Sunday, December 30, 2007

The Atrios Shift Register

Much worrying in realtor land as a borrower finds a way to walk away from his current loan. The ARM mortgage on his current house is $800,000. The bank realizes that he cannot make the payments and will allow him to sell the house for $500,000 and walk away. He is not walking too far however as he has just bought the house next door for $500,000.

Atrios suggests that borrowers could use this scheme to dump their negative equity problem onto the banks. Everyone with negative equity moves one house to the left in a giant housing market shift register.

If banks were going to benefit in this way the establisment media would mutter darkly about moral hazard and nothing would be done to stop it. Since its the borrowers that stand to benefit the concerns are likely to be much louder and the loophole will be swiftly closed if any appreciable number of people attempt to use it.

Friday, December 28, 2007

Good News, Bad News

The good news is that Russia does not intend to sell their S-300 Missile system to Iran any time soon, or at least denies any such intent. The bad news is that this does not make a great deal of difference since Iran has just completed taking delivery of 29
Tor Missile units from Russia at a cost of $700 million or so.

Each unit carries 8 missiles and is reckoned to be equivalent in capabilities to the Raetheon Patriot missile. That gives Iran the capability to knock at least some of the aircraft that might be used in any airstrike by the US.

Talk of an Israeli attack appears to be just that, talk. Israel cannot attack Iran for the same reason Iran cannot attack Israel: they lack a common border and both have ample defensive forces to repel an attack by the other. The Israeli air force has 250 or so fighter aircraft. Any lost in raids over Tehran will not be available for defense so Israel cannot risk using enough aircraft to overwhelm the Iranian defenses. Which was surely a factor in the Iranian's decision to buy 29 Tor units in the first place.

Or perhaps given that the existence of defensive measures might discourage a foolhardy adventure perhaps it is good news that starting a new war in the region would be a disaster for all concerned.

Saturday, December 22, 2007

Conservatives are allowed to call anyone fascists

One of the least appealing features of the modern Conservative movement is its habbit of calling people names. Its not just Ann Coulter who accuses liberals of being 'godless' and guilty of 'treason', Lewinsky scandal plumber Johah Goldberg has now got in on the act with 'Liberal Fascism' an extended treatise based on the falacy of the excluded middle.

So it was only a matter of time before the F-word was being flung around in the Republican primaries. The Amercian Conservative avoids using the word itself in their cover story Declaring Forever War, they just dress up Rudy in a brown shirt and jackboots and leave the reader to make the connection themselves.

A better F word for Rudy would be flake. His 'foreign policy' while mayor of New York City was certainly not consistent in opposition to terrorism. Yassir Arafat gets kicked out of concerts but Gerry Adams gets a humanitarian award. The fact that the IRA and PLO were allied for many years and taught each other terrorist techniques was probably not lost on Rudy, the point was to pander to the Jewish and Irish voters who didn't.

The Republicans have turned up quite a field. While the vast majority of Democrats would be happy with any of the top three contenders in the primary, the Republican race is the choice of the lesser of five evils. This is demonstrated by the extreme volatility of the Democratic polls, Hilary's national lead can vary from twenty points ahead of Obama to barely ahead depending on recent news. The Republican polls show a much more consistent trend. The surges of Thompson and Huckabee were not driven by a liking for either candidate but a dislike for Romney and Giuliani. Now that they are finding out about Huckabee, McCain is rising again.

Wednesday, December 19, 2007

The cost of phishing rises

Gartner reports that the cost of phishing rose to 3.2 Billion in 2007.

As always I am somewhat skeptical of the absolute level, what is more interesting is the trend. The cost of phishing might be half as much or twice as large, it is very hard to eliminate systematic errors from such studies but it certainly appears to be the right order of magnitude.

Gartner's Press release states that the cost of phishing has 'soared' but do not give the 2006 figure. That made me suspicious so I dug out the 2006 release which puts the sum at $2.8 billion. That is very interesting as it tells us that even though the cost is rising it is rising less slowly than it has in the past.

The trend is again up but the average loss per incident has declined to $886 from $1,244 in 2006. One possible explanation is that the criminals are trying to fly under the radar and steal smaller amounts that are less likely to attract attention. Another is that consumers are more alert to the risk of Internet crime and are spotting more thefts.

The reason the total is up is because the number of people affected has risen. So Internet crime is not running out of control but it is affecting more people.

The idiot view from the boardroom

The news that Circuit City approves retention awards for top execs is hardly a suprise. Circuit City is after all the company that laid off its 3,400 top performing sales people in March, since then the stock has crashed from $18 to $6.

What sort of management can tell itself that retention bonuses are essential in the boardroom while sacking the sales staff? The fact that they fired the sales staff in the first place is demonstration that a management exodus at Circuit City should be viewed as a positive, not a negative.

Monday, December 17, 2007

Lets restart the crypto-wars.

Ross Anderson on UK Crypto Export Duplicity (via Michael Froomkin)

I find it somewhat difficult to get excited about this stuff when the position of the authorities is so weak. Strong crypto is widely available and beyond the control of any government. Any terrorist group with the will to do so can obtain encryption tools that are as unbreakable as the public state of the art allows.

The situation we have today is that we have strong cryptography that meets the needs of Internet criminals but not the ordinary Internet user who is targetted by Internet crime.

Friday, December 14, 2007

Better shread than dead?

The liberal blogosphere is all agog at the news that document shredding tncreased 600% under George W. Bush.

Nefarious? Or maybe $2.7 million on shredding is not that much out of a trillion dollar plus federal budget. If the US government really did spend that little on shredding there simply would not be as many shredding companies in business as there are.

And even if there has been an increase in shredding, is this a bad thing considering the rising problem of identity theft?

Sunday, December 09, 2007

How not to deal with intelligence briefings

As with everything else in Washington, we arrive at he-said-she-said as the mode of argument. The Washington Post reports the administration side of their intelligence briefings.

This is surely a very bad idea. The administration is attempting to put their side of what was said through an off-the-record leak. Everyone concerned knows the source of course, the Washington Post states that their sources are two officials who were present.

This is a remarkably bad idea when there is a Congressional investigation in progress. The lawmakers know who was present and they will be witnesses at the hearings. So the lawmakers can ask if they were the source of the allegation directly. This puts them in a bind, either they commit perjury or they they admit revealling classified information for partisan purposes. If all the witnesses deny being the source they can force Mukassey to begin a pejury investigation.

The Washington Post does not describe their sources as 'ex-officials'. So this is likely to lead to forced resignations.

Not a good means of performing spin control.

Friday, December 07, 2007

Friday Night Podding: The Computer: Wonder of the Future

Zero sum game

The Washington Post has a good writup of the housing market meltdown.

Basically the problem occurred because high risk bonds were being traded as AAA grade investments.

Stick with me now, because this is where it gets interesting. For it is at this point that the banks got the bright idea of buying up a bunch of mezzanine tranches from various pools. Then, using fancy computer models, they convinced themselves and the rating agencies that by repeating the same "tranching" process, they could use these mezzanine-rated assets to create a new set of securities -- some of them junk, some mezzanine, but the bulk of them with the AAA ratings more investors desired.


The problem with these models is that as any outside observer could tell there is a conservation of risk. No matter how the risk is sliced and diced the number of borrowers who default on their mortgage from a given pool will be exactly the same. If the tranching process was honest it should have identified equal amounts of high and low grade paper, or at least equal amounts of risk. But an honest process would not be half as profitable as selling the high grade paper as AAA and the remainder at its original mezzanine rating.

In other word the scheme is like buying up packets of baseball cards in bulk, picking out the small number of valuable, highly collectable cards and then selling on the remainder at the original purchase price.

Baseball card collectors know this which is why opened packets of cards change hands at a lower price than sealed packs. The chance of finding a Mickey Mantle rookie card in an open pack is approximately zero. But this law does not apply to sophisticated mortgage traders since the high grade paper identified by one analysts model differs from the next. The mezzanine paper is by definition paper that is compromised in some way but not to the extent that a full default is likely.

So after one analyst sifts the packet of sub prime mortgages and selects their favorites it is passed to the next who extracts their favorites and so on. The only time a mortgage is ever removed from the mezzanine pool is when it is close to or actually in default. Each analyst is rewarded according to the amount of money they make which in turn depends on the amount of mezzanine risk that they can rebrand as AAA. Suddenly almost everything appears to be a favorite. Mortgages churn round the mezzanine pool until they emerge as either AAA or go into default.

Lender's don't need to care about the quality of the risks they acquire. In fact a high risk loan is more profitable since it will eventually sell as low risk and a bank somewhere will profit the difference.

The net result of this behavior is that for the past ten years or so the cost of sub-prime borrowing has been artificially low which has in turn allowed property prices to inflate. Now that the bubble has burst the ratings of the mezzanine trances has plummeted from AAA to junk overnight.

The property market is bust but liquidation will take quite a while yet. Most people will try as hard as they can to avoid default and the loss of their home. But there are plenty of people out there who are way over-leveraged that are going to go under. Its not just the people who took on a mortgage they could not possibly afford, its the property speculators and the over-leveraged landlords who are going to be in trouble.

Its not compensatory, its different

The NYT suggests that business acumen may be compensation for Dyslexia.

As the guy who introduced the spelling for the HTTP referer field, I think that they are wrong. Its not compensation, its just an intrinsic difference in the way some people's brain's process information that has advantages and disadvantages.

As a species we have been literate for a mere four millennia, mass literacy is an even more recent phenomenon. Our visual and neural systems have not evolved to read and write, rather we have developed methods of reading and writing that are compatible with the way that the bulk of the population process information. It is hardly suprising that the result does not suit some people.

Some part of intelligence is certainly innate. While I do not eliminate the possibility that innate intelligence might be measured I do reject the notion that purported 'IQ' tests produce valid results outside the scope of use for which they were originally designed: Measuring the progress of sub-normally intelligent patients in response to therapy. Whatever intelligence is, it is not a linear quantity and it is relatively independent of motor and coordination skills such as reading.

In an information economy, average knowledge worker skills quickly become commodified. Coding is a relatively valuable trade skill, a Cobol or FORTRAN programer makes much more than a blacksmith or saddlemaker, but its a commodity skill. The skill that has value in an information economy is the ability to think differently.

Society places a great deal of pressure on people to think alike and not voice opinions that are outside the bounds of accepted wisdom. The herd instinct in our species is still ver strong. This has benefits in that without the herd instinct it would be impossible for us to live in densely populated cities as we do. Civil society would be impossible. The downside is that when we end up with foolish or incompetent leaders most of the population will be only too happy to fall into step with their way of thinking.

My problem is that I read too fast, much faster than I can properly process the information. I don't see the letters in the words. The problem is worst when reading low density information such as computer manuals. The upper level cognitive functions demand interesting information at an acceptable rate. If they find none they tell the reader function to scan faster and faster, causing the error rate to climb until the result is just a stream of noise.

Often the problem is that while I am reading something interesting I start thinking about implications and connections. I have read McLuhan several times but can barely remember a word because I value the book not for what McLuhan wrote but for the ideas I get while reading it. Thus I am indifferent to the question of whether he was right or wrong on any particular issue, in fact on most issues I can remember, the sage of Toronto is dead wrong. Television is not a cold media, it is hottest of hot, certainly after the introduction of color and larger screens.

If you don't have the ability to read and think at the same time you are probably going to do a better job of reading.

As a result I am very particular about good typography. Chapter and section headings function as frame markers, allowing the reader process to resynchronize. While proofreading The dotCrime Manifesto I was suprised to find that the house style is to put definition of terms in bold rather than the traditional italic, but this makes a huge amount of sense when you are scanning text for a particular term. Bold is designed to make a term leap to the eye.

Monday, December 03, 2007

Harry Porter's Relay Computer

Relay's existed in Babbage's time, this raises the interesting question of whether Babbage could have succeeded by choosing the right technology.

Babbage was defeated by the cumulative demands of engineering tolerances. Any inaccuracy in the position of art A would have a knock-on effect on part B and so on. Although a replica has been bought to tolerances that were individually achievable in Babbage's day it was not possible to build and debug the ensemble in Babbage's day.

Digital technology is more practical because it is much more tolerant of errors. TTL logic generates 0V to represent a 0 and 5V to represent a 1 but it will accept anywhere in the range 0-0.7V or so for 0 and 4.3-5V for a 1. That makes it much more resilient in the face of noise or slight manufacturing errors.

The other major difference with electronics over mechanics is the lack of friction of course.

Thursday, November 29, 2007

FBI ‘Bot Roast II: 1 million infected PCs, $20 million in losses and 8 indictments | NetworkWorld.com Community

Cool

The end of the two state solution

The BBC is reports that Olmert has warned that failure to agree a two state solution would mean the 'end of Israel'.

As negotiating positions go this is not exactly a strong one. There is little prospect of a two state solution being agreed with the Palestinians at Annapolis as the party the Palestinians elected their government was not invited to attend. And even if this is ignored it does not appear that Omert is able to conceed any significant removals of settlers from the West Bank even if he was inclined to do so.

Omert is certainly correct in his observation that "If the day comes when the two-state solution collapses, and we face a South African-style struggle for equal voting rights, then, as soon as that happens, the State of Israel is finished." The US is willing to write a blank check to defend Israel against terrorism, it is not going to underwrite a struggle to maintain an appartheid system.

Hamas has been attempting to ensure the collapse of a two state solution for precisely that reason. The more interesting question is what will happen within Hamas at this point. Clearly there are many Hamas members for whom an Islamic state 'over every inch of Palestine' is the only acceptable outcome. It is however quite likely that there are more than a few in the Hamas ranks who are more pragmatic and would accept a unitary secular state.

The question is whether this faction is able to emerge as the dominant one inside Hamas. Which brings us back to the explanation for Omert's otherwise puzzling statement. It makes no sense for Omert to make such a statement to the Israeli people unless it is to justify a program of withdrawl from the West Bank in order to make a two state solution possible. Omert shows no sign of doing this, nor would it even help at this point.

Another possible explanation is that it is a coded message to Hamas: This is how you can win what you really want.

If so Omert's strategy begins to look like the British negotiating strategy that brought about the Good Friday agreement and ended the IRA's terrorist campaign in Northern Ireland. The critical message in that case was that the British Government assured the IRA that it repudiated the discrimination against Catholics that originally sparked the troubles and that Britain had no interest in occupying the North against the wishes of the local population.

The idea of land for peace never made very much sense. It is hard to think of a case where partition has provided a lasting peace to any irridentist conflict. Partition in Ireland led to a civil war, two decades of peace until the second world war, then another two decades of peace during which the Protestants did their best to grind their heel into the Catholics' faces.

What the settler's really want is to be able to occupy any part of the territory. What the Palestinians really want is to be able to occupy any part of the territory and be treated with genuine equality. Those are not incompatible. The only incompatibilty arises when the bigots on one side or the other demand that the resulting state be 'Jewish' or 'Islamic' and set about creating the type of 'separate but equal' privileges that are guaranteed to create the bitterness and hatred that fuels the conflict.

Wednesday, November 28, 2007

xkcd

You know that there are people like this out there, I have to work with them (click to enlarge).


xkcd site

Monday, November 26, 2007

Felix Salmon on LSS

After reading Felix Salmon explanation of Leveraged Super Senior debt via Brad DeLong I have arrived at an understanding of a meta-theory of high finance.

High Finance consists of inventing jargon terms in order to obfuscate a financial transaction to such an extent that its true nature is disguised. When corporations are only measured by their short term performance as measured by standardized accounting practices the simplest way to improve results is to massage the figures for short term gain, pushing out hidden costs and concealling risks.

Super Senior, sounds like its the best eh? Actually its the toxic sub-prime sludge.

The sub-prime meltdown has been a topic of speculation amongst bloggers for three years now. Perhaps the warnings from the same bloggers about 'peak oil' are also on target.

Sunday, November 25, 2007

Holiday Present for HMG?

Pity its out of stock.

Wednesday, November 21, 2007

Prime Minister Apologises for Data Breach

The BBC reports that Prime Minister Brown has been forced to personally apologise for the data breach.

US readers will of course be puzzled by the spectacle of the top politician being held accountable for the actions of his own administration but this is entirely normal and a routine event in British Parliamentary democracy. The Prime Minister answers questions for half an hour every week. Preparing for PMQs typically takes about half a day, a significant investment.

Commentary on the breach strongly suggests that it might bring about the end of the national ID cards scheme. The Tories have a major opportunity here:


1) The National ID card scheme is already very unpopular.

The idea of an identity card is contrary to the British view of Britishness. It is the symbol of an authoritarian state on the Napoleonic model that the British fought major wars to reject.

2) HMG has suffered a long series of IT procurement disasters.

The procurement process has been entirely captured by the major IT consulting firms and Labour have proved unable to see the cause of the problem, let alone remedy it.

3) The technical architecture for the National ID card does not represent state of the art.

One reason for the huge cost or the ID card system is that like Herod in times past, HMG is going to require every citizen to be authenticated in accordance with the same set of security procedures regardless of whether they are going to claim benefits or require services that would make a high degree of authentication necessary.

4) The costs are now, the benefits far in the future

Like the millenium dome, the National ID card scheme requires a massive up front capital investment which can only be recaptured if highly optimistic forecasts hold. The National ID card scheme has never established a strong base of support within the Labour party, let alone the opposition.

5) There are other options for achieving the same ends

Part of the problem with the National ID card scheme is that it is an end in itself and the proponents have never managed to explain what the objectives actually are. The only measurable goals set out are reducing benefits fraud and reducing bank fraud.

  • It is not necessary to register the entire population to control benefits fraud. The best way to reduce bank fraud is to improve the security of banking technology.
  • Chip and PIN has been vastly more effective at eliminating fraud due to forged cards than the National ID card could be.

6) George Brown would likely appreciate the excuse.

The Tories should attck on ID cards because they are probably pushisn at an open door. Brown would no doubt prefer to avoid a political defeat but he will probably accept a defeat rather than have the albatross of Blair's ID card scheme strung round his neck. This data breach provides Brown with an ideal pretext for re-examining the scheme. At the very least this allows any final decision on the future of the scheme to be pushed out beyond the next election.

A commission to examine the security of the proposed National ID cards scheme would meet everyone's political needs.

Tuesday, November 20, 2007

Crypto News from the UK

The BBC reports that animal rights activists are facing demands to reval their decryption keys under provisions of RIPA which came into force in October.

Meanwhile the Chancellor has admitted the loss of data disks containing details of 25 million child benefit claims, possibly the largest data breach to date. No doubt the folk at Emerge4nt Chaos will be having a field day.

Breach disclosure is like a fire alarm, it does no good at all unless you have an evacuation plan and preferably a fire brigade. But even the best fire alarm is a poor defense compared to effective building codes.

We have no shortage of technology, we need to develop the building codes.

Monday, November 19, 2007

Tape is dead

Reviews of the latest HD video cameras confirm te fact that tape is dead, the JVC GZ-HD7 takes the now typical route of using a hard drive. Meanwhile Sony and Panasonic have introduced the AVCHD standard which makes use of the more efficient H.264 codec which would allow recording of HD to tape but cameras like the SD1 actually use SD flash memory instead.

Its hard to see how tape can compete at this point. Flash memory is cheap and getting cheaper. The higher media cost is more than set off by the increased convenience. The tape is pretty much a transfer medium rather than a storage medium in any case. A DV tape stores 10Gb and costs about $3 in Costco. A 250 Gb portable hard drive costs $140. Thats 56 cents a gig versus 30 cents. And a 250 Gb portable drive is a whole heap easier to carry about.

As disk drive manufacturers continue to try to climb the value chain they will produce mass battery powered portable media stores for backing up memory chips in the field. At the moment these are a niche gadget for serious professionals. Within a short time they will be mainstream.

All of which means that keping track of which bits have been recorded and where they are stored is going to become more and more of a challenge. I think that we are going to see more manufacturers recognizing the value of recording GPS tracking data on cameras. But who wants to bulk up their camera with a GPS chip even if its useful?

Better solution by far would be to have a reliable and robust means for linking your cell phone / GPS unit to your camera. I know that phones have cameras too these days but there is no way that a phone format camera can compete for quality with a purpose designed DSLR. Whatever technology you put in the compact phone form factor can work better in a dedicated form factor, even if the laws of physics and diffraction did not limit what a phone camera can do in any case.

So it all comes down to integration as the key issue.

Sunday, November 18, 2007

Good news, bad news

The unlovely Iranian government provides good news and bad.

The good news is that it appears that they are providing rather less IEDs and other munitions to the anti-US forces in Iraq. The bad news is that the country is still lawless, judicial murders are so frequent that they only attract attention when a particularly eggregious sentence is commuted.

The worse news is that the lawlessness in Iran is not atypical of the region with rape victims in Saudi Arabia and Dubai receiving sentences from the barbaric administrations.

All of which makes the fiasco in Iraq a worse problem, not less. Iran is with all its faults amongst the more liberal, democratic regimes in the region. The best outcome that can be expected from the US invasion is that Iraq will end up not quite so bad as Iran. Arguably this is an improvement in that Iraq is no longer capable of invading other countries in the region, but this has been true since the end of the first US-Iraq gulf war and in any case the chief beneficiary is Iran.

Saturday, November 17, 2007

MAKE: Blog: Tesla coil super mario duet



The coils are making the sound.

Wednesday, November 14, 2007

Real Internet Crime

For while I have been complaining that what is commonly referred to as 'Internet crime' isn't. Its just plain old burgalry or fraud or shoplifting with an Internet twist.

The BBC reports what might be a real honest-to-goodness (OK dishonest-to-badness) Internet Crime, theft of hotel furniture from an online hotel.

Its being treated as a crime because the goods were paid for with real money.

Monday, November 12, 2007

More Whitehouse Email

A federal judge has just ordered the Whitehouse not to erase any backup tapes that might contail email messages.

Quite how this could become a problem by accident is a mystery to me. I know from personal experience that an archive system was in place at the start of the Clinton Presidency. Every email was to be archived, no exceptions.

The system did in fact break down once during the Clinton administration, backup tapes that should have backed up some of the Vice President's email were somehow corrupted during the transition from All-In-One. But the fact that it broke down under Clinton only makes the alleged breakdown under Bush even more inexplicable. The Federal government is far from perfect but when something breaks they know how to put procedures in place to make absolutely sure it never happens again. For the system to have broken down a second time there must have been some sort of forcing function.

Sub Prime Explained



H/T: Michael Froomkin

From the deprtment of 'you don't say'

BBC News

Thursday, November 08, 2007

How to save net bandwidth

While at the W3C TPAC today, someone who does not wish to be identified suggested a surefire means of saving vast quantities of network bandwidth: Every new disk drive is filled with porn before it ships.

Using IRC at meetings

Instructions for getting onto the IRC channel for the meeting are in the agenda.

To find the agenda, follow the link just sent out on IRC

Wednesday, November 07, 2007

Writers strike

Let us for the sake of argument stupulate that the studios are telling the truth when they claim that they make next to no money from Internet content.

Let us further stipulate that the studios are correct in their assertion that the amount that the writers stand to gain is trivial compared to the amount that they stand to gain.

I don't know what the writers earn but I am willing to bet that it is a whole lot less than the amount made by the studios from the shows that have gone off the air this week. So if it is 'stupid' for the writers to go out on strike over a trivial amount of money as Eisner claims, what does that say of the studios?

One possibility is that the strike is really about setting a precedent for future division of royalties but it seems much more likely to me that the money at stake here is very real.

The screenwriters are in a much stronger position than most strikers. Some writers are going to be missing a paycheck at the end of the week but most writers don't see a regular paycheck anyway, apart from their residuals checks that are going to come in anyway. And even though its officially 'pencils down', that only really means that the writers are not going to be delivering material to the studios. The writers can still work on non-script projects such as books, catching up on reading, administrative work, networking and such.

None of this really seems to make it through to reports of the strike in the establishment media.

Thursday, November 01, 2007

The IRS Phish amount just went up

So now I learn by email that my IRS refund is $343.56, thats more than double since last week's $147.59. Both are of course completely fake, the IRS does not notify people about refunds by email.

There is a strange synchronization problem for the attackers. If they all use different refund amounts they create suspicion and their response rate goes down. But some attackers are still using $147.59 which was last years scam amount while others seem to think a change will be more effective.

Monday, October 29, 2007

Miniature projection display

Light Blue Optics has a minature projection display that works using holographic projection.

Looks like nanotech devices are really starting to come to market.

Sunday, October 28, 2007

Lt Col. Claims he is victim of spoof email

Glenn Greenwald reports receiving a bizare email message Col. Steven A. Boylan, the Public Affairs Officer and personal spokesman for Gen. David G. Petraeus.

The email message is the sort of thing you might expect Stephen Colbert to send if he was the press officer. Accusing a journalist of being 'lazy', 'providing purposeful misinformation', 'not a journalist' is exactly the wrong thing to do in that type of position.

So now the story gets intersting. When I pinged Boylan to ask him about this suprising email he responded claiming that he did not send it and that he is a victim of identity theft.

It must be pointed out at this point that Greenwald does not accept the claim and there is no inconsistency in the email headers that would conclusively demonstrate that it is a forgery. Unfortunately this proves only that the message was not forged by an incompetent.

Assuming that neither Greenwald or Boylan is lying, the only explanation is that someone forged the email. It is certainly not impossible that the email is a forgery, what is impossible at this stage is providing convincing proof that it is a forgery. The army can produce the server logs, but these could have been modified. We are back at accepting someone's word.

The worst case here is that the message is a forgery. Getting inside the communications loop of the enemy is something any intelligence service would like to achieve. Spreading fear and distrust between the military and reporters that cover them would certainly be counted as a major achievement by some.

We know that email is insecure, we know that we rely on email for sensitive communications. We have the technology to fix it. Why do we continue to allow this vulnerability to remain?

The military should sign all their email. They have certainly spent enough on email security infrastructure. Using S/MIME on every message creates compatibility issues but DKIM can certainly be used.

Saturday, October 27, 2007

The dotCrime Manifesto: Available on Pre-Order

Wednesday, October 24, 2007

Its official

Six months after acquiring a 30" monitor I have officially run out of screen space.

Nothin for it now, will have to tidy my desk for the new monitor.

Monday, October 22, 2007

Trash patent watch

It the USPTO grants this one its in even worse shape than imagined.

The latest graphics processor cards are essentialy general purpose SIMD processing units. nVidia releases a compiler for making use of the processors on general tasks. People start applying for patents for the blatantly obvious idea of using the general purpose SIMD computer for tasks that it is best suited for.

Lets see if the USPTO is stupid enough to grant this.

Password cracking is a pretty idiotic application to patent since the people most likely to use a password cracker are blackhats and they are not noted for paying license fees. On the other hand it might be purely defensive.

I know there are people who use password crackers to see if passwords are strong enough, I think its bogosity on bogosity, if you want to check password strength you can do it more usefully and much more easily when the user selects their password. There are also folk who use crackers to break lost passwords, which is OK so long as you don't mind bad guys being able to do the same.

Sunday, October 21, 2007

Is Krugman an Economist?

The blogosphere reacts to the bizarre question asked by David Kennedy in his review of Krugman's book.

What is particularly bizarre about the question is the basis, "And yet maybe Krugman is not really an economist — at least not according to the definition offered more than a century ago by Francis Amasa Walker". While Kennedy might have intended this as a debating point, what academic field is defined by belief in a set of core doctrines rather than a subject of study? Even worse to decide on the set of core doctrines a century ago, before Keynes, Freedman, the depression or the digital computer.

The idea that economics is defined by core beliefs is of course an old one, the principal exponent of that approach being of course Karl Marx. Like many an early exponent of an undeveloped field, Marx got plenty wrong. Those mistakes would not have mattered half so much if Marx had not also claimed infallibility. As a result, like Freud he founded a pseudo-science that has obscured his genuine contributions to the field.

Like many a lay person using a quotation in a field which he is ignorant of, Kennedy misses his mark since Walker "wrote that laissez-faire “was not made the test of economic orthodoxy, merely. It was used to decide whether a man were an economist at all.” "

Oops, last I looked Krugman's view on laissez-faire was pretty much compatible with the 19th century understanding. He argues for free trade (mostly) he does not argue in favor of state granted monopolies, he argues against protectionism.

As Brad DeLong notes, Kennedy starts his review by noting that Krugman has "abundant accolades include the John Bates Clark Medal... a distinction... perhaps even more prestigious than... the Nobel.... ".

Does the Bates Clark medal rank with a Nobel? Well Krugman's office at MIT was in the Nobel Suite. And the story goes that when Krugman left for MIT the economists decided that rather than argue over which of them would inherit the prestige of his office that it would only go to postdocs - presumably until there was another MIT Nobel or Bates Clark laureate.

Friday, October 19, 2007

Its not a net-neutrality issue

People seem to be all a twitter in the Slashdot world about reports that Comcast is blocking some P-to-P traffic. This is then linked to the net neutrality debate.

I can see how some people would claim a connection but it is absolutely the last argument I would want people to make in support of net neutrality. File sharing networks are not considered a legitimate Internet use amongst lawmakers. While it is possible to use a network that is guerilla architectect in the manner of Gnuetella or BitTorrent, it is more than a stretch to claim that this is their principal use. And in any case it would be pretty easy to support the uses touted as legitimate in a peer to peer architecture that is not as aggressively designed to prevent copyright infrignements being detected.

Linking the net neutrality supporters to the supporters of illegal file sharing is exactly what I would want to do if I wanted to discredit the case for net neutrality in Congress.

As far as Congress is concerned there is a huge difference between blocking an infrastructure designed to promote piracy and blocking competing VOIP services such as Vonage or attempting to shakedown major content providers such as Google for bandwidth the customer has already paid the customer for.

There is also a huge difference between charging the customer for bandwidth they have already paid for and allowing the customer to pay extra to receive a short term premium service on a one-time basis. If the customer has already paid for 10 Mb/s they should get it. If on the other hand they have only paid for a 1 Mb/s connection and they need 10 to watch just one movie I don't see why a mechanism that allows them to pay a premium for a short term boost would be a bad thing.

But thats just my opinion.

NZ brewery offers beer for laptop

Well thats one way to deal with a data breach, [BBC NEWS] The Emergent Chaos folk will be happy.

It is not clear if the issue here is confidentiality or loss of the data. Since the information is almost certainly only useful to another brewer, if then I would guess the issue is that the files were not backed up.

Not exactly a security concern but a major concern for pretty much every computer user. Hard drives are cheap but reliable backup mechanisms are difficult to configure, tedious to use and expensive to maintain.

Microsoft and Apple keep missing the ball here. They are still stuck in the era of nightly backups to tapes held on site. Thats a 30 year old obsolete model.

Much better is active mirroring. At this point the only practical backup medium for a hard drive is another hard drive. Tape storage capacity has not moved since the mid 90s. A 500 Gb disk drive selling for $150 would cost five times that amount to back up to tape.

If you are using another hard drive you don't have to do backups in batch. Make the updates in realtime and do it transparently. The backup system should never be more than a few minutes behind the master. If the user needs to recover a lost file they use versioning (which Vista does support).

And this should be sold at commodity prices to consumers. Consumers need RAID5 as well. They just don't know what it is, nor should they, consumers don't really know how plumbing works either.

The user experience should be as follows. The consumer buys a home storage center at a store. They take it to their brother's house and plug it into his network. The storage system gives them an activation code. They then go home and log into the machine they want to back up, they start the storage wizard (perhaps this was distributed on a CD with the storage box) and enter the activation code. From now on their photographs are safe even if the house burns down.

If they run out of backup space they go round to their brother's house and slot in an extra drive. The RAID array rebalances itself transparently and automatically. If the brother gets nosey or the array is stollen the data cannot be read because its also transparently encrypted.

In a slicker version, the consumer and brother buy a box each for use as a local file store. Each box is used as a local NAS device and mirrors itself transparently to the other.

I now a LOT of consumers who would happily pay $500 to $1,000 for a box of that sort if the user experience was as simple as I describe. If however they have to grovell round configuring their NAT box or configuring drives then they won't buy it.

Thursday, October 18, 2007

Wingnuts only

One of the questions that has been puzzling me for a while is how an open discussion forum in the Slashdot mould such as Little Green Footballs can maintain its ideological direction over time. Now I think I have the answer: LGF registration is temporarily closed. Please try again later. (We occasionally open registration during weekend afternoons, Pacific time.)

Wednesday, October 17, 2007

The Blogosphere takes on Rush Limbaugh

One of the peculiarities of American politics is the fact that preposterous blowhards such as Rush Limbaugh can attract a huge following and spout nonsense for decades without being treated as the hate mongering thugs that they are. Or at least thats the way that things used to work before the blogosphere came along.

Now you don't have to be a Rush Limbaugh to spew idiocy into the ether, but you do have to be a Limbaugh or a Coulter or on the left a Michael Moore to get large numbers of people to take notice of you. The typical Wingnut blogger has to be more economical with the idiocy, reserving it for special occasions such as the all important defense of Rush Limbaugh as Ed Morrisey does at Captain's Quarters.

The captains quarters on a ship are of course its rear end as any devotee of Spongebob Squarepants is aware. Morrisey does not disappoint. Complaining that Limbaughs remarks about 'phony soldiers' were taken out of context. Well what was the context?

LIMBAUGH: "Save the -- keep the troops safe" or whatever. I -- it's not possible, intellectually, to follow these people.

CALLER 2: No, it's not, and what's really funny is, they never talk to real soldiers. They like to pull these soldiers that come up out of the blue and talk to the media.

LIMBAUGH: The phony soldiers.


[Transcript via Media Matters]

Maybe its just me but I see absolutely no ambiguity in the transcript. The people that Limbaugh was referring to as 'phony soldiers' were any soldier who disagreed with Limbaugh's point of view. Moreover the reason that Limbaugh's comments were notable were not because they were particularly unusual, he had spent over a year denigrating Kerry's military service history, but the fact that they came a few days after Limbaugh and right wing talk radio had worked itself up into a lather over MoveOn's attack on Petraeus.

The original Media Matters article that started the controversy can hardly be characterized as quoting Limbaugh out of context, the quotation goes on for several pages. But as has been subsequently demonstrated, Limbaugh's own 'entire transcript, in context, that led to this so-called controversy' did in fact have 1 minute and 35 seconds removed allowing Limbaugh to falsely assert that his 'Phony Soldiers' remark referred to Jesse MacBeth.

Morissey sees things differently "No one in their right mind would believe that Rush didn't support the military or the right of troops to express their opinions on the war". On the contrary, I think that it is abundantly clear that this is exactly the type of thing that Limbaugh does repeatedly and what he intended to do on this particular occasion. I suspect but cannot of course prove that the mention of Jesse MacBeth was only made after the producer listening to the show realized how Limbaugh had just put his foot in it and might well be in need of some cover.

So what is the point here? Why bother with the rantings of the blogosphere? The point is that the Web was originally intended to be an antidote to this type of reporting. How do we distinguish real reporting from agitprop from the likes of Rush and co?

The first point is providing references to back the key points that are in dispute. Media Matters does this, Morissey does not. The only links in his article are to his previous article a report in the Hill on the Republican action in defense of Limbaugh, a link to a Republican audio conference and a blog post by a Republican House member. Nowhere does Morissey think it necessary to provide any form of evidence to substantiate his central claim that Limbaugh's position is worth supporting.

References are important but they can be manipulated. I have not checked to see that the Media Matters transcript is in fact an accurate account of what was said. It is possible that Media Matters could fake the entire article, faking evidence is after all what the founder of Media Matters admits having done for many years while he was a Republican party operative. What is very unlikely however is that Media Matters could have presented a fake transcript on the 27th of September without someone having noticed by now, three weeks later. It is accountable. If Morissey in particular or the right wing blogosphere in general could expose the claim as faudulent they would do so rather than merely asserting that the report had been discredited in unspecified ways.

Monday, October 15, 2007

Edwards ahead of Giuliani

in terms of cash on hand, at any rate. According to Opensecrets Edwards had $13 million on hand at the end of Q2, latest reports from the Giuliani campaign indicate $16 mil on hand after Q3 but only $11 mil of that is available for spending in the primary race. Assuming Edwards took in more money than he spent this quarter and that almost all of the Edwards money is for the primary he should be well ahead of Giuliani at this point.

More ominously for the Republicans, Obama at second place in the Democrat money race has more cash on hand than the entire Republican field and Clinton outpaces Obama by a Giuliani.

These figures would be bleak enough for the Republicans, but consider the very different nature of the races.

An early retirement would be unthinkable for Romney or Giuliani, its all or nothing for both men. Neither shows the slightest interest in the second place on the ticket and it isn't likely to be on offer in any case. Its going to go all the way to the end leaving the eventual nominee with nothing in reserve.

The democratic race on the other hand is much less symmetric. The Clinton camp holds a commanding lead in the polls, both nationally and in the early states. Florida's decision to buck the party and hold its poll early may well be decisive. If Clinton wins Florida, Ohio and New Hampshire decisively, Obama may be forced to conclude this is not his year. Unless the Democratic race has turned unexpectedly nasty by that point the number two slot is almost certain to be offered to him and he is almost certain to accept.

The net result is that the Republican nominee is almost certain to end the primary season in debt while the Democrat might emerge with the bulk of the Clinton/Obama stash intact. At current fundraising rates that could easily top $100 million. Enough to buy one heck of a lot of advertising before the convention.

Its not only the Presidential race that may be affected. With a purse that size there will be more than enough to defend any swiftboating attacks and the opportunity to forgo time fundraising for the Presidential election to support the House and Senate campaigns.

Friday, October 12, 2007

End of the road for shock punditry?

The blogosphere is all atwitter at Ann Coulter's nakedly anti-semitic blast. But more significant is the fact that Coulter had to loose a second attention grabbing zinger less than a week after lamenting votes for Women.

After a while the shock pundit has little left to shock with. Having attempted to rehabilitate Hoover and McCarthy and attacked the families of 9/11 victims, Coulter's creativity gave out and she was forced to rely on traditional bigotries. Having done race and gays it was only a matter of time before she got round to anti-semitism.

The establishment media will continue to book her as a 'controvertial' guest. Sontag and Maher were instantly banished for merely critcising the use of the term 'cowardly' to describe suicide bombers. But Coulter's politics being considered favorable to the party of the boardroom she will probably continue to be booked, albeit with diminishing frequency as her ability to shock continues to dwindle.

Eventually the only way Coulter will be able to grab attention is to run for President in a series of LaRouche like campaigns for the Republican nomination.

Saturday, October 06, 2007

Ron Paul has sussed us

There I was thinking we were going to get away with it but Ron Paul has worked it out.

As a card carrying member of the world elite, I was hoping to get a big UN contract to provide portable gun collection stations through my elite friends.

Tuesday, October 02, 2007

mengwong - Post a comment

Meng Wong's new Six Ws

Old Media: Journalism
Who
What
Where
When
Why
How

New Media: YouTube
Ow, that’s gotta hurt
Eww, that's gross
Whoa, I’d hit that
Woot, I want one
Wow, that’s cool
Aww, how cute

Thursday, September 27, 2007

Scary video of cyber attack on generator

The Huffington Post is a twitter over a video purporting to show a hacker hit on the power grid.

There is no question that a well informed attacker with detailed knowledge of the systems being attacked could cause this type of destruction. Attacks that posed a serious risk of injury or even death were certainly attempted during the vandal hacker era.

The harder questions to answer is whether the attack could be mounted without using inside information and whether a successful attack was likely to further the goals of a politically motivated attacker.

The ability to gather some sensitive data from target organizations is not the same as the ability to gather the specific information required to make a successful attack. The ability to cause an incident at one power plant is not the same as the ability to mount a successful campaign. The ability to mount a successful campaign is not the same as the ability to make people care.

People cared about the fact that Bin Laden was able to murder 3,000 people on US soil in the 9/11 attacks. The fact that he also closed the US stock markets for almost a week did not register any complaints. The US power grid has from time to time failed on an extended basis, the NorthEast blackout of 2003 left 50 million US citizens without power. Inconvenient yes, but not in a way that is likely to further a minority political agenda.

Cyber-terrorism might be effective in limited situations where the political goal being campaigned for has widespread public support. One can imagine that a power outage in Burma next week might cause a real loss of face for the government as it would be interpreted as incontrovertible evidence that the dictatorship is losing control. But a similar outage in the US is not likely to have the same effect.

Department of not very good ideas

Well that did not take long, Verizon has reversed its ban on pro-abortion text messaging.

One can imagine the process that led to the decision. Senior executive picks up New York Times, Senior Executive calls CEO, CEO gives order, New York Times receives correction.

For any company to insert itself into such political situations is lose-lose proposition. The opposing side is only going to cheer a partisan ban that allows them to send messages while blocking the opposing side.

The critics were right, the Verizon ban is a precursor of what a net without net neutrality would look like: occasional partisan decisions by corporations are rapidly reversed as the businesses attempt to eliminate themselves from the decision process.

Wednesday, September 26, 2007

Project Names and Borges Numbers

Tom Van Vleck tells an interesting story about how the choice of project names can reveal unintended information. (H/T Making Light)

There is a similar attack that sometimes occurs in Web sites. Someone will notice that their order confirmation page URL is something like example.com/orders/10023993 and wonders what happens if they try to access example.com/orders/10023994.

Solving the problem for order numbers is easy - a simple MAC code will suffice. It is easy to create a sparsely populated set of machine readable identifiers. Solving the problem for human memorable phrases is much harder.

Perhaps one way to go would be to take article titles from wikipedia (there are a couple of million).

Sunday, September 23, 2007

Moore on Memogate

James Moore confirms the critique I have made in the past of the blogstorm that surrounded the Rather story alleging that George W. Bush had gone AWOL during his National Guard service.

According to the bloggers the damming evidence was forensic, the memos have various features that did not exist on typewriters of the day. Only as it happens, yes they did and at least one of the memos produced by the Whitehouse and accepted as genuine does indeed have a superscript.

The real flaw in the story was the source of the memos. Bill Burkett had been peddling his claim that he had seen files relating to Bush's service deliberately destroyed for several years. When someone in that situation suddenly appears with a smoking gun just before an election, the correct response is extreme skepticism. Even if his original claim were true the temptation to 'replace' the documents he believed destroyed would be overwhelming.

Regardless there is a significant chance that we will now discover the truth of the matter. The US army keeps complete microfiche copies of all its records, if the Rather suit reaches the discovery stage the Rather team are certain to attempt to obtain them.

Saturday, September 22, 2007

The Clinton Cabinet

The 2008 Presidential race has one very odd feature. The Democratic primary is not so much a contest for who is going to form the administration as who is going to take which role within it.

Krugman notes that the Edwards and Clinton health care plans are practically identical. Barring a major change in the race it looks like a Hilary-Obama ticket. Which leaves Edwards out of a job unless he is offered and takes, say, the portfolio at Health or perhaps even Justice. Similarly Richardson seems to be somewhat tiring of his role as governor of New Mexico. He is a former UN ambassador and Energy Secretary, he would seem a natural choice as Secretary of State.

Unless Hilary stumbles badly her competitors for the nomination have to weigh the risks and benefits of going negative very carefully. Its not just the risk of a backlash from the base they have to worry about, they also risk the chance of plum jobs in the administration. Obama in particular must know that anyone elected as veep in 2008 is going to have poll position in the 2016 race.

All of which leads to a very different dynamic from the deathmatch that the GOP field are engaged in. Whatever happens it is a fairly safe bet that none of the front runners plan to pull any punches going into the final round.

Monday, September 17, 2007

Federal Prosecutor Arrested In Child Sex Sting

I find this story bizare. How could a Federal Prosecutor not know that he was probably walking into a sting operation?

Man dies after 3-day gaming binge

CNN.com

Sunday, September 16, 2007

The Cyber-run

The Northern Rock is facing a bank run. Withdrawals have already topped GBP 2 Billion.

The photograph shows people standing in line to withdraw their money. But in the age of electronic banking why not log in and send a wire? What when we reach the point where a bank run can be triggered by some blog post and takes place in hours rather than days?

Friday, September 14, 2007

Interesting political use of the Web

The The Goodspeed Ninth Street Vacant Property Survey shows an interesting use of the Web for community politics.

One of the oddest features of the US is large amounts of valuable property standing vacant in big cities. Speculators buy property cheap in run down areas and wait for someone else to rehabilitate the neighborhood causing the value of their property to soar. The problem is that speculators of this type tend not to have the resources to renovate the buildings themselves and in the meantime the empty buildings owned by speculators drag the neighborhood down.

Mapping out the empty buildings and publishing the results helps begin the process of renewal. One way to renovate the neighborhood would be for the council to buy up the empty properties using its eminent domain powers. Which is of course why property speculators of this type tend to be people wired into the local politics.

Throwing public light onto problems of this type makes it much more expensive to maintain the corrupt little circles of mutual interests that allow the situation to continue. In theory vacant properties are subject to a penalty tax, but this can be waived if the Mayor choses. Raising the issue makes waivers much more politically costly.

Of course the irony of the situation is that the speculators themselves are the ones who have the biggest interest in seeing the situation resolved. Their problem is synchronization. Prices will rise if there is an expectation that the neighborhood will be regenerated.

All in all a demonstration that there is much more to economics than free market theory.

Tuesday, September 11, 2007

The Move-On Advert

Given the unceasing attacks from the right-wing noise machine on the patriotism of anyone who might criticize the right in general or the George W. Bush administration in particular the move-on 'General Betray-Us' ad was hardly outside the boundaries set by the likes of Coulter and O'Riely.

The fiasco in Iraq is unremitting and I don't see anything particularly wrong in resorting to name calling if it has the intended political effect. The real question then is what Move-On's goal was and whether it was effective.

As Kevin Drum points out the Republicans in the Congressional hearing made the mistake of repeatedly referring to the move-on advert throughout the hearing, reminding viewers that Petraus had been called a liar and accused of peddling fudged statistics. There is an old rule in politics that you never repeat the accusation, even if you are denying it you are still repeating it.

The effect of the advertisement was to frame the argument in terms of a partisan divide. This is exactly what Move-On were seeking to do. Their objective being to stop the war, the interests of the Democratic party being secondary to that goal.

The real test is not what the immediate reaction to the advert is but how it is regarded in six months time. As Atrios notes, the war party has no real strategy except to keep kicking the can down the road six months at a time. By that time the only thing that is likely to be remembered of this round of hearings is the phrase 'General Betray-Us'. The Presidential election will be in full swing and the GOP nominee is going to have to either come out against the war or work hard to shift public opinion in its favor.

There is however another possibe motive here. Over the past few weeks there have been reports of a 'Patraeus 2012' campaign being floated. This would certainly make a lot of sense given the poor quality of their 2008 field. Of the 2008 GOP primary candidates only Romney is a likely 2012 contender and then only if he does not win the 2008 nomination and lose the general. McCain is already too old and this is Giuliani's only shot.

A draft Patraeus movement would make sense. But only if Patraeus is seen as an Eisenhower type figure standing above the partisan fray. He ceases to be electable if he becomes seen as a Colin Powell figure, a once honourable soldier who compromised his integrity by acting as a mouthpiece for a laundry list of fibs from the Bush Administration. If blocking this option was the goal of the Move-On ad they were successful.

Update: Should have thought of it earlier. The Republicans were not making a mistake, they were giving themselves an alibi. MoveOn have given them the perfect framing for their excuse if they decide to take it later on.

Update2: Yes, of course the talk of Patraeus 2012 would have been mooted as a way to raise his stature ahead of the hearings. But that does not mean it could not happen.

The answer is 42.

This site is certified 42% EVIL by the Gematriculator (via Michael Froomkin)

Monday, September 10, 2007

Quechup

Complaints have been circulating about the slimy spamming tactics of date service Quechup.

As often happens there is much debate of the question 'is this spam'. In particular focussing on the particular tactic of asking visitors to share their address book 'so they can see who else is signed up' and sing the list to spam everyone in the address book.

Quechup has since added a notice to tell people that this is what is going to happen. Does this stop the messages being spam?

The Quechup messages are indiscriminate and almost certain to be unwanted by the recipient. According to my definition that makes them spam.

Framing the definition of spam in terms of permission leads to the same conclusion but only after it is pointed out that Alice cannot give Mallet permission to spam Bob. I don't like using permission as the basis for a definition precisely because it allows this type of slippery tactic.

More importantly we have to act quickly to establish a better framework for online identity and sharing contact information in an intelligent fashion. If every Web 2.0 startup tries to create its own social network we are going to quickly become swamped with the signup requests.

Sunday, September 09, 2007

Short-termism in stock markets

Tim Berry makes a good point about the myopic reaction of the stock market to news of the iPhone price cut. That stock markets have a myopic short term view is hardly news, but if you are in the stock for the long haul you are not going to react to a short term price blip anyway.

From a strategy point of view it makes perfect sense for Apple to drop the price of its phone. But considering the $200 price drop to come entirely from Apple's pocket is ridiculous. AT&T now know that their two year exclusive deal with Apple has demonstrated potential to cause customers to switch networks. Those additional customers do not require a substantial increase in infrastructure investment, the additional revenues go straight to their bottom line. AT&T are certainly helping Apple drop the price.

Apple's costs per unit are unknown but certainly much less than their cost of manufacture. If sales of the iPhone had slowed to a trickle after the initial rush it would be because it is a niche product and the best strategy would be a high price. Apple's move looks to be tactical, dropping the price ahead of the Christmas and not merely a long term strategic move out of marketing to a high end niche.

Stock markets are notorious for their short termism. But how to fix it? The usual approach is to assign disproportionate voting rights to one class of share. This creates more problems than it solves, the management installed by the holders of the priority shares only needs to respond to their interests, not the actual owners of the company.

So how about this, the voting rights of shares depend on the length of time the shares are held. Every share gets at least one vote but a share that has been held for a year gets an additional vote, shares held for three years two additional votes and shares held for five years three additional votes. Long term shareholders have a greater say in the running of the business but no class of share is permanently disenfranchised.

Friday, September 07, 2007

How to do RSA according to uncyclopedia

Ingredients

You will need:


  • a prime number of millilitres of Exponential Potion
  • another prime number of millilitres of water
  • a totient, readily available from your local Euler's® store
  • a Sprig Of Modulo, which can't be too similar to the totient


Method

  1. Put the Exponential Potion and water into a cauldron and mix.
  2. Mix in the totient.
  3. Now, carefully sprinkle some ground Sprig Of Modulo into the mix.
  4. Set fire to the cauldron.
  5. Count how many frogs fly out. This is your public key.
  6. Count how many birds swim out. This is your private key.
  7. Count how many pieces the cauldron explodes into. This is your modulus.
  8. Call the fire department.

Wednesday, September 05, 2007

Don't the Police have better things to do with their time?

Like sit around in men's toilets waiting for Republicans?

Thursday, August 30, 2007

Some more gratuitous Craig jokes.

It seems that Republicans want gays to come out of the closet and into the cubicle.

[Mrs dotFuture found a variation of the following]

For years we have suspected that the Republicans have been screwing the country, but only now do we know why they sent the country down the toilet: thats where Republicans have sex.

Josh Marshall posted a link to this episode of Little Britain. It perfectly captures all the cliches of the political mea culpa: the concerned, smiling wife, the children draged out to speak to the media in front of a big house in a leafy suburb, the implausible explanation, feigning ignorance of the behaviour desribed 'a position that the arresting officer informs me is called', the assertion that the matter is closed.

Thursday, August 23, 2007

The Stone/Spitzer telephone call

The blogosphere is a-twitter discussing a crank call made by a GOP dirty tricks operative to Spitzer’s Father. Stone, a participant in the Watergate scandal, claims that the call was made by someone who broke into his appartment.

Stone's purported 'alibi' is implausible but difficult to disprove unless someone saw him at home when the call was made. It is unlikely that he would have made the crank call in front of a witness.

Stone has also pointed to the fact that CallerID spoofing might have been used, this is a considerably weaker claim since CallerID would only affect the number displayed on the receiver's telephone and not the records used for billing. In particular the billing records for Stone's telephone could not be affected by CallerID spoofing.

There are in fact ways that a fake call could be placed on Stone's line but the circumstances that would make it possible are not very likely to apply in this case and in any case a forensics expert would be alert for the possibility. If there was a PBX on the line a hacker could gain control of the PBX and use it to relay the crank call. This is unlikely to apply in this case since it was a residential line and even if a PBX relay had been used there would be two calls, one into the PBX and one going out that started and finished at about the same time.

Another possibility is that the call was made from a computer connected to the telephone line. In the age of broadband this is most implausible.

Yet another possibility is that there was an attack at the level of the telephone switching infrastrucutre. This is possible in theory but not the sort of thing that you can find pre-packaged attack tools for on the typical hacker site. It would be much easier to perform the burgalry.

In the end the quality of the circumstantial evidence matters rather less than the quality of the policing. Stone's story is not something that he can expect to be believed by the police. It is one thing to tell a bunch of bullshit to the press, quite another to tell a lie to the police - as Martha Stewart discovered. Methinks that unlike Scooter Libby the pardon cavalry is not going to ride for the likes of Stone.

Monday, August 20, 2007

At last some common sense on the sub-prime meltdown

trillion pounds of debt matter? Probably not.

Planning for war on Iran continues?

A friend of a friend just pointed out the following set of circumstances:

1. The authorization for use of force passed after 9/11 allows the President to take military action against 'terrorists'.

2. The Bush administration has announced its intention to declare the Iranian revolutionary guard a terrorist organization.

The establishment media has reported the designation as a tactical move to allow financial sanctions to be taken against the guard. This spin makes no sense as all Iranian assets have been subject to US sanctions since the Carter administration.

Using the designation to claim that the administration has a legal basis for commiting an act of war appears to me to be a much more likely explanation. If so we might well see the end of US superpower status before the next Presidential inaugural.

The military question is whether a supercarrier is still a viable military platform in the age of advanced surface to ship missiles. Specifically do the Iranians have armour piercing depleted uranium tips on their Chinese designed weapons? Even if the Iranians fail to sink a capital ship they have the power to close the Straits of Hormuz and to create an uprising in Iraq.

The political question is whether the Congress will wake from its slumber and decide that finaly it has had enough.

Friday, August 10, 2007

Online law suits

From the it had to happen department, Virtual Sex Machine Spawns Lawsuit

Wednesday, August 08, 2007

Bad science - Google Blackie

Mark Ontkush has caused something of a stir with his assertion that Black Pixels are the New Green Pixels. The idea is that a monitor takes more power to show a white pixel than a black one. So change the color of the Google home page from white to black and you stop global warming.

Only problem here is that Ontkush had not actually measured the amount of power typical monitors consume when displaying a black or a white pixel. And people who have report the opposite of what he claims when an LCD is involved. Ontkush has since expanded on his original post, but still not enough measurement.

What we need here is some science, as in actual measurement. Where is power consumed in the modern home? Is it in heating, lighting, electronic gadgets? Does a 42" LCD consume more energy than a traditional CRT telly? Are we targeting resources at the right culprits?

Another caveat that has to be applied here is the cost of air conditioning. If you live in a cold climate waste heat is a benefit, if yuou are paying to cool the building you pay for waste heat twice - once to create it, then to dispose of it.

Without measurement we have no way to tell.

For example, I strongly suspect that a drip filter coffee maker with a stainless steel carafe saves a considerable amount of energy with respect to a traditional glass pot standing on a warming plate. The stainless steel carafe keeps warm of its own accord, the warming plate version stays on for as much as two hours before turning itself off.

I can come to a pretty accurate evaluation of the costs/benefits of switching to a stainless steel carafe as an individual consumer. If the hotplate is consuming a hundred watts that makes 0.2 units per time coffee is made, at 5 cents a unit that is a cent per pot. Making two pots a day I save $7 a year. So it will be 3 years before I recover the $20 extra cost of the higher priced model.

On pure economics the stainless steel carafe does not pay back in terms of energy savings even on a pretty optimistic set of assumptions. In practice the payback is much faster because the glass carafes only last a couple of years before being dropped and cost $15 to replace, if this is actually possible.

If we are going beyond the individual consumer we have to consider a much wider range of issues, in particular how much energy does it take to make the glass carafe versus the stainless steel one? Manufacture of both materials is highly energy intensive.

The Brezhnev Doctrine

Last night I re-read the Brezhnev Doctrine. As time goes on I am more and more convinced that George W. Bush is the Leonid Brezhnev of the United States.

The Bush doctrine and the Brezhnev doctrine make essentially the same statement: oderint dum metuant (let them hate us but they must fear us). Both doctrines assert the 'right' to intervene to enforce a particular set of ill-defined ideological ends.

Ultimately it was the Brezhnev doctrine that brought down the USSR. Realizing the doctrine required the USSR to be placed on a permanent war footing. The civilian economy collapsed under the strain long before the invasion of Afghanistan demonstrated that the USSR was no longer even an effective military power. By this time Brezhnez was at the very least senile if not clinically brain dead and his subordinates were acting on their own.

This highlights another common aspect of both the Bush and Brezhnev doctrines, both are sweeping assertions of absolute power by weak leaders who mistake use of violence as a first resource as demonstrating resolution rather than cowardice.

A final point of comparison between the doctrines is that the point at which the doctrine is stated is usually the point at which it becomes inoperable. The US has operated what amounts to a Bush doctrine since WWII. If we ignore the dubious claim of furthering democracy, the interventions in Iran, Latin America, Africa, Asia all fit within the Bush doctrine mold, just as the suppression of the Hungarian uprising in 1956 fits that of the Brezhnev doctrine.

It only becomes necessary to state a supremacist doctrine after control is already slipping away. In the case of the US the military had never been stronger than the day before the invasion of Iraq. But in relative terms the US lead over other countries is considerably narrower. In 1980 a cruise missile represented the very peak of military engineering achievement. Today it is possible for hobbyists to construct them in their garage from off the shelf electronics.

Monday, August 06, 2007

Charles Fourier

Ideology is such good fun, take feminist pioneer Charles Fourier for example. When he proposed the idea that the extension of women's rights was a fundamental precondition to social progress the idea was considered lunatic fringe.

It is such a pity that such people have more than one idea. It is an unfortunate fact that a person can be both visionary and a crackpot.

And so to the idea of the twelve common passions leading to precisely 810 types of character. So the ideal community in Fourier's world would have precisely 1620 members.

The underlying idea is not entirely bogus, the idea of putting different personality types together is a favorite of modern management. But the realization is completely crackpot.

Monday, July 30, 2007

Buying a Home Theatre System

Sunday, July 29, 2007

What is the limit to digital photography?

My Nikon D50 and its 6 Megapixel chip is now old news, even the lowly D40x has a 10 megapixel chip. So what is the limit for digital photography? Will we need to go back to using 35mm film lenses on bigger chips to get higher resolution any time soon?

According to Wikipedia the DX film sensor is 23.7x15.7mm. The wavelength of red light is 700nm. Assuming that the wavelength of light turns out to be the limit for cell size we have an upper limit of 33,800 by 22,400 pixels or 760 Megapixels.

That allows for a 9'x6' print at 300 dpi or a 28"x19" high resolution 1200 dpi print.

While physics may well make it imposible to achieve the limit itself, electronics and smart interpolation will probably make up the difference.

A 760 Megapixel camera would be more than a match for the 8x10" film of large format cameras. The Nikon D200 is generally reconed to match if not surpass 35 mm film. Doing the math this means that the 760 Megapixel camera would be equivalent to 13x8".

Update: Mrs dotFuture tells me that the limit is two wavelengths. Apparently the proof has something to do with Fourier transforms. Which puts the resolution limit at about 190 Megapixels.

Wednesday, July 25, 2007

Palmer House Hilton

When a hotel charges $200 a night for a room I should not be woken up by a workman hammering at 8am two days in a row.

Tuesday, July 24, 2007

Waiting in lines

In the old days of the Soviet Union people used to spend their days waiting in line to buy food.

How may of the people waiting in line to buy Potter last Friday were waiting for an iPhone a few weeks earlier?

What is next month's must buy cultural event?

Monday, July 23, 2007

SPOILER! The end of Harry Potter

The folk at Slate are having difficulty with the end of Potter.

I think that the panel miss the point of Rowling's prophecy: 'Neither can live while the other survives'. The point is that Voldemort and Potter are both surviving rather than living. Both have spent the past 16 years in misery, the past 7 afraid that the other will destroy them.

Despite everything, Voldemort does have a way out: remorse. Redemption is possible even at the very end. If Voldemort feels genuine remorse he does not need to kill Harry and Harry does not need to kill him.

From a plot perspective Rowling plays fair. Voldemort is not destroyed by a deus ex-machina. The method of killing Voldemort is laid out in volume 6 and Rowling sticks to this. The scar was pretty obviously a horcrux. The new element that Rowling lays out is the means for Harry to survive.

At the point when Harry is blasted by Voldemort he is in posession of all three of the deathly hallows. He has the ring, cloak and the elder wand that blasts him recognizes him as the owner. Why shouldn't Harry survive when he is wearing a ring that allows him to recall people from the dead?

Due to the horcruxes Voldemort has to be killed eight times. It seems somewhat pikish to complain that he fails to kill Harry a second time with the same spell that failed the first time round. Voldemort decides that he has to kill Harry himself, which is somewhat illogical as all the evidence suggests that he is the only wizard who cannot kill Harry.

Airport Signs and the documentation problem

Arriving in at Chicago O'Hare this morning I leave the security area by means of the door marked 'Exit' directly opposite the escalators comming up from the walkway from the terminal. This seems to me a natural choice. The airport planners on the other hand do not.

In the airport planners view of the world passengers get off the plane and head straight to the baggage claim, whether they have bags to collect or not. And so there is no reason for a passenger standing in the departures hall to be told the location of ground transportation, and if it did this could wait until after the building work has been completed.

I point out the lack of signs to a customer service rep. "You should complain to the City of Chicago", she injudiciously opines. I point out that the City expects issues of this type to be raised by its tennants.

Finding a taxi may appear to be a trivial issue, but after getting up early the last thing you want to have to do on arrival is to spend ten unnecessary minutes walking about trying to find out information that should be easy to find. Consider the same situation with two small children who are up past their bed times after a long flight.

The same problem crops up again and again with computer system documentation. The information you need may be trivial, finding it is not. What separates an efficient programmer from a slow one is often the strategies that they use to find information that they do not immediately have at hand.

Often the response to questions is the one I got when asking the customer service representative 'not my job'. Often the conclusion is reached that the system is unnecessarily complex. But the real problem is that the right information is not available at the point where you need it.

One of the reasons that the GUI interface has largely supplanted the once ubiquitous command line is that the repetoire of commands is always on view. The user does not have to remember what the command to change font is called, the command is there in the menu. The problem with GUIs is that as the system becomes large, finding the command can become an exercise in itself. Why is the 'Insert Text' option in the menu called 'Edit' and not the one marked 'Insert'?

Finding a taxi is not a complex task, it is a simple task that is made unnecessarily difficult because the party responsible (United Airlines) did not make the necessary information available. I think that in a lot of cases 'complexity' is used as a cop-out, a way to avoid facing the fact that either the system implementation or design does npot provide the user with the information they need.

Sunday, July 15, 2007

Slow motion impeachment

History is full of unnecessary wars, wars that were undesirable for all concerned but happened nevertheless because the sides found themselves in a situation where war appeared to be the only course left.

If George W. Bush is impeached it will be as a result of a similar set of circumstances. It is not in the interests of the Democrats to remove a deeply unpopular and widely discredited President from office. But the administration is doing its best to ensure that they have no other choice.

At the center of the issue is the theory of the unitary executive, the doctrine that a Republican President is supreme above all other branches of Government. Needless to say, the doctrine does not apply to Democrats.

Having advanced this ludicrous theory for six years the Republican party is now in a bind. If they continue to support the Whitehouse they risk creating a precedent that they are likely to regret. Meanwhile the Whitehouse advances the peculiar view that the doctrine of separation of powers puts the executive branch above scrutiny or accountability.

In particular the attempt to cover up the Gonzalez/Rove/Whoever US Attorney firing mess is now threatening to make a worse situation into a disaster. Congress issues a subpoena, the Whiteouse thumbs its nose. The next step is contempt procedings which the Whitehouse appears to assume will not go anywhere as long as they get to pick who prosecutes whom.

The judicial branch handling of contempt proceedings is however a recent practice and one that Congress created for its own convenience. Congress can at any time hear a contempt of Congress case and pass sentence itself.

The breaking point then comes when Bush pardons whoever is found to be in contempt. It would be a foolish step to take, but one that it is hard to see Bush not taking. He has got away with so much, it is hard to see how he would back down.

The distinction that Bush, Cheney and Rove are unlikely to grasp is that the Republicans in the Senate may allow him to thumb his nose at the courts with the Libby pardon, but thumbing his nose at Congress is something else entirely.

The clock is running out, certainly. But as the clock runs out the Republican party is forced to look beyond the Bush administration and the Iraq fiasco and how they might rebuild their party. They might well prefer six months of a President Pelosi and a chance of keeping three or four seats in the Senate they would otherwise lose to six months of Bush scandals and a possible war with Iran.

By this time next year the GOP nominee is almost certainly going to be running against the Whitehouse. The Senate cacus will follow.

Thursday, July 12, 2007

What it takes to keep core DNS running

Scott Courtney recently gave a presentation on VeriSign's ATLAS system at the Google conference on scalability in Seattle.

The DNS runs without complaint despite constant denial of service attacks. This sometimes leads people to fail to understand just what it does take to keep core DNS running.

Military Papers Found Unprotected Online, Dozens Of Sensitive Documents That May Compromise Troop Security Found Available To Public - CBS News

It is quite amazing how frequently an obsession with keeping secrets goes with a
complete lack of interest in the technical and process controls necessary to protect those secrets.

Louis Freeh behaved in a similar way during the crypto-wars. For six years he waged a war against civilian use of strong cryptography on the grounds that it might impede law enforcement. In the aftermath of 9/11 it was discovered that at the same time Freeh had insisted on the right of the FBI to collect the information he had sabotaged FBI attempts to develop technology to deal with the information they already had.

What is important to these people is the sense of importance they get from knowing something that others are not allowed to know. Control of the information flow is an end in itself.

And the result is that the insurgents that the US is fighting now have complete access to a wealth of information that they should not and will be highly advantageous to them tactically.

We need strong DRM type enforcement techniques to prevent this type of data breach. But more important is an administration that cares about national security and not the protection of what it imagines is its privileges and perogatives.

Man flies 193 miles in lawn chair

What one idiot does, another will copy. If a third copies it becomes known as a sport.

Wednesday, July 11, 2007

Corn on the Palfrey records

Corns blog seems to be bloggered so I am posting my comments on his post here. Briefly Corn is plugging through the Palfrey phone records for a match and has found a number in the Senate and a Congressional aide.

There are other reasons the female aide might have called. There are not many services that offer male prostitutes for females. So there are straight women who use female prostitutes. it is also possible that her boyfriend or husband called the service or that she called them for a threesome.

Regardless, I don't think that there is a story there unless the aide was personally invovled in familiy values hypocrisy. Its considerably less justifiable than outing gay staffers working for politicians that oppose gay marriage.

In general though Corn is working through the list in the wrong direction. Instead of reverse engineering the list, get a list of home phone numbers for the Senators and congressmen. There are only 450 of those and you don't need to look at anyone who does not participate in the family values hypocrisy. You don't need to investigate Barney Frank for example.

Another tool people can use is Google. Try typing phone numbers into google and you will be amazed at how efficient it is at finding matches.

Innovation in crime certainly does not pay

Most criminals choose a modus operandi and stick to it as long as they can. Inventing a new attack is risky, particularly when the attack involves someone walking into a bank with a bomb strapped round their neck.

Bank staff are told to hand over the cash in the till and the ATM dyepack in a conventional bank robbery. Innovation creates a situation where the response of the bank staff and the police become unpredictable.

The unpredictability meant that the robbery never came close to suceeding. Letting a guy walk out of a branch with the money is not the same as letting someone walk around with a bomb. Public safety says let the first one go, but evacuate the bank and call the cops in the second.

What was predictable was that the police would do everything that they could to ensure that this novel attack did not succeed at any cost.

Tuesday, July 10, 2007

Why nobody can win the GOP nomination

Stick a fork in John McCain, whether it was abandoning the straight talk express to pander unconvincingly to the religious reich or walking in a flack jacket surrounded by half an armored division to pronounce Baghdad 'safe', he his campaign is over.

Meanwhile Guiliani's tenure as front runner looks distinctly unsure. GOP primary voters are unlikely to vote for a candidate who is pro-abortion and pro-gun control no matter how good he might appear to be on terrorism or law and order. Rudy's law and order credentials are already under fire due to his association with Bernie Kerick and his claim to be a forthright opponent of terrorism is at odds with his longstanding support for the IRA.

Romney has exactly the right policy platform for the religious right: opposed to abortion, gun control and gay marriage. The problem is that not very long ago he had exactly the right policy platform to be elected governor of Massachusetts and the two are not compatible.

Of the media frontrunners to date, Thompson is the most viable, but only because he is the least tested. Opposition researchers have already discovered that he was a mole for the Nixon Whitehouse during Watergate and lobbied for a pro-abortion group.

That does not leave many other viable candidates. Ron Paul is beginning to emerge as the Barry Goldwater candidate, but the party is only going to nominate him if they already know the election is lost.

No, I have not bought one.

Explanation of the Crooked Timber thread?

Recently there was a thread in Crooked Timber on Facebook Phishing. Clearly there was a criminal motive, but what. Naneesh Gaur at Diamond Consultants suggested that this story about immigration fraud might be the reason.

The timing is certainly suggestive, this is a relatively new attack and a new line in INS fraud makes a lot more sense than the suggestions I made.

Real Corporate Espionage : Its personal

Hilary's polster has entered soap opera teritory. Lawsuits, allegations of spying on blackberry email, the lot.

This is what real corporate espionage comes down to: petty and personal. Its not about money, its about jealosy and revenge.

Monday, July 09, 2007

Potter to die pt 2.

The hook for Potter hype is whether the wizard will survive or not. Since we know that there must be a surprise the outcome cannot be what we are led to believe.

Snape has to be a gonner. Either he has returned to Voldemort's side or he is playing a double game. He has to go in the denouement either way. Since we are told that two major characters get iced that leaves one to go, quite likely at the beginning to drive home the point that we are dealling with absolute evil here. I don't think that we will see Potter, Ron or Hemionne iced in the opening chapters.

Rowling's reason for killing off Potter is to stop people creating sequels. I don't think it would work because regardless of what happens to Potter the real nexus for the series is Hogwarts. All killing off Potter would do is to make it harder for Rowling herself to do sequels, but not by much. There would still be opportunity for prequels.

I would hazard a guess that for the past five years Rowling has thought only about finishing the Potter series off and not about what to do AP (After Potter). As soon as the manuscript is done the big question is 'whats next'.