WINDING DOWN
An idiosyncratic look at, and comment on, the week's net and technology news
by Alan Lenton
Well all the alarums and excursions seem to be over for the time being - bar one. Next week I'm giving a talk called 'Holistic Security' at the ACCU's annual programmers conference in Oxford.
Normally, that would mean that there wouldn't be a Winding Down next weekend, but given that the absence of Winding Down for nearly a month is rumoured to have engendered severe withdrawal symptoms in a number of readers, I have prepared some material to go out in my absence next week. Don't say that I don't look after you all!
In the meantime welcome to this week's issue...
Shorts:
Well the twitteratii did prove that they are good for something this week - concocting conspiracy theories in hours instead of the usual days.
What happened? Well it's fairly simple really. A bookdroid, toiling somewhere in the bowels of fortress Amazon made a cataloging error, as a result of which some fifty seven thousand books in its catalog lost their sales ranking.
The problem was spread over a broad range of categories, but was first noticed by elements of the gay and lesbian community, who were convinced that this was a conspiracy aimed at them. The opportunity was too good to miss, and pretty soon the rest of the twittering classes had joined the uproar.
By Monday afternoon 22,000 people had signed a petition to boycott Amazon - something which would definitely harm the sales ranking of the books under contention! By then though Amazon had already fixed the problem. The mainstream press, who are currently going through an uncritical love affair with Twitter, chalked it up as a 'win' for Twitter, and within a day the whole thing had evaporated.
I've no doubt this will be rolled out at intervals as a fine example of how the internet has changed the rules. It hasn't of course. The rule remains exactly the same - never attribute to malice that which can be explained by stupidity!
http://www.nytimes.com/2009/04/14/technology/internet/14amazon.html?_r=1
While all this was going on Amazon was in the process of making an announcement that has very good implications for its customers' privacy. Amazon was announcing that it would not allow Phorm to scan its site to see what its customers are browsing.
Phorm's technology is used to scan what customers are doing and build up a profile. It's a major attack on online privacy, and a statement like this is a welcome announcement from one of the major players in the online business. It's just a shame that it got lost in the Twitter storm in a tea-cup,
http://news.bbc.co.uk/1/hi/technology/7999635.stm
While we are on the subject of Phorm, British Telecom (BT) conducted trials of the technology, using its broadband customers as guinea pigs, in 2006 and 2007. This came to light recently, but the authorities declined to do anything about it, even though BT had clearly contravened the data privacy regulations by not informing customers and giving them a chance to opt out.
Now the EU is taking a hand. The privacy regulations are part of the implementation of the EU's ePrivacy Directive, and failure to enforce it is a breach of the directive, so the EU intends to take the UK to court over the failure.
It's kind of sad really, when the only way to force the government to enforce the laws of the country is to ask a bunch of bureaucrats in Bruxelles to do it for you...
http://www.theregister.co.uk/2009/04/14/eu_phorm_formal/
http://www.informationweek.com/news/security/privacy/showArticle.jhtml?
articleID=216500626&cid=nl_tw_security_T
There was some bad news for Microsoft this week, in the form of a survey of IT professionals. A massive 83% said that their companies were planning to skip upgrading to the up and coming Windows 7 in its first year. Less than half - 42% - said that they would be upgrading in the second year.
That's pretty stunning when you consider that most major companies have skipped Vista altogether and are still running on Window XP.
If these figures really do represent reality then it is going to cause problems all round. There is a massive secondary market built on the assumption of the regular (and frequent) appearance of new versions of Windows. Manufacturers and retailers rely on it to encourage people to upgrade their computers. Consultants rely on it to generate new work, programmers take advantage of the new features to upgrade their applications and sell the upgrades. Games companies need it because the DirectX 10 games interface doesn't run on XP. Even hackers rely on it for a fresh supply of new bugs to exploit. OK, OK, only joking about the last one. All this and a recession...
http://www.informationweek.com/news/windows/operatingsystems/showArticle.jhtml;
jsessionid=T0HQED0VWARCSQSNDLOSKH0CJUNN2JVN?articleID=216500331&pgno
=1&queryText=&isPrev=
There are a couple more interesting Microsoft snippets for you this week.
The first is that the court anti-trust oversight of Microsoft that was agreed in 2002 is likely to be extended again, this time until the end of 2010. This will be, according to the Department of Justice, the last time it will ask for an extension.
Thus, it seems likely that the successor to the soon to be released Windows 7 will not be subject to oversight by the court. Of course, if everyone continues to stick with Windows XP court oversight isn't likely to make much difference one way or another!
The other thing of note is that Microsoft released no less than eight security patches this week - five of them classed as critical. The critical patches cover flaws in Excel (2 bugs), Office text converters (2 bugs), DirectX (1 bug), the Windows operating system (4 bugs), Windows HTTP services (3 bugs), and Internet Explorer (4 bugs). That's a total of 16 bugs just in the critical patches. Note that a fix for a serious, and publicly known, Power Point bug wasn't included.
I think corporate sysadmins are going to be working overtime for the next week or so, especially given that Oracle has also released its quarterly batch of patches. I don't envy them!
http://www.informationweek.com/news/security/appsecurity/showArticle.jhtml?
articleID=216500673&cid=nl_tw_software_T
I see that the court in Sweden decided to jail the four men behind the file sharing web site The PirateBay. I have to say that one thing big media seems to be remarkably good at is finding complete dorks to prosecute in high profile trials. The antics of the four principals in this case did nothing to help, and a great deal to hinder, what was actually a very good defence case with a great deal of public support.
The court ruling itself is so broad that even Sergey Brin and Larry Page could be jailed for Google's day to day search engine activities. Basically it says that any service that helps find copyrighted material is liable for any illegal downloads made as a result - watch out search engines, ISPs, websites, the works. The boys are now appealing against the verdict, and this case will probably trail on for years. Hopefully they will now take it seriously and not treat future trials as a lark.
http://news.bbc.co.uk/1/hi/technology/8003799.stm
Did you know that using a command line prompt on a Linux box may be a sign of criminal activity? No? Well the Boston College Campus police believe it's so - they actually used this in a warrant to seize a student's computers. The warrant is a classic piece of technical ignorance. It states, among other reasons, that the student "is a computer science major is considered a master of the trade amongst his peers."
It goes on to say that he, "uses two different operating systems to hide his illegal activities. One is the regular B.C. operating system and the other is a black screen with white font which he uses prompt commands on."
Phew, I'm safe, my Linux shell uses black fonts on a straw background for its command line. I was really worried there for a moment! I don't know whether or not the student involved is guilty of 'criminal activity' or not. What I do know is that whoever asked for, and whoever granted that warrant are guilty of criminal stupidity.
They obviously didn't know what they were talking about, but clearly made no effort to find out either. Like I said, criminal stupidity.
http://www.eff.org/deeplinks/2009/04/boston-college-prompt-commands-are-suspicious
Of course, not all warrants are stupid. Hats off to the FBI for their use of warrants to allow them to use a sophisticated little piece of software to deal with online criminals using anonymisers to cover their tracks. A Freedom of Information (FoI) request recently revealed something of the level of online savvy of the FBI.
It seems they've been using a program called CIPAV (Computer and Internet Protocol Address Verifier) since before 2002. The program invades the suspect's computer and reports the configuration back an FBI server, after which it acts more or less as a key logger.
The most important thing revealed by the FoI request, though, is that in -every- case covered in the documents, the FBI applied for a warrant to target the specific person, before employing the CIPAV program. Ten house points and a gold star for this one!
http://blog.wired.com/27bstroke6/2009/04/fbi-spyware-pro.html
A number of would be snoopers have been snared by a botnet client masquerading as a utility that would allow the more nosey among us to snoop on other people's SMS messages online. I guess it's the online equivalent of twitching curtains...
This dangerous little number comes in a range of different file names, sms.exe, freetrial.exe and smstrap.exe being the most popular. While the temptation might be to laugh at the sight of would be snoopers getting double crossed in this way (I know I was smirking when I read about it), we all suffer in the long run.
Every wannabe snooper snared by the Waledac botnet client represents more spam in your inbox, more clogging up of the net with attacks on major infrastructure, like the DNS servers, and more aggro for those whose job it is to keep the bits flowing.
http://www.theregister.co.uk/2009/04/16/sms_snoop_waledac_botnet/
Returning to the topic of Twitter, I admit I did find one use of Twitter that I thought was brilliant. The Albion Bakery in London is using Twitter to tell people what's currently coming out of the oven - bread, cakes, buns, you name it! Now that's clever.
http://dvice.com/archives/2009/04/uk-bakery-uses.php
Geek Toys:
Geeks, I bring you the ultimate geek toy (again). How about a working 1:10 scale model of the Saturn rocket that took the first men to the moon?
It's being built by high power model rocket enthusiast Steve Eves. It's 36 feet tall (the equivalent of a three story building) and is powered by nine rocket motors. It looks absolutely stunning, and when it went on show at the Cleveland Air Show on Labor Day weekend, one admirer asked where the astronaut would sit!
Point your browser at the URL, which is an extended piece about the whole project. This takes the idea of a 'model' to a whole new level!
http://www.rocketryplanet.com/content/view/2829/30/
Scanner: Other Stories
Appeals court prohibits RIAA trial webcast
http://www.dmwmedia.com/news/2009/04/16/appeals-court-prohibits-riaa-trial-webcast
Bush-era NSA wiretap violations exposed
http://www.theregister.co.uk/2009/04/16/nsa_warrentless_wiretapping_scope_creep/
EBay announces IPO for Skype in first half of 2010
http://www.dmwmedia.com/news/2009/04/14/ebay-announces-ipo-skype-first-half-2010
Facebook rejects funding at $4 billion valuation
http://venturebeat.com/2009/04/15/facebook-rejects-funding-at-4-billion-valuation-
may-not-raise-more/
Google growth slows dramatically in the first quarter
http://www.physorg.com/news159118775.html
Low-tech tools take out phone and internet lines in Silicon Valley
http://www.physorg.com/news158686349.html
Acknowledgements
Thanks to readers Barb and Fi, and to Slashdot's daily newsletter for drawing my attention to material used in this issue.
Please send suggestions for stories to alan@ibgames.com and include the words Winding Down in the subject line, unless you want your deathless prose gobbled up by my voracious Spamato spam filter...
Alan Lenton
alan@ibgames.com
19 April 2009
Alan Lenton is an on-line games designer, programmer and sociologist. His web site is at http://www.ibgames.net/alan.
Past issues of Winding Down can be found at http://www.ibgames.net/alan/winding/index.html.
|
