Mike Masnick has some depressing news:
Within the security community, there’s been a lot of talk about “security theater” when it comes to the airline business. In the last few years, plenty of new security measures have been put in place–but just because we can see or deal with new security measures (dump your liquids, everyone!), does it actually make us any safer. While there’s been a ton of attention paid in the last week to a security researcher who showed just how easy it was for anyone to create their own boarding pass to get past the security check point, a much scarier story is sent in by Damon, who points out for all of the security changes, new technologies and new processes it doesn’t do a damn bit of good if the TSA screeners let people with weapons through the checkpoint. That’s exactly what happened at Newark airport, where a “secret shopper” (or should that be “secret bomber”?) test found that 20 out of 22 weapons got through the security clearing process. Now aren’t you glad that you have to remove your shoes and can’t bring a bottle of water on board any more? If we’re serious about air travel security, then it’s about time that we actually focused on security–not play-acting to make people think that something’s been done.
Let me repeat that:
20 out of 22 weapons got through. That’s more than 90 percent failure.
The fundamental problem here is that the TSA has no particular incentive to make air travel safer. They have to
act like they’re responding to terrorist threats, but as long as they appear to be “doing something,” it doesn’t matter if any of their “security measures” actually accomplish anything. And, not surprisingly, it appears that to a first approximation, they don’t.
Via Software Patent Watch, Slashdot has a review of Ben Klemens’s 2005 book, Math You Can’t Use: Patents, Copyright and Software:
Most of the rest of the book shows how software patents in the real world create problems. He cites interviews with venture capitalists by a University of Texas researcher in which they say that they just expect to be violating patents left and right in the normal course of business. He cites another set of researchers who surveyed technologists in a variety of fields, and found that companies in most fields mostly patent in order to protect their inventions, while computing companies are most likely to patent so they can game the system.
Klemens seems to be downplaying the role of open source in all of this. In Chapter 6, he points out that the U.S. software market is evenly split between software companies (32.6%), consultants (36.4%), and in-house software (31.0%). That is, most software isn’t written by software companies, and some of that not-software-company software is OSS. It’s the decentralization, not the openness, that matters. Patents have never been applied to a decentralized industry before, and they don’t work there because independent invention is not a valid defense against claims of patent infringement, and independent invention is inevitable in such a decentralized industry.
Sounds like a great book. I’ve put it on my Amazon list, and I’ll blog more about it once I get a chance to read it. You can get your copy here.
The Miami Herald is reporting that at least one voter in Florida claims that voting machines registered a vote for a Republican after he attempted to vote for a Democrat:
Debra A. Reed voted with her boss on Wednesday at African-American Research Library and Cultural Center near Fort Lauderdale. Her vote went smoothly, but boss Gary Rudolf called her over to look at what was happening on his machine. He touched the screen for gubernatorial candidate Jim Davis, a Democrat, but the review screen repeatedly registered the Republican, Charlie Crist.
That’s exactly the kind of problem that sends conspiracy theorists into high gear–especially in South Florida, where a history of problems at the polls have made voters particularly skittish. A poll worker then helped Rudolf, but it took three tries to get it right, Reed said.
”I’m shocked because I really want . . . to trust that the issues with irregularities with voting machines have been resolved,” said Reed, a paralegal. “It worries me because the races are so close.”
Broward Supervisor of Elections spokeswoman Mary Cooney said it’s not uncommon for screens on heavily used machines to slip out of sync, making votes register incorrectly. Poll workers are trained to recalibrate them on the spot–essentially, to realign the video screen with the electronics inside. The 15-step process is outlined in the poll-workers manual.
The first time I read that, it sounded like nonsense, but after re-reading it I think I can guess what this is trying to say: my guess is that the touch-sensitive electronics are mis-aligned with the screen, so that the machine registers touches as being offset from their actual location.
For example, suppose that the screen is mis-aligned such that each touch is registered as being one inch above its actual position on the screen. In that case, if the Republican candidate’s button were an inch above the Democratic candidate’s button, pressing the screen in the center of the Democrat’s button would register as a press in the center of the Republican button. To vote for the Democrat, you would have to touch the screen an inch below the Democrat’s button. Voter who weren’t paying attention would accidentally vote for the Republican without noticing.
So it sounds to me like this glitch is entirely benign. But here’s the problem: if such glitches are common, they become a good way to mask real tampering. You could, for example, write a program that simulates this glitch in Republican-heavy precincts, while working correctly in Democrat-controlled precincts. In a close election, that might be enough to tip things in favor of the Democrats, and it would be extremely hard to prove afterwards.
I find it frustrating that advocates of network neutrality regulations are always so vague about what, exactly, they think the telecom companies would do if we preserve the status quo. Here’s the closest that Yochai Benkler has come (as of p. 240) in The Wealth of Networks to describing a specific threat:
As long as [broadband access is] open and neutral among uses, and are relatively cheap, the basic economics of nonmarket production described in part I should not change. Under oligopolistic conditions, however, there is a threat that the network will become too expensive to be neutral as among market and nonmarket production. If the basic upstream network connections, server space, and up-to-date reading and writing utilities become so expensive that one needs to adopt a commercial model to sustain them, then the basic economic characteristic that typifies the network information economy–the relatively large role of nonproprietary, nonmarket production–will have been reversed. However, the risk is not focused solely or even primarily on explicit pricing. One of the primary remaining scarce resources in the networked environment is user time and attention. As chapter 5 explained, owners of communications facilities can extract value from their users in ways that are more subtle than increasing price. In particular, they can make some sites and statements easier to reach and see–more prominently displayed on the screen, faster to load–and sell that relative ease to those who are willing to pay. In that environment, nonmarket sites are systematically disadvantaged irrespective of the quality of their content.
I’ve discussed the issue of blocking or slowing down sites here, so I won’t re-hash that discussion. I think the fear is overblown, but I can at least imagine how such a scheme might work. In contrast, his suggestion that a broadband ISP might make favored content “more prominently displayed on the screen” than non-favored content strikes me as fantastically implausible. I’m having trouble imagining an even halfway plausible scenario in which that might happen.
Continue reading →
Ars has an in-depth write-up of the Broadcast Treaty now wending its way through WIPO. Their conclusion:
The most consistent criticism of the treaty is much broader than any of these specific worries. It’s a simple question: “why do we need this treaty at all?”
As the CDT puts it, “proponents of the treaty have largely failed to articulate why such a treaty is necessary.” Most broadcasters make the case that they need protection from signal theft, but the rights found in the treaty often go far beyond preventing pirates from ripping off a signal. Intel argued back in April that “the treaty should be abandoned,” and many nongovernmental organizations feel the same way.
On September 5, 2006, a group of technology and civil liberties groups (that included Verizon, Intel, and HP) banded together to sign an open letter on the treaty. “We remain unconvinced that a treaty is necessary at all.,” they said. “We note with concern that treaty proponents have not clearly identified the particular problems that the treaty would ostensibly solve, and we question whether there are in fact significant problems that are not addressed adequately under existing law.”
iCraveTV was mentioned earlier as an example of the problems that broadcasters wanted to address, but it’s noteworthy that the case was resolved without any of these new rights, and that such cases are infrequent in developed countries, where existing law is generally sufficient to address them.
Sounds about right to me. And as the article explains, this is a rare battle where the good guys seem to be winning.
The blogosphere is abuzz with last week’s news that Oracle has decided to re-package Red Hat’s version of Linux and sell support for it at prices substantially lower than Red Hat’s own pricing. Here’s open-source skeptic Nick Carr’s take:
Yesterday, Ellison announced that his company, Oracle, fully intends to eat the fruits of the labor of Red Hat, the leading for-profit supplier of the open-source Linux operating system. Oracle is taking the version of Linux developed by Red Hat and distributing it under its own brand, as “Unbreakable Linux.” And, in a stab at Red Hat’s very heart, Ellison claims that Oracle will substantially undercut the open-source firm’s prices for supporting the software. It seems like a claim that shouldn’t be hard to fulfill. After all, Oracle doesn’t have to pay those labor costs.
Once open source became a business, rather than a movement, the rules changed. Larry Ellison, whos’s nothing if not a non-sentimentalist, understands that, and he doesn’t particularly care what “the community” thinks. His attack on Red Hat would never be called neighborly, but it is, as Business Week’s Steve Hamm puts it, “a ruthless and brilliant act of capitalism.”
It’s also something more. It illuminates a much broader and deeper tension in the digital world, a fault line that runs not only through the software industry but through every industry whose products or services exist, or can exist, as software. The tension is between social production and the profit motive. Volunteer labor means something very different in the context of a community than it does in the context of a business. In the context of a community, it’s an expression of fellowship, of the communal value of sharing. But in the context of a business, as Ellison’s move illustrates, it’s nothing more than a cheap input. Many of the most eloquent advocates of social production would prefer it if this tension didn’t exist. But it does, and it’s important.
I don’t think Carr (or Ellison, for that matter) really understands the relationship between a company like Red Hat and an open source community like the people who develop Linux. I think there are two considerations that these guys are missing, which I’ll discuss below the fold.
Continue reading →
Yesterday Ed Felten linked to a Washington Post story about Diebold’s hush-hush recall of 4700 AccuVote-TS voting machines last year. Apparently they had motherboard defects that caused some of them to randomly crash. As Felten explains today, the machines tended to crash at the most inconvenient time possible. He quotes a report on Maryland’s 2004 election:
Election judges and technical staff reported that many of these units froze when the voter pressed the Cast Ballot button. This leads to great confusion for judges and voters. The voter leaves the polling place with little or no confidence that their vote was counted. In many cases, the election judges are unable to provide substantial confirmation that the vote was, in fact, counted.
As Felten explains, this is bad news:
You’d be hard pressed to pick a worse time for a voting machine to crash. The voter has made his selections, confirmed them on the ballot review screen, and now wants them to be recorded. When the Cast Vote button is pressed, the machine reads the intended votes out of its temporary RAM memory and copies them into the official ballot record file, which lives in the machine’s flash memory. If the machine crashes just before the vote is copied, the vote is lost. If it crashes just after the vote is copied, the vote is recorded. It won’t be immediately obvious which case you’re in–hence the confused voters and poll workers.
Obviously, every voting system has problems. But the nice thing about paper ballots is that it’s almost always possible to recover from equipment malfunctions. If there’s doubts about whether an optical-scan or punch-card machine is counting votes correctly, you can run the ballots through another machine or count the votes by hand. Recovering votes from a malfunctioning e-voting machine requires computer forensics skills, and even then it’s a dicey proposition.
Felten’s post makes some other good points about the frightening implications of this kind of bug. Go read the whole thing.
I’m in DC and attended Julian’s annual halloween party. This year’s theme was the “The Party of Death,” but although Ramesh Ponuru was invited, he was, alas, not able to make it. You can see pictures here.
I was Waldo. You can also see a snowflake baby and a dead stem cell, two Steve Irwins, and Hugo Chavez high-fiving Mahmoud Ahmadenijad. The most tasteless costume of the evening–the dead Amish girl–appears not to have been captured on film. Which is good, because that would probably prove Ponuru’s point about liberals.
I think it’s really cool how Flickr makes the photos page I linked to above possible. Julian just suggested that everyone tag their photos “partyofdeath,” and a bunch of people who attended the party did so. As a result, we automagically get a single page that displays everyone’s pictures in one place.
Every week, I look at a software patent that’s been in the news. You can see previous installments in the series here. But this week, Luis Villa has done most of my work for me:
IBM has generally been very good about supporting open source, and as steven says, they’ve been very up front about their motivations- they are doing it because they want to make money, and they think open source and open standards help them make money.
This consistency has extended to their opinions on patents- they have made it clear that they think the system is broken, but they have also made it clear that they think patents are a perfectly legitimate business tool, and that they want to fix the system so that they can continue to make money on patents…
So it shouldn’t be a surprise to anyone that IBM are using patents to go after Amazon. What surprised me, after skimming the patents, is that the patents they are using to go after Amazon are so broad. With the exception of one (which is so opaque I can’t figure out what exactly it is patenting) a cursory reading suggests that these are exactly the kinds of broad, obvious patents that everyone (even IBM) at least says on the surface that they hate. Maybe by demonstrating that they have what Tim Bray calls ‘the Internet Tollbooth’ they think they can precipitate real patent reform, but that seems unlikely; more likely they just want a cut of Amazon’s pile. Shame, really, but it shouldn’t be a surprise.
Companies have a fiduciary duty to their shareholders to maximize their profits, so it shouldn’t surprise us when companies do legal but shady things that enhance their bottom lines. However, it should make us ask why the patent system is giving companies the incentive to engage in such rent-seeking. It does nothing to promote “the progress of science and the useful arts” to give companies monopolies on ideas like “System for ordering items using an electronic catalogue” that are so obvious that it’s inevitable that dozens of companies would independently “invent” them.
In light of the rousing success of the first Alcohol Liberation Front, we’ve decided to reprise the event this coming Monday. We’ll be at RFD from 5:30-7 PM.
If you’re coming, you might want to email me at tlee -at- showmeinstitute.org so we know to keep an eye out for you. Although we probably won’t be that hard to find. James Gattuso will be especially easy to spot at the center of his throng of groupies.
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.