Monthly Archives: December 2011

SOPA hearing today

Posted on by

For all of those interested in protecting the Internet today is the last day to try to prevent congress from passing SOPA. This law, would censor the internet. There have been a lot of people talking about this law on both sides of the argument. Chris Dodd president of the RIAA is pushing heavily for this law. He argues that if China has the same ability to control content in China, then the US should have the exact same authority. In a previous blog I argue that this is the biggest killer to internet innovation. Effectively this would create a Great FireWall of the US.

Opponents of the law have started a censorship the internet campaign. I tweeted one of these yesterday. Effectively it blocked out parts of your writing in simulation of the final impact of the law. In addition to these campaigns a few other big hitters have come out against the law, including the Writers’ Guild of America. This group understands that copyright laws shouldn’t dictate the future of the internet and it’s openness. In addition yesterday the EFF posted an open letter from internet leaders arguing that SOPA would crush innovation. I strongly suggest reading this letter. It’s written by the people that created things like IPv6. These people know what they are talking about.

We users have had a blessing in disguise with the MegaUpload and Universal Music Company DMCA Take down issue. Effectively, they took down legal songs using a copyright provisions in addition to taking down videos ABOUT the discussion.

So what are some of the key problems with this bill? It requires DNS level blocking. Which could potentially break the internet. It takes down entire domains if there is a single alleged copyrighted material online. It can block payment to sites through requiring Master Card and Visa to shut down payment for the site. All of these have to happen within Five DAYS. Nothing gets done in five days in any business.

There are additional problems with these laws and our foreign policy. Recently Hilary Clinton gave an extensive speech on net freedom and how repressive regimes are censoring the internet and killing free speech. So, our international rhetoric is completely out of line with what we’re doing internally. Furthermore, this is going to create problems with the Organization for Economic Cooperation and Development (OECD) has decided to institute a policy framework which is effectively the opposite that everything SOPA stands for. Finally, this has a negative impact with the #NoDisconnect policy that the EU has recently pushed for.

If you want to keep up to date with the comments being discussed in the hearing today. Follow @EFFLive as they are tweeting comments from congressional leaders about the problems with this law. Additionally, please contact your congressional leaders today (scroll down to the bottom) about this issue.

Watch Live Stream Here: http://www.keepthewebopen.com/sopa

Additional Reading:
Internet Blacklist vs. Constitution – EFF
SOPA and Educators – EFF
Recent SOPA amendments – TechDirt
DC Decided to Regulate Hollywood to prevent innovation – TechDirt

MegaUpload and the DMCA

Posted on by

We’ve recently had a perfect example of the dangers of giving copyright holder more powerful weapons in their war on “piracy.” Megaupload works as a service where a user can upload content and allow other people to download it or share it at a later point in time. A good amount of the material is, in fact, copyrighted. There are versions of Game of Thrones and plenty of other videos. This services has totally legitimate uses though. There are competing services that you can use, something like DropBox or GoogleDocs which works in a slightly different manner. The users is required actively share the files. In Megaupload the uploader doesn’t have to actively share the file it can be accessed by many people.

MegaUpload would be a sure fire target if SOPA or Protect IP gets passed. What would happen is that MegaUpload would effectively be blacklisted from the Internet and cease to exist if they can’t fix the problem within five days. Additionally, any payments they would receive can also be blocked. This of course isn’t anything new, but recently Universal Music decided to use a DMCA take down notice to remove a MegaUpload video from YouTube.

This happens on a regular basis. These companies have programs that look for copyrighted material and then any offending material is issued a take down notice, which YouTube is required by federal law to comply with. There’s just one problem in this case. MegaUpload claims to own all of the copyrights to this song and video. Universal was issuing a false take down notice. As a result MegaUpload is now suing Universal.

What can we take from this? Well, that giving the authority of content control to companies that have an incentive to silence material that is harmful to their business is a bad thing. In this case, we have a company abusing state authorized power to censor a music video about another company. We should expect this type of behavior to continue if these copyright holders are given additional authority to censor the internet.

It appears that not only are record labels abusing their authority, but the DHS had seized a website, Dajaz1.com, for over a year without any sort of recourse. Particularly troubling in this case is that the blog did contain copyrighted material, but it was given to the blogger by the record labels and artists.

As users of the internet we all should be extremely concerned about what is happening on the internet in the name of Copyright. Freedom of culture is something we all enjoy and relish, however actions by Universal and the DHS severely threaten our cultural freedom and ability to have public discourse on the usage of technology. MegaUpload was using famous pop stars to stake a claim that they are a legitimate company. Using a law in an illegal manner was trying to silence that conversation.

Are patents going to impact how doctors treat a patient?

Posted on by

Today Ars Technica reported on a case before the US Supreme Court and how the court is assuming that the usage of scientific data, which has been publish, is a valid patent. This is a pretty scary scenario. What do you mean? Well, the patent is related to how the levels of some chemical impact the dosage of a drug. That’s it. If you have level X in your blood you should have dosage Y. The patent holder created a device to test the level of the chemical in your blood which then suggests a dosage level. The Mayo clinic developed their own test and  have been administering the test on their own without paying anything to the company. The arguments in the court essentially assume that this is a valid patent.

Should this patent be valid though? Seems like something that could be patented. Based on what is considered patentable, this should fall under mathematical formulas. Essentially, this is a matter of correlation and basic regression analysis. During a drug trial you can determine a correlation between the impact of a dosage of a drug on the current level resulting in a lower level of the chemical. This is really how all medicine works. If you can reduce costs by creating your own tests and administering it yourself then that’s great. Hospitals should be encouraged to do this if they are large enough.

This is what Doctors do. They read literature about the medicine the condition it’s supposed to impact and what sort of connection there is with the dosage levels and the response rate within the patients. Every doctor has to use a test to determine the level of a chemical or some condition. This can be the pulse (irregular heartbeats), blood pressure (pressure cuffs), blood sugar (A1 test) and the list goes on. In each case the doctor is able to assign a proper dosage prescription based on the study of patients. If a doctor was required to pay a licensing fee for each and every case of this our currently exorbitant costs of health care will seem cheap. Like when we used to complain about $1.50/gallon for gas.

The other problem with patenting something like this is that it’s likely to be highly unenforceable except for when a large institution like the Mayo Clinic. Individual practitioners will be safer than large clinics, but they could be impacted as well. If they are required to use an extremely expensive proprietary testing methodology rather than have the ability to use any testing method it will drive up prices and may put doctors out of business.

If the court rules on this as if these types of patents are valid, we will need to push to have patent law changed again. The last change moved things in general, in the right direction but a lot more work needs to be done.

Data protection, anonymity and copyright

Posted on by

I talk a great deal on this blog about data issues, privacy and ownership, anonymity and copyright, however is there a clear connection between them? Should we care about who has access to our data, who we are and control over our access to data?

I think that these issues are so connected that we need to do something about how they are managed at a federal level. Currently, it’s rather easy for governments to request data from internet sites. Some times they require warrants or court orders other times the companies simply hand over the data. Savvy users understand how their data is collected and used by companies. I’ll be the first to admit that I’m learning about this as I’m going. It’s not easy because some times it’s really inconvenient to really protect your data. The more sites that are connected together the more likely one of your accounts are to be hacked. Linking sites also creates other problems. Specifically Facebook and Google. Twitter isn’t as bad, but it easily could be.

Why are Facebook and Google bad though? First Facebook is the worst by far. Both Zuckerbergs have made statements proclaiming privacy a bad thing.We can see this erosion with the creation of Facebook’s OpenGraph and seamless information sharing. We’ve all see the increase in the amount of information that our friends are sharing. Such as Spotify and articles they’ve read. Which now no longer click through, but end up going to some app from that company. All of this information is being stored and sold to customers with your name on it. Effectively you’ve lost your ability to view websites freely without it being stored on multiple servers by multiple companies at the same time.
Google comes in a close second with their privacy problems. They aren’t any better with Google+ as they require names at this time. We also don’t know what Google does with the information that you give them when you link accounts together. By giving access to Google when you sign into another website Google is learning more about you which will likely be used to adjust your filter bubble.

Without anonymity or at least pseudonymity it’s significantly more difficult to control access to your data. Putting a buffer between you and the people that are interested in learning about you as a person can protect you from a lot of bad people. However, whenever there are discussions about anonymity or pseudonyms some one almost always makes the argument that it will increase the safety for child molesters or terrorists.

The Copyright industry is one of the most vocal advocates of this tactic. In fact, this is one of the arguments being used for SOPA. They argue that if you don’t have anything to hide then you have nothing to worry about. Well, I don’t buy that argument. People have privacy fences for a reason around their yard. Why not do the same thing for your data? Being anonymous doesn’t mean your bad, it just means your being safe.

Anonymity makes it more difficult for copyright holders to come after people who download movies without buying the movie. They want to know if your downloading it regardless of the fact that you might actually own the movie in some other physical medium and are using the digital copy as a back up. They also don’t really care if you go out and buy the movie after watching it. In fact the Swiss government came out and said that buying a movie or song after downloading is extremely common.

Based on these three points, I believe that everyone should be pushing leaders to increase the ability for users to be anonymous on the internet. This will protect users data from identity theft, allow users better control over their data and decrease the impact of the filter bubble. We must accept the fact that people may use the freedom in unethical ways. However, this doesn’t mean that it’s unethical for people to be anonymous online and doesn’t mean that they are unethical. It means that we need to define clear laws and procedures to deal with unethical or illegal activities in these systems. Without these guidelines we are likely to have no control over our data.

Phone Trackers

Posted on by

A few days ago news came out about a company called “Carrier IQ” installing data on phones that will report usage to carriers to improve service. Initially, it was reported that this software was a keystroke logger, which would have been nearly as bad as this, but apparently it doesn’t actually track keystroke. What’s a keystroke logger? Well, it’s a pretty common way to get access to information. Essentially, it tracks every since keystroke you make while typing and stores it as well as the software you’re using. So, if you get this type of software onto the computer of, say, a business competitor, you can get access to all the information related to a given product. You’d have to get it on the right computer and you’d probably get some information you don’t care about. How would this impact you as a user? Well, if it had been on there, basically every single email, text, website or instant message would have been logged and sent to whatever company cared about it.

In the video above a developer walks through the functions of Carrier IQ on an HTC device. It appears, in this case, that CIQ can, in fact, operate as a key logger. However, there are some additional points of concern with this bit of software. First it reads a great deal of information from incoming and outgoing data. It’s indicated that SMS information goes to CIQ BEFORE the user is notified that an SMS has come through. An additional point of concern is the fact that CIQ is able to get information from HTTPS, at least over WiFi. This should be a serious concern as the point of HTTPS, the stuff your bank data is sent with, is supposed to be encrypted and is the safest way to handle data.

I checked my phone and it’s not on the Samsung Galaxy. If you rooted your phone, then you are safe. Otherwise you should be aware your location and other data may be set to your phone manufacturer or your service provider.

Richard Stallman, the founder of GNU/Linux license, noted that these types of applications are created when users aren’t able to actively see what’s going on with software. It’s a loss of control over your data that is really the danger here. I agree with Stallman, but don’t go as far, that we need to have more transparency with the software that we use. Users should be able to have more control over what is going on with the devices they purchase. Users should be outraged that data can be tracked with no method of stopping the tracking. This is a huge invasion of our privacy and these companies should be fined heavily for this.

I have no reason to trust Carrier IQ or any company that uses this software. I’m disappointed in HTC. Apple does have it in some of the earlier versions of iOS, however it only operated during diagnostic mode. It has also been indicated that, unlike what the video claims, that this software isn’t on Nokia devices.

Al Franken has called for Carrier IQ to explain how this software works and what it does. I think there needs to be a call for something a step farther and that is a patch to allow users to turn off the program and remove it as soon as possible.

As consumers we need to be aware of the fact that companies are trying to use software and technology to control and track our behavior. Currently we still feel outraged by this and at times feel that we should be reaping the benefit of firms collecting our data. However, unless something changes this will become the norm and we won’t feel like our privacy is being invaded. It will become, that’s how it’s always been.

Further Reading:
http://arstechnica.com/tech-policy/news/2011/12/carrier-iq-hit-with-privacy-lawsuits-as-more-security-researchers-weigh-in.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss

http://www.androidcentral.com/carrieriq-qa