Keeping politicians' hands off the Net & everything else related to technology
Via TechDirt comes news that a California DJ confirms that he, too, has been “hacking” the gov’s site. As Joe says, the real scandal is why the governor’s office hired such incompetent administrators. What other confidential government documents are they making available to the world?
Diebold is not happy with Prof. Felten’s paper:
The marketing director for the machine’s maker – Diebold Inc.’s Diebold Election Systems of Allen, Texas – blasted the report, saying Felten ignored newer software and security measures that prevent such hacking. “I’m concerned by the fact we weren’t contacted to educate these people on where our current technology stands,” Mark Radke said.
This is pretty rich coming from a company that fiercely resists independent inspections of their machines. I rather doubt Prof. Felten deliberately chose an old version of Diebold’s software to make them look bad. In fact, I would be shocked if Diebold were willing to lend Prof. Felten a newer version of their voting machine so he could verify their claims that the security problems have been fixed.
Assistant Attorney General Thomas O. Barnett gave a rather odd history of the iTunes Store at a speech at George Mason University yesterday:
Apple’s iTunes music service has (for the moment) solved a problem that some observers, less than five years ago, predicted might never be solved: how to create a consumer-friendly, yet legal and profitable, system for downloading music and other entertainment from the Internet. It is instructive to review the history of the problem. The technical capability to offer digital music over the Internet has existed at least since the early 1990s; nevertheless, digital music first moved online in a significant way only in 1999 with the launch of the Napster centralized file-sharing service. There were major flaws with the early attempts to offer downloadable music: Napster and Grokster were based principally on piracy, while recording industry efforts such as MusicNet and pressplay never achieved wide use and, in addition, were attacked as risking a recording industry monopoly over not just the songs, but technological development as well. While it battled the music pirates, the music industry suffered huge losses, including a 25 percent drop in sales from 2001 to 2002, which could be measured in the billions of dollars. Reviewing that bleak picture, the head of the Recording Industry Association of America said in 2002, “I wish I could tell you that there is a silver bullet that could resolve this very serious problem. There is not.”
Today Ed Felten released a provacative new paper about Diebold’s AccuVote-TS voting machines. According to the paper, 33,000 of these machines will be used in this fall’s elections. He argues that the machines are fatally flawed, and that election materials need to take emergency measures to ensure the integrity of the elections.
Regular readers of TLF won’t be surprised to learn that I found the paper persuasive. But even though I read the paper expecting to agree with it, I was still surprised at just how poorly designed Diebold’s machines are.
Under the hood, the Diebold machines are glorified PDAs running Microsoft’s Windows CE software. Diebold simply took off-the-shelf computer components, build a more or less ordinary computer, and then wrote software that would perform the vote-counting functions.
The problem is that they took hardly any precautions at all to prevent someone from replacing that software. And because it’s what computer scientists call a general-purpose computer, the replacement software can be programmed to do virtually anything you can imagine. You could install software on your Diebold machine to play Tetris, balance your checkbook, or display a screen saver. Or, as Felten and his grad students demonstrated, you could install software to rig elections.
Assuming that Declan’s explanation for how the Angelides campaign got the Schwarzenegger audio is right (and it’s consistent with everything I’ve seen on the subject), the media coverage of the story is incredibly lazy. Whether the Angelides campaign’s actions constitute “hacking” or not is not a complicated question. The way to answer it would be to get a precise description of what they did from the two campaigns (the Schwarzenegger campaign says they have logs of the access, so they should be able to answer specific questions about it), and then to ask a computer expert whether that specific sequence of actions constitutes hacking.
Yet not one of those stories features a quote from a computer science professor, a webmaster, or anyone else with technical expertise in administering web sites. Each and every reporter takes an agnostic stance, as if it’s a complex and difficult question that will take days of painstaking research to answer. It seems to me that this does their readers a disservice.
Presumably, the idea here is that a “balanced” story is one that faithfully reports the opinions of each side, without passing judgment on either side’s position. This is appropriate in cases where the statements in question are matters of opinion. But a good journalist should do some independent research to verify assertions that are matters of fact. If candidate Smith says the sky is blue, and candidate Jones says it’s green, the good reporter looks up at the sky and reports on what color it looks like to him, he doesn’t pretend that the color of the sky is a matter of opinion.
So I’m reading this New York Time editorial and at first, everything seems pretty sensible:
In a directive whose logic is not always apparent, the Transportation Security Administration has spelled out what airline passengers can carry on board with them, what must be placed in checked luggage, and what can’t go on the plane at all. Knives must be checked but knitting needles and corkscrews are allowed in the cabin. Up to four ounces of eye drops can be carried aboard, with fingers crossed that multiple terrorists won’t combine their allotments to exceed the limit. Laptops, digital cameras, mobile phones and other electronic devices are permitted, so never mind any warnings you’ve heard that they could be used to trigger a bomb. The bomb ingredients themselves, notably liquid explosives, will be kept out of the cabin by a ban on liquids, gels and lotions, except for small amounts of baby formula and medications.
Perhaps the Times will be a voice of reason in an hysterical debate, pointing out the absurdity of trying to ban everything that might conceivably be dangerous?
Not a chance.
When I saw this story from the San Jose Mercury News, I was irritated by its vagueness. The campaign of Phil Angelides, the Democratic campaign for governor of California, “admits downloading” a “tape” of Gov. Arnold making a racist comment. There’s an extensive back and forth between the two campaigns about whether the downloading was ethical or not, but not specific details about what actually happened.
Fortunately, Declan McCullagh is on the case:
The controversy may center on the design of the Web server called speeches.gov.ca.gov. The California government used it to post MP3 files of Schwarzenegger’s speeches in a directory structure that looked like “http://speeches.gov.ca.gov/dir/06-21.htm.htm”. (That Web page is now offline, but saved in Google’s cache.) A source close to Angelides told CNET News.com on Tuesday that it was possible to “chop” off the Web links and visit the higher-level “http://speeches.gov.ca.gov/dir/” directory, which had the controversial audio recording publicly viewable. No password was needed, the source said.
If Declan is right, then this isn’t a hard issue.
I would say this month’s movie store battle came out a draw. iTunes movie prices range from $9.99 for older selections to $14.99 for new releases after the first week (for reasons that aren’t clear to me, you save $2 if you buy movies the first week they’re released). People use the familiar iTunes interface and can play the movies on their iPods. And early next year, Apple will be releasing a $299 product code-named iTV, a set top box that nicely solves the “last foot” problem by streaming movies wirelessly to your TV.
The big downside, though, is that Jobs apparently only succeeded in getting \ one of the big Hollywood studios, Disney, to sign onto the service at launch. Perhaps his seat on Disney’s board made the negotiating process easier. So as Ars noted last week, the studios have split. If you want Disney movies, you’ve gotta sign up with iTunes. If you want anybody else’s movies, you’ve gotta sign up with Amazon.
Hopefuly this situation won’t continue. It would be awfully irritating if you had to buy iTV to watch your iTunes/Disney movie, and some other device to stream your Amazon Unbox movies to your TV.
Update: It’s worth noting that nothing was said about DVD burning, which presumably means it’s not going to be allowed. So your options will be to watch the video on your tiny iPod screen or shell out $299 for iTV.
Update 2: Commenters are pointing out several other ways you can get view content: on your computer screen, or using an A/V cable to hook your iPod up to your TV. Both excellent points.
Randy Picker has a great dissection of the Unbox licensing agreement. He finds three notable (mis)features: first, the software reserves to right to phone home to look for software updates and enforce the terms of the DRM software. Second, if you uninstall the software, Amazon reserves the right to delete all of your purchased movies and terminate your right to watch them. And finally, Amazon reserves the right to change your rights under the EULA unilaterally.
As Prof. Picker notes, these terms are not likely to be a big hit with consumers:
I suspect my tone sounds a tad hostile but I don’t really mean it that way. For better or worse, this is exactly the design we should anticipate with digital rights management software and therein lies the central market conundrum for DRM. Indeed, I am surprised that folks are surprised by the design. It may be sensible for the law to validate DRM as it does in the Digital Millennium Copyright Act, as I have argued before, but that is a far cry from saying the consumers will embrace it. The law should facilitate sales of purple shirts with pink and yellow polka dots, but no one should buy them. Given that Amazon intends to support both online sales and rentals, it either needs to implement built-in expiration or some sort of phoning home to the mothership. The rental structure contemplates a 24-hour window in which to watch the download and a 30 day period in which to start watching.
I’m surprised that he’s surprised that people are surprised. (Sorry, I couldn’t help myself) I’ll explain why below the fold.
Patricia Dunn, the chairman of HP’s board, is resigning. The news comes jut a couple of weeks after the public learned that she had used an illegal technique called “pretexting” to obtain the phone records of her fellow board members and nearly a dozen journalists.
So when a corporate executive illegally obtains the phone records of 2 dozen people in order to spy on them, she’s forced to resign in a matter of weeks. On the other hand, when a high-ranking government official does the same thing to as many as 200 million people, he gets a promotion. What’s wrong with this picture?
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.
