Dec 06, 2000

FBI Hacks Alleged Mobster
Surveillance and Privacy from Government
12/6/2000; 3:25:47 PM

'But when the feds learned of Scarfo's security measures, they decided to do something that would bypass even the best encryption software: FBI agents sneaked into Scarfo's office in Belleville, New Jersey, on May 10, 1999, and installed a keyboard-sniffing device to record his password when he typed it in.

'A seven-page court order authorized the FBI and cooperating local police to break into Scarfo's first-floor "Merchant Services of Essex County" office as many times as necessary to deploy, maintain, and then remove "recovery methods which will capture the necessary key-related information and encrypted files."'

This sort of thing will have to happen eventually. The questions is, was due process followed? Can the judge give this sort of permission? Did the judge just do a knee-jerk without really understanding the technical implications?

'EPIC's Sobel suggested that Haneke did not, under federal law, have the authority to grant such an order. "The interesting issue is that they in those (court) documents specifically disclaim any reliance on the wiretap statute," Sobel says. "If they're on record saying this isn't communications -- and it isn't -- then that extraordinary authority they have under the wiretap laws does not apply."'

This is probably correct. Legally speaking, computers don't exist. Communication occurs between people. (This is an odd case where the lawyers are more right about something then many technical people, who forget that you can't really communicate with a computer.) By tapping the line between a user and the computer, the FBI will get a lot more then just communication with other humans.  Saying they wanted the password is a really borderline case; they may need it to decrypt other communications, but does that mean that that is "communication"? A balanced answer to this will need to emerge, and it's a pity we can't expect one of those anytime soon...

Dec 06, 2000

Privacy Fears are Not Paranoia
Privacy from Companies
12/6/2000; 3:20:27 PM

'A 20-year-old woman stalked through the Internet and killed. Thousands of e-commerce customers watching as their credit card numbers are sold online for $1 apiece. Internet chat rooms where identities are bought, sold and traded like options on the Chicago Board of Trade. These are the horror stories dredged up by privacy advocates who say the Net’s threat to personal privacy can’t be dismissed as mere paranoia. And, they say, we’ve only seen the tip of the iceberg.'

Compare and contrast this with the previous story.

Dec 06, 2000

Fending Off the Pay-Per-View Society
General IP Issues
12/6/2000; 1:05:37 PM

'It is disconcerting, of course, to be told that our society might be passing up a chance at a digital heaven and opting instead for hell. The warnings are all the more alarming when they come from people like Moglen, who understand digital networks so much more profoundly than the rest of us do.

'But there is reason to be circumspect about their predictions. As Moglen himself volunteers, he has been ''on the wrong side of history'' before. In 1979 he wrote a paper criticizing the early Macintosh experiments with using a mouse, which he referred to as the '''caveman interface'. You point and you grunt,'' he says. ''My notion was that computers were a different kind of intelligence, and that human beings had much to gain from learning how to converse with [them] in ways that would be more sophisticated, not less.''

'What yesterday's hostility to the mouse shares with today's hostility to the encrypted world is a defiantly anti-commercial, utopian vision. For Moglen, the copyright issues spawned by the digital revolution are just the prelude to a greater revolution. ''People are beginning to grasp that a networked society might well be organized in other ways,'' says Moglen.'

Two comments:

1. The reason that the extreme scenarios and predictions have never played out is because there were people who believed enough in the possibility to fight it before it happened. Certainly there is enough evidence that if you give a group of humans the power to completely control another, they will. The dystopia won't happen because a lot of people are fighting it. Just as we are not surprised by self-fulfilling prophecies and do not consider them "an amazing prediction of the future", which should not disregard sulf-negating prophecies just because they never seem to come true.

2. I appreciate the words of caution. However, I'm not sure I can agree with his logic. The implicit logic is like this:

  1. Dystopian and utopian predictions have occurred in the past.
  2. None of them have come true.
  3. The present isn't that different from the past.
  4. Therefore, it is likely that neither of these predictions will come true.

The logic is frequently correct, but in this case, I challenge statement three.

I think there is good reason to believe that this particular issue will be different. Usually, the 'forces' on society tend towards the center; if the industrialists get too strong and abuse their power, unions form.  If the workers get too strong and abuse their power, companies start going out of business when competing with worker groups that don't insist on so many 'rights'. The middle ground position, where each side compromises with the other, is the most stable.

In the digital arena, though, they tend towards the outside. If you can copy a file, you can copy it, whether it's copyrighted or not. If you can't copy a file, again, it doesn't matter if it's copyrighted.  Unlike most social situations, by far the most unstable position to take is the middle-of-the-road position. Allowing somebody to only copy a file if they have permission is a difficult problem that still has no known adequate solution; and by the nature of digital networks and communication with people, any flaw in the system will be exploited to the fullest. One of the biggest problems with any digital rights management systems (which will be vital if we're going to take a middle-of-the-road solution) is the attack where you change the rights on a file to "full permissions to everybody". Once you've done that, you can ship that file around in any way you want.

A central position in these debates is a remarkably difficult one, technologically, economically, and ethically. Given the unusual nature of this topic matter, we might not want to wait for the Powers that Be to decide that the easiest solution is to simply head straight for the dystopia.

(One final bonus comment: I would not say that Moglen's predictions about interface have failed to come true... indeed, leading usability experts are returning to the complaint that mouse interfaces are point-and-grunt, and trying to design interfaces where people have a bigger "vocabulary" to interact with the computer, such as by using "gestures" that can mean things, rather then "click", which only ever has one meaning. Also, compare what you can do to a GUI and a well-crafted command line, and the command line wins hands down.)

Dec 05, 2000

Council of Europe drops plans to ban hacking tools
Hacking & Cracking
12/5/2000; 1:19:25 PM

'The Council of Europe has scrapped controversial plans to ban the use of "hacking" tools by IT professionals, after industry groups successfully persuaded it that the proposals were unworkable.

'Original proposals by the council would have made it illegal to distribute tools or discuss techniques that look for weaknesses in the security of systems, for example software used to scan the perimeter of networks for security vulnerabilities. This provoked fierce opposition because it would ban tools used in security audits as well as those used by hackers.'

"Hacking tools" is a misnomer anyhow. There are tools that can be used for hacking, but they have other, better uses. They've saved my bacon before, showing me that I had left vulnerabilities open that I thought I had taken care of.

The tools they were talking about banning were vital tools of the trade for networking professionals. It'd be like banning crowbars because they can be used to pry open doors illegally. Do we call a crowar an "Illegal Entry" tool? (Then again, with the disturbing predilection governments are showing towards control at all costs, maybe we soon will. Thank God for the Supreme Court.)

Dec 04, 2000

ETP's First Anniversary - Let's Look At The Community
Internet/Weblog Culture
12/4/2000; 9:45:14 PM

It's EditThisPage's first anniversary today, which is to say that this community has been running for a year now, give or take a bit. You start taking things for granted after a while, but take today and look around the community we've got!

I made some bold statements in my essay Weblog Communities, but looking around today, I feel vindicated, at least for the first year. ETP/ (to draw the line loosely) is a community of at least hundreds of active members. I've been part of online communities this size, like Slashdot. But look around:

Where's the fueds? You can't have a community that size without fueds, spats, and fights... they don't seem to be here. (If they are, they're hidden well, and that's just as good.) There's a lot of respect around here. It doesn't feel massive... but if you stop to think about it, ETP/ is pretty big. I daresay we're approaching real-world village size, gargantuan for an on-line community, and we're still going strong!

And we're functioning more like a real community then any online community I've ever heard of. I don't know everybody, just my "neighbors" (which I've selected by creating positive links to them, and having them reciprocated). I'm not forcibly exposed to everybody or nobody's viewpoints, just like in real life where if I don't like what you say, I can just keep walking. The list of people everybody knows is short; Mayor Dave Winer () is about the only person I figure everybody has certainly heard of.

Links to other weblogs are proliferating... I'm sure you can establish a correlation between how many links there are to other weblogs and age of the weblog. (This site's somewhat deceptive since I use the site to only show recently changed sites... I think I have around 30 links total.)

Things are going remarkably well around here... if this keeps up, this community will be one for the record books and endless scholarly dissertations. Here's to another year like it!

<- Future Posts Past Posts ->


Site Links


All Posts