Internet matters – Page 47 – a sibilant intake of breath

Dear Apple: please quit it with the sabotage

One of the worst things about Apple is how they sabotage their own products with software updates. The update for wrecking unlocked iPhones is a recent example, but there are plenty of others. I remember when they restricted iTunes so that only five people could access your library every time you booted up. That made sharing music on big local area networks (like university residences) a lot less effective. Also, I remember when they forced a volume limitation on my iPod Shuffle by means of an update. I don’t think there has been a useful feature added to iTunes for years, except maybe the automatic downloading of album art for songs in your existing libraries.

Now, I only install security updates on my Mac. Anything promising new features is just too risky.

Unlocking the iPhone

There is a lot of huffing and puffing going on about people ‘hacking’ the iPhone. At the heart of the matter are the twin definitions of the verb ‘hack’ that are not always well recognized. Many people take ‘hacking’ to mean malicious invasion of electronic systems, for instance in order to steal credit card numbers. An older definition of the word is simply to tinker with technology. In this sense, a ‘hack’ might be a clever modification of a bicycle or a mobile phone.

Apple has been exploiting all the hype about the iPhone to make highly preferential deals with individual carriers. This has happened in the US and UK already, doubtless with more to follow. These arrangements seem to benefit Apple and the carriers, but I doubt very much that they benefit the consumer. It is like Toyota building cars that can only be filled at Shell service stations, then trying to prosecute people who try to remove the restrictions, allowing them to be filled elsewhere. Just as the people own the cars and should thus be free to modify them in ways that do not endanger others, people who own iPhones should be able to tinker with them. Likewise, just as the Toyoto-Shell case is clear-cut collusion of the kind governmental competition authorities police, so too does the Apple-cell carrier situation.

Liability and computer security

One of the major points of intersection between law and economics is liability. By setting the rules about who can sue brake manufacturers, in what circumstances, and to what extent, lawmakers help to set the incentives for quality control within that industry. By establishing what constitutes negligence in different areas, the law tries to balance efficiency (encouraging cost-effective mitigation on the part of whoever can do it most cheaply) with equity.

I wonder whether this could be used, to some extent, to combat the botnets that have helped to make the internet such a dangerous place. In brief, a botnet consists of ordinary computers that have been taken over by a virus. While they don’t seem to have been altered, from the perspective of users, they can be maliciously employed by remote control to send spam, attack websites, carry out illegal transactions, and so forth. There are millions of such computers, largely because so many unprotected PCs with incautious and ignorant users are connected constantly to broadband connections.

As it stands, there is some chance that an individual computer owner will face legal consequences if their machine is used maliciously in this way. What would be a lot more efficient would be to pass part of the responsibility to internet service providers. That is to say, Internet Service Providers (ISPs) whose networks transmit spam or viruses outwards could be sued by those harmed as a result. These firms have the staff, expertise, and network control. Given the right incentives, they could require users to use up-to-date antivirus software that they would provide. They could also screen incoming and outgoing network traffic for viruses and botnet control signals. They could, in short, become more like the IT department at an office. ISPs with such obligations would then lean on the makers of software and operating systems, forcing them to build more secure products.

As Bruce Schneier has repeatedly argued, hoping to educate users as a means of creating overall security is probably doomed. People don’t have the interest or the incentives to learn and the technology and threats change to quickly. To do a better job of combating them, our strategies should change as well.

Geography and the web

While it certainly doesn’t have the best name, the concept behind heywhatsthat.com is a neat one. Using data from Google maps, it generates panoramas as seen from mountaintops and other high places. You can then identify the mountains that you see around you.

The interface definitely needs some work, but the site does suggest ways in which openly accessible storehouses of data – such as the position and altitude information available from Google – can be combined into novel tools.

exploreourpla.net is a similarly badly named but interesting site. It combines geographic data and images related to climate change. You can, for instance, view a satellite map of Western Europe overlaid with luminous dots showing the most significant greenhouse gas emitters.

Quantum computers and cryptography

Public key cryptography is probably the most significant cryptographic advance since the discovery of the monoalphabetic substitution cipher thousands of years ago. In short, it provides an elegant solution to the problem of key distribution. Normally, two people wishing to exchange encrypted messages must exchange both the message and the key to decrypt it. Sending both over an insecure connection is obviously unsafe and, if you have a safe connection, there is little need for encryption. Based on some fancy math, public key encryption systems let Person A encrypt messages for Person B using only information that Person B can make publicly available (a public key, like mine).

Now, quantum computers running Shor’s algorithm threaten to ruin the party. Two groups claim to have achieved some success. If they manage the trick, the consequences will be very significant, and not just for PGP-using privacy junkies. Public key encryption is also the basis for all the ‘https’ websites where we so happily shop with credit cards. If a fellow in a van outside can sniff the traffic from your wireless network and later decrypt it, buying stuff from eBay and Amazon suddenly becomes a lot less appealing.

Thankfully, quantum computers continue to prove very difficult to build. Of course, some well-funded and sophisticated organization may have been quietly using them for years. After all, the critical WWII codebreaking word at Bletchley Park was only made known publicly 30 years after the war.

For those who want to learn more, I very much recommend Simon Singh’s The Code Book.

Moral obligations to view advertising?

Normal users of the internet are frequently confronted with banner ads: often obnoxious graphics trying to hock all manner of products and services. More sophisticated users will now find themselves a bit surprised, when using a public computer, because they long ago stopped seeing these displays on their own machines. This trick is achieved through the use of the Firefox browser, the AdBlock plugin, and Filterset G. With these three pieces of code running, the vast majority of graphically based ads on the internet simply vanish.

Now, an editorial on CNet suggests that using such technology may be immoral. In effect, web sites are providing you with content in exchange for your pupils grazing ever-so-briefly across the advertisements that pay their bills.

While I don’t feel convinced one way or the other about the moral issues involved in this particular case, it is an interesting kind of moral problem. The nature of what is ‘theft’ in a digitized world remains an intensely disputed one. This is the fundamental product of going for a world where products cost a significant amount per unit (with additional costs for design) to one where things may cost a lot to design, but can often be copied for free. That goes for everything from pop CDs to New York Times editorials, and dealing with it is one of the more interesting legal and business issues of the present time.

Public broadcasters and the web

The existence of the internet changes the economic logic of public broadcasting. Where, at one point, the BBC was a collection of channels, each showing one bit of their vast archive at a time, now much of it is online. That creates a huge database of materials, paid for by taxpayers, and ideally free to be accessed without copyright concerns. Being able to view documentaries like Dangerous Knowledge upon demand is a notable benefit, and one not adequately captured by private sector content generators who are not concerned about societal benefits not captured in their profits.

If all the world’s national broadcasters and other public generators of knowledge would open up their libraries comprehensively, it could make the internet an even more valuable thing than it already is. Unfortunately, that process seems likely to be piecemeal and marked by set-backs. Witness the BBC iPlayer dispute.

Chevron’s climate game

Remember when the BBC came up with a climate change game? Well, now Chevron has done so, as well. Apparently, all the data in the game came from the Economist Intelligence Unit. The BBC game suffered a fair bit of well-deserved criticism. I have yet to give the Chevron simulation a comprehensive try, but I am waiting with a fair bit of curiousity for a chance.

You can read a bit more about the Chevron game on R-Squared: a popular energy blog.

[9 September 2007] This game doesn’t really have much to it. By constraining you to the management of a single city over the span of a couple of decades, it excludes both the chronological and geographic scale at which real change needs to take place. Still, it is interesting from a corporate public relations standpoint. Unsurprisingly, the game simply forbids you from using a power balance that excludes petroleum.

Web abuse

Spam is terribly frustrating stuff, partly because of how it is inconvenient and partly because of how it is a cancer that wrecks good things. (See previous: 1, 2, 3) The ideal internet is a place of free and honest communication. Spammers create the need for extensive defenses and scrutiny which take time to maintain and diminish that openness and spontaneity.

If you think the spam in your email inbox is bad, just consider yourself lucky that you do not also have to deal with comment and trackback spam on two blogs, a wiki, YouTube videos, and a half dozen secondary places. There are even phony marketing bots on Facebook now: keep your eyes peeled for ‘Christine Qian’ and ‘her’ ilk.

In the end, while decentralized approaches to spam management are time consuming and annoying, they are probably better than centralized systems would be. With the latter, there is always the danger of the wholesale manipulation and censorship of what is able to find its way online, or be transmitted across the web.

Flying in Googleland

Does anyone remember how Microsoft Excel 97 included a hidden flight simulator? Well, so does Google Earth.

The controls are here. I had to upgrade to version 4.2 before it would work.