Once upon a time, monitoring someone's communications was a relatively simple matter for law enforcement: they sent someone out to the pole or the side of the house with a hex driver and patched a transmitter into the pair of wires leading into the building that would kick on and send both ends of any conversations to a listening post some distance away. Since then, technology's changed just a bit (consider this my entry for the Understatement of the Year Award) but the powers that be are finding themselves hard pressed to keep up. In the year 1994 a law called CALEA (the Communications Assistance for Law Enforcement Act) was passed. CALEA requires that all communication providers be able to wiretap their customers at the request of a law enforcement organization; this includes non-traditional communications companies such as Voice-Over-IP providers like Vonage. This is a relatively simple matter on the back end because CALEA requires that telecom hardware and software (yes, even VoIP software like BroadWorks (formerly Sylantro) has wiretapping functionality built into it.
Unless your communications avoid centralized systems entirely. Or are encrypted with algorithms that would require astounding amounts of computer time to guess the keys to.
US LEOs grow increasingly concerned about communications "in the dark" that they don't have ready surveillance access to should they require it, and thus have put a bill before Congress that will be voted on in 2011 that will require all communication services used in this country (encrypted or not, telecom or not) to be CALEA compliant. Social networking websites like Facebook and MySpace will have to be able to give LEOs access to all users' content (both public and private); so will webmail services like Gmail and Hushmail (though both already comply with court orders, so this is basically a belt-and-suspenders example). Even decentralized systems like Skype and some instant messaging platforms must be able to provide decrypted traffic on demand. Foreign telecom companies that do business within the US will have to set up domestic surveillance offices to comply if they want to do business in the US, and communications software projects will have to install back doors.
More under the cut...
While sitting in the dentist's chair this morning I discovered something very interesting.
Granted, I only went in for a checkup and cleaning so it wasn't as bad as it usually is. Given that about a third of my teeth are artificial in some way - usually cored, packed with plastic and capped with surgical steel and porcelain - it should have been obvious in hindsight. It appears that the physics of sound propagation through modified teeth are markedly different than those customary to un-altered dentition. To put it simply, I've never felt the cavitron hurt quite so much because the sound went straight to my inner ears and made an ordinarily annoying procedure much less pleasant. It's also possible (in fact, downright likely) that the new cavities had something to do with this.
It's never good when you dentist has both kinds of news because the bad news tends to be expensive.
The latest x-rays show that I have multiple (a shade less than a dozen) very small cavities in between all of my front teeth on the top. They're not egregiously large, the dentin isn't yet involved so they're not quite visible but they're definitely present and breeding like unpatched Windows machines. They would also explain the odd bouts of sensitivity that I've been getting once in a while, sensory nerve self-tests I'd thought. I'm told that it'll be fairly easy to clean them out and fill them so I'm not that concerned, but it is going to cost me something like $700us if it's done before my dental insurance refereshes in January.
Oh, well. At least I had three months and change of no dental worries. That's actually a personal best.
Patrick Moynihan once said that "We are each entitled to our opinion, but no one is entitled to his own facts." This is no longer the case, and as if that wasn't a hard enough kick in the yarbles it's officially permissible to do so.
Once, the news media was our eye upon what was happening in the world, the people who stood outside of politics and raked the muck to keep everyone informed of both the good and the bad. The people who kept everyone honest. Reporters left no stone unturned and kept some segment of the population acting on the up and up, lest the paper or broadcast television find out what they did and put it on the evening news for everyone to see. At one time you might have gotten off scot free in court but as far as the rest of the people were concerned you were done. Finished. Untrustworthy. History.
You know what? I'm so upset that I'm going to knock off the purple prose and come right out with it: The court has decided that it's permissible for news outlets to lie to you, and it's protected by the First Amendment. Lawyers in the stable of the Fox Broadcasting Company argued successfully that the First Amendment of the US Constitution gives them the right to publish outright lies in their particular medium. Ten years ago, a reporter named Jane Akre for Fox News in Florida was fired for refusing to lie in her articles about things that she had documented to be true. She sued Fox Television after losing her job and won a $425kus judgement from them. A series of appeals were filed and argued and it was eventually decided by the court that it is not against any law or regulation on the books in the United States to distort the truth in any way or fabricate information, and further stated that the First Amendment is a policy at best.
So... what do we do about this?
I can't tell any of you what to do. An unknown number of people have decided that they're okay with the news lying to them about what's happening, and trying to convince them otherwise only reinforces their non-reality-based view of the world. So, if we can't do anything about them it's up to us. ceasespin.org is running a petition for an independent media outlet rating system backed by the FCC which will prominently rate a particular news outlet based upon how honest they are about their practices and what they publish. I recommend that you sign it and sign it now. There is no guarantee that the Federal Communications Commission will go along with it but it's a start. Second, all of you out there reading this probably have publishing capabilty of your own: blogs, LiveJournals, Twitter feeds, Facebook profiles, and other stuff I'm not monitoring yet. You can use them for more than just posting cat macros and stuff happening at work. If you see something, for Turing's sake say something. If you see a car crash on the Beltway, post about it, even if it's just a picture snapped on your smartphone. If you're at ground zero of something, get the word out. And for pity's sake be as accurate as you can. If you have a karma plugin, rating system, reputation manager, or something similar on your website for rating how useful what you post is, enable it. If you see a post about something you're not familiar with, a quick Google search to verify the facts won't hurt, don't just take it at face value (don't just take me at face value, either).
If someone calls you on a mistake, don't silently delete your post or edit it to fix it. Use the <strike>..</strike> HTML tags to scratch out mistakes and fix them, and post an 'EDIT:' notification to let everyone know that you've changed your post. If you said something stupid, own up to it and publish a retraction. Everyone stays stupid things sometimes (even me) and it's how we handle them that makes us what we are and not our stupid statements. If you have a comment rating system that lets people rate replies to your posts, enable it so that trolls get modded down. The problem with deleting replies is that it becomes all too easy to delete replies by people you don't agree with (conversely, it becomes too easy for people to claim that their replies were deleted). It behooves commenters to stay on the up-and-up just as much as it does those of us who post. If you've a mind to, publicaly state that you adhere to The Code of Ethics of the Society of Professional Journalists even if you're not a professional journalist. If you're posting fiction, label it as fiction. Don't be afraid to get involved in local independent media outlets like Indymedia. We can't stop people from lying, but we can make sure that their lies are exposed and we can churn the truth to the top of the heap and keep it there.
As I/O Error so famously said, "We have to dismiss cynicism. Sincerity is the new black."
The people who have claimed authority don't seem to be doing jack for making the world a better place, so it's up to us. Let's roll our sleeves up and get to work.
Last Saturday was 9/11, a day of infamy that went down in United States history as the day in 2001 when everything started going off the rails. In a strange sort of way, the year 2001 also figures into the history of science fiction thanks to the novel of the same name by Arthur C. Clarke, and the history of culture jamming and art hacking by way of license plate-sized wodges of linoleum and adhesive called Toynbee tiles. I've been fascinated by them for years, those cryptic messages which read TOYNBEE IDEA IN MOVIE 2001 RESURRECT DEAD ON PLANET JUPITER stuck flush with the asphalt of city streets. The first one I'd ever seen was when I was but a wee lad about the age of seven in downtown Pittsburgh on Smithfield Street. It puzzled me then as it does now: why would someone suggest attempting to resurrect the dead on (using the word 'on' as loosely as I can) a world which is a sphere of toxic gases, pulverizing gravity, storms the likes of which this world can but imagine in its wildest nightmares, and hard radiation that might qualify it as one of the nicer suburbs of Hell?
As near as anyone can tell, Toynbee tiles are part of a culture jamming effort that might have been the work of one person at first, but branched out as more and more people saw tham. Ultimately, they are a glitch in the Matrix, a just barely submerged rock in the collective stream of consciousness that jolts us out of our get up-get Starbucks-go to work-go home-pass out on the couch workaday by making us say to ourselves for a second, "What the fuck?" Some people pass them by with nary a second glance; others find odd bits of themselves tickled into activation, gently bending the course of their evolution in new directions...
More under the cut...
Silly one, such are stories told by conspiracy theorists and science fiction authors to entertain and amuse. It is good to know that the old tales are still being told, though...
For a bit over ten years now, the movie industry has been complaining that piracy has been running rampant (it has) and cutting into their profit margins (even though they've been reporting record earnings consistently). There are more means of getting hold of illegal copies of anything than you have fingers: public and private websites, BitTorrent, other peer-to-peer file sharing services, FTP sites, your friends handing you copies... the list goes on and on. To date, aside from grabbing the IP addresses of the downloaders, running them to ground, and launching lawsuits not a whole lot has been done to really stem the tide of illicit bits.
Until a company in India called Aiplex Software stepped forward to state that they were being hired by movie studios to take out sources of pirated movies. The company, headed up by one Girish Kumar, periodically searches the Net looking for illegally posted downloads of his company's clients' work and sends requests to remove the pirated material to the websites under India's copyright infringement laws. If the websites do not comply within a reasonable period of time his company then launches unspecified denial of service attacks to render them inaccessible. It is unknown exactly what measures they take: distributed DoS attacks, involving thousands of hosts, are illegal in many countries, not only because of the damage they can do (remember: if you flood the link of a single web server every network upstream of that server is going to be adversely affected by the attack) but to build a decent one you need to infect all of those hosts with malware of some kind (which is illegal practically everywhere). One-shot-one-kill DoS exploits in web servers aren't all that common anymore so it's my suspicion that Aiplex Software has a bunch of fibre, DSL, and possibly cable lines with loads of computers hanging off of them, all waiting to HTTP or ICMP flood whatever sites they are aimed at.
But wait, there's more.
Kumar also stated that, from time to time, operatives of his company are called upon to compromise websites that refuse to comply and erase the offending files (usually torrents). Therein things get hinky becuase he's effectively admitted to breaking the anti-cracking laws of a number of countries (in the US it's 18 USC 1030), which opens him up to a boatload of liability, being sued into a smoking hole in the ground (it's not a matter of 'if' someone makes a mistake, it's a matter of 'when'), and let's not underestimate the power of a couple of honked off systems crackers striking back, and being far less merciful in so doing. Interestingly, a number of American media companies are said to be in negotiation with Aiplex Software for their services.
More under the cut...
You can't blink without running into a news article about Terry Jones of the Dove World Outreach Center (slashdotted at the time of this writing) and his scheme to burn a bunch of copies of the Q'uran, the holy book of the path of Islam outside of his church in Gainesville, Florida this Saturday (11 September 2010). It's on again, it's off again, and even the pastor of the church that punted him like Jeff Reed stood against him.
A long-standing problem in cryptography has been the sharing of secrets (understatement of the century, right?) Assuming that your communication medium can't be trusted because anyone and everyone could be listening in, how do you distribute keys to everyone you want to securely contact? The most obvious method is to meet up with everyone and hand them the keying material personally. However that way fraught with problems, from your courier getting ganked for the keying material to a simple matter of common sense: if you're going to meet with the intended recipient, why not just tell them and not bother with encryption? Then public key crypto came along and it works but it's difficult to explain to people in a manner that makes them want to use it (I'm working on that) and you can't always believe that the person whose name is on the key is the person you really want to send encrypted messages to. Then quantum cryptography was invented in an attempt to help solve the key distribution problem. Long story short (and doing it no justice at all), entangled pairs of photons will either pass through sets of filters or will not depending on their polarization; call one orientation '0' and the other '1'. If a third party observes the polarizations of the photons by sticking a detector in the beam of light at least half (statistically speaking) of the photons/bits will be wrong due to the Heisenberg uncertainty principle. The other party you want to communicate with measures the polarizations of the photons and uses them to generate the key to decrypt a message received by some other means. If someone tries to tap the keystream the key will be bad. Right?
Yep.. a team of cryptographers at the Norwegian University of Science and Technology, headed up by one Vadim Makarov found a way. Their attack requires the third party (traditionally referred to as Eve) to shine a laser not much more powerful than a laser pointer on the other party's detector (used to record the qubits of the crypto key) and intercept the beam of light with a photodetector. This might take a bit of hardware hacking to pull off, like splicing optical fibre someplace or doing a bit of jiggery pokery on the physical connections somewhere along the line without anyone noticing. The thing about photodetectors is that they also pick up variances in light in addition to polarization of photons. So the attacker figures out which qubits are 1's and fires a slightly brighter pulse of light at the other side's detector, where it is registered as one of the bits of the crypto key. The team that published the attack against a number of commercial quantum crypto systems has a website detailing their research, from reverse engineering the modules to the equipment they used for the tests. Pretty clever stuff. Quantum crypto isn't yet in wide enough use for anyone to need to worry about attacks like this (though the early adopters are no doubt cursing and wailing) but some serious rethinking is going to be required in the near future to fix this problem.
The year 1985 was known for many strange and wonderful things: Misfits of Science was on prime time television, William Gibson was working on the novel Count Zero, and a scientific discovery flew beneath the radar of just about everyone except people working in the field of materials science. Three scientists in two countries working together discovered a brand new allotrope of carbon, a molecule comprised of sixty carbon atoms arranged in a spherical shape. The molecule was named buckminsterfullerene after the visionary architect R. Buckminster Fuller, due to the molecule's resemblance to a geodesic dome. Buckyballs, as they came to be known, fired the imaginations of scientists and science fiction authors around the world once word got out. Eleven years later Sir Harold Kroto, Richard Smalley, and Robert Curl won a Nobel Prize in the field of chemistry for their discovery. A few years later the production of buckytubes, nanoscopic tubes of carbon based around a similar geometric pattern was perfected in the lab, and then research really took off.
For something so tiny they have some very unusual and, truth be told, amazing properties dependent upon what other atoms are trapped inside of them, how many layers of buckytubes are wrapped around one another, whether or not the buckytubes are twisted and in what direction, and other such details. The most commonly encountered buckytubes have a tensile strength that has been benchmarked around fifty times that of steel, and when under pressure give diamonds a run for their money for hardness. Depending on how they are synthesized carbon nanotubes can either conduct electricity as if they were a metal or a semiconductor (like silicon); if doped properly I bet you could tweak their electrical properties even more. Until recently, however, it wasn't feasible to manufacture them in bulk, let alone on a scale that the eye could see. That was, until a team of researchers at the University of Texas at Dallas built a fabrication device that can create sheets of carbon nanotubes a few centimeters in width by a couple of meters in length.
The ribbons are constructed out of the multiwalled variant of carbon nanotubes and analysis shows that they are not only stable on the macro scale (i.e., visible to the naked eye and capable of being handled without anything more sophisticated than your hands) but evidence all of the predicted properties. The fabrication process hasn't been optimized yet but they can produce up to seven meters of ribbon at a time - there is a video linked off of this article which shows the fabber going... and going.. and going.. they've already begun to experiment with their test samples and gotten some interesting results. The ribbon seen in that video is as strong as kevlar yet conducts electricity well enough that you could probably make a paper-thin solar cell out of it. Folding, creasing, and welding sheets together with a microwave resulted in no signs of damage or compromise of electrical conductivity. Another article says that the feedstock they use contains pre-fabricated ultra-long buckytubes that are chemically grown rather than electrically produced, which would make all the difference between experimenting under laboratory conditions and going into mass production.
I'd love to get my hands on a sample of this material to put it through its paces. Starting with doing chin-ups with it to see just how much stress it can take...
This is the weblog of the Doctor, who is (in no particular order), a geek, a writer, a musician, a mystech, a coder, a traveler, an adventurer, an engineer, a magickian, a system administrator, a consultant, a transhumanist, and is interested in just about everything to some extent.
The Doctor's life is quite busy (his career doubly so) so he posts whenever the opportunity arises. It isn't as often as he would like.
