smallpox, and however deep and universal was the belief of the community and of its medical advisers that a system of general vaccination was vital to the safety of all.
We are not prepared to hold that a minority, residing or remaining in any city or town where smallpox is prevalent, and enjoying the general protection afforded by an organized local government, may thus defy the will of its constituted authorities, acting in good faith for all, under the legislative sanction of the state. If such be the privilege of a minority, then a like privilege would belong to each individual of the community, and the spectacle would be presented of the welfare and safety of an entire population being subordinated to the notions of a single individual who chooses to remain a part of that population. We are unwilling to hold it to be an element in the liberty secured by the Constitution of the United States that one person, or a minority of persons, residing in any community and enjoying the benefits of its local government, should have the power thus to dominate the majority when supported in their action by the authority of the state.
