Child Militia Join the Copyfight
May 31, 2005
This [little piece of news](http://p2pnet.net/story/4976) from p2pnet caught me completely off guard. It seems on Friday [Wired Kids](http://www.wiredkids.org), an advocacy group supposedly dedicated to protecting kids on line–presumably from things like predatory pedophiles–awarded the MPAA with it’s first ever “Doing It Right” award. No one seems to be exactly sure what they’re doing right, but it seems to be in response to their 2-year long attempt to [buy public education](http://www.boston.com/business/technology/articles/2004/04/25/laying_down_the_copyright_law____to_children?pg=full) (which Junior Achievement seems to have been willing to sell, no strings attached, for $200,000). apparently, the fewer freedoms our children have, the safer they are. And the more propaganda they’re exposed to, the safer they are. Kathleen Sharp, a Boston Globe reporter who sat in on a trial run in California reported:
> The volunteer and the teacher worked from a 25-page classroom guide to explain the concept of using a computer to download files, which they called ”morally and ethically wrong.” The students played roles such as ”The Film Producer,” ”The Starving Artist,” and were asked questions such as ”Has anyone ever copied your homework? How did this make you feel?”
>
> By the end of one session, the teacher asked one boy: ”Will you stop copying music online and download the right way?”
>
> ”Yes,” he answered. ”I’ll go to the music store and buy more CDs.”
>
> Students learn to repeat the program’s motto: ”If you don’t pay for it, you’ve stolen it.” [link](http://www.boston.com/business/technology/articles/2004/04/25/laying_down_the_copyright_law____to_children?pg=full) (via [commons music](http://commonsmusic.com/blog/?p=58))
Of course, there’s incentive as well:
> At the end of the school year, students are asked to write an essay ”to get the word out that downloading copyrighted entertainment is illegal and unethical,” according to the teachers’ guide. Prizes include an all-expenses-paid trip to Hollywood, worth about $1,000; a Sony DVD player and library of 14 hit movies on DVDs, worth about $350 total; and a selection of 21 Hollywood classic DVDs, valued at $250. Teachers whose students win the contest will also be rewarded with prizes, such as a year’s worth of free movie theater tickets for the teacher and a guest.
It’s difficult to see what effect this has on childrens’ safety, or why Wired Kids was interested, but considering that the driving force behind Wired Kids is [Parry Aftab](http://www.aftab.com/) the woman who has decptively dubbed herself “The Privacy Lawyer”(tm) while dedicating her life to attacking privacy laws on behalf of big business, it’s not too hard to guess why she has a soft spot for the MPAA.
The real problem here is that it’s difficult to see where Junior Achievement went wrong. There’s nothing prima facie amiss about corporate funding of educational programs. Corporations of one sort or another have long sponsored enrichment activities and most of them do a lot of good. The Westinghouse Prizes, for example have served to advance science learning in high schools in concrete ways. And the entire Junior Achievement program is funded through sponsorship. Nor is it uncommon for school programs to encourage kids not to engage in illegal activities; “D.A.R.E.” and “Just Say No” programs are all over, some of them federally mandated.
So what are the objective criteria, here, that can be used to identify brainwashing before it gets into the classroom? Is a one-sided intelletual propery awareness course really so diferent than a one-sided drug awareness course, or a one-sided sex-ed course?
Of course, it is, but I’m having trouble putting my finger on where, at least in a way that’s useful. And that’s scary.
And the Hits Just Keep on Coming
May 27, 2005
Your mission for this weekend: go to your local library–if you can find one that doesn’t [fingerprint](http://www.boingboing.net/2005/05/21/fingerprint_scanners.html)–check out a copy of 1984 and the director’s cut DVD of Bladerunner. Read the one, watch the other, and report back on Monday. HP just announced [your future](http://home.businesswire.com/portal/site/google/index.jsp?ndmViewId=news_view&newsId=20050527005136&newsLang=en), and you’ll probably want to get a leg up on the other kiddies.
> PALO ALTO, Calif.–(BUSINESS WIRE)–May 27, 2005–HP (NYSE:HPQ)(Nasdaq:HPQ) today announced the availability of the HP National Identity System (NIS) solution on the Microsoft(R) .NET platform.
>
> The HP NIS solution allows governments to build and quickly deploy at an affordable price a complete, standards-based and technologically agile infrastructure that meets their changing needs for security and identity management.
>
> Going beyond simple secure identification and authentication functionality, the solution enables modern national identification systems to allow citizens to access e-government services and conduct secure transactions. The solution also provides citizens with improved secure and intelligent identity documents.
> The NIS leverages HP’s extensive experience in delivering fully integrated solutions, which include consulting and integration, desktops, servers, management software and support services. Recognizing HP’s .NET commitment and unique capabilities, Microsoft has endorsed HP as its worldwide prime integrator for Microsoft .NET technologies.
>
> For the HP NIS solution, Microsoft supplies a wide range of software products and technologies, including Microsoft Server 2003 Enterprise Edition, Microsoft BizTalk Server 2004, Microsoft SQL Server 2000 (64-bit), the Microsoft .NET Framework and Microsoft Services.
>
> “Microsoft recognizes that national governments and their principal agencies have unique information technology requirements, particularly as more governments look to implement e-government solutions,” said Jan Muehlfeit, vice president, Public Sector -EMEA, Microsoft. “Secure and reliable identification and authentication of individuals helps power more useful and compelling experiences for users and provides citizens easy and secure access to services. Working with industry partners such as HP is an important step and will provide public sector organizations with new technology solutions to address these key customer concerns.” ([link](http://home.businesswire.com/portal/site/google/index.jsp?ndmViewId=news_view&newsId=20050527005136&newsLang=en))
This is scary. Really scary, both in theory and in practice. On the theoretical side, one likes to be able to audit one’s government, get into the archive, dig around a little and see what’s really going on. But this project will be proprietary code. Secret. Un-FOIAable. Never a matter of public record. I’m not normally a conspiracy theorist, but after the voting machine debacle, even my normally naieve faith is in short supply.
On the practical side, .Net means C#. And C# isn’t exactly the language of choice secure applications in any sense of the word I’m familiar with. None of the available compilers are quite what I’d call “robust”. There’s a reason we run web apps in chrooted envronments. And that only becomes an issue after you get past all of Windows’ known exploits.
There are secure systems out there; none of them are mentioned in the HP press release.
The truly baffling thing here is that HP is better than this. Why commit to Microsoft when you own the source for HP-UX? (via [boingboing](http://www.boingboing.net/2005/05/27/_hps_new_microsoft_n.html))
Nokia: How to Do Opensource Right
May 27, 2005
The [Nokia 770](http://www.nokia.com/770) has gotten a lot of press in the last couple of days, but it deserves a little more. Nokia has always been hacker and homebrew friendly. Most of their consumer devices use [Symbian](http://www.symbian.com/), which provides good docs and runs a fairly useful developer site, and this attitute of openess is a large part of what has made so many Mac users–as well as Linux and other *nix users–loyal Nokia customers. The Symbian docs are what enable enable projects like [The Missing Sync](http://www.markspace.com/), and symbian integration with Konact, Evolution, etc. This time, though, Nokia has gone a step further. The 770 will not run Symbian, but instead, a Nokia OS named Internet Tablet 2005, a custom Debain distro based on the 2.6 (currently 2.6.11) kernel.
I know what you’re thinking: we’ve heard this before; and Zaurus was a miserable failure. Where Nokia really shines, though, is with [Maemo](http://www.maemo.org), the 770 SDK and reference platform. Maemo is a Linux (GTK)-based SDK that provides bindings for 770 as well as a virtual machine for testing. This means that anyone can develop for the 770 (and IT2005 products to come) without investing in hardware for testing. It also means that programmers can bring familiar GTK techniques to the IT2005 table, and presumably that applications can be written in any language with GTK bindings and a Linux-based ARM compiler or interpreter. Usually as a developer you get either a virtual machine that speaks a non-standard dialect, or more often, an SDK that runs on the platform itself, which requires the expense of machine to test on. Maemo is a first here, at least when it comes to supporting opensource projects. Better still, maemo.org provides extensive docs including a fairly well-put-together reference manual and a how-to specifically on porting GTK and Qt apps, featuring gaim as a test case. This is a fabulous resource.
It’s also a clever gimick: Nokia has announced an internet messaging client to be released in Q1 2006. The 770, though, is slated for Q3 2005, so if you want IM before that, you’re going to have to build gaim yourself (or download an rpm deb from somewhere), which should promote familiarity with maemo and the porting process, and spark some fairly rapid porting of critical and popular apps. If Maemo lives up to its potential, this has the potential to be the best example we’ve seen yet of a successful commercial/opensource venture.
I just wish PlamOne would manage the LifeDrive project this way. (via [darla mack](http://darlamack.blogs.com/darlamack/2005/05/nokia_nokia_lau.html))
Friends in High Places
May 26, 2005
Pete and Repeat went into a bar…
Apparently the MPAA, no longer content with getting Spanish academics fired, has decided to up the ante. They’ve convinced the Justice Department to start filing criminal charges against organizers of BitTorrent networks. In a press relase pulished to the interestingly named file [starwars52505.htm](http://www.ice.gov/graphics/news/newsreleases/articles/starwars052505.htm), (at least they’re honest about what’s really going on) the Department of Homeland Security–who knew ?–announced the “First Criminal Enforcement Against BitTorrent Network Users” yesterday. The sad thing is that it’s difficult, if not impossible, to defend people who put up torrents of “Revenge of the Sith” six hours before it was released so the important points will, as usual, be overlooked, such as the outright silliness of shutting down networks because to get at criminals use them as means of transport.
On second thought, I like it. In fact, I think we should expand the principle. Let’s shut down Intel, IMB, Apple, Sun, and Microsoft because people use computers to download files. Then lets go after Cisco, because the supply the hardware to route the contraband. While we’re doing that, let’s shut down all the airlines because people smuggle drugs on planes, U-Haul, Budget, etc. beacause people smuggle drugs and Aliens in rented trucks, and all the car makers because they facilitate drunk driving and prom night deaths.
Maybe that would force a sane debate on the subject.
Then again, maybe not. (via [BoingBoing](http://www.boingboing.net/2005/05/25/first_criminal_bitto.html))
OpenSSH 4.1 Released
May 26, 2005
Latest news from the hackathon: OpenSSH 4.1 has been officially released. Damien (drm@) just sent the email:
> OpenSSH 4.1 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly.
> OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support.
> Changes since OpenSSH 4.0:
> `============================`
> * This is a bugfix release, no new features have been added. Some notable fixes are:
> – Fix segfault when using forwardings configured in ssh_config(5) and ClearAllForwardings (bugzilla #996).
> – Limit input buffer size for channels. A peer could send more data than the buffer code was willing to accept. This would cause OpenSSH to abort the connection (bugzilla #896).
> * Several improvements to the regression tests
> * Portable OpenSSH:
> – OpenSSH will now always normalise IPv4 in IPv6 mapped addresses back to IPv4 addresses. This means that IPv4 addresses in log messages on IPv6 enabled machines will no longer be prefixed by “::ffff:” and AllowUsers, DenyUsers, AllowGroups, DenyGroups will match IPv4-style addresses only for 4-in-6 mapped connections. This ensures a consistent representation of IPv4 addresses regardless of whether or not the machine is IPv6 enabled.
> * Other bugfixes, including bugzilla #950, #997, #998, #999, #1005, #1006, #1024, and #1038
Mixed Networks Admin.: A Little tlp
May 25, 2005
To get back a little more into tech content:
If you’re like me, you spend a lot of time with a lot of xterms open: local session, ssh sessions, database connections, you name it. Keeping track of all those windows can get confusing, especially if you aren’t always at the same physical console. Different window managers, shells and OSs all suoort different naming conventions, and it’s easy to forget which window is which. Most admins and “power users” have some tricks to help them deal with the mess. The problem is that these solutions are almost always shell or OS dependant. Bash scripts that set KDE window titles. Csh scripts that query `/proc` for process information. That’s how I started out, too: with a bash script called `tl` that I picked up somewhere. I have no idea, now, what “tl stands for (“terminal load”?), but it’s a useful little program. It cats `/proc/loadavg` in a Linux system, and uses that, the neame of the computer, and the current time to dynamically set the titlebar of an xterm session. The problem is, it only works on Linux under bash.
So one day I rewrote it. The result was `tlp` (“tl-perl”), an OS independant script to help me keep organized. Run in the background, it sets the window title to display the name of the machine I’m logged into, the 3, 5, and 15 minute load averages on that machine, and the current time. This lets me take a quick glance across my desktop and get a feel for how my different machines are doing: if usage spikes, I’ll want to look into it, and if the times start drifting, I’ll want to check on NTP before internet apps start complaining.
Read the rest of this entry »
Free Speech–It’s What’s For Dinner
May 24, 2005
In a 5 to 4 decision, the Supreme Court has upheld the government’s right to coerce citizens and non-citizens alike into funding government-sponsored speech they find objectionable. The suit in question was brought by cattle ranchers who objected to the $1 per head fee levied on an ongoing basis by the USDA under the 1985 Beef Act to pay for the famous “Beef: it’s what’s for dinner” commercials. Writing for the majority, Justice Scalia asserted:
> Citizens may challenge compelled support of private speech, but have no First Amendment right not to fund government speech. And that is no less true when the funding is achieved through targeted assessments devoted exclusively to the program to which the assessed citizens object.
As opposed to general assessments through general tax levies. In theory, at least, this would seem to open the door to the governemnt to levy targeted assessments on any segment of the population to fund any message of the government’s choosing. That the targeted individuals benefitted collectively did seem to be of secondary importance to the court, but there need be no convincing proof that that an particular member of the group benefit directly, or that the only beneficiaries be those assessed, or even that the larger “public” benefit from the governments actions as supported by private assessment.
I think I saw a movie about this kind of unrestricted government assessment last night: Robin Hood. In the past, the court has struck down these efforts when attempted by states and municipalities unless there were other compelling circumstances ( a California citrus levy, for instance, included money for lobbying and R & D), so the question in my mind now is: who’s next. The Republicans have to know they’re losing on gay marriage, but maybe they can get back a little by making gays pay for AIDS awareness as part of a marriage liscence? Perhaps make democrats pay for Army recruiting ads (hey, we benefit from military protection, right?)?
That’s the problem, here: the seemingly unlimited scope, and the sheer ridiculousness of letting the government decide what is best, and for which segments of the population, without even the burden of proving material gain for the individuals “serviced”. Justice Souter, writing for the dissent, complained that in the majority view “there is no check whatever on government power to compel special speech subsidies.”
Land of the free, eh?
(via [csm](http://www.csmonitor.com/2005/0524/p03s01-usju.html?s=rssx))
USA PATRIOT Redux
May 23, 2005
Over the weekend, the EFF obtained a copy of the bill the US Senate Select Committe on Intelligence will be considering this Thursday, “A Bill to Permanently Authorize Certain Provisions of the USA PATRIOT Act and Other Matters”. They also obtained an commitee executive summary, which contanis great tidbits like this:
> Section 204 provides an important exception for certain foreign intelligence activities from requirements governing certain criminal electronic surveillance activities.
and
> Section 214 deletes a semi-annual reporting requirement the Department of Justice has found administratively impossible to comply with, namely, the number of times information derrived from FISA electronic surveillance is “passed” to local law enforcement…
In other words, because the various law enforcement agancies can’t met the current reporting requirements, we’re going to take those requirements away, remove some congressional oversight at the same time, and make permanent all of the powers under PATRIOT that were intended to be temporary. And while we’re at it, section 213 is going to give the FBI broad new powers to issue subpoenas that the recipient cannot disclose (although there is a provision for disclosure to counsel, which is an improvement over the current bill).
Of course, the committee will not be holding a public hearing on Thursday, so we’ll never know what actually goes on, or what the justification for any of this is. Rest assured, though, that more of your civil rights will be headed down the drain in the near future.
You know, I used to think the people who called the FBI “jackbooted thugs” were wackos. But today, I feel like I’d better wrap up before I unintentionally invoke Godwin’s Law.
The full text fo the draft and the summary can be found a the [EFF](http://www.eff.org/news/archives/2005_05.php#003594)
HOWTO: pf with one interface
May 23, 2005
OpenBSD’s (and now FreeBSD’s) pf(4) is by far the most sophisticated built-in firewall distributed with an current OS. It catches packets early, allows for stateful filtering based on almost any attribute, maintains state cleanly even with NAT, and implements binat and queues, among other things. pf also provides powerful features like macros and tables. As a consequence, pf sees a lot of action on dedicated front-line and internal firewalls, and using pf to filter packets for passing between interfaces is the subject of most tutorials.
What there isn’t, however is any advice on how to configure pf for a standalone workstation.
Read the rest of this entry »
MTA Photography Ban Dropped
May 23, 2005
> A proposal to ban photography on the city’s subways to deter surveillance by terrorists has been nixed by police and transit officials.
> A year after plans were introduced to forbid photography, videotaping and filming in subway stations, police and transit officials said a ban is not needed to secure the nation’s largest mass transit system. (via [1010 WINS](http://1010wins.com/topstories/local_story_142085748.html))
All I can say is, it’s about time. Of course, this is a different ban than the one on photographing bridges, tunnels, and government buildings, so I look forward to seeing how serious about civil liberties the NYPD actually is, but this is a huge step in the right direction for the Bloomberg administration. I’m not holding my breath, though, after the RNC last year. Many mayors make great steps forward during election years.
