Friday, April 29, 2005


A Librarian's Response to the Long Tail

Cool post.

Wednesday, April 27, 2005


Geek Love

From lifehacker:
why geek guys are better to date than “the flashy guy with the smooth smile.”

Sunday, April 24, 2005


Daniel Solove Audio Interview

This interview serves as an excellent overview of the problem of privacy today. No registration required.

Thursday, April 21, 2005


Game Over: Kasparov and the Machine

I saw this at the Alamo downtown tonight. In a nutshell, it covers the 1997 media frenzy rematch between Garry Kasparov and Deep Blue and the largely ignored allegations of cheating by IBM. I was never interested in these matches since there is a finite (albeit astronomical) number of plays that can be made in chess, so theoretically a computer can be built that could never lose. However, I am interested in security design, scientific integrity and stock market manipulation. Since this incident raises all three issues, I'm interested.

Security Design
It would be easy for IBM to cheat. There are these things called computer networks. They allow computers to be controlled at a distance. At the press interview after the pivotal second game loss, Kasparov made reference to "The Hand of God" interfering with the game. In security speak, IBM was the trusted authority since they were solely responsible for making sure the computer didn't cheat. No one else was allowed to audit the system. Another way of describing a trusted authority is that it is the person or entity that you give permission to violate your security.

Scientific Integrity
This issue is simple but also the definitive issue and curiously the most neglected one. Kasparov beat Deep Blue in 1996 and had no problem accepting a rematch. Scientific method requires that claims are repeatable. So does the sports world. Just because the Red Sox finally win a World Series doesn't mean that every year henceforward they can say they are the best baseball team without playing. But that is exactly what IBM has done. But even more ludicrous is that they refused to share the logs to show that the computer actually did the work in the second game (Anyone who has ever taken a math or computer programming class knows that they have to show their work to get credit for their answer. Otherwise, it is assumed they received outside help). They are supressing the evidence of the fix! And what's amazing is the sheer audacity of the smug tool of a guy from IBM who won't shut up about his responsibility for the victory. He says that it is petty for Kasparov to raise the possibility of cheating when he has no evidence! Well how about coughing up those logs? Otherwise, you have zero scientific integrity. And this further demonstrates why IBM would not accept a rematch. After an allegation of cheating, a rematch would require that IBM would no longer be the sole trusted authority.

Stock Market Manipulation
Of course, this was a naked PR stunt, but a major one. In 1997, in the midst of the Internet boom, IBM needed its image revitalized. As a result of the spectacle, IBM shareholders did well (because their horse won J.M Keynes so-called beauty contest). On more than one occasion, the film used anonymous whispers to suggest that the stock may have shot up 15% as a result. However, this isn't true unless you count preceding weeks and assume foreknowledge contributed to this earlier part of the stock's rise. I'm skeptical about the film's anonymous 15% suggestion.

People often find it tough to swallow the possibility of foul play here. First, it would require a complicit media. That just seems unimaginable! Second, Pete Rose was barred from baseball for betting for his own team. To suggest IBM was after monetary gain would be just as unsportsmanlike!

IBM promoted the match as "Man vs. Computer" and just about all of us bought the line. In restrospect, it is easy to see the match was really "Man vs. Corporation". Man didn't lose to a computer. He lost to a corporation.


The innocent victim

This blog entry is well worth the read:
With the help of Senator Leahy, Marla managed to persuade Congress to set aside a tiny part of the $18.4bn Iraq appropriation as aid for victims rather than for US corporations.
Marla's colleague in the US just sent around an email: saying: "One of Marla's favourite quotes from Ernesto che Guevera was: 'The true revolutionary is guided by a great feeling of love.'
Corny as it may sound, but I'll say it because it's the truth, I can't help but think back to Obi-Wan: If you strike me down, I shall become more powerful than you could possibly imagine.

Wednesday, April 20, 2005


Rolling on the floor laughing

Thank you, KVUE News for the first healthy gut laugh this week! They're interviewing this gentleman explaining his position that gay parents should not be allowed to adopt children, and in all seriousness, he says "We are made in the image of God...and gays shouldn't influence children when they're most vulnerable."

Value of an opinion: 2 Cents.
Value of watching the first stone cast: Priceless.

Update: the referenced gentleman is the state rep from the cosmopolitan city of Pasadena, Texas.


Ecological Balance

Town lake joggers are keenly aware of two hazards. Speeding bikers and, to a lesser extent, long dog leashes that have a tendency to set booby traps on the trail. It finally occurred to me that those long dog leashes serve an ecological purpose:
One of these large hysterical dogs I was telling you about lunged at us as though we were the last slab of bacon in Texas. As it lunged, its leash stretched out across the trail, creating a sort of trip-wire booby-trap. Comedy was in the air! The situation came speedily to a satisfying conclusion when the booby-trap unseated an oncoming cyclist, without ceremony.

Zippy and I toddled away unscathed, leaving the two injured parties to their remonstrances. We were happy as a couple of clams to have seen that bike asshole bust ass.


Bicycle Haiku

Oh no. Not again.
Forgot to unclip.

Monday, April 18, 2005


We Want Your Soul

Adam Freeland is in Austin at Sky on Friday. Click here for video.


State-Sponsored Identity Theft

Those wacky law enforcement officials! Bruce Schneier blogs about some shenanigans right out of the twilight zone.

Consider the consequences of allowing the state (in this case, Ohio) to legally steal your identity. Coupling this power with a rich history of planting evidence is not a good formula.

From the original article:
Each night Szuhay danced, the state agents drank beer and watched from seats inside the club, ostensibly looking for violations of liquor laws at the same time.
Wouldn't you just love to see their expense report?

Saturday, April 16, 2005


Blogging is not a crime :)

And all this time I just assumed everyone was allowed to read these blogs...
Is censorware blocking your blog?

Friday, April 15, 2005


Bills Gone Wild HB 3245: Closing Meetings About Computer Security

This week's Austin Chronicle highlighted some "good" and "bad" bills (p.24):
"So, we offer a tantalizing tease, by no means exhaustive..."
Princeton Professor Ed Felten blogs about Texas HB 3245 and says:
Computer security is a topic on which Texas, or any state or national government, needs all the help it can get.


Happy Tax Day!

BTW, when you rent a video or whenever you pay for any similar thing personally, you're paying for it with post-tax dollars. If you want to avoid taxes, you can share with your friends. :)

Wednesday, April 13, 2005


Malcolm Gladwell Keynote MP3 from SXSW Interactive 2005

Malcolm Gladwell Audio
And you can find some video of the talk here.


Is your tax filing software spyware?

Now taxes really can bug you

reports the San Francisco Chronicle:
...if you're one of the millions who this year have used the electronic services of Intuit's TurboTax or H&R Block, you may not know that a stealthy technology commonly known as Web bugs was used to track your comings and goings on the Internet.

Both Intuit and Block, which offer electronic filing for free through the IRS' Free File program, use hidden Web bugs throughout the tax-preparation process to monitor taxpayers' online behavior.



On my Monday post about privacy and anonymous blogging, I made a few references to keyloggers. Today, SecurityFocus published an article about keyloggers:

Introduction to Spyware Keyloggers


Street Art and Unhappy Tourists

A Celebration of Street Art
Unhappy Disneyland Visitors

Tuesday, April 12, 2005


Austin Gas Prices


New Hope for Health Care: Go To India

From the New York Times:

Mr. Beeney's story is becoming increasingly common, as Europeans and Americans, looking for world-class treatments at prices a fourth or fifth of what they would be at home, are traveling to India.

Low Costs Lure Foreigners to India for Medical Care

Monday, April 11, 2005


Disclaimer: There is no such thing as anonymous blogging

1 : not named or identified
2 : of unknown authorship or origin
3 : lacking individuality, distinction, or recognizability

I first became aware of/interested in computer privacy issues after driving to Houston for a computer law forum I found out about through Usenet done by EFH (which I understand later merged with EFF-Austin). Over the years since then, many people have pegged me as slightly paranoid. Whatever.

The Electronic Freedom Foundation (EFF) recently published the article "How To Blog Safely (About Work or Anything Else)"

The general intent of the article seems honorable, but there appears to be some problems with it. Grave problems. The first problem is that there's no disclaimer. In fact, consider how the article sums itself up in the last sentence:

As long as you blog anonymously and in a work-safe way, what you say online is far less likely to come back to hurt you.

I can possibly be hurt if I'm blogging anonymously? If I can be hurt because of something I've blogged, that means that I really was not anonymous in the first place.

There is no such thing as anonymous blogging.

To speak of "anonymous blogging" only gives one a false sense of security. The article should have had a big fat disclaimer. Even if you're using TOR, as the article suggests, it is still pretty straightforward to connect you to your blog. This can be done by analyzing your writing style or by sneaking a keylogger on to your away-from-the office computer.

The article considers that your hosting service is in a position to capture your IP address:

If you are worried that your blog-hosting service may be logging your unique IP address and thus tracking what computer you're blogging from, you can...

But anyone can capture your IP address! I don't blog anonymously because I know it's impossible. I obviously use When someone replies to a post of mine, I get an email notification. The first thing I do, of course, is to read it. Suppose it includes a link to a website. I click on it. I have just given away my IP address, my browser and operating system and a lot of software configuration on my system that can be read by javascript. Busted. Now, someone at my office sends me a separate email directly and has me click on another link and they simply compare the results. Even if I'm logging in from my laptop with a different IP address, the other information will be the same. Of course, they can also do a lexical comparision and/or attach a keylogger to my computer.

Like anything, it depends on the costs. If you're not saying anything on your blog to piss anyone off, then you're safe. Nobody is going to spend any effort. But, if you say something that pisses someone off who has the resources to do it, your false sense of security may come back to bite you.

Sunday, April 10, 2005


Cool Stuff

I think the next best thing to Los Angeles falling into the ocean may be novel uses of existing tools.

1. Take P2P filesharing app BitTorrent and add blogging:


2. Take VOIP app Skype and add audiocast:


3. and finally...

Lisa: Fluorescent ...
Bart: Booger.
Homer: Mmm, hmm. Wait a minute, these aren't exciting new products! You're not even trying. Okay, that's it, both of you go to your rooms and spank yourselves.

Friday, April 08, 2005


There is no emoticon for what I'm feeling

Tag Texas Cars with RFIDs?


Hacking Language

Computer programs are tricked into doing things they were not designed to do. Usually, this is done by injecting input the program mishandles. Similarly, the same can be done with humans by injecting language they're not prepared for:

These aren't the droids you're looking for.

It's called social engineering. In the previous example, the target is an individual. Generally, the security community focuses on this type of social engineering. But, what if the target was millions of people?

Today, I was watching an interview of an intelligent student refer to his opposition to the administration's social security privatization plan as dissent. Robert Jensen reveals why contributing to the public discussion should not be characterized as dissent:

If we all are part of the process of formulating policy options -- if we do not give up the right to be involved in that process -- then we begin with the idea that all policy options are open, and that the people will decide which option they want the government to pursue.

If that were the case, then [...we...] wouldn’t be dissenting from some already-agreed-upon position. We would be contributing a policy option to the discussion. That wouldn’t be dissent; it would be participation in a conversation about which option or options might be most desirable.

Now, after the political process has concluded and a policy is chosen, then it makes sense to say that one dissents from that.

There is no better characterization of the social security privatization initiative than crony capitalism. The skill of fascist propaganda is revealed when otherwise intelligent people are being made to refer to the status quo as dissent.

He who carries the biggest stick controls reality. He does it by hacking language and we're a bunch of suckers.

Wednesday, April 06, 2005



While returning to town late last night, I noticed the new Freebirds had opened on South Congress (just south of Riverside). I strolled over there tonight and checked it out. I had no intention of finishing the Monster there so I ordered it to go and ate half of it on the patio. The patio is adjacent to an empty creek surrounded by trees that is orthogonal to Congress Ave. I naively left my burrito on the patio as I went back in to get more barbeque sauce and returned to find a bird snacking on my dinner. The good news is that for $8, I got all my meals covered for the day with one burrito. Free wireless. Life is good.

Monday, April 04, 2005


Cheers to Olatunji Oluwatosin

Olatunji Oluwatosin was sent to prison for tricking Choicepoint into handing out personal information they have collected. Choicepoint is an incredibly evil company and is even on record stating that they should not be subject to the law that protects our rights with respect to our personal information.

Because of Oluwatosin's efforts coupled with California law that requires disclosure of compromises of user information, Choicepoint is finally receiving the scrutiny that they deserve. In fact, this scrutiny appears to be forcing Choicepoint to be more responsible with their business. According to this article, Choicepoint is developing a system that would allow people to review their personal information that is sold to law enforcement agencies, employers, landlords and businesses.

Thanks Olatunji. We need more citizens like you.


Not happy with my new Linksys Wireless Card

It comes with this crummy software that overrides windows in configuring the wireless settings. The consequence is that I can never get a wireless connection for some reason. So, I check the box labeled "Use Windows to configure my wireless network settings" so that I can connect and everything is happy until whenever I reboot, that checkbox gets overwritten and I can no longer connect until I disable the Linksys software again. Presumably, the Linksys software is doing that. Now, if I uninstall the "Wireless-G Notebook Adapter" software to remove this nuisance, will it also prohibit my wireless card from working? Hmmm...stay tuned. :) Maybe I should just return it.

This page is powered by Blogger. Isn't yours?