reworld.org

A verdict worthy of Dr Evil himself. Congratulations to the RIAA on their jury management!

Whilst driving around Auckland, New Zealand, I was a little surprised to see Vodafone pasting boingboing’s URL across huge billboards. What the hell?



(slightly gimped to compensate for a lot of glaring sunlight)

Perhaps it’s just a cunning scheme to get their ad campaign boingboinged….

I’m currently reading one of Alan Lightman’s curious little books, Einstein’s Dreams. Published in 1993, it’s a quirky mixture of philosophical thought experiments illustrating various models of time, which twist and wriggle into riffs on life and love. One of them, a condemnation of social climbing, doubles as a satire of a movement that didn’t even exist when the book was written:

In this world, it is instantly obvious that something is odd. No houses can be seen in the valleys or plains. Everyone lives in the mountains.

At some time in the past, scientists discovered that time flows more slowly the father from the center of the earth. The effect is miniscule, but it can be measured with sensitive instruments. Once the phenomenon was known, a few people, anxious to stay young, moved to the mountains. Now all houses are built on Dom, the Materhorn, Monte Rosa, and other high ground. It is impossible to sell living quarters elsewhere.

Many are not content simply to locate their homes on a mountain. To get the maximum effect, they have constructed their houses on stilts. The mountaintops all over the world are nested with such houses, which from a distance look like a flock of fat birds squatting on long skinny legs. People most eager to live longest have built their houses on the highest stilts. Indeed, some houses rise half a mile high on their spindly wooden legs. Height has become status. When a person from his kitchen window must look up to see a neighbor, he believes that the neighbor will not become stiff in the joints as soon as he, will not loose his hair until later, will not wrinkle until later, will no lose the urge for romance as early. Likewise, a person looking down on another house tends to dismiss its occupants as spent, weak, and shortsighted. Some boast that they have lived their whole lives hight up, that they were born in the highest house on the highest mountain peak and have never descended. They celebrate their youth in their mirrors and walk naked on their balconies.

Now and then some urgent business forces people to come down from their houses, and they do so with haste, hurrying down their tall ladders to the ground, running to another ladder or to the valley below, completing their transactions, and then returning as quickly as possible to their houses, or to other high places. They know that with each downward step time passes just a little bit faster and they age a little more quickly. People at ground level never sit. They run, while carrying their briefcases or groceries.

A small number of residents in each city have stopped caring whether they age a few seconds faster than their neighbors. These adventuresome souls come down to the lower world for days at a time, lounge under the trees that grow in the valleys, swim leisurely in the lakes that lie at warmer altitudes, roll on level ground. They hardly look at their watches and cannot tell you if it is Monday or Thursday. When the others rush by them and scoff, they just smile.

In time, people have forgotten the reason why higher is better. Nonetheless, they continue to live on the mountains, to avoid sunken regions as much as they can, to teach their children to shun other children from low elevations. They tolerate the cold of the mountains by habit and enjoy the discomfort as part of their breeding. They have even convinced themselves that thin air is good for their bodies and, following that logic, have gone on spare diets, refusing all but the most gossamer food. At length, the populace have become think like the air, bony, old before their time.

Caloric restriction, eat your heart out.

I’m also posting from time to time on another site called Science That Matters. It’s a kind of meta-journal or review of scientific articles. The idea there is to dig up really exciting pieces of research from any field — the kind of science that has serious implications for the way we should all understand the world we live in. All too often, that research is missed or ignored by the world of policy. We hope to change that, even just a little. Send us your suggestions!

Wired Magazine is a funny publication. It is particularly entertaining to compare the total number of mentions of the names “george bush” (57) and “al gore” (307) in the magazine to date[1].

Upon consideration, this situation is easy to understand. It isn’t that Wired has fought to keep the flickering candle of democracy alight after Florida in 2000, a cause embraced by few aside from Michael Moore. It’s that George W. Bush has never used the word “Internet” in a State of the Union speech. Not once.

Al Gore, on the other hand, has found his true calling: using the power of technology to save the world.

[1] A note that makes this observation only slightly less funny: if the search includes all of the common variations on Bush Jr’s name (george bush, george w bush, president bush) and one then discards mentions of his father, there are something like 150 hits for Bush. Still a 2:1 ratio in Gore’s favour.

There’s an idea I’ve had kicking around for a year or two but which still hasn’t been implemented properly. So I’m going to post it for you to use! It lies somewhere between a neat trick and a business model for selling digital music without copyright enforcement or collective licensing.

Start by making two versions of each track you’re releasing. One is “tagged” with an intro or outro voiceover, directing the listener to the artist’s site. I heard a parodist named Johnny Crass doing this five years ago.

The voiceover could also suggest the availability of an untagged version from the artist’s website. When you go to the website, an untagged download could be available for $1. Or maybe for any non-zero cash payment — suggest a dollar for the average song but more or less if you like it more or you’re really poor.

Last year, Magnatune started doing something similar with some of the distribution channels for their music (although if you listen to the MP3 streams on their site, it’s only the ID3 tags that encourage you to purchase a copy of the track).

So the last twist to my proposal: the publisher/promoter should run a stack of nodes on various file sharing networks. When they publish a song, they should make lots of copies of the tagged version on these p2p networks, in various formats and at various bitrates. That way, the first users who go to download the song from p2p networks will get the tagged version. And, because most people won’t delete the tagged version once they’ve downloaded it, those will be the files that continue to dominate p2p search results.

And of course, one can ask paying downloaders — nicely — only to upload tagged versions of the track.

Hopefully Magnatune and their competitors will pick this up. Anyone who does: drop me a line, I’d love to hear about it.

A couple of years back, Jack Valenti argued that copyright law was supporting terrorism. Well, approximately. He argued that terrorists must be making money from piracy, which is really the same thing. He admitted to having no evidence for his claims, but if we presumed they were nonetheless true, criminal profits from piracy wouldn’t be possible under a sensible copyright system like an opt in universal license or a universal public funding system. In the same way that Prohibition in the 1930s funded crime by driving certain markets underground, modern copyright can fund crime too.

All of that is fairly straightforward. What is not so straightforward, dear readers, is the emerging possibility that attempts to enforce copyright are starting to protect paedophiles.

How is that? The most sophisticated attempts at DRM, based around trusted computing and some degree of tamper resistance, have a central tenet: provide a mechanism for denying local users full access to and control of their own computers. There must be cryptographic keys which are stored in the hardware but inaccesible to “unauthorised” applications, so that the user can’t get uncontrolled access to the decrypted versions of media files.

Precisely the same “trusted computing” mechanisms can be used to prevent someone who seizes your machine from performing any forensic investigation of it. Microsoft’s BitLocker project is just such an application. At the moment, encryption software is available to hide the contents of your hard disk. But BitLocker prevents two of the more obvious methods that law enforcement (or someone else) can use to defeat disk encryption: brute force attacks on passphrases, and software keystroke logging.

Apparently, some European computer police are very angry that Microsoft is making BitLocker widely available. They’re convinced that it will prove invaluable for paedophiles. Which, occasionally, it may — and also for political subversives, whistleblowers, and other questionable sorts.

To sum up: Hollywood’s push for DRM has lead Microsoft (with help from Intel and others) to build powerful privacy-protection tools that police believe will turn into a haven for paedophiles.

One wonders how long it will be before governments want their hands all over the private keys in the Trusted Platform Module in your PC. Apparently, China is already planning to prohibit the importation of trusted computing hardware that wasn’t made there. If this comes to pass, the only viruses, keystroke loggers and malware that will be able to infect your computer for any length of time will be the friendly goverment approved versions.

Mobile phones are a privacy disaster. While they are switched on, they continuously reveal the location of the person carrying them. Records of calls made, where the calls are made from, and text messages sent, are almost always kept by the networks. Surveillance also permits evesdropping on calls and on the content of text messages.

In this post, I’m going to try to sketch an unconventional design for a cellphone that offers good-to-excellent protection against all of these threats.

The first insight is to use open WiFi networks as a carrier. WiFi phones are not new, of course. They’ve been around for a few years, and there are handsets available from Netgear, Zyxel, RadioTele, UTStarCom, Hitachi, and others. There are some pretty fancy linux-based gadgets from Motorola and Philips (the latter has apparently been released through some telco in the Netherlands… but I can’t find one to buy). The design is going to involve reprogramming one of the above devices.

The phone will need to be set up to opportunistically connect to open WiFi networks. For privacy purposes, it is desirable to randomise the device’s MAC address each time that happens. Otherwise, MAC addresses create an audit trail accross every network the phone talks to. MAC addresses would not normally be reported beyond the WIFI router or hub that a gadget was talking to, but they do allow that router to create a long-term history of use by your phone. If recorded, these addresses could also be collected by a hacker or a retrospective forensic investigation (including a civil lawsuit).

An aside of interest in creating an opportunistic WiFi device is whether the gadget should ever automatically click-through a welcome/terms of service screen on a WiFi network. Some networks redirect a new connectee’s first HTTP requests to a page requiring that kind of agreement. I’m not currently aware of any standard protocols with which a device can automatically negotiate terms of service with the an arbitrary network. If there aren’t any, we might have to concoct one. In any case this is a fairly generic issue about building WiFi-linked gadgetry, and one that will become more important with the deployment of large free-of-charge-but-agreement-governed networks.

On to private phones! The fanciest privacy-protecting network tool around is Tor. Tor is an onion routing system that lets you bounce your traffic around a sequence of nodes before it reaches its final destination. Each node descrambles a layer of encryption (hence “onion” routing). None of the Tor routers can see anything beyond the nodes immediately before and after it, so they cannot tell who is talking to whom. Tor can serve very nicely for private mobile email/SMS replacement. But unfortunately it isn’t really satisfactory for voice, because it imposes a big latency hit and is unreliable in terms of connectivity and bandwidth.

So, what to do? The answer may be to use Tor to establish a call, and then some lower-latency setup for the actual VOIP data. Phone numbers could be anonymously published Tor services; if you want to call them, you phone finds their Tor service and arranges the details. Because 99%+ of these phones’ WiFi connections will be behind immutable [1] NAT firewalls, the call will need to be routed through an intermediate proxy. A centralised exchange proxy, that handles many calls, would work nicely. My colleague Seth Schoen pointed out that the two parties don’t even need to know each other’s IP addresses; they can just agree on a random call number, and ask the proxy to be connected to the other party who knows that number [2]. The parties of course use end-to-end encryption for their VOIP connection, so the central proxy knows which (wandering, open WiFi) IPs are talking to each other, but nothing more. If the proxy carries enough traffic and does not retain logs, outside parties might be left guessing even about which IP is paired with which [3].

This architecture seems to be pretty nice. Please let us know if you notice any flaws! Aside from that, it would be nice to start experimenting with it… In fact, any coders who are interested in working on this should give drop us a line.

NOTES

1. There might in theory be situations in which a mobile WiFi device could arrange to negotiate access to an incoming TCP/UDP port on a public IP address, but there is little point in engineering for such unlikely circumstances.

2. The right way to handle this session arrangement is a little more complicated than just signing up with a shared session number and getting a stream of UDP packets back. A single session number is inadequate, for example, if one of the devices jumps IP addresses, which can easily happen with a WiFi device. The protocol should not only allow recovery from IP address transitions, but in fact try to use them as cover against traffic analysis.

3. This would require some careful protocol design because, by default, the fact that two IPs have closely related start and end times for their sessions will usually allow them to be linked together.