It seems that SunnComm have decided not to sue Alex Haderman after all.
"SunnComm president and CEO Peter Jacobs said he changed his mind.
Jacobs said in an interview late last night that a successful lawsuit would do
little to reverse the damage done by the paper Halderman published Monday
about his research, and any suit would likely hurt the research community by
making computer scientists think twice about researching copy-protection
technology.
"I don't want to be the guy that creates any kind of chilling effect on
research," Jacobs said."
Friday, October 10, 2003
AT LUNCHTIME TODAY, I moderated a panel discussion on digital downloading and music,
featuring a bunch of musicians, songwriters, and industry people from Nashville. Here's the
scary bit: one of the industry guys said that their big legislative priority is to try to create a
regime where you have to register with a unique, verifiable ID to access the Internet.
No doubt the next step would be to take away that ID as punishment for "misconduct" on the
Internet. Shades of Vernor Vinge's True Names.
posted at 04:12 PM by Glenn Reynolds
featuring a bunch of musicians, songwriters, and industry people from Nashville. Here's the
scary bit: one of the industry guys said that their big legislative priority is to try to create a
regime where you have to register with a unique, verifiable ID to access the Internet.
No doubt the next step would be to take away that ID as punishment for "misconduct" on the
Internet. Shades of Vernor Vinge's True Names.
posted at 04:12 PM by Glenn Reynolds
Alex Halderman, a Princeton student, who discovered that holding down the shift key while loading a CD into a computer, allows you to beat the latest copy protection technology, is about to get sued by the company that produced the technology. I'm with Ernest Miller on this one. I can't see them going ahead with it. It's a pretty lousy PR exercise - a student points out your security is not very good and you react how? By improving the security? No, of course not! You must sue the student, or preferably have the authorities go after him with criminal charges. We're not in the real world, we're in DMCA-land. We'll have our very own version, EUCD-land, in the UK by the end of the month.
Thursday, October 09, 2003
Eolas have filed for an injunction to stop Microsoft distributing their IE browser, in the wake of their recent $520 million patent infringement victory against the software giant.
The UK has passed legislation to implement the EU Copyright directive. The actual legislation is largely unchanged from the original draft regulations that were subject to such a long period of consultation. There now appears to be an exception for researchers. Section 296ZA2 states:
"This section does not apply where a person, for the purposes
of research into cryptography, does anything which circumvents effective
technological measures unless in so doing, or in issuing information
derived from that research, he affects prejudicially the rights of the
copyright owner."
It remains to be seen what "affects prejudicially the rights of the copyright owner" actually means in practice. The DMCA also has an exception for security researchers. Ben Edelman at Harvard wants to get access to a lists of websites blocked by certain commercially available filter software programmes, in order to test their effectiveness.
As a researcher, the DMCA provides an exception which allows him to bypass the digital locks which keep those lists secret. At the same time, however, it makes it illegal for him to build the tool that would enable him to bypass those digital locks. I wonder if Section 296ZA(2) will have a similar effect?
Silicon.com are reporting on a way of beating the latest CD copy protection technology. I wonder how such a report is affected by the implemention of the copyright directive now?
"This section does not apply where a person, for the purposes
of research into cryptography, does anything which circumvents effective
technological measures unless in so doing, or in issuing information
derived from that research, he affects prejudicially the rights of the
copyright owner."
It remains to be seen what "affects prejudicially the rights of the copyright owner" actually means in practice. The DMCA also has an exception for security researchers. Ben Edelman at Harvard wants to get access to a lists of websites blocked by certain commercially available filter software programmes, in order to test their effectiveness.
As a researcher, the DMCA provides an exception which allows him to bypass the digital locks which keep those lists secret. At the same time, however, it makes it illegal for him to build the tool that would enable him to bypass those digital locks. I wonder if Section 296ZA(2) will have a similar effect?
Silicon.com are reporting on a way of beating the latest CD copy protection technology. I wonder how such a report is affected by the implemention of the copyright directive now?
Thursday, October 02, 2003
Nesson Fisher and Zittrain in conversation. Great stuff.
Derek Slater is on form too quizing Prof Nesson's ideas for getting us all out of the P2P cul-de-sac. I need to spend more time on this!
Derek Slater is on form too quizing Prof Nesson's ideas for getting us all out of the P2P cul-de-sac. I need to spend more time on this!
The Times is reporting that Tony Blair has become a convert to David Blunkett's grand plan on national identity cards. Another step in his New Labour leadership style demo. No doubt he wants to be seen to be tough on Labour, tough on the causes of Labour.
Anita Ramasastry has done a typically incisive analysis of the privacy issues related to the recent JetBlue case and the US government's proposals on the CAPPS11. The 1974 Privacy Act in the US only relates to databases compiled by the government and does not cover government's access to private sector databases.
"Soon, the Transportation Security Administration (TSA) - which was
involved in the JetBlue data transfer - will begin to implement CAPPS II.
CAPPS II will attempt to update and revamp the existing federal no-fly
list program by employing the same kind of private sector data that
JetBlue provided to Torch Concepts.
Disturbingly, however, CAPPS II currently lacks meaningful privacy and
due process safeguards. Thus, not only should the Privacy Act be
amended, but so should the CAPPS II proposal.
Otherwise, consumers may find that data that they have provided to
companies in the private sector is now being used to target them for the
same scrutiny would-be terrorists receive. "
The defense contractor that analysed the data on 5 million JetBlue passengers, had been contracted by the army "to determine how information from public and private records
might be analyzed to help defend military bases from attack by terrorists
and other adversaries."
The contractor synthesised the JetBlue data with data bought from a large aggregating company and created a set of profiles:
(1) Young Middle Income Home Owners with Short
Length-of-Residence; (2) Older Upper Income Home Owners with
Longer Length-of-Residence; and (3) travellers with "anomalous
records."
As Prof Ramasastry says, "The third category, by definition, might potentially include renters,
students with both home and school addresses, older persons who have
moved recently, and persons with low incomes. Of course, such persons
are in some senses the norm in America. Yet the program may have
deemed them "anomalous" - and, thus a risk from a security standpoint. "
The other problem comes when there are errors in the data or it gets misused by the various actors (or their employees) engaged in the processing or transfer of the data.
The guy that is trying to sell his electronic voting machines to Ohio state, told Republicans in a recent fund-raising letter that he is "committed
to helping Ohio deliver its electoral votes to the president next year." If you read in a novel you wouldn't believe it. Not, of course, suggesting that we should believe everything we read on the Net. Although, Walden O'Dell, chief executive of Diebold Inc., has been reported as having said similar things in the past.
"Soon, the Transportation Security Administration (TSA) - which was
involved in the JetBlue data transfer - will begin to implement CAPPS II.
CAPPS II will attempt to update and revamp the existing federal no-fly
list program by employing the same kind of private sector data that
JetBlue provided to Torch Concepts.
Disturbingly, however, CAPPS II currently lacks meaningful privacy and
due process safeguards. Thus, not only should the Privacy Act be
amended, but so should the CAPPS II proposal.
Otherwise, consumers may find that data that they have provided to
companies in the private sector is now being used to target them for the
same scrutiny would-be terrorists receive. "
The defense contractor that analysed the data on 5 million JetBlue passengers, had been contracted by the army "to determine how information from public and private records
might be analyzed to help defend military bases from attack by terrorists
and other adversaries."
The contractor synthesised the JetBlue data with data bought from a large aggregating company and created a set of profiles:
(1) Young Middle Income Home Owners with Short
Length-of-Residence; (2) Older Upper Income Home Owners with
Longer Length-of-Residence; and (3) travellers with "anomalous
records."
As Prof Ramasastry says, "The third category, by definition, might potentially include renters,
students with both home and school addresses, older persons who have
moved recently, and persons with low incomes. Of course, such persons
are in some senses the norm in America. Yet the program may have
deemed them "anomalous" - and, thus a risk from a security standpoint. "
The other problem comes when there are errors in the data or it gets misused by the various actors (or their employees) engaged in the processing or transfer of the data.
The guy that is trying to sell his electronic voting machines to Ohio state, told Republicans in a recent fund-raising letter that he is "committed
to helping Ohio deliver its electoral votes to the president next year." If you read in a novel you wouldn't believe it. Not, of course, suggesting that we should believe everything we read on the Net. Although, Walden O'Dell, chief executive of Diebold Inc., has been reported as having said similar things in the past.
Monday, September 29, 2003
I've just lost a large post on electronic voting machines when IE Explorer crashed and I don't have the time to re-generate it, so I'll just point to this flash animation and a Salon article on alleged irregularities on the development of standards on same.
Insightful essay by science fiction writer Orson Scott Card on the problems the music industry is having with MP3s. He has a solution to the copyright term debate too,
"Twenty years after the author's
death or the author's hundredth birthday,
whichever comes last -- that's a workable
standard to provide for the author and his
or her immediate heirs. It comes to an end,
and the work enters the public domain as it
should.
And let's eliminate this nonsense about
corporate authorship. If a corporation
claims to be the "author" for copyright
purposes, then the whole life of the
copyright should be twenty years, period.
They make most of their money in twenty
years, except on a handful of works that
enter the public consciousness...
If you changed the law that way, suddenly
"work for hire" contracts would disappear,
and the real creators would be treated
with more respect by the big companies --
because they'd much rather have a fair
contract with an author whose copyright
will last many decades than to have
outright "authorship" of a twenty-year
copyright."
"Twenty years after the author's
death or the author's hundredth birthday,
whichever comes last -- that's a workable
standard to provide for the author and his
or her immediate heirs. It comes to an end,
and the work enters the public domain as it
should.
And let's eliminate this nonsense about
corporate authorship. If a corporation
claims to be the "author" for copyright
purposes, then the whole life of the
copyright should be twenty years, period.
They make most of their money in twenty
years, except on a handful of works that
enter the public consciousness...
If you changed the law that way, suddenly
"work for hire" contracts would disappear,
and the real creators would be treated
with more respect by the big companies --
because they'd much rather have a fair
contract with an author whose copyright
will last many decades than to have
outright "authorship" of a twenty-year
copyright."
Friday, September 26, 2003
Legal theory blog.
Ernest Miller at Lawmeme. Everything at Lawmeme is worth a look but scroll down for Miller's recent postings on copynorms and thoughts about how to resolve the conflicts in the p2p wars.
Donna Wentworth at Copyfight says:
"If you've got any (copy)fight in you at all, you've been following the
debate over the past 2-3 weeks about how to resolve the P2P wars
peacably--that is,
without harming technological innovation and/or the Net;
without harming people and/or violating their rights;
without harming the creators, producers or publishers of
creative works; and
without (further) harming copyright law by (further) upsetting its
intended balance.
Or, as a subset of the above questions, you may have been asking
yourself
whether the RIAA's legal campaign against P2P users is in any
sense a rational or justified approach to resolving the current
conflicts, and
if it isn't, what are the rational approaches, and finally
what approach is EFF advocating? "
I'm afraid I haven't been keeping up for the past few weeks at all. Sorry Donna. :-( Still totally buried in electronic and paper administrative mountains. Plus my latest batch of 160 or so students are starting my OU course, based on Larry Lessig's book, The Future of Ideas.
Loads of copyfight discussions I need to catch up with and point to but I should mention that the amazing Seth Finkelstein has decided to call it a day on his censorware research. I can only wish him the best of luck in getting financial and legal protection and/or in whatever venture he decides to pursue in the future. As and EFF pioneer award winner, you can't top the plaudits this unsung hero got in 2001 for the work he has tirelessly and singlehandly pursued for many years. Nice thoughts from admirers don't pay the bills or provide legal protection in these litigious times however.
Ernest Miller at Lawmeme. Everything at Lawmeme is worth a look but scroll down for Miller's recent postings on copynorms and thoughts about how to resolve the conflicts in the p2p wars.
Donna Wentworth at Copyfight says:
"If you've got any (copy)fight in you at all, you've been following the
debate over the past 2-3 weeks about how to resolve the P2P wars
peacably--that is,
without harming technological innovation and/or the Net;
without harming people and/or violating their rights;
without harming the creators, producers or publishers of
creative works; and
without (further) harming copyright law by (further) upsetting its
intended balance.
Or, as a subset of the above questions, you may have been asking
yourself
whether the RIAA's legal campaign against P2P users is in any
sense a rational or justified approach to resolving the current
conflicts, and
if it isn't, what are the rational approaches, and finally
what approach is EFF advocating? "
I'm afraid I haven't been keeping up for the past few weeks at all. Sorry Donna. :-( Still totally buried in electronic and paper administrative mountains. Plus my latest batch of 160 or so students are starting my OU course, based on Larry Lessig's book, The Future of Ideas.
Loads of copyfight discussions I need to catch up with and point to but I should mention that the amazing Seth Finkelstein has decided to call it a day on his censorware research. I can only wish him the best of luck in getting financial and legal protection and/or in whatever venture he decides to pursue in the future. As and EFF pioneer award winner, you can't top the plaudits this unsung hero got in 2001 for the work he has tirelessly and singlehandly pursued for many years. Nice thoughts from admirers don't pay the bills or provide legal protection in these litigious times however.
Must read interview with Michael Perelman at info-commons. One quote:
"What we are doing is stifling ideas by creating an atmosphere of secrecy, of litigation, and of restriction, all of which will harm the system's ability to create important ideas in the long run. The idea that information should be private property is absolutely new, absolutely untested, and in my mind absolutely destructive. Again, I would go back to this question of long-term replenishment and say, "Where do you see the private incentives for long-term replenishment?" If you think about the way the system works today, the private sector is very, very good at taking deep, basic, scientific insights and eventually turning them into marketable commodities. But at the same time what they are doing is destroying the system of creating deep, basic, scientific insights by using their financial leverage to force science into devoting more attention to the moneymaking process."
I'd recommend his book, Steal this Idea
But what about that soundbite for the those concerned about the expansion of intellectual property rights beyond their productive boundaries:
"The idea that information should be private property is absolutely new, absolutely untested, and in my mind absolutely destructive."
Takes eight seconds to say, rather than the politicians' preferred maximum of four. But hey, we're trying to raise the level of the debate.
"What we are doing is stifling ideas by creating an atmosphere of secrecy, of litigation, and of restriction, all of which will harm the system's ability to create important ideas in the long run. The idea that information should be private property is absolutely new, absolutely untested, and in my mind absolutely destructive. Again, I would go back to this question of long-term replenishment and say, "Where do you see the private incentives for long-term replenishment?" If you think about the way the system works today, the private sector is very, very good at taking deep, basic, scientific insights and eventually turning them into marketable commodities. But at the same time what they are doing is destroying the system of creating deep, basic, scientific insights by using their financial leverage to force science into devoting more attention to the moneymaking process."
I'd recommend his book, Steal this Idea
But what about that soundbite for the those concerned about the expansion of intellectual property rights beyond their productive boundaries:
"The idea that information should be private property is absolutely new, absolutely untested, and in my mind absolutely destructive."
Takes eight seconds to say, rather than the politicians' preferred maximum of four. But hey, we're trying to raise the level of the debate.
Tuesday, September 09, 2003
A CNN report on a pirate Harry Potter publisher in Venezuela is a reminder of why publishing houses get so upset about copyright infringement. A poor Spanish translation of the latest J.K. Rowling blockbuster is selling like hotcakes for the equivalent of $25. This is despite the fact that the translator admits on nearly every page that there were phrases and sentences s/he could not understand. The official Spanish language translation is not due for months and this character decided to fill a gap in the market.
Thanks to Siva Vaidhyanathan for pointing to this story about the battle between Ontario province in Canada and a US biotech company, Myriad Genetics, with a patent on the BRCA1 and BRCA2 genes. Testing for these can apparently help to predict a woman's risk of developing breast cancer where there is a history of the illness in the family. Myriad are threatening court action unless Ontario stop doing their version of the test, (which is done at one third of the cost and provides results two months faster). Similar threats against British Columbia last year led labs there to discontinue testing, according to the report cited.
Thanks to Siva Vaidhyanathan for pointing to this story about the battle between Ontario province in Canada and a US biotech company, Myriad Genetics, with a patent on the BRCA1 and BRCA2 genes. Testing for these can apparently help to predict a woman's risk of developing breast cancer where there is a history of the illness in the family. Myriad are threatening court action unless Ontario stop doing their version of the test, (which is done at one third of the cost and provides results two months faster). Similar threats against British Columbia last year led labs there to discontinue testing, according to the report cited.
Monday, September 08, 2003
The Foundation for Information Policy Research has released an important new report on the implementation of the EU copyright directive of 2001.
"Implementing the European Union
Copyright Directive
Ian Brown
Directive 2001/29/EC of the European Parliament and of the Council of
22 May 2001 on the harmonisation of certain aspects of copyright and
related rights in the information society has proven more contentious than
its drafters foresaw. This EU Copyright Directive (EUCD), as it is
commonly known, allowed only 19 months for implementation by
Member States. But controversy in many of the fifteen States meant that
only Denmark and Greece met this deadline.
Given the experience in the United States with a similar piece of legislation
passed in 1998, this may be less surprising than it seems. The EUCD and
the US Digital Millennium Copyright Act (DMCA) both give new
protection to “technological measures:” systems that restrict the use of
literary and other works in digital form based on instructions from their
owners. Even legitimate users of such works are forbidden from
circumventing such measures. Tools that facilitate circumvention are also
banned. This has led to problems in the US for innovators, researchers,
the press, and the public at large.
This guide describes the debate that has occurred within each of the EU
states during this process of implementation. It also describes the options
that are available in implementation, and how these options have been
exercised across the EU. Our aim is to provide information to government
and civil society bodies in the countries that will be joining the EU during
2004, and hence who must also transpose the Directive into national law
as part of that process. These organisations will then be in a better position
to represent the views of copyright users in the debate over transposition,
in order to ensure a proper balance between the rights of rightsholders and
users.
The European Commission is due to report on the operation of the
Directive in December 2004, after which amendments may be made by
the Parliament and Council. Until then, careful use of its flexibility in
implementation may prevent the recurrence in Europe of some of the
problems seen in the US as a result of the DMCA.
The guide will be updated to provide further information as the legal
situation evolves, particularly in those countries that have only very
recently, or are yet to, publish draft legislation (Ireland, Luxembourg and
Sweden.)"
You can see the entire report at the FIPR website.
"Implementing the European Union
Copyright Directive
Ian Brown
Directive 2001/29/EC of the European Parliament and of the Council of
22 May 2001 on the harmonisation of certain aspects of copyright and
related rights in the information society has proven more contentious than
its drafters foresaw. This EU Copyright Directive (EUCD), as it is
commonly known, allowed only 19 months for implementation by
Member States. But controversy in many of the fifteen States meant that
only Denmark and Greece met this deadline.
Given the experience in the United States with a similar piece of legislation
passed in 1998, this may be less surprising than it seems. The EUCD and
the US Digital Millennium Copyright Act (DMCA) both give new
protection to “technological measures:” systems that restrict the use of
literary and other works in digital form based on instructions from their
owners. Even legitimate users of such works are forbidden from
circumventing such measures. Tools that facilitate circumvention are also
banned. This has led to problems in the US for innovators, researchers,
the press, and the public at large.
This guide describes the debate that has occurred within each of the EU
states during this process of implementation. It also describes the options
that are available in implementation, and how these options have been
exercised across the EU. Our aim is to provide information to government
and civil society bodies in the countries that will be joining the EU during
2004, and hence who must also transpose the Directive into national law
as part of that process. These organisations will then be in a better position
to represent the views of copyright users in the debate over transposition,
in order to ensure a proper balance between the rights of rightsholders and
users.
The European Commission is due to report on the operation of the
Directive in December 2004, after which amendments may be made by
the Parliament and Council. Until then, careful use of its flexibility in
implementation may prevent the recurrence in Europe of some of the
problems seen in the US as a result of the DMCA.
The guide will be updated to provide further information as the legal
situation evolves, particularly in those countries that have only very
recently, or are yet to, publish draft legislation (Ireland, Luxembourg and
Sweden.)"
You can see the entire report at the FIPR website.
The UK cabinet are divided on David Blunkett's plans for a biometrically embedded national identity card.
The national ID card proposal fails security expert Bruce Schneier's 5 step test at the first hurdle:
1. What problem(s) does the proposed solution - in this case a national identity card - solve?
2. How well does it solve it (or them) and how can it fail?
3. What other problems does the solution create?
4. How much does it cost?
5. Is it worth it, given the answers to the first four questions?
What about step 1 then? Well the proponents in government are keen to suggest it solves everything from immigration to terrorism and includes identity fraud, benefit fraud, illegal working, unauthorised access to health care, as some of the bonuses along the way. The ID card appears really to be David's Blunkett's Grand Plan, (in the mould of the BBC's fictional "Yes Prime Minister" Jim Hacker's Grand Design) to be used as a plaform to challenge for the leadership when Blair eventually steps down. In reality, it's a massive expensive, intrusive solution looking for a problem; and the list of problems it is claimed that it will solve grows progressively.
So in answer to Schneier's first question, we don't really know what problem it is supposed to solve. But it's a great platform to bring out a "vocal minority" who can be appropriately demonised in the mass media. (Of the 7000 or so people who responded to the government's exercise on the "entitlement card", about 6000 were against it - but the proponents in government still regularly say that a majority of those who responded to the exercise supported the idea, by a factor of 2 to 1).
How well does it work? Leaving aside the fact that we don't know what problem it will solve, the focus of supporters appears to be on the idea that it can't fail because it will be embedded with biometric information. But somebody should paint this in big bold print at the head of Mr Blunkett's grand plan -
Biometric information may be unique but it is not secret.
We leave bit's of dead skin and hair and our fingerprints on lots of things. Senior political figures have photos taken every day. Will some of those be of suffient quality to give iris scan details? Card's containing people's biometric information can therefore be forged and since there will be a be incentive for organised crime to forge these cards - due to the widely held belief that they can't be forged and the range of services they will provide access to - they are likely to be forged on a large scale.
What other problems does the 'solution' create - see above for starters.
How much? An absolute fortune - in the billions of pounds.
Is it worth it? Er, that's a tough one but on balance I'd say no.
And I'm not even a security specialist. Someone like Schneier could really poke holes in the proposal.
The Telegraph is painting it as the tortises versus the hares, with Blunkett and Blair and co. being the hares. Brown and Prescot are the alleged cautious tortises. Let's hope this one works out like the fable.
The Telegraph is also complaining about the new directory enquiries services in the UK. "Some of the new directory inquiries services were accused of operating a
"stalkers' charter" last night after providing phone numbers for people's
homes without being given the residents' names."
Former Environment minister, Michael Meacher, is painting the war of terrorism as bogus and suggesting "The 9/11 attacks gave the US an ideal pretext to use force to secure its global domination" He's also scathingly critical of the UK support for the US in this context,
"The conclusion of all this analysis must surely be that the
"global war on terrorism" has the hallmarks of a political myth
propagated to pave the way for a wholly different agenda - the
US goal of world hegemony, built around securing by force
command over the oil supplies required to drive the whole
project. Is collusion in this myth and junior participation in this
project really a proper aspiration for British foreign policy? If
there was ever need to justify a more objective British stance,
driven by our own independent goals, this whole depressing
saga surely provides all the evidence needed for a radical
change of course."
Whilst David Blunkett ponders his national identity card, senior police officers, according to the Guardian, are to "call this week for the database of 2m DNA samples to be extended to everyone in the country. " This would apparently help the police to prevent crime and solve crimes more easily.
The national ID card proposal fails security expert Bruce Schneier's 5 step test at the first hurdle:
1. What problem(s) does the proposed solution - in this case a national identity card - solve?
2. How well does it solve it (or them) and how can it fail?
3. What other problems does the solution create?
4. How much does it cost?
5. Is it worth it, given the answers to the first four questions?
What about step 1 then? Well the proponents in government are keen to suggest it solves everything from immigration to terrorism and includes identity fraud, benefit fraud, illegal working, unauthorised access to health care, as some of the bonuses along the way. The ID card appears really to be David's Blunkett's Grand Plan, (in the mould of the BBC's fictional "Yes Prime Minister" Jim Hacker's Grand Design) to be used as a plaform to challenge for the leadership when Blair eventually steps down. In reality, it's a massive expensive, intrusive solution looking for a problem; and the list of problems it is claimed that it will solve grows progressively.
So in answer to Schneier's first question, we don't really know what problem it is supposed to solve. But it's a great platform to bring out a "vocal minority" who can be appropriately demonised in the mass media. (Of the 7000 or so people who responded to the government's exercise on the "entitlement card", about 6000 were against it - but the proponents in government still regularly say that a majority of those who responded to the exercise supported the idea, by a factor of 2 to 1).
How well does it work? Leaving aside the fact that we don't know what problem it will solve, the focus of supporters appears to be on the idea that it can't fail because it will be embedded with biometric information. But somebody should paint this in big bold print at the head of Mr Blunkett's grand plan -
Biometric information may be unique but it is not secret.
We leave bit's of dead skin and hair and our fingerprints on lots of things. Senior political figures have photos taken every day. Will some of those be of suffient quality to give iris scan details? Card's containing people's biometric information can therefore be forged and since there will be a be incentive for organised crime to forge these cards - due to the widely held belief that they can't be forged and the range of services they will provide access to - they are likely to be forged on a large scale.
What other problems does the 'solution' create - see above for starters.
How much? An absolute fortune - in the billions of pounds.
Is it worth it? Er, that's a tough one but on balance I'd say no.
And I'm not even a security specialist. Someone like Schneier could really poke holes in the proposal.
The Telegraph is painting it as the tortises versus the hares, with Blunkett and Blair and co. being the hares. Brown and Prescot are the alleged cautious tortises. Let's hope this one works out like the fable.
The Telegraph is also complaining about the new directory enquiries services in the UK. "Some of the new directory inquiries services were accused of operating a
"stalkers' charter" last night after providing phone numbers for people's
homes without being given the residents' names."
Former Environment minister, Michael Meacher, is painting the war of terrorism as bogus and suggesting "The 9/11 attacks gave the US an ideal pretext to use force to secure its global domination" He's also scathingly critical of the UK support for the US in this context,
"The conclusion of all this analysis must surely be that the
"global war on terrorism" has the hallmarks of a political myth
propagated to pave the way for a wholly different agenda - the
US goal of world hegemony, built around securing by force
command over the oil supplies required to drive the whole
project. Is collusion in this myth and junior participation in this
project really a proper aspiration for British foreign policy? If
there was ever need to justify a more objective British stance,
driven by our own independent goals, this whole depressing
saga surely provides all the evidence needed for a radical
change of course."
Whilst David Blunkett ponders his national identity card, senior police officers, according to the Guardian, are to "call this week for the database of 2m DNA samples to be extended to everyone in the country. " This would apparently help the police to prevent crime and solve crimes more easily.
Friday, September 05, 2003
Fox outfoxed? From Fox News - "Judge Rejects Fox News' Request for Injunction on Franken Book." A 'fair and balanced' Fox News report on the judge's decision to throw out their case. Author Franken and publishers Penguin are pretty pleased with the publicity.
The BBC are planning to open their archive to the public. "Greg Dyke, director general of the BBC, has announced plans to give the public full access to all the corporation's programme archives."
"The service, the BBC Creative Archive,
would be free and available to
everyone, as long as they were not
intending to use the material for
commercial purposes, Mr Dyke added."
"Open-source software maker MontaVista Software is advising customers not to pay any money to The SCO Group" The SCO website has been brought down be a denial of service attack. This is completely counter productive to the aims of the open source community and will only provide ammunition to people who want to discredit them. Eric Raymond put it pretty well: "We're the good guys. But that doesn't matter if we aren't *seen* to be the good guys. We cannot fight our war using vandalism and trespass and the suppression of speech, or SCO will paint us as crackers and maybe win."
"New DVD-copying tools to hit shelves"
Towards the end of August the California Supreme court ruled in favour of the DVD Content Control Association in their case against Andrew Bunner for posting DeCSS code on the Net. Essentially they said that requiring Bunner to respect the DVDCCA's trade secret was not an interference with his right to free speech under the first amendment. The decision has been going back and forth on this as it has worked its way through the courts. Just one, relatively old, question: how is CSS now a trade secret when DeCSS has been so widely distributed? That, at least, remains to be seen, as the Supreme Court has sent the case back to the lower appeal court to determine if Bunner has violated any trade secrets. Cindy Cohen of the EFF (who are supporting Bunner) seems confident of the outcome on that: “The appeals court can now examine the movie industry's fiction that DeCSS is still a secret and that a publication ban is necessary to keep the information secret". Having reflected on the detail of the decision the EFF and the First Amendment Project are even spinning it in a very positive fashion.
The UK government are proposing to set up a database on children, including a listing of their potential criminality. Odd that the usual suspects in the media have not rallied against it. As Ian Brown of Foundation for Information Policy Research says, "Imagine if the government proposed creating a database of "potential troublemakers" that covered 10% of the adult population, based upon the opinions of doctors, social workers or policemen..."
Off topic but Escaped murderers refused return
"When a Hopkins computer scientist declared a new breed of electronic voting machinery to be junk, he cracked open a wide and costly debate."
CAPPS Navigates Unfriendly Skies
Bill Clinton's former privacy czar, Peter Swire, is concerned at the privacy implications of the RIAA's campaign to target individual file sharers. Greplaw have and interview with Glenn Peterson who is representing the woman fighting to keep her identity a secret from the RIAA.
"However, the music industry is pursuing music piracy with strong
arm tactics and subpoena powers that far exceed those available
against violent criminals. It is astounding to me that the law bends
over backward to safeguard the constitutional rights of accused
criminals and then completely ignores the same rights of teenage
kids sharing music in an environment they have every reason to
believe is legal. It is important for me to stress that we do not
condone music piracy or copyright infringement. What we want
to do is clarify what qualifies as music piracy and further to
ensure that the so-called accused pirates have the same minimal
constitutional rights that we afford to those accused of doing
much more serious and harmful things than sharing music...
Arguably the most dangerous consequence, the
subpoena power can be put in the hands of anyone willing to
pretend to have a copyright claim. Without a judge's review,
these fraudulent requests are easily passed of as legitimate
ones, passing under only the minimum, ministerial scrutiny
of a court clerk with a rubber stamp. The potential abuser
categories are limitless, and include everything from
annoying marketers to swindlers, child abductors,
blackmailers, and terrorists."
The RIAA are not giving up on Peterson's client (Nycfashiongirl) or on MIT. They've sent a second subpoena filed in the local jurisdiction of Massachusetts, to get the alleged file sharer on the MIT network identified. Looks like the RIAA and the movie studios are gaining some allies in their fight with Streamcast and Grokster too, with amicus briefs coming from Harvard and NYU professors as well as expected sources such as "copyright holders ranging from Major League Baseball to the Screen Actors Guild. "
The Conservative Party in the UK, the remains of Margaret Thatcher's tories, actually want to shut down the BBC website, according to a report in the Guardian. I won't comment to avoid being impolite.
A group of economists are critical of the proposed Directive on the Patentability of
Computer-Implemented Inventions.
SCO deny they have any plans to sue commercial linux users.
David Blunkett is determined to press ahead with his national identity card in spite of Blair backing awaying from it. He's planning a test run later in the year in a 'small market town'. Cryptome have a copy of a WSJ article on A New Battleground In Web Privacy War: Ads That Can Snoop
Naomi Klein has taken a poke at the international franchise that is the War on Terror.
From The Register Want to visit Britain? Join the fingerprint queue
The MPAA are going after the 321 Studios folk in the UK alledging breach of the Copyright Designs and Patents Act of 1988.
Sharman Networks which owns Kazaa have complained to Google about copyright infringement. In response Google pulled the links to the KAzaa imitator complained of, for fear of the DMCA falling on their heads.
Protests on the EU sofware patent issue have delayed the vote in the European Parliament under later this month.
Freenet creator Ian Clarke has decided to leave the US partly due to the restrictive intellectual property laws.
The BBC are planning to open their archive to the public. "Greg Dyke, director general of the BBC, has announced plans to give the public full access to all the corporation's programme archives."
"The service, the BBC Creative Archive,
would be free and available to
everyone, as long as they were not
intending to use the material for
commercial purposes, Mr Dyke added."
"Open-source software maker MontaVista Software is advising customers not to pay any money to The SCO Group" The SCO website has been brought down be a denial of service attack. This is completely counter productive to the aims of the open source community and will only provide ammunition to people who want to discredit them. Eric Raymond put it pretty well: "We're the good guys. But that doesn't matter if we aren't *seen* to be the good guys. We cannot fight our war using vandalism and trespass and the suppression of speech, or SCO will paint us as crackers and maybe win."
"New DVD-copying tools to hit shelves"
Towards the end of August the California Supreme court ruled in favour of the DVD Content Control Association in their case against Andrew Bunner for posting DeCSS code on the Net. Essentially they said that requiring Bunner to respect the DVDCCA's trade secret was not an interference with his right to free speech under the first amendment. The decision has been going back and forth on this as it has worked its way through the courts. Just one, relatively old, question: how is CSS now a trade secret when DeCSS has been so widely distributed? That, at least, remains to be seen, as the Supreme Court has sent the case back to the lower appeal court to determine if Bunner has violated any trade secrets. Cindy Cohen of the EFF (who are supporting Bunner) seems confident of the outcome on that: “The appeals court can now examine the movie industry's fiction that DeCSS is still a secret and that a publication ban is necessary to keep the information secret". Having reflected on the detail of the decision the EFF and the First Amendment Project are even spinning it in a very positive fashion.
The UK government are proposing to set up a database on children, including a listing of their potential criminality. Odd that the usual suspects in the media have not rallied against it. As Ian Brown of Foundation for Information Policy Research says, "Imagine if the government proposed creating a database of "potential troublemakers" that covered 10% of the adult population, based upon the opinions of doctors, social workers or policemen..."
Off topic but Escaped murderers refused return
"When a Hopkins computer scientist declared a new breed of electronic voting machinery to be junk, he cracked open a wide and costly debate."
CAPPS Navigates Unfriendly Skies
Bill Clinton's former privacy czar, Peter Swire, is concerned at the privacy implications of the RIAA's campaign to target individual file sharers. Greplaw have and interview with Glenn Peterson who is representing the woman fighting to keep her identity a secret from the RIAA.
"However, the music industry is pursuing music piracy with strong
arm tactics and subpoena powers that far exceed those available
against violent criminals. It is astounding to me that the law bends
over backward to safeguard the constitutional rights of accused
criminals and then completely ignores the same rights of teenage
kids sharing music in an environment they have every reason to
believe is legal. It is important for me to stress that we do not
condone music piracy or copyright infringement. What we want
to do is clarify what qualifies as music piracy and further to
ensure that the so-called accused pirates have the same minimal
constitutional rights that we afford to those accused of doing
much more serious and harmful things than sharing music...
Arguably the most dangerous consequence, the
subpoena power can be put in the hands of anyone willing to
pretend to have a copyright claim. Without a judge's review,
these fraudulent requests are easily passed of as legitimate
ones, passing under only the minimum, ministerial scrutiny
of a court clerk with a rubber stamp. The potential abuser
categories are limitless, and include everything from
annoying marketers to swindlers, child abductors,
blackmailers, and terrorists."
The RIAA are not giving up on Peterson's client (Nycfashiongirl) or on MIT. They've sent a second subpoena filed in the local jurisdiction of Massachusetts, to get the alleged file sharer on the MIT network identified. Looks like the RIAA and the movie studios are gaining some allies in their fight with Streamcast and Grokster too, with amicus briefs coming from Harvard and NYU professors as well as expected sources such as "copyright holders ranging from Major League Baseball to the Screen Actors Guild. "
The Conservative Party in the UK, the remains of Margaret Thatcher's tories, actually want to shut down the BBC website, according to a report in the Guardian. I won't comment to avoid being impolite.
A group of economists are critical of the proposed Directive on the Patentability of
Computer-Implemented Inventions.
SCO deny they have any plans to sue commercial linux users.
David Blunkett is determined to press ahead with his national identity card in spite of Blair backing awaying from it. He's planning a test run later in the year in a 'small market town'. Cryptome have a copy of a WSJ article on A New Battleground In Web Privacy War: Ads That Can Snoop
Naomi Klein has taken a poke at the international franchise that is the War on Terror.
From The Register Want to visit Britain? Join the fingerprint queue
The MPAA are going after the 321 Studios folk in the UK alledging breach of the Copyright Designs and Patents Act of 1988.
Sharman Networks which owns Kazaa have complained to Google about copyright infringement. In response Google pulled the links to the KAzaa imitator complained of, for fear of the DMCA falling on their heads.
Protests on the EU sofware patent issue have delayed the vote in the European Parliament under later this month.
Freenet creator Ian Clarke has decided to leave the US partly due to the restrictive intellectual property laws.
Tuesday, September 02, 2003
I'm way behind with everything, for which I apologise, but some of the following from the past couple of weeks may be of some interest.
"But as technology in general, and the Internet in particular, drives deeper into the fabric of daily life, battles also rage behind the scenes. They are struggles for control over how the Internet should work, over who sets the rules for its pipes and gateways and who owns the material that moves through them. These are the wars fought with armies of corporate lobbyists, technologists and citizen activists but largely ignored by the general public. And none is larger, or carries higher financial stakes, than the issue with the eye-glazing name of intellectual property." Said the Washington Post on 21st August (when I was away) in an article about the lobbying to kill a proposed meeting on open source development to be hosted by the World Intellectual Property Organisation.
Dave Farber's interesting people list has more information on WIPO backing away from this meeting.
The city of Tampa (having finally won the Superbowl for the first time earlier this year) are dropping a face recognition system after a two year trial during which nobody was positively identified.
I see the Linux community are less than impressed with SCO's - so far - publicly presented evidence of intellectual property infringement. The examples are apparently code from the 1970's which is covered by a BSD licence which allows sharing of code. You've got to say this is a nice example of open and collaborative development in action - like the linux folk 'Dear SCO, I wouldn't use this code as the foundation of your case as you are likely to get laughed out of court' At least they've had the opportunity to try out some their evidence before using it in anger.
SCO's lawyer, at least, seems grateful for the tip: "Let's say you have a hundred files, and you put one of your hundred files under the GPL (GNU General Public License). That doesn't mean you've lost the rights to your other 99 files," Heise said. "So I don't think it's going to have an impact."
Tescos have ended their trial with the RFID chips linked to hidden cameras at their Cambridge store.
Somebody thinks that John Ashcroft's road show to promote the PATRIOT Act is funny.
File swapper fights RIAA subpoena. And the RIAA's tactics may be having an impact on file swapping with the volume being reduced since they decided to target individuals.
The RIAA and MPAA are, not surprisingly, appealing the April decision in favour of Grokster and Streamcast, where the judge declared that the p2p file sharing technologies were not illegal and were, in fact, analagous to home video recorders.
If this report is to be believed, SCO are taking a leaf out of the RIAA's book and going after individual linux users. The chances are that they are still talking about companies with deep pockets rather than individuals.
"But as technology in general, and the Internet in particular, drives deeper into the fabric of daily life, battles also rage behind the scenes. They are struggles for control over how the Internet should work, over who sets the rules for its pipes and gateways and who owns the material that moves through them. These are the wars fought with armies of corporate lobbyists, technologists and citizen activists but largely ignored by the general public. And none is larger, or carries higher financial stakes, than the issue with the eye-glazing name of intellectual property." Said the Washington Post on 21st August (when I was away) in an article about the lobbying to kill a proposed meeting on open source development to be hosted by the World Intellectual Property Organisation.
Dave Farber's interesting people list has more information on WIPO backing away from this meeting.
The city of Tampa (having finally won the Superbowl for the first time earlier this year) are dropping a face recognition system after a two year trial during which nobody was positively identified.
I see the Linux community are less than impressed with SCO's - so far - publicly presented evidence of intellectual property infringement. The examples are apparently code from the 1970's which is covered by a BSD licence which allows sharing of code. You've got to say this is a nice example of open and collaborative development in action - like the linux folk 'Dear SCO, I wouldn't use this code as the foundation of your case as you are likely to get laughed out of court' At least they've had the opportunity to try out some their evidence before using it in anger.
SCO's lawyer, at least, seems grateful for the tip: "Let's say you have a hundred files, and you put one of your hundred files under the GPL (GNU General Public License). That doesn't mean you've lost the rights to your other 99 files," Heise said. "So I don't think it's going to have an impact."
Tescos have ended their trial with the RFID chips linked to hidden cameras at their Cambridge store.
Somebody thinks that John Ashcroft's road show to promote the PATRIOT Act is funny.
File swapper fights RIAA subpoena. And the RIAA's tactics may be having an impact on file swapping with the volume being reduced since they decided to target individuals.
The RIAA and MPAA are, not surprisingly, appealing the April decision in favour of Grokster and Streamcast, where the judge declared that the p2p file sharing technologies were not illegal and were, in fact, analagous to home video recorders.
If this report is to be believed, SCO are taking a leaf out of the RIAA's book and going after individual linux users. The chances are that they are still talking about companies with deep pockets rather than individuals.
Subscribe to:
Posts (Atom)