- Uncle Spy Wants You
- Jurists gone wild
- Bottle me up, throttle me down
- Do not attempt to adjust your Internet
- Get ready for the (pørn) free Internet
- How tech firms can save the earth
- Voting accidents and other avoidable tragedies
- Geek Week: E-voting experts and nymphomaniacs wanted, inquire within
- Smoking guns and broken voting machines
- Sequoia and e-voting: The best government money can buy
June 23, 2008 | Comments: (0)
Last week the House of Representatives passed a "compromise" amendment to the Foreign Intelligence Surveillance Act, though it sounds like the only things that have been compromised are our Constitutional rights. Now the Senate is poised to do the same.
Unfortunately, the FISA Amendments Act of 2008 adds little to existing FISA laws save for one very big thing: immunity for telecoms that violated FISA laws on orders from the White House. Essentially, all Ma Bell and her bastard offspring need to do is present a note that says Uncle Sam made them do it, and the 40-odd lawsuits pending against them vanish.
This rewards companies like AT&T and Verizon that failed to stand up to orders of questionable legality, while punishing companies like Qwest who declined the government's requests. Imagine the cojones it took to say no to the NSA. What are the odds anyone's likely to do that again?
Remember, three Bush appointees -- attorney general John Ashcroft, deputy AG James Comey, and FBI head Robert Mueller -- threatened to resign over this program. So this is clearly not a matter of the NSA forgetting to pick up a few subpoenas on the way home from the grocery store. This was something no one had seen before.
But what exactly was it? The worst thing about the immunity provision is that it closes the door on discovery. We will likely never find out what information the NSA sought, what it found, and what that data was used for. That's a problem.
It's very likely the spooks were involved in a massive data mining operation that involved data from millions of innocent non-terrorist law-abiding Americans. Think I'm being paranoid? Here's what USA Today revealed in May 2006:
The National Security Agency has been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth, people with direct knowledge of the arrangement told USA TODAY.
The NSA program reaches into homes and businesses across the nation by amassing information about the calls of ordinary Americans — most of whom aren't suspected of any crime. This program does not involve the NSA listening to or recording conversations. But the spy agency is using the data to analyze calling patterns in an effort to detect terrorist activity, sources said in separate interviews.
In other words, they're attempting to create a profile of terrorists, and the only way to do that is to profile a whole lot of non terrorists. And if they happen to catch anyone doing anything else borderline illegal along the way, they can pick and choose whom they want to prosecute. Why should China and Russia have all the fun?
I'm all for hunting down and ferreting out the bad guys, but I draw the line at spying on ordinary Americans. I'm happy to stand in line at the airport or the baseball stadium and have them look through my bags, even though I know it's mostly Security Theater. My phone calls, emails, and Web surfing are another story. If I'm a suspect and you've got a warrant, fine, spy on me. Otherwise, I'd like to be left alone. Is that unreasonable?
Should the telecoms get off scot-free? Post your thoughts below or email me directly: cringe (at) infoworld (dot) com. And try not to say anything too unAmerican -- you know who is probably watching.
Think you've got the right stuff to pass our tech quizzes? They're not as easy as they look:
• The InfoWorld News Quiz
• Test Your Geek IQ
• Test Your Network Security IQ
Posted by Robert X. Cringely on June 23, 2008 09:10 AM
June 15, 2008 | Comments: (0)
A federal judge in Los Angeles has recused himself from a obscenity trial after a trove of dirty pictures were found squirreled away on his personal web site. Sounds scandalous, no? But the reality is both more complicated and more interesting.
First, the case over which judge Alex Kozinski is no longer presiding. The USA v. Ira Isaacs obscenity trial is not your typical pørnography case. Isaacs doesn't consider himself a pørn merchant, he's a self-styled “shock artist.” He creates videos meant to horrify and disgust their viewers, not to get them hot and bothered. They've been called the most extreme videos on the Internet, and that's all I'm going to say about them. (Want to know more? Start by Googling "coprophagy videos" -- but don't blame me if you hurl.)
Now here comes da judge. Kozinski apparently stored a large cache of NSFW images and videos on Alexkozinski.com. (Don't bother looking for them, he's purged the site. But you can find links to some of the notable ones and a list of the rest here.) It has been described as “some pretty intense sexually explicit material.” Here's a sampling:
One photo features two naked women in a field on all fours, painted to look like Holsteins (or, if you're a hopeless geek like me, Gateway boxes -- though if Gateway boxes had looked more like these, it would probably still be an independent company).
Another photo features two women sans undergarments, hiking up their skirts while a sign behind them reads “Bush for President.” There are a few visual gags concerning Catholic priests and altar boys, and a video of a donkey in a state of excitement chasing a fat guy with his pants around his knees. (It ends just as he is cornered by the priapic beast.)
But wait, there's more. According to the large index of files on Kozinksi.com, the judge had posted copies of Monty Python's “The Lumberjack Song” and Tom Lehrer's “Hanukah in Santa Monica.” He's posting MP3s? Quick, alert the RIAA!
This is “pretty intense” and “sexually explicit” material? Maybe in some circles. But on the planet where I live, this is run-of-the-mill high school locker room humor. In fact, Kosinzki has said the site is maintained primarily by his son Yale. That explains a lot.
Finally, there's the source of this story: Cyrus Sanai, a Los Angeles attorney who has been publicly feuding with Kozinski for years. He found Kozinski's cache six month ago and has been peddling this story ever since. Eventually, the LA Times reporter covering the Isaacs case took the bait. Sanai's purpose wasn't to reveal a conflict of interest in the judicial system, it was to humiliate Kozinski. He seems to have succeeded.
But whether what Kozinski or his son posted online is relevant to the Isaacs trial is just one of many thorny issues raised here.
In an age where ISPs are taking on the roles of Net censors, defining what is and isn't "obscene" or "pørnographic" is a terribly important question. And if we require judges to be pure of heart and mind, why not juries? How about the other officers of the court? The spectators in the courtroom? Those who read about the trial on the Net and in the papers? Hell, let's just check everybody's hard drives, and their bookshelves too while we're at it.
The material Issacs created and Kozinski posted do have one thing in common: You may not approve of it, but nobody's forcing you to look at it. And if you do choose to look at it, well, doesn't make you just as guilty?
Should the Net be obscene and not hurt? Or is filtering objectionable content a necessary evil? Post your thoughts below or email them to me: cringe (at) infoworld (dot) com. But please, spare me any Ira Isaacs videos, I have a weak stomach.
Think you've got the right stuff to pass our tech quizzes? They're not as easy as they look:
• The InfoWorld News Quiz
• Test Your Geek IQ
• Test Your Network Security IQ
Posted by Robert X. Cringely on June 15, 2008 09:14 AM
June 10, 2008 | Comments: (0)
Bottle me up, throttle me down
The notion that we are swimming in broadband choices, floated last week by Cringester B. D. in rebuttal to my snarky jibes about the phonecablopoly (tm), did not sit well with Cringesters who are sitting in the cheap seats at the great bandwidth banquet. Particularly in rural areas, where consumers typically get one choice (satellite) whose bandwidth limits cause their accounts to be routinely throttled.
Cringeman G. M. writes:
I would like to make you aware of the fact that bandwidth throttling and total data sent/received is already a fact here in the wilds of Montana where we have ONLY satellite Internet available. It is written into the contract, which we get to sign or have no service at all. You see what happens when you have no competition. You high-speed DSL and cable guys have got it made (for a while anyway).
Likewise, reader S. T. is also saddled with satellite:
We live in the sticks and can only get Direcway (now HughesNet) satellite quote high-speed Internet un-quote. We are throttled at about 120 megs per 24 hours. If we download more than that we are slowed to what seems like slower than dial-up. They do give us a window of 3am to 6am EST to download all that we can. And online games are just about impossible with the very high ping range, since we bounce up and back down ~22k miles each way.
Poster PDog says things aren't all that much better in Eastern Mass:
I seem to be one of the few respondents who live in a densely populated area, but who have few choices of any provider. ISP: Comcast or dial up. TV: broadcast or Comcast. Home phone service: you guessed it, Comcast or wired (the only truly reliable service anyway). Nobody offers DSL in my area - no loss - but Verizon has my town on its list for the next two dozen or so towns to be FiOSed. If I'm lucky it won't be more than five years away. I do have a large choice of crappy wireless service companies, but the operative word here is crappy. So, B. D., wallow in your choices. I'm still waiting for some.
Then there's the throttling of a more selective sort. My unscientific yet impartial BuzzDash poll on whether Netizens would prefer a pørn-free Internet has so far reached what seems to be an obvious conclusion: no, they would not. Only 26 percent would go opt for a Net sans naughty bits; 56 percent oppose censorship, and the rest opted for "define pørnography." In other words, one man or woman's smut is another's clothing optional entertainment.
Somehow I suspect this poll will have no bearing on Sprint, Verizon, or Time Warner Cable, all of whom announced yesterday they'd reached an agreement with New York State Attorney General Andrew Cuomo to block web sites and Usenet groups trafficking in kiddie pørn.
No one in their right mind would argue for child pørnography. But my question is, if these sites are so easy for the ISPs to find and block, why aren't the Feds breaking down their doors? Even if the site owners are operating out of some offshore pørn haven, surely they can get a little international cooperation from the local gendarmes. I suspect this is more of a political move than a practical one. But what's clear is that the line dividing acceptable and censorable content just moved. The only question is where it will stop.
Not to end on a total downer, I offer some hopeful news via reader M. K. in Colorado.
Recently I signed up for Comcast Cable TV, having already subscribed to the phone and broadband service. While the guy on the other end of the phone was filling out the necessary form, he inquired as to how I liked my phone and Internet service. I replied that it was fine but that there was no way I was getting the 6mb/sec they advertised. He said "Oh", I heard a mouse click and he replied "There you go". Now I get 10-13 mb/sec. Go figure.
What I figure is that Comcast is about to get a rash of calls from Cringesters hoping to hear the joyous sound of a fat pipe being cranked wide open. Good luck with that.
Are you happy with the size of your pipe? (Hmmm, that didn't come out quite the way I'd intended.) Post your tales of bandwidth triumph and tribulations or email me here: cringe (at) infoworld (dot) com. Swell swag comes to those who tip (and wait).
Posted by Robert X. Cringely on June 10, 2008 10:02 PM
June 04, 2008 | Comments: (0)
Do not attempt to adjust your Internet
It's been a wild week here in Cringeville. My blog posts on YouTube v. Viacom and the FCC's proposal for a pørn-free wireless Internet have inspired raging debates about copyrights and corporate rights, free speech and free sex. Here are some of the highlights.
First, longtime Cringe fan L. B. disputes my notion that most "pretty much all men" have surfed adult sites. He adds
And despite what you say about the First Amendment, our Constitution protects speech (which generally enlightens humans), not pørnography (which debases them). We could argue all day long about what constitutes pørnography (and even "pørnographic speech)", but the Supreme Court, even in its present liberal iteration, has generally ruled against pørnography, so you won't find much comfort there either.
(OK, show of hands: how many folks agree the Supremes are in a "present liberal iteration"? Maybe he's confusing them with the Motown group.)
It's true that when they created the First Amendment, Jefferson, Madison, Franklin et al probably did not have Girls Gone Wild in mind (well, maybe Franklin did). What they had in mind was protecting unpopular speech: the right to say things even a majority of the people (or one leader with a vindictive streak) did not much like. The problem is that old slippery slope, or what I like to call the Lays Potato Chip syndrome -- you can't censor just one. Once you start shutting down Web sites, it's hard to stop. It's no secret governments that impose the strictest limits on adult content also typically do the most to squelch political dissent.
A fair number of Cringesters noted that FCC oversight works fine for network TV, so why not the Net? All I can say is.... have you watched much network TV? Do you really want the Internet to look and act like that?
Meanwhile, over in the non-adult section of Web video, we've got a heated discussion over what studios and conglomerates should and shouldn't have the right to do with the content they're desperate to monetize in every possible way. Poster Redgum summarizes the conflict eloquently:
Copyrights like private ownership rights should be protected by law. This is where it gets sticky though -- do you completely shut down what is otherwise a fertile ground for creativity in the name of protecting existing copyrights, or do you find a better way to enforce existing laws? Personally, I think that if we continue to ban, prohibit, and shut down such avenues of access, we lose far more than what we perceive we are losing.
The common thread between these two topics is control. We're all used to a freewheeling, unregulated, Hell-bent-for-whatever Internet. Now that the Net is growing up, we're caught in the middle of a power struggle between corporate titans, government bureaucrats, and Just Plain Folks over who gets to call the shots in the 21st century economy. You can probably guess who I'm rooting for in this fight.
Finally, a word about the so-called phonecablopoly, from someone on the inside. Frequent Cringe correspondent B. D., who works for a wireless carrier/ISP that shall go unnamed (but rhymes with "horizon") says I'm being too hard on Ma Bell's kids. He's actually drowning in a sea of broadband choices:
At my house I can count (wired) TXU Electric, AT&T, and Charter Cable... plus (wireless) AT&T, T-Mobile, Verizon, Sprint, and several other smaller wireless carriers whose names escape me. Then there’s over-the-air digital TV broadcast plus Dish Network and DirectTV, plus another wireless Digital TV carrier whose name also escapes me... The day the electric company brings their Internet service online through the electrical power cable, we’ll have yet another choice though I for one have no intention of plugging up a modem directly to 120 VAC to get Internet (!). How many other choices DO we need in one place?!
(B. D. wants to make it clear he's speaking entirely for himself and not for his company, lest he be hauled off to the corporate dungeon and whipped with RJ11 cables.)
We control the horizontal, we control the vertical. And by "we," I'm not talking about you or me, Kemosabe.
Have we reached the Outer Limits? Would you prefer a regulated Internet, free from its sin-sodden side? Post your thoughts below, email me at cringe (at) infoworld (dot) com, or take the BuzzDash Quiz here.
Posted by Robert X. Cringely on June 4, 2008 05:25 AM
June 02, 2008 | Comments: (0)
Get ready for the (pørn) free Internet
It seems obvious now that Google is not going to save us from the rapacious clutches of the Phonecablopoly. After securing a safe haven for its Android operating system, the goo-goo-Googlers bowed out of the FCC's wireless spectrum auction, leaving big chunks of the analog TV band to Ma Bell's bastard offspring, Verizon and AT&T.
Suddenly, like a knight in shining white satin, the FCC is threatening to swoop in and carry the day. It has floated a plan where the winner of the public auction for the 2155 MHz band would be required to provide free, wireless Net access over part of that spectrum.
This is not unprecedented. That's the model used to develop television, to cite one obvious example. Similar proposals for free wireless Net access have been floated in the past and rejected. But none of them came directly from the FCC.
Naturally, there's a catch, and it's a doozy. This free wireless Internet would come without obscene or adult content. Carriers would be required to deliver the data bits without the naughty bits.
Yes, the Internet without pørn. Kind of like bagels without cream cheese or Siegfried without Roy.
Me, I'm perfectly sanguine with the idea of a mobile Internet free from adult content (I also only read Playboy for the articles.) If I want to see somebody making the beast with two backs -- or several beasts of different species -- I know where to go.
But I'm in the minority. The percentage of men who range the Net for pørn is about the same as men who lie about the size of their fiscal endowments -- pretty much all of them. Surveys typically note that one third to two thirds of all male Net surfers (and a smaller but significant percentage of women) have visited adult Web sites, but those are just the folks honest enough to admit it.
Ridding the Net of naughtiness is fraught with difficulty. There are really only two ways to do it, and they both suck. One is by using filtering software. While these apps have gotten more sophisticated over the years, they face an insurmountable problem: defining what is and isn't obscene. So they miss a lot of stuff some people would find offensive, while blocking other stuff that doesn't really deserve it.
The second solution is actually worse. That's where people decide what subset of Net content goes up on the wireless band. And while humans can make more nuanced decisions than software, they quickly turn political. Who makes those decisions and what is their agenda? If you can block adult content, then surely you should block sites promoting hate speech and terrorism. And from there, well, the party's just getting good. Once you start censoring content, where do you stop? There are plenty of folks out there who'd be happy to rewrite our Constitution, starting with the First Amendment. They're not the ones I want delivering the Internet.
Who should decide whether to put cream cheese on your bagels, you or the government? Post your opinions below or email them to me here: cringe (at) infoworld (dot) com. But please, try to keep your comments clean. Don't make me censor you.
Think you've got the right stuff to pass our tech quizzes? They're not as easy as they look:
• The InfoWorld News Quiz
• Test Your Geek IQ
• Test Your Network Security IQ
Posted by Robert X. Cringely on June 2, 2008 07:06 AM
April 23, 2008 | Comments: (0)
How tech firms can save the earth
Just in case you've suddenly emerged from a coma and hadn't noticed, yesterday was Earth Day here on our planet. And it seems like everybody is putting on their green. Even the US government has a site celebrating its efforts to ravage save the earth.
While tech companies are certainly puffing up their environmental street cred, they could be doing more. In fact, I have a few suggestions for what the leading tech companies can do to save the planet.
Microsoft: First, install a filter to capture the greenhouse gases expelled into the atmosphere every time Steve Ballmer opens his mouth. Better yet, set up a Ballmer Carbon exchange where Microsoft can trade five minutes of Ballmerizing for, say, three hours of silence by a normal person. Also: install solar panels on his head and give the energy back to the grid.
Google: As we all know, Google's thousands of data centers produce enough residual heat to power a small country. So why not do exactly that? Ladies and gentlemen, I present to you the Glorious Republic of Googlistan. Everything's free, provided we can follow you wherever you go.
Yahoo: Take all the energy you're expended fending off Microsoft's hostile acquisition and put your employees to work planting carbon-absorbing kudzu around your Sunnyvale HQ. By the time Microsoft finally comes to claim its booty, they won't be able to find the building.
Apple: You have to give them props for environmental consciousness. For example, Steve jobs recycles the same jeans and turtleneck every time he gives one of his "one more thing" presentations. Now it's time to take the next step by building energy-efficient housing from the millions of dead and abandoned iPods littering our landfills.
Earth Day has also become a megaphone for those benighted souls who believe global warming is a conspiracy created so Al Gore can make millions giving speeches on the rubber vegan circuit. So I have a suggestion for the folks at the Competitive Enterprise Institute, The National Anxiety Center, and all the other global warming skeptics. We'll give you your own Arctic ice floe, build McMansions on it, and stock them full of energy-hungry electronics and carbon-belching SUVs. You can live there free of charge for the rest of your lives -- or until it melts. Whichever comes first.
UPDATE: I received clarification from Dell regarding an item in Monday's post about buying Latitude and Optiplex systems with XP installed through 2011. According to a Dell spokeshuman, this is merely part of Microsoft's official downgrade rights program. You'll still have to pay for Vista Business or Vista Ultimate, but Dell will downgrade your computer to XP before they ship it to you (along with the Vista discs). Dell wouldn't say how long the offer is on the table, only that they would "offer the downgrade rights program for as long as Microsoft supports it."
Got ways to save the earth or donations for the ice floe? Post them below or send me a note: cringe (at) infoworld (dot) com. Top tipsters may receive carbon-neutral swag for their troubles.
Posted by Robert X. Cringely on April 23, 2008 08:09 AM
April 16, 2008 | Comments: (0)
Voting accidents and other avoidable tragedies
When I was in school I learned that the difference between comedy and tragedy is that one of them ends in death and the other in marriage. (But I could never remember which is which, which may be why I have such a hard time holding onto girl friends.) Likewise, I can't really decide if our current e-voting follies are comic or tragic.
At the RSA conference earlier this month, a panel of security wonks who tested California's e-voting equipment declared the machines slightly more secure than a box of Jujubees.
The California audit examined systems from Diebold Elections Systems, Hart InterCivic and Sequoia Voting Systems, ultimately permitting their use in 2008, but only under certain conditions. In testing, Wagner and his team found that they could introduce a computer virus to any of the three systems, which would then spread throughout the county and ultimately skew the vote count.
Anyone who's followed this story knows this is old news. Separate tests by Princeton prof Ed Felten and Finnish security expert Harri Hursti arrived at similar conclusions. (Here's a video of a Diebold AccuVote-TS machine being hacked by Felten and his crew.)
In fact, security wonk David Wagner says we're past the point where we can fix broken voting machines by election day, so he's urging states to audit the results for fraud. Only about a third of states do any auditing at all. So yesterday the US House of Representatives tried to pass a bill offering states money to fund audits and/or use paper ballots instead of machines if they chose to do so. But it failed to get the two thirds majority it needed for passage, largely because many House members were absent.
The White House and most Republicans opposed the bill, citing its potential cost. Per the Associated Press:
Rep. Rush Holt, D-N.J. sponsor of the bill ... noted that many who voted against the bill because of the cost "supported spending almost $330 million in recent years to provide election assistance in Iraq, Afghanistan and Pakistan. I would have hoped those who supported efforts to export democracy abroad would be equally committed to strengthening democracy here at home," he said.
Election fraud isn't limited to one party or one technology (see 1960 presidential elections, City of Chicago). But it's deeply troubling when one side says we can't afford to ensure free and fair elections or that voting machine manufacturers shouldn't be held accountable.
Cringester "X. Y.," who disagrees with me on most of these issues, says there are worse things than a return to paper and pencil:
It really comes down to one thing: when an item is touted as “secure,” how secure is that item? Remember: if we still used paper and pencil, people would not see “projected winners” on television screens for a few days. The only real losers in such a situation are, in order, television networks, radio networks, and newspapers; the winners will be the voters. And the nation and the world will survive.
In other news: As of today, Hart InterCivic may be the new proud owner of Sequoia Voting Systems, which has been on the auction block since it was revealed the e-voting company was owned by a Venezuelan firm with ties to Hugo Chavez. According to Brad Friedman, proprietor of the Brad Blog and an absolute terrier on the topic of e-voting, Hart made a hostile bid which Sequoia had to match by 5 pm yesterday. I guess we'll find out later today what happened.
Meanwhile, Hart InterCivic is being sued for fraud and misrepresentation by William Singer, a former Hart technician who says the company lied about the accuracy and reliability of its machines. So that's comforting.
We all know that if there's a security vulnerability, someone will eventually exploit it. My prediction: The upcoming presidential election will indeed be hacked -- not by some partisan trying to cheat, but by a gray hat hacker seeking to prove the systems' vulnerability and/or just generally [DELETED] with all of us.
Ladies and gentlemen, I give you the next president of the United States: Oprah Winfrey.
Got strong opinions about hacking the vote? Post them below or email me -- cringe (at) infoworld (dot) com. Swell swag awaits those whose submissions make it into my blog.
Posted by Robert X. Cringely on April 16, 2008 08:35 AM
March 31, 2008 | Comments: (0)
Geek Week: E-voting experts and nymphomaniacs wanted, inquire within
I met a gin-soaked barroom queen.... While I was digging through the Net looking for the skinny on Sequoia Voting Systems and its mystery contractor Kwaidan Consulting (aka Mike Gibbons), the Bradblog's Brad Friedman was doing the same. He managed to unearth a cached version of Gibbons' MySpace page that's just a wee bit different than the current model. Instead of a photo of Gibbons shaking hands with Bush I, this one shows a good-old-boy leaning against the hood of a pickup. The list of people Gibbons wants to meet has changed too. Instead of Jesus, Einstein, and Newton, Gibbons was looking for “a well endowed blonde nymphomaniac ... that likes to be under the influence of Jim Beam whiskey in a dimly lit room at least 3 times a week.” (Hmm, Jesus or a busty nymphomaniac – that's a tough call.) It's nice to know the gatekeepers of our electoral system go shopping for their code experts in New Orleans bordellos.
We like to watch. At last week's Digital Home Conference, Comcast senior veep Gerald Kunkel casually dropped the bombshell that the ISP was experimenting with putting cameras into its set top boxes, so it can tell who's watching the tube. No, that's not a joke. They want to see whether it's the kids parked in front of the idiot box or dad snoozing in his Barca Lounger, then automatically switch to their favorite channels or serve up ads appropriate to each (like sugar-packed cereals and adult-friendly pharmaceuticals). After Chris Albrecht broke that story on his New TeeVee blog, a s***storm ensued. Comcast then backtracked considerably, saying it never intended to peer into people's living rooms, it was merely experimenting with a Wii-like gesture controlled interface. Right. Just like they never blocked Bit Torrent traffic on their network. Sure, fine, we believe you. Just remember: While you're watching Big Brother, Big Brother may be watching you.
Me and my marrow. On a personal, non-snarky note: My friend and colleague, Emru Townsend, wants your blood bone marrow. At least, if you're a healthy person under age 60 of West African descent he does. Emru, the founder of Frames Per Second magazine and a regular contributor to PC World, has leukemia and cannot find a matching donor. There's apparently a huge shortage of marrow from people of color, and this is a game where race really does matter. (Correction: Emru would like me to point out that he could be a match for anyone of any race; it's just that his odds increase with a donor from the same ethnic background.) A gaggle of people are working to find Emru a donor; they've created a web site where you can learn more about his story and sign up to be a donor. Visit Heal Emru, and tell your friends. You could end up saving somebody's life.
Got hot tips or tech news of note? Post them below or send email to cringe (at) infoworld (dot) com. Super swag awaits those whose tidbits are deemed blog worthy.
Think you've got the right stuff to pass our tech quizzes? They're not as easy as they look:
• The InfoWorld News Quiz
• Test Your Geek IQ
• Test Your Network Security IQ
Posted by Robert X. Cringely on March 31, 2008 05:45 AM
March 26, 2008 | Comments: (0)
Smoking guns and broken voting machines
My last post about Sequoia Voting Systems and its painfully stupid e-voting machines inspired both cheers and jeers from the Cringe faithful.
Cringester E. N. believes we should all just grow up and accept that mistakes happen (though he seems to also believe the Clintons are involved):
There will always be mistakes in voting because people are people, whether they are voting or create software and hardware to facilitate voting. The chicanery comes not from the manufacturer, but those on the ballot who cry “Foul!” if the electorate doesn’t vote the way the loser wanted them to.
Except that in this case, it's the election officials who are calling for an investigation, not the losers, and its the manufacturer who's balking, not the winning candidate.
Reader D. S. notes that slot machines in Vegas use proprietary code yet undergo government inspections, so why not voting machines? (A cynic might answer, yes, but in Vegas the machines aren't rigged.)
And Cringe fan S. S. is positively outraged:
This is the kind of nonsense that goes way beyond giving IT a bad name.... This is messing with the rights of the people; this is akin to changing the bill of rights. ...Changing even one vote through a mistake is keeping someone from their absolute right to vote.
Meanwhile, Sequoia has responded to public pressure, kinda sorta, announcing it has submitted the broken voting machines used in New Jersey to third-party testing (though only its own, hand-picked testers, of course). Strangely, Sequoia parceled out its machines' source code to an unknown company called Kwaidan Consulting Services of Houston, leading some bloggers to ask, Who the hell is Kwaidan Consulting Services?
Looking up KwaidanConsulting.com doesn't inspire much confidence. My browser was immediately redirected to bnmq.com, which Spy Sweeper warned me was not a nice place to be. (According to McAfee SiteAdvisor, bnmq is guilty of extreme spammishness.)
The Kwaidan domain is registered by a company called Prime Directive Inc. Calls to Prime Directive's number went unanswered, as did email. But a Texas corporate records search traces PDI to one Raymond Michael Gibbons, aka Mike.
Mike Gibbons has a solid geek pedigree -- an engineer and executive at K*Tec Electronics, later subsumed into Suntron, a contract manufacturer based in Phoenix. Suntron makes the eSlate voting machines for Hart InterCivic, one of the few e-voting companies that rarely makes the news.
(If there's a smoking gun connection between Suntron and Sequoia, I haven't found it. But all you out there in Cringeville are welcome to try).
Gibbons has a MySpace page (which is several orders of magnitude less exciting than Ashley Alexandra Dupre's MySpace page),where he lists his occupation as "Consulting exclusively to the automated election services industry the cornerstone of democracy." Turns out he's a big fan of Japanese cinema, God, the theory of relativity, and the Bush family. In fact, his profile picture shows him shaking hands with the elder Bush. And Kwaidan is apparently Japanese for 'ghost stories,' which seems fitting, given the ephemeral nature of the firm.
The bottom line: Once again, rather than truly open itself up to public scrutiny, Sequoia shops for friendly test firms who answer only to them. Gibbons might be qualified for the job. But's he's not Ed Felten of Princeton, or Avi Rubin of Johns Hopkins, or David Dill of Stanford, or Michael Shamos of Carnegie Mellon -- a nationally known expert on e-voting who might be critical of Sequoia and its comically crippled machines.
Fair and open elections demand fair and open voting machines. Many of us have come to that realization already. Maybe one day the people responsible for running our democracy will realize that too.
Got hot tips or methods for hacking voting machines? Post them below or send email to cringe (at) infoworld (dot) com. If I quote you in my blog, I'll send you swag for your pains.
Posted by Robert X. Cringely on March 26, 2008 05:18 AM
March 24, 2008 | Comments: (0)
Sequoia and e-voting: The best government money can buy
I don't know if you've noticed lately, but our elected officials are being determined by people who can't do simple math or write a comprehensible sentence in English. And no, I don't mean people who voted for Rudy Guiliani. I'm talking about companies like Sequoia Voting Systems.
Though it hasn't received huge media coverage, New Jersey's recent presidential primary had a number of electoral snafus. About 60 of the state's Sequoia voting machines recorded the wrong number of votes cast. In other words, if 200 people in a precinct voted, and the votes were split evenly between the Democrats and Republicans, the voting machines would show a tally of either 201 or 199 votes cast. (You'll find evidence and an explanation of it here.)
One vote here or there goes askew, no big deal, right? But it does raise the question what else the machines might have gotten wrong. And a reasonable person, concerned about the effect on our democratic process, might want to dig a little deeper into the question. That's what New Jersey's Union County officials thought when they asked Princeton researcher and e-voting wonk Ed Felten to take a look at the machines and figure out what went wrong.
Felten has a long history of finding flaws in voting machines; in past years he has demonstrated how easily a Diebold machine could be hacked and made to display inaccurate voting totals. He also showed how the locked cabinet containing the Diebold machine's memory cards could be accessed using a hotel mini-bar key. (You would of course be charged $7 for any votes added or removed.)
But Felten never got the chance to fiddle with the Sequoia machines, because the company sicced its attorneys on him and the county. They not only declined to send the machines to Felten, they dropped the notion of investigating it entirely.
Sequoia says any independent investigation would violate its trade secrets. (In related news, the Mafia would like you to know that investigating its loan sharking operations would also violate its trade secrets.) The company posted a tortured explanation about what may have gone wrong with the New Jersey machines, which too long to excerpt here but you can find the relevant bits on Felten's Freedom to Tinker blog.
The Sequoia response doesn't address its machines math problems at all, but it does point out that a) these machines had basic UI and engineering problems that would earn your average electrical engineering student an F, and b) whoever wrote the explanation would also fail freshman composition. And yet these people are standing between us and the next president of the United States. What's wrong with this picture?
Angry hackers have responded by taking down portions of Sequoia's Web site. An understandable response, but probably not an effective one.
Felten, who not only understands this technology better than the companies making these boxes but also expresses himself quite well, draws this conclusion:
The bottom line is clear. An investigation is needed — an independent investigation, done by someone not chosen by Sequoia, not paid by Sequoia, and not reporting to Sequoia.
County clerks have called for an independent investigation as well. But I'm not holding my breath. When corporate interests collide with the public interest, our votes no longer seem to count.
Got strong feelings about voting machines? Cast your thoughts below or email them to me. As always, top tipsters qualify for cool swag.
Think you've got the right stuff to pass our tech quizzes? They're not as easy as they look:
• The InfoWorld News Quiz
• Test Your Geek IQ
• Test Your Network Security IQ
Posted by Robert X. Cringely on March 24, 2008 09:18 AM
December 05, 2007 | Comments: (0)
Whether you lean left, veer right, or run strictly down the middle, you have to admit that our current adminstration has a conflicted approach to data retention. When it comes to our data, the Feds are all over it – asking ISPs to retain subscriber data for more than a year, demanding months' worth of search terms from the major Web services like MSN and Yahoo, and of course whatever the NSA was sniffing when it leeched onto the major telecom providers' backbones.
But when it comes to data generated by and for the White House, privacy and secrecy are the watchwords. Our example du jour: White House attorney Scott Bloch.
In case you haven't been following this story closely, here's some background.
Bloch heads up the Office of Special Counsel, which is empowered to protect Federal whistleblowers from retaliation by their bosses, and to enforce laws like the Hatch Act, which prohibits federal employees from participating in partisan political activities (like fund raising) on the taxpayer's dime.
Bloch's office is investigating Karl Rove for allegedly violating the Hatch Act by giving PowerPoints to various federal employees about how they could help the Republican cause in 2006. Bloch himself is being investigated by the federal Office of Personnel Management, for allegedly dismissing whistleblowers' cases without cause and for retaliating against whistleblowers in his own agency. (Kind of like hiring Oprah to guard the Oreos.)
So what has Mr. Bloch done that's worthy of this blog? It has recently been learned that, in December 2006, Bloch placed a call to 1-800-905-GEEKS and asked a technician to give his office PC a data wipe to Department of Defense specs. The disc was overwritten 7 times with garbage data, obliterating any actual information on the disc.
Bloch claims to have called in the Geeks on Call because a virus was destroying the files on his computer. So, naturally, he ordered them to destroy the files on his computer. Apparently Bloch thought it was an airborne virus, because he also ordered files destroyed on two laptops used by his former top aides.
In an interview with the Wall Street Journal, Jeff Phelps, who runs Geeks on Call's DC operations, acknowledges that a DoD-level wipe of a hard drive is just a bit extreme. "We don't do a seven-level wipe for a virus," he said.
Meanwhile, it seems Bloch copied some "personal" files to a thumb drive before the wipe began, which he is refusing to turn over to investigators. Now there's a loophole any garden variety criminal would love to exploit. "I'm sorry, Mr. Federal Agent, you can't have access to my computer files, they're personal."
In a letter to the editor in today's Journal, Bloch defends himself (or tries to):
After the hard drive crashed, I wanted to protect my personal files, which included personal and medical information, privileged communications with my personal attorney, my son's pictures from Iraq, Christmas lists, etc. They were moved to a flash drive, and the hard drive cleaned to remove any trace of a virus. None of this is relevant to the investigation, nor has the inspector general of OPM informed me of any such allegations.
Anybody out there want to explain how Bloch can copy personal files after his hard drive has crashed? Or why he'd call a retail tech support firm to take care of a virus on his work computer instead of his own IT guys? Or why the invoice for Geeks on Call makes no mention of a virus?
What's ironic is that Bloch's investigation ties directly into a bunch of other data discrepancies – including how the White House 'misplaced' 5 million emails when it upgraded from Notes to Outlook, and the use of non-official email addresses to either a) avoid Federal record keeping laws, or b) avoid violating the Hatch Act, depending on whose story you believe.
For David Gewirtz, this is more than merely politicians behaving badly. It's a matter of national security. In his new book, Where Have the Emails Gone?, he describes various nightmare scenarios of what could happen if, say, Al Queda got hold of one of the Blackberries Karl Rove has lost over the years, or simply tapped into the hundreds of millions of unencrypted email messages sent from White House staffers.
Gewirtz, a magazine publisher and journalist, describes himself as an independent who voted for Reagan and Bush I as well as Clinton. He says his axe isn't political, it's technical. But what he has to say is damning. He writes:
As far as internal email operations go, the White House apparently operates like a stupid drunken sailor on crack..... The problem is not our vastly superior security and encryption technology. The problem is that all of that technology is not being used....email in the White House needs to be fixed. It's not just about politics, it's about security.
Got strong opinions about national security and personal data? Let the flame wars begin. Tipsters can also email me their thoughts; if I use them in the blog, you'll qualify for cool swag.
Posted by Robert X. Cringely on December 5, 2007 08:07 AM
October 24, 2007 | Comments: (0)
Arnold Schwarzenegger was always better in the bad guy roles. Now it seems he's gone back to his strengths.
Earlier this month the Governator terminated the Consumer Data Protection Act (AB 779), a law designed to force California merchants to follow good data security practices and, when they don't, make them financially responsible for cleaning up the mess.
This piece of legislation passed the California legislature by an overwhelming margin only to get shot down by Ahnuld, who apparently does not shop at TJ Maxx, Marshalls, or any of the other budget emporiums owned by The TJX “our data security is as cheap as our prices” Companies. It was the TJX data fiasco that inspired the legislation in the first place.
The back story: Two years ago, a group of enterprising hackers camped out in a parking lot outside a Marshall's store in Minnesota, cracked the paper-thin WEP security used by the store's wireless network, and began siphoning off credit card numbers. Tired of shopping retail, they went wholesale -- planting keyloggers inside TJX's central database to capture employee logins, setting up their own TJX accounts, and getting customer information direct from the source.
When they were done, they'd stolen at least 45.7 million credit card numbers – a new high (or low) in the world of consumer data breaches. The actual count could be much higher, though we'll never know exactly how high; TJX deleted most of its records before the store realized it had been hacked. The hackers left a bunch of their own files on TJX's network, but TJX can't read them because they're encrypted.
In other words, TJX didn't know or care enough to encrypt its records, but the hackers did.
The depth of TJX's stupidity is hard to fully describe (though the Wall Street Journal did a fine job of capturing it here). Unfortunately, they're not all that unique. Many retailers are having a hard time implementing basic security measures.
Arnie says the law is too big a burden on small merchants, and that the credit card industry already has its own data security guidelines – the Payment Card Industry Data Security Standard. The old 'industry self regulation is better' argument rises again, like a cybernetic assassin after it's been steamrolled by a semi.
The flaw in Arnie's ointment? The PCI DDS was created when the five biggest credit card companies merged their security standards in December 2004. But TJX got hacked in July 2005, and it didn't even realize it was hacked until December 2006. So much for self regulation.
Personally, I think a cash disincentive for screwing up is a good thing. Small merchants with low sales volumes get a smaller disincentive, big merchants who hand customer information to hackers on a silver platter (or in TJX's case, a cheap plastic one) get hammered. This is unfair?
Companies that violate the PCI DDS can get fined for infractions, but exactly who imposes the fine and how much the guilty parties have to pay is shrouded in secrecy. Of course, TJX will pay in other ways. It's proposed a $200 million settlement to compensate consumers for identity theft, but mostly in the form of store vouchers and a three-day 'customer appreciation event' next year. That's like mugging somebody, then offering to take them to dinner using the money you just stole from them.
TJX is being sued by banks that don't like paying $25 per customer to replace their credit cards because the retailer can't be bothered to upgrade its Wifi security. The FTC might also levy a fine at some point. Still, this would all be a lot simpler – and involve fewer attorneys – if there were a law that said, you spill that data, you pay for cleaning it up. Oh right, there was one, but somebody killed it.
This isn't over. The bill passed with a veto-proof majority and will likely return in altered form. A Federal version of the same bill may appear eventually. As in Hollywood, stories this compelling always produce a sequel.
Or to quote an aging movie icon: I'll be bock.
Got more tales of brain-dead data breaches? Spill them here or contact me directly. Cool swag could be yours.
Posted by Robert X. Cringely on October 24, 2007 03:00 AM
October 04, 2007 | Comments: (0)
It seems Our Beloved Government has been dipping its toes into the blogosphere. As part of its effort to blog them over here so we don't have to blog them over there, comes Dipnote, a blog from the US State Department.
No, I am not making that up. “Dipnote” is apparently short for “diplomatic note” in DoS jargon (or “dipspeak”). And that's not the only thing that's dippy about it. If I have to read one more blog that contains the phrase “Let the conversation begin,” I fear my head may explode. (Don't worry, I won't do it inside Logan Airport.)
So far, the conversation appears to consist mainly of a) complaints about the blog's white-text-on-black background; b) extreme skepticism that any branch of the federal government is truly interested in an open exchange of ideas; and c) suggestions for better names. Also a fair number of comments from China, Australia, and points east, suggesting that perhaps foreign folk are more interested in the workings of our State Department than we are. (Which makes sense, when you think about it.)
My favorite comment so far comes via Judith from Australia: “Ah, the comic section of the Internet.” Couldn't have said it better myself.
If they engage in “dipspeak” do they wear “dipthongs”? Post comments below or email me here. Top tipsters are in line for cool Cringely swag.
Posted by Robert X. Cringely on October 4, 2007 06:02 AM
July 30, 2007 | Comments: (0)
Who's afraid of the big bad tube?
The Democrat's YouTube-fueled debate last week featured talking snowmen, marriage-minded lesbians, and a guy who cradled an automatic weapon in his arms and called it "my baby." But the Republican version may feature little more than the lonely sound of crickets.
Though John McCain, Ron Paul, and Tommy Thompson have signed on to be interrogated by the viral videophiles on September 17, putative front runners Mitt Romney and Rudy Guiliani have not. At first, Romney pooh-poohed the format, claiming that answering questions from Frosty the Global Warming Challenged Snowman wasn't dignified enough.
Democrats gleefully accused them of passing the buck-buck-buck-baGACK and laying a big egg in front of a generation of Net-savvy voters. Right-wing bloggers and political consultants started SaveTheDebate.com, begging the candidates to stop hiding under the covers and face the Web cam.
(Today, according to a blog entry in the Washington Post, Romney says he might participate after all, if debate organizers move the event so he can clear up some scheduling conflicts. No word yet from the other 37 Republican hopefuls.)
Then again, maybe their concerns run a little deeper. According to a story in the Chicago Tribune, Romney seems to think YouTube is actually MySpace:
"YouTube is a website that allows kids to network with one another and make friends and contact each other," Romney explained. "YouTube looked to see if they had any convicted sex offenders on their web site. They had 29,000."
Snowmen and perverts -- the scourge of the Internet. Who wouldn't be scared?
Are you afraid of YouTube? Reveal your darkest fears below or email them to me here. Scariest stories may qualify for some nonpartisan swag.
Posted by Robert X. Cringely on July 30, 2007 06:08 AM
July 23, 2007 | Comments: (0)
Tonight we will see the future of democracy, and it will look a lot like badly lit cat videos. Starting at around 7 pm eastern, eight Democratic candidates for president will be answering questions posed by the citizens of these United States via YouTube. Of course, CNN is cherry picking the questions from the 2300 submitted, so don't expect any paranoid expletive-filled rants (AKA, the videos I submitted).
Because at least 90 percent of our elected officials are technologically impaired, I thought I'd help them prep for tonight's video scrum. Here are some questions that could well be asked.
Should Mentos and Diet Coke be declared the national soft drink?
Is ObamaGirl, like, totally hot, or what?
In 25 words or less, please define the word "Macaca."
There has been a terrorist attack on the United States. You are locked in a secure, undisclosed location and you can only watch one YouTube video. Would you pick the Star Wars Kid with the light saber, or the fat guy lip synching to the "Numa Numa" song?
Please select one of the following choices. The Internet is a) a dump truck, b) a series of tubes, c) kind of like the telegraph, only with porn.
To the best of your recollection, are you now or have you ever been a member of AOL?
I have an important question I want to um ask and you know I'm like totally not sure which one of you should answer so I'd like to open it up to, um, everyone on the dais -- is that the right word? I'm a little frazzled because I went shopping today and like the stores were totally crowded and it was like a total scene you know? And I just got barely got home in time... So, whatever, I'd like to know , if you died and got a chance to be reincarnated as an animal, what kind of cat would you want to be. I kind of like orange tabbies I had one named snuffles that died and it was so sad but -- oh, I'm sorry, my time is up. I just want to say you guys rock especially Obama. Love you! Bye!!!!!!!
Our country may never be the same.
Are the YouTube debates a turning point in our techno-democracy or just a ratings gimmick? Vote your conscience below or email me here. Top tipsters qualify for cool swag.
Posted by Robert X. Cringely on July 23, 2007 07:16 AM
May 22, 2007 | Comments: (0)
Finally, a political candidate who understands what the people really want. Tania Derveaux, a candidate for the Belgian parliament, has promised to personally provide jobs to 40,000 lucky male constituents if they'll vote for her NEE party -- and by “jobs,” I'm not talking about gainful employment. NEE (Dutch for “No”) is a party without any real candidates; if NEE wins a seat, it goes empty, as a protest against politicians' empty promises.
Derveaux claims that her promise is anything but empty. Interested supporters can sign up at her Web site; NEE promises to cover travel costs, and Belgian citizenship is apparently not a requirement.
(That loud click you just heard was 50,000 surfers leaving this web site.)
For those of you still reading this blurb: Of course there's a catch. After you sign up, you receive a link to a five-minute YouTube pantomime performed by Derveaux's cute but chatty Asian “assistant.” (And, incidentally, a plug for Derveaux's as-yet-unfinished movie.) When it was all over I felt strangely unfullfilled. Yet another politician who refuses to put her money where... oh never mind.
Yeah, I fell for it too. Does that make me the sucker? Share your thoughts below or email me here.
Posted by Robert X. Cringely on May 22, 2007 03:38 AM
