" /> net.wars: May 2007 Archives

« April 2007 | Main | June 2007 »

May 25, 2007

Bent copyright

For a time in the late 1980s and early 1990s you hadn't arrived as a skeptic until you'd been sued by Uri Geller. The person who bore the brunt of most of the lawsuits was, of course, James Randi, the escape artist, stage magician, and paranormal investigator.

I never got beyond threats. On the first occasion, I wrote a news story for New Scientist about the Randi/Geller law suits. I seem to recall a lawyer’s letter, but the details are hazy by now. Geller's brother-in-law, Shipi Shtrang, also wrote to the magazine objecting to my work on ethical grounds, calling me a promoter for Randi. That was a little sticky until the editor realized Shtrang’s connection to Geller. I am, of course, not now nor have ever been a promoter or publicist for Randi, though I admire much of his work.

The second time was the green room before a TV show on which Geller and I were both booked appearing. Practically Geller's first words to me were: "If you print lies about me in your magazine, I will sue you for a quarter of a million pounds." A researcher saw us and bustled over. "Everything all right?" he said. "Oh, yes," said Geller. "We're just having a friendly conversation."

That's his idea of friendly?

It was, I'm fairly sure, since I covered the story in detail at the time, the Scientologists who first hit on the idea of using intellectual property law against online critics. The Church of Scientology has always claimed that its goal was not to stifle criticism but to protect its "trade secrets", as it called the L. Ron Hubbard writings that adherents study for many expensive hours. Whether the CoS's claim was true or not doesn't really matter. Copyright maximalism provides a legal structure people can use to stifle critics if that's what they want to do and that remains the core issue no matter what anyone's motives were in a particular case.

Fear of litigation is a powerful motive for self-censorship.

I hazard no guesses as to Geller's motives when he contacted YouTube, cited the Digital Millennium Copyright Act, claimed copyright in a 13-minute video critiquing his claims, and demanded the video's removal. But in doing so, he attracted the attention of the Electronic Frontier Foundation, which does not take DMCA takedowns lightly.

The video itself was an excerpt from Secrets of the Psychics, which aired in the US in 1993 as part of the Public Broadcasting Service’s Nova series. It was posted by “Brian Sapient”, a member of the Rational Response Squad, an activist group that among other things uploads debunking videos to YouTube. The EFF, in its complaint (PDF) says that only three seconds (out of a little more than 13 minutes) of the video are in fact copyright to either Geller or his company, Explorologist Ltd. Geller, the EFF argues, should have known he did not own the copyright in the bulk of the video, and that by misrepresenting that ownership he violated “17 U.S.C. § 512(f)”. This section of the US Copyright Act states that any person who knowingly misrepresents that material is infringing will be liable for any damages. Sapient’s account was suspended and all the videos he had uploaded were unavailable for more than two weeks.

The bigger issue, which the EFF also addresses, is whether three seconds is fair use. Under US law, you are allowed to copy small portions of copyrighted works for the purpose of criticism or parody. Ensuring the extension of those rights into the digital world is very much a big issue with EFF – and unlike a lot of skeptics EFF’s array of in-house lawyers can afford to stick with the case. In fact, they must.

Also unlike the skeptics, the EFF may be able to prove its contentions. No skeptic will ever be able to prove that Geller has never bent a spoon paranormally; you cannot prove a negative. Or, as Randi likes to put it, if you drop 100 reindeer off the top of the Empire State Building and they all go splat you still haven’t proven that reindeer can’t fly. You have only proven that these reindeer either couldn’t or chose not to fly on this occasion.

Geller used to say repeatedly that he didn’t care what anyone said about him; he only cared that they spelled his name right. But in fact, as Geller’s subsequent actions suggest he knows, all publicity is not good publicity. By straying into the copyright wars, Geller has made the questions about his abilities much more widely known than they would have been had he left the YouTube videos alone. Whether it’s copyright infringement or a suit for defamation, as John Gilmore famously observed, “The Internet perceives censorship as damage, and routes around it.”

Suing Geller for copyright abuse is like the Feds eventually prosecuting the mobster Al Capone for tax evasion: it’s not really what you wanted. In a perfect world, the question of whether Geller actually has paranormal powers would have long since been resolved through scientific testing. But in the end, whether he does or not, he is relatively insignificant. If he has a paranormal ability to affect metal, it seems to be largely useless for anything other than showmanship. Shouldn’t it have changed the world by now?


Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

May 18, 2007

Home improvement

I built a PC this week.

Or, more correctly, I assembled a PC. These days, unless you're someone laboring in the bowels of a hardware manufacturer's research department somewhere – say, IBM, or HP – what people mean when they say they've built a computer requires about as much creative intelligence as a script kiddie needs to color-by-numbers a velvet painting. About the only degree of difficulty is in the fact that it doesn't come with a full set of instructions. That being the case, you really have to wonder why Ikea hasn't started selling flat-packed computer kits; those graphical instruction sheets they do for furniture would be perfect for this. (You do get a manual with the motherboard at least, and there are plenty of sets of instructions around the Web; plus you can successfully search for answers to almost any problem you might encounter for specific components.)

You would think that because PCs are now such commodity items no one could possibly need to build one; it must be one of those middle-aged crises that comes upon people, like turning 50 and trying to pretend they're 22 again, or suddenly desperately wanting to be a grandparent. In fact, the reason to build one is precisely that PCs have become commodity items. They're so standardized that it's almost impossible to find what you actually want.

Five years ago, when I bought my last main desktop machine (a Celeron 1.7GHz, 1Gb of RAM, 60Gb of hard drive space, a DVD-ROM drive, and a dual-head graphics card that came in at about £700, if I remember correctly), I bought from a small supplier who built the machine to order. The dual-head graphics card was the one rather weird feature; standard now, it was a bit exotic then. I didn't actually get the second monitor right away, but I knew I wanted the capacity and planned accordingly. For the time, the processor was some steps back from the leading edge. That was deliberate: extra memory and hard drive space are worth much more to me.

Three years ago, that supplier, like many others, concluded that the margins in selling computers were now so thin you just couldn't make a living trying to compete with Dell. So they quit. You still can, if you try hard or frequent the right electronic conference systems, find people who will build computers to order. Typically, though, they seem to do it as one of a range of add-ons (such as supplying ADSL) that they offer because their consultancy clients. They tend not to show up in Web searches.

What do show up are custom PC builders for the one class of people who are generally willing to spend real money on their computers and care about every detail of how they are constructed: hard-core gamers. Logical. But these machines emphasize the wrong attributes. I don't need to wring every last bit of speed, graphic ability, and high-end bravura out of my machines. I do want my main desktop (eventually) to drive two 24inch widescreens, not keep me waiting when I have 95 Firefox windows open, and write a DVD without tying up the whole machine for an hour.

I had been thinking it was time for a new machine anyway – five years! The old machine was certainly fast enough to type on, and although it balked a bit it didn't really mind having 95 Firefox windows and one of those peer-to-peer Chinese TV players open (along with 16 other things). It was my brief assignment in Second Life that really killed it. I couldn't understand how so many people could enjoy hanging around in a world so badly designed that when you pressed on a cursor key your point of view barely moved. It seemed to take forever to turn around. Then I tried it on my Core 2 Duo laptop…

Oh.

So the new machine is a Core 2 Duo, 2Gb of RAM, 500 Gb of hard drive space, a dual-layer DVD writer, and a much better dual-head graphics card. "Why couldn't you just get a new graphics card?" someone asked me, apparently suspecting that I was Just Making Excuses. Well, because in five years a whole lot of things have changed, and one of them is the way graphics cards plug into motherboards. So I'd need a new motherboard. And because all those faster processors need better cooling than older cases were designed for, I'd need a new case. And anyway, as my friends tell me, a lot of the improvements in speed in recent years haven't really just been processors or faster memory but all kinds of tweaks that individually aren't much but together add up to a whole lot.

In the end, I bought most of the components I wanted from a single small supplier from CIX (of course), who was happy to help with support and advice. It was, in fact, really only one self-assembly step removed from the small supplier of five years ago.

Several people told me that they found having built their own machines a source of great satisfaction. I can't say that (though it is nice, and fast, and, especially, quiet). But it's a great source of new worries. Is 60 degrees C too hot for a CPU?

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

May 11, 2007

The Blair we left behind

So, he's gone, or almost.

Ten years is a long time for anyone to remain in power. Blair hasn't quite made it as long as Margaret Thatcher did, but by virtue of the UK's different ways in electing the people who fill its top office it's longer than either Reagan or Bush II. There are children who don't remember what it was like to have the Conservatives in power. And so on.

What's startling in reading the reviews is that although at least some of them do point out how unpopular Blair has been in recent years and point the finger squarely at his policies on Iraq, they generally tend to praise the state in which he's left Britain. What none of these seem to mention is the significant erosion of civil liberties under Blair's time in office. The Britain he leaves is considerably less democratic than the one he inherited.

The most obvious symptom of this is the national ID card, whose acknowledged cost has now reached the £6 billion the LSE report (PDF) predicted – with, no doubt, considerably more to come. The project may yet founder under the weight of its own technological aspirations. But it seems to have been designed to be maximally privacy invasive. Blair also selected as the card's champions first Jack Straw (who used the 9/11 attacks as an excuse to attack those of us who were key escrow); then David Blunkett, who essentially became addicted to the idea; and then Charles Clarke…all, we suppose, in the intersets of proving that Labour was tougher on crime than the Conservatives.

The justification for implementing the card – and the massive databases behind it – has changed over the five years since it was first proposed, but the desire to do it has not. With or without the ID card, Blair leaves behind biometrics in passports – but that we can blame on the International Civil Aeronautics Organization.

Blair talked about making Britain a leader in ecommerce. But first we had lengthy wrangles over key escrow, which eventually even Blair admitted was a mistake, and then we had the achingly slow growth of broadband.

We also had the passage of the Regulation of Investigatory Powers Act in 2000, and the Anti-terrorism, Crime, and Security Act in 2001, the latter passed with unseemly haste after 9/11. Taken together, the two provide law enforcement and the security services with the right to intercept communications or demand data retention, which itself has been the subject of another very long battle. ISPs have universally argued against it; Blair's government has refused to listen.

Yes, Blair's government brought in a Freedom of Information Act – but its availability keeps narrowing. The latest: Blair refuses to condemn proposals to exempt Parliament from it. These are our public servants. Supposedly.

Blair was also for involving faith organizations in policy-making and supported faith schools.

There have also been hotly disputed changes to legislation such as the Police and Criminal Evidence act (1984, revised 2003, and being reviewed again right now – comments to the consultation are due May 31).

During Blair's time in office the right to silence was diluted. You have the right to remain silent under arrest and questioning, to be sure, but if you do the judge and jury at your eventual trial are allowed to infer guilt from your silence.

During Blair's time, CCTV cameras have proliferated everywhere, making Londoners likely to be captured upwards of 200 times a day on camera. This government brought in anti-social behaviour orders, which opponents argue can easily be abused.

And so on, without a clear idea whether any of it is effective (PDF).

But probably the most insidious legacy Blair leaves behind is an important change in the way legislation and policy are enacted. Much new legislation – RIPA and ATCS are cases in point – is now drafted with the details left for secondary legislation that does not require a return to Parliamentary debate. The impact of legislation may be very different depending on how those details are laid out, and removing them from the debate bypasses the democratic process.

The second, the way policy is devised, is a game many countries now play: policy laundering. The game goes something like this. The US wants, say, biometrics in passports, and the UK likes the idea, too. The UK proposes it and when people object the government says, no choice, gotta have it, or the US won't let Brits into their country. When this gets old, they get the idea adopted by, say, ICAO – and thereafter they can say, no choice, it is an international standard mandated by this authority and agreed upon by all these other countries.

Of course these initiatives are not solely Blair's ideas; these proposals are showing up everywhere. But isn't the point of a good leader to resist bad ideas?

Blair was a nominee for "Worst Public Official" in Privacy International's global Big Brother awards. You can argue some geocentrism there, since PI is based in London. Still, here's what they said his credentials were: "his relentless work over ten years to expand the UK into the greatest surveillance society amongst democratic nations".

It's the "democratic" that gets you. There are plenty of countries whose leaders make Blair look like a moderate. But most of them, that's what you expect.

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

May 4, 2007

Cryptanalysis

Was Whitfield Diffie robbed when he failed to win a Big Brother Award or even secure a nomination?

It was Diffie himself who complained, and even being given the first annual Computers, Freedom, and Privacy Distinguished Innovators award didn't quite make up for the slight (pleased as he seemed to be by that recognition, which he shared with fellow cryptography inventor Ron Rivest, the 'R' in RSA).

Why does one of the key inventors of public key cryptography think he deserves to be publicly shamed for privacy invasion?

"I was thinking that cryptography is a two-edged sword," he explained, "and technology, especially complicated technologies, tend to serve the people who can invest in them." People with power – governments, large companies, big organisations – can afford to invest substantially in developing and deploying cryptography, where individuals and small outfits can't. "Use follows the structure of society. It supports the powerful and suppresses the weak."

This conference, in the mid-1990s, was a hotbed of impassioned crypto activism. One of this year's actual BBA winners was Stewart Baker, the former general counsel to the National Security Agency, whom Simon Davies, executive director of the awarding organization, Privacy International, noted was behind the US's most heinously invasive policies. Though here at CFP Baker is chiefly identified with deriding the 1994 conference by saying that the only people opposed to key escrow were those who couldn't go to Woodstock because they'd had to stay home to do their math homework.

Fortunately, Diffie waited until now to argue that crypto could be a bad thing.

Nonetheless, he has a point. Cryptography is deployed by banks, the military, and the mobile phone companies. Hardly any individuals install it personally. The most widespread use of crypto is probably SSL – the security that protects credit card details and other personal information in transit to ecommerce Web sites. Second, if not now then soon, is the trusted computing module in computers.

"My original vision was 100 million secure telephones," said Diffie. "That's come nowhere near true, and most of the secure telephones – less than a million – are in the hands of governments."

Besides key escrow, the other big crypto issue of the mid 1990s was the Clipper Chip, a government effort to create a standard for strong cryptography. Clipper was supposed to go in all kinds of things – phones, modems – but it included key escrow, and so everyone despised it. But had Clipper been deployed, consumers and businesses would in general have far more secure telephones than the wholly insecure ones they have now. This may soon change with the rise of VOIP and the understanding that data in progress across the Internet is insecure. But it's entirely arguable that the government was right in the mid 1990s when it said that deploying Clipper would enable greater general security for the masses. Certainly, nothing has arrived to do replace it.

Still, in the next decade telephony will be so completely reinvented that Diffie's old dream of the secure telephone will have little relevance. Sure, VOIP traffic may be routinely encrypted. But, he said, "Within a decade no significant program will be secure in the sense that we talk about secure computing today."

Why? Outsourcing.

In the sense that: "Nobody in the country can avoid making trade secret queries using Google." Within a decade, most of the time if you want a computing service you'll buy it in from someone you find via some form of search.
"Phone calls," added Ron Rivest in the post-award discussion, "will be kept as documents by the phone company." They'll be searchable. "The whole nature of what a phone call is is going to change in very interesting ways. It means trusting another party to manage all the data, though it's yours in principle."

(Think of your voicemail now. Technically, you own the messages, but if you use the service supplied by your telco, those messages are stored on their server, and possession and all that.)

Crypto also solves only one type of security problem; it does not defeat traffic analysis, which earlier sessions at this conference showed requires as little as 6 percent of the nodes in a network – providing they're the right 6 percent. Nor does it make clear in and of itself whom you should trust.
"I've thought for a while," Diffie said, "that the word 'trust' is not quite the right thing. There's nothing you can do about relying on people – but with mounds of traffic data, what can you protect? And that depends on how much you're willing to invest in that protection."

In Montreal, it's well known that people are not willing to invest very much. The one company that really tried to commercialize privacy software, Zero Knowledge, was based here before it crashed and burned.

"My view," he concluded, "is that we're entering a heyday of intelligence."

So does he really think he deserves a BBA? Does his name truly belong up there with Baker, the UK (worst government), ICAO (most appalling project), and "the common good" (the justification for every heinous proposal)?

"I realized I wasn't even a runner-up."

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).