To MI5 with love

Posted on by

The Economist‘s succinct summary of the draft investigatory Powers bill:

The government has been caught between the civil-liberties lobby and the intelligence agencies, with much dancing back and forth in the press over the past few weeks, but has come down on the side of the spies. It is in agreement with the public: a recent YouGov poll found Britons think spies should be given more powers (perhaps reasoning that Tesco knows more about them than MI5 ever will). Though civil-liberties groups, empowered by the information leaked by Edward Snowden, are louder than ever, the government has decided to speak for its intelligence agencies, who cannot speak for themselves.

I agree with everything here, except the last clause. Clearly the Economist hasn’t been reading the right-wing press, or listening to the spooks’ charm offensive on the media in the months leading up to publication of the draft bill.

US foreign policy in a nutshell

Posted on by

From Bill Moyers:

“ISIS is seen in Washington as a grave terrorist threat with the potential to knock over the unpopular and unstable regimes of the Middle East (i.e., our client states) like bowling pins. Yet the Washington Consensus sees as the key to defeating ISIS the undermining of the regime of Bashar al-Assad, ISIS’s principal military enemy. If a US general in 1942 declared the only way to defeat the Wehrmacht would be for us to fight Nazi Germany and the USSR simultaneously, he would have been committed to a lunatic asylum.”

Amazon’s Cloud Nine

Posted on by

This morning’s Observer column:

In 1999, Andy Grove, then the CEO of Intel, was widely ridiculed for declaring that “in five years’ time there won’t be any internet companies. All companies will be internet companies or they will be dead.” What he meant was that anybody who aspired to be in business in 2004 would have to deal with the internet in one way or another, just as they relied on electricity. And he was right; that’s what a GPT is like: it’s pervasive.

But digital technology differs in four significant ways from earlier GPTs. First of all, it is characterised by zero – or near-zero – marginal costs: once you’ve made the investment needed to create a digital good, it costs next to nothing to roll out and distribute a million (or indeed a billion) copies. Second, digital technology can exploit network effects at much greater speeds than the GPTs of the past. Third, almost everything that goes on in digital networks is governed by so-called power law distributions, in which a small number of actors (sites, companies, publishers…) get most of the action, while everyone else languishes in a “long tail”. Finally, digital technology sometimes gives rise to technological “lock-in”, where the proprietary standards of one company become the de facto standards for an entire industry. Thus, Microsoft once had that kind of lock-in on the desktop computer market: if you wanted to be in business you could have any kind of computer you wanted – so long as it ran Windows…

Read on

LATER Just came on this — which makes the same point about Amazon’s AWS, only more forcefully.

Two cheers for the Librarian of Congress

Posted on by

Sometimes the Librarian of Congress does the right thing:

Every three years, the Librarian of Congress issues new rules on Digital Millennium Copyright Act exemptions. Acting Librarian David Mao, in an order (PDF) released Tuesday, authorized the public to tinker with software in vehicles for “good faith security research” and for “lawful modification.”

The decision comes in the wake of the Volkswagen scandal, in which the German automaker baked bogus code into its software that enabled the automaker’s diesel vehicles to reduce pollutants below acceptable levels during emissions tests.

“I am glad they granted these exemptions,” said Sherwin Siy, vice president for legal affairs for Public Knowledge in Washington, DC. “I am not glad it was necessary for them to do so in the first place.”

The auto industry, and even the Environmental Protection Agency, opposed the vehicle-tinkering rules that were proposed by the Electronic Frontier Foundation and others. About every 36 months, the Librarian of Congress and the Copyright Office entertain proposals for exemptions to the DMCA, which was passed in 1998. The DMCA prohibits circumventing encryption or access controls to copy or modify copyrighted works. The ultimate decision rests with the Librarian of Congress.

Just a pin-prick? Or a big deal?

Posted on by

This morning’s Observer column:

If you have ever been a hospital patient, then you will know the drill: before anything else happens, you have to have your “bloods done”. You roll up your sleeve, a phlebotomist searches your lower arm for a suitable vein, inserts a sterilised needle and extracts a blood sample that is then labelled and sent off to a lab for analysis.

Depending on your condition, this can happen a lot. If you are a cancer sufferer on chemotherapy, for example, you may come to think of your arms as pincushions and you sometimes have to watch in dismay as the phlebotomist hunts up and down for a suitable vein. Although the analysis of blood samples is now highly automated and efficient, at the sample-collection end it’s very time consuming and resource intensive.

The mind boggles at the amount the National Health Service must spend on it every year. And yet it is an absolutely central part of modern healthcare: blood tests are on the critical path of a very large number of diagnostic and treatment regimes.

Enter Theranos, a California startup that has (or claims to have) developed novel approaches to laboratory-based diagnostic blood tests using the science of microfluidics, which concerns the manipulation of tiny amounts of fluids (think ink-jet printers, for example)…

Read on.

So even Apple can’t break into my iPhone?

Posted on by

Hmmm… I wonder. This from SiliconBeat:

Apple says it would be burdensome — and mostly impossible — for it to unlock people’s iPhones upon the request of law enforcement.

In a legal filing this week, the iPhone maker answered a question posed by U.S. Magistrate Judge James Orenstein, who had been urged by federal prosecutors to force Apple to unlock an iPhone. Orenstein said last week that he would defer ruling until Apple let him know whether it’s feasible to bypass an iPhone’s passcode.

Here’s the meat of Apple’s response, which comes amid law enforcement officials’ growing frustration over tech companies’ increased privacy and security efforts:

“In most cases now and in the future, the government’s requested order would be substantially burdensome, as it would be impossible to perform. For devices running iOS 8 or higher, Apple would not have the technical ability to do what the government requests—take possession of a password protected device from the government and extract unencrypted user data from that device for the government. Among the security features in iOS 8 is a feature that prevents anyone without the device’s passcode from accessing the device’s encrypted data. This includes Apple.”

The fallout from the Safe Harbor judgment — contd.

Posted on by

From today’s New York Times:

Companies are scrambling. American and European lawmakers are upset. And no one really knows how to respond.

The cause of the anxiety? The decision two weeks ago by Europe’s highest court to strike down a 15-year-old international agreement, known as safe harbor, that had allowed companies to move digital information like people’s web search histories between the European Union and the United States.

The ruling has left businesses like Facebook and Google, which rely on the easy transfer of online information to make money from digital advertising, on uneasy legal footing.

A new safe harbor agreement between Europe and the United States could help ease some of that uncertainty, but negotiators have been unable to reach a new deal for two years.

And in a sign of increased tension, European privacy regulators say they will start to enforce tougher oversight of data transfers, including issuing fines and banning overseas data transfers, by the end of January if a new agreement is not reached.