Friday, March 19, 2004

A "True Name and Address" bill for all filesharers has been introduced in California. Ernest Miller is not impressed.

"The basic idea of the bill is to extend a "true name and address" statute to cover virtually all exchanges of copyrighted audiovisual information. That is, if you send someone a copy of a recording or audiovisual work electronically without also providing your true name and address, you could be fined $2,500 and spend a year in the clink...

We need to have a "true names" bill for politicians. By all rights, State Sen. Kevin Murray" [who is sponsoring the bill] "should start calling himself State Sen. Hollywood Sycophant."

I guess something similar could be said of Bill Lockyer, California's attorney general after his recent call to arms to fellow AGs about "dangerous" P2P software. 'Hollywood Ingratiator General' anyone?

As Ernest says,

"And what is this? Hollywood can't afford to sue people? We citizens of California have to expend precious tax dollars and limited law enforcement resources on copyright enforcement because Hollywood is too darn cheap? With massive statutory copyright damages available as a remedy, there is no excuse for Hollywood not to prosecute copyright infringers directly. Heck, it could even be a profit center."

Thursday, March 18, 2004

The Council of Europe's Convention on Cybercrime has been ratified today by Lithuania. "Following this fifth ratification, the Convention will enter into force on 1st July 2004 for Albania, Croatia, Estonia, Hungary and Lithuania. "

Kazaa duo's next call at Mercury news is a nice piece about Kazaa founders Niklas Zennstrom's and Janus Friis's new Net telephony service Skype. I vaguely recall seeing exactly this report somewhere last year but can't remember where at the moment.

The Eolas v Microsoft patent infringement case is testing the procedures in the US Patent Office, as well as the courts, as the patent is to be subjected to further review. Paul Festa says, "The next round in Microsoft's Web browser patent fight will unfold in an obscure bureaucratic proceeding that offers the company and its allies few, if any, chances to argue their side."

SNP MEP Neil MacCormick has offered a gentle critique of fellow MEPs Malcolm Harbour's (Conservative) and Arlene McCarthy's (Labour) support for the EU's intellectual property enforcement directive.

"There is no doubt that the EU should take action against counterfeiting and piracy...

...However, valid questions must be raised as to whether all the measures passed last week in the European Parliament are the correct ones - or whether some of them may bring unintended but serious consequences...

...Malcolm and Arlene argue that the EU directive has always been intended to tackle professional, commercial scale counterfeiting. Maybe so. It's just a pity that the final version which they voted for last week doesn't fully achieve that restriction...

...So, while it's true that a teenager doesn't have to fear his bank account being seized, it's not true to say that he can't have his CD collection seized...

...Another area of concern is the inclusion of patents in the scope of the directive. Patent law is much more complicated than other areas of IP law and much more open to abuse.

Legitimate companies who produce cheaper versions of medicines, for example, fear that the multinational drugs conglomerates will use this to stop the production of derivative medicines, so called 'generic medicines'...

...Perhaps the biggest disappointment in last week's European Parliament vote is that it was an opportunity lost. In an effort to rush through legislation before this June's elections we have ended up with a flawed directive.

Malcolm Harbour and Arlene McCarthy are right to say that the directive will be monitored and reviewed in due course. It's a great shame that so many people stand to suffer in the meantime in ways irrelevant to stamping out piracy and counterfeiting."

Wednesday, March 17, 2004

MacUser is reporting that "British government gets serious about open source" Which gives me an opportunity to mention a project launched yesterday by John Naughton and Quentin Stafford-Fraser called Ndiyo, (the Swahili word for 'yes') which has the small aim of changing the world. John likes a challenge.

It's all about bridging the digital divide (or more accurately, expanding the bubble of those included in the communications revolution) by using a new affordable hardware architecture and open source and free software.

In terms of architecture they're basically re-inventing the mainframe paradigm, the processing power of which can be shared by multiple users working from essentially dumb terminals. It's a slight variation on Larry Ellison's network computers from a few years back but workable on a local area basis. A clever, cheap, disposable, small box of tricks handles the local networking that let's the users at their terminals use the interact with the computer, which would be a PC equivalent. The box of tricks is currently proprietry technology, the patents on which are held by Newnham Research.

But Ndiyo are in the business of creating open standards to make a communications infrastructure equivalent to our plumbing or electrical network infrastructures, which everyone can have access to. They need companies like Newnham to manufacture the kit and break away from the Bill Gates enabled thinking trap about everyone needing a personal computer (running Microsoft software) but there is little stop another company to come up with their own version of networking box of tricks. In fact this piece of the infrastructure could be slimmed down to a single chip which could be mounted on the back of the monitor.

Given the vastly under-used processing power of most personal computers, or as Clay Shirky calls them "the dark matter of the internet", this kind of project is long overdue. It provides a huge potential to wire up inner cities, schools and public services at a tiny fraction of the cost of the equivalent in the WIntel universe. And that's just scratching the surface of what it could do in the affluent West.

Not many people know that about two thirds of the cost of an average PC is down to the licenses for Windows and Office software and the money goes straight to Microsoft. So using open source or free software provides an instant and vast cost saving.

I do have a slight worry about the reincarnation of the old monster, tyranno-sysadmin, who used to control computer users lives in relation to access to the sacred mainframe machines but that's a minor glitch in the scheme of things. There are also some technical obstacles ahead, as well as the issues of social protocol and questions of control over personal data, which brings me back again to the overall objective and the suitability of this new information architecture to the context, as well as, critically, they way the technology is deployed.

Nydiyo are committed to delivering three projects this year - a classroom in a box, an office in a box and an internet cafe in a box. Will John, Quentin and their small band of troops manage to change the world? Given an the ever increasing information feudalism we're seeing in the 'modern' world, I hope the answer is an emphatic Ndiyo.
Andrew Cringely recently asked "A Year Into the E-voting Crisis, Shouldn't We Have Noticed the Printer That's Already Built into Each Diebold Voting Machine?" Yet one of the spurious arguments against a verifiable paper audit trail is that is would cost too much to fit the printers to the e-voting machines.

Example:

"Meg Smothers of the League of Women Voters recently said that Georgia has 28,000 voting machines, and it would cost $15 million to retrofit them with printers to produce receipts. That comes to $535 per machine. "

I see. So we must employ computing in elections because computers are magic and they cost a lot, so they must be good. But we can't spend enough to make them actually work because it would cost too much. And it would cost too much because computers are pricey, so obviously if we want them to do anything extra (like print) that will cost a lot. And we are too stupid to realise that the computer will already do that extra thing we want it to do (i.e. print) - we just have to switch that part on. We are also too stupid to realise that because we don't even try to understand how computers work - because they are magic and we won't be able to. But we must have them for our elections because they are magic and using computers for anything will obviously make it better. That's alright then.

I wonder if any of these people ever heard of Josef Stalin? You know, the fellah that said "It is not the people who vote that count. It is the people who count the votes."

Monday, March 15, 2004

EU regulators have been meeting today to agree a draft ruling branding Microsoft a monopolist.
According to Xeni Jardin at Wired, the MPAA have drafted a letter for the California attorney general, Bill Lockyear, to circulate to fellow attorneys general, to encourage an all out legal assault on P2P file sharing software companies.

"The draft document, dated February 26, was obtained by Wired News on March 12. Distribution of a revised version to other attorneys general is said to coincide with the spring meeting in Washington, DC, March 15 to 17 of the National Association of
Attorneys General, of which Lockyer is president. The attorney general's office plans to release a final version publicly within the coming month, after obtaining additional signatories.

"We do not wish to make any comment at this time on any document that the office of the attorney general may or may not be developing," said Tom Dressler, spokesperson for Bill Lockyer in Sacramento. "But we remain concerned about the potential dangers posed to the public by peer-to-peer file-sharing technology."

However, the metadata associated with the Microsoft Word document indicates it was either drafted or reviewed by a senior vice president of the Motion Picture Association of America. According to this metadata (automatically generated by the Word application), the document's author or editor is "stevensonv." (The metadata of a document is viewable through the File menu under Properties.)

Sources tell Wired News that the draft letter's authorship is attributed to Vans Stevenson, the MPAA's senior vice president for state legislative affairs. MPAA representatives have issued similar criticisms of P2P technology in the past. Stevenson could not be reached for comment. "

Extract from the letter:

"As a P2P software developer and distributor, we believe you have the ability and responsibility to better educate consumers about these known risks, and to design your software in a manner that minimizes the risks. We view with grave concern reports that at least some P2P software developers may be adding features deliberately designed to hinder law enforcement in its prosecution of crimes using P2P software. Companies that engage in such conduct, and fail to meet the important responsibilities referenced above, harm the interests of consumers in our States.

It is widely recognized that P2P file-sharing software currently is used almost exclusively to disseminate pornography, and to illegally trade copyrighted music, movies, software and video games. File-sharing software also is increasingly
becoming a means to disseminate computer worms and viruses. Nevertheless, your company still does little to warn consumers about the legal and personal risks they face when they use your software to "share" copyrighted music, movies and computer software. A failure to prominently and adequately warn consumers, particularly when you advertise and sell paid versions of your software, could constitute, at the very least, a deceptive trade practice...

...Whether it is the widespread availability of pornography, including child pornography, the disclosure of sensitive personal information to millions of people, the exposure to pernicious computer worms and viruses, or the threat of legal liability for copyright infringement, P2P file-sharing software has proven costly and dangerous for many consumers...

Over the coming months, we will begin focusing more attention on the risks P2P software programs pose to consumers in our States. We hope this inquiry will encourage you to take proactive, concrete and meaningful steps to address the problems we have raised in this letter.... We take seriously our responsibility to protect consumers and ensure that the laws of our States are respected. In the future, we will not hesitate to take whatever actions we deem necessary to ensure that you fulfill your duties as a responsible corporate citizen.

The states of New York and Wisconsin have announced that they are withdrawing from the controversial MATRIX interstate database program. MATRIX is the state level version of the now scrapped Total Information Awareness program, which had the aim of sucking in vast swathes of personal data on everyone, thereby enabling the computer to automatically pinpoint the terrorists in our midst.

It sounds a superfically and intuitively attractive prospect, until you think about it. What if the computer or the operator gets it wrong? Like I said earlier. Law enforcement is difficult. And, as H.L. Mencken said, "For every human problem there is a solution which is simple, neat and wrong." We're right back to the old theme which I seem to come back to repeatedly, the widespread

"Boys-Own blind faith of computing ignoramuses, like certain decision makers, in the ability of computers to automatically and magically make things better, regardless of the overall objective or the suitability of the tools (computers) to the task or [critically] the way in which those tools are deployed, drives me nuts on a daily basis in my own day job. That it is happening in so important a context " as [choose your own context - in this case I choose 'law enforcement'] "is worrying in the extreme"
Ernest Miller is well worth reading on the problems law enforcement authorities have in surveilling the Net. The FBI are seeking to expand Carnivore. Miller's repsonse? They're onto a hiding to nothing because of the architecture of the Net.

"The amount of intervention in technology development necessary for the FBI and DOJ to accomplish what they want with regard to wiretapping is enormous. The costs will be both direct (money out of consumer's pockets) and indirect (loss of innovation). However, that is only half the picture. Unfortunately for the FBI, the costs to defeat the wiretapping are relatively small and will continue to decrease. We have here an asymmetric situation that will only grow more asymmetric as time goes on.

The problem is with the underlying architecture of the internet. Advances in technology along with the end-to-end/layers principle mean that it will always be cheaper to add encryption to the edges of the network than to increase the amount of surveillance at the center of the network. How much does it cost to write an encrypted VoIP app? Not much. How much does it cost to build the surveillance mechanism and conduct the surveillance across all possible ISPs? A heck of a lot more.

Ok. Now that the first encrypted VoIP app is compromised ... how much will it cost to build another encrypted layer on top of the first one? How much will it cost to conduct surveillance on this new layer? Hmmmm, if this progression continues, as we add additional layers of encryption and surveillance, the costs will increasingly diverge. Not a game you can win ultimately. In fact, it doesn't make much sense to even start. The FBI should be happy with what they've got...

...If I were the FBI, I wouldn't waste my time on a battle I ultimately couldn't win and instead would concentrate my efforts on the place where I could still achieve my goals - the ends. You want to know what someone is up to online? I would recommend, for example, key loggers, "real" spyware, and social engineering. It ain't gonna be easy, but you have a chance of winning in the long term. The sooner you quit a race you can't win, the faster you can enter a race where you have a chance."

He's got a point but it's one that takes longer than three seconds to grasp, so I don't see the politicos getting it any time soon. It's easy to spend lots of money and say we are spending lots of money fighting crime, and spin an illusion that such tactics work. It's hard to do the kinds of things Ernest is talking about and there are no simple tick box targets to wave in front of the media to illustrate success.

But law enforcement is hard.
Back to one of my hobby horses of recent times and a Wired report, Legislators Urge E-Voting Halt.

"State Sens. Don Perata (D-Oakland) and Ross Johnson (R-Irvine), the chairman and vice chairman of the Senate election committee, sent a letter to Secretary of State Kevin Shelley urging him to decertify all paperless touch-screen voting machines before the general election...

..."California has a lemon law that protects consumers if they buy a bad car," Johnson said at the press conference. "So far, e-voting in California is a lemon." He said Californians should demand no less oversight for voting machines."

Usually I hate soundbites. That one, I like.
The NYT reported on Friday that Microsoft has been encouraging big investment in SCO. There has been a fair degree of speculation about this ever since SCO launched their legal campaign against linux but the NYT have seen an email with specifics. Interesting, though hardly earth shattering.