Tangled Webs

Well, as far as I can understand it, this is the position…

The Federal Trade Commission (FTC) has been trying to clamp down on telemarketing (cold-calling to you and me). It set up a do-not-call registry on which you can lodge your number if you do not wish to be pestered by marketers’ phone calls. The telemarketers’ industry association then went to court, arguing that their First Amendment rights were being violated by this high-handed government interference. On September 29 a judge (named Nottingham) agreed and granted the pests an order that barred the FTC from fining them for dialling registered numbers. The Commission announced that it would appeal all the way to the Supremes and yesterday a federal appeals court let the FTC enforce its do-not-call program against telemarketers, pending the outcome of its appeal against the Nottingham ruling. The Appeals Court judges seem to think that the FTC will win the Constitutional case. And why not? It seems daft to maintain that a double-glazing salesman has Free Speech rights to intrude on my privacy.

This tele-marketing case, however, is really just a dry-run for the spam problem. Here the spammers seem to have convinced the Congress that they also have Constitutional Rights to fill one’s personal inbox with revolting ads for unmentionable products. This has led Congress to the perverse idea that enabling people to ‘opt out’ of spam is the way to solve the problem — analogously to the telemarketing policy. So anyone wishing to avoid spam will have to register his email address(es) with some federal body which will then be empowered to fine spammers for violations. As if… !

It’s a patently daft and unworkable approach. Compare it with the emerging (and broadly sensible) EU policy — which is that consumers would actively have to ‘opt in’ to receive unsolicited email. But because the Net is a global system, the EU policy cannot work so long as the US operates a diametrically opposed approach. We’re doomed.

California dreaming

Tom Lehrer famously said that satire died the day Henry Kissinger was awarded the Nobel Peace Prize. What, one wonders, would he have made of the fact that Arnold Schwarzenegger has been elected Governor of California? I love California — well, the Northern bit of it anyway — but really it’s a basket-case politically. Someone once said that, geologically speaking, the US slopes from East to West — which explains why everything in America with a screw loose winds up in California. Amen.

Why Linux and Unix-based systems are less vulnerable

One of the myths frequently propagated by Microsoft apologists goes like this: “Sure, Windows users are plagued with viruses, worms, trojans and other nuisances. But that’s only because Windows is the dominant system. If everyone used Linux, then the world would be full of Linux worms, viruses and trojans”.

It’s a superficially plausible line of argument, but wrong, because it ignores the architectural differences between different types of operating systems. Linux/Unix, for example, allows users much less freedom to inadvertently trash the entire system (though they may make a mess of their home directory). Linux email is less vulnerable to malicious executable attachments simply because the business of handling attachments is more fiddly and not just a matter of click-and-regret. And so on. There’s an interesting and useful essay in The register about all this.

At last! M’learned friends take an interest in liability issues arising from Microsoft vulnerabilities

I’ve been thinking for a while that we will only see progress on the security front when software companies (particularly the biggest, but others too) are held accountable for flaws in their products which damage their customers. And now the NYT reports the first Class Action suit in the State Superior Court in Los Angeles, asserting that Microsoft engaged in unfair business practices and violated California consumer protection laws by selling software riddled with security flaws. Quotes:

“The litigation, legal experts said, is an effort to use the courts to make software subject to product liability law — a burden the industry has so far avoided and strenuously resisted.

“For a software company to be held liable would be a real extension of liability as it now stands,” said Jeffrey D. Neuburger, a technology lawyer at Brown Raysman Millstein Felder & Steiner.

To date, software companies have sidestepped liability suits partly by selling customers a license to use their programs — not actual ownership — with a lengthy list of caveats and disclaimers. So the warranty programs offered by PC makers, for example, cover hardware but not software.

The industry has argued that software is a highly complex product, often misused or modified by consumers. Assigning responsibility for a failure, the argument goes, would be unfair to any single company.

Besides, software executives say, the industry is a fast-changing global business that is largely led by United States companies. Opening the industry up to product liability lawsuits, they say, would chill innovation and undermine the competitiveness of American companies.”

Tsk, tsk. I’m sure it would indeed ‘chill’ innovation in Microsoft products. It would lead to longer and slower release cycles and much more intensive testing and less ‘feature bloat’. Legal liability chilled innovation in the automobile industry. It also saved a lot of lives. And it stimulated innovation in safety technologies, leading to cars which are immeasurably safer than their predecessors of 40 years ago.

Beyond Fear reviewed

Useful Slashdot review of Bruce Schneier’s latest book, Beyond Fear: thinking sensibly about security in an uncertain world.

Net now reaches into nearly 50% of UK homes

According to the Office of National Statistics, 48% of British homes now have access to the Net.