Technology

The little cartoon movie from “Hands Off the Internet” (an organization funded by member organizations that include major telcos and equipment vendors) has led to a response from “Save the Internet” (advocates of net neutrality funded by MoveOn.org and others). “Save the Internet” claims that the cartoon is “a clever piece of industry propaganda that is riddled with half-truths and outright lies.” It then quotes a few passages from the cartoon and offers responses. Unfortunately, it is “Save the Internet”’s response that contains misinformation, and it fails to point out any alleged lies. In what follows, I’ll quote directly from the “Save the Internet” response (including the quotes from the “Hands Off” cartoon they are responding to) and then respond to each point. The big telecom companies say: “Is the Internet in Danger? Does the Internet need saving? It keeps getting faster. We keep getting more choices." The truth: Right now AT&T and others want to take away your choices and control what you can do and watch online. They’re on their best behavior while trying to convince Congress to hand over the Internet. But if their high-priced lobbyists get their way in Washington, the Internet as we know it will be gone. Network Neutrality has always curbed the control of the network owners, invited competition and encouraged innovators. It’s what made it possible for entrepreneurs and creative thinkers to prosper online. None of the big ideas that made the Internet the innovative engine it is today came from the cable or telephone companies. ...

The Baltimore Sun has reported on a shelved 1990s NSA program to collect and analyze phone records which had the following features: Used more sophisticated methods of sorting through massive phone and e-mail data to identify suspect communications. Identified U.S. phone numbers and other communications data and encrypted them to ensure caller privacy. * Employed an automated auditing system to monitor how analysts handled the information, in order to prevent misuse and improve efficiency. ...

Some advocates of net neutrality have advocated nationalization of “the Internet backbone” (see, for example, the comments of Paul and Frank at Richard Bennett’s Original Blog). The idea that there is such a thing as “the Internet backbone” is itself a confusion about what telcos contribute to the Internet, but what was the pace of innovation when telephony was a highly regulated government monopoly in the United States? Touch-Tone was developed in the late 1950’s. It was promoted at the Bell System Pavilion at the 1962 Seattle World’s Fair, as can be seen in this fascinating short film, “21st Century Calling” (a bonus feature on the DVD of the Mystery Science Theatre 3000 episode, “The Killer Shrews”). Other features promoted in the film include call forwarding and three-way calling. Bell Labs officially announced Touch-Tone as a feature (PDF) in 1964. Touch-Tone was rolled out to consumers in the 1980s as a feature which consumers had to pay extra for, even though it cost nothing more to provide. The SS7 electronic switching infrastructure costs were covered by consumer fees such as the monthly fee for Touch-Tone service, and then used to roll out new services to businesses, subsidized by consumers. Time from innovation to deployment: over two decades.

Harri Hursti of Black Box Voting has released a report (PDF) on yet more flaws (on top of others reported back in December) in Diebold TSx and TS6 Direct-Recording Electronic (or DRE) voting machines. Having a few minutes of physical access to a machine makes it possible to install software, using simple, easily available tools, which will completely compromise the machine in such a way that it will be impossible to tell whether future software updates are successful or not. Ed Felten and Avi Rubin give more detail at Felten’s blog, Freedom to Tinker, and question whether it makes sense to build voting machines based on commodity hardware and operating systems due to these risks. This certainly seems like an application where you’d want hardware-enforced verification of a stripped-down trusted computing platform. Hursti’s report says that there are three layers of software in the Diebold machines: a boot loader, an operating system (customized Windows CE), and an application program (the voting software). Each of the three layers has backdoors which allow bypassing security controls. The report states that “Different files on the system carry various subsets of the following features: Signature check, mode check, and integrity check. None of these can be considered security features against tampering. For example, the integrity check is [redacted]. This check can be equated to a very crude spell-checker. It is effective against accidental typing errors but not deliberate attacks." The redacted portion, based on the description, is apparently a weak checksum such as CRC (cyclic redundancy check), rather than a cryptographically stronger checksum like MD5 or SHA1 (both of which have weaknesses of their own). The Hursti report describes how an attacker could exploit the weaknesses at multiple levels to prevent the removal of malicious code. One such flaw (the details of which are redacted from the report) is that inserting a standard PCMCIA memory card into the machine containing a file with the appropriate name will cause the boot loader to reflash itself, installing the code in that file as the new boot loader on the system. As Hursti points out, “Due to the fact that the boot loader is the primary mechanism for its own reprogramming, if the boot loader is compromised with a deep attack, using the boot loader itself to install a known clean version of a boot loader is no longer a viable option as a recovery path to clean the system." The report goes on to show similar flaws in replacing the operating system image, and points out a voter-accessible hidden button (labeled “battery test”) that could be exploited by malicious code as a trigger for an attack. The recommended defense against attacks is to physically protect the machines–as a machine can be compromised with less than five minutes of physical access, chain of custody evidence must be maintained from the machines’ origin to final use, with no unsupervised access.

Suppose we live in a world with no private automobiles. There are still airports, bus stations, and sea ports, and these are places with diverse carriers and services, giving you many options for traveling long distances to other locations. But to get from your home to these travel hubs, your options are limited to between one and three cab companies; most people have access to two, RBOC Cab and Cable Cab. Both cab companies own all of their own cabs, but RBOC Cab has been legally required to allow independent operators to rent their cabs. Those independent operators have been permitted to repaint the cabs, furnish the interiors differently, and offer additional services to customers within the content of the cabs, but the cabs are owned by RBOC Cab and are of the same size, and the radios are standard equipment owned and maintained by RBOC Cab. Cable Cab, by contrast, has never been required to allow independent operators to use its cabs, and has never done so. (UPDATE 11 May 2006: This is because Cable Cab pays 5% of revenue to local governments as part of their franchise agreement, while RBOC Cab, by contrast, has had government monopoly protection until 1996, has free access to rights of way, and receives government funding via “universal service” fees in order to provide service to rural areas. While Cable Cab funded its own purchasing of cabs and infrastructure, RBOC Cab built its infrastructure without risk as a result of the government support.) They initially didn’t come with radios at all, but have recently furnished their cabs with radios. The rules have recently been changed so that RBOC Cab will no longer be required to allow independent operators to rent their cabs. They’ve stopped allowing new independent operators to rent cabs, or existing independent operators to take on new customers, and have announced that they will be ending all of the independent operator contracts. RBOC Cab has also announced that they intend to build larger cabs, in which some of the additional space will be used to provide new services, such as a fully stocked bar, refrigerator, and high-definition television. They will supply all of the contents of the bar and refrigerator, as well as what is shown on the TV, by entering into arrangements with suppliers, whom they intend to charge a fee for the privilege of using the facilities to reach their passengers. Passengers will not be permitted to use the refrigerators to store items that they’ve supplied, though they will still be allowed to bring along their own cooler, snacks, or video equipment, provided that it fits in the remaining space in the cab (which will be more space than in previous cabs). Both cab companies reserve the right to deny transportation for certain kinds of items that they consider harmful or dangerous, or which impact their ability to function–items that stink up the cab, that could catch fire or explode, etc. Cab Neutrality advocates argue that the Department of Transportation needs to create additional regulations which require the cab companies to allow passengers to carry whatever items they want, to use the radios to listen to whatever stations they want (whether the driver likes it or not), to put their own items in the refrigerator, and to allow all snack, beverage, and video providers to make use of the new equipment that RBOC Cabs plans to put into their cabs. They also want to require that the cab companies send cabs at the same speed to every travel hub, regardless of the hub’s size or amount of demand for its services (or what the passengers want), and that all costs should be borne by the cab company, not the hub. RBOC Cabs responds by saying that in order to fund the building of the new cabs, they need to be able to charge the snack, beverage, and video providers to use the new equipment (in addition to the fee charged to the passengers, which is not enough to cover the actual cost), but that passengers are still free to bring their own snacks. Cab Neutrality advocates worry that unless they are allowed to bring whatever items they want, they might be prohibited from bringing their own snacks, beverages, and videos. RBOC Cabs have also claimed that they need to be able to build these larger cabs in order to travel longer distances, and suggested that their ability to carry snacks, beverages, and videos over long distances is part of the costs they need to recoup (when, in fact, the long distance transportation of even their snacks, beverages, and videos is provided in the highly competitive environment of the multiple transportation hubs, where there are no issues of capacity and costs per mile are significantly lower). This is not a precise analogy, but I think it captures the highlights. To make it more precise, I’d need to actually talk about the roads, perhaps making the last mile owned by HOAs that are analogous to RBOCs and cable companies, with the HOAs placing restrictions on the size and type of vehicles that can move on those roads and creating new lanes for their own vehicles, which they want to rent out to third parties or make available for higher priority services that might need them for emergencies. What’s right about “Cab Neutrality” is that passengers want to be able to get to every travel hub and they want to be able to choose what food, beverages, and entertainment they get on the way. But the specific proposals they make are too specific, go beyond these basics, and create limitations in what new services and business arrangements can be developed. As I see it, the biggest problem here is limited competition among cab companies–a situation which was alleviated to a large extent by the requirement that RBOC Cab lease out cabs to independent operators–a requirement that should have applied to Cable Cab as well. (If we had a way to purchase or rent our own vehicles from competitive sources, all of the worries about what the cab companies might do would be eliminated.) A requirement on the cab companies that requires passengers to be able to carry whatever they want would have the unintended consequence that some malicious or unthinking passengers would carry items that the cab companies want to prohibit for good reason–harmful and dangerous materials, materials which disrupt service for other passengers. (E.g., spam, malware, denial of service attacks.) A requirement that all cabs must travel at the same speed means that if I have an emergency where I want to be able to pay more to get to my travel hub faster, I can’t do it. Passengers carrying organs for transplant surgery don’t get to travel any faster than passengers going on vacation. A requirement that all costs must be borne by the cab companies (both for transportation to the hubs and for the new cabs and equipment within them) limits the possibilities of new business arrangements between third parties and the cab companies. There might be a possible business model where a travel hub pays a fee to get more frequent cab services, with a lower cost to the cab passengers, subsidized by the long-haul transportation services. Or where video providers can supply services at different costs, with lower-cost services subsidized by advertising revenue.

Here’s a nifty little device that sits on your tongue and electrically stimulates it via 144 microelectrodes. Your brain figures out how to “see” patterns on the surface of this device, and: In testing, blind people found doorways, noticed people walking in front of them and caught balls. A version of the device, expected to be commercially marketed soon, has restored balance to those whose vestibular systems in the inner ear were destroyed by antibiotics.

Josh Marshall writes: The grand ole daddy of special interest giveaways – Congress to give away the Internet. This is serious. Find out more here.Sounds like he’s saying that Congress is transferring the authority the Department of Commerce currently has over ICANN somewhere, doesn’t it? But he links to Art Brodsky on TPM’s “Special Guests Blog,” who writes: Congress is going to hand the operation of the Internet over to AT&T, Verizon and Comcast. Democrats are helping. It’s a shame. ...

Details of AT&T’s cooperation with the National Security Agency are beginning to emerge as a result of the Electronic Frontier Foundation’s lawsuit against AT&T, as described by Wired: AT&T provided National Security Agency eavesdroppers with full access to its customers’ phone calls, and shunted its customers’ internet traffic to data-mining equipment installed in a secret room in its San Francisco switching center, according to a former AT&T worker cooperating in the Electronic Frontier Foundation’s lawsuit against the company. ...

This is really cool, I hope the Quicktime videos come back soon. (Via BLDGBLOG.) UPDATE (September 18, 2007): Julius Popp’s website (the first link) appears to be undergoing renovations… the BLDGBLOG link still has Bitfall pictures and description. Historical Comments Einzige (2006-12-09): That has got to be the coolest thing I've seen in a long time.Mind-numbingly awesome.

Back in December, I wrote about criticisms of Wikipedia in Communications of the ACM and a study published by Nature which found that Wikipedia’s coverage of scientific subjects was about as accurate as that of the Encyclopedia Britannica. Now Britannica has demanded a retraction of the Nature study on the grounds that its “research [is] invalid, its study poorly carried out, and its findings [are] ‘so error-laden that it was completely without merit.’” (Inside quote is from Britannica’s response, outside quote from Seattle Times coverage.) Britannica’s website has a 20-page PDF (7 pages of response, 13 pages of supporting information in two appendixes) that is a response to the Nature study, titled “Fatally Flawed: Refuting the recent study on encyclopedic accuracy by the journal Nature.” This response states that “Nature’s research was invalid. As we demonstrate below, almost everything about the journal’s investigation, from the criteria for identifying inaccuracies to the discrepancy between the article text and its headline, was wrong and misleading. Dozens of inaccuracies attributed to the Britannica were not inaccuracies at all, and a number of articles Nature examined were not even in the Encyclopedia Britannica." The initial criticism of the response is that, while the Nature study headline claimed that “Wikipedia comes close to Britannica in terms of the accuracy of its science entries,” the actual study showed that Wikipedia had a third more inaccuracies than Britannica. The next criticism is that as they reviewed the alleged inaccuracies, they “discovered in Nature’s work a pattern of sloppiness, indifference to basic scholarly standards, and flagrant errors so numerous they completely invalidated the results.” Nature refused to supply the complete reviewer reports comparing Britannica to Wikipedia articles, so Britannica reviewed the truncated reviewer reports that had been posted to the web, along with the articles which were supplied by Nature. Several of the Britannica articles reviewed were not from the Encyclopedia, but from editions of the Britannica Book of the Year. Britannica notes that “Yearbook authors are often given greater latitude to express personal views than writers of encyclopedia articles.” In one instance, a sentence in an article on Steven Wolfram “in which point of view figured significantly” was counted as an inaccuracy. In one case, an article on ethanol, the source of the article was from the Britannica Student Encyclopedia, “a more basic work for younger readers." A more significant flaw was that in some cases, reviewers criticized articles for omissions when they were only sent excerpts from the articles. The report notes that the reviewer of an article on lipids was sent only a 350-word introduction rather than the full 6,000-word article, which covered the items marked as omissions on the basis of the introduction alone. Similarly, what was delivered to reviewers as articles on kin selection and punctuated equilibrium were actually only sections from a longer article on the theory of evolution, and what was identified as an article on field-effect transistors was a section of the entry on integrated circuits. In another case, an article on aldol reaction was composed of selections taken from two separate Britannica articles, connected together with language apparently authored by Nature’s editors. Another flaw in the Nature study was that Nature did not require reviewers to document their assertions; where they disagreed with articles being reviewed, the reviewers were taken to be authoritative. The Britannica response supplies two examples where the reviewers were incorrect. Finally, Nature failed to distinguish minor from major errors, treating all as equal even though Wikipedia had more significant issues, and counted as omissions cases where Britannica made editorial judgments to cover specific information in either a different way than the reviewer preferred or in other articles in the encyclopedia. I think Britannica makes their case–the study shouldn’t be relied upon as evidence that Wikipedia’s coverage of science is as good as the Encyclopedia Britannica.