Slashdot Mirror

A dog'n'pony show is that delightful moment where some $1000 suits and the investors wearing them politely demand to be shown why they've paid you a salary for the last three months without hearing anything back except "we're all working hard here" and "stop bothering us and it'll get done faster." You pray the software works as well now as it did at 5AM when you finally killed the last display bug and headed home for a quick shower. Just two words of advice: don't cheat. Like VisuaLABS did with its "tiled LCD screens," or the Pentagon with its "missile defense test," you'll get caught. ...or will you? Tell us your best demo war stories.

Thanks to coli for passing along last Thursday's press release from VisuaLABS. This is a company that has been telling investors that they have what they call "GroutFree(tm)" technology, which joins multiple LCD screens invisibly into one, large, flat screen.

On July 3rd, investors were wowed by the demo of the company's "42 inch diagonal flat screen display" prototype. Sheldon Zelitt, VisuaLABS' Chairman and Chief Scientist, said, "It was our great pleasure to share an early look at that technology with our loyal shareholders at the Shareholders' Meeting."

And on July 26th, we got another press release -- this one titled "VisuaLABS Announces That Its Primary Technologies Are Not As Represented And Dismisses Sheldon Zelitt." It turns out that "the large screen GroutFree prototype demonstrated at the Annual Meeting was, in fact, a standard 42 inch plasma television purchased by Sheldon Zelitt ... at a local Calgary consumer electronics retailer ... The Committee believes that no working prototype of a device incorporating the GroutFree technology exists."

While all this was going on, the Pentagon was busy launching two missiles and making them smack into each other. This is the missile defense justification, the one scientists say can't be done, the umbrella that will protect the U.S. and its allies from all those Third World dictators who just have to deliver their nuclear warheads the hard way.

The big test came on July 14, when a target missile (avoiding mishaps) was launched and successfully blown to pieces by its interceptor. Bush was "pleased." CNN showed us the debris radar. And Michael Kelly of the Washington Post stuck it to the "liberal critics," pointing out that "The 'Smart People' Were Wrong." As he wrote:

"In the blink of a video screen going blinding white on July 14, it became impossible to offhandedly disdain a missile defense system as 'weapons that don't work.' It does work."

Yep! So phase one of our missile defense plan is complete. Now we go on to phase two, which is to convince all our enemies to install GPS transmitters in all their missiles.

Oh, you didn't know the test missile had a GPS transmitter on board? Well, you do now.

My favorite part is that the test missile actually launched a Mylar balloon as "chaff" to try to fool the "kill vehicle." Luckily, the balloon didn't have GPS.

So what's your favorite dog'n'pony story? Ever had a demo fail in some especially embarrassing way? Ever cheated? Ever get caught? C'mon, you can tell us...

Update: 08/01 08:00 PM by J : I'm seeing a lot of discussion of the relevance of the GPS. Here's Defense Week which claims the "prototype interceptor was able to find a target warhead partly because the target signaled its location to the interceptor for much of the flight, and the transmissions formed the basis of the targeting orders."

And thanks as always to Slashdot readers for posting more information. monopole points out this link, or take your pick, this one -- they're plans from last year, but still interesting:

SR. DEFENSE OFFICIAL: And we take the GPS data, and we fuzz it up quite honestly, because GPS is a lot more accurate than radars. Okay? [...]

Q: Well, actually, would you then use the degraded GPS, or would you just the regular GPS that you use as a fallback -- (inaudible word)?

SR. DEFENSE OFFICIAL: (Inaudible.)

STAFF: Use the regular GPS.

SR. DEFENSE OFFICIAL: Regular GPS.

paladino writes: "The LA County Tax Collectors office wants to collect property taxes from Huges Electronics for the value of their satellites orbiting the earth. They say 'satellites are no different from other movable personal property that he has authority to tax.'" Perhaps LA will need to open a lot for satellites confiscated for non-payment, too. See also The Man Who Owned the Moon by Robert A. Heinlein. Update: 07/11 02:02 PM by J : OK, OK, it's The Man Who Sold the Moon - blame me for this one. Timothy foolishly trusted my brain. /me runs memtest86 on his cranium

iceT sent us a link to an article about Microsoft banning the GPL from be used w/ their Mobile Internet Tools beta. It's kinda tricky, but the article is really interesting (except I still don't really know what code I would get w/ the mobile internet tools beta). They specifically ban several Open Source licenses from being used with the toolkit. Update 1.5h later by J : Yes, we know we ran this a little while back but there are good quotes from NuSphere and Ximian in today's piece. C'mon, don't you want to read them?

Everyone and their brother sent in this unsurprising news: the Appeals Court handling the Microsoft anti-trust case has overturned the break-up decision. A few story URLs: CNet, BBC, ABC, AP, Reuters, MSNBC. The decision is available in .pdf format. A brief summary: the Findings of Fact (Microsoft's conduct, etc.) are still in place, but Judge Jackson's evaluation of those facts and the penalty he imposed are thrown out. A new District Judge will examine the case, starting from the Findings of Fact. Update 2h later by J : Dan Gillmor's analysis is good. So is this Washington Post column, which is insightful except it doesn't go far enough. It also shows MS CEO Steve Ballmer's attitude even before today's ruling: "Is there any limit to what you think you can put into the operating system at all?" "...as a matter of law, no, I don't think so..."

Graeme Turnbull writes: "As I was logging out of hotmail (shutup..) this evening, and as the Passport service automatically forwards me to ca.msn.com (knowing I originate from Ca), I noticed the headline 'Microsoft Uses Open-Source Code Despite Denying Use of Such Software.' The story is care of The Wall Street Journal. Due to the somewhat anti-MS tone of the article, I found it strange that this was linked from a MSN site!" Update: 06/18 by J : Several of our readers have pointed out an interesting allegation this morning at The Register: MSNBC doctors anti-MS WSJ story. Update: 06/18 by N : And several people @wsj.com have written to me to say that MSNBC picked up an early version of the story for syndication; this early version also appeared in the majority of the print runs for the WSJ. More details about half way down.

unFKNreal writes "A fellow by the name of Georgi Guninski has discovered a local root compromise in OpenBSD 2.8 & 2.9. He says its due to a race in the kernel, similar to the linux kernel race a few months back." The patch is out as of a few hours ago. Even a BSD newbie like me got his firewall patched and rebooted with no problem, after taking a moment to reread the patching instructions and kernel rebuild FAQ. The bad news: the hole was posted to bugtraq Thursday morning, with exploit code, so the black hats had a jump on you (sadly, note the date Guninski says OpenBSD was informed). If your system has any users you don't fully trust, check it over carefully after you patch! Update 3h later by J : Apparently NetBSD is affected too, and a fix is in-tree.

Keith Henson was arraigned on charges of "misdemeanor terrorism" last September. Last month the jury deadlocked on those charges, but convicted him of making threats to interfere with the constitutional privilege of enjoying religious freedom. He was not present at his sentencing hearing yesterday and is a fugitive from justice, apparently planning to claim asylum in Canada. If you've ever flamed anyone in an online forum, and think you have a right to carry a picket sign, you need to study this miscarriage of justice. Details below. Update by J : freehenson.tripod.com has been taken down, so I'm linking to a mirror.

"Religious bigotry will not be tolerated in Riverside County," was a Scientology spokesperson's reaction to the verdict.

That's basically the problem right there. The First Amendment gives me the right to be a bigot as long as I don't hurt or threaten anyone. You don't have to like my opinions, but you do have to tolerate them.

If you've ever hung out in an online forum, you'll probably get deja vu reading this Usenet thread. The first message posted is a description of cruising past some Scientology related buildings, complete with GPS coordinates for whatever reason. It's written as a self-mocking, satirical sendup of spy movies. The remainder of the thread is jokes in the same vein.

The question is whether this running gag about "Tom Cruise Missile Coordinates" (get it?) could be taken seriously enough to qualify as a threat under Section 11415 of the California Penal Code.

As I read the recently-passed law, if you go along with the jokes about the "handheld laser guidance system," you might be a terrorist:

Any person who knowingly threatens to use a weapon of mass destruction [including] by means of an electronic communication device, is to be taken as a threat, even if there is no intent of actually carrying it out ...

The fact that the person who allegedly violated this section did not actually possess a biological agent, toxin, or chemical weapon does not constitute a defense to the crime specified in this section.

The victim of said terrorism must have been in "sustained fear" of the threat being carried out. And how does the law know your victim was in sustained fear? Because he or she evacuated the building -- or took "any other action."

Here's what Henson says. In this case, the Scientology organization's legal team managed to bar any evidence from being presented about why Henson was picketing the Scientology location (because of two unusual deaths within a month).

Nor was the context of the above thread, or context of Henson's other Usenet posts, allowed to be introduced. For example, the jury could not see the context of the above thread; they only saw Henson's contribution to the running gag:

Modern weapons are accurate to a matter of a few tens of yards. The terminal guidence ones are good to single digits.

Of the next quote, the jury was only allowed to see the first sentence, not the second:

The only way I can get clear of this scientology mess is to "destroy them utterly." So: This week I will be back picketing gold base.

And you can decide what you think his third quote means, but again you have the advantage of its context being just a click away:

PPS Killing the organization off entirely is the best way to change the future of Scientology.

Worse still, according to Henson's at-the-time lawyer, whether these statements caused fear in some Scientologists was decided not by the statements he actually made, but by hearsay versions they got from others. He points out that Scientology's censorware package ("Scienositter") would have blocked the original Usenet posts anyway:

...cult members, who are not allowed access to the Internet and are actively prevented (by the Church of Scientology "net nanny") from reading the newsgroups on which Henson posts, may have an unreasonable and irrational fear based on unreasonable and out of context statements of which they were informed selectively, but which they did not read.

So picture Keith Henson's situation. He feels strongly about his particular cause. He peacefully carries a picket sign. He exercises his First Amendment right to post on Usenet about what he's doing and why -- and in so doing he uses sentences and phrases which, in context, clearly are not threats, but out of context could be construed that way.

Dragged into court, all context is stripped away and -- while he narrowly escapes conviction as a domestic terrorist -- he is convicted of using the threat of force against people who may never have actually read what he wrote.

If you're smart, you'll take Henson's case as a warning. You'll think about what your own statements would look like, with their context totally removed, and in the harsh spotlight of a courtroom. Do you really need to post that joke, or wouldn't the judge find it funny?

You'll soften up your opinions just a little, trying not to change what you mean while trying to change what you could be twisted to mean.

Maybe it's not such a great loss for you or me; we're not great writers anyway, and if we censor ourselves before hitting Save, maybe that's not the end of the world. We weren't really going to use that First Amendment right anyway, you know?

But somewhere out there is a Mark Twain who's had it up to here and is poised to pen a caustic attack on a religion which will become an important classic. As of yesterday, Mark's a bit more likely to live in Canada.

A number of people have asked about getting Slashdot on their Palm VIIs and such -- now the people at DigitalPaths have put together a Palm Query App. Download, install, and soon you too will be able to better justify your wireless Palm bill and test your provider's capacity. The best part of the app, IMHO, is the ability to specify the amount to download, so no nasty throughput surprises with an 800-comment story. And as completely unbiased source jamie says, that makes it better than Slashdot's light mode, but "of course, a starved, feral orangutan with razor-sharp claws and a taste for blood let loose in a daycare would be better than light mode." Thanks to DigitalPaths for their work.

nilstar writes: "Cnet has a story here about how Microsoft will revamp its "draconian" privacy policy. Better yet.... how about we get a warning on the bottom of the IE6 window saying that this site's privacy policy is unnacceptable every time someone logs on to a passport site." Looks like it has already been changed. Update 10AM EST by J : Make sure to check out the Wired story too. Jason Catlett of Junkbusters nails it: "if Microsoft doesn't know what's in its own terms of service regarding personal information, then what hope do its customers have for the privacy of their own information?"

mansoft was one of several to send us a followup to last week's story about the massive MSIE/Outlook security hole. He points us to this Wired news article: "Your computer may not be protected against a recently discovered and dangerous security hole -- despite all claims to the contrary from Microsoft." Ack! If you tried the patch and got the message, "This update does not need to be installed on this system," you may need to upgrade your IE and re-patch. I'm amazed at how poorly this has been handled. I'll be even more amazed if there is no fallout. If Melissa or ILOVEYOU had been able to install backdoors as they spread, that would have really, really sucked. Update: 04/03 04:24 PM GMT by J : According to this Wired story, Microsoft was given six weeks of silence to prepare and issue the patch.

hayfever writes: "Catch the scoop. The Indianapolis Star is reporting here that the US 7th Circuit Court of appeals has overturned the Indianapolis ordinance banning violent video games from arcades (see previous Slashdot article here)." Findlaw has the decision, and there are some really good lines in there: "To shield children right up to the age of 18 from exposure to violent descriptions and images would not only be quixotic, but deforming; it would leave them unequipped to cope with the world as we know it." Update: 03/24 10 AM EST by J : The contrast is striking. The same day, our new Attorney General John Ashcroft released a statement: "Ashcroft on school shootings: Video games are part of the problem." Gun control? He prefers thought control: "We have to exhibit responsibility in other ways, so that the culture inhibits or restrains this impulse."

lines writes "I was amazed to find out that the Mandelbrot Set was discovered by a 13th century monk -- way, way before the advent of non-human computers. Apparently, a mathematician spied a mini-mandelbrot masquerading as the Star of Bethlehem in an illuminated manuscript's depiction of the Nativity scene. It turns out that this particular monk, Udo of Aachen, was attempting to mathematically describe a soul's path to Heaven. (For those unfamiliar with it, here's a quick introduction to the Mandelbrot Set.)" Update 30 mins later by J : Yes, this is an old April Fool's joke - and a cleverly done one, too.

High school is bizarre enough, but a private high school is an environment uniquely removed from reality. S. and G., two sophomores at such a school in one of the United States' hot technology corridors, put up a couple of private websites with their unflattering thoughts about the school experience. Last week those sites got them suspended for two days. Worse -- because he wasn't familiar with the distinction between perl's scalar and list context, S. now has a police record. Update: 03/14 10:49 PM by J : We had some database trouble in the last couple hours, but all the comments seem to be back... whew.

These two 15-year-old friends are well-spoken; self-described geeks, they choose their words deliberately, with a minimum of "um." I'm using their initials instead of names because they don't want more trouble than they're already in. Their school has rules against disparaging its reputation, and they have learned their lesson from last week -- so you won't learn from me who they are, or which school it is they go to.

Let's get the code out of the way here, as a public service to students everywhere thinking about putting up a website of their own. Every perl expression has a context: scalar or list. (And for the rabid purists among you, who will flame me if I don't mention these, the other possible contexts are boolean, void, and interpolative.)

Many operators behave differently depending on context: in this case, the backtick. The statement:

my($f) = `fortune`;

...puts the backtick operator in list context, so it returns a list, where each element is one line from the program's output.

S. wants to be a developer when he graduates; he certainly has the most important thing down, which is to always be exploring and learning new things. In the process of converting his website from PHP to perl for no especially good reason, he wrote the above line.

If he had written the code correctly:

my $f = `fortune`;

...the backtick operator would have been in scalar context, assigned its complete result to $f for printing, and you wouldn't be reading this sad story.

Last week, the administrators at his school just happened to take a look at his webpage when fortune pulled up this quote:

I put the shotgun in an Adidas bag and padded it out with four pairs of tennis socks, not my style at all, but that was what I was aiming for: If they think you're crude, go technical; if they think you're technical, go crude. I'm a very technical boy. So I decided to get as crude as possible. These days, though, you have to be pretty technical before you can even aspire to crudeness.
- Johnny Mnemonic, by William Gibson

Because only the first line about the shotgun was stored in $f and shown on the webpage, it wasn't immediately obvious that this was a quote.

Visions of kids with shotguns in Adidas bags must have gone through someone's head. The school went into a sort of a crisis mode. Later they would mention that this wouldn't have been an issue if there hadn't been school shootings elsewhere in the country just a week prior.

The sophomores were called down to the office separately for questioning, one at a time, each of them without being told the other had been there. Each of them separately explained that fortune is a unix program that returns random quotations, and each of them told me that the administrators scoffed. "You're saying all these big companies that use unix, like Sun, have this fortune program?"

I assume the staff knew better and was just trying to find holes in the kids' stories, because apparently they had reloaded the page dozens of times and, of course, had gotten a new quote each time. After being released, G. got in touch with their Advanced Placement Computer Science teacher, who is, it sounds like, one of the few authority figures working for the Light Side of the Force. Her explanation of fortune was, finally, believed.

But the police had been called anyway, just to be on the safe side.

The suspension portion of the kids' punishment, carried out last Thursday and Friday, was actually over a separate website, one whose domain name contained the school's name and the Fword. This is a word, by the way, which G. obviously typed in to register the domain but which he was too polite to use over the phone. By the time we hung up, he had me embarrassed for saying it.

The site was very private, all things considered. He and S. had only told a few friends. And they'd done their homework, going over the referer logs to see who knew about it, and making sure the search engines didn't index it. They even banned the school's proxy by IP. As G.'s father later said, "it was the analogue of students in middle school passing a note back and forth. It was never meant to be in the public eye."

But it was disparaging of the school and it was, after all, a publicly available website. That's against the rules. The two shared joint responsibility, so they were both suspended.

Personally, I think a school's job is to teach not just the three R's, but also participation as a citizen in our Republic. That may be more important. For a school to teach freedom as a dry document while crushing student dissent is a waste.

It's legal, of course. The First Amendment doesn't apply to private schools. They can make whatever rules they want. Rules like theirs are great for raising robots. But anyone who's going to make a difference in this world is going to have to be comfortable with laughing at authority.

Unfortunately, the message the administration is sending gets heard. When I asked G. what he thought about being suspended for venting about his school, he told me he just didn't want to fight it. He said he might have felt differently a year ago, but now, "I don't know if it's from brainwashing or just not wanting to get expelled, but ... I just want it to be over." I can't blame him.

And S. said he understood the school's point of view. "People who were thinking about attending [his school] might see the site and think that they might not want to attend. ... I guess they do have reason for concern, because what if it shows up on a search engine."

S.'s family moved from Russia to the United States when he was four. His father painted for me an interesting picture of the interrogation by the police officers who were called to the school. Keep in mind that S. had already been told by his school that he fit the profile of a potential killer.

The police questioned them for a couple of hours. The "killer" profile was brought up again. Questions were raised about S.'s psychological state, whether he had made threats before, and whether the family had guns in the house.

His father repeated to me twice, as if he couldn't quite believe the whole thing had actually happened, that the police gave him a case number and are keeping the report on file. "I grew up in an environment," he told me, "where they are labeling people and where there is a witch hunt." He brought up McCarthyism. Eleven years in the States had led him to believe that this kind of thing doesn't happen here, or at least not anymore. I wish he were right.

The moral of the story is to be careful when passing notes to your friends. And believe the Camel when it says -- third edition, page 69 -- "You will be miserable until you learn the difference between scalar and list context."

zarsky99 writes: "EETimes is reporting that Japanese researchers are close to creating the world's first single-atom transistor. This could be a boon to power problems and Moore's Law. The article is here, and please enjoy. Now if they could only get a single girl to date me." OK, you take the transistor, I'll take the girl ;) J adds: For those of you graphing Moore's Wacky Law: November1999, 50nm; November1999, 18nm; October2000, 1nm; December2000, 30nm; five days ago, 30nm. We don't make the semiconductors, we just report 'em.

Wanker writes "An Eastern European hacker group has spent the last year systematically exploiting known bugs in IIS to steal customer and credit card info. Read about it at the SANS security site." Says SANS, "The FBI and Secret Service are taking the unprecedented step of releasing detailed forensic information from ongoing investigations" of the IIS, MS SQL Server and Windows NT breakins. We don't normally post news about exploits, but the scale here is massive: more than a million credit cards have been taken in a blackmail-extortion operation that has been going on for a year. Speculation is welcome as to why NT sysadmins don't install service packs for known vulnerabilities... Update: 03/09 03:37 AM GMT by J : Microsoft says, Don't Be A Victim!.

If you are an NT admin or know someone who is, note especially:

"Within a day or two, the Center for Internet Security will release a small tool that you can use to check your systems for the vulnerabilities and also to look for files the FBI has found present on many compromised systems...

"The Center's tools are normally available only to members, but because of the importance of this problem, the Center agreed to make the new tool, built for the Center by Steve Gibson of Gibson Research) available to all who need it."

One year ago, we ran a story about the effects of Napster on the RIAA's 1999 profits, which Michael gave the great title: "Pirates Steal Negative $1,400,000,000 from Music Industry." It's a year later, the new numbers are out, and the RIAA is lying through their pointy little teeth about them. The AP wire story's second paragraph says "Sales of music compact discs fell by 39% last year," which they would have quickly seen was a blatant lie if they'd bothered to look at the numbers. Fortunately, Slashdot is here to bust up the spin. Keep reading, if you aren't afraid of numbers.

(Update one hour later by J : The story was on the AP wire, e.g. here, so it's not the BBC's fault. It was unfair of me to single out the Beeb when they just happened to be the source the submittor submitted this morning.)

The RIAA's figures were released last week, but the AP story was delayed until Monday, when the story would get the most exposure.

CD sales plummeted last year in the U.S. and record industry officials say the figures prove that Napster, the Internet music-sharing service, has harmed their business.

Sales of music compact discs fell by 39% last year according to the Recording Industry Association of America (RIAA).

"Napster hurt record sales," said RIAA president Hilary Rosen.

This article reads like it might have been ghost-written by someone from the record industry. It isn't until paragraph ten that journalistic integrity kicks in enough for the AP to quietly mention what they're actually talking about:

Some experts say [sic] the drop of CD singles as being part of an industry-wide slump, due to economic factors and a weak year musically. (Emphasis mine.)

That's right, CD singles. Unit sales for the singles were down 39%, revenue down 36% (they raised prices, of course).

And CD singles account for how much of the RIAA's profits?

Not quite one percent.

Yes, that's right: they lost 36% of 1% of their profits.

And the news media is reporting it as a 39% loss.

The facts are that their "CD sales" are up this year, even over last year's stunning performance. The RIAA increased the average price of a full-length CD from $13.65 to $14.02, and still managed to sell 3,600,000 more of them.

Total profit increase on this, the core of their business, was 3.1%, or just shy of an extra $400,000,000.

But full-length CDs only account for 92% of the RIAA's revenue. They did have weak performance in the other 8%. CD singles, as already noted, dropped revenue by 36%. But the real casualty percentage-wise was cassingles, which lost over 90% of its revenue from last year.

Gee, why could that be? Maybe because nobody wants them?

In fact, the RIAA's only real money-losing format of any significance was cassettes, which, along with music videos, were the only format actually cut in price. Cassette revenue dropped $436 million.

Wait a minute, what am I saying? "Money-losing"? They aren't losing money on cassettes -- they're just not raking it in this year as fast as last year. And gee, why might that be? Again, because nobody wants them?

And it's not like the RIAA is struggling to get by on slim profits. The big picture is that, in the last nine years, they have tripled their annual income.

But they are desperate to spin this as a loss. The actual fact is that their total revenue is down 1.8% from 1999. Last year, they made $14,584,500,000. This year, they made $14,323,000,000.

But how could they blame Napster if they told the truth? What would they say? "Napster is killing us! Our income is down almost two whole percent! We are only pulling in $14,323,000,000 this year!"

That probably wouldn't fly.

Especially because in the three categories which Napster has precisely zero effect on -- cassettes, vinyl, and music videos -- their combined year-to-year loss was $579.5 million.

That's right. In the digital formats which Napster can trade, they are making more money: $318,500,000 more revenue. In the analog and video formats where Napster is irrelevant, they are making less money: $579,500,000 less revenue.

That's the real story here.

But don't trust the press to report this one fairly. Don't trust the RIAA's press release. Go read the RIAA's numbers yourself.

(Hell, don't even trust those numbers -- they don't add up. I was silly enough to type them into a spreadsheet, and someone over there has some problems doing simple arithmetic. Their 1998 total revenue includes the DVDs twice.)

The RIAA is desperately trying to spin this so that they won't look like greedy bastards for turning down Napster's offer of a billion dollars over the next five years.

If they just took that generous offer, then -- in a year that the AP wire suggests might be an "industry-wide slump, due to economic factors and a weak year musically," and in a year for which Bertlesmann admits "we didn't put that much good stuff out" -- their revenue would only be down $111,000,000 from last year. And that would have been $750,000,000 more than they made in 1998.

But that isn't enough for them.

Why would anyone think the RIAA is greedy? They just want what's coming to them.

(Update one hour later by J : Mea culpa. Three paragraphs up, I originally calculated the numbers as if the billion dollars was all applied in one year; that isn't so. The billion would have been applied equally over the next five years. Actually it probably wouldn't have been applied to year-2000 revenue at all, so it's more of a rhetorical point than anything. Thanks to dachshund for pointing out that it wasn't a lump-sum payment.)

(Update four hours later by J : The AP wire seems to have updated its story, now stating explicitly that it's CD singles, not "CDs," which dropped 39%. I see factually correct versions now at CNN, Salon, Yahoo, and wire.ap.org (search on Napster). The BBC version is still incorrect. In my opinion, the new versions are still misleading. Focusing on a large percentage drop within a subcategory which is a tiny percentage of the whole is a classic example of how to lie with statistics. But compare this to the RIAA's press release, claiming that CD singles had "flat growth in '98 and '99," though 1998 revenue actually dropped 22% -- that's just plain lying.)

One year ago, we ran a story about the effects of Napster on the RIAA's 1999 profits, which Michael gave the great title: "Pirates Steal Negative $1,400,000,000 from Music Industry." It's a year later, the new numbers are out, and the RIAA is lying through their pointy little teeth about them. The AP wire story's second paragraph says "Sales of music compact discs fell by 39% last year," which they would have quickly seen was a blatant lie if they'd bothered to look at the numbers. Fortunately, Slashdot is here to bust up the spin. Keep reading, if you aren't afraid of numbers.

(Update one hour later by J : The story was on the AP wire, e.g. here, so it's not the BBC's fault. It was unfair of me to single out the Beeb when they just happened to be the source the submittor submitted this morning.)

The RIAA's figures were released last week, but the AP story was delayed until Monday, when the story would get the most exposure.

CD sales plummeted last year in the U.S. and record industry officials say the figures prove that Napster, the Internet music-sharing service, has harmed their business.

Sales of music compact discs fell by 39% last year according to the Recording Industry Association of America (RIAA).

"Napster hurt record sales," said RIAA president Hilary Rosen.

This article reads like it might have been ghost-written by someone from the record industry. It isn't until paragraph ten that journalistic integrity kicks in enough for the AP to quietly mention what they're actually talking about:

Some experts say [sic] the drop of CD singles as being part of an industry-wide slump, due to economic factors and a weak year musically. (Emphasis mine.)

That's right, CD singles. Unit sales for the singles were down 39%, revenue down 36% (they raised prices, of course).

And CD singles account for how much of the RIAA's profits?

Not quite one percent.

Yes, that's right: they lost 36% of 1% of their profits.

And the news media is reporting it as a 39% loss.

The facts are that their "CD sales" are up this year, even over last year's stunning performance. The RIAA increased the average price of a full-length CD from $13.65 to $14.02, and still managed to sell 3,600,000 more of them.

Total profit increase on this, the core of their business, was 3.1%, or just shy of an extra $400,000,000.

But full-length CDs only account for 92% of the RIAA's revenue. They did have weak performance in the other 8%. CD singles, as already noted, dropped revenue by 36%. But the real casualty percentage-wise was cassingles, which lost over 90% of its revenue from last year.

Gee, why could that be? Maybe because nobody wants them?

In fact, the RIAA's only real money-losing format of any significance was cassettes, which, along with music videos, were the only format actually cut in price. Cassette revenue dropped $436 million.

Wait a minute, what am I saying? "Money-losing"? They aren't losing money on cassettes -- they're just not raking it in this year as fast as last year. And gee, why might that be? Again, because nobody wants them?

And it's not like the RIAA is struggling to get by on slim profits. The big picture is that, in the last nine years, they have tripled their annual income.

But they are desperate to spin this as a loss. The actual fact is that their total revenue is down 1.8% from 1999. Last year, they made $14,584,500,000. This year, they made $14,323,000,000.

But how could they blame Napster if they told the truth? What would they say? "Napster is killing us! Our income is down almost two whole percent! We are only pulling in $14,323,000,000 this year!"

That probably wouldn't fly.

Especially because in the three categories which Napster has precisely zero effect on -- cassettes, vinyl, and music videos -- their combined year-to-year loss was $579.5 million.

That's right. In the digital formats which Napster can trade, they are making more money: $318,500,000 more revenue. In the analog and video formats where Napster is irrelevant, they are making less money: $579,500,000 less revenue.

That's the real story here.

But don't trust the press to report this one fairly. Don't trust the RIAA's press release. Go read the RIAA's numbers yourself.

(Hell, don't even trust those numbers -- they don't add up. I was silly enough to type them into a spreadsheet, and someone over there has some problems doing simple arithmetic. Their 1998 total revenue includes the DVDs twice.)

The RIAA is desperately trying to spin this so that they won't look like greedy bastards for turning down Napster's offer of a billion dollars over the next five years.

If they just took that generous offer, then -- in a year that the AP wire suggests might be an "industry-wide slump, due to economic factors and a weak year musically," and in a year for which Bertlesmann admits "we didn't put that much good stuff out" -- their revenue would only be down $111,000,000 from last year. And that would have been $750,000,000 more than they made in 1998.

But that isn't enough for them.

Why would anyone think the RIAA is greedy? They just want what's coming to them.

(Update one hour later by J : Mea culpa. Three paragraphs up, I originally calculated the numbers as if the billion dollars was all applied in one year; that isn't so. The billion would have been applied equally over the next five years. Actually it probably wouldn't have been applied to year-2000 revenue at all, so it's more of a rhetorical point than anything. Thanks to dachshund for pointing out that it wasn't a lump-sum payment.)

(Update four hours later by J : The AP wire seems to have updated its story, now stating explicitly that it's CD singles, not "CDs," which dropped 39%. I see factually correct versions now at CNN, Salon, Yahoo, and wire.ap.org (search on Napster). The BBC version is still incorrect. In my opinion, the new versions are still misleading. Focusing on a large percentage drop within a subcategory which is a tiny percentage of the whole is a classic example of how to lie with statistics. But compare this to the RIAA's press release, claiming that CD singles had "flat growth in '98 and '99," though 1998 revenue actually dropped 22% -- that's just plain lying.)

One year ago, we ran a story about the effects of Napster on the RIAA's 1999 profits, which Michael gave the great title: "Pirates Steal Negative $1,400,000,000 from Music Industry." It's a year later, the new numbers are out, and the RIAA is lying through their pointy little teeth about them. The AP wire story's second paragraph says "Sales of music compact discs fell by 39% last year," which they would have quickly seen was a blatant lie if they'd bothered to look at the numbers. Fortunately, Slashdot is here to bust up the spin. Keep reading, if you aren't afraid of numbers.

(Update one hour later by J : The story was on the AP wire, e.g. here, so it's not the BBC's fault. It was unfair of me to single out the Beeb when they just happened to be the source the submittor submitted this morning.)

The RIAA's figures were released last week, but the AP story was delayed until Monday, when the story would get the most exposure.

CD sales plummeted last year in the U.S. and record industry officials say the figures prove that Napster, the Internet music-sharing service, has harmed their business.

Sales of music compact discs fell by 39% last year according to the Recording Industry Association of America (RIAA).

"Napster hurt record sales," said RIAA president Hilary Rosen.

This article reads like it might have been ghost-written by someone from the record industry. It isn't until paragraph ten that journalistic integrity kicks in enough for the AP to quietly mention what they're actually talking about:

Some experts say [sic] the drop of CD singles as being part of an industry-wide slump, due to economic factors and a weak year musically. (Emphasis mine.)

That's right, CD singles. Unit sales for the singles were down 39%, revenue down 36% (they raised prices, of course).

And CD singles account for how much of the RIAA's profits?

Not quite one percent.

Yes, that's right: they lost 36% of 1% of their profits.

And the news media is reporting it as a 39% loss.

The facts are that their "CD sales" are up this year, even over last year's stunning performance. The RIAA increased the average price of a full-length CD from $13.65 to $14.02, and still managed to sell 3,600,000 more of them.

Total profit increase on this, the core of their business, was 3.1%, or just shy of an extra $400,000,000.

But full-length CDs only account for 92% of the RIAA's revenue. They did have weak performance in the other 8%. CD singles, as already noted, dropped revenue by 36%. But the real casualty percentage-wise was cassingles, which lost over 90% of its revenue from last year.

Gee, why could that be? Maybe because nobody wants them?

In fact, the RIAA's only real money-losing format of any significance was cassettes, which, along with music videos, were the only format actually cut in price. Cassette revenue dropped $436 million.

Wait a minute, what am I saying? "Money-losing"? They aren't losing money on cassettes -- they're just not raking it in this year as fast as last year. And gee, why might that be? Again, because nobody wants them?

And it's not like the RIAA is struggling to get by on slim profits. The big picture is that, in the last nine years, they have tripled their annual income.

But they are desperate to spin this as a loss. The actual fact is that their total revenue is down 1.8% from 1999. Last year, they made $14,584,500,000. This year, they made $14,323,000,000.

But how could they blame Napster if they told the truth? What would they say? "Napster is killing us! Our income is down almost two whole percent! We are only pulling in $14,323,000,000 this year!"

That probably wouldn't fly.

Especially because in the three categories which Napster has precisely zero effect on -- cassettes, vinyl, and music videos -- their combined year-to-year loss was $579.5 million.

That's right. In the digital formats which Napster can trade, they are making more money: $318,500,000 more revenue. In the analog and video formats where Napster is irrelevant, they are making less money: $579,500,000 less revenue.

That's the real story here.

But don't trust the press to report this one fairly. Don't trust the RIAA's press release. Go read the RIAA's numbers yourself.

(Hell, don't even trust those numbers -- they don't add up. I was silly enough to type them into a spreadsheet, and someone over there has some problems doing simple arithmetic. Their 1998 total revenue includes the DVDs twice.)

The RIAA is desperately trying to spin this so that they won't look like greedy bastards for turning down Napster's offer of a billion dollars over the next five years.

If they just took that generous offer, then -- in a year that the AP wire suggests might be an "industry-wide slump, due to economic factors and a weak year musically," and in a year for which Bertlesmann admits "we didn't put that much good stuff out" -- their revenue would only be down $111,000,000 from last year. And that would have been $750,000,000 more than they made in 1998.

But that isn't enough for them.

Why would anyone think the RIAA is greedy? They just want what's coming to them.

(Update one hour later by J : Mea culpa. Three paragraphs up, I originally calculated the numbers as if the billion dollars was all applied in one year; that isn't so. The billion would have been applied equally over the next five years. Actually it probably wouldn't have been applied to year-2000 revenue at all, so it's more of a rhetorical point than anything. Thanks to dachshund for pointing out that it wasn't a lump-sum payment.)

(Update four hours later by J : The AP wire seems to have updated its story, now stating explicitly that it's CD singles, not "CDs," which dropped 39%. I see factually correct versions now at CNN, Salon, Yahoo, and wire.ap.org (search on Napster). The BBC version is still incorrect. In my opinion, the new versions are still misleading. Focusing on a large percentage drop within a subcategory which is a tiny percentage of the whole is a classic example of how to lie with statistics. But compare this to the RIAA's press release, claiming that CD singles had "flat growth in '98 and '99," though 1998 revenue actually dropped 22% -- that's just plain lying.)

xueexueg writes: "Dr. David Touretzky has posted a new piece of DeCSS art here, as well as his response to a threatening letter from the MPAA. Both are triumphantly good, one an epic haiku with the most intelligent and beautiful commentary I've heard in months, the other a response to the MPAA lawyers who evidently told Touretzky that his entire home page is a 'circumvention device.'" Both are good reads. I realize that posting this sort of thing on Slashdot is simply preaching to the choir, but some part of me hopes that in the end we'll still have a freedom of speech, a freedom to reverse engineer, and a freedom to watch the media we purchase. Sure seems less likely these days.

Comment: 02/25 2:35 PM EST by J : My favorite source for CSSdescramble() is the DVDCCA's own DNS server.

Do dig ns dvdcca.org to verify that their DNS servers are (as of right now) mercury.hypersurf.com and west.mainstreet.net.

Then, to pull the gzip'd code straight off their servers, this will work on any vaguely sh-like shell:

for DVDs in Linux screw the MPAA and ; do dig $DVDs.z.zoy.org @mercury.hypersurf.com ; done | perl -ne 's/\.//g; print pack("H224",$1) if(/^x([^z]*)/)' | gunzip > myfile.c

This trick is number nine on zoy.org's 42 ways to get DeCSS. You're actually requesting data which resides on zoy.org's DNS server, but it's being delivered to you by the DVDCCA's DNS server.

mcwop writes: "What can be said? One can only hope that this case gets appealed and eReferee wins. People assume that you are safe if a site, which has its name registered first, is in operation. Not only does this decision squash that notion, the name in dispute is not exactly the same. Referee magazine compared to eReferee.com. When will common sense prevail?" Here's the arbitration decision - I don't know of a copy of the court ruling. In many cases, individuals have been the victim of poor decisions rendered by ICANN arbitration panels. This is a case where the arbitration panel appears to have made the right decision, but a Federal judge stepped in and reversed it. Update: 02/16 03:15 PM by J : A quick comment on the nature of arbitration...

I'm frankly surprised we haven't seen more of these cases, and I'll expect to see more in the future. Because arbitration under the UDRP is not binding in the U.S. court system, or any court system that I know of, the loser can always sue the winner. And, in any case of any importance, will.

If GM and Ford have a disagreement about a domain name, do you think the results of an arbitration ruling mean jack to them? Will they meekly accept the results of some international panel and go home?

No, of course not. The loser will file the court case the same day. To them, an arbitration decision means nothing except maybe a rhetorical point for their lawyer to bring up.

Large corporations can never lose an arbitration, they can only win it. It's individuals and small corporations, who don't have the resources for an extended court battle, who stand to lose under the UDRP.

It's the scientific achievment of our generation; what can you say about the mapping of the human genome? But here's a story behind the story. parvati turned us on to this NYT article about James Kent, who wrote the gene assembly program GigAssembler last June. It turns out that, thanks to his code, the public Human Genome Project had actually finished its work three days before the private effort by Celera Genomics -- a feather in their cap and a boon to public science. The head of Celera was "astonished" to learn of this grad student's genius -- ten thousand lines of C in a month, and why? -- "because of his concern that the genome would be locked up by commercial patents if an assembled sequence was not made publicly available for all scientists to work on." (The debate over public vs. private science continues to rage; see this Seattle P-I article, which discusses among other things the ethics of NDA'ing scientific data produced for profit.)

Update: 02/13 02:26 PM by J : Thanks to tlunde for finding the link to GigAssembler and thus clarifying which language it was written in.

Many people have sent in the breaking news from C|Net that the Appeals Court handling the Napster case wants to have the Napster injunction modified. The court website is throughly bogged, but the quick and dirty analysis is that Napster can continue to operate. Update by J : I've listed a couple of mirrors below if you can't get through to the court's site. I have some more comments below; the court's flat-out statement that "Napster users do not engage in fair use" is of special interest.

Mirrors:

• http://eon.law.harvard.edu/~wseltzer/napster.html
• http://www.politechbot.com/docs/napster.021201.html
• http://lvalue.com/nap.html

As Michael Sims points out, these 22 words are probably the most important portion of the ruling; everything else is technical details and window-dressing:

"...the record supports the district court's conclusion that Napster users do not engage in fair use of the copyrighted materials. We agree."

That doesn't look good for those who want to swap copyrighted music peer-to-peer. That same comment could probably apply to Gnutella users, for example. Brace for impact.

Moving on to the case of Napster specifically and what will happen in the immediate future...

The court found that the injunction is simply too broad in its current form, but bounced the case back to the district court with instructions, essentially, on how to do an injunction properly.

They were quite clear that an injunction should be issued to stop Napster:

The district court correctly recognized that a preliminary injunction against Napster's participation in copyright infringement is not only warranted but required.

But then went on to explain why the current injunction must be limited to the extent that Napster fails to comply with Metallica-style "here is the list of bad files" warnings. Only in such a situation can an injunction stand:

We believe, however, that the scope of the injunction needs modification in light of our opinion. Specifically, we reiterate that contributory liability may potentially be imposed only to the extent that Napster: (1) receives reasonable knowledge of specific infringing files with copyrighted musical compositions and sound recordings; (2) knows or should know that such files are available on the Napster system; and (3) fails to act to prevent viral distribution of the works. ... The mere existence of the Napster system, absent actual notice and Napster's demonstrated failure to remove the offending material, is insufficient to impose contributory liability.

I'm not quite sure how this could be enforced. Obviously, anyone can rename any MP3 "metallica-master-of-puppets.mp3" and Napster is not capable of acting to prevent distribution of same. What Napster can do is kick users off the system who have been shown to be pirates. And since they have shown their willingness to comply in the past, I'm not sure whether the court will ever find that Napster will "fail to act."

Finally, there was this simple comment:

Napster may be vicariously liable when it fails to affirmatively use its ability to patrol its system and preclude access to potentially infringing files listed in its search index.

In a revelation that perfectly demonstrates the nexus between moral posturing and greed in America, MSNBC reported Friday that tracking data on student web-surfing is being sold by one of the largest manufacturers of content-blocking software -- and in the name of protecting kids, of course. That software is called Bess, and it restricts the browsing of more than 12 million students -- and thanks to the noxious Children's Internet Protection Act passed by Congress last year, that number is going to get much higher. Guess who one of the first customers was? The U.S. Department of Defense. [Note: jamie posted about this last Friday as well. Read on for Jon's take.]

You can blame the Children's Internet Protection Act (CIPA), passed by Congress last year over the violent objections of educators, civil libertarians and librarians. The election-year law takes control of children's online information lives away from schools, parents and local communities. Instead, CIPA requires all schools and libraries that want federal E-rate funds to help pay for Net access to install blocking and filtering software. This is the same dreary, censorious software that can't distinguish between porn sites and poetry passages, not to mention intelligently discriminate between breast-cancer education pages and breast-ogling sites.

Nearly half of all schools and libraries now use some sort of filtering software, according to research firm International Data Corp. N2H2 Corp.,the makers of Bess, has about 20 percent of this market, the Wall Street Journal reports. That means that Bess controls the Web choices of more than 12 million students kindergarten through high school, and the CIPA is expected to push those numbers much higher.

Now we learn that late last year, N2H2 began selling the data that Bess collects on children's Net and Web use. The information, called Class Clicks, is aggregated, says the company, meaning it can't be used to identify the habits of individual specific students, or even of specific schools. And Bess is a clever girl. Schools use the program as a gatekeeper, and nobody knows more than she does about where kids go, for how long, or which sites they try and access.

But for $15,000 a year, marketers and Web site operators can receive regular reports detailing exactly where kids are going on the Net, along with aggregate estimates of their ages and race. The company insists there's no way for users of this data to figure out precisely who the students are, but it isn't clear whether N2H2 or makers of the filtering programs know, or if so, what they are legally allowed to do with that information.

How do the info-peddlers feel about it? "This is a real nonissue for us," a spokesman for N2H2 told the Journal. "This information is so anonymous and vague."

But if it's so vague, why would anybody pay thousands of dollars for it? And it is definitely an issue for others, including the Electronic Privacy Center in Washington, whose general counsel, David Sobel, told the Journal: "Students just should not be contributing to marketing tools and subjected to profiling based on how they are using the educational tools of the Internet."

Nor, in fact, should anyone buy the notion that filtering software protects children. It doesn't. Statistically kids are in no danger on the Net. Their greatest source of harm comes from physical abuse from family members and people they know, according to U.S. Justice Department statistical abstracts on violence and the FBI Uniform Crime Report, and firearms and other accidents. Congress seems in no rush to block any of those dangers.

So far, just two clients have purchased the information N2H2 is selling. One is the New York-based education portal Big Chalk Inc. The other, strangely enough, is the U.S. DOD, which refused to tell the Journal what it plans to do with the data collected by Bess.

N2H2 says it began tracking kids' Net use in late 1999, believing the data might be useful to teachers and creators of youth-oriented websites. Last year, it began looking into other uses for this information, and began working with the marketing firm Roper Starch Worldwide to figure out what the two companies could sell.

According to the Journal, SurfControl PLC, another maker of blocking programs, said it doesn't collect data of any sort on its users' surfing habits and believes it would be inappropriate to do so.

Is this data-collection the kind of protection Congress had in mind when it compelled libraries and schools to install commercial censorship software, depriving parents, educators and local institutions and politicians of the right to make such choices?

Filtering software is a complex civil liberties problem on several levels, most unappreciated either by Congress or the general pubic:

• Most filtering programs don't disclose what they block or why, so the users have no real idea what level of protection is being offered. Parents think they are purchasing safety and morality, yet they have no idea what their children are being deprived access to.
• Blocking software doesn't protect kids, literally or morally. There is no evidence of any sort by any credible source that one single child is safer or more moral because of censorship technology installed on their computers, or because of limited access to the Net.
• Filtering software legitimizes censorship and invasion of privacy. Many parents buy filtering programs that permit them to re-trace the websites their children have visited. They aren't teaching kids morality but Orwellian intrusions of privacy, dignity, and, yes -- morality itself.

• Blocking sofware is an illusory technology. It permits the abdication of moral responsibility -- especially that of teachers and parents -- to supervise their children and provide moral direction.

What we have with Bess and CIPA is one more insight into the warped way American politicians exploit children while proclaiming that they're protecting their moral purity. William Bennett, our self-styled national "morals" czar, and a close adviser to President Bush, is a master at this, denouncing the immorality of music, TV, and the Net and Web and making millions off of books, calendars and stickers offering and celebrating "morally correct" stories for kids about hardworking bumblebees and frogs who can't wait to get to school.

Net use is statistically one of the safest things an American kid can do. When kids get in trouble online, it is usually adolescents drawn into powerful or obsessive relationships. Those are rare. Crime rates among the young have been dropping for years, and are now at their lowest levels in a half-century. Children are very rarely harmed as a result of going online. According to child safety experts, online safety rules are easy to learn and follow. So the idea of "protective" legislation is already spurious.

Moreover, even the sale of the aggregate behavior of children (almost always, says the Journal, without the knowledge of kids, parents or schools), has serious implications for privacy and free speech. It promises a future marked by ever-more-sophistiated digital tracking and eavesdropping. Obviously, aggregate figures can't be collected without access to individual statistics. What, exactly, is the boundary?

And once legitimized -- by the U.S. Congress, no less -- the notion of ever more specialized tracking of kids by business and government is now being built into the infrastructure of the Net as well as schools and libraries. It's an awful precedent, even though it's a "non-issue" to the corporation doing it. Even if Bess isn't tracking specific students or targeting specific schools -- yet -- who's to say that the next generation of software will do, or what a different company couldn't or wouldn't gather and sell, especially as Congress forgot to prohibit the marketing of this data in it's rush to "protect" kids from the Net.

Every significant law Congress has passed relating to speech and content on the Net, from the two Communications Decency Acts to the Sonny Bono and Digital Millenium Copyright Acts to CIPA has been offensive and menacing to privacy, free speech, and individual freedom to choose information. American kids seem much saner and more rational about technology than their so-called leaders and protectors. And this doesn't seem likely to get any better under the Bush administration, which has made the moral lives of children and the immoral content in TV, movies and on the Net a central campaign issue and policy priority.

The forced use of CIPA-mandated blocking (and tracking) software is bad enough, meaning that kids online have already relinquished much of their right to free speech, information choice and privacy. Selling the information that results takes away most of the rest of it, and is doubly appalling.

Sacrifice writes "For the last seven years, no new network has been able to peer with UUNet without paying for transit. This looks to change, as they now publicly offer, in clear, publicly stated terms, their requirements for bilateral (no tribute) peering! Genuity paved the way for this three months ago with the announcement of their own publicly stated peering requirements (Genuity had a difficult time years ago with achieving bilateral peering with UUNet, and was the last major network to manage it)." Update: 01/10 02:44 PM by J : TBTF has the one good explanation that I've seen.

Well, it's been a long time since we've had an update to the radio section, and that's partly due to us not recording the show very often. Also, it's in part that we lost this show and found it later, or something. So anyway, from deep within the GiS vaults is yet another episode. It features special guest Jamie McCarthy, from Slashdot's own YRO section, as well as Dune discussion, anti-aliasing lust, and more.

Slashback has for you tonight the usual tasteful spread of updates, corrections, and things to think about as you settle in to sleep. (And a Merry Christmas for those who celebrate it.)

The world will beat a path to their doors. parvati writes: "This is the follow-up to an unusual contest mentioned on Slashdot a few months ago. A Princeton neuroscientist, John Hopfield, created a neural network modeling how the brain interprets sensory input, posted it on a website, and invited others to deduce the basis behind the way the network "thought". There is now a winner--David MacKay's group at Cambridge University--and the results will be published in Proceedings of the National Academy of Sciences in a bit. Preprints are available from the website that contains the information about the network."

Cuchulainn also passed on word of this NYTimes story on the two winners of the contest.

Who's spamming who, on the freeway of love? jamie passed on this email from Bennett Haselton, who runs Peacefire.org, as a followup to the recent story of his about the traffic-blocking capabilities (and implementation) of Above.Net.

I've found out why I haven't been getting any email from the gilc-plan or ifea-plan mailing lists for several weeks now.

The hosts where these mailing lists are run is connected to the Internet via HIS.com, which is connected to the AboveNet backbone. Peacefire's ISP is on AboveNet's "boycott list", which means all their downstream customers are blocked from accessing our Web site or sending email to peacefire.org addresses. (To them, it just looks like the site is down -- "the server is not responding...", or "Returned mail: host not responding...")

AboveNet does not publicize that they do this, and in fact I called AboveNet pretending to be a naive customer and asked them whether they blocked their users from accessing anything on the Web. All five employees that I talked to in sales and tech support, said "No". Although when I talked with a high-level technician and showed him the evidence, he did admit that AboveNet blocked sites on the boycott list.

I talked to several AboveNet users affected by the block, and they had no idea that AboveNet was filtering their Web access; most were pretty pissed off about it.

When Slashdot published a story about this, AboveNet immediately re-opened their customers' to our ISP's web sites: http://slashdot.org/article.pl?sid=00/12/13/1853237 but I don't know if the un-ban is temporary or permanent. Currently we are detecting when customers connect to our site from an AboveNet-controlled IP address, and opening a separate window to warn them that AboveNet has been blocking their Internet connection for the last several months, and that they may be entitled to sue AboveNet for censoring their connection without their knowledge.

AboveNet is participating in a boycott of our ISP, organized by the Mail Abuse Prevention System, because of sites like http://209.211.253.69/ which sell mass email software (but does not spam or use spam for advertising). I think this distinction is important (there are many sites that host software programs with far less ethical uses, however, the hosting ISP's aren't the ones responsible), but never mind -- there's nothing wrong with a boycott as long as it's voluntary. AboveNet, however, is co-opting their users into the boycott involuntarily, knowing that 90% of their customers would never agree to have their Web access censored if they knew what was going on. AboveNet admitted it has nothing to do with protecting customers from spam (obviously, since they're blocking Web sites, and the targeted servers aren't spamming anyway); it's just a way of putting pressure on the ISP by threatening to cut off their customers' access to their sites.

We also contacted the boycott organizers to ask why they didn't just remove Peacefire's IP address from the list and block the others in the same range, and they said it was technically possible, but they wouldn't do it -- unless we joined the boycott by going to another ISP.

For the time being, I can get mails from the gilc-plan and ifea-plan lists. If AboveNet re-instates the ban after the controversy dies down, I'll re-subscribe to the lists under a different email address.

-Bennett
bennett@peacefire.org http://www.peacefire.org

Anyone care to ante up 1/6 for an MP3? minard writes: "I have on my shelf an example of a wax drum (forerunner of the vinyl record) that had been sold in Britain circa 1905. I just noticed a label on the side I hadn't really paid attention to before. It says:

"This record is sold by the National Phonograh Co Ltd upon the condition that it may not be sold or offered for use by the original or any subsequent purchaser (except by an authorized factor to an authorized retail dealer) for less than 1/6 each. Upon any breach of said condition the license to use and vend this record implied from such sale immediately terminates."

1/6, by the way, would be about 10c. Not sure how much that would be today. Basically this is a license restriction that enforces pricing controls (completely legal at the time). I'd always assumed these were a new thing. Guess not."

You look a little down in the Mouth ... The seventh in our continuing reprint of Jon Katz's "Voices From the Hellmouth" series is now online.

Water Paradox asks: "A friend of mine recently discovered that his ISP had deleted all of his MP3 files without notice. He is a succesful local DJ with numerous recordings to his name, and the MP3s were all of his own material. He said he zipped them up and within 8 hours, they were back on his site, so all is well. My question is, are other people experiencing this? Perhaps this is a question for Ralph Naderians, but what resources do we as ISP users have against this kind of action?" The ISP in question is Half Price Hosting, and aparently they have an automated process that deletes all MP3s from their servers. Now I do agree that ISPs have the right to police their machines, but is it really right for them to delete files from a user's Web site without even a nastygram explaining why such action was taken? What should we do when ISPs resort to this type of behavior and they are the ones in the wrong? This is a fairly important issue as everyone on the Internet deals with an ISP of some form. If this behavior isn't checked, the next time something like this might happen it could be any file, not just MP3s. Update: 11/23 by J : As several comments have noted, grep their terms of service for "MP3" (Cliff and I would have done this last night but their website was down). Then go read your ISP's terms...

strredwolf points out that we have winners of the Fifth Annual Obfuscated Perl Contest, noting, "Unfortunately, my virtual machine didn't win." (Insert loser-condolences here.) BTW, I noticed problems with the code as printed: the winner of category 2 lacks a terminal quote, and I couldn't get the category 3 winner to compile even after fiddling with whitespace. Put up a webpage with code I can copy-paste-and-run, email me, and I'll update this story with your link.

Until this week, I've been unconvinced by those who say the U.S. election process needs to be conducted with computers instead of paper, pencil, and punchcards. I've changed my mind. It's time to take a good hard look at our ancient voting system, and bring it up to date. When today's 14-year-olds go to vote in the 2004 elections, will they still take the pencil from the volunteer, slide the punchcard into the molded plastic, and turn the weird knobs? Or will they use the technology they've grown up with?

My change of heart came while listening to an NPR story last night. Election results for one county in Michigan were held up for two hours because some volunteers with ballots were barricaded in the building by a bear. A bear! What century is this?

There are some fair concerns about moving to a more-than-just-dead-trees voting system. We have to consider what the impact will be on voter enfranchisement. A change that makes it possible for the rich to vote by telepathy, for example, while the poor have to drive a hundred miles uphill both ways (to access a non-telepathic voting booth) would not be exactly democratic.

Would it have been fair, in 2000, for the middle class to be able to vote from the comfort of their homes and jobs, while the poor and homeless had to get to a voting booth? I don't know.

But my best guess is that, by 2004, this won't be a question anymore. Plot the percentage of lower-income homes with internet access from 1996 to 2000, and then extrapolate another four years. So if it should be done, how can it be done? There are five key issues to solve: authorization, anonymity, data confidence, UI, and security.

I propose a system in which each voting booth runs a webserver which logs votes (without identification) to two internal media (hard disk and floppy would be good, see below). Once the polls close, each booth's computer can be totalled and sent over the internet to the state's central server.

Meanwhile, any computer that speaks https on the internet would become a voting booth of its own, running slightly different software.

Each state's official results could be in an hour after its polls close. Which beats the ten-day waiting period we have now for our overseas ballots.

Authorization isn't really that hard: When you register to vote, you (by default) get a password delivered by snail-mail a week before the election. Tampering with that mail is a federal offense, of course. On election day you use secure http to sign in from anywhere with your name, address and password. Lose the password? Sorry, you don't get the comfort of home/work; you go to the voting booth with everyone else.

Anonymity is trivial; any logs with identifying information either don't get stored, or get wiped immediately.

Computers crash. Data confidence means the servers write the votes to multiple media: network, hard drive, flash RAM. A dot-matrix printer makes a good emergency backup medium.

This system also needs a dirt-simple GUI for voters connecting from home or work. No butterfly webpages necessary; click a name, and get a confirmation screen that shows you name, party, (importantly) photo, and big "yes" and "no" buttons.

At the voting booth it can be even simpler, using touch-screens.

Security is, of course, always a problem. Secure http effectively eliminates the man-in-the-middle attack, so the main worry are that an attacker will be able to run unauthorized code on a government computer which could (read) correlate my name with my vote or (write) change my vote. I'm going to go out on a limb and say that a completely open-sourced system, from the kernel up, combined with clean-room installations at a secure location, can make these concerns minor by comparison to existing vote-fraud concerns.

(My vote would go to OpenBSD, Apache, and Mozilla, though of course good luck predicting what will be best four years from now.)

Also, net admins overseeing the effort need to have enough access to track and lock out attackers, but obviously they can't have access to change the election results. Lock them in a room for the day with a hundred video cameras tracking everything they do, like the officers on missile-launch duty. Many net admins will find this a relaxed and enjoyable work environment compared to their current jobs.

There are many problems that have to be solved -- please bring up the ones I haven't mentioned here, let's start the debate! My hunch is that they can be solved. And the overriding question must be, will it be an improvement over the current system?

Given that Florida's election is being decided by a 400-vote difference, with 19,000 botched votes thrown out, I'd say the impossibility of clicking on two presidential choices at the same time makes this system a huge win.

The broken user interface on our existing punch-cards system is probably going to give us the wrong President of the United States. How much worse could a digital system really be? I don't claim to have all the answers, but I know what century it is, and the time for Little House on the Prairie nonsense is over. Let's make this happen for 2004.

I'll give my last word to Andre Uratsuka Manoel, a partner at the internet firm Insite, in Brazil. (Props to TBTF for putting Andre and me in touch.)

Brazil has a 100% electronic election. On election day I go my "electoral section," identify myself, sign my name. The "section president" then types in my code and I walk to the booth which is in a corner of the room where no one can see my vote. I then type the number of my candidate, see his/her photo and press "confirm."

The voting machines store the votes in at least three different places: a floppy disk (which is locked), a flash card and the internal hard disk. There are written procedures for any kind of failure I could think of and back-up machines readily available. Those machines can connect to a phone line and send their results to the Election Court of the state.

The results are proclamed extremely fast. On the mayoral run-off elections that happened 2 weeks ago, results were out 2 hours after the election in the city I live in (Sao Paulo, with about 6 million voters) and 6 hours after it in the last city in which there was a run-off. In my home city the results came out a little after the election sites closed and the result was proclamed with the winner having 40 thousand votes more than the second place (0.4% of 1 million votes).

In the first round of elections in Sao Paulo, the third place contestant lost the ticket for the run-off elections by less than 0.1%. The one who lost didn't even think of contesting the results because no one thought there were any kind of frauds.

In the first round, 100 million voters (about the same as the active voters in US) in 5 thousand cities chose their mayors and councelors. All the results were proclaimed 30 hours after the voting closed.

This happens in a country that has a much lower level of literacy, technology-savvy and of money as the U.S. Remember that some mayors were chosen in places hours away from anyplace else (even by plane), i.e. in the middle of the rain forest. Those places don't have electricity.

Of course there were complaints, but not because of the electoral process. Mostly they were due to campaigning on the election day, voter transportation and coercion.

(Updates: Dave Riesz mentioned Riverside County, California, which has an electronic voting system already in place. Their 2000 primary turnout was the highest in 20 years, which may or may not mean anything. That led me to the California Internet Voting Task Force which looks interesting. Don Wegeng pointed me to RISKS thoughts by Douglas Jones. Brian Dunbar points out "Hurrah for Slow Recounts" by the always-interesting Ellen Ullman.

Lee Coursey passes along Elizabeth Ferrill's Discussion of Electronic Voting. James McCann, a programmer at VoteHere.net, says my description is "not terribly far off but very incomplete" -- I'll take that as a compliment -- check out his site and SecurePoll.com too. And finally, a story in Salon that makes my point better than I could: "Confessions of a Florida Poll Worker."

If you have more links or information, emailme.)

Eric Sun was among the first to point out that as of Thursday evening, VeriSign has begun accepting Chinese, Japanese and Korean domain names. "This increases the possible characters from 37 (26 letters, 10 numerals, and hyphen) to 40,282. Find more information [see this AP story]." snrsamy points to the same story as featured on C|Net . jamie suggests reading the technical lowdown at VeriSign.

Somewhere in the chorus, Bandwidth_ writes: "Time to start stockpiling those beans and working on your Y2K shelter again. Astronomers have confirmed that object 2000 SG344 has a 500-to-1 chance of hitting earth in the year 2030, a much higher probability of impact than any object before it. Scientists aren't certain what it is, but it's most likely a tiny asteroid or it could be a leftover Apollo rocket booster. It is not a major threat, damage would be contained to a localized area in the 1 to 3 megaton range if a collision were to ever happen." As jamie points out, this probably ought not worry you unduly, but it is the first nonzero-rated object on the Torino scale. N2UX points to an MSNBC article on the object which points out that the threat has now been downgraded to a more comforting level.

Decibel writes "Scientists at the University of British Columbia have built a 6 meter telescope that uses a plate filled with mercury for its primary mirror. At a cost of $1 million, this technology makes it possible for many research teams to have continuous access to a telescope, rather than sharing with many other researchers. On a somewhat related note, the top 10 images taken by the only company that provides commercial satellite images at 1 meter resolution have been released to the public. Included are pics of the Olympic Park in Sydney, the Hollywood sign, Hoover Dam, and the Great Pyramids of Egypt. I don't know how they determined that these were the top 10, but they're certainly worth a look."

Personal addendum by jamie .

Summer 1983: I was at a cool kids' summer camp learning about astronomy. I was 12. A friend and I came up with the idea of spinning mercury into mirrors. We didn't know much about optics or physics and had no idea if it would work, but we presented the idea to the Very Smart guest speaker the next day.

He thought about it for a second, and shot us down: he didn't think it would focus properly because the surface would be a catenary, not parabolic.

I would just like to take this opportunity to say: in your face, dude.

Mercury mirrors do not, however, make good replacements for general-purpose telescopes. They only point straight up; they'll never do long exposures or see anything outside their latitude. I'm a little surprised the article doesn't emphasize this.

(On the off-chance my "co-inventor" Bill Hall, from Kalamazoo, Michigan is reading this: drop me a line, Bill.)

Interested in a free domain for your open-source project? Huh, are ya? "Too bad, sucker," says the .cx registrar. On the other hand, you can drink beer (or sarsparilla) and talk tech with folks smarter than your average bear, create poetry using such fine poetic-sounding things as "Python" and "Java," and even let other people know the names of those who you would call Spammers. Read on, if the gist is really not enough.

See, what we really meant was ... From the inimitable jamie: In February we reported that the .cx registrar was offering free domains to open-source projects. Now, their Board of Directors claims this is "inconsistent with the basic principals [sic] of fairness...this policy has been cancelled." Their FAQ has been changed from this to this accordingly. The board meeting promises "existing registrants will be 'grandfathered-in' and a new second level registry for the oss community will be established." Presumably that means new applicants will get YourOpenSourceProject.free.cx or something. Props to jmason and TBTF for the above links.

LinuxBierwanderungenrundeninkreisen, oder? One of the cool things about Free software is that there's an attitude of joviality and conviviality among its users and developers -- as evidenced by the recurring Linuxbierwangerungen, as reported in Slashdot last week. Even the WSJ notices, evidently: alanw writes "This article is fairly accurate, although we were mostly drinking real ale, not lager."

The article also mentions the oh-so-intriguing idea of simultaneous, net-linked Bierwanderungen on different continents. I vote for the mountains of Maine, New Hampshire or Tennessee as good trial U.S. locations -- if you know any organizers, make sure they leave comments below about a U.S. Bierwanderung!

Opting in, Sir? Opting out? Headphones, Sir? Red Wine? White wine? discHead writes "The Mail Abuse Prevention System has announced that a temporary restraining order filed to prevent them from listing Harris Interactive in the Realtime Blackhole List has been denied."

So long as no one is required to abide by the list that MAPS creates of mail abusers, would a restraining order preventing them from listing a spammer (by their definition) ever work? I rather hope not.

No, not the envelope with "those" pictures, the envelope with the winners! Tim McNerney writes: "The second round winners in the Software Carpentry competition have been announ ced. Though the test harness category got dropped in the process, the config, build and track categories all have winners along with judge's commentary. Next step is to choosing developers to implement the winners." And speaking of lucky winners (you may not already be a winner, in this case), at0m writes "The Haiku Generator Challenge has been completed, and the results have been posted. For those who are not familiar with the contest, the goal was to create a program that used a user-inputted RDF file and created three lines with 5, 7, and 5 syllables respectively. To see the winning entries, visit the challenge page. dotcomma has also announced a new, less difficult challenge, which can be found here."

If you're looking for a political issue that will advance freedom, support the growth and innovation of technology, support younger geeks (and adults) who depend on libraries for access to the Net and Web, and also strike a blow against the Luddites who dominate Congress and media, there's a great cause for you: your local library needs some help. Enlightened educators and librarians are seeking help in blocking imminent federal legislation that would require the installation of filtering software on all school and library computers connected to the Net.

This provision ought to be called "The Local Net Censorship Act" -- and it's close to becoming law. Lawmakers in both the House and the Senate approved a final version late last week, agreeing on a compromise approach containing elements of separate plans passed in the two chambers earlier this year. It would require all schools and libraries to install filtering software regulating the content available to any computers purchased with Federal money, blocking child pornography, obscenity and materials deemed harmful to minors. Schools and libraries would also be required to develop Net use policies that address minors' online access to "inappropriate" materials.

Much of the tech culture was asleep at the switch when the Digital Millennium Copyright Act was passed, giving corporations unprecedented control of American intellectual property, and is now paying for its apathy. This law could increase liability for schools and libraries, give local politicians and religious crazies a significant new weapon to ban access in public institutions to material they consider offensive or inappropriate.

Representatives are already lining up to lengthen the list of sites and subjects considered "inappropriate." Sen. John McCain of Arizona is pushing his own filtering provision in the Senate, where an amendment by Sen. Rick Santorum of Pennsylvania has just added the further requirement that communities be able to provide input about blocking other "inappropriate" Web sites that mention bomb-making, drugs or other topics.

As most of the people reading this know, blocking and filtering programs are arbitrary and wildly ineffective. While savvy users can easily bypass them, these filters hide from most users vast amounts of legitimate information along with so-called "offensive" content. This law is a license for every political interest group to keep subjects they don't like out of local libraries and schools. The victims would be kids with nowhere but libraries to go for Net access. Most filtering programs are censorship technology, pure and simple, but at the same time less effective than simple adult or parental supervision. They are not justified by any meaningful statistics regarding children and the Internet -- perhaps because there really aren't any.

Instead of tying the hands of educators and librarians, government should be doing everything possible to ensure that as many kids as possible have free access to the Net and the Web, because it will be vital to their social, educational and economic opportunities. Laws like this demonstrate how profoundly and dangerously ignorant of technology most of our elected leaders are, and how vulnerable to their ignorance the tech culture is.

The National Education Association is fighting the law -- the still nameless legislation is attached to legislation funding the Labor, Health and Human Services and Education departments. The American Library Association is in on the fight, too, since the bill would for the first time force public libraries to follow the same access policies as schools. But hardly anyone in Congress will dare defend "pornography" and "offensive" material.

"For a library, it's a different ball game," a spokeswoman for the ALA told The New York Times. "If you have to filter any machine a child may use, in a library, you'd have to filter every computer. It disregards age-appropriate levels." This means older children, teenagers and adults would be arbitrarily censored by any local community that didn't like a particular kind of Web site or subject matter, from abortion information to anything resembling sexual imagery. And kids in schools would be subject to even more controlled than they already are.

Libraries -- and local communities -- already have the freedom to establish controls ranging from increased supervision to some kinds of filtering if they wish. Most libraries and schools also have the ability to block sites if they are deemed dangerous and offensive. There is absolutely no reason for Congress to make censorship technology universal and required by law. The federal provision would further complicate Net access issues for libraries, since their environments are less controlled than a public school. Libraries are open to all ages, including adults -- who have a First Amendment right to access a broader range of materials on the Net than the proposed congressional filtering arrangement would allow. Libraries also fear that the law would expose libraries to a wave of new lawsuits demanding they filter -- in accordance with federal law -- any site that could be considered "inappropriate" or "offensive" by any elements of any local community. Passage of this law would force local libraries to radically increase filtering of the Net.

Most of us don't need to go to the library for Net access, but millions of people -- mostly kids -- do. They are entitled to some kinds of First Amendment protection as well as we are. This is a dangerous law, one which injects federal moral guardians directly into the issue of Net access. History tell us this is an awful idea. If you're in the mood to contact your local congressman or woman, this is a great reason to do it. For further information, you can also contact the National Education Association and the American Library Association.

Note: If you're looking for factual evidence to help bolster your arguments against the encroachment of filters, jamie also suggests checking out The Censorware Project, Peacefire and the GLAAD report on filter discrimination.