Apologies for delay, April Fools, slow servers Administrative4/3/2001; 8:09:24 AM I feel I should apologize for the lack of updates and the fact my April Fool posting was up for hours longer then it should be. I haven't 'heard' any other complaints, so it may just be me, but editthispage.com has been slow for me the last couple of days. In fact, for much of the last 48 hours, my connections were simply denied. This made taking down my April Fool's posting that much harder. If you haven't seen it, I'm going to try to get a screenshot of it later. I kinda liked it, and I think it's sad so few people probably saw it.In other news... I've mostly successfully upgraded my computer to a AMD Duron 800 w/256 MB ram. In the computer hardware business, it's all-to-easy to lose that sense of wonder (esp. if you're young enough that you've always lived in an era of massive advancement), but wow! For a few hundred dollars, I have, quite simply, a supercomputer. It's still amazing.Anyhow, what that means is that I can get LinkBack up now, though it will still be a bit. I've got some big end-o'-semester projects coming up that I have to finish first (keep an eye out for the Machine Learning project if you like My Userland on the Desktop!), and then I can try to slip some time in. I'm looking forward to LinkBack, it's much improved over the last incarnation (though much of it is behind the schenes stuff that you won't personally care much about), and I think that this is a better time for it. Weblogs are, as I kinda expected, continuing to attract attention in many places and continuing to slowly grow in importance, not just flaming out like a fad, and I hope this time around more people will be exposed to it and want to use it. (FWIW, I think weblogs are due in another couple of months for another burst of attention, as the people for whom it was just an opportunity to show off how clever they were with design and whine about how life sucks are brushed aside in favor of people with actual stuff to say.)

The "Computer as Assistant" Fallacy Personal Commentary4/1/2001; 8:10:39 PM 'There has been a lot of talk lately about how computers are too hard to learn to use. There is a longing for devices you can just pick up and use without training. Microsoft's Kai-fu Lee was quoted in The New York Times as saying, when discussing the more "natural and intelligent" user interfaces he hopes to create, "My dream is that the computer of the future is going to be an assistant to the user." 'This type of thinking strikes me as strange. We don't ask for our automobiles to be more natural and intelligent, nor do we call for the next generation of cars to be like chauffeurs. With cars, we talk about responsiveness, comfort, power, cargo size, and safety. Tools are effective and appropriate to the task. Learning to use them is part of being human.'   Reminds me of what I wrote last year.

April Fools! Personal Commentary4/1/2001; 1:22:13 AM I love April Fools day on the net, even though my own sense of humor may not be the greatest.Here's what I know of so far:Nothing, because as I write this, April first is still tommorow most places in the world...

At Issue: E-Rights for E-Writers
Misc.
3/30/2001; 11:05:04 AM

'Tasini et al. v. The New York Times et al. pits members of the National Writers Union against media corporations The New York Times, Newsday, Time, Lexis/Nexis, and University Microfilms.

'The case will decide whether freelance writers should be paid royalties when publishers redistribute their work in electronic databases or CD-ROMs without their permission.

'It is now up to the judges to decide how to apply the 1976 Copyright Act to an electronic technology that wasn't even around when many freelancers were signing these contracts. That decision may not come until June.'

Microsoft storm warning Privacy from Companies3/28/2001; 2:25:42 PM I've watched the pundits, I've read the articles and whitepaper, and I'm finally ready to say a couple of things about Hailstorm, potentially the biggest privacy boondoggle of the next few years. Scott Rosenberg's Salon article prompted a few observations from me that I haven't seen commented on anywhere else:'For starters, the moment all your data is collected in one place, any failure in security at that place becomes catastrophic. The Microsoft Control Room becomes a classic "single point of failure" -- an Achilles' heel that, once pierced, would give an electronic trespasser uniquely comprehensive access to your preassembled data profile.'I'll go you one further. Even if the Hailstorm servers were 100% secure, the Hailstorm system, which includes your computer, your Hailstorm accessing programs, and most importantly, you, will never be secure. In order to "crack" the Hailstorm system, one need only find a single point of failure. After the initial flurry of bugs in the Hailstorm servers, which Microsoft will eventually close (and Microsoft had better hope that that doesn't require fundamental architecture changes...), the real point of failure will be your system, and possibly even you. Microsoft simply can't guarentee the security of all of the millions of systems connected to Hailstorm. If there's any shared data, like a corporate department, one security failure on a laptop connecting from 2000 miles away could allow a cracker to obtain your entire department's data. If I was going to attack Hailstorm, I'd attack the clients that will be connecting, with all of the well-known techniques doing so, up to and including "social engineering". "Hi, this is Steve from IS, I just e-mailed you a security patch to your Hailstorm client, could you please make sure to apply it?"This is very much an all-your-eggs-in-one-basket kind of thing. Sure, hackers can do this sort of attack now, but Hailstorm makes it that much easier to grab a lot more data, making it that much more attractive to do so... and not even Microsoft is powerful enough to combat the effects of a lack of diversity.'HailStorm is to be built on the foundation of Microsoft's Passport software, ... it also boasts a "Terms of Use" featuring clauses that, were they applied to HailStorm, would make any user blanch.'Try this one on for size: "By posting messages, uploading files, inputting data, submitting any feedback or suggestions, or engaging in any other form of communication with or through the Passport Web Site, you warrant and represent that you own or otherwise control the rights necessary to do so and you are granting Microsoft and its affiliated companies permission to: Use, modify, copy, distribute, transmit, publicly display, publicly perform, reproduce, publish, sublicense, create derivative works from, transfer, or sell any such communication ... Microsoft is under no obligation to post or use any materials you may provide and may remove such materials at any time in Microsoft's sole discretion."'Scott thinks/hopes that Microsoft will loosen up on this, and I suppose for corporate customers he's right. However, with no particular disrespect towards lawyers, given today's legal climate, esp. with the content companies suing everybody and everything that involves technology invented after 1980, there's no way Microsoft will significantly loosen that clause for "common folk", who will do such nasty things as storing illegal MP3s on the Hailstorm servers. In some sense, they must be given some sort of license to host copyrighted materials that belong to you, and rest assured the lawyers won't settle for a non-transferable limited license. Expect to see Microsoft exert control over the Hailstorm data, even if they never want to. Our legal system is very much in a "if we can control, we must control" mood, and when the content cartels catch whiff of the illegal activities that will occur, they'll be all over Microsoft with lawsuits... lawsuits that in the current environment, they'd almost certainly win.' Today, Microsoft assures us that it "will not mine, target, sell or publish any HailStorm user data without explicit user consent." But once all that data is sitting on Microsoft's servers, the company will face a powerful temptation to tinker with the fine print and "monetize" your data in aggressive ways.'Remember, there is precedent for changing your privacy policy on the fly and lowering the protections. Who's going to stop Microsoft if they try that stunt? They are perhaps the only corporation in the tech industry big enough to tell consumers where they can stuff it, and still expect to make money.'Which is one good reason to store the information where you can keep an eye on it -- on your own hard drive.'Just by way of reference... last weekend I saw a 40GB hard drive for $100. Unless you have an OC3 going straight to your house, it would take days to fill up that drive via your network connection. If you're reading this over a modem, make that months. I still do not understand why I need, in the year 2001, Microsoft to store my data, which will have to travel over a network connection, the second slowest connection my computer has (beat only by my serial port).

Post-Napster policing reopens ISP wounds
DMCA
3/27/2001; 10:45:10 PM

'Facing the prospect of a post-Napster world, tension is starting to build between copyright holders and Internet service providers over who should police other file-swapping networks that are poised to step in as replacements....

'"The content community would like ISPs to act as a global police force, and that's not their job," said Dave McClure, chief executive of the United States Internet Industry Association (USIIA), the main ISP trade association. "It seems to me that ISPs don't have the obligation or even the right to monitor the data on their subscribers' hard drives."'

Read more…

Bush opposes Euro privacy rules
Privacy from Companies
3/27/2001; 5:38:50 PM 'The Bush administration, responding to concerns in the financial-services sector, is objecting strongly to a set of proposed European Commission privacy rules affecting trans-Atlantic e-commerce.

'In a March 23 letter to a top commission official, the Commerce and Treasury Departments said the proposed rules "impose unduly burdensome requirements that are incompatible with real-world operations."

'At issue are proposed "standard clauses" for contracts between U.S. and European firms regarding exchanges of customer data. The clauses would obligate U.S. firms to operate under European Union privacy standards, which are much stricter than U.S. law. EU standards require, for example, that consumers have access to information collected about them and notice on how it is used.'

Anti-Spam Bill's Second Wind
Spam & E-Mail
3/27/2001; 9:47:32 AM 'House negotiators are meeting privately in an attempt to work out differences over an anti-spam bill before a scheduled vote on Wednesday.

'Chris Cox (R-California) says the measure, sponsored by Heather Wilson (R-New Mexico) and Gene Green (D-Texas), allows state attorneys general to file suits against spammers and collect punitive damages far beyond any harm actually caused. Rep. Ed Markey (D-Massachusetts) has argued that the bill would inappropriately deputize Internet providers to regulate incoming e-mail.'

An anti-posting: TiVo Privacy Concerns Unfounded Privacy from Companies3/26/2001; 6:34:59 PM There's been a lot of foofarah today following some never-heard-of-'em foundation's posting of a "report" on TiVo's Privacy Policies. I would like to point out that TiVo has always been up-front about what they are doing, and in fact this "news" has already been around the news mill... and it wasn't that interesting the first time, either.I respect TiVo for being quite clear about what they do, phrasing it in plain English, and so far as we know, sticking to it to the letter. If all companies acted like TiVo there'd be no "privacy advocates". The foundation that produced the report does not speak for all of us privacy fanatics.Also, while I'm posting anti-notes and non-news, I'm trying to redesign this site until it's not an abominable eyesore any longer. Given my design skills, that's going to take a while, so you may see some slow changes as I actually try things and see what I like. My goal is no more pure white, but it needs to be readable. We'll see how it goes as we chronicle the Adventures of the Design-Atropic Nerd.