Monthly Archives: October 2007

Bogus email ‘agreements’

Posted on by

I’m perpetually irritated by the ludicrous legalese that organisations force employees to tag onto the end of email messages. Here’s a typical example:

This e-mail and all attachments are confidential and may also be privileged. If you are not the named recipient, please notify the sender and delete the e-mail and all attachments immediately. Do not disclose the contents to another person. You may not use the information for any purpose, or store, or copy, it in any way.

Up to now, my standard reaction has been to mutter “Oh Yeah! You and whose army?” But I’ve just noticed that Cory Doctorow, Whom God Preserve, has had a better idea. He has decided that ridicule is the best defence against this nonsense. His boilerplate legalese reads:

READ CAREFULLY. By reading this email, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies (“BOGUS AGREEMENTS”) that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

I’m going to add this to my email signature options so that anyone who signs off with legalese will have the compliment returned, in spades.

Later: Hmmm… I’ve obviously touched a chord here. Lovely email from James Cridland pointing me to his personal legalese:

Terms and conditions of receipt of email

These terms and conditions apply to emails sent to the above email addresses or any containing ‘james’ before the @ sign and ‘cridland.net’ after the @ sign. Unsolicited email is herein defined as email which is not the result of demonstrable prior contact using or quoting such an address. No guarantee of confidentiality is given, or honoured, on receipt of unsolicited email, irrespective of any terms and conditions block contained therein. It is illegal to send EU citizens unsolicited commercial email without the users’ explicit (opt-in) permission, according to The Directive on Privacy and Electronic Communications (2002/58/EC). This site owner reports all such mail direct to your ISP.

That’s the stuff! I feel better already.

The Storm ‘worm’

Posted on by

Bruce Schneier has a sobering briefing on what he calls “the future of malware”.

Although it’s most commonly called a worm, Storm is really more: a worm, a Trojan horse and a bot all rolled into one. It’s also the most successful example we have of a new breed of worm, and I’ve seen estimates that between 1 million and 50 million computers have been infected worldwide.

Old-style worms — Sasser, Slammer, Nimda — were written by hackers looking for fame. They spread as quickly as possible (Slammer infected 75,000 computers in 10 minutes) and garnered a lot of notice in the process. The onslaught made it easier for security experts to detect the attack, but required a quick response by antivirus companies, sysadmins, and users hoping to contain it. Think of this type of worm as an infectious disease that shows immediate symptoms.

Worms like Storm are written by hackers looking for profit, and they’re different. These worms spread more subtly, without making noise. Symptoms don’t appear immediately, and an infected computer can sit dormant for a long time. If it were a disease, it would be more like syphilis, whose symptoms may be mild or disappear altogether, but which will eventually come back years later and eat your brain.

Storm represents the future of malware. Let’s look at its behavior:

1. Storm is patient. A worm that attacks all the time is much easier to detect; a worm that attacks and then shuts off for a while hides much more easily.

2. Storm is designed like an ant colony, with separation of duties. Only a small fraction of infected hosts spread the worm. A much smaller fraction are C2: command-and-control servers. The rest stand by to receive orders. By only allowing a small number of hosts to propagate the virus and act as command-and-control servers, Storm is resilient against attack. Even if those hosts shut down, the network remains largely intact, and other hosts can take over those duties.

3. Storm doesn’t cause any damage, or noticeable performance impact, to the hosts. Like a parasite, it needs its host to be intact and healthy for its own survival. This makes it harder to detect, because users and network administrators won’t notice any abnormal behavior most of the time.

4. Rather than having all hosts communicate to a central server or set of servers, Storm uses a peer-to-peer network for C2. This makes the Storm botnet much harder to disable. The most common way to disable a botnet is to shut down the centralized control point. Storm doesn’t have a centralized control point, and thus can’t be shut down that way…

There’s more, and none of it is pretty.

Not that we really have any idea how to mess with Storm. Storm has been around for almost a year, and the antivirus companies are pretty much powerless to do anything about it. Inoculating infected machines individually is simply not going to work, and I can’t imagine forcing ISPs to quarantine infected hosts. A quarantine wouldn’t work in any case: Storm’s creators could easily design another worm — and we know that users can’t keep themselves from clicking on enticing attachments and links.

Redesigning the Microsoft Windows operating system would work, but that’s ridiculous to even suggest. Creating a counterworm would make a great piece of fiction, but it’s a really bad idea in real life. We simply don’t know how to stop Storm, except to find the people controlling it and arrest them.

This is the other side of the end-to-end coin.

The looming Google threat

Posted on by

Microsoft used to be the big threat, but it’s fading as the importance of the platform erodes. I’ve been saying for years that Google will be an even bigger public-policy problem than Microsoft ever was. Jeff Jarvis seems to agree and explains why:

Consumers, as we used to be called, won’t support media and journalism with their money. Advertising will. We will become entirely dependent on advertising. And what happens when Google controls the majority of online ad revenue in this country? They’re headed there, for as a TechCrunch commenter points out, Google’s online ad revenue and share of revenue are growing faster than online advertising as a whole.

On the one hand, we should be grateful to Google for enabling the support of much new media. On the other hand, we should fear teh the vice in which Google holds our privates. That’s where media power is consolidating — not in old conglomerates (some of which now depend for a good bit of revenue on who? — on Google.)

I’m not blaming Google for getting to this point. Big, old media handed them this opportunity on a platter. Google was the one company that truly understood the economics of the open network. It understood that it could grow much bigger enabling than controlling. We in media should have followed that model. We should have asked WWGD. What would Google do?

So what do we do now? We need new networks that identify and create new marketplaces for new value — greater value than the coincidence of words on a page, which Google sells. We need to create our own high-value networks (e.g., hyperlocal news). We need open networks that compete with the closed aspects of Google; openness is water to the witch of an opaque network like Google’s.

That “iPod moment” meme

Posted on by

Jeff Jarvis has a forceful disquisition on “the iPod moment for newspapers”. He makes the point that the newspaper industry has for a long time assumed that its salvation lay in ‘e-paper’ — a flexible, foldable, high-res electronic display technology which would allow newspapers to continue as they were but with added e-power. Jeff’s view is that it ain’t gonna be like that, and I’m sure that he’s right. The new iPhone and iPod Touch devices are already pretty impressive as networked readers, and they will doubtless get better in the next couple of years.

I had an interesting discussion yesterday with Brian about the use of the term ‘iPod moment’. It’s slightly misleading because it implies that the appearance of a gizmo is the crucial event. Not so. The genius of the iPod was that it was paired from the outset with iTunes software — and that that software had a beautiful, intuitive interface. It was the combination of the two that made it simple for the average non-techie to manage compressed music files. There were lots of portable MP3 players before the iPod, but syncing them to a PC involved geekery to some degree and so was not for ordinary mortals.

So what really constitutes an ‘iPod moment’ is the instant when it becomes possible for the average consumer to engage in a practice that is terminally disruptive for an established industry.

Wikiwars visualised

Posted on by

This is a graphical visualisation of the 20 most hotly-revised articles in Wikipedia. The diagram comes from a fascinating article on how it was constructed. In essence, the authors used network theory:

We began this piece by representing the data as a network. In this case the nodes in the network are wikipedia articles and the edges are the links between articles. We then (with some help from our friends at Sandia) used an algorithm to lay out all 650,000 nodes (wikipedia articles) that had at least one link in such a way that similar articles are near one another. These are the yellow dots, which when viewed at low res give a yellow tint to the whole picture.

The sizes of the nodes (circles, dots, whatever you want to call them), are based on a model of revision activity. So large circles indicate that an article might be controversial, or the subject of lots of vandalism, or just a topic whose content frequently changes. We labeled only the largest nodes, to keep it readable. There is an interactive version of this in the works based on the google maps platform which will change the labels and pictures used as the user ‘zooms’ in or out. Stay tuned for that.

The image used for each tile was selected automatically, simply by using the first image in the most linked to article among all the articles in that tile. We were pleasantly surprised by the quality of the images that appeared.

Our hope for this visualization approach, which we continue to improve on, is that it could be updated in real time to give a macro sense of what is happening in Wikipedia. I personally hope that some variation of it will end up in high schools as a teaching tool and for generating discussions…

Vicious beasts and melting butter

Posted on by

This morning’s Observer column

It is said that savage beasts are most dangerous when cornered. Cue the record industry, lashing out with increasing viciousness in its death throes. It’s been pursuing a policy of suing file-sharers, most of whom have settled out of court. But a court in Minnesota has been hearing the first of these cases that has actually come to court….

Why Did Google Buy Jaiku?

Posted on by

According to Technology Review, it’s all about mobile phones.

The terms of the deal haven’t been announced, but regardless of Jaiku’s price tag, the purchase could be a significant one. Google has long been rumored to be working on a mobile phone, or “gPhone”; Jaiku was originally developed as software for cell phones, and one of the company’s cofounders, Jyri Engeström, was a product manager at Nokia.

While Google has refused to comment directly on whether it’s developing mobile-phone products, its activities over the past few months indicate that it is. Google has announced its intention to bid on a large swath of spectrum in early 2008; it has acquired a mobile-phone software startup, Android, based in Palo Alto, CA; and in a handful of public statements, representatives of the company have alluded to trying to make the mobile experience better. When asked for comment, Google referred to its public statement about the purchase: “Although we don’t have definite plans to announce at this time, we’re excited about helping to drive the next round of developments in Web and mobile technology.”

Hmmm… Pure speculation, of course.

Is the oil, then?

Posted on by

Writing in the LRB, Jim Holt thinks it is

Iraq is ‘unwinnable’, a ‘quagmire’, a ‘fiasco’: so goes the received opinion. But there is good reason to think that, from the Bush-Cheney perspective, it is none of these things. Indeed, the US may be ‘stuck’ precisely where Bush et al want it to be, which is why there is no ‘exit strategy’.

Iraq has 115 billion barrels of known oil reserves. That is more than five times the total in the United States. And, because of its long isolation, it is the least explored of the world’s oil-rich nations. A mere two thousand wells have been drilled across the entire country; in Texas alone there are a million. It has been estimated, by the Council on Foreign Relations, that Iraq may have a further 220 billion barrels of undiscovered oil; another study puts the figure at 300 billion. If these estimates are anywhere close to the mark, US forces are now sitting on one quarter of the world’s oil resources. The value of Iraqi oil, largely light crude with low production costs, would be of the order of $30 trillion at today’s prices. For purposes of comparison, the projected total cost of the US invasion/occupation is around $1 trillion.

Who will get Iraq’s oil? One of the Bush administration’s ‘benchmarks’ for the Iraqi government is the passage of a law to distribute oil revenues. The draft law that the US has written for the Iraqi congress would cede nearly all the oil to Western companies. The Iraq National Oil Company would retain control of 17 of Iraq’s 80 existing oilfields, leaving the rest – including all yet to be discovered oil – under foreign corporate control for 30 years. ‘The foreign companies would not have to invest their earnings in the Iraqi economy,’ the analyst Antonia Juhasz wrote in the New York Times in March, after the draft law was leaked. ‘They could even ride out Iraq’s current “instability” by signing contracts now, while the Iraqi government is at its weakest, and then wait at least two years before even setting foot in the country.’ As negotiations over the oil law stalled in September, the provincial government in Kurdistan simply signed a separate deal with the Dallas-based Hunt Oil Company, headed by a close political ally of President Bush.

How will the US maintain hegemony over Iraqi oil? By establishing permanent military bases in Iraq. Five self-sufficient ‘super-bases’ are in various stages of completion. All are well away from the urban areas where most casualties have occurred. There has been precious little reporting on these bases in the American press, whose dwindling corps of correspondents in Iraq cannot move around freely because of the dangerous conditions. (It takes a brave reporter to leave the Green Zone without a military escort.) In February last year, the Washington Post reporter Thomas Ricks described one such facility, the Balad Air Base, forty miles north of Baghdad. A piece of (well-fortified) American suburbia in the middle of the Iraqi desert, Balad has fast-food joints, a miniature golf course, a football field, a cinema and distinct neighbourhoods – among them, ‘KBR-land’, named after the Halliburton subsidiary that has done most of the construction work at the base. Although few of the 20,000 American troops stationed there have ever had any contact with an Iraqi, the runway at the base is one of the world’s busiest. ‘We are behind only Heathrow right now,’ an air force commander told Ricks…

James Michaels RIP

Posted on by

The man who turned Forbes into a great read, is dead. Nice obit in the Economist, which refers to his greatest scoop: he witnessed the assassination of Mahatma Gandhi. Here’s his report:

‘Bapu (father) is finished’

New Delhi, January 30, 1948: Mohandas K. Gandhi was assassinated today by a Hindu extremist whose act plunged India into sorrow and fear.

Rioting broke out immediately in Bombay.

The seventy-eight-year-old leader whose people had christened him the Great Soul of India died at 5:45 p.m. (7:15 a.m. EST) with his head cradled in the lap of his sixteen-year-old granddaughter, Mani.

Just half an hour before, a Hindu fanatic, Ram Naturam, had pumped three bullets from a revolver into Gandhi’s frail body, emaciated by years of fasting and asceticism.

Gandhi was shot in the luxurious gardens of Birla House in the presence of one thousand of his followers, whom he was leading to the little summer pagoda where it was his habit to make his evening devotions.

Dressed as always in his homespun sacklike dhoti, and leaning heavily on a staff of stout wood, Gandhi was only a few feet from the pagoda when the shots were fired.

Gandhi crumpled instantly, putting his hand to his forehead in the Hindu gesture of forgiveness to his assassin. Three bullets penetrated his body at close range, one in the upper right thigh, one in the abdomen, and one in the chest.

He spoke no word before he died. A moment before he was shot he said–some witnesses believed he was speaking to the assassin–”You are late.”

The assassin had been standing beside the garden path, his hands folded, palms together, before him in the Hindu gesture of greeting. But between his palms he had concealed a small-caliber revolver. After pumping three bullets into Gandhi at a range of a few feet, he fired a fourth shot in an attempt at suicide, but the bullet merely creased his scalp.

From A treasury of great reporting: literature under pressure from the sixteenth century to our own time, edited by Louis L. Snyder, Simon & Schuster, 1949.