Category: Writing

Categories
Writing

Browsing on Your Mobile Should Not Disclose Your Phone Number

In the past day or three, it’s come to light that O2 – a major mobile phone provider in the UK – made the very serious error of disclosing its users’ phone numbers in HTTP headers (i.e. the headers that are part of every single communication with a website). The researcher who discovered this – Lewis Peckover – has made available a site that will check whether your phone is disclosing its phone number when visiting websites. You don’t need to be an O2 customer to double check that your mobile provider is doing things (im)properly.

This significant release of information occurred because:

“Technical changes we [O2] implemented as part of routine maintenance had the unintended effect of making it possible in certain circumstances for website owners to see the mobile numbers of those browsing their site,” the company wrote.

However, the company added that it had previously disclosed this information, but only when “absolutely required by trusted partners”.

“When you browse from an O2 mobile, we add the user’s mobile number to this technical information, but only with certain trusted partners.”

The company said this was needed to manage “age verification, premium content billing, such as for downloads, and O2’s own services”.

However the technical glitch meant the sharing went further it said: “In addition to the usual trusted partners, there has been the potential for disclosure of customers’ mobile phone numbers to further website owners.”

In light of this ‘glitch’ I would hope that a more secure way of confirming age/purchasing credentials is rapidly rolled out. Significantly, not only every website visited had access to mobile phone numbers but every advertising server potentially had access to this information as well. This would include Google, Quantcast, and so forth.

It will be incredibly curious to see how the ICO treats this data leak. I think that core failures like the O2 phone leak demonstrate just how linked many of our communications systems and identifiers are, and speak volumes to the need for significantly better evaluation of network upgrades before they are rolled out to live environments.

Categories
Links Writing

Piracy as Saving History?

I haven’t seen this argument before. It’s clever: stripping DRM (and/or transforming files to be cross-compatible with a variety of software readers) means that (in theory) those files will be accessible for longer periods of time, thus letting us preserve our (digital) history. From the article:

Piracy’s preserving effect, while little known, is actually nothing new. Through the centuries, the tablets, scrolls, and books that people copied most often and distributed most widely survived to the present. Libraries everywhere would be devoid of Homer, Beowulf, and even The Bible without unauthorized duplication.

The main difference between then and now is that software decays in a matter of years rather than a matter of centuries, turning preservation through duplication into an illegal act. And that’s a serious problem: thousands of pieces of culturally important digital works are vanishing into thin air as we speak.

At issue: I’m really not sure that a total archive of everything digital is actually something that we want, or necessarily need. A LOT of books, games, poems, and so forth were lost to the mists of time, and it’s not entirely clear to me that our world has fallen apart because of such losses.

History is a patchwork that is contingent on us perceiving certain items as more or less important from a partial and retrospective position. Moreover, it should be noted that truly significant texts/poems/artifacts have historically been replicated and distributed because of their value/importance at the time. Do we necessarily need a campaign of mass piracy – under the auspice of ‘preserving history’ – to ensure that similar efforts are made to secure the most critical elements of our past? I’m not so sure.

Categories
Links Writing

Speedboast Now Costing Customers Money?

Rogers’ SpeedBoost system temporarily increases the rate that data is transmitted to their customers in the earliest moments of downloading an item. This system is meant to get ‘bursty’ traffic to end-users faster that would otherwise occur, as well as initially buffer streaming video so that customers don’t suffer delays. It was initially couched as a free ‘extra’ but it seems like Rogers customers now get to pay for these ‘enhancements’:

… a Rogers representative insists that users are lucky that the hikes weren’t worse, given Rogers had to “absorb much of these costs.” The company insists the improvements include some additional TV channels and SpeedBoost, a technology that delivers a little extra bandwidth at the beginning of a download (Comcast users in the States know it as PowerBoost):

$2/customer is a hefty increase when all customers are aggregated. While DSL Reports suggests that this move is driven by a lack of competition in Rogers’ primary markets I think that this is only one element of the story. A key problem facing Canadian ISPs is the high market saturation in wireline Internet services; quite simply, it can be challenging to attract new customers away from their current providers to raise quarterly revenues. One solution is to increase prices in minuscule ways, such that you deliver increased “value” to shareholders while targeting monthly cost increases just below consumers’ pain (and flight) points.

This doesn’t make Rogers’ practices any less horrible for their customers, but I really think that focusing exclusively on competition – and avoiding a reflection on market saturation – is missing a key part of the broader story.

Categories
Links Writing

Flexibility and Low Working Standards

The New York Times has a piece that argues – though the narrative is highly forgiving – that the flexibility ‘demanded’ by contemporary technology firms (amongst others) can only occur if they’re allowed to outsource labor. The reason? In countries like China you can rouse 8,000 people out of their dorms in their walled factory-city and put them to work almost instantly. In China, the government will subsidize the costs of massive factory development. Because in China, you can find thousands of engineers – not ones with bachelor degrees, but with a middle-ground space between high school and university – within two weeks.

In part, Asia was attractive because the semiskilled workers there were cheaper. But that wasn’t driving Apple. For technology companies, the cost of labor is minimal compared with the expense of buying parts and managing supply chains that bring together components and services from hundreds of companies.

For Mr. Cook, the focus on Asia “came down to two things,” said one former high-ranking Apple executive. Factories in Asia “can scale up and down faster” and “Asian supply chains have surpassed what’s in the U.S.” The result is that “we can’t compete at this point,” the executive said.

Never forget that language like ‘scale up and down’ really means ‘add and shed labor’, which is further translated to ‘pay people so they can live and work and then rapidly fire them without cause.’ Moreover, the reason why supply chains are so effective in Asia are because most of the bits and pieces of today’s gadgets are manufactured in dense techno-factory domains. These locations are incredibly hazardous to individuals who work there and the environment they are located within.

The ‘common sense’ of locating these factories in China shouldn’t obscure the fact that the West is benefiting off the hard labor of foreign citizens that costs those citizens now – with their health and lives – and may poison them in the future – both as their factories destroy the local environment and return toxic e-waste in the form of disposed products.

There is an ethics to technology. We need to start actively thinking about them.

Categories
Links Writing

Google to Internet: “Papers Please”

I don’t dislike Google. Many of the company’s products are incredibly delightful to use. I support a fair amount of the company’s public advocacy work, though not all of it (caveat: the same could be said of almost all organizations I’m sympathetic towards). That said, I think think that their policy regard real names and pseudonyms if fucking absurd. As noted by Ars:

On Monday, Google Product Vice President Bradley Horowitz wrote on Google+ that the company will roll out its name policy changes this week. One change is that anyone will be able to add nicknames in addition to their real names. The more significant change, however, is that Google will also let people use pseudonymsinstead of a real name, but there are caveats. Horowitz indicates that the pseudonym must be established and well-known in order to qualify for a Google+ profile.

“Starting today we’re updating our policies and processes to broaden support for established pseudonyms, from +trench coat to +Madonna,” Horowitz wrote. Google may flag the name that a person intends to use and ask for additional information to confirm the person’s identity, including “Scanned official documentation, such as a driver’s license” or “Proof of an established identity online with a meaningful following.” This would seem to raise privacy problems for those who need pseudonyms for safety reasons, but a post in Mashable says “Google will destroy all documentation you send them once the account verification process is complete.”

Seriously: your pseudonym has to be “established and well known”?! By who’s standards? If I have an offline pseudonym does that count? What if my pseudonym is ‘common’ and used by a lot of people – does that impact how well ‘established’ it is?

Google is actively trying to force people into their social network and they’re just being horrific to their end-users in the process. Demanding that people provide official documents to join a social network?! Ridiculous.

Categories
Links Writing

RIM: Never Trust A Company Who’s Name Is A Sex Act

technicallycorrect:

Earlier today Joint-CEO’s Jim Balsillie and Mike Lazaridis stepped down from their positions after 20 years in charge of Research In Motion (RIM), the producers of BlackBerry phones.

I’m a harsh critic of RIM, their phones are appalling in almost every regard comparative to their…

I disagree with the author’s 1, 2, 3, and 4 (of 5)  points on the following basis:

  1. The Playbook is actually pretty good;
  2. While streamlining some of the phone models might be a good idea, becoming a prestige brand like Apple will threaten RIM’s expansion in less wealthy foreign markets;
  3. Moving to an entirely new OS (again) isn’t as simple as it sounds when you’re a security-minded company. WebOS would likely need to be re-written from the ground up. Hopefully BB 10 is enough to compete with the current line of OSes (really, the competition at this point is Windows Phone OS; beating iPhone would be targeting an aged OS that is itself in desperate need of UI updates);
  4. I like screen-based phones, but can appreciate physical keyboards. This can be a space where RIM differentiates itself from Apple. Moreover, I see an awful lot of people typing on keyboards on buses, in classes, in coffee shops, and so forth: there’s an attachment to tactility that many are unwilling to give up.

I agree that more developers need to be brought on board (point 5). Not sure what can be done, specifically, other than create a welcome development environment, really work on outreach, and provide a good set of default API hooks that are robust and varied enough to create compelling applications. Ideally, RIM would do what they could to integrate core functionality into their devices in such a manner that they could extend that functionality with a minimum of effort. Apps are important, but a flexible and organic OS (that doesn’t get bloated) is as, if not more, important than apps themselves.

Categories
Writing

More Playbook UI Fail

This is (another) security freak-out from the PlayBook. Is it really the case that Quantcast isn’t properly registering their certificates? What does it mean for the end-user to deny verifying the certificate?

The information contained in this screenshot lacks actual actionable information for most end-users, and they’re instead given a choice between X and Y without having any clear understanding of what either X (Decline) or Y (Accept) entrails.

Categories
Links Writing

American Copyright Gone Power Mad

The fact that American copyright holders basically govern an arm of the US government that can, and is, shutting down website URLs at the TLD root is terrifying. That degree of power, however, looks like nothing compared to what happened in the recent MegaUpload takedowns. Consider the following:

The width and breadth of the global police action are simply massive, and are, quite justly, being painted as a massive over-reach. The full indictment goes so far as to mention Canadian bandwidth provider Cogent, whose headquarter employees were even held and questioned during the raids this week. Indeed, anybody who provided bandwidth, rack space or Internet services appears to have been held, questioned, and/or pressured in the global raids.

The policy of seizing domains and hardware first, without any adversarial court process, limits every person’s ability to contest American efforts to silence free speech. Moreover, the maneuvers taken impose American understandings of American law upon all people living around the world. Such actions not only makes associating with certain others, and certain behaviours, legally dangerous but given a willingness to even threaten major ISPs’ employees it suggests that even third-party data transit providers are at risk. America is (rapidly) developing a policy process and technically-informed system capable of censoring any communication, any speech, any uploaded data that its rights holders believe might damage those corporations’ economic interests.

In the 30s and 40s there was a name for this kind of behaviour: fascism. We’re now witnessing the final stages of what was intended to be the greatest republic in the world go the way of Italy. All that stands between the RIAA and running considerable elements of American law enforcement are the courts.

God save us all.

Categories
Links Writing

How Publishers Really Win With iBooks

From Ars:

… e-book publishing experts have concerns about the formatting that iBooks Author can output, which isn’t fully ePub 2 or ePub 3 compliant. Furthermore, Apple has added a clause to iBooks Author’s end user license agreement that prohibits selling e-books created with iBooks Author anywhere but the iBookstore.

“The offending language in the iBooks Author EULA is a condition on the use of the software, sort of disguised as a condition on the use of the books that are created,” Brown said. “Imagining how this might play out in a dispute reveals the nuance. Say a user makes her iBooks Author created work available for sale through some non-Apple platform. Would Apple sue, claiming that that book is infringing? Of course not—it would lose that lawsuit big time. Instead, Apple would claim that the use of iBooks Author to create that work violated this condition of the EULA, thus was beyond the scope of the EULA, and thus was infringement. Any lawsuit would be for infringement of the software, not of the book.”

On first glance, the new iBooks Author application looks really interesting. I’m incredibly impressed with it’s general ease of use and the capability to make works created through the application available to anyone using an iDevice. Unfortunately, I’m unwilling to produce works for a platform or publisher that so dramatically limits the scope of my potential audience. The licensing requirements mean that only freely available works can be made available in multiple domains, and inability to export to ePub (and expect it to work) means that I’d effectively be creating locked-in text for a hyper-small audience.

As an author, Apple is punishing me. Hell, if I were a content publisher (in the large commercial sense) that gave a damn about content accessibility I’d run for the hills.(Yeah, I know, there really aren’t many of those!)

The public shouldn’t regard the fact that major publishing houses have partnered with Apple as indicating any interest whatsoever in ‘democratizing’ education. No, what is really happening is a clever end-run around democratizing education. You see, by adopting Apple’s environment and charging for works, publishing houses are creating new license-based reasons to rebuff those who want publishers’ texts in standards-compliant, multiple-device accessible, formats. In effect, the publishers have single-handedly stepped into Apple’s reality distortion field to appear to be ‘reshaping education’ while actually locking out efforts to truly democratize textbooks.

Well played textbook publishers. Well played.

Categories
Links Writing

How the US pressured Spain to adopt unpopular Web blocking law

Nate Anderson writes, in reference to Spain’s new web blocking law:

 Resistance from locals was fierce. The US embassy, which enthusiastically supported the Sinde law, noted that “serious challenges” lay ahead, that the law was opposed by Internet groups and lawyers, and that “the outcome is uncertain.”

Still, the government didn’t think much of the opposition. Carlos Guervos, Deputy Director for Intellectual Property at the Ministry of Culture, told the US ambassador that “the dogs bark but the caravan moves on” and that the law would be passed.

The dogs put up a good fight, though. As the BBC noted, “Last year hacktivist group Anonymous organised a protest at the Goya Awards—Spain’s equivalent of the Oscars—which saw several hundred people in Guy Fawkes masks booing the minister of culture while applauding Alex de la Iglesia, then-president of the Spanish Film Academy. The movie director had previously voiced opposition to the Sinde law on Twitter and later resigned over the issue.”

Then in late 2010, opposition parties managed to halt the bill in parliament. On December 21, the Electronic Frontier Foundation declared victory and said that a committee had “just stripped the website shut-down provision from the Sustainable Economy Bill”—in part due to the revelations about US pressure.

But the government found a way to bypass the barking mutts, leaving the law for the incoming administration to handle after November 2011. (The law was so unpopular that the former administration elected not approve it after huge levels of animosity surfaced on social networking sites.) The new government did so quickly, passing a modified version of the Sinde law—judges will now have to issue the actual blacklist order, for instance.

Whatever you think of the resulting legislation, the process was grotesque: the Spanish film industry got one of its officials into power, then promoted a tough new law backed by the threats (and even active lobbying) of the US government—though the US didn’t take the same measures itself.

This is yet another demonstration of American content industries’ ability (and willingness) to exert political pressure through the State Department to affect legislative changes around the world. It’s absolutely absurd that such a small segment of the American economy can wield such incredible power. The Web, and Internet, is larger in economic, political, and cultural importance than any particular group of rights holders; copyright should not trump the laws governing the next generation of content generation and dissemination. As a content producer – with items in print – it’s absolutely reprehensible that any rights holder would actively attempt to undermine the principles of open and free exchange of knowledge that the Web is based upon.