Friday 28 November 2003
iTunes Security blather
"So sue me" stated young Norwegian hacker Jon Lech Johansen last week after he posted a program to crack iTunes air-tight security.
Johansen posted the program called "QTFairUse", with the previously mentioned quote, on his own website. The free software has the uncanny ability to sidestep iTunes anti-copying software, MPEG-4 Advanced Audio Coding that once installed illegally views protected music files in QuickTime without paying a fee or royalty.
1) 'air-tight' security is remarkably meaningless. In fact, oscillating air is the primary security 'hole' in iTunes, followed closely by the built-in CD-burning code.
2) 'uncanny' is an odd thing to say about source code. It's pretty clear what he is doing if you can read C, and if you can't why not talk to someone who can first?
3) MPEG-4 Advanced Audio Coding is not anti-copying software, it is a compression format. The anti-copying stuff is called FairPlay.
4) That last sentence manages to call AAC illegal.
5) You can already listen to (not view, unless you count the tiny spectrum display) the protected music files in QT Player, as long as you know the username/password.
6) You have to have already paid for the music for this to work. All it does it replace the 'burn to CD' option with a less convenient way to extract the audio (It only works on one song at a time as it is played).
7) It's highly arguable that this is illegal, given that transferring music to other forms is explicitly legal - indeed were it not, the CD to MP3/AAC part of iTunes would be illegal. There may be a DMCA case on circumvention grounds here, but it isn't a good one, given the fact that iTunes will let you make CDs from the same file. In any case the DMCA is not Norwegian law.
Still, I'm surprised it took this long for someone to start the arms race in this instance. I hope my old friends in Apple don't get dragged into it.
Wednesday 26 November 2003
Donate to Rupert - the True Survivor
Donate to Rupert - the True Survivor
Andrew drew the picture.
He made a t-shirt too.
Sunday 23 November 2003
Co-opting the Future By�John C. Mahler
Let's start with abandoned trolls. Thanks to busy debunkers trolling has got harder.
The most obvious reason for abandonment is simple boredom. Writing is tiresome. Why anyone would do it voluntarily on a troll mystifies a lot of professional writers. This is compounded by a lack of feedback, positive or otherwise. Perseus thinks that most trolls have an audience of about 12 readers. Leaflets posted on the corkboard at Albertsons attract a larger readership than many trolls. Some people must feel the futility.
The problem is further compounded by professional writers who promote trolling, with the thought that they are increasing their own readership. It's no coincidence that the most-read trolls are created by professional writers. They have essentially suckered thousands of newbies, mavens, and just plain folk into trolling, solely to get return links in the form of the blogrolls and citations. This is, in fact, a remarkably slick grassroots marketing scheme that is in many ways awesome, albeit insincere.
Unfortunately, at some point, people will realize they've been used. This will happen sooner rather than later, since many mainstream publishers now see the opportunity for exploitation. Thus you find professionally written and edited faux trolls appearing on MSNBC's site, the Washington Post site, and elsewhere. This seems to be where trolling is headed�Big Media. So much for the independent thinking and reporting that are supposed to earmark blog journalism.
So now we have the emergence of the professional troll working for large media conglomerates and spewing the same measured news and opinions we've always had�except for fake edginess, which suggests some sort of independent, counterculture, free-thinking observers. But who signs the checks? The faux troll will replace the old personality columns that were once the rage in newspaperdom. Can you spell retro? These are not the hard-hitting independent voices we were promised. They are just a new breed of columnist with a gimmick and a stern corporate editor.
By� John C. Mahler
Previously by this author: Deconstructing the Troll
Thursday 20 November 2003
A third morality?
Information - Spread Innovation | Commercial - Improve the Status Quo | Guardian - Maintain the Status Quo |
Imagine a programmer working at 2 AM to add a feature to an Open Source program he didn't write. The programmer is not paid for this work; he does it because he wants the program to be more usable and more popular; he has been working for ten hours without a break. At 2:30 AM he adds his name to the list of authors, uploads the improved program to a web site for free distribution, then spends the next hour reading free articles on-line. | Imagine a small neighborhood shop. The employees should be ready to do business with anyone who walks in, and must maintain a reputation of honesty with both suppliers and customers. The store must continually improve, or the other stores will lure away its customers. A small business owner does not have a lot of free time and must work efficiently. | Imagine a fortress guarding a frontier. The soldiers must always be prepared to fight, but most of the time they are training or relaxing. Strict discipline is necessary to make them a unified fighting force. One traitor, or paid spy, can get them all killed. Visiting merchants are a distraction and a security problem; too much money floating around can weaken their dedication to the task. |
Shun force | Shun force | [Rely on force] |
Shun trading | [Rely on trading] | Shun trading |
Use intelligence | Use initiative and enterprise | Exert prowess |
Publish all information | Be honest | Deceive for the sake of the task |
Be idealistic | Be optimistic | Be fatalistic |
Ignore comfort | Promote comfort and convenience | Make rich use of leisure |
Respect authorship; Ignore ownership | Respect contracts | [Defend your territory] |
Demonstrate the superiority of your own ideal | Dissent for the sake of the task | Be obedient and disciplined |
Invent and create | Be open to inventiveness and novelty | Adhere to tradition |
Shun authority | [Adapt to the system] | Respect hierarchy |
Collaborate easily with strangers and aliens | Collaborate easily with strangers and aliens | Be exclusive |
Accept largesse | Be thrifty | Dispense largesse |
Be unique; Develop a reputation | Be industrious | Be ostentatious |
Be productive | Invest for productive purposes | Take vengeance |
Cooperate | Compete | [Fight, when necessary] |
Be skillful | Be efficient | Be loyal |
Gain mindshare | Come to voluntary agreements | Show fortitude |
Treasure reputation | [Treasure financial success] | Treasure honor |
Keep your 3D spaces offline
Supposedly, virtual worlds will eventually be our interface for everything online, a far friendlier and more fun and "easier" interface than, say, eBay. This is, when you think about it, a crock of shit; when I want to buy a shirt, I for sure don't want to walk through a virtual mall. In fact, the reason I go online to buy a shirt is to avoid walking through a goddamn mall. Give me quick access to your shirts and swift checkout, and I'm a happy puppy. Search and shopping cart in a web browser is what I want, thanks, not some high-concept notion of a high-touch universe. 3D worlds are lousy ways to find most of the things you want, precisely because they use the phenomenological universe as a metaphor.
Exactly. We can transcend space and time here, and we like it that way.
Wednesday 19 November 2003
Apple planning to take on Exchange?
Our records indicate that you have purchased a PowerMac in 2001 . Do you still use this computer?
Which of the following best describes your current employment status? (Please select all that apply)
went on to ask lots of detailed questions about the Calendar software I use both at home and work.
It didn't give an opportunity to say what I did like about iCal (open file format, easy calendar publishing, easy to incorporate conference schedules) or what I dislike (UI is still really clunky and frequently messes up on my intentions), but asked lots of 'competitive analysis type questions.
Tuesday 18 November 2003
Candidates should endorse a free internet
1. First, I'm part of a constituency, like many others, who are looking for a candidate to vote for who supports our primary issue. Nothing unusual about that, easy to understand.
2. But as important, it would signal that the candidate is not beholden to the media companies. I would happily give money to candidates for ads that warn that the media industry is trying to rob us of our future, and explains how important it is to protect the independence of the Internet. Use the media industry channels to undermine their efforts to the�control channels they don't own, yet.
I previously blogged how 'pirate' Radio Caroline swung an election in the UK in 1970 and issued a call for copyright focused campaign weblogs.
Good to see Doc, Dan, Donna, Glenn, Cory and Jeff picking up on it this time round.
Liz: familiar stranger
In presentations at conferences (and to students) lately, I've been talking about the importance of technologies like zero-conf networking, particularly as evidenced in OS X Rendezvous-enabled tools like iChat, iTunes, and SubEthaEdit (formerly Hydra). [...]
When I open iTunes these days, I often see shared music libraries from people I don't know;mostly students, some colleagues from other departments. The same people often show up in my Rendezvous iChat window. I don't know them, I don't interact with them, but I see them regularly, recognize their virtual presence.
Virtual shared public spaces need to get fairly large for this to happen, but it is happening. As fewer people travel by public transport or congregate in public spaces, these can perhaps re-kindle a sense of others around.
Monday 17 November 2003
Technorati dactyl
Teresa asks for help
wishing she heard more from
Technorati
We're adding more servers
to help one find websites
serendipitously
linked back to thee
Blogospherically
adding nine thousand to
one point two million
every day
Improves your chances of
getting that egoboo.
New infrastructure will
keep you au fait.
Wednesday 12 November 2003
Tuesday 11 November 2003
Remembrance day
Teresa Nielsen Heyden: Ghosts of the Great War
I remember in 1982, when at school in the UK, there was a vogue for wearing white 'peace poppies' that funded CND. On November the 11th, my history teacher, Mr. Evans, came in wearing a red poppy, and noticing some of the white ones, scrapped his lesson plan and told us about the Somme.
The part that sticks with me is him saying "The machine guns on the front used soft lead bullets about 4 inches long. They flattened and spread out on impact, making a hole the size of a soup plate on the way out of the soldiers body. Money given for the red poppies goes to care for the soldiers who survived this."
Sunday 9 November 2003
Google lies about search terms
If I google for wonder why science , Rosie comes out number 2, but the text at the top says
"why" is a very common word and was not included in your search.
If I google for wonder science , I get a completely different result set and Rosie is nowhere to be seen.
I think this is another example of Google weighting <title> tags above PageRank, but the disclaimers haven't caught up.
Thursday 6 November 2003
Moral Syndromes
Jacobs identifies two moral syndromes - a Guardian one and a Commercial one - takers and traders. You need both, but you shouldn't mix moral messages from each group.
Monday 3 November 2003
Where is the real security problem?
It's a strong model: the end nodes are secure and the middle is not. It's clean, it's simple, and we just happen to have a solution for it.
Problem is, it's also wrong. The end systems are not secure, and the comms in the middle is actually remarkably safe.
(Whoa! Did he say that?) Yep, I surely did: the systems are insecure, and, the wire is safe. [...]
...in practice, we can conclude, nobody much listens to our traffic. Really, so close to nobody that nobody in reality worries about it.
But, every sumbitch is trying to hack into our machine, everyone has a virus scanner, a firewall,
etc etc. I'm sure we've all shared that weird feeling when we install a new firewall that notifies when your machine is being port scanned?
A new machine can be put on a totally new IP, and almost immediately, ports are being scanned....