Wednesday, March 31, 2004

Next up: US Patent #6,273,287, "Breathing While Using the Internet"

Politech reports the following from the Chronicle of Higher Education:

When Regis University put some of its courses online in the 1990s, officials there figured that it was a no-brainer to administer tests online as well. And so they did.

Last fall, however, they received a threatening letter from Test Central Inc., which holds a patent on various types of online testing. The company claims that Regis and other colleges may be infringing on that patent and, if so, must pay thousands of dollars to continue offering tests online.

Ellen K. Waterman, director of distance learning at the Denver institution, says she was stunned to see that somebody claimed to own the rights to online testing itself. The patent claims made by Test Central are so broad, she says, that they seem to cover any type of testing in cyberspace.

"It's very, very general," she says. "If you can patent anything that people do on the Web, we are not protected at all."

Alas, the U.S. Patent Office's attitude towards online patents has long been exactly that: For any activity X, it awards patents to "Method and Apparatus for X on the Internet". It's a bonanza for land-grabbing "intellectual property" speculators, and a disaster for actual innovation. See: Priceline, One-Click, Eolas... the list goes on and on.

Wake up call, David E. Sanger

Today's Times news analysis, When Goals Meet Reality: Bush's Reversal on 9/11 Testimony, contains a perfect example of what's wrong with our White House press corps, and more generally with our entire political media. The article opens with the claim:

When George W. Bush and Dick Cheney took office three years ago, they made no secret of their intention to restore presidential powers and prerogatives that they believed had withered under the onslaught of Washington's cycle of televised, all-consuming investigations.

According to Sanger, Bush and Cheney are making a clear claim about Presidential history: that "Presidential powers and prerogatives" have "withered" under pressure from the media and Congressional investigations. The logical followup would be to ask at least one or two historians whether Presidential powers have really withered; and if so, why?* This would not take many words, but it would give readers the crucial historical context needed to understand the White House's behavior.

Instead, Sanger elects to write mostly about the political spin that's being put on Bush and Cheney's reluctance to be forthcoming. There's some good stuff in there, recounting evidence of that reluctance; but all we get about this historical claim is the White House spin, plus one unnamed diplomat confirming that this is indeed the White House's attitude.

By now, it's a cliché that the press covers politics like a horse race, obsessing over tactics and spin instead of substance. This is just one small example.

*Incidentally, I suspect that we'd learn the following from these hypothetical interviews with historians:

  • No, the Presidential powers have not withered.
  • But, they have been subject to greater public scrutiny, especially since Watergate.
  • Most historians and political scientists believe this is a good thing.
  • The Bush/Cheney administration is almost unprecedented in its extreme unwillingness to be the object of public scrutiny or Congressional oversight.

Monday, March 22, 2004

Gotta love that "moral clarity"

Q: Where is Bush/Cheney '04 campaign clothing manufactured?

A: In Burma, "one of the most repressive, brutal dictatorships in the world". I love the spectacle of right-wingers castigating liberals for being insufficiently hawkish towards repressive, brutal dictatorships, while wearing fleece pullovers embroidered with the names of their candidates and imported from a repressive, brutal dictatorship.

Monday, March 15, 2004

March Crypto-Gram highlights

It's Crypto-Gram day again...

Lastly, and for the umpteenth time, Schneier explains why "better" (more centralized, more standardized) identity cards wouldn't make us any safer from terrorism, this time in the context of a recent proposal called V-ID, from journalist/entrepeneur Stephen Brill. The whole article is worth reading, but here are some choice passages:

Trusted people within Choicepoint and V-ID are, of course, a potential problem. Several of the 9/11 terrorists had real Virginia driver's licenses in fake names, issued by dishonest state employees. This system will not be immune to that sort of problem, although I'm sure the creators will take pains to minimize the risk.

I worry about the back-end system. Somewhere there will be a computer that generates the questions, matches identity information with government databases, and generally administers the system. The fingerprint database will be stored somewhere, possibly on every reader. These databases would be vulnerable to attack, from insiders and outsiders.


The system is designed to be decentralized, so that someone cannot be tracked through the use of the card. It is an open question as to whether law enforcement could force the company to change that design and use the system to track people. The infrastructure is all there to do that: software on the reader and a communications system between the readers and some central point. Brill has said that it would be impossible, but from his description of the system, that's clearly not true.


Brill's plan is that people who have the card get a more lenient security treatment than people without. Call it what you will, but it means that people with the card are more trusted than people without.

The reality is that the existence of the card creates a third, and very dangerous, category: bad guys with the card. Timothy McVeigh would have been able to get one of these cards. The DC sniper and the Unabomber would have been able to get this card. Any terrorist mole who hasn't done anything yet and is being saved for something big would be able to get this card. Some of the 9/11 terrorists would have been able to get this card. These are people who are deemed trustworthy by the system even though they are not.

And even worse, the system lets terrorists test the system beforehand. Imagine you're in a terrorist cell. Twelve of you apply for the card, but only four of you get it. Those four not only have a card that lets them go through the easy line at security checkpoints; they also know that they're not on any terrorist watch lists. Which four do you think will be going on the mission? By "pre-approving" trust, you're building a system that is easier to exploit.

By any serious security analysis, identity cards are not an effective antiterrorism measure. On the other hand, they would be damn handy if you wanted to track the movements and behavior of ordinary Americans for political purposes. Of course, our government would never do that.

UPDATE: More on FBI surveillance of protesters (several large Quicktime files).

Sunday, March 14, 2004

Hard to believe the man had a drug problem

At Kos, DHinMI quotes from a recent Rush Limbaugh show:

We have unnamed world leaders who somehow have reached out to John Kerry and have prayed and have urged him to win. The whole world wants Kerry to win. The fact is, he's probably telling the truth. I'll bet there are a lot of world leaders who would love to have a pacifist, ago knifing intellectual flip-flopping phony baloney, plastic banana, good-time rock 'n' roller in the White House for a change, people like Kim Jong ll, Fidel Castro, Hugo Chavez, Yasser Arafat, Father Aristide, "Baby Doc" Duvalier, Slobodan Milosevic. And I'll tell you who the number one guy, who has no doubt reached out to Kerry - Saddam Hussein.

I'm sure this quote's numerous factually incorrect characterizations have been thoroughly dissected on the Daily Kos comments by now, but I just have to say that this made me burst out laughing. What is a "plastic banana good time rock 'n roller", anyway, and why would Kim Jong Il want one in the White House? Is this some kind of bizarre Andy Warhol/Velvet Underground reference?

Tuesday, March 09, 2004

The Bitstream Vera Fonts are superb

In April 2003, Bitstream donated the Bitstream Vera font family to the GNOME project. Carefully designed, with large x-heights and clean lines, these fonts are superb for onscreen reading, and render better on my machines than the Core Web fonts from Microsoft Typography. In my opinion, Bitstream Vera Sans clearly beats Verdana; Bitstream Vera Serif is competitive with Georgia; and my new favorite monospaced font is now Bitstream Vera Sans Mono (replacing my longtime favorite, Lucida Console).

Furthermore, unlike Microsoft's fonts, the Bitstream fonts may be freely repackaged and bundled with other operating systems and software products (some enterprising people have figured out a legal way around Microsoft's restrictions, but it's still a pain).

A humble request, which I blog here in the hope that Google might someday bring it to the eyes of a web designer: if you design web pages, then target both the Microsoft core fonts and Bitstream Vera. The free license and superior rendering with freetype libraries mean that your Vera-friendly design will look good on more people's browsers. It's reasonably easy --- Vera's quite similar in "look and feel" to Verdana. Just add "Bitstream Vera Sans", "Bitstream Vera Serif", or "Bitstream Vera Sans Mono", as appropriate, to the "font-family" declarations in your CSS.

interesting gcc note

Recently I've been playing around with gcc for a class project. As part of this project, I downloaded the sources for gcc 3.3.2 (released 17 Oct. 2003), and found an interesting file named README.SCO. Its current contents read as follows:

As all users of GCC will know, SCO has recently made claims concerning alleged copyright infringement by recent versions of the operating system kernel called Linux. SCO has made irresponsible public statements about this supposed copyright infringement without releasing any evidence of the infringement, and has demanded that users of Linux, the kernel most often used with the GNU system, pay for a license. This license is incompatible with the GPL, and in the opinion of the Free Software Foundation such a demand unquestionably violates the GNU General Public License under which the kernel is distributed.

We have been urged to drop support for SCO Unix from this release of GCC, as a protest against this irresponsible aggression against free software and GNU/Linux. However, the direct effect of this action would fall on users of GCC rather than on SCO. For the moment, we have decided not to take that action. The Free Software Foundation's overriding goal is to protect the freedom of the free software community, including developers and users, but we also want to serve users. Protecting the community from an attack sometimes requires steps that will inconvenience some in the community. Such a step is not yet necessary, in our view, but we cannot indefinitely continue to ignore the aggression against our community taken by a party that has long profited from the commercial distribution of our programs. We urge users of SCO Unix to make clear to SCO their disapproval of the company's aggression against the free software community. We will have a further announcement concerning continuing support of SCO Unix by GCC before our next release.

An interesting threat. If gcc were traditional proprietary software, and SCO were a real technology company, then SCO would be shitting their pants, because SCO sells Unix, and gcc is to Unix programming what vulcanized rubber is to driving an automobile. However, as it is, dropping support for SCO would be a largely symbolic action, for two reasons:

  1. gcc is not proprietary software. The (L)GPL under which gcc is distributed gives SCO the source code and legal freedom to maintain the SCO Unix port themselves. Furthermore, gcc is highly portable to any platform that even vaguely resembles Unix. So, even if the gcc steering committee stopped maintaining a SCO port entirely, a couple of in-house gcc hackers at SCO could easily keep SCO Unix gcc alive --- all because of the (L)GPL. The irony is obvious.
  2. The SCO Group is not a real technology company. The two predecessors of The SCO Group --- The Santa Cruz Operation and Caldera Inc. --- were once real technology companies. Now, SCO exists purely as a litigation-based concern. Even if all Unix compilers magically stopped working on SCO Unix tomorrow, SCO would keep chugging along, because software products and services are completely irrelevant to the company's current mission: to harass deep-pocketed companies with bogus lawsuits, in a desperate attempt to either (1) annoy someone enough to get bought, or at least (2) drive up the stock price long enough for the owners to cash out.

OK, must get back to work.