The Humane Society of the United States

"Julian Assange is tech world's Donald Trump"

October 26, 2012 by Robert X. Cringely | Infoworld

A Comment...

In observing that all messages are influenced by the medium that conveys them, Marshall McLuhan may have inadvertently made us into a world so focused on the medium that we ignore the message.

Perhaps it might be wise to not let Julian Assange's self-serving ego blind us to the social good WikiLeaks has produced.

The information in the WikiLeaks documents seems largely uncontested. It's not argued that Assange made it up, but rather that he disseminated what was intended to be kept secret.

WikiLeaks is a watershed event in the birth of a new information society. It proves that widespread "security by obscurity" is no longer a practical approach to keeping secrets. In the future, far less information will be protected, but in far more reliable ways. And because so much potentially harmful information about people will be widely available, focus will have to turn to regulating how that information can be legally used.

We'll grow into a healthier society if we avoid letting feelings about Assange discredit the WikiLeaks information and the lessons learned about the new Internet medium. After all, most of history's major disrupting figures morally falter under close scrutiny... we now know that even the revered Thomas Jefferson would be pilloried by many today for his questionable morality.

Maybe a big ego is even a requirement to have the courage (or foolishness) to so disruptively break the rules?

If such an action turns out to be of great benefit to society, we put them in the history books.

If the harm exceeds the benefit, we throw them in jail.

Historically, we've often done both.

Labels: ,

"5 big security mistakes you're probably making"

March 13, 2012 By | InfoWorld

A Comment...

Mr. Grimes often speaks of patching. In the world of Microsoft and other proprietary software, I know of little other choice as a first line of defense. That's a big reason I took back my computers from Microsoft, a few years ago.

Most businesses can't do that since they've decided they like comercial software companies running their business. They no longer maintain the in-house expertise to have secure systems.

Commercial, proprietary, closed-source software can never be secure.

What about the military, NSA, etc. which have some of the most secure systems in existence? Those are all developed in-house or by contractors to exacting specifications (That's why they cost so much). Those institutions have the source code to everything mission-critical they run and they isolate what little commercial software they have.

There have been so many Windows patches that I doubt anyone but Microsoft has a count. But think about this... Every one of those flaws was either present from the initial release or introduced by a previous patch!

Thus, the vast majority of vulnerabilities over the lifetime of any program will always be uncorrected. And the number of person-hours spent looking for vulnerabilities to exploit dwarfs the person-hours that Microsoft or any other company can afford to devote to patching.

How can we have reasonably secure systems then?

The only way I know of is open-source software.

Here's an analogy... Most theft occurs at night, when the lights are off and the theif can't be seen. The first line of defense for a storefront is to leave lights on when the store is closed so police and everyone else can see inside.

Closed-sourcing hides the software's errors from everyone but those with the skill and motivation to exploit them.

Companies will never have secure systems till they realize that the United States can never compete with developing countries on price. Trying to by outsourcing and using commercial software have been short-sighted.

When they take back control of their computer systems -- the engine their entire business depends on -- they will once again be able to compete the only way a country with our standard of living can... with innovation.

Labels: , , , , ,

"Consumer group accuses Hollywood of 'threatening politicians'"

01/20/12 By Brendan Sasso

A Comment...

Low cost modern technology and infrastructure have eliminated much of the need for artistic production middlemen like those that dominate the MPAA and RIAA, the organizations intimidating congress into passing the PIPA/SOPA legislation. Those companies have traditionally provided the capital and other resources for expensive recording, production and distribution facilities that can today be replaced by a few thousand dollars worth of computer equipment and The Internet.

While it may still be wise to take advantage of much of the expertise traditionally supplied by these companies, it's seldom worth the kind of exorbitant prices the industry has been paying.

We are witnessing the death of a business model. That's never pretty.

Like mortally wounded animals, those who have built empires on it will lash out with their dying gasps in any way they can to survive.

Who, with an ounce of compassion could begrudge them the effort?

But, just as if we were watching some poor animal, we protect ourselves while letting nature take its course.

Many who have known and loved these creatures of the industrial era quite naturally are moved to try to save them, while we who have lived with the new technology for many years know that their virtual extinction is inevitable.

Online copyright infringement is assuredly a major problem. PIPA/SOPA supporters however, have chosen to publicly focus on foreign perpetrators only in order to head off opposition were the public to know that no such distinction between domestic and foreign infringement exists in the bills.

We want to encourage and support creativity and innovation while minimizing copycats. Creativity and innovation comes from artists, writers, composers, programmers and other creators. PIPA/SOPA would make it much more difficult for these people to eliminate the now unneeded middlemen and bring their creations directly to their audiences.

Congress must not be intimidated by these fading business creatures.

Just stand back, let them exhaust themselves, and make way for the future.

Labels: , ,

An Open Letter to Senator Bill Nelson of Florida

I was very disappointed to learn of your cosponsorship of the PIPA legislation in the Senate (companion to the House SOPA legislation). I've been an enthusiastic supporter of yours for many years, so I'm desparate to believe that you have been grossly misled as to the impact of this kind of legislation.

The Internet is the printing press of our day. WikiLeaks may be our "Pentagon Papers". If moguls like William Randolf Hearst, who by their wealth wielded the kind of power PIPA/SOPA gives all copyright holders, had existed in 1787 The Federalist Papers might never have been published. In today's America, just the existance PIPA/SOPA laws would cause the vast majority of personal, small business, charitable organization and certainly most all free websites to be closed for fear of a take-down for unintentional infringement leading to a lawsuit.

The Internet is the only tool left us to fight "The 1%". I fear the chill PIPA/SOPA would place on the last vestiges of our democracy would be the final nail in the coffin of The American Dream.

Please don't silence our final gasps for freedom... withdraw your support of PIPA.

Labels: , ,

"Still don't think open source hurts commercial software? Guess again"

A Comment...

Open Source is becoming a radical challenge for premium software companies that depend on what are now exorbitant prices.

These companies have been built on the cornerstone of customer lock-in. Once deployed, their large, complex, expensive products are usually too unwieldy and too costy to replace except as part of a massive system architecture upgrade as we were forced to do for Y2K.

How can a company excel if it's not free to do things differently from its competition? The high cost of enhancements to one of these installations keep most somewhere near the basic package. This stifles innovation and competitiveness.

In short, these premium companies have priced themselves out of the market.

Open Source software, while free in initial price, does have costs that many a CIO has yet to appreciate. Though at least as reliable (usually more so) as its commercial counterparts, Open Source software is largely developed by and for programmers and thus requires a deeper level programming and system administration expertise to maintain. That usually means more, and more experienced, and thus more expensive staff.

Here are two simple rules of thumb in deciding between commercial and open source software...

If you have more money than expertise, buy commercial.

If you have more expertise than money, use open source.

If software in no way effects your competitiveness, buy commercial like everyone else.

If software can in any way effect your competitiveness, use open source for the freedom it gives you to innovate.

Labels: , , , , , ,

By Extension

December 18, 2011 by Robert C. Watson

Seeing What We Expect to See

I'm a Unix/Linux programmer. It capitalizes on my tendency to take what I see quite literally. By making few assumptions, I'm able to see the problem as the computer does.

By contrast, "normal human thinking" depends heavily on our imagination filling in many blanks. We have to make lots of assumptions. Those assumptions cause us to see what we've seen before... what we expect to see.

With almost all of my attention on Unix/Linux over the years, I've mostly just used Microsoft Windows and Office as tools and not followed their inner workings much. Long ago, I attempted to decipher the raw format of a Microsoft Word document (and failed to do so reliably). It left me with a mental image of Word documents consisting of intermixed binary values and text that only Microsoft understood.

A few years later, someone sent me a document in Microsoft Word 2007's new .docx format that I needed to convert to HTML for the web. I only had Office 2003 and was horrified by the mess Word made when exported "As a web page". So I proceeded to read the document into a text editor to see if I could just cut out the content and reformat it by hand. Knowing it was supposed to be XML, that's what I was expecting to see. What I saw instead was gibberish -- pure binary.

"Damn that Microsoft!"

Sliding back and forth through the sizable document and finding no blocks of text or other discernible patterns, I brought up Firefox and started many hours of Googling.

Now one thing I've learned over the years is that, for me at least, there's a very consistent inverse relationship between the intractability of a problem and the complexity of its solution. The longer it takes to solve it, the more simple the solution is likely to be. Assumptions and expectations lead me down an increasingly complex path of study, experimentation and failure as I exhaust "obvious" solutions. (Is "Occam's Razor" misunderstood?)

Lots of Googling have also taught me that simple, fundamental facts and concepts about a piece of software are often documented only once and thus rarely found in search results. Assumptions again.

The more intractable the problem, the more likely that the solution hinges on one of these obscure bits of information.

I finally came across somebody in a forum explaining the new format to a newbie (A Newbie! A Noob! How mortifying...) and discovered that in the world of Microsoft...

Though a .docx is named much like a .doc, looks like a .doc and is used like a doc... it's really a .zip!

Labels: , , , , ,

"HP dumps WebOS on open source world"

December 09, 2011 By Ted Samson | InfoWorld

A Comment...

I'm glad HP took my advice, though it was kind of a no-brainer.

I've read a number of positive things about webOS from developers working with it. Unlike in the market-driven world of commercial software, webOS only needs to do something - anything, especially well to be adopted in whole or in part by the purely innovation-driven Open Source community.

Since webOS is based on the Linux 2.6.24 kernel, I would expect future webOS development to probably lean towards being another Open Source alternative to Android on small devices. Maybe Google will adopt it if there's something in it they can use.

Commercial software has become so dominated by market forces to the exclusion of functionality, quality, reliability and value, that the industry seems to be coalescing into two camps -- Open Source, where most of the R&D innovation occurs; and Commercial, where they assemble those innovations into commercially viable packages and market them.

Businesses and individuals that want finished products and have more money than time or computing skill, buy commercial software and support. Businesses that need specialized mission-critical software that gives them a competitive edge over their competition or companies and individuals with more time and/or computing skill than money, choose Open Source for some or all of their operations.

Linux (and perhaps webOS) is the Lowes or Home Depot of software whereas Microsoft is the Ethan-Allen Home Furnishings.

How much you want to bet Ethan-Allen's manufacturers have long-standing accounts at Lowes and Home Depot?

Labels: , , , , , , , ,

"U.S. senator demands suspension of phone-tracking system"

November 28, 2011 By Ted Samson | InfoWorld

A Comment in response to...
"I admit this is bit big brother, but as a licensed amateur radio operator, many forget the airwaves are essentially public domain.  If you transmit using the air, those signals are not owned by anyone. Maybe this needs to change, but as for now this is a century old standard." -- Benjamin Adams
Excellent point!

Until your comment, I was entirely in the privacy camp along with most people. I now have to take pause.

Back in my emergency service days, I too was an amateur radio operator. As you know, the law requires all licensees like amateur radio operators, radio stations, police, fire, etc to regularly broadcast their "call-sign" (unique identifier) so they can always be located. That's often automated these days. The general public is largely unaware of this however and their idea of two-way radio is usually CB radio or FRS. CB radio used to be licensed and had to identify, but licensing was dropped in the 1980's because the laws were so widely ignored. FRS is unlicensed.

For the benefit of other readers...

Cellphones and Wi-Fi are very sophisticated two-way radio systems hidden under telephone and computer user interfaces respectively.

Mr. Adams, you are absolutely right that the airwaves are, by law, effectively a public domain shared and limited resource. The FCC was created to manage that resource in a way that prevents its users from interfering with other users.

In actuality, all electric devices transmit radio waves. Every wire is an antenna. A great deal of device design is dedicated to blocking those radio waves from leaving the device and interfering with other devices.

Also, the airwaves may appear limitless, but in reality, receiving devices like cell-phone towers can only handle a limited number of signals at a time. Too many signals hitting one tower is a lot like a network Distributed Denial of Service DDOS attack.

So how does this impact cellphone tracking and privacy?

As much as I hate to admit it, tracking is probably on sound legal grounds here. The FCC only really regulates transmitters, not receivers. So businesses intercepting cellphone signals is probably perfectly legal.

The question is -- should it be?

Our century of airwaves regulation and case-law has always controlled the activities of a very limited number of people. When CB radio use became widespread though, that regulatory system had to throw up its hands in defeat. With cellphone use approaching universal, identification requirements that allow tracking becomes a major invasion of privacy issue.

Not every problem can be solved by technology. This is one of those that is going to require laws and regulations to prevent widespread victimization of the public by ruthless businesses and government.

Don't hold your breath!

Labels: , , , ,

"Watch out for FOSS advertising"

October 17, 2011 By Susan Perschke | Network World

A Comment...

Most FOSS (Free and Open Source Software) is D-I-Y (Do It Yourself) software.

It is written by programmers, for programmers.

Programmers, government agencies and competitive companies choose FOSS when they need innovation. They choose FOSS for the same reasons they send their staff to Lowes, Home Depot, Staples, and FedEx Office (formerly Kinko's)... to get things from which they can inexpensively fashion unique solutions that make them more efficient.

Why do it yourself?
Like the 1920's, the "roaring" 1990's overheated the economy as everyone clamored for the latest computer technology. While the cost to produce the technology itself dropped like a rock, insatiable demand for related services drove the human costs through the roof. The tech bubble inevitably burst.

The ubiquity of cheap computing power and laissez-faire economic policies had spawned financial instruments too complex for reliable risk analysis. So a few years later, the financial bubble burst as well, putting us in our current "Great Recession".

"The 1%" financial titans still have much more money than time so they continue to buy highly polished commercial software, layoff most of their tech staff, and pay companies like Microsoft, Oracle and SAP enormous amounts for licensing and support. What choice do they have? A major failure could put them out of business very quickly.

But "the 99%" of people, governments and companies, just as in The Great Depression, can no longer afford those high-priced finished products. With layoffs, virtually frozen wages, and less disposable income, Americans now have more time than money. Survival depends on finding new, more efficient and cost-effective ways of doing things.

Is FOSS Secure?
Any retailer with a glass storefront will tell you that police strongly recommend the glass be kept clear of obstructions and the store interior be kept lit after hours so anyone can see in. Transparency is the best deterrent to crime as well as the best way to spot crimes in progress.

That's the principle FOSS security is based on -- transparency.

If you were a careless or malicious programmer, which kind software would you prefer to put your dangerous code in? Closed, where few if any can find it, or Open where anyone can find it and you don't know who or how many will?

It's as simple as that.

The same reasoning combines with speed of development to account for the explosion in scripting languages where the source code couldn't be more accessible.

The explosion of freely available information makes the ubiquitous concept of "security by obscurity" a complete fantasy promoted to sell software.

Then how do you separate the wheat from the chaff?
FOSS is like an open bazaar or swap-meet with free or virtually free stalls. Anyone with programming skill can distribute their work.

In today's economy, the unemployed can learn how to program with countless free resources on the web. They then can create things others will want and distribute them to thousands. They build up a "portfolio" of work on their blogs and web pages. If they're good, they gain a reputation that gets them hired or allows them to build their own company selling software and/or services.

Here's how to find the best of the best...
  • The less you know about programming, the more discriminating you should be. Look for mature, widely used software like Firefox, Ubuntu Linux, and the LibreOffice suite.
  • Search the internet widely for reviews, comparisons, bug reports and questions on forums. The later will give you a feel for how widely used the software is as well as the kinds of bugs it has and how easy they are to fix or work around.
      Judge bugs by their quality, not their quantity!
      All software has bugs! Because expensive commercial software is not open, its bugs are not as widely documented as those in free and open source software. You'll find a lot more bug reports for FOSS. If you study them, you'll find many are duplicates as many websites republish bugs listed elsewhere. 
  • If you're not an experienced programmer and are worried about a program that does what you want but is new or not that widely used, find an experienced programmer friend, staffer or consultant who can read the language and get them to scan the code.
    • Is it well organized or is it confusing?
    • Are there suspicious looking sections?
  • Prefer software with the most downloads.
    • Quality ratings are not as reliable as number of downloads.
    • New software will usually have higher ratings due to its small number of downloads and reviewers.
    • A high number of downloads/day factors in to longevity.
      • New or obsolete software will tend to have lower counts.
  • If two programs have similar numbers of downloads and downloads/day, then check the ratings but don't put much stock in small differences. Look for low vs high.

Labels: , , , ,

"Ex-Amazonian urges Google to sample Amazon's secret sauce"

October 12, 2011 | by Ted Samson | InfoWorld
A Comment...

Amazon could be more innovative like Google and Google could be more organized like Amazon.

Sounds like they both need to make in-depth information about their respective products easier to find by their developers and support staff. Google is the undisputed master of keyword search so they have half the problem solved. The other half is continuing to perfect their structured data where the right answer can be located much more quickly than exploring a lot of hits from keyword searches.

Because new hires learning the products are actively engaged in assimilating new information, their pattern-matching skills are in overdrive. That makes them great at recognizing similarities that can be recoded into a single routine and put in libraries to be reused.

Just because it's in a library though, doesn't mean it will be used. As much, and often more, effort is thus put into cataloging, thorough hyperlinking and other mechanisms to make all that information a few clicks away.

To be reusable, code must be 100% reliable, 200% documented and 300% easier to use. If it's not, developers will write their own.

Amazon's "platform oriented culture" has (hopefully) created a new profit center for them to keep paying the bills since they don't have Google's massive advertising revenues and their founding product -- book sales -- has a bleak future.

Google's "product oriented culture" keeps them innovative while, so far at least, advertising pays the bills. Most of their eggs are in that advertising basket though. Leveraging their massive infrastructure, creative talent and socially responsible policies to provide large-scale computing resources provides another source of revenue (and makes the world a better place at the same time).

Labels: , , ,