Tuesday, November 29, 2005
More on HIV/AIDS Denial and Eliza Jane Scovill
Dr. Trent McBride refutes the major points of the criticisms of the coroner's report by Mohammed Al-Bayati regarding pathology, and Dr. Nick Bennett addresses the clinical issues.
Saturday, November 26, 2005
Lottery winner tragedies continue
The body of Virginia Metcalf Merida, winner with her husband of a $65.4 million Powerball jackpot with her husband in 2000, was found dead in her 5,000 sf geodesic dome in Newport, Kentucky. She had apparently been dead for days before her son found her body Wednesday. She and her husband, Mack Wayne Metcalf, split up when they won the jackpot, and he died in 2003 at age 45 without "starting fresh" in Australia as he had planned. (Instead, he moved into a replica of George Washington's Mt. Vernon home in Kentucky.)
Jack Whittaker, the West Virginia millionaire who won the largest lottery jackpot in U.S. history in 2002 ($314.9 million, Powerball), had his granddaughter die of a drug overdose in his home, was robbed of $545,000 cash while unconscious in a strip club, had his home and office robbed, was arrested twice for drunk driving and once for assault, and was accused of groping women at a racetrack.
Rotten.com has a lengthy list of lottery winner troubles here.
UPDATE (September 15, 2007): The Arizona Republic has an update on Jack Whittaker--his wife has left him, he's been involved in 460 legal actions since his win, he has no friends, everyone is always asking him for money (or trying to steal from him, often successfully), and he says he's going to be remembered as "the lunatic who won the lottery" rather than, as he desires, "someone who helped a lot of people."
Jack Whittaker, the West Virginia millionaire who won the largest lottery jackpot in U.S. history in 2002 ($314.9 million, Powerball), had his granddaughter die of a drug overdose in his home, was robbed of $545,000 cash while unconscious in a strip club, had his home and office robbed, was arrested twice for drunk driving and once for assault, and was accused of groping women at a racetrack.
Rotten.com has a lengthy list of lottery winner troubles here.
UPDATE (September 15, 2007): The Arizona Republic has an update on Jack Whittaker--his wife has left him, he's been involved in 460 legal actions since his win, he has no friends, everyone is always asking him for money (or trying to steal from him, often successfully), and he says he's going to be remembered as "the lunatic who won the lottery" rather than, as he desires, "someone who helped a lot of people."
America is Safer
The Department of Homeland Security has awarded a $36,300 grant to prevent terrorists from using bingo halls in Kentucky to raise funds for their activities. The money will go to the state's Office of Charitable Gaming to provide five investigators with "laptop computers and access to a commercially operated law-enforcement database."
Wednesday, November 23, 2005
Gambling and Free Airfare
I just read in The Economist (I'm a few weeks behind and trying to catch up) that Ryanair wants to introduce gambling on flights by 2007, which it thinks may generate enough revenue to not have to charge passengers air fare. Ryanair has already offered free flights (you still have to pay about 15 pounds for taxes and fees) from London's Stansted airport to some European destinations, as well as fares under five pounds.
Ryanair took Southwest's playbook and took it to the next level. They fly using smaller regional airports, make the flight crews pay for their own uniforms, etc.
Ryanair took Southwest's playbook and took it to the next level. They fly using smaller regional airports, make the flight crews pay for their own uniforms, etc.
Pharyngula's P.Z. Myers Profiled
The Minneapolis/St. Paul City Pages features a nice profile piece on P.Z. Myers as the cover story for November 23, titled "The Mad Scientist: Biologist and blogger PZ Myers speaks out on the war on science, intelligent design, and the sexual habits of giant squid."
MoMA: SAFE: Design Takes on Risk
There's an interesting exhibition at the Museum of Modern art in New York called "SAFE: Design Takes on Risk." It was originally going to be an exhibition on "Emergency," planned in March 2001 by Paola Antonelli, MoMa's curator of architecture and design, but the events of September 11 put that on hold. She then broadened the topic to cover safety, survival, and rescue. The official description on the website is "devoted to objects designed to protect body and mind from dangerous or stressful circumstances; respond to situations of emergency; ensure clarity and information; and provide a sense of comfort and security."
The exhibit includes a wide variety of interesting objects designed to protect against dangers or survive dangerous conditions. There are anti-theft chairs (that you can hook a bag to while you're sitting in a public place to avoid purse snatchers), a NY subway "help point intercom," airline passenger briefing cards, a variety of locks, a bicycle that folds to 50% its original size to store or lock more securely, a kidney transporter that resembles an iMac, "QuikClot" temporary traumatic wound treatment, a bulletproof duvet cover, and many other interesting objects and devices.
The exhibit includes a wide variety of interesting objects designed to protect against dangers or survive dangerous conditions. There are anti-theft chairs (that you can hook a bag to while you're sitting in a public place to avoid purse snatchers), a NY subway "help point intercom," airline passenger briefing cards, a variety of locks, a bicycle that folds to 50% its original size to store or lock more securely, a kidney transporter that resembles an iMac, "QuikClot" temporary traumatic wound treatment, a bulletproof duvet cover, and many other interesting objects and devices.
Monday, November 21, 2005
Freedom Summit: photos and blog entries
There are some photos of the Freedom Summit at Flickr. I'm the guy in the green T-shirt on the left listening to David Friedman in this photo; Einzige and I are seen in this photo listening to Edward Stringham. (Apparently we avoided having our faces photographed.)
In addition to Angela's take at Liberated Space which Einzige already mentioned, Sunni Marravillosa (one of the speakers) has blogged about it here and Enjoy Every Sandwich has blogged about Jim Bovard, George H. Smith, and Freedom Summit days one and two.
In addition to Angela's take at Liberated Space which Einzige already mentioned, Sunni Marravillosa (one of the speakers) has blogged about it here and Enjoy Every Sandwich has blogged about Jim Bovard, George H. Smith, and Freedom Summit days one and two.
HIV/AIDS Denial and Death
Christine Maggiore, an HIV-positive former clothing executive who is convinced that HIV does not cause AIDS, refused to take AZT to prevent maternal-fetal transmission of the virus or have her children tested. Maggiore is the author of an HIV skeptical book and has gone on numerous TV shows to argue for her views. Her 3-year-old daughter, Eliza Jane Scovill, died in September, and the coroner diagnosed the cause of death as AIDS-related pneumonia.
Maggiore has now found another HIV/AIDS denier, a veterinary pathologist and toxicologist, to criticize and question the coroner's report. Orac dissects the vet's criticisms here.
(For more on HIV/AIDS skepticism, I recommend Steve Harris' "The AIDS Heresies" which was published in Skeptic magazine vol. 3, no. 2, 1995.)
Maggiore has now found another HIV/AIDS denier, a veterinary pathologist and toxicologist, to criticize and question the coroner's report. Orac dissects the vet's criticisms here.
(For more on HIV/AIDS skepticism, I recommend Steve Harris' "The AIDS Heresies" which was published in Skeptic magazine vol. 3, no. 2, 1995.)
Sunday, November 20, 2005
Naturals and Unnaturals
At Pharyngula:
I think we've been dividing the world along the wrong axes. It's normal for us to dichotomize our interactions along simple, one-dimensional lines—liberal-conservative, men-women, atheist-theist—and while that is a useful way to categorize (as long as we don't get so committed to the extremes that we fail to recognize them as continua), I fear that we've neglected to notice one dimension that is extremely relevant to the current discourse.
... I need a label, so I'm going to call those people who consider material evidence paramount and regard the real world as a mostly sufficient container of phenomena that define our existence the Naturals. ...
What's the contra position? There are those who think inspiration and intuition and all the internal imagery of their minds define their external reality; that what they wish to be so will be so if only they can articulate it and select and distort evidence for the purposes of persuasion. ...
I'm going to call them Unnaturals, plainly enough.
More at the source. Needless to say, we're Naturals here...
Saturday, November 19, 2005
Freedom Summit: Complete Kookery
Steven M. Greer, M.D., the creator of CSETI (Center for the Study of Extraterrestrial Intelligence), brought the Freedom Summit to a low point. Greer, whose CSETI group used to go wandering in the woods to communicate with aliens by waving their high-powered flashlights (as documented by Alex Heard in Outside magazine), was promoting his Disclosure Project.
Greer gave a rambling speech filled with claims of his direct connections with senior government officials which prove that the U.S. has been in possession of alien propulsion technology since the 1950s. According to Greer, this technology obsoletes gas, oil, coal, nuclear, and all other forms of energy production in use today--that we have not needed to burn any such fuels since 1950. He claimed that billions of dollars of taxpayer money have been put into black budget projects involving this alien technology, which is being suppressed by the "kleptocracy," an "interlocking" group of government officials and private families which run the world. He did not explain the economics of why the government would be pouring billions of dollars into suppressing the use of a technology which could generate trillions of dollars in revenue.
He made much of an alleged briefing he gave to CIA Director James Woolsey on UFOs in 1993, while failing to note Woolsey's account of that meeting, which characterizes it as a "dinner party" at which Greer sat at a table with Woolsey and his wife Suzanne and with James Petersen and his wife Diane. The four of them signed the letter to Greer chiding him for publishing a "distorted" account and for portraying their "politeness as acquiescence and questions as affirmations."
It wasn't clear how many, if any, people in the audience were taking him seriously, though they did let him speak. The first question in the Q&A session was a good one: "Why haven't you been killed?" Greer answered that he took plenty of precautions by going public very loudly (appearing on Larry King) and that he had the protection of a third of the secretive (and nonexistent!) MJ-12 organization who want the truth about UFOs to come out, but that he has received many threats. The next questioner, noting that Greer kept referring to "we" with respect to his organization, asked how many people are in his organization. Greer misheard the question as being how many of his people have been killed, and said that three of them had been murdered.
Greer's talk was rambling and disjointed, and was punctuated with lots of specific accurate facts (such as that CIA Director William Colby's dead body was found floating in the Potomac; Greer attributed this to a murder designed to keep him from going public with UFO-related information). The content and manner of his talk reminded me of the works of those who claim to be targets of CIA mind control experiments, like Cathy O'Brien and "Brice Taylor" (Susan Ford)--they like to drop names of famous people and claim direct contacts with them, but they work everything into a bizarre and only semi-coherent fantasy structure with zero plausibility.
While I enjoy occasionally listening to the rantings of a kook, it was a discredit to the organizers of this conference that they gave a public forum to Dr. Greer. If they seriously thought that Greer had a meaningful and important message, it casts serious doubt on their credibility or ability to distinguish fact from fiction. Even many in the UFO community recognize that Greer is a kook (you can find many examples searching for Greer's name at virtuallystrange.net).
Greer gave a rambling speech filled with claims of his direct connections with senior government officials which prove that the U.S. has been in possession of alien propulsion technology since the 1950s. According to Greer, this technology obsoletes gas, oil, coal, nuclear, and all other forms of energy production in use today--that we have not needed to burn any such fuels since 1950. He claimed that billions of dollars of taxpayer money have been put into black budget projects involving this alien technology, which is being suppressed by the "kleptocracy," an "interlocking" group of government officials and private families which run the world. He did not explain the economics of why the government would be pouring billions of dollars into suppressing the use of a technology which could generate trillions of dollars in revenue.
He made much of an alleged briefing he gave to CIA Director James Woolsey on UFOs in 1993, while failing to note Woolsey's account of that meeting, which characterizes it as a "dinner party" at which Greer sat at a table with Woolsey and his wife Suzanne and with James Petersen and his wife Diane. The four of them signed the letter to Greer chiding him for publishing a "distorted" account and for portraying their "politeness as acquiescence and questions as affirmations."
It wasn't clear how many, if any, people in the audience were taking him seriously, though they did let him speak. The first question in the Q&A session was a good one: "Why haven't you been killed?" Greer answered that he took plenty of precautions by going public very loudly (appearing on Larry King) and that he had the protection of a third of the secretive (and nonexistent!) MJ-12 organization who want the truth about UFOs to come out, but that he has received many threats. The next questioner, noting that Greer kept referring to "we" with respect to his organization, asked how many people are in his organization. Greer misheard the question as being how many of his people have been killed, and said that three of them had been murdered.
Greer's talk was rambling and disjointed, and was punctuated with lots of specific accurate facts (such as that CIA Director William Colby's dead body was found floating in the Potomac; Greer attributed this to a murder designed to keep him from going public with UFO-related information). The content and manner of his talk reminded me of the works of those who claim to be targets of CIA mind control experiments, like Cathy O'Brien and "Brice Taylor" (Susan Ford)--they like to drop names of famous people and claim direct contacts with them, but they work everything into a bizarre and only semi-coherent fantasy structure with zero plausibility.
While I enjoy occasionally listening to the rantings of a kook, it was a discredit to the organizers of this conference that they gave a public forum to Dr. Greer. If they seriously thought that Greer had a meaningful and important message, it casts serious doubt on their credibility or ability to distinguish fact from fiction. Even many in the UFO community recognize that Greer is a kook (you can find many examples searching for Greer's name at virtuallystrange.net).
Freedom Summit: Technological FUD
Sunday morning's first session was by Stuart Krone, billed as a computer security expert working at Intel. Krone, wearing a National Security Agency t-shirt, of a type sold at the National Cryptologic Museum outside Ft. Meade, spoke on the subject "Technology: Why We're Screwed." This was a fear-mongering presentation on technological developments that are infringing on freedom, mostly through invasion of privacy. The talk was a mix of fact, error, and alarmism. While the vast majority of what Krone talked about was real, a significant number of details were distorted or erroneous. In each case of distortion or error, the distortions enhanced the threat to individual privacy or the malice behind it, and attributed unrealistic near-omniscience and near-omnipotence to government agencies. I found his claim that the NSA had gigahertz processors twenty years before they were developed commercially to be unbelievable, for example. He also tended to omit available defenses--for instance, he bemoaned grocery store loyalty programs which track purchases and recommended against using them, while failing to note that most stores don't check the validity of signup information and there are campaigns to trade such cards to protect privacy.
Krone began by giving rather imprecise definitions for three terms: convenience, freedom, and technology. For convenience, he said it is something that is "easy to do," freedom is either "lack of coercion" or "privacy," and technology is "not the same as science" but is "building cool toys using scientific knowledge." While one could quibble about these definitions, I think they're pretty well on track, and that a lack of society intrusion into private affairs is a valuable aspect of freedom.
Krone then said that the thesis of his talk is to discuss ways in which technology is interfering with freedom, while noting that technology is not inherently good or evil, only its uses are.
He began with examples of advancements in audio surveillance, by saying that private corporations have been forced to do government's dirty work to avoid Freedom of Information Act issues, giving as an example CALEA (Communications Assistance for Law Enforcement Act) wiretaps. He stated that CALEA costs are added as a charge on your phone bill, so you're paying to have yourself wiretapped. He said that CALEA now applies to Voice Over IP (VOIP), including Skype and Vonage, and that the government is now tapping all of those, too. Actually, what he's referring to is that the FCC issued a ruling on August 5, 2005 on how CALEA impacts VOIP which requires providers of broadband and VOIP services which connect to the public telephone network to provide law enforcement wiretap capability within 18 months. There is no requirement for VOIP providers which don't connect to the public telephone network, so the peer-to-peer portion of Skype is not covered (but SkypeIn and SkypeOut are). This capability doesn't exist in most VOIP providers' networks, and there is strong argument that the FCC doesn't have statutory authority to make this ruling, which is inconsistent with past court cases--most telecom providers are strongly opposing this rule. The Electronic Frontier Foundation has an excellent site of information about CALEA.
Krone next talked about the ability to conduct audio surveillance on the inside of the home using 30-100 GHz microwaves to measure vibrations inside the home. This is real technology for which there was a recent patent application.
He raised the issue of cell phone tracking, as is being planned to use for monitoring traffic in Kansas City (though he spoke as though this was already in place--this was a common thread in his talk, to speak of planned or possible uses of technology as though they are already in place).
(This is actually currently being used in Baltimore, MD, the first place in the U.S. to use it.)
He spoke very briefly about Bluetooth, which he said was invented by Intel and other companies (it was invented by Ericsson, but Intel is a promoter member of the Bluetooth Special Interest Group along with Agere, Ericsson, IBM, Microsoft, Motorola, Nokia, and Toshiba). He stated that it is completely insecure, that others can turn on your phone and listen to your phone's microphone, get your address book, and put information onto your phone. While he's quite right that Bluetooth in general has major security issues, which specific issues you may have depend on your model of phone and whether you use available methods to secure or disable Bluetooth features. Personally, I won't purchase any Bluetooth product unless and until it is securable--except perhaps a device to scan with.
Next, Krone turned to video surveillance, stating that in addition to cameras being all over the place, there are now cameras that can see through walls via microwave, that can be used by law enforcement without a search warrant, which hasn't been fully decided by the courts yet. I haven't found anything about microwave cameras that can see through walls, but this sounds very much like thermal imaging, which the Supreme Court has addressed. In Kyllo v. U.S. (533 U.S. 27, 2001) it was ruled that the use of a thermal imaging device to "look through walls" constituted a search under the Fourth Amendment and thus requires a search warrant. Scalia, Souter, Thomas, Ginsburg, and Breyer ruled with the majority; Stevens, Rehnquist, O'Connor, and Kennedy dissented.
Krone briefly mentioned the use of "see through your clothes" X-ray scanners, stating that six airports are using them today. This technology exists and is in TSA trials, and was actually tested at a Florida airport back in 2002. A newer, even more impressive technology is the new Tadar system unveiled in Germany in mid-October 2005.
He addressed RFIDs, and specifically RFIDs being added to U.S. passports in 2006, and some of the risks this may create (such as facilitating an electronic "American detector"). This is a real threat that has been partially addressed by adding a radio shielding to the passport to prevent the RFID from being read except when the passport is open. As Bruce Schneier notes, this is not a complete safeguard. Krone also stated that there is a California bill to put RFIDs in cars, with no commercial justification, just to "know where everyone is and what they have with them at all times." I'm not aware of the bill he is referring to, but the use of transponders in cars for billing purposes for toll roads is a possible commercial justification.
He spoke about the laser printer codes that uniquely identify all documents printed by certain laser printers, which have been in place for the last decade and were recently exposed by the Electronic Frontier Foundation and reported in this blog (Krone mistakenly called it the "Electronic Freedom Foundation," a common mistake). He also briefly alluded to steganography, which he wrongly described as "the art of hiding information in a picture." While hiding a message in a picture is one form of steganography, what is characteristic of steganography is that it is hiding a message in such a way as to disguise the fact that a message is even present.
He then went on to talk about Intel's AMT product--"Advanced Management Technology." This is a technology that allows computers to be remotely rebooted, have the console redirected, obtain various information out of NVRAM about what software is installed, and to load software updates remotely, even if the system is so messed up that the operating system won't boot. This is a technology that will be extremely useful for large corporations with a geographically dispersed work force and a small IT staff; there is similar technology from Sun Microsystems in their Sun Fire v20z and v40z servers which allows remote access via SSH to the server independent of the operating system, which allows console port and keyboard access, power cycling of the server, etc. This is technology with perfectly legitimate uses, allowing the owner of the machine to remotely deal with issues that would previously have required either physically going to the box or the expense of additional hardware such as a console server.
Krone described AMT in such a way as to omit all of the legitimate uses, portraying it as a technology that would be present on all new computers sold whether you like it or not, which would allow the government to turn your computer on remotely, bypass all operating system security software including a PC firewall, and take an image of your hard drive without your being able to do anything about it. This is essentially nonsensical fear-mongering--this technology is specifically designed for the owner of the system, not for the government, and there are plenty of mechanisms which could and should be used by anyone deploying such systems to prevent unauthorized parties from accessing their systems via such an out-of-band mechanism, including access control measures built into the mechanisms and hardware firewalls.
He then went on to talk about Digital Rights Management (DRM), a subject which has been in the news lately as a result of Sony BMG's DRM foibles. Krone stated that DRM is being applied to videos, files, etc., and stated that if he were to write a subversive document that the government wanted to suppress, it would be able to use DRM to shut off all access to that file. This has DRM backwards--DRM is used by intellectual property owners to restrict the use of their property in order to maximize the potential paying customer base. The DRM technologies for documents designed to shut off access are intended for functions such as allowing corporations to be able to guarantee electronic document destruction in accordance with their policies. This function is a protection of privacy, not an infringement upon it. Perhaps Krone intended to spell out a possible future like that feared by Autodesk founder John Walker in his paper "The Digital Imprimatur," where he worries that future technology will require documents published online to be certified by some authority that would have the power to revoke it (or revoke one's license to publish). While this is a potential long-term concern, the infrastructure that would allow such restrictions does not exist today. On the contrary, the Internet of today makes it virtually impossible to restrict the publication of undesired content.
Krone spoke about a large number of other topics, including Havenco, Echelon, Carnivore/DCS1000, web bugs and cookies, breathalyzers, fingerprints, DNA evidence, and so on. With regard to web bugs, cookies, and malware, he stated that his defense is not to use Windows, and to rely on open source software, because he can verify that the content and function of the software is legitimate. While I hate to add to the fear-mongering, this was a rare instance where Krone doesn't go far enough in his worrying. The widespread availability of source code doesn't actually guarantee the lack of backdoors in software for two reasons. First, the mere availability of eyeballs doesn't help secure software unless the eyeballs know what to look for. There have been numerous instances of major security holes persisting in actively maintained open source software for many years (wu-ftpd being a prime example). Second, and more significantly, as Ken Thompson showed in his classic paper "Reflections On Trusting Trust" (the possibility of which was first mentioned in Paul Karger and Roger Schell's "Multics Security Evaluation" paper), it is possible to build code into a compiler that will insert a backdoor into code whenever a certain sequence is found in the source. Further, because compilers are typically written in the same language that they compile, one can do this in such a way that it is bootstrapped into the compiler and is not visible in the compiler's source code, yet will always be inserted into any future compilers which are compiled with that compiler or its descendants. Once your compiler has been compromised, you can have backdoors that are inserted into your code without being directly in any source code.
Of the numerous other topics that Krone discussed or made reference to, there are three more instances I'd like to comment on: MRIs used as lie detectors at airport security checkpoints, FinCen's monitoring of financial transactions, and a presentation on Cisco security flaws at the DefCon hacker conference. In each case, Krone said things that were inaccurate.
Regarding MRIs, Krone spoke of the use of MRIs as lie detectors at airport security checkpoints as though they were already in place. The use of fMRI as a lie detection measure is something being studied at Temple University, but is not deployed anywhere--and it's hard to see how it would be practical as an airport security measure. Infoseek founder and Propel CEO Steve Kirsch proposed in 2001 using a brainscan recognition system to identify potential terrorists, but this doesn't seem to have been taken seriously. There is a voice-stress analyzer being tested as an airport security "lie detector" in Israel, but everything I've read about voice stress analysis is that it is even less reliable than polygraphs (which themselves are so unreliable that they are inadmissible as evidence in U.S. courts). (More interesting is a "stomach grumbling" lie detector...) (UPDATE March 27, 2006: Stu Krone says in the comments on this post that he never said that MRIs were being used as lie detectors at airport security checkpoints. I've verified from a recording of his talk that this is my mistake--he spoke only of fMRI as a tool in interrogation.)
Regarding FinCen, the U.S. Financial Crimes Enforcement Network, Krone made the claim that "FinCen monitors all transactions" and "keeps a complete database of all transactions," and that for purchases made with cash, law enforcement can issue a National Security Letter, including purchases of automobiles. This is a little bit confused--National Security Letters have nothing specifically to do with financial transactions per se, but are a controversial USA PATRIOT Act invention designed to give the FBI the ability to subpoena information without court approval. I support the ACLU's fight against National Security Letters, but they don't have anything to do with FinCen. Krone was probably confused by the fact that the USA PATRIOT Act also expanded the requirement that companies whose customers make large cash purchases (more than $10,000 in one transaction or in two or more related transactions) fill out a Form 8300 and file it with the IRS. Form 8300 data goes into FinCen's databases and is available to law enforcement, as I noted in my description of F/Sgt. Charles Cohen's presentation at the Economic Crime Summit I attended. It's simply not the case that FinCen maintains a database of all financial transactions.
Finally, Krone spoke of a presentation at the DefCon hacker conference in Las Vegas about Cisco router security. He said that he heard from a friend that another friend was to give a talk on this subject at DefCon, and that she (the speaker) had to be kept in hiding to avoid arrest from law enforcement in order to successfully give the talk. This is a highly distorted account of Michael Lynn's talk at the Black Hat Briefings which precede DefCon. Lynn, who was an employee of Internet Security Systems, found a remotely exploitable heap overflow vulnerability in the IOS software that runs on Cisco routers as part of his work at ISS. ISS had cold feet about the presentation, and told Lynn that he would be fired if he gave the talk, and Cisco also threatened him with legal action. He quit his job and delivered the talk anyway, and ended up being hired by Juniper Networks, a Cisco competitor. As of late July, Lynn was being investigated by the FBI regarding this issue, but he was not arrested nor in hiding prior to his talk, nor is he female.
I found Krone's talk to be quite a disappointment. Not only was it filled with careless inaccuracies, it presented nothing about how to defend one's privacy. He's right to point out that there are numerous threats to privacy and liberty that are based on technology, but there are also some amazing defensive mechanisms. Strong encryption products can be used to enhance privacy, the EFF's TOR onion routing mechanism is a way of preserving anonymity, the Free Network Project has built mechanisms for preventing censorship (though which are also subject to abuse).
Krone began by giving rather imprecise definitions for three terms: convenience, freedom, and technology. For convenience, he said it is something that is "easy to do," freedom is either "lack of coercion" or "privacy," and technology is "not the same as science" but is "building cool toys using scientific knowledge." While one could quibble about these definitions, I think they're pretty well on track, and that a lack of society intrusion into private affairs is a valuable aspect of freedom.
Krone then said that the thesis of his talk is to discuss ways in which technology is interfering with freedom, while noting that technology is not inherently good or evil, only its uses are.
He began with examples of advancements in audio surveillance, by saying that private corporations have been forced to do government's dirty work to avoid Freedom of Information Act issues, giving as an example CALEA (Communications Assistance for Law Enforcement Act) wiretaps. He stated that CALEA costs are added as a charge on your phone bill, so you're paying to have yourself wiretapped. He said that CALEA now applies to Voice Over IP (VOIP), including Skype and Vonage, and that the government is now tapping all of those, too. Actually, what he's referring to is that the FCC issued a ruling on August 5, 2005 on how CALEA impacts VOIP which requires providers of broadband and VOIP services which connect to the public telephone network to provide law enforcement wiretap capability within 18 months. There is no requirement for VOIP providers which don't connect to the public telephone network, so the peer-to-peer portion of Skype is not covered (but SkypeIn and SkypeOut are). This capability doesn't exist in most VOIP providers' networks, and there is strong argument that the FCC doesn't have statutory authority to make this ruling, which is inconsistent with past court cases--most telecom providers are strongly opposing this rule. The Electronic Frontier Foundation has an excellent site of information about CALEA.
Krone next talked about the ability to conduct audio surveillance on the inside of the home using 30-100 GHz microwaves to measure vibrations inside the home. This is real technology for which there was a recent patent application.
He raised the issue of cell phone tracking, as is being planned to use for monitoring traffic in Kansas City (though he spoke as though this was already in place--this was a common thread in his talk, to speak of planned or possible uses of technology as though they are already in place).
(This is actually currently being used in Baltimore, MD, the first place in the U.S. to use it.)
He spoke very briefly about Bluetooth, which he said was invented by Intel and other companies (it was invented by Ericsson, but Intel is a promoter member of the Bluetooth Special Interest Group along with Agere, Ericsson, IBM, Microsoft, Motorola, Nokia, and Toshiba). He stated that it is completely insecure, that others can turn on your phone and listen to your phone's microphone, get your address book, and put information onto your phone. While he's quite right that Bluetooth in general has major security issues, which specific issues you may have depend on your model of phone and whether you use available methods to secure or disable Bluetooth features. Personally, I won't purchase any Bluetooth product unless and until it is securable--except perhaps a device to scan with.
Next, Krone turned to video surveillance, stating that in addition to cameras being all over the place, there are now cameras that can see through walls via microwave, that can be used by law enforcement without a search warrant, which hasn't been fully decided by the courts yet. I haven't found anything about microwave cameras that can see through walls, but this sounds very much like thermal imaging, which the Supreme Court has addressed. In Kyllo v. U.S. (533 U.S. 27, 2001) it was ruled that the use of a thermal imaging device to "look through walls" constituted a search under the Fourth Amendment and thus requires a search warrant. Scalia, Souter, Thomas, Ginsburg, and Breyer ruled with the majority; Stevens, Rehnquist, O'Connor, and Kennedy dissented.
Krone briefly mentioned the use of "see through your clothes" X-ray scanners, stating that six airports are using them today. This technology exists and is in TSA trials, and was actually tested at a Florida airport back in 2002. A newer, even more impressive technology is the new Tadar system unveiled in Germany in mid-October 2005.
He addressed RFIDs, and specifically RFIDs being added to U.S. passports in 2006, and some of the risks this may create (such as facilitating an electronic "American detector"). This is a real threat that has been partially addressed by adding a radio shielding to the passport to prevent the RFID from being read except when the passport is open. As Bruce Schneier notes, this is not a complete safeguard. Krone also stated that there is a California bill to put RFIDs in cars, with no commercial justification, just to "know where everyone is and what they have with them at all times." I'm not aware of the bill he is referring to, but the use of transponders in cars for billing purposes for toll roads is a possible commercial justification.
He spoke about the laser printer codes that uniquely identify all documents printed by certain laser printers, which have been in place for the last decade and were recently exposed by the Electronic Frontier Foundation and reported in this blog (Krone mistakenly called it the "Electronic Freedom Foundation," a common mistake). He also briefly alluded to steganography, which he wrongly described as "the art of hiding information in a picture." While hiding a message in a picture is one form of steganography, what is characteristic of steganography is that it is hiding a message in such a way as to disguise the fact that a message is even present.
He then went on to talk about Intel's AMT product--"Advanced Management Technology." This is a technology that allows computers to be remotely rebooted, have the console redirected, obtain various information out of NVRAM about what software is installed, and to load software updates remotely, even if the system is so messed up that the operating system won't boot. This is a technology that will be extremely useful for large corporations with a geographically dispersed work force and a small IT staff; there is similar technology from Sun Microsystems in their Sun Fire v20z and v40z servers which allows remote access via SSH to the server independent of the operating system, which allows console port and keyboard access, power cycling of the server, etc. This is technology with perfectly legitimate uses, allowing the owner of the machine to remotely deal with issues that would previously have required either physically going to the box or the expense of additional hardware such as a console server.
Krone described AMT in such a way as to omit all of the legitimate uses, portraying it as a technology that would be present on all new computers sold whether you like it or not, which would allow the government to turn your computer on remotely, bypass all operating system security software including a PC firewall, and take an image of your hard drive without your being able to do anything about it. This is essentially nonsensical fear-mongering--this technology is specifically designed for the owner of the system, not for the government, and there are plenty of mechanisms which could and should be used by anyone deploying such systems to prevent unauthorized parties from accessing their systems via such an out-of-band mechanism, including access control measures built into the mechanisms and hardware firewalls.
He then went on to talk about Digital Rights Management (DRM), a subject which has been in the news lately as a result of Sony BMG's DRM foibles. Krone stated that DRM is being applied to videos, files, etc., and stated that if he were to write a subversive document that the government wanted to suppress, it would be able to use DRM to shut off all access to that file. This has DRM backwards--DRM is used by intellectual property owners to restrict the use of their property in order to maximize the potential paying customer base. The DRM technologies for documents designed to shut off access are intended for functions such as allowing corporations to be able to guarantee electronic document destruction in accordance with their policies. This function is a protection of privacy, not an infringement upon it. Perhaps Krone intended to spell out a possible future like that feared by Autodesk founder John Walker in his paper "The Digital Imprimatur," where he worries that future technology will require documents published online to be certified by some authority that would have the power to revoke it (or revoke one's license to publish). While this is a potential long-term concern, the infrastructure that would allow such restrictions does not exist today. On the contrary, the Internet of today makes it virtually impossible to restrict the publication of undesired content.
Krone spoke about a large number of other topics, including Havenco, Echelon, Carnivore/DCS1000, web bugs and cookies, breathalyzers, fingerprints, DNA evidence, and so on. With regard to web bugs, cookies, and malware, he stated that his defense is not to use Windows, and to rely on open source software, because he can verify that the content and function of the software is legitimate. While I hate to add to the fear-mongering, this was a rare instance where Krone doesn't go far enough in his worrying. The widespread availability of source code doesn't actually guarantee the lack of backdoors in software for two reasons. First, the mere availability of eyeballs doesn't help secure software unless the eyeballs know what to look for. There have been numerous instances of major security holes persisting in actively maintained open source software for many years (wu-ftpd being a prime example). Second, and more significantly, as Ken Thompson showed in his classic paper "Reflections On Trusting Trust" (the possibility of which was first mentioned in Paul Karger and Roger Schell's "Multics Security Evaluation" paper), it is possible to build code into a compiler that will insert a backdoor into code whenever a certain sequence is found in the source. Further, because compilers are typically written in the same language that they compile, one can do this in such a way that it is bootstrapped into the compiler and is not visible in the compiler's source code, yet will always be inserted into any future compilers which are compiled with that compiler or its descendants. Once your compiler has been compromised, you can have backdoors that are inserted into your code without being directly in any source code.
Of the numerous other topics that Krone discussed or made reference to, there are three more instances I'd like to comment on: MRIs used as lie detectors at airport security checkpoints, FinCen's monitoring of financial transactions, and a presentation on Cisco security flaws at the DefCon hacker conference. In each case, Krone said things that were inaccurate.
Regarding MRIs, Krone spoke of the use of MRIs as lie detectors at airport security checkpoints as though they were already in place. The use of fMRI as a lie detection measure is something being studied at Temple University, but is not deployed anywhere--and it's hard to see how it would be practical as an airport security measure. Infoseek founder and Propel CEO Steve Kirsch proposed in 2001 using a brainscan recognition system to identify potential terrorists, but this doesn't seem to have been taken seriously. There is a voice-stress analyzer being tested as an airport security "lie detector" in Israel, but everything I've read about voice stress analysis is that it is even less reliable than polygraphs (which themselves are so unreliable that they are inadmissible as evidence in U.S. courts). (More interesting is a "stomach grumbling" lie detector...) (UPDATE March 27, 2006: Stu Krone says in the comments on this post that he never said that MRIs were being used as lie detectors at airport security checkpoints. I've verified from a recording of his talk that this is my mistake--he spoke only of fMRI as a tool in interrogation.)
Regarding FinCen, the U.S. Financial Crimes Enforcement Network, Krone made the claim that "FinCen monitors all transactions" and "keeps a complete database of all transactions," and that for purchases made with cash, law enforcement can issue a National Security Letter, including purchases of automobiles. This is a little bit confused--National Security Letters have nothing specifically to do with financial transactions per se, but are a controversial USA PATRIOT Act invention designed to give the FBI the ability to subpoena information without court approval. I support the ACLU's fight against National Security Letters, but they don't have anything to do with FinCen. Krone was probably confused by the fact that the USA PATRIOT Act also expanded the requirement that companies whose customers make large cash purchases (more than $10,000 in one transaction or in two or more related transactions) fill out a Form 8300 and file it with the IRS. Form 8300 data goes into FinCen's databases and is available to law enforcement, as I noted in my description of F/Sgt. Charles Cohen's presentation at the Economic Crime Summit I attended. It's simply not the case that FinCen maintains a database of all financial transactions.
Finally, Krone spoke of a presentation at the DefCon hacker conference in Las Vegas about Cisco router security. He said that he heard from a friend that another friend was to give a talk on this subject at DefCon, and that she (the speaker) had to be kept in hiding to avoid arrest from law enforcement in order to successfully give the talk. This is a highly distorted account of Michael Lynn's talk at the Black Hat Briefings which precede DefCon. Lynn, who was an employee of Internet Security Systems, found a remotely exploitable heap overflow vulnerability in the IOS software that runs on Cisco routers as part of his work at ISS. ISS had cold feet about the presentation, and told Lynn that he would be fired if he gave the talk, and Cisco also threatened him with legal action. He quit his job and delivered the talk anyway, and ended up being hired by Juniper Networks, a Cisco competitor. As of late July, Lynn was being investigated by the FBI regarding this issue, but he was not arrested nor in hiding prior to his talk, nor is he female.
I found Krone's talk to be quite a disappointment. Not only was it filled with careless inaccuracies, it presented nothing about how to defend one's privacy. He's right to point out that there are numerous threats to privacy and liberty that are based on technology, but there are also some amazing defensive mechanisms. Strong encryption products can be used to enhance privacy, the EFF's TOR onion routing mechanism is a way of preserving anonymity, the Free Network Project has built mechanisms for preventing censorship (though which are also subject to abuse).
The Thylacine Films
Now online is most of the existing film footage of thylacines, a dog-like marsupial from Tasmania that went extinct in 1936. (Hat tip to Pharyngula, where there's some discussion of the possibility of cloning them from the DNA samples of three individuals that has been preserved.) More discussion by Tara Smith at Aetiology, whose post at Panda's Thumb kicked this off.
Friday, November 18, 2005
Bunnatine H. Greenhouse's claims of Iraq contract abuse may be investigated
The claims of former U.S. Army Corps of Engineers whistleblower Bunnatine Hayes ("Bunny") Greenhouse that Halliburton subsidiary Kellogg, Brown, and Root has been engaged in massive contractor fraud in Iraq may now be investigated by the Department of Justice. These are the claims that Congress refused to investigate, but there were unofficial hearings on before the Senate Democratic Policy Committee. Bunny Greenhouse was demoted from her position after her whistleblowing, and it was a discussion of her charges about no-bid contracts that led Vice President Dick Cheney say "Fuck yourself" to Senator Patrick Leahy on June 22, 2004. (This is not a transcript of their conversation.)
Thursday, November 17, 2005
Cheney: Stop Rewriting History
As reported by Reuters/Yahoo:
In the same Usenet posting, I pointed out that the Bush administration was denying that the techniques used in Abu Ghraib had any approval from their administration:
- - -
Some other Cheney rewriting of history... during the Vice Presidential debate with John Edwards, Cheney claimed "Now, in my capacity as vice president, I am the president of Senate, the presiding officer. I'm up in the Senate most Tuesdays when they're in session." In fact, he was absent all but two times, and has not presided at the Senate since 2002.
He told Edwards that "The first time I ever met you was when you walked on the stage tonight." In fact, Cheney met Edwards on February 1, 2001 at the National Prayer Breakfast and addressed Edwards by name, personally, in his speech and was photographed standing next to Edwards at the buffet. In his speech, he stated: "Thank you. Thank you very much. Congressman Watts, Senator Edwards, friends from across America and distinguished visitors to our country from all over the world, Lynne and I honored to be with you all this morning."
In the sharpest White House attack yet on critics of the Iraq war, Vice President Dick Cheney said on Wednesday that accusations the Bush administration manipulated intelligence to justify the war were a "dishonest and reprehensible" political ploy.Yet it was Cheney who was rewriting his own 2001 history in 2004 (quoting here from an az.general newsgroup posting I made on June 24, 2004):
Cheney repeated Bush's charge that Democratic critics were rewriting history by questioning prewar intelligence on Iraq's weapons of mass destruction even though many Senate Democrats voted in October 2002 to authorize the invasion.
"The president and I cannot prevent certain politicians from losing their memory, or their backbone -- but we're not going to sit by and let them rewrite history," said Cheney, a principal architect of the war and a focus of Democratic allegations the administration misrepresented intelligence on Iraq's weapons program.
Cheney said the suggestion Bush or any member of the administration misled Americans before the war "is one of the most dishonest and reprehensible charges ever aired in this city."
Here's another recent example of a lie from Dick Cheney (both are on video, and were shown on Comedy Central's "The Daily Show" night before last)--this text is quoted from http://www.spinsanity.org/:On "Meet the Press" on November 14, 2003, Cheney stated that "I have not suggested there's a connection between Iraq and 9/11." What else could he have meant when he claimed a "pretty well confirmed" Mohammed Atta link to Iraq?During the CNBC interview, Cheney also dissembled in the following exchange about Mohammed Atta, an Al Qaeda member who was allegedly involved in the September 11 attacks (a witness claimed that Atta met with an Iraqi intelligence officer in Prague in the spring of 2001, a heavily disputed assertion that the FBI and CIA have questioned):So in December 2001 he said the Atta/Iraqi meeting in Prague was "pretty well confirmed," but in 2004 he says he never said that, and that "we have never been able to confirm that nor have we been able to knock it down."BORGER: Well, let's get to Mohamed Atta for a minute because you mentioned him as well. You have said in the past that it was, quote, "pretty well confirmed."But as a White House transcript demonstrates, Cheney said in a December 9, 2001 interview on "Meet the Press" that, "Well, what we now have that's developed since you and I last talked, Tim, of course, was that report that's been *pretty well confirmed*, that [Atta] did go to Prague and he did meet with a senior official of the Iraqi intelligence service in Czechoslovakia last April, several months before the attack." (our emphasis)
CHENEY: No, I never said that.
BORGER: OK.
CHENEY: I never said that.
BORGER: I think that is...
CHENEY: Absolutely not. What I said was the Czech intelligence service reported after 9/11 that Atta had been in Prague on April 9 of 2001, where he allegedly met with an Iraqi intelligence official. We have never been able to confirm that nor have we been able to knock it down, we just don't know.
So he was lying in December 2001 when he said it was pretty well confirmed, and lying again in 2004 when he said he never said that it was pretty well confirmed.
In the same Usenet posting, I pointed out that the Bush administration was denying that the techniques used in Abu Ghraib had any approval from their administration:
BTW, up until very recently the Bush administration was denying the content of Seymour Hersh's story in the New Yorker which was the first report of Rumsfeld's memo approving these techniques. They were lying.In that USA Today story, the Bush administration response to Hersh's charges, now confirmed, was:
E.g., look at the quotes attributed to "The Pentagon" and Condoleezza Rice in this USA Today article from May 15:
http://www.usatoday.com/news/washington/2004-05-15-rumsfeld-abuse_x.htm
I think the most blatant evidence of dishonesty by the Bush administration is found by just comparing their own statements over time, and watching them contradict themselves.
The Pentagon said that story was "filled with error and anonymous conjecture" and called it "outlandish, conspiratorial." National security adviser Condoleezza Rice, in a German television interview, said of The New Yorker report, "As far as we can tell, there's really nothing to the story."In the Washington Post, May 17, 2004:
CIA spokesman Bill Harlow called the Hersh story "fundamentally wrong" in its assertion that there was a "DOD/CIA program to abuse and humiliate Iraqi prisoners." Harlow added, "Despite what is alleged in the article, I am aware of no CIA official who would have or possibly could have confirmed the details of the New Yorker's inaccurate account."Compare what's in the news these days (Washington Post, November 1, 2005) about CIA prisons to what was said in May 2004:
On Friday, the Pentagon announced that the U.S. military will not use certain prisoner interrogation procedures in Iraq and Afghanistan, including sleep and sensory deprivation, as a result of the Abu Ghraib prison scandal.Nor is it clear whether the ban applies to secret prisons in other countries...
...
It remains unclear whether the ban applies to accused Taliban and al Qaeda detainees held by the U.S. military in Guantanamo Bay, Cuba.
- - -
Some other Cheney rewriting of history... during the Vice Presidential debate with John Edwards, Cheney claimed "Now, in my capacity as vice president, I am the president of Senate, the presiding officer. I'm up in the Senate most Tuesdays when they're in session." In fact, he was absent all but two times, and has not presided at the Senate since 2002.
He told Edwards that "The first time I ever met you was when you walked on the stage tonight." In fact, Cheney met Edwards on February 1, 2001 at the National Prayer Breakfast and addressed Edwards by name, personally, in his speech and was photographed standing next to Edwards at the buffet. In his speech, he stated: "Thank you. Thank you very much. Congressman Watts, Senator Edwards, friends from across America and distinguished visitors to our country from all over the world, Lynne and I honored to be with you all this morning."
Monday, November 14, 2005
Can SETI be Called a Religion?
A couple weeks ago (I sincerely apologize for the untimeliness of this post. Busy, busy, busy. Better late than never, I hope), Patrick Smith read my entry for the Halloween edition of the CotG and took issue with my characterization of SETI as a religion. I might be convinced to back off the "religious" label, but you'll be hard pressed to demonstrate that SETI resembles "science."
Given my low opinion of SETI, you may find it surprising that Contact is one of my top 5 favorite films. Aside from the clever way it deals with a number of deep philosophical issues, the positive way it portrays atheism, the cool special effects (the zoom-out at the beginning choked me up the first time I saw it, but luckily my girlfriend didn't notice!), and the well-constructed plot, I pretty much fell head-over-heels for Ellie Arroway. How could you not? She's brilliant, sexy as hell (of course, Jodie Foster is primarily responsible for that), and passionate about what's important to her (and it isn't the ho-hum of children!). Sadly, however, she is possessed by a fixed idea--just as possessed, by the way, as is Palmer Joss, her love interest in the story, by the idea of God. Like I said, I guess we all have our blind spots.
SETI is the brainchild of astronomer Frank Drake, who also came up with what is known as the Drake Equation, which I'll get to in a moment. Drake has been searching the skies via radio waves for 45 years, now, without uncovering a shred of evidence of alien intelligence. When confronted on this, Drake's response strikes a disturbingly familiar chord: "Absence of evidence is not evidence of absence."
Such is the response of one who is defending a hypothesis that is not falsifiable, and that is exactly what is wrong with SETI. The excuse is always, "We haven't looked long and hard enough." When will that be? When does absence of evidence finally become evidence of absence? Back circa 1994, when Congress - having spent over a billion dollars on SETI - finally cut off the public funding, Drake predicted "the imminent detection of signals from an extraterrestrial civilization." He went on, "This discovery, which I fully expect to witness before the year 2000, will profoundly change the world." Here it is, 2005, and SETI, much like the doomsday religions that predicted the end of the world back in 2000, is still going.
So, what about the Drake Equation? Its purpose is to try to come up with an estimate of how many intelligent civilizations are likely to exist in our galaxy. As an aside, I can't figure out why the quantity R, which is the number of stars that form in the galaxy each year, is even in the equation in the first place. What does R have to do with anything? New stars are not very likely to have life-bearing planets in orbit around them, so WTF? Why not just start with the number of stars in the galaxy? If you have an answer for this, I'd love to hear it. But the real problem with the equation is that virtually every variable is a complete unknown. We don't know how many planets there are around most stars. We don't know how many of those might incubate life. We don't know how many of those might evolve intelligence... We simply have no friggin' clue, so the equation is useless even without the quantity R. Assigning a value to a variable is pulling a number out of your ass, and bears a vague resemblance to an act of faith.
Who knows? Maybe tomorrow they'll get lucky and some benevolent super-race of aliens will beam down plans for a wormhole generator, transforming our lives forever. The occurrence of such an event still wouldn't transform SETI into science.
Given my low opinion of SETI, you may find it surprising that Contact is one of my top 5 favorite films. Aside from the clever way it deals with a number of deep philosophical issues, the positive way it portrays atheism, the cool special effects (the zoom-out at the beginning choked me up the first time I saw it, but luckily my girlfriend didn't notice!), and the well-constructed plot, I pretty much fell head-over-heels for Ellie Arroway. How could you not? She's brilliant, sexy as hell (of course, Jodie Foster is primarily responsible for that), and passionate about what's important to her (and it isn't the ho-hum of children!). Sadly, however, she is possessed by a fixed idea--just as possessed, by the way, as is Palmer Joss, her love interest in the story, by the idea of God. Like I said, I guess we all have our blind spots.
SETI is the brainchild of astronomer Frank Drake, who also came up with what is known as the Drake Equation, which I'll get to in a moment. Drake has been searching the skies via radio waves for 45 years, now, without uncovering a shred of evidence of alien intelligence. When confronted on this, Drake's response strikes a disturbingly familiar chord: "Absence of evidence is not evidence of absence."
Such is the response of one who is defending a hypothesis that is not falsifiable, and that is exactly what is wrong with SETI. The excuse is always, "We haven't looked long and hard enough." When will that be? When does absence of evidence finally become evidence of absence? Back circa 1994, when Congress - having spent over a billion dollars on SETI - finally cut off the public funding, Drake predicted "the imminent detection of signals from an extraterrestrial civilization." He went on, "This discovery, which I fully expect to witness before the year 2000, will profoundly change the world." Here it is, 2005, and SETI, much like the doomsday religions that predicted the end of the world back in 2000, is still going.
So, what about the Drake Equation? Its purpose is to try to come up with an estimate of how many intelligent civilizations are likely to exist in our galaxy. As an aside, I can't figure out why the quantity R, which is the number of stars that form in the galaxy each year, is even in the equation in the first place. What does R have to do with anything? New stars are not very likely to have life-bearing planets in orbit around them, so WTF? Why not just start with the number of stars in the galaxy? If you have an answer for this, I'd love to hear it. But the real problem with the equation is that virtually every variable is a complete unknown. We don't know how many planets there are around most stars. We don't know how many of those might incubate life. We don't know how many of those might evolve intelligence... We simply have no friggin' clue, so the equation is useless even without the quantity R. Assigning a value to a variable is pulling a number out of your ass, and bears a vague resemblance to an act of faith.
Who knows? Maybe tomorrow they'll get lucky and some benevolent super-race of aliens will beam down plans for a wormhole generator, transforming our lives forever. The occurrence of such an event still wouldn't transform SETI into science.
Sunday, November 13, 2005
Conferences on Economic Crime and Freedom
In the past week I attended two conferences--one work-related conference, the National White Collar Crime Center (NW3C)'s Economic Crime Summit in Phoenix on November 8-9, and one personal-interest conference, the Freedom Summit in Phoenix on November 12-13.
I had thought after attending the first conference to write a blog entry comparing and contrasting them, but after attending the second conference I realized several of the talks there merit full entries of their own. Einzige also attended the Freedom Summit, so we will both have comments on parts of it.
The Economic Crime Summit was put on by NW3C, a private organization that is funded by Congress and run mostly by former law enforcement personnel. It's an example of one of many private organizations that exists in partnership with the public sector which seem to have proliferated lately for various reasons. Unfortunately, I believe some of the reasons include to be exempt from public disclosure (such as Freedom of Information Act requests) and to engage in activity which might be difficult for public sector agencies to do on their own.
The Economic Crime Summit was mostly attended by law enforcement personnel from Arizona and elsewhere, representing federal, state, and local agencies as well as a small number of private companies, mostly banks. The main subject matter was economic crimes, with an emphasis on identity theft and fraud on the Internet and directed against the elderly. As I'm in charge of information security for a global telecommunications company, I have an interest in finding ways to prevent fraud and to help law enforcement catch such criminals.
The Summit began in a large banquet audience of perhaps 300. To my surprise, everyone was asked to stand for the presentation of colors, the singing of the national anthem, and an ecumenical prayer by Chaplain Rabbi Robert Kravitz of the Phoenix Police Department. I felt like I had stepped into a military/religious alternative universe, and found Kravitz' comment in his prayer about supporting the U.S. Constitution rather ironic. As NW3C is a private organization this was likely not an actual violation of the First Amendment, but since it is Congressionally funded and most of the presenters were from government agencies, it felt very much like a violation to me. I wonder if this kind of disregard for the sensibilities of nonbelievers is as common in law enforcement as it is in the military (with the Air Force Academy's promotion of evangelical Christianity a particularly egregious example).
Arizona Attorney General Terry Goddard showed up and gave a short talk after the invocation, which I thought was well-timed. Other morning breakfast banquet speakers included Arizona Department of Public Safety Director (and former Pinal County Sheriff) Roger Vanderpool, who also included a reference to God at the end of his talk, John Vincent of the Rocky Mountain Information Network, and Assistant Chief of Police for the Phoenix PD, Kevin Robinson.
Fortunately, there was no further endorsement of the supernatural in any of the individual presentations I attended. F/Sgt. Charles Cohen of the Indiana State Police gave an excellent presentation on "Successful Investigation of Skilled Offenders" which included information on what information is available from FinCen (currency transaction reports, CTRs, for transactions over $10,000 are available to law enforcement without a subpoena; casino reports; foreign bank account information; Form 8300 reports of large purchases made with cash--these were expanded under the USA PATRIOT Act to include such things as automobile purchases, as I learned firsthand when I bought my last car with cash).
I also attended talks on identity theft and electronic crime by a U.S. Postal Inspector, a U.S. Secret Service Agent, and a joint presentation by a Special Agent from the Office of the Inspector General of the Department of Education (I didn't realize such an office existed--she investigates student loan-related fraud issues) and an Assistant U.S. Attorney. One of the things that struck me is how seemingly uncoordinated many of these federal law enforcement activities are, with the exception of some cooperation between the FBI and U.S. Secret Service (the latter of which has now moved from the Department of Treasury to the Department of Homeland Security). The use of private organizations like NW3C and others that were present with exhibits at the conference is probably in part due to actions by individuals trying to solve problems that arise from such separate silos.
By contrast, the Freedom Summit did not begin with a prayer but with a debate on the existence of God between atheist George Smith and Mesa pastor Eric Lounsbery. I did not attend the debate, which took place on Friday night, as I feared it would not go as an Internet Infidels-sponsored debate would go. From what I heard, it was as bad as I feared, with Smith unprepared to address Lounsbery's shotgunned series of arguments. (In a debate format, dropping the opponent's arguments is a way to lose.) The public debate format is not a great format for seriously addressing any intellectual issue (written materials are essential for any real depth), but it can be done well if the participants are properly prepared and skilled and experienced at working in the debate format.
The Freedom Summit was an interesting and entertaining mix of speakers from a variety of fields on topics relevant to personal freedom, with a few well beyond the fringe (which I'll discuss individually). Especially good talks were given by David Friedman (on market failure), Chris Heward (on failings of government-sponsored science), Karen Kwiatkowski (on the war on Iraq), and Jim Bovard (on the Bush Administration and the use of the threat of terrorism to trample on civil liberties).
I had thought after attending the first conference to write a blog entry comparing and contrasting them, but after attending the second conference I realized several of the talks there merit full entries of their own. Einzige also attended the Freedom Summit, so we will both have comments on parts of it.
The Economic Crime Summit was put on by NW3C, a private organization that is funded by Congress and run mostly by former law enforcement personnel. It's an example of one of many private organizations that exists in partnership with the public sector which seem to have proliferated lately for various reasons. Unfortunately, I believe some of the reasons include to be exempt from public disclosure (such as Freedom of Information Act requests) and to engage in activity which might be difficult for public sector agencies to do on their own.
The Economic Crime Summit was mostly attended by law enforcement personnel from Arizona and elsewhere, representing federal, state, and local agencies as well as a small number of private companies, mostly banks. The main subject matter was economic crimes, with an emphasis on identity theft and fraud on the Internet and directed against the elderly. As I'm in charge of information security for a global telecommunications company, I have an interest in finding ways to prevent fraud and to help law enforcement catch such criminals.
The Summit began in a large banquet audience of perhaps 300. To my surprise, everyone was asked to stand for the presentation of colors, the singing of the national anthem, and an ecumenical prayer by Chaplain Rabbi Robert Kravitz of the Phoenix Police Department. I felt like I had stepped into a military/religious alternative universe, and found Kravitz' comment in his prayer about supporting the U.S. Constitution rather ironic. As NW3C is a private organization this was likely not an actual violation of the First Amendment, but since it is Congressionally funded and most of the presenters were from government agencies, it felt very much like a violation to me. I wonder if this kind of disregard for the sensibilities of nonbelievers is as common in law enforcement as it is in the military (with the Air Force Academy's promotion of evangelical Christianity a particularly egregious example).
Arizona Attorney General Terry Goddard showed up and gave a short talk after the invocation, which I thought was well-timed. Other morning breakfast banquet speakers included Arizona Department of Public Safety Director (and former Pinal County Sheriff) Roger Vanderpool, who also included a reference to God at the end of his talk, John Vincent of the Rocky Mountain Information Network, and Assistant Chief of Police for the Phoenix PD, Kevin Robinson.
Fortunately, there was no further endorsement of the supernatural in any of the individual presentations I attended. F/Sgt. Charles Cohen of the Indiana State Police gave an excellent presentation on "Successful Investigation of Skilled Offenders" which included information on what information is available from FinCen (currency transaction reports, CTRs, for transactions over $10,000 are available to law enforcement without a subpoena; casino reports; foreign bank account information; Form 8300 reports of large purchases made with cash--these were expanded under the USA PATRIOT Act to include such things as automobile purchases, as I learned firsthand when I bought my last car with cash).
I also attended talks on identity theft and electronic crime by a U.S. Postal Inspector, a U.S. Secret Service Agent, and a joint presentation by a Special Agent from the Office of the Inspector General of the Department of Education (I didn't realize such an office existed--she investigates student loan-related fraud issues) and an Assistant U.S. Attorney. One of the things that struck me is how seemingly uncoordinated many of these federal law enforcement activities are, with the exception of some cooperation between the FBI and U.S. Secret Service (the latter of which has now moved from the Department of Treasury to the Department of Homeland Security). The use of private organizations like NW3C and others that were present with exhibits at the conference is probably in part due to actions by individuals trying to solve problems that arise from such separate silos.
By contrast, the Freedom Summit did not begin with a prayer but with a debate on the existence of God between atheist George Smith and Mesa pastor Eric Lounsbery. I did not attend the debate, which took place on Friday night, as I feared it would not go as an Internet Infidels-sponsored debate would go. From what I heard, it was as bad as I feared, with Smith unprepared to address Lounsbery's shotgunned series of arguments. (In a debate format, dropping the opponent's arguments is a way to lose.) The public debate format is not a great format for seriously addressing any intellectual issue (written materials are essential for any real depth), but it can be done well if the participants are properly prepared and skilled and experienced at working in the debate format.
The Freedom Summit was an interesting and entertaining mix of speakers from a variety of fields on topics relevant to personal freedom, with a few well beyond the fringe (which I'll discuss individually). Especially good talks were given by David Friedman (on market failure), Chris Heward (on failings of government-sponsored science), Karen Kwiatkowski (on the war on Iraq), and Jim Bovard (on the Bush Administration and the use of the threat of terrorism to trample on civil liberties).
Friday, November 11, 2005
Royal Air Force Officer Court-Martialed for Refusing Third Third Tour of Duty in Iraq
Flight Lieutenant Malcolm Kendall-Smith is being court-martialed by the RAF for refusing to return for third tour of duty in Iraq. He maintains that his study of the justifications of the invasion show that the war and occupation are "manifestly illegal." Kendall-Smith, a New Zealand-British citizen who has degrees in medicine and moral philosophy, previously served tours of duty in Iraq (twice) and in Afghanistan.
The leader of the UK invasion force, Admiral Michael Boyce, says he now believes that the British military does not have "the legal cover necessary to avoid prosecution for war crimes."
More at the Leiter Reports and at Counterpunch.
The leader of the UK invasion force, Admiral Michael Boyce, says he now believes that the British military does not have "the legal cover necessary to avoid prosecution for war crimes."
More at the Leiter Reports and at Counterpunch.
Dembski continues to put his foot in it
Dembski still doesn't admit error--he says his copy of the filing (plaintiff's response to defendant's motion for summary judgment) doesn't have the Shallit deposition, implying that it wasn't part of the filing and Ed Brayton must be mistaken.
The Shallit deposition (in uncorrected form--the draft transcript of the deposition without errors corrected and edited) has been online at the NCSE's website at least since September 21.
It has been pointed out that the link above is to Shallit's expert witness statement, not the uncorrected deposition, which is in Appendix III, Tab O of the plaintiff's brief opposing the defendant's motion for summary judgment. Tab N is Shallit's disclosure statement.
The Shallit deposition (in uncorrected form--the draft transcript of the deposition without errors corrected and edited) has been online at the NCSE's website at least since September 21.
It has been pointed out that the link above is to Shallit's expert witness statement, not the uncorrected deposition, which is in Appendix III, Tab O of the plaintiff's brief opposing the defendant's motion for summary judgment. Tab N is Shallit's disclosure statement.
Bush's dishonest response about pre-war intelligence
Today CNN quotes President Bush:
Bush has a terrible habit of going on the offensive even when he's in the wrong, as he is in this case. Here, he is conveniently forgetting that much of what his Administration presented as solid fact was already discredited prior to its presentation to the American public, but it was used anyway. He forgets that this wasn't a matter of objective intelligence assessments, but of reports that were assembled by a new special intelligence analysis unit set up for the White House by Undersecretary of Defense for Policy Douglas Feith (#3 man in the Pentagon, who resigned on January 26, 2005), David Wurmser's Policy Counterterrorism Evaluation Group, which cherry-picked intelligence to find anything that suggested a link between Saddam Hussein and al Qaeda, while ignoring all evidence to the contrary, as documented in James Bamford's book, A Pretext for War: 9/11, Iraq, and the Abuse of America's Intelligence Agencies (2004, Doubleday)."While it's perfectly legitimate to criticize my decision or the conduct of the war, it is deeply irresponsible to rewrite the history of how that war began," the president said during a Veterans Day speech in Tobyhanna, Pennsylvania.
"Some Democrats and anti-war critics are now claiming we manipulated the intelligence and misled the American people about why we went to war," Bush said. "They also know that intelligence agencies from around the world agreed with our assessment of Saddam Hussein."
It was the Feith/Wurmser group's bogus intelligence which led to Colin Powell making a speech to the UN Security Council filled with errors based on forged documents and testimony from a discredited source, "Curveball." It was a leaked Feith memo of bogus Iraq/al Qaeda links which was the basis of a Stephen Hayes article in the Weekly Standard (expanded into a book, The Connection), which led to Hayes' embarrassment at the hands of Jon Stewart on the Daily Show. (I posted specific refutations of a number of Hayes' alleged connections on the Internet Infidels Discussion Board.)
Feith is the man who Gen. Tommy Franks said had a reputation as the "dumbest fucking man on the planet." This opinion was seconded by Colonel Larry Wilkerson, Colin Powell's right-hand man in the State Department, when he resigned in October 2005, saying "seldom in my life have I met a dumber man."
It was a man in Feith's organization, Larry Franklin, who pleaded guilty to passing intelligence information to the Israelis. This is no surprise to readers of Bamford's book--which describes how Feith, Wurmser, and Richard Perle previously worked for Israeli Prime Minister Benjamin Netanyahu to draw up a policy on taking a more aggressive stance with Iraq that Israel wisely rejected--but which was then successfully foisted upon the United States through George W. Bush.
Bush's criticism of the Democrats is mostly unfounded--most of the Democrats who voted for the war were deceived by bogus, cherry-picked intelligence put together by the Feith/Wurmser group with the specific intent to deceive them, and that's what needs to be further investigated and demonstrated to the general public that wasn't able to recognize the deception at the time (though the evidence was, to my mind, already pretty clear, as reflected in my postings to the az.general Usenet group prior to and in the months immediately following the invasion of Iraq). On the other hand, as Snopes points out, there were Democrats who already believed Saddam Hussein had WMD and hadn't destroyed it by the mid-nineties.
I find it amazing that Bush has had as much success as he had with the deceptive and dishonest tactics described in the book All the President's Spin. I am happy to see that more and more people are realizing the deception.
I'll be hearing retired lieutenant colonel Karen Kwiatkowski speak this weekend--she is a critic of the Bush administration and the war in Iraq who was former deputy to Feith in the Pentagon who resigned in 2003.
Further Dembski dishonesty about Shallit
William Dembski continues to dig himself a deeper hole with respect to his false claim that Jeff Shallit did not testify in the Dover case because his deposition went badly and was an embarassment to the plaintiffs. In fact, Shallit did not testify because he was a rebuttal witness to Dembski, who withdrew from the case, and because the defense filed a motion to prevent it.
Dembski also continues to claim that the Shallit deposition is somehow being concealed, when in fact it was filed in the case and is a public document. (More at Dispatches from the Culture Wars.)
Dembski also continues to claim that the Shallit deposition is somehow being concealed, when in fact it was filed in the case and is a public document. (More at Dispatches from the Culture Wars.)
Sony BMG to "temporarily" stop using rootkit-based DRM
Sony has said it will "temporarily" stop making CDs with the problematic DRM technology. I'm sure they'll make more in the future with a modified version or a new DRM technology.
Thursday, November 10, 2005
Sony DRM class action lawsuits
As reported at Brian Krebs' Washington Post blog, there has been a class action lawsuit filed against Sony in California and another one about to be filed in New York. The California lawsuit alleges violations of California's anti-spyware law, the Consumer Legal Remedies Act, and the California Unfair Competition law.
In other news from Krebs, there is now real malware exploiting Sony's DRM to hide itself. Krebs seems to be breaking the key news on this story--there are a number of other related articles on his blog worth reading, such as the one on Sony's past history of cavalier and inconsistent actions on DRM.
The EFF has an analysis of the EULA for Sony's software--it's something no reasonable person should agree to.
Back at Mark Russinovich's blog that exposed this issue and began the controversy, he rebuts a response from First 4 Internet, the implementers of the Sony DRM, and points out more evidence that their software is poorly written and can crash Windows.
In other news from Krebs, there is now real malware exploiting Sony's DRM to hide itself. Krebs seems to be breaking the key news on this story--there are a number of other related articles on his blog worth reading, such as the one on Sony's past history of cavalier and inconsistent actions on DRM.
The EFF has an analysis of the EULA for Sony's software--it's something no reasonable person should agree to.
Back at Mark Russinovich's blog that exposed this issue and began the controversy, he rebuts a response from First 4 Internet, the implementers of the Sony DRM, and points out more evidence that their software is poorly written and can crash Windows.
A 1952 history of U.S. communications intelligence declassified
The March 1952 document "A Brief History of Communications Intelligence in the United States" by Captain Laurance F. Stafford, USN (Retired) has been declassified by the National Security Agency and released to the public. It was originally classified TOP SECRET SUEDE. The document is a 24-page PDF. The document tells the history of COMINT prior to Pearl Harbor, beginning with the entry of the U.S. into WWI, when Herbert O. Yardley set up MI-8, the "American Black Chamber" to do cryptology work. On a quick scan I didn't see anything that wouldn't already be familiar in broad strokes to readers of James Bamford's The Puzzle Palace or Body of Secrets, though there may be some details not previously public, such as the number of staff working on cryptography.
Wednesday, November 09, 2005
Darwinian Trilemma
William Dembski has posted (from Ian Bibby) the following "Darwinian Trilemma":
While I think there's something to this objection, I would also reject premise 1 as stated. Surely there are scientific mechanisms for distinguishing natural features from artifacts of the sorts we are aware of (e.g., forensic science can distinguish at least some murders from deaths by natural causes). What science cannot distinguish is a hypothesis that biological features are the product of evolution from the hypothesis that a divinity created biological features that look just like the product of evolution. Similarly, science cannot distinguish automobiles that are created by people from automobiles that are created by a divine being to look just like automobiles built in a human-built factory, nor can it distinguish human beings who were born of a man and a woman from human beings who are directly created to look exactly as though they were born of a man and a woman (Omphalos included). (In other words, God could choose to work directly, simulating evolution, or indirectly, using evolutionary mechanisms or setting up the initial conditions and letting evolution run its course, and those hypotheses are empirically indistinguishable. Some religious believers advocate a view where events have natural causes, yet are also caused by supernatural beings such as Satan. In such an anti-Ockhamite, unparsimonious view, there is no scientific way to distinguish an event with both natural and supernatural causes from one which didn't have the latter.)
If a God-based hypothesis can be formulated in such a way as to have empirically testable consequences which are distinguishable from evolution, I don't see why it couldn't be science. This means there *could be* an "intelligent design" that qualifies as scientific--but what's been promoted in Dover is simply a renamed creationism, rather than a new field with any scientific content.
The real problem for such God-based hypotheses is that there really are no limits or definitions around what God does or would do--no empirical evidence is ever considered to be evidence against God by the advocates. I think there actually is empirical evidence against many specific gods which have been endorsed through the millenia, including commonly held views of contemporary monotheism. If you say that humans are psychologically similar to God (being created in his image), that God is perfectly rational and desires particular outcomes, then actions (or inaction) inconsistent with those desires, intentions, and facts of the world are evidence against such a God's existence. This gives evidential weight to atheistic arguments such as the argument from evil, the argument from (reasonable) non-belief, arguments based on the dependency of consciousness on physical brains, the facts of evolution, religious disagreement, and on the distribution of religious beliefs (indicative of cultural transmission rather than supernatural intervention).
- Science cannot test the proposition that biological features are designed.
- Darwinism explains the appearance of design in biology not as actual design but as the product of natural selection and random variation.
- Darwinism is science.
While I think there's something to this objection, I would also reject premise 1 as stated. Surely there are scientific mechanisms for distinguishing natural features from artifacts of the sorts we are aware of (e.g., forensic science can distinguish at least some murders from deaths by natural causes). What science cannot distinguish is a hypothesis that biological features are the product of evolution from the hypothesis that a divinity created biological features that look just like the product of evolution. Similarly, science cannot distinguish automobiles that are created by people from automobiles that are created by a divine being to look just like automobiles built in a human-built factory, nor can it distinguish human beings who were born of a man and a woman from human beings who are directly created to look exactly as though they were born of a man and a woman (Omphalos included). (In other words, God could choose to work directly, simulating evolution, or indirectly, using evolutionary mechanisms or setting up the initial conditions and letting evolution run its course, and those hypotheses are empirically indistinguishable. Some religious believers advocate a view where events have natural causes, yet are also caused by supernatural beings such as Satan. In such an anti-Ockhamite, unparsimonious view, there is no scientific way to distinguish an event with both natural and supernatural causes from one which didn't have the latter.)
If a God-based hypothesis can be formulated in such a way as to have empirically testable consequences which are distinguishable from evolution, I don't see why it couldn't be science. This means there *could be* an "intelligent design" that qualifies as scientific--but what's been promoted in Dover is simply a renamed creationism, rather than a new field with any scientific content.
The real problem for such God-based hypotheses is that there really are no limits or definitions around what God does or would do--no empirical evidence is ever considered to be evidence against God by the advocates. I think there actually is empirical evidence against many specific gods which have been endorsed through the millenia, including commonly held views of contemporary monotheism. If you say that humans are psychologically similar to God (being created in his image), that God is perfectly rational and desires particular outcomes, then actions (or inaction) inconsistent with those desires, intentions, and facts of the world are evidence against such a God's existence. This gives evidential weight to atheistic arguments such as the argument from evil, the argument from (reasonable) non-belief, arguments based on the dependency of consciousness on physical brains, the facts of evolution, religious disagreement, and on the distribution of religious beliefs (indicative of cultural transmission rather than supernatural intervention).
Dover School Board Swept Out of Office
In yesterday's election, the entire Dover School Board was voted out of office. Four of the new board members were Republicans running as Democrats; the incumbents were all Republicans. Four of the new board members are part of an organization called Dover CARES, which supports the teaching of intelligent design in a context such as an elective comparative religions course but not in the science classroom. The new board will take office on December 5 and have indicated that they will not change policy for a month, which presumably will be after the judge makes a decision in the lawsuit. This will likely mean that the decision (which I fully expect to go against the Dover school board) will not be appealed. More at the Panda's Thumb, Questionable Authority, Pharyngula, and Dispatches from the Culture Wars.
Update: Pat Robertson warns the people of Dover that now that they've forsaken God, God will not be there to help them in time of need:
Update: Pat Robertson warns the people of Dover that now that they've forsaken God, God will not be there to help them in time of need:
I’d like to say to the good citizens of Dover. If there is a disaster in your area, don’t turn to God, you just rejected Him from your city. And don’t wonder why He hasn’t helped you when problems begin, if they begin. I’m not saying they will, but if they do, just remember, you just voted God out of your city. And if that’s the case, don’t ask for His help because he might not be there.Nothing like argumentum ad baculum...
Monday, November 07, 2005
A New Explanation for Sea Serpents
Whale penises! Photos here and here. (Hat tip: Pharyngula.) (Note that this explanation doesn't work for the lake monsters like Nessie and Champy.)
Thursday, November 03, 2005
Defending Against Botnets
My presentation on "Defending Against Botnets" for ASU's Computer Security Week is online in streaming video and MP3 audio formats.
Unfortunately, the audience was quite small. ASU's Polytechnic Campus is way out east of Phoenix, on the former Williams Air Force Base which ASU purchased and turned into its east campus. It doesn't appear that it has a very large student population yet. I was amused that the streets are named after military figures. To get to the Student Union I drove on a street called Twining, named after General Nathan Twining. Twining is a name well-known to UFO enthusiasts, as his name was used on one of the forged "MJ-12" documents known as the Cutler-Twining memo, and also authored a genuine document that discusses UFOs (and is often misinterpreted by UFO advocates as claiming that crashed saucers have been recovered).
My talk was followed by a talk on Wireless Security by Erik Graham of General Dynamics, which covered threats and defenses for 802.11 and Bluetooth.
Unfortunately, the audience was quite small. ASU's Polytechnic Campus is way out east of Phoenix, on the former Williams Air Force Base which ASU purchased and turned into its east campus. It doesn't appear that it has a very large student population yet. I was amused that the streets are named after military figures. To get to the Student Union I drove on a street called Twining, named after General Nathan Twining. Twining is a name well-known to UFO enthusiasts, as his name was used on one of the forged "MJ-12" documents known as the Cutler-Twining memo, and also authored a genuine document that discusses UFOs (and is often misinterpreted by UFO advocates as claiming that crashed saucers have been recovered).
My talk was followed by a talk on Wireless Security by Erik Graham of General Dynamics, which covered threats and defenses for 802.11 and Bluetooth.
Wednesday, November 02, 2005
Denver Legalizes Possession of Marijuana
Denver voters approved a measure to legalize possession of up to an ounce of marijuana by those 21 and older. Authorities say state laws against possession will still be enforced, and we already know the federal laws will be enforced regardless of what a state wants to do with the drug issue (Raich v. Ashcroft).
Sony's DRM--not much different from criminal hacking
Mark Russinovich at Sysinternals.com, a security professional who is careful about what software he installs on his computer, found a rootkit on his Windows machine. A rootkit is a set of applications designed to hide malicious activity from the owner or administrator of a machine. He found a hidden directory, several hidden device drivers, and a hidden application.
After further investigation, he found that the software installed on his machine without his consent or authorization included files identified via Sigcheck as part of "Essential System Tools" from a company called First 4 Internet. Google revealed that First 4 Internet has implemented Digital Rights Management for several record companies, including Sony. It turned out that a recent CD he had purchased, "Get Right with The Man" by the Van Zant brothers, contained Sony's DRM.
Additional experimentation shows that the software is poorly written, and creates a load on the system by scanning the executable files associated with every running process every two seconds, and querying file information including size eight times per scan.
The End User License Agreement (EULA) gives no indication that this software will be installed to your machine, and provides no mechanism for removing it. (They have apparently since modified the EULA in response to Russinovich's analysis.) Russinovich took the trouble to take the steps necessary to remove the software (and return his computer to a functional condition), but as his analysis points out, this would be very difficult for an inexperienced user. A typical responsible computer user who saw the rootkit files and simply deleted them would cripple their computer.
This software appears to me no different from spyware, which was made illegal in the U.S. under the SPY ACT (Securely Protect Yourself Against Cyber Trespass), and also appears (as a commenters on Russinovich's blog note) to violate California state law, UK law, and Australian law. Arizona's anti-spyware law doesn't seem to apply.
Russinovich's detailed step-by-step analysis may be found here.
Don't purchase CDs with such irresponsible and sleazy DRM software.
After further investigation, he found that the software installed on his machine without his consent or authorization included files identified via Sigcheck as part of "Essential System Tools" from a company called First 4 Internet. Google revealed that First 4 Internet has implemented Digital Rights Management for several record companies, including Sony. It turned out that a recent CD he had purchased, "Get Right with The Man" by the Van Zant brothers, contained Sony's DRM.
Additional experimentation shows that the software is poorly written, and creates a load on the system by scanning the executable files associated with every running process every two seconds, and querying file information including size eight times per scan.
The End User License Agreement (EULA) gives no indication that this software will be installed to your machine, and provides no mechanism for removing it. (They have apparently since modified the EULA in response to Russinovich's analysis.) Russinovich took the trouble to take the steps necessary to remove the software (and return his computer to a functional condition), but as his analysis points out, this would be very difficult for an inexperienced user. A typical responsible computer user who saw the rootkit files and simply deleted them would cripple their computer.
This software appears to me no different from spyware, which was made illegal in the U.S. under the SPY ACT (Securely Protect Yourself Against Cyber Trespass), and also appears (as a commenters on Russinovich's blog note) to violate California state law, UK law, and Australian law. Arizona's anti-spyware law doesn't seem to apply.
Russinovich's detailed step-by-step analysis may be found here.
Don't purchase CDs with such irresponsible and sleazy DRM software.
Discovery Institute attempts to backdoor testimony into the Dover trial
This is old news, but I haven't noted it here before--the two planned expert witnesses from the Discovery Institute for the Dover trial were Stephen Meyer and William Dembski, who both withdrew from the case. The DI attempted to back-door their testimony into the trial in the form of an amicus brief. The judge ruled that the brief was inadmissible, concluding:
I seem to recall reading a comment from the judge with respect to DI's legal representation that he wasn't running a law school... if I find it I'll update this entry with a link.
In addition, after a careful review of the Discovery Institute’s submission, we find that the amicus brief is not only reliant upon several portions of Mr. Meyer’s attached expert report, but also improperly addresses Mr. Dembski’s assertions in detail, once again without affording Plaintiffs any opportunity to challenge such views by cross-examination. Accordingly, the “Brief of Amicus Curiae, the Discovery Institute” shall be stricken in its entirety.A fuller quote (as well as a Fuller quote) may be found at Stranger Fruit.
I seem to recall reading a comment from the judge with respect to DI's legal representation that he wasn't running a law school... if I find it I'll update this entry with a link.
Murders pinned on suicidal, child molesting, gun toting priest
The February 5, 2002 murders of Dan O'Connell and James Ellison in a funeral home in Hudson, WI have now been pinned on Roman Catholic priest Fr. Ryan Erickson, who presided over O'Connell's funeral.
Erickson, who committed suicide this year after investigators started questioning him about involvement with O'Connell and Ellison's deaths, apparently had knowledge of those murders that had not been publicly disclosed.
The current theory is that a teenage boy in trouble with the law went to Erickson, a youth pastor, who on at least three occasions served that boy alcohol and molested him. Unnamed sources say that O'Connell, whose father is on the church council, learned of the charges and confronted Erickson, who killed him and his intern, University of Minnesota student Ellison.
While Erickson's parents said the evidence is "weak" and "our son had nothing to do with this awful crime"; a judge and DA considered it fairly conclusive, including a reported confession from Erickson to a deacon at the church.
Erickson, who committed suicide this year after investigators started questioning him about involvement with O'Connell and Ellison's deaths, apparently had knowledge of those murders that had not been publicly disclosed.
The current theory is that a teenage boy in trouble with the law went to Erickson, a youth pastor, who on at least three occasions served that boy alcohol and molested him. Unnamed sources say that O'Connell, whose father is on the church council, learned of the charges and confronted Erickson, who killed him and his intern, University of Minnesota student Ellison.
While Erickson's parents said the evidence is "weak" and "our son had nothing to do with this awful crime"; a judge and DA considered it fairly conclusive, including a reported confession from Erickson to a deacon at the church.
Spoofer Captured by Spoof
Chris Elliott, the "man under the seats" on David Letterman's show, star of the movie "Cabin Boy" and TV series "Get a Life," and son of Bob Elliott (of "Bob and Ray") recently published his first novel--The Shroud of the Thwacker, from Miramax books. The book takes place in 1800s New York, where a serial killer is plaguing the city.
The book includes a mix of fact and fiction, with features such as wooden gas-powered cell phones and a time-traveling investigator named Chris Elliott. It also includes a Victorian-era mechanical robot named Boilerplate, which served with the Buffalo soldiers and Teddy Roosevelt in the Spanish-American war.
This latter feature, which Elliott learned of from a website his brother Bob Elliott Jr. pointed him to, has resulted in a financial settlement between Elliott and graphic novelist Paul Guinan. Boilerplate, an invention of Guinan, also appears in his own book, Heartbreakers Meet Boilerplate (IDW Publishing), published in July.
Apparently Elliott thought it was a spoof, but an old, public domain spoof.
The full story is at the New York Times.
The book includes a mix of fact and fiction, with features such as wooden gas-powered cell phones and a time-traveling investigator named Chris Elliott. It also includes a Victorian-era mechanical robot named Boilerplate, which served with the Buffalo soldiers and Teddy Roosevelt in the Spanish-American war.
This latter feature, which Elliott learned of from a website his brother Bob Elliott Jr. pointed him to, has resulted in a financial settlement between Elliott and graphic novelist Paul Guinan. Boilerplate, an invention of Guinan, also appears in his own book, Heartbreakers Meet Boilerplate (IDW Publishing), published in July.
Apparently Elliott thought it was a spoof, but an old, public domain spoof.
The full story is at the New York Times.
Tuesday, November 01, 2005
William Dembski's Obsessive Complaints of Obsession
Ed Brayton comments on the "Isaac Newton of Intelligent Design"'s crazy accusations of obsession against his critics. Dembski's latest is to accuse mathematician Jeff Shallit of being removed as a witness in the Dover trial because "his obsessiveness against me and ID made him a liability to the ACLU." Actually, Shallit did not testify because he was a rebuttal witness to Dembski, Dembski withdrew from the trial, and the defense did not use Dembski's ideas in their case.
Dembski then dug the hole deeper, stating that this couldn't be the reason. Why not? Because he withdrew before Shallit's deposition was taken. He went on to challenge the ACLU and Shallit to release a transcript of the deposition. Unfortunately for Dembski, it was the defense that took the deposition, to make sure they would be prepared in case Shallit would be used as a witness--and the deposition (at least in the preliminary, uncorrected transcript) is already a public record.
Perhaps Dembski should work on responding to his critics, rather than accusing them of stalking him.
Dembski then dug the hole deeper, stating that this couldn't be the reason. Why not? Because he withdrew before Shallit's deposition was taken. He went on to challenge the ACLU and Shallit to release a transcript of the deposition. Unfortunately for Dembski, it was the defense that took the deposition, to make sure they would be prepared in case Shallit would be used as a witness--and the deposition (at least in the preliminary, uncorrected transcript) is already a public record.
Perhaps Dembski should work on responding to his critics, rather than accusing them of stalking him.
Deception by Dover School Board President Alan Bonsell
This trial just keeps getting more and more ridiculous. The board members who said they had no idea who bought the copies of Of Pandas and People have been shown to be liars on this and other issues. William Buckingham went in front of his church and solicited donations for the books, collected them personally, wrote a personal check (with a memo saying "for Pandas and People books") and gave it to board president Alan Bonsell, who gave it to his father to purchase the books and make the donation. Bonsell ended up receiving some angry questioning directly from the judge. Mike Argento of the York Daily Record has a funny column on this examination.
The Parable of the Roommate
This little parable/thought experiment was inspired by Steve’s comment in the Stirner birthday message, where he advocates for agnosticism over either theism or atheism.
Imagine yourself in the following scenario:
You’ve just returned home from a day at work. While you set your keys on the kitchen counter and remove your coat you can hear the familiar voices of your roommate and her/his S.O. in the other room.
You start to wonder about what you might make yourself for dinner when suddenly you are startled by a loud gunshot, followed by what sounds like a body falling to the floor. Rather than getting the hell out of there you somewhat foolishly run to the other room to see what happened. Once there, you see your roommate standing there, arm outstretched, holding a still-smoking pistol pointed at what is now, apparently, a corpse.
Your roommate looks at you and says “Santa Claus did it.”
Do you:
Imagine yourself in the following scenario:
You’ve just returned home from a day at work. While you set your keys on the kitchen counter and remove your coat you can hear the familiar voices of your roommate and her/his S.O. in the other room.
You start to wonder about what you might make yourself for dinner when suddenly you are startled by a loud gunshot, followed by what sounds like a body falling to the floor. Rather than getting the hell out of there you somewhat foolishly run to the other room to see what happened. Once there, you see your roommate standing there, arm outstretched, holding a still-smoking pistol pointed at what is now, apparently, a corpse.
Your roommate looks at you and says “Santa Claus did it.”
Do you:
a) Sincerely believe that your roommate is telling the actual truth?
b) Decide that, because you didn’t actually see your roommate fire the gun, you just can’t know one way or another whether Santa did it?
c) Consider your roommate a murderer, and the claim to be the rationalization of a mind that has snapped?
If my point isn’t glaringly obvious, I think that the Christian/Muslim/Jew/whatever ought to take position A, since, according to most religious beliefs, faith is a virtue. The agnostic ought to take position B, because certain knowledge about anything is denied us. That leaves C, the only rational, reasonable, explanation, for the skeptics/atheists.
If you’re not a skeptical atheist, but you still chose option C above, well, then I applaud you for being reasonable. But I think you need to explain why you choose the analogous A or B when it comes to the equally dubious claim that there is a God.