October 2006

Ars on the WIPO Broadcast Treaty

by on October 31, 2006

Ars has an in-depth write-up of the Broadcast Treaty now wending its way through WIPO. Their conclusion:

The most consistent criticism of the treaty is much broader than any of these specific worries. It’s a simple question: “why do we need this treaty at all?”

As the CDT puts it, “proponents of the treaty have largely failed to articulate why such a treaty is necessary.” Most broadcasters make the case that they need protection from signal theft, but the rights found in the treaty often go far beyond preventing pirates from ripping off a signal. Intel argued back in April that “the treaty should be abandoned,” and many nongovernmental organizations feel the same way.

On September 5, 2006, a group of technology and civil liberties groups (that included Verizon, Intel, and HP) banded together to sign an open letter on the treaty. “We remain unconvinced that a treaty is necessary at all.,” they said. “We note with concern that treaty proponents have not clearly identified the particular problems that the treaty would ostensibly solve, and we question whether there are in fact significant problems that are not addressed adequately under existing law.”

iCraveTV was mentioned earlier as an example of the problems that broadcasters wanted to address, but it’s noteworthy that the case was resolved without any of these new rights, and that such cases are infrequent in developed countries, where existing law is generally sufficient to address them.

Sounds about right to me. And as the article explains, this is a rare battle where the good guys seem to be winning.

Kahn on ‘Net Neutrality

by on October 31, 2006 · 2 comments

Venerated deregulator Alfred Kahn weighs in on “‘net neutrality” – the proposal to have Congress and the Federal Communications Commission decide the terms on which ISPs could provide service, and whom they could charge for what. Net neutrality regulation is advanced primarily by the political left. Here’s Kahn on his bona fides:

I consider myself a good liberal Democrat. I played a leading role under President Carter in the deregulation of the airlines (as Chairman of the Civil Aeronautics Board) and trucking (as Advisor to the President on Inflation), against the almost unanimous opposition of the major airlines and trucking companies and–let’s be frank about it–their strongest unions. Among our strongest allies were Senator Ted Kennedy, Stephen (now Supreme Court Justice) Breyer, and such organizations as Common Cause, Public Citizen, the Consumer Federation of America and Southwest Airlines.

On telecommunications competition:

In telecommunications, cable and telephone companies compete increasingly with one another, and while the two largest wireless companies, Cingular and Verizon, are affiliated with AT&T and Verizon, respectively, some 97 percent of the population has at least a third one competing for their business as well; and Sprint and Intel have recently announced their plan to spend 3 billion dollars on mobile Wi-Max facilities nationwide. Scores of municipalities led by Philadelphia and San Francisco, are building their own Wi-Fi networks. And on the horizon are the electric companies, already beginning to use their ubiquitous power lines to offer broadband–to providers of content, on the one side, and consumers, on the other.

His conclusion: “There is nothing ‘liberal’ about the government rushing in to regulate these wonderfully promising turbulent developments.”

The blogosphere is abuzz with last week’s news that Oracle has decided to re-package Red Hat’s version of Linux and sell support for it at prices substantially lower than Red Hat’s own pricing. Here’s open-source skeptic Nick Carr’s take:

Yesterday, Ellison announced that his company, Oracle, fully intends to eat the fruits of the labor of Red Hat, the leading for-profit supplier of the open-source Linux operating system. Oracle is taking the version of Linux developed by Red Hat and distributing it under its own brand, as “Unbreakable Linux.” And, in a stab at Red Hat’s very heart, Ellison claims that Oracle will substantially undercut the open-source firm’s prices for supporting the software. It seems like a claim that shouldn’t be hard to fulfill. After all, Oracle doesn’t have to pay those labor costs.

Once open source became a business, rather than a movement, the rules changed. Larry Ellison, whos’s nothing if not a non-sentimentalist, understands that, and he doesn’t particularly care what “the community” thinks. His attack on Red Hat would never be called neighborly, but it is, as Business Week’s Steve Hamm puts it, “a ruthless and brilliant act of capitalism.”

It’s also something more. It illuminates a much broader and deeper tension in the digital world, a fault line that runs not only through the software industry but through every industry whose products or services exist, or can exist, as software. The tension is between social production and the profit motive. Volunteer labor means something very different in the context of a community than it does in the context of a business. In the context of a community, it’s an expression of fellowship, of the communal value of sharing. But in the context of a business, as Ellison’s move illustrates, it’s nothing more than a cheap input. Many of the most eloquent advocates of social production would prefer it if this tension didn’t exist. But it does, and it’s important.

I don’t think Carr (or Ellison, for that matter) really understands the relationship between a company like Red Hat and an open source community like the people who develop Linux. I think there are two considerations that these guys are missing, which I’ll discuss below the fold.

Continue reading →

Paper Ballots Don’t Crash

by on October 31, 2006 · 0 comments

Yesterday Ed Felten linked to a Washington Post story about Diebold’s hush-hush recall of 4700 AccuVote-TS voting machines last year. Apparently they had motherboard defects that caused some of them to randomly crash. As Felten explains today, the machines tended to crash at the most inconvenient time possible. He quotes a report on Maryland’s 2004 election:

Election judges and technical staff reported that many of these units froze when the voter pressed the Cast Ballot button. This leads to great confusion for judges and voters. The voter leaves the polling place with little or no confidence that their vote was counted. In many cases, the election judges are unable to provide substantial confirmation that the vote was, in fact, counted.

As Felten explains, this is bad news:

You’d be hard pressed to pick a worse time for a voting machine to crash. The voter has made his selections, confirmed them on the ballot review screen, and now wants them to be recorded. When the Cast Vote button is pressed, the machine reads the intended votes out of its temporary RAM memory and copies them into the official ballot record file, which lives in the machine’s flash memory. If the machine crashes just before the vote is copied, the vote is lost. If it crashes just after the vote is copied, the vote is recorded. It won’t be immediately obvious which case you’re in–hence the confused voters and poll workers.

Obviously, every voting system has problems. But the nice thing about paper ballots is that it’s almost always possible to recover from equipment malfunctions. If there’s doubts about whether an optical-scan or punch-card machine is counting votes correctly, you can run the ballots through another machine or count the votes by hand. Recovering votes from a malfunctioning e-voting machine requires computer forensics skills, and even then it’s a dicey proposition.

Felten’s post makes some other good points about the frightening implications of this kind of bug. Go read the whole thing.

As a single, childless adult I dimly realized some years ago that children’s entertainment had taken a disturbing turn a while back. It had come to incorporate a tremendous amount of “caring and sharing” and safety propaganda, communitarianism distilled into the purest saccharine. Helping and teamwork are well enough, but they are not the only virtues. Indeed, my childless self reasoned, leading the little barbarians to form the expectation that everything was to be shared potentially would lead to disrespect for others’ rights over their stuff. (Some psychology at work: As an only child, I was horrified by the spectacle of other children maltreating my toys).

Continue reading →

We’ve spent a lot of time here on the TLF discussing our reservations about age verification and data retention mandates. We object on many grounds, but privacy and data security concerns are typically at the top of our list.

Government officials or others supporting mandatory data collection / retention always assure us that our personal information will be secure and that it will not fall into the wrong hands. And then something like this happens in Utah and reminds us why we were right to be concerned:

In a jaw-dropping embarrassment, the state of Utah has mistakenly divulged e-mail addresses of kids on its so-called child-protection do-not-e-mail list–a registry proponents claim is foolproof. The gaffe stems from four citations the state issued recently against companies it alleges sent e-mail to children’s addresses on its do-not-e-mail registry promoting alcohol, gambling and pornography.

According to court papers, when Justin Weiss, director of legislative affairs for the E-mail Sender and Provider Coalition, requested copies of the citations from Utah, the state complied but failed to redact the e-mail addresses of the children in the complaints. “I have no personal knowledge of how many other unredacted copies may have been sent out to other individuals that made information requests like mine,” said Weiss in an affidavit.

State officials are reportedly mortified over the incident. “A fair amount of trust has been placed with us and this is not a good thing,” Utah’s Department of Commerce Director Francis Giani reportedly told the Salt Lake Tribune. “I’m sick about it.”

As you should be. But I also hope others heed the lesson here: Despite government assurances to the contrary, government-collected personal information is never perfectly secure. That’s why we must always be vigilant about limiting how much personal information our government can get its hands on. Read Jim Harper’s fine new book, Identity Crisis: How Identification is Overused and Misunderstood, to learn more about these dangers.

Government Doing Too Much

by on October 30, 2006 · 2 comments

CNN is running a story finding that people think government does too much. The gut-level feeling is supported by mind-numbing statistics:

Discretionary spending grew from $649 billion in fiscal year 2001 to $968 billion in fiscal year 2005, an increase of $319 billion, according to the Congressional Budget Office.

With the election just a week away, one of my little projects WashingtonWatch.com is featuring the laws Congress has passed over the last two years. (Usually, the site features pending bills.) Here‘s a write-up of what we’re doing.

Do yourself and your country a favor: Go check it out so you can be a smarter voter next week. Sign up for the e-mail list or RSS feed so you can be a better citizen year ’round.

NYT on Media Ownership

by on October 30, 2006 · 2 comments

New York Times media business reporter Richard Siklos penned an excellent column yesterday entitled “In a Blurry World, Ownership Is Yesterday’s News.” “It is hard to find any public policy question that feels less relevant by the minute than whether one person or company should be permitted to own television stations and newspapers in the same market,” he argued.

That’s because, as I pointed out in my book on media ownership last year, Media Myths: Making the Debate over Media Ownership, there has been an explosion of media competition and diversity that makes this entire debate seem somewhat silly and even bizarre at times. Critics want us to believe that a handful of puppet-masters in New York or Hollywood are pulling all the strings and force-feeding us propaganda. It’s all a bunch of hooey. And even the traditional media sectors where some of the media “barons” have more control of ownership, it really doesn’t amount to a hill of beans. As Siklos points out:

“[W]hat does it say about the appeal of cross-ownership that The [New York] Post has lost money since the News Corporation’s chairman, Rupert Murdoch, acquired it for the second time, in 1993, and that Mr. Murdoch, whose roots are in ink and paper, has otherwise quit the newspaper business in the United States in favor of television, cable channels and the Internet?”

Continue reading →

Party of Death

by on October 29, 2006

I’m in DC and attended Julian’s annual halloween party. This year’s theme was the “The Party of Death,” but although Ramesh Ponuru was invited, he was, alas, not able to make it. You can see pictures here.

I was Waldo. You can also see a snowflake baby and a dead stem cell, two Steve Irwins, and Hugo Chavez high-fiving Mahmoud Ahmadenijad. The most tasteless costume of the evening–the dead Amish girl–appears not to have been captured on film. Which is good, because that would probably prove Ponuru’s point about liberals.

I think it’s really cool how Flickr makes the photos page I linked to above possible. Julian just suggested that everyone tag their photos “partyofdeath,” and a bunch of people who attended the party did so. As a result, we automagically get a single page that displays everyone’s pictures in one place.

I have examined the CAPPS program and the fake boarding pass generator in a longish post over on Cato@Liberty.

At the tail end, I say “The fake boarding pass generator does not create a new security weakness. It reveals an existing one. Though some people may want to, it’s important not to kill the messenger . . . .”

Michael Hampton of the enteraining and insightful HomelandStupidity.us quickly pointed me to the views of Congressman Ed Markey (D-MA), which are reflected in Ryan Singel’s post on 27B Stroke 6: Congressman Ed Markey Wants Security Researcher Arrested.

Update: Do check the post on this topic at HomelandStupidity. Scroll down for a YouTube video send-up of identity-based security.