taint.org: Justin Mason’s Weblog

Politics: EDRI-gram notes that the Firenze Linux User Group’s server was tampered with last month at its ISP colo:

On Monday 27 June 2005, two members of FLUG (Firenze Linux User Group) visited the data centre of Dada S.p.a., in Milan, where the community server of the group is physically housed, in order to move it to another provider.

When the server was put out of the rack, however, it was discovered that the upper lid of the server case was half-opened. At a closer inspection, it was also discovered that the case lid was scratched, as if it had been put out and reinserted into the rack. Worse, the CD-ROM cable was missing, as were the screws that kept the hard disks in place.

What is particularly worrying is that the server hosted an anonymous remailer, whose keys and anonymity capabilities could have been compromised. Considering what happened to Autistici/Inventati server - which hosted another anonymous remailer - this possibility is not so far fetched. This begs the question whether a co-ordinated attempt at intercepting anonymous/private communications on the Internet has been ongoing in the past weeks and months.

Bizarre goings-on.

Tags: case, edri-gram, firenze, group, lid, linux, politics, rack, remailer, server, user

Security: The RFID vendors are clearly on a roll, with all manner of uses being proposed. The most recent story is that VeriChip plans to implant them subdermally in hospital patients.

The company line is that it’s privacy-safe, since it doesn’t expose health records per se — just the patient’s ID number. However, that’s missing the point, in my opinion.

RFID chips will broadcast their ID whenever they are within range of a compatible scanner, and the range (in this case) is several feet – although the story notes that their readers used to track farmed salmon work from 10-12 feet, and the Schmoo Group guys I met last month had no doubts that a high-powered directional antenna like their wi-fi sniper rifle could extend that. There’s no encryption, or handshaking, in these chips, it sounds like.

There’s no mention if the chip is removed after you leave hospital; some comments about the idea behind this is that it may help if you’re involved in an accident, and want your info available to healthcare users, in which case you’d have the chip implanted and broadcasting at other times, in other places, as well.

So, if you’ve got one of these implanted, it’ll broadcast a unique code to readers in range at all times. If an attacker can scan while you’re nearby, and picks up that code, they know that it’s you, and you only. They only have to match that ID code to a visual identification once, and henceforth you can be tracked by that ID code.

There’s a possibility that they’ll fix this, by upping the CPU power and incorporating some decent public-key encryption — but then you need a PKI big enough to track every implanted citizen in the entire country, and the costs will go up and up. I’d find that doubtful. (Mind you, they seem to assume that having a centralized secure database of medical records is a fait accompli in most of the articles anyway, so…)

Tags: case, chip, code, encryption, hospital, manner, range, rfid, roll, security, story

Health: A few hours after ( ;) I link-blogged this New Scientist article about a case of the H5N1 avian flu transmitting itself between humans, Boing Boing put up this entry titled ‘Bird Flu risk extremely low’, which concludes that the risk is effectively not worth worrying about.

It’s fundamentally wrong, and is well worth pointing out as a result. As Quinn at ambiguous.org says, it’s not the danger now that’s important here — it’s the potential.

I read New Scientist religiously, so I’ve been following it, and this search on H5N1 gives the perfect illustration of why this is well worth worrying about:

• supplies of human flu vaccine in Thailand are very low, due to rich countries in the North taking up the excess; one route that flu strains pick up human-to-human transmission is through ‘co-infection’, where multiple flu strains infect the same person and swap genes.
• H5N1 has developed the ability to infect mammals already, namely cats, and therefore has another vector.
• the Chinese scientists studying H5N1 warn that ‘it is still evolving’, and the current ‘Z genotype has so far had difficulty infecting humans, but is lethal when it does. If it becomes more adept at this, it could cause a severe human pandemic.’
• the virus may have evolved human-to-human transmission. This is the biggie; a flu that transmits bird-to-human is inherently much more controllable, but once it gains the ability to jump directly to other humans, the pandemic danger becomes much higher. If it gets better at this, we could be in big trouble.

(Now, while it’s worth worrying about, it’s not us end-users who should be doing the worrying. It’s the politicians who need to ensure CDC and the WHO are funded well, the terrible state of vaccine development and production be sorted out, the lack of outbreak monitoring infrastructure be addressed, and research into these strains is funded and given a priority, in case things do go all pear-shaped influenza-wise.)

Tags: ability, boing, case, danger, flu, health, infect, new, risk, scientist, transmission

Software: Economist: Unix’s founding fathers (via sourcefrog.net). A very good article on Thompson, Kernighan and Ritchie’s amazing achievement, with some new details I hadn’t heard before:

AT&T was required under the terms of a 1958 court order in an antitrust case to license its non-telephone-related technology to anyone who asked. And so Unix and C were distributed, mostly to universities, for only a nominal fee. When one considers the ineptness of AT&T’s later attempts to commercialise Unix — after the court order ceased to be applicable because of another antitrust case which broke up AT&T in 1984 – this restriction, an accidental boost to what would later become known as the open-source movement, becomes even more crucial.

So that’s how that happened. Just think — if it wasn’t for that court case, we’d probably all be hacking on VMS. ;)

Also at sourcefrog, mbp points out that the Sulston reverse-engineering story is ‘remarkably similar to that of Richard Stallman several years earlier, when the frustration of closed-source printer software helped motivate him to start the GNU project’.

Patents: yet another sourcefrog link, this time to a CNet story with a hilarious quote regarding software patents and the GIF/PNG debacle:

But Unisys credited its exertion of the LZW patent with the creation of the PNG format, and whatever improvements the newer technology brought to bear.

‘We haven’t evaluated the new recommendation for PNG, and it remains to be seen whether the new version will have an effect on the use of GIF images,’ said Unisys representative Kristine Grow. ‘If so, the patent situation will have achieved its purpose, which is to advance technological innovation. So we applaud that.’

Wow. Presumably by the same logic, they applaud al-Qaeda for improving airline security innovation, too…

Tags: case, court, gif, order, png, software, sourcefrog, story, unisys, unix

Tech: I should note this here just in case anyone finds it useful. A handy tip for anyone visiting Caesar’s Palace; their ‘Business Center’ doesn’t have wifi yet, but (cough) one of their neighbours certainly does ;)

Tags: anyone, business, caesar, case, center, cough, palace, tech, tip, wifi

Spam: CNN: First four charged under ‘can spam’ law:

Court documents in the landmark case in Detroit describe a nearly inscrutable puzzle of corporate identities, bank accounts and electronic storefronts in one alleged spam operation.

At one point, investigators said, packages were sometimes delivered to a restaurant, where a greeter accepted them and passed them along to one defendant.

Detroit Free Press: 4 Oakland men cited in 1st U.S. spam case:

The four are accused of secretly commandeering computers that forward e-mail for some of the nation’s biggest corporations — including Ford Motor Co. — to send millions of junk messages advertising herbal supplements, diet patches and sexual enhancement pills and products.

Other unwitting companies and agencies whose computers were used include Unisys Corp., Amoco Corp., the Administrative Office of the United States Courts and the U.S. Army Information Center, according to a complaint filed in U.S. District Court in Detroit on Wednesday. …..

Unraveling the trail of spam took four months. Berg said that because of the use of proxy servers, trying to trace the spam back to the original sender was difficult. …..

In Karlsruhe, Germany, an Internet security expert and activist named Anders Henke runs what he calls a “proxy pot,” a system that simulates a mail proxy but doesn’t actually forward mail. It sits on the Internet, looking vulnerable to the sophisticated scanning software used by spammers to sniff out open proxies.

Starting in early January, the complaint says, Henke’s proxy pot intercepted 5 million attempts from computer accounts linked to the Michigan men.

Tags: case, cnn, complaint, corp, court, internet, law, pot, proxy, spam

Linux: wmctrl and Devil’s Pie — two nifty tools for window control. Both are command-line tools that use NetWM, a standard for X11 window managers, to hook into window manager policy and apply scriptable control to windows as they appear (in the Devil’s Pie case) or to pre-existing windows (in the wmctrl case).

I’ve just reverted back to sawfish from KWin recently, in order to get this control back; I probably wouldn’t have if I’d found these in time.

(In case you’re wondering why I reverted: specifically, sawfish allows the user to control window position very efficiently from the keyboard using corner.jl, and the KWin folks weren’t interested in a patch to do the same there. In addition, sawfish has wclass.jl , which allows windows to be controlled by name; it’s very handy to say ‘Show Mail’, and have xvoice de-iconify your mailreader in response. Both are killer features for rodent-free use of a UNIX desktop.)

Funny: Dr. Evil’s monologue about his childhood from the first Austin Powers movie. Sheer genius. ‘Sometimes he would accuse chestnuts of being lazy, the sort of general malaise that only the genius possess and the insane lament.’

Open Source: Tim Bray goes through a couple of open-source studies; first is the clueless ‘Where do you want to go, Aiden?’ essay I mentioned here a couple of days ago, but the second is a study from a couple of French economists I hadn’t heard of. I’ll just reproduce the translation:

Choosing software is not a neutral act. It must be done consciously; the debate over free and proprietary software can’t be limited to the differences in the applications’ features and ergonomics. To choose an operating system, or software, or network architecture is to choose a kind of society. We can no longer pretend that free and commercial software, or Internet standards and protocols, are just tools. We have to admit at least that they are political tools. After all, fire and the printing press are ‘just tools.’

Ireland: Some new Irish weblogs:

• The Invisible Acrobat — who is this mysterious acrobat? hmm! A Goon Show fan, I’d reckon.
• Eirepreneur

Tags: case, control, couple, devil, kwin, linux, pie, sawfish, software, window, wmctrl

Music: … from CDWow selling us cheap CDs. Paddy forwards on the news — ‘CDWow.ie will now charge EUR 3 on every CD sold from their Irish site. And they wonder why people download music illegally…’

It seems that IRMA and the BPI both joined forces in this case against CDWow, hence this decision affects Ireland, too. The record industry are very happy — ‘it is not the consumer that will suffer, just CD Wow’s profit margins.’ Not entirely clear how the consumer doesn’t suffer due to a 3 Euro surcharge, but I’m sure they have it all worked out.

Globalisation where it suits the producers, rather than the consumers, is the name of the game here.

More at The Register.

(Thanks, Paddy!)

Tags: bpi, case, cdwow, consumer, decision, download, eur, music, news, site

Innovation: Maciej posts a fantastic look back on the Wright Brothers from an interesting angle — their patent-related antics.

The Wright brothers won every patent case they fought, and it did them absolutely no good. The prospect of a fortune wasn’t what motivated them to build an airplane, but ironically enough they could have made a fortune had they just passed on the litigation. In 1905, the Wrights were five years ahead of any potential competitor, and posessed a priceless body of practical knowledge. Their trade secrets and accumulated experience alone would have made them the leaders in the field, especially if they had teamed up with Curtiss. Instead, they got to watch heavily government-subsidized programs in Europe take the technical lead in airplane design as American aviation stagnated.

Fantastic article. If you’re curious about the history of patenting, and its many fundamental failures, I can’t recommend it enough.

Weblogs: Guardian’s ‘best of British blogging’: good set of winners this year.

Tags: airplane, angle, case, fortune, good, innovation, litigation, look, patent, prospect, wrights

Every now and again, someone says ‘to fix spam, we must ditch SMTP and start all over again’. Eric Rescorla describes why this is not the case.

Great blog — I think I’ll add that to my list. (found via Ed Felten.)

Tags: blog, case, ditch, fix, list, smtp, someone, spam

In case you’re trying to reconcile Arlene McCarthy’s public words, about how the proposed EU legislation helps block software and bizmeth patents, and the FFII’s public words saying the opposite, here’s a helpful email thread cross-posted between the Patents list at AFUL.org and the free-sklyarov-uk list.

• The letter asking for clarification on some key points;

• The rather vague reply from AMcC;

• a follow-up from Rui Miguel Seabra;

• one from Bernhard Kaindl;

• and from Hartmut Pilch.

Also, Hartmut Pilch notes a prior letter which as yet remains unanswered; ‘All she has until now ever done is to send out standard answers to unspecific letters from concerned (and possibly naive-sounding) software developpers. Whenever someone tries to ask her more specific questions, there is no response at all. However documenting the fact that there is no response may also help. So please remember the public letter and point demand a response at every opportunity.’

The Financial Times has an article (paying subscribers only, but that link excerpts a part) which makes clear the difficulties. ‘oftware protection regulations across EU member states should be harmonized while also allowing software developers to carry on without the threat of patent searches and litigation hanging over their heads. He argues that the EU directive’s wording is opaque: The proposal lists computer implemented inventions as patentable, but this definition fails to establish whether it refers to software algorithms or inventions whose usability is dependent on software. Cane also notes that it is harder to see parallels in software invention and physical invention, and argues that there are few truly novel software inventions because most software is based upon prior work carried out by other people.’ (thanks to Gary Robinson for the link)

Tags: bizmeth, case, ffii, invention, legislation, letter, link, list, response, software

wow, this is truly insane. After Novell went on the record noting that SCO do not own the SVR3 or SVR4 IP (which seems to be borne out by a note on the licensing arrangement for the UNIX trademark), SCO’s case seems to be in a bit of trouble. So now they’re threatening to sue Linus Torvalds.

Tags: arrangement, case, licensing, note, novell, record, sco, svr, trademark, unix

In case you missed it — SCO’s letter to Linux customers. Executive summary:

• open-source code development methodology bashing, to start with
• SCO will ’suspend their own Linux-related activities’, whatever they were
• all users of Linux are vaguely threatened in a ‘cartooney’ fashion
• ‘Similar to analogous efforts underway in the music industry, we are prepared to take all actions necessary to stop the ongoing violation of our intellectual property or other rights.’

Classy! And a bonus good point from a comment on this LJ article: ‘According to this article, SCO Linux 4.0 contains version 2.4.19 of the Linux kernel. … By the act of distributing the Linux 2.4.19 kernel, SCO has irrevocably released any and all of their intellectual property present in the 2.4.19 kernel under the (terms of the) GPL.’

Tags: article, case, code, executive, kernel, letter, linux, property, sco, summary

LWN on the case. An excellent commentary, and features this lovely user-posted comment as well:

‘Without access to such equipment, facilities, sophisticated methods, concepts and coordinated know-how, it would be difficult or impossible for the Linux development community to create a grade of Linux adequate for enterprise use.’

Alan Cox wrote the first SMP version of Linux. Do you know who bought Alan the hardware? It was Caldera :-)

Not IBM, after all, but Caldera — who are now part of the SCO group. This usenet posting from 1995 backs that up, as does the Caldera-badged Linux SMP page.

Tags: access, caldera, case, comment, commentary, equipment, know-how, linux, lwn, smp

SCO sues IBM (via Slashdot) . Talk about self-immolation: sue IBM, of all companies, with an intellectual property case. One SCO claim:

‘It is not possible for Linux to rapidly reach Unix performance standards for complete enterprise functionality without the misappropriation of Unix code.’

Apart from the fact that SMP is just not a state-of-the-art thing any more; things move on! Perhaps if SCO/Novell/USL hadn’t sat on their hands for 10 years, swapping IP and suing BSDI, they’d still be in the game. Anyway, here’s what the analysts think:

‘It’s a fairly end-of-life move for the stockholders and managers of that company,’ said Jonathan Eunice, an Illuminata analyst. ‘Really what beat SCO is not any problem with what IBM did; it’s what the market decided. This is a way of salvaging value out of the SCO franchise they can’t get by winning in the marketplace.’

He said it.

Tags: case, claim, ibm, linux, performance, property, sco, slashdot, talk, unix

The transcript of the “Who Wants To Be A Millionaire” episode at the centre of a current UK court case; the producers claim that the contestant cheated, with the aid of a coughing accomplice. Going by this transcript, it’s an open-and-shut case IMO.

Date: Thu, 06 Mar 2003 09:56:42 +0000
From: Tom Farrell (spam-protected)
To: (spam-protected)
Subject: cough cheat millionaire transcript

The major answered the first three questions, but got into difficulty on question six, using the “ask the audience” lifeline when confronted with a question about Coronation Street. He struggled on the next question about the location of the river Foyle and phoned a friend.

As the questions became harder, Major Ingram often appeared unsure and wrestled out loud with several options, often going for a different answer from the one he initially appeared to choose.

Mr Hilliard said there was “a bit of an attempt to make it look like a sweat, some furrowing of the brow … complete changes of mind coincide with the coughs; if you look at the whole picture, that’s what’s going on.”

Major Ingram struggled on question eight, when he was asked who Jacqueline Kennedy’s second husband had been. On two occasions, when he said the correct answer - Aristotle Onassis - out loud, a cough was heard, which the prosecution claims came from Mr Whittock.

For £125,000, Major Ingram was asked about the Holbein painting the Ambassadors.

Major Ingram: “I think I’m going to go for Holbein.”

A cough is heard. Major Ingram says this is his final answer, and is told he is right.

During the next question there was a series of coughs as Major Ingram struggled with the question.

Tarrant asked: “What kind of garment is an Anthony Eden? An overcoat, hat, shoe, tie?”

Major Ingram: “I think it is a hat.”

Cough.

Major Ingram: “Again I’m not sure. I think it is…”

Coughing.

Major Ingram: “I am sure it is a hat. Am I sure?”

Cough.

Major Ingram: “Yes, hat, it’s a hat.”

To cheers, Tarrant told him it was the right answer. Then for the £500,000 question, he was asked: “Baron Haussmann is best known for his planning of which city? Rome, Paris, Berlin, Athens.”

Major Ingram: “I think it is Berlin. I think Haussmann is a more German name than Italian or Parisian or Athens. I am really not sure. I’m never sure. If I was at home, I would be saying Berlin if I was watching this on TV.”

A loud cough was then heard, and the prosecution claim that Mr Whittock resorted to the “desperate measure” of saying the word “no” under cover of a cough.

Major Ingram: “I do not think it’s Paris.”

Cough.

Major Ingram: “I do not think it’s Athens, I am sure it is not Rome. I would have thought it’s Berlin but there’s a chance it is Paris but I am not sure. Think, think, think! I know I have read this, I think it is Berlin, it could be Paris. I think it is Paris.”

Cough.

Major Ingram: “Yes, I am going to play.”

Tarrant: “Hang on, where are we?”

Major Ingram: “I am just talking to myself. It is either Berlin or Paris. I think it is Paris.”

Cough.

Major Ingram: “I am going to play Paris.”

Tarrant: “You were convinced it was Berlin.”

Major Ingram: “I know. I think it’s Paris.”

Tarrant: “He thought it was Berlin, Berlin, Berlin. You changed your answer
to Paris. That brought you £500,000. What a man! What a man. Quite an amazing man.”

Then came the £1m pound question: “A number one followed by 100 zeros is known by what name? A googol, a megatron, a gigabit or a nanomole?”

Major Ingram: “I am not sure.”

Tarrant: “Charles, you’ve not been sure since question number two.”

Major Ingram: “The doubt is multiplied. I think it is nanomole but it could be a gigabit, but I am not sure. I do not think I can do this one. I do not think it is a megatron. I do not think I have heard of a googol.”

Cough.

Major Ingram: “Googol, googol, googol. By a process of elimination I have to think it’s a googol but I do not know what a googol is. I do not think it’s a gigabit, nanomole, and I do not think it’s a megatron. I really do think it’s a googol.”

Tarrant: “But you think it’s a nanomole. You have never heard of a googol.”

Major Ingram: “It has to be a googol.”

Tarrant: “It’s also the only chance you will have to lose £468,000. You are
going for the one you have never heard of.”

Major Ingram: “I do not mind taking the odd risk now and again. My strategy has been direct so far - take it by the bit and go for it. I’ve been very positive, I think. I do not think it’s a gigabit, I do not think it’s a nanomole or megatron. I am sure it’s a googol.”

Cough.

Major Ingram: “Surely, surely.”

Tarrant: “You lose £468,000 if you are wrong.”

Major Ingram: “No, it’s a googol. God, is it a googol? Yes, it’s a googol. Yes, yes, it’s a googol.”

Cough.

Major Ingram: “I am going to play googol.”

After a break, Tarrant said: “He initially went for nanomole, he then went through the various options again. He then went for googol because he had never heard of it and he had heard of the other three. You’ve just won £1m.”

Tags: answer, case, cough, episode, hat, holbein, millionaire, question, transcript, wants

Check out The World’s Top Ten — Nationalist Marching Songs, that is, as far as I can see – featuring:

• Vande Mataram and Rakkamma Kaiya Thattu (India)

• Dil Dil Pakistan (guess where)

• A Nation Once Again (Ireland)

India’s winning.

Just in case they get cleaned out as vote-rigging, here’s what it looks like right now:

Tags: case, dil, marching, mataram, nation, rakkamma, songs, vande, winning, world

A two-headed crocodile has been born at Samut Prakarn Crocodile Farm on the outskirts of Bangkok. I’ll be going to Thailand in a week so I can verify if this is just a case of the magic of superglue. ;)

Tags: case, crocodile, farm, magic, prakarn, samut, superglue, week