Slashdot Mirror

schwit1 quotes The Independent: Criminals can work out the card number, expiration date, and security code for a Visa debit or credit card in as little as six seconds using guesswork, researchers have found... Fraudsters use a so-called Distributed Guessing Attack to get around security features put in place to stop online fraud, and this may have been the method used in the recent Tesco Bank hack...

According to a study published in the academic journal IEEE Security & Privacy, fraudsters could use computers to systematically fire different variations of security data at hundreds of websites simultaneously. Within seconds, by a process of elimination, the criminals could verify the correct card number, expiration date and the three-digit security number on the back of the card.
One of the researchers explained this attack combines two weaknesses into one powerful attack. "Firstly, current online payment systems do not detect multiple invalid payment requests from different websites... Secondly, different websites ask for different variations in the card data fields to validate an online purchase. This means it's quite easy to build up the information and piece it together like a jigsaw puzzle."

Slashdot contributor Bennett Haselton writes: "Internet users in Saudi Arabia, along with most users in the United Arab Emirates, are blocked by their respective government censors from accessing the websites of the Trinity Davison Lutheran Church, Deliverance Tabernacle Ministries in Pittsburgh, the Amitayu Buddhist Society of Taiwan, and GayFaith.org. An attempt to access any of those websites yields an error page like this one. However, the sites are not blocked because they conflict with the religions beliefs of those countries' governments. Rather, they are blocked because Smartfilter -- the American-made blocking program sold by McAfee, and used for state-mandated Internet censorship in those countries -- classifies those sites as "pornography". You can see the screen shots here, here, here and here." Read on for the rest of Bennett's thoughts.

I found these blocked sites by starting with a combination of URL lists and ad hoc spidering, and running as many sites as possible through the Saudi filters to catch the ones that were blocked. Some of the sites were blocked for reasons that were easy to guess -- for example, http://www.bighornbasinsfw.org/, the home page of the Big Horn Basin, Wyoming chapter of Sportsmen for Fish & Wildlife, was almost certainly blocked because of the slang term "nsfw" in their URL. http://www.AgainstPornography.org and http://www.SearchingForMySpermDonorFather.org were presumably blocked because of the presence of the words "porn" and "sperm".

On the other hand, there appears to be no rational reason why the Filipino American Women's Network, the Tuscon Jazz Institute, or the Sacramento Police Activities League would have been blocked by Smartfilter, even by accident. A partial list of the blocked sites that I found is in the blog post I wrote for Citizen Lab, an Internet censorship research center at the University of Toronto.

Articles about sites that are erroneously blocked by Internet censorship software, have a storied history. The first widely read piece was the article "Keys to the Kingdom" written by Brock Meeks and Declan McCullagh in 1996, calling out Cyber Patrol for blocking EnviroLink.org and the University of Newcastle Computer Science Department, and CYBERsitter for blocking the National Organization for Women. I made a minor name for myself and the Peacefire.org site in the late 1990's by writing more pages about sites blocked by other products, including some (like X-Stop and SurfWatch) which no longer exist, and others that are still around, including Smartfilter. I was also one of six people comprising the Censorware Project, a loosely organized group of volunteers that published a few more reports.

By the early 2000's, however, it became clear that anyone whose mind was likely to be changed by information about what kinds of sites were blocked by blocking software, would have changed their mind already (or would, if they came across the research that had already been done up to that point). So the further reports on Internet blocking software errors, by me and other people, slowed to a trickle. I wrote a report in January 2002 on the latest list of sites blocked by Cyber Patrol, a product that most people today have forgotten. In 2006 I worked with the ACLU of Washington to publish a report on sites erroneously blocked by FortiGuard, a program used on computers in some libraries in central Washington, as part of the ACLU's suit to challenge the constitutionality of the program's use on public library terminals. (The Washington State Supreme Court rejected the lawsuit on the grounds that, regardless of what sites were blocked on the computers, it didn't matter because an adult library patron could request for the filter to be turned off.) In 2007 I wrote an article for Slashdot titled "From Bess to Worse" listing some sites that were blocked by an Internet filtering program called Bess (which was later bought out by Smartfilter and discontinued).

Most people's awareness of this debate, if they had heard about it at all, was limited to the perception that "breast cancer sites" and sites about "chicken breast recipes" were sometimes filtered by Internet blocking programs. Or they heard that "Beaver College" actually had to change its name to avoid being censored by web filters. As I tried to explain in a FAQ (written, according to the Wayback Machine, in 1999, but which still broadly holds true today), these examples are true, but they miss the point. These examples make it sound as if blocking software companies are doing the best job they can under the circumstances, and that the errors are unavoidable due to limitations on machine intelligence. In reality, any software algorithm that blocks the American Board of Vocational Experts, the Hopewell United Methodist Church, and the Patriot Guard Riders of Mississippi, as "pornography" (as Smartfilter currently does), is probably not the best algorithm the company could have come up with -- but there's no incentive for them to try harder, because few people will ever look that deep.

And yet, people continue to remember the "breast cancer site" examples. This sounds to me like an example of the narrative fallacy -- people remember that breast cancer sites were blocked, because there's a tidy explanation. There is no tidy explanation for most other examples of blocked sites, so the meme never spreads very far. Conveniently for the blocking companies, the blocked-site errors which make the company look most sloppy (the Kennels at Simpson Creek Farms, the St. Francis Institute of Milwaukee, etc.) are precisely the ones that, due to the narrative fallacy, most people won't remember or hear about.

One company, CYBERsitter, did manage to make a few blocking decisions in the 1990s that were egregious enough that their antics did make the news, and did finally raise some people's awareness that the controversy over private Internet filtering extended beyond "breast cancer sites". After TIME Magazine's website published an article (no longer online) that criticized CYBERsitter's blocking policies, CYBERsitter responded by blocking TIME Magazine's pathfinder.com domain. A few months earlier, CYBERsitter had blacklisted the monthly e-Zine "The Ethical Spectacle, after the Spectacle's founder, Jonathan Wallace, published an article criticizing CYBERsitter for blocking my own Peacefire.org website. And Peacefire.org had been blocked, in turn, because of a page I wrote (now very much out of date) listing some of the sites that CYBERsitter blocked, including the International Gay and Lesbian Human Rights Commission and Mother Jones. (Nowadays, of course, nobody would be surprised that filtering companies block Peacefire.org, since the site publishes ample instructions on how to get around Internet blockers. But at the time, the site's first and only article was the list of sites blocked by CYBERsitter, which is why CYBERsitter received so much criticism for blocking the domain in retaliation.) CYBERsitter also threatened to have Meeks and McCullagh criminally prosecuted for writing "Keys to the Kingdom" and threatened to sue me over the page that I had made.)

The moral, it seems, is that if you want an example of a censored web site to stick in people's minds, it either has to be a forgivable error, or an insane vindictive dick move -- because in either of those cases, people will understand why it happened. The vast swaths of censored websites on the spectrum in between, the ones for which there is no rational explanation for the blocking, go ignored.

These days, though, American and Canadian "censorware" makers have also come under fire for selling censoring software to foreign governments which use them for country-wide censorship. Most of the criticism focuses, naturally, not on the kinds of sites that are accidentally blocked by the blocking software, but on the immorality of these companies enabling statewide foreign censorship in the first place. Netsweeper, Blue Coat, and McAfee have all made the claim that "Once we sell their product to them, we have no control over what they do with it" -- which, as I wrote previously in Slashdot, is nonsense, because for the product to be effective, it has to rely on updates to the blocked-site list, which are provided at regular intervals by the manufacturer. Cut off the updates, and the product will not work, at least not as well.

So the fact that McAfee has classified the Boy Scout Troop 87 of North Andover, the Pan-Iranist Party of Iran, and Reptile Conservation International as "Pornography" is (rightly) overshadowed by the fact that McAfee is selling to government censors in Saudi Arabia and the UAE in the first place. However, as long as the filters are installed, these blocked sites are at least part of the problem for users in those countries, just as much as they are for students or cubicle workers in the U.S. whose network administrators happen to use Smartfilter. And, of course, I sampled only a miniscule fraction of the Web to find these examples of blocked sites, so the true number of stupid blocks affecting Saudi and UAE users is likely to be much larger. For each individual example, you might reasonably ask, "Is it really a big deal if Saudis are blocked from accessing Boy Scout Troop 87 of North Andover?" But it adds up.

Bruce Schneier's blog pointed me to a research paper on "Attacks and Design of Image Recognition CAPTCHAs" (PDF). The abstract says, "We systematically study the design of image recognition CAPTCHAs (IRCs) in this paper. We first review and examine all IRCs schemes known to us and evaluate each scheme against the practical requirements in CAPTCHA applications, particularly in large-scale real-life applications such as Gmail and Hotmail."

destinyland writes "British researchers have reached a startling conclusion. Unless online shoppers order 25 items at a time, they're polluting more than if they shopped at their local mall. An environmental benefit only occurs 'if online shopping replaces 3.5 traditional shopping trips, or if 25 orders are delivered at the same time, or, if the distance traveled to where the purchase is made is more than 50 kilometers. Shopping online does not offer net environmental benefits unless these criteria are met.' The study was conducted by Newcastle University's Institution of Engineering and Technology, which blames the environmental impact of transportation, warning that 'policy makers must do their homework to ensure that rebound effects do not negate the positive benefits of their policy initiatives.' But one technology site notes the study was conducted in Britain, which could have an impact on its conclusions."

duh P3rf3ss3r writes "The BBC is carrying a report from a team of researchers at Newcastle University who claim to have developed a the first 'artificial' human sperm from stem cells. The research, reported in the journal Stem Cells and Development, involved selecting meristematic germ cells from a human embryonic stem cell culture and inducing meiosis, thus producing a haploid gamete. The authors claim that the resulting sperm are fully formed, mature, human sperm cells but the announcement has been greeted with mixed reaction from colleagues who claim the procedure is ethically questionable and that the gametes produced are of inferior levels of maturation."

Al writes "A group from Newcastle University has released work that significantly improves the Draw-A-Secret method of creating passwords. The basic concept behind Draw-a-Secret is that humans excel at image recognition and memory, so 'passwords' should be designed to leverage that ability. The people behind the new work have refined the technique by parsing the shapes with a flexible grid and using existing images as a background to reinforce memory of the password. Imagine having your password be a graffiti-laden alteration of your favorite politicians campaign photo..."

Hugh Pickens writes "People possess a remarkable ability for recalling pictures and researchers at Newcastle University are exploiting this characteristic to create graphical passwords that they say are a thousand times more secure than ordinary textual passwords. With Draw a Secret (DAS) technology, users draw an image over a background, which is then encoded as an ordered sequence of cells. The software recalls the strokes, along with the number of times the pen is lifted. If a person chooses a flower background and then draws a butterfly as their secret password image onto it, they have to remember where they began on the grid and the order of their pen strokes. The "passpicture" is recognized as identical if the encoding is the same, not the drawing itself, which allows for some margin of error as the drawing does not have to be re-created exactly. The software has been initially designed for handheld devices such as iPhones, Blackberry and Smartphone, but could soon be expanded to other areas. "The most exciting feature is that a simple enhancement simultaneously provides significantly enhanced usability and security," says computer scientist Jeff Yan."

Bruce G Charlton writes "In three studies looking at the best institutions for 'revolutionary' science, MIT emerged as best in the world. This contrasts with 'normal science' which incrementally-extends science in pre established directions." If you're interested in reading more about how this was determined, read more below.
"My approach has been to look at trends in the award of science Nobel prizes (Physics, Chemistry, Medicine/ Physiology and Economics — the Nobel metric) — then to expand this Nobel metric by including some similar awards. The NFLT metric adds-in Fields medal (mathematics), Lasker award for clinical medicine and the Turing award for computing science. The NLG metric is specifically aimed at measuring revolutionary biomedical science and uses the Nobel medicine, the Lasker clinical medicine and the Gairdner International award for biomedicine. MIT currently tops the tables for all three metrics: the Nobel prizes, the NFLT and the NLG. There seems little doubt it has been the premier institution of revolutionary science in the world over recent years. Also very highly ranked are Stanford, Columbia, Chicago, Caltech, Berkeley, Princeton and — in biomedicine — University of Washington at Seattle and UCSF. The big surprise is that Harvard has declined from being the top Nobel prizewinners from 1947-1986, to sixth place for Nobels; seventh for NFLT, and Harvard doesn't even reach the threshold of three awards for the biomedical NLG metric! This is despite Harvard massively dominating most of the 'normal science' research metrics (eg. number of publications and number of citations per year) — and probably implies that Harvard may have achieved very high production of scientific research at the expense of quality at the top-end."

An anonymous reader writes "Ross Anderson, author of 'Security Engineering', notifies in a message to comp.risks that he just got permission from Wiley to let anyone download the full content of his book for free. This is one of the best books on computer security and it is used as textbook in many University courses (I teach two of them)."

Ben Rothke writes "If you review the thousands of Internet RFCs, you'd be hard pressed to find a protocol that lends itself to philosophical overtones, save for one -- the Network Time Protocol (NTP). The nature of time is abstract, difficult to measure and highly subjective. Yet time is a critical element in everyone's life, and in the effective operations of corporate networks." Read on for the rest of Rothke's review. Expert Network Time Protocol: An Experience in Time with NTP author Peter Rybaczyk pages 176 publisher Apress rating 9 reviewer Ben Rothke ISBN 1590594843 summary Expert Network Time Protocol is a fascinating look into NTP, and the stories behind the science

NTP is built on top of the TCP/IP protocol suite and is used to ensure accurate time-keeping with a trusted time reference. These references can be radio signals, GPS satellites, atomic clocks, Internet-based time servers and more. NTP is powerful enough to synchronize network clocks with millisecond accuracy.

In Expert Network Time Protocol: An Experience in Time with NTP, Peter Rybaczyk merges the philosophical aspects of time with the nuts of bolts of the NTP protocol. The book is composed of two parts, the first concerned with the meta-philosophy of time, and the second detailing the inner workings of NTP. The attempt in part one to merge technology and science with philosophy is a daunting task, and most often does not succeed. The notable exception to this is Douglas Hofstadter's Gödel, Escher, Bach: An Eternal Golden Braid.

Rybaczyk creates Sam, a fictional character who walks through the history of time. It is unclear who this Sam is -- whether he is supernatural being, or someone who got root on a time server. The author writes that the transcendental nature of time and the nuts and bolts of NTP are inseparable, but I personally found it difficult to determine what message part one was meant to convey. Fortunately, part one takes up but the first 34 pages.

Where the book shines, and where most readers will find value, is in part two, which details how to effectively design, configure, deploy and operate NTP. Where part one is conceptual, part two is extremely practical. Chapter 3 opens up with a comprehensive overview of the what, how and why effective time-keeping via NTP is needed.

The book details from a business perspective why synchronized and accurate time is a universal need. From transactional integrity, airline departures, sporting events, job shift changes, to FedEx pickups and more, nearly every activity requires time synchronization to work at peak levels. Effective network administration also requires time synchronization for network login procedures, directory synchronization, backups, and routing stability to work accurately.

From an information security perspective, password and digital ID synchronization, log file accuracy and auditing, and access control security are just a few of the areas where correct time can mean the difference between success and failure.

Where time synchronization is crucial, though, is in the realm of digital forensics. An otherwise painstaking digital forensic process might be worthless if time-related evidence from network devices is not correctly synchronized. If network devices are not correctly synchronized, you can basically forget about using them in any type of legal case.

Attorney Ronald Coleman, partner and computer law litigator at the New Jersey-based Coleman Law firm explains that in a computer law case involving serious discrepancies in network log times, the prosecution would conceivably drop the case. Similarly, a civil case to recover damages from an attacker is seriously undercut by these seemingly innocuous timing mistakes. "The network managers' lack of diligence at ensuring that the time was synchronized on their systems," explains Coleman, "opens them up to serious questions in front of a jury as to whether the logs and the system data are reliable at all -- especially with a gap of more than a couple of minutes, which might be explained away by which clocks were being relied on." In fact, an error of this magnitude would make the entire network administration suspect. That could be a disaster, Coleman says, where the network tracing record plus the human beings who sloppily set the automation in motion are going to be the chief sources of evidence against the alleged computer criminal. "A snafu such as seriously unsynchronized logs is just the sort of opening that could raise the level of doubt needed to undermine the other side's case."

Chapter 3 concludes with an interesting look at the cutting edge of time protocols, specifically the Interplanetary Internet. The Interplanetary Internet project is an attempt to synchronize computer time within the realm of deep space. NASA will in due time establish a deep space infrastructure whose purpose is to support the communication needs of multiple missions. Such an infrastructure would require time synchronization, but within a radically different framework from what exists today. The Interplanetary Internet and its underlying time synchronization are intended to solve that.

Chapter 4 brings the reader back to earth and provides vital information about how to design an effective NTP architecture. The key to designing the most appropriate NTP architecture for a given infrastructure is to first understand the different modes that NTP devices can operate in. The chapter details the five different NTP modes, the mode categories, and gives configuration information about each mode.

The chapter also provides information about NTP security. While NTP versions 3 and 4 provide added security (including symmetric private key cryptography and support of the Autokey protocol), it is ultimately up to the organization to determine what level of NTP security they need. Those organizations that don't require accurate time won't need much NTP security. But for those organizations who business requires synchronized and accurate time, such issues will drive the implementation of how they deploy NTP and its security functionality.

Chapter 5 details how organizational motivations (again, from a business perspective) will affect how you design your NTP architecture, and then describes several use scenarios. The book notes that designing an effective NTP deployment is a process that embodies four key steps: choosing a time source, deciding upon the NTP topology, determining the NTP features to configure, and then monitoring and managing the NTP operations. The chapter then goes on to describe various ways these steps can be carried out. The chapter provides a comprehensive overview on how to deploy NTP, be it on a dedicated time server, via already deployed products such as Cisco or Juniper routers, or on Unix/Linux/Windows file servers.

It is important to note that NTP is just the protocol. The actual implementation of NTP requires separate software client and server applications. The book focuses on the protocol and does not get into any specific vendors, other than a few screen shots from the configuration menu of a Symmetricom time server.

The author notes that on the surface, NTP is simple and almost inconspicuous, and overshadowed by better-known protocols such as HTTP, FTP and DNS. But once you start digging into NTP, you are dealing with one of the most pervasive elements of existence, namely time. Within NTP's scope, one could be dealing with atomic clocks, GPS satellites, clock selection, encryption algorithms and much more. So while at its heart, NTP may be a simple protocol, there is a complex infrastructure beneath it.

NTP is one of the most fundamental, yet overlooked services in the TCP/IP suite, and time synchronization is one of the most overlooked areas in networking. Hopefully, a book such as this can spark a renaissance. For far too long, time synchronization has not been afforded due diligence, and the effects have at times been disastrous. A view of the archives of the Risk Forum digest attests to this fact.

After a somewhat murky start in part one, Expert Network Time Protocol: An Experience in Time with NTP provides the reader with a superb synopsis of nearly everything he needs to know about NTP and effective time synchronization on his network, from an experienced implementer in the field. It is a fascinating look at one of the most humble, yet fundamental protocols on the Internet. For those who care about the correct time on their network, this book is required reading.

Ben Rothke, CISSP is a New-York based security consultant with ThruPoint, Inc. and the author of Computer Security: 20 Things Every Employee Should Know. He can be reached at ben@rothke.com You can purchase Expert Network Time Protocol: An Experience in Time with NTP from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Mike1024 asks: "Pete Klammer reported in RISKS 23.95 about spam filtering software filtering political e-mails - including Postini blocking certain anti-Schwarzenegger URLs and Comcast blocking e-mails mentioning afterdowningstreet.org. This could be caused by malicious action, misreporting of spam, 'joe jobs', or actual spamming. With many people using their ISP's default settings, and manual spam filtering being impractical for many users, what can be done to avoid giving ISPs and anti-spam companies extensive, fully automated censorship abilities?"

Slashback with more on Bill Gates' comments on bugs in Microsoft's code, the recent compromising of millions of credit card numbers, more .uk domain waffling, and more, including a foolproof way to stop anyone from reading data off of your discarded hard drive's platters.

Let me just slide your card a few dozen more times ... Any Web Loco writes "Following on from this piece on /., this story in the Sydney Morning Herald tells us that the company that got hacked (exposing up to 8 million credit card numbers) was Data Processors International. Not much to the story, but we now know who it was."

Another reason to be cautious about domains with "uk" in them. An anonymous reader writes "The Register reports that Nominet has looked at opening .net.uk up or killing it off and then decided it can't decide. The chair of sub-committee responsible, Clive Feather, is currently standing for re-election to Nominets Policy Advisory Board. The sub-committee he chaired had suggested shutting down net.uk entirely, which the main board rejected. His position must surely be under scrutiny by the internet community."

Interesting bugs are in the teeth of the beholder. dvdweyer writes "I myself do remember having read the whole interview with Bill Gates in Focus, a German weekly news magazine (their online service now seems to be part of MSN *yuck*). There are however resources online which provide full sources, in English, most notably RISKS in issue 17.43 (not 17.42) with a follow-up in issue 17.44."

When fan-subs just aren't what you want. May Kasahara writes "Studio Ghibli fansite Nausicaa.net now has official release dates for Region 1 DVDs of Kiki's Delivery Service , Laputa: Castle in the Sky , and Spirited Away , as well as official preview artwork of the disks and packaging. As a side note, the site now has a page up for Miyazaki's upcoming Howl's Magic Castle . See you at the video store on April 15!"

Fonts make your terminal much more useful. Russ Nelson writes "The Bitstream Vera fonts are available for trial use. Bitstream is still tweaking them, so they're under the provisional "no redistribution" license. You can download them yourself, though, and in about a month, put them in your software distribution. Kudos to X co-creator Jim Gettys for finally getting X some professional-quality fonts."

Dear Mr. Ashcroft: I hope you find this slag useful. eecue writes "Due to the recent MIT study concerning data recovery from old hard drives, we decided that the only foolproof means of data removal was complete destruction."

Slashback with more on Bill Gates' comments on bugs in Microsoft's code, the recent compromising of millions of credit card numbers, more .uk domain waffling, and more, including a foolproof way to stop anyone from reading data off of your discarded hard drive's platters.

Let me just slide your card a few dozen more times ... Any Web Loco writes "Following on from this piece on /., this story in the Sydney Morning Herald tells us that the company that got hacked (exposing up to 8 million credit card numbers) was Data Processors International. Not much to the story, but we now know who it was."

Another reason to be cautious about domains with "uk" in them. An anonymous reader writes "The Register reports that Nominet has looked at opening .net.uk up or killing it off and then decided it can't decide. The chair of sub-committee responsible, Clive Feather, is currently standing for re-election to Nominets Policy Advisory Board. The sub-committee he chaired had suggested shutting down net.uk entirely, which the main board rejected. His position must surely be under scrutiny by the internet community."

Interesting bugs are in the teeth of the beholder. dvdweyer writes "I myself do remember having read the whole interview with Bill Gates in Focus, a German weekly news magazine (their online service now seems to be part of MSN *yuck*). There are however resources online which provide full sources, in English, most notably RISKS in issue 17.43 (not 17.42) with a follow-up in issue 17.44."

When fan-subs just aren't what you want. May Kasahara writes "Studio Ghibli fansite Nausicaa.net now has official release dates for Region 1 DVDs of Kiki's Delivery Service , Laputa: Castle in the Sky , and Spirited Away , as well as official preview artwork of the disks and packaging. As a side note, the site now has a page up for Miyazaki's upcoming Howl's Magic Castle . See you at the video store on April 15!"

Fonts make your terminal much more useful. Russ Nelson writes "The Bitstream Vera fonts are available for trial use. Bitstream is still tweaking them, so they're under the provisional "no redistribution" license. You can download them yourself, though, and in about a month, put them in your software distribution. Kudos to X co-creator Jim Gettys for finally getting X some professional-quality fonts."

Dear Mr. Ashcroft: I hope you find this slag useful. eecue writes "Due to the recent MIT study concerning data recovery from old hard drives, we decided that the only foolproof means of data removal was complete destruction."

Slashback with more on Bill Gates' comments on bugs in Microsoft's code, the recent compromising of millions of credit card numbers, more .uk domain waffling, and more, including a foolproof way to stop anyone from reading data off of your discarded hard drive's platters.

Let me just slide your card a few dozen more times ... Any Web Loco writes "Following on from this piece on /., this story in the Sydney Morning Herald tells us that the company that got hacked (exposing up to 8 million credit card numbers) was Data Processors International. Not much to the story, but we now know who it was."

Another reason to be cautious about domains with "uk" in them. An anonymous reader writes "The Register reports that Nominet has looked at opening .net.uk up or killing it off and then decided it can't decide. The chair of sub-committee responsible, Clive Feather, is currently standing for re-election to Nominets Policy Advisory Board. The sub-committee he chaired had suggested shutting down net.uk entirely, which the main board rejected. His position must surely be under scrutiny by the internet community."

Interesting bugs are in the teeth of the beholder. dvdweyer writes "I myself do remember having read the whole interview with Bill Gates in Focus, a German weekly news magazine (their online service now seems to be part of MSN *yuck*). There are however resources online which provide full sources, in English, most notably RISKS in issue 17.43 (not 17.42) with a follow-up in issue 17.44."

When fan-subs just aren't what you want. May Kasahara writes "Studio Ghibli fansite Nausicaa.net now has official release dates for Region 1 DVDs of Kiki's Delivery Service , Laputa: Castle in the Sky , and Spirited Away , as well as official preview artwork of the disks and packaging. As a side note, the site now has a page up for Miyazaki's upcoming Howl's Magic Castle . See you at the video store on April 15!"

Fonts make your terminal much more useful. Russ Nelson writes "The Bitstream Vera fonts are available for trial use. Bitstream is still tweaking them, so they're under the provisional "no redistribution" license. You can download them yourself, though, and in about a month, put them in your software distribution. Kudos to X co-creator Jim Gettys for finally getting X some professional-quality fonts."

Dear Mr. Ashcroft: I hope you find this slag useful. eecue writes "Due to the recent MIT study concerning data recovery from old hard drives, we decided that the only foolproof means of data removal was complete destruction."

e8johan writes "The KDE PIM Team will integrate all their applications into one common interface and create an Outlook-like application.This is being done in the Kroupware project commissioned by the German government. There is a prototype of KOrganizer with KMain embedded into it (shots 1, 2), and another prototype with KMain running as a KPart in Kaplan (shot 1, 2, 3). This looks hopeful and if they manage to build the application as flexible and modular as other KDE projects this will hopefully mature into something great." Kroupware is a catchy name, but I wonder if the KDE team is aware of the English word croup.

Mr. Slippery writes: "While catching up on the RISKS Digest (ought to be mandatory reading), I leaned about the new Union for Representative International Internet Cooperation and Analysis, started by Peter G. Neumann, Lauren Weinstein, and David J. Farber, names of some significance. Their goal: "The Internet should be dedicated to the needs and well-being of people all over the world, in a truly representative and fair manner.""

Bill Kendrick writes: "Thanksgiving was a great day for Linux PDA gaming. Not one, but two classic id games were ported to not one, but two different Linux PDAs! Quake (screenshots) is available for the Sharp Zaurus and the original Wolf3D is out for the Agenda VR3. Now if only they could do Unreal Tournament over IR ports..."

Embedded Geek asks: "As computers are embedded in more and more products these days, I was wondering if any developers out there had any good war stories to share. Whether it's scary (software problems at a Czech nuclear power plant) or simply amusing (personal experience - once caught a bug in the software for an airliner I was writing code for where flushing two toilets at the same time would reset the cabin lighting computer), post your stories of embedded software causing bizarre or unexpected problems here. Shameless plug: The best ongoing source for this subject matter I have ever seen is the ACM Forum On Risks To The Public In Computers And Related Systems, found on the USENET as comp.risks." As our technology progresses, the need for better debugging of our complex systems becomes more and more aparent. These stories are illustrations of this fact. How would you improve the current techniques?

Embedded Geek asks: "As computers are embedded in more and more products these days, I was wondering if any developers out there had any good war stories to share. Whether it's scary (software problems at a Czech nuclear power plant) or simply amusing (personal experience - once caught a bug in the software for an airliner I was writing code for where flushing two toilets at the same time would reset the cabin lighting computer), post your stories of embedded software causing bizarre or unexpected problems here. Shameless plug: The best ongoing source for this subject matter I have ever seen is the ACM Forum On Risks To The Public In Computers And Related Systems, found on the USENET as comp.risks." As our technology progresses, the need for better debugging of our complex systems becomes more and more aparent. These stories are illustrations of this fact. How would you improve the current techniques?

Apologies for the AYB title, but that's just what everyone is calling it. Passport is the central repository for your passwords and "personal information" I've looked over the Passport Terms of Use and tried to give them the benefit of the doubt. But I can't read it any other way than this. By "inputting data ... or engaging in any other form of communication with or through the Passport Web Site" -- or any of its "associated services" -- you grant Microsoft the rights to "use, modify, copy, distribute, transmit, publicly display, publicly perform, reproduce, publish, sublicense, create derivative works from, transfer, or sell any such communication" and -- just when you were thinking it couldn't get any worse -- "exploit any proprietary rights in such communication, including but not limited to rights under copyright, trademark, service mark or patent laws." Am I wrong? Is that not what it means? And, is Hotmail affected by this?

One of the key questions is what Microsoft means by "associated services." The terms of use agreement applies to "the Microsoft Passport Web Site" which they redefine in the first sentence to mean "a Web site and its associated services."

Later in the terms, they explicitly say:

"The Passport Web Site may contain bulletin board services, chat areas, news groups, forums, communities, personal web pages, group calendars, electronic mail postings and/or other message or communication facilities designed to enable you to communicate with the public at large or with a group (collectively, 'Communication Services')..."

That doesn't sound like a simple site for password- and personal-data-storage to me.

The really big thing that everyone seems to be worried about is, how is Hotmail email affected by this? Here's the Hotmail Terms of Use. So is Hotmail an "associated service"? How would we know? Passport is listed as one of Hotmail's "additional Microsoft web sites and/or services"; what does that mean? If Hotmail is associated with Passport, does that mean Passport is associated with Hotmail? (Is "association" associative?)

And the fact that any access of www.hotmail.com redirects me to a machine at hotmail.passport.com worries me a lot. How could these sites not be considered "associated"?

Some more tidbits...

Don't forget that Passport is a TRUSTe licensee. TRUSTe stands 100% behind their privacy statement, so you can really, really trust that All Your Bits Are Belong To Us. (The joke is that TRUSTe doesn't actually guarantee you any privacy. It supposedly guarantees that, if you can wade through the legal mumbo-jumbo, you'll find yourself being screwed in precisely the way that the lawyers tell you you're being screwed.)

Here's a directory of the sites that use Passport for single-sign-in or purchasing.

You read it here first. Slashdot predicted this eight months ago. "Microsoft Passport And Your Privacy," July 29, 2000: "...I'm sure Microsoft uses it as a user-tracking system more than anything else." Go read Joel's article, from eight months ago, in which he explains how Passport "eliminates the last line of defense protecting your privacy" and how Microsoft will "create a massive consumer information database."

An article in the Daily Aardvark points out that Netscape users have a hard time reading Passport Q&A.

Bryan Smith has a thoughtful rant about what this would mean for open-source software. Dual copyright? Hmmmm. Here's your link, Bryan: "Dual-copyright/licensing" of your IP withOUT your permission.

A RISKS submitter calls it "highway robbery."

Don't forget that Passport is the website for which Microsoft forgot to pay its $35 domain registration fee, back around Christmas '99. This is the company you want to entrust your passwords to?

And finally, All Your Bits may be hard to retrieve once they Belong To Us. jasonjwwilliams writes "After reading about the new Hailstorm.net initiative by Microsoft, and how once integrated with Passport.com, any communcations sent in conjuction with the service in any manner becomes the property of Microsoft, I asked Passport.com to remove me. The response: we don't do that, wait 12 months to be auto-removed. After three e-mails here's the bottom line I received:

"Due to security reasons we do not allow nor do we have a feature to delete Passport accounts. Rest assured that if you do not access your account within 12 months our system will automatically delete your account."

"I don't know about anyone else, but I think this is a completely lame response and as far as I understand against the law. Anyone know who to get a hold of? This is arrogance gone too far."

dmearns writes: "Picked this up from comp.risks. It seems the UK government is planning on requiring computer controlled speed limiters on cars within 5 years. The system uses GPS to figure out if the vehicle is in a speed limited zone. The original story is here. I suppose it is inevitable that officials would think of something like this, but I never thought people would accept it!"

Bell Would? writes: "A key feature of the brief news item, 'The end of the Multics era,' in the latest issue of the The Risks Digest is the 'list of goals' Multics had fulfilled which, as the author describes them, are as relevant today as they were 35 years ago." Odd -- I assumed these were all long since junked or put into museums, since my first exposure to the name Multics was in books which spoke mostly in the past tense. That list of goals is one that I hope architecture designers consult frequently.

Bell Would? writes: "A key feature of the brief news item, 'The end of the Multics era,' in the latest issue of the The Risks Digest is the 'list of goals' Multics had fulfilled which, as the author describes them, are as relevant today as they were 35 years ago." Odd -- I assumed these were all long since junked or put into museums, since my first exposure to the name Multics was in books which spoke mostly in the past tense. That list of goals is one that I hope architecture designers consult frequently.

Until this week, I've been unconvinced by those who say the U.S. election process needs to be conducted with computers instead of paper, pencil, and punchcards. I've changed my mind. It's time to take a good hard look at our ancient voting system, and bring it up to date. When today's 14-year-olds go to vote in the 2004 elections, will they still take the pencil from the volunteer, slide the punchcard into the molded plastic, and turn the weird knobs? Or will they use the technology they've grown up with?

My change of heart came while listening to an NPR story last night. Election results for one county in Michigan were held up for two hours because some volunteers with ballots were barricaded in the building by a bear. A bear! What century is this?

There are some fair concerns about moving to a more-than-just-dead-trees voting system. We have to consider what the impact will be on voter enfranchisement. A change that makes it possible for the rich to vote by telepathy, for example, while the poor have to drive a hundred miles uphill both ways (to access a non-telepathic voting booth) would not be exactly democratic.

Would it have been fair, in 2000, for the middle class to be able to vote from the comfort of their homes and jobs, while the poor and homeless had to get to a voting booth? I don't know.

But my best guess is that, by 2004, this won't be a question anymore. Plot the percentage of lower-income homes with internet access from 1996 to 2000, and then extrapolate another four years. So if it should be done, how can it be done? There are five key issues to solve: authorization, anonymity, data confidence, UI, and security.

I propose a system in which each voting booth runs a webserver which logs votes (without identification) to two internal media (hard disk and floppy would be good, see below). Once the polls close, each booth's computer can be totalled and sent over the internet to the state's central server.

Meanwhile, any computer that speaks https on the internet would become a voting booth of its own, running slightly different software.

Each state's official results could be in an hour after its polls close. Which beats the ten-day waiting period we have now for our overseas ballots.

Authorization isn't really that hard: When you register to vote, you (by default) get a password delivered by snail-mail a week before the election. Tampering with that mail is a federal offense, of course. On election day you use secure http to sign in from anywhere with your name, address and password. Lose the password? Sorry, you don't get the comfort of home/work; you go to the voting booth with everyone else.

Anonymity is trivial; any logs with identifying information either don't get stored, or get wiped immediately.

Computers crash. Data confidence means the servers write the votes to multiple media: network, hard drive, flash RAM. A dot-matrix printer makes a good emergency backup medium.

This system also needs a dirt-simple GUI for voters connecting from home or work. No butterfly webpages necessary; click a name, and get a confirmation screen that shows you name, party, (importantly) photo, and big "yes" and "no" buttons.

At the voting booth it can be even simpler, using touch-screens.

Security is, of course, always a problem. Secure http effectively eliminates the man-in-the-middle attack, so the main worry are that an attacker will be able to run unauthorized code on a government computer which could (read) correlate my name with my vote or (write) change my vote. I'm going to go out on a limb and say that a completely open-sourced system, from the kernel up, combined with clean-room installations at a secure location, can make these concerns minor by comparison to existing vote-fraud concerns.

(My vote would go to OpenBSD, Apache, and Mozilla, though of course good luck predicting what will be best four years from now.)

Also, net admins overseeing the effort need to have enough access to track and lock out attackers, but obviously they can't have access to change the election results. Lock them in a room for the day with a hundred video cameras tracking everything they do, like the officers on missile-launch duty. Many net admins will find this a relaxed and enjoyable work environment compared to their current jobs.

There are many problems that have to be solved -- please bring up the ones I haven't mentioned here, let's start the debate! My hunch is that they can be solved. And the overriding question must be, will it be an improvement over the current system?

Given that Florida's election is being decided by a 400-vote difference, with 19,000 botched votes thrown out, I'd say the impossibility of clicking on two presidential choices at the same time makes this system a huge win.

The broken user interface on our existing punch-cards system is probably going to give us the wrong President of the United States. How much worse could a digital system really be? I don't claim to have all the answers, but I know what century it is, and the time for Little House on the Prairie nonsense is over. Let's make this happen for 2004.

I'll give my last word to Andre Uratsuka Manoel, a partner at the internet firm Insite, in Brazil. (Props to TBTF for putting Andre and me in touch.)

Brazil has a 100% electronic election. On election day I go my "electoral section," identify myself, sign my name. The "section president" then types in my code and I walk to the booth which is in a corner of the room where no one can see my vote. I then type the number of my candidate, see his/her photo and press "confirm."

The voting machines store the votes in at least three different places: a floppy disk (which is locked), a flash card and the internal hard disk. There are written procedures for any kind of failure I could think of and back-up machines readily available. Those machines can connect to a phone line and send their results to the Election Court of the state.

The results are proclamed extremely fast. On the mayoral run-off elections that happened 2 weeks ago, results were out 2 hours after the election in the city I live in (Sao Paulo, with about 6 million voters) and 6 hours after it in the last city in which there was a run-off. In my home city the results came out a little after the election sites closed and the result was proclamed with the winner having 40 thousand votes more than the second place (0.4% of 1 million votes).

In the first round of elections in Sao Paulo, the third place contestant lost the ticket for the run-off elections by less than 0.1%. The one who lost didn't even think of contesting the results because no one thought there were any kind of frauds.

In the first round, 100 million voters (about the same as the active voters in US) in 5 thousand cities chose their mayors and councelors. All the results were proclaimed 30 hours after the voting closed.

This happens in a country that has a much lower level of literacy, technology-savvy and of money as the U.S. Remember that some mayors were chosen in places hours away from anyplace else (even by plane), i.e. in the middle of the rain forest. Those places don't have electricity.

Of course there were complaints, but not because of the electoral process. Mostly they were due to campaigning on the election day, voter transportation and coercion.

(Updates: Dave Riesz mentioned Riverside County, California, which has an electronic voting system already in place. Their 2000 primary turnout was the highest in 20 years, which may or may not mean anything. That led me to the California Internet Voting Task Force which looks interesting. Don Wegeng pointed me to RISKS thoughts by Douglas Jones. Brian Dunbar points out "Hurrah for Slow Recounts" by the always-interesting Ellen Ullman.

Lee Coursey passes along Elizabeth Ferrill's Discussion of Electronic Voting. James McCann, a programmer at VoteHere.net, says my description is "not terribly far off but very incomplete" -- I'll take that as a compliment -- check out his site and SecurePoll.com too. And finally, a story in Salon that makes my point better than I could: "Confessions of a Florida Poll Worker."

If you have more links or information, emailme.)

Thanks to Jason Bennett, who wrote this review of The Limits of Software. Robert N. Britcher explores in this book what software is and where software is going -- and what it really means.

The Limits of Software author Robert N. Britcher pages 214 publisher Addison Wesley rating 7 reviewer Jason Bennett ISBN 0-201-43323-0 summary Where we've been, where we're going, and the implications therein

Background

Before I launch into my latest review, I'd just like to say thanks to Hemos and Slashdot on the occasion of my twentieth review posted here. It's been 25 months since the first one (August, '98), and I've really appreciated the opportunity they've given me. Nice excuse to do something I should do anyway! :-)

The Scenario

"But it is not the practitioners alone who are so moved. A thousand years in the making, the religion of technology has become the common enchantment, not only of the designers of technology but also those caught up in, and undone by, their godly designs. The expectation of ultimate salvation through technology, whatever the immediate human and social costs, has become the unspoken orthodoxy, reinforced by a market-induced enthusiasm for novelty and sanctioned by a millenarian yearning for new beginnings. This popular faith, subliminally indulged and intensified by corporate, government, and media pitchmen, inspires an awed deference to the practitioners and their promises of deliverance while diverting attention from more urgent concerns. Thus, unrestrained technological development is allowed to proceed apace, without serious scrutiny or oversight -- without reason. Pleas for some rationality, for reflection about pace and purpose, for sober assessment of costs and benefits -- for evidence even of economic value, much less larger social gains -- are dismissed as irrational. From within the faith, any and all criticism appears irrelevant, and irreverent." (TLOS, xxiii)

-- David F. Noble, The Religion of Technology, as quoted in The Limits of Software

I had the privilege of spending a few weeks with a good friend of mine in Eastern Europe back in July. Of course, to go anywhere on a budget in Europe requires a lot of train travel. Alas, there are no bullet trains in Slovenia, which gave me plenty of time to take in some reading when I wasn't chatting with my fellow passengers ...

The Limits of Software is a unique book in many ways, not the least of which is that it reads more like a collection of life stories than a lecturing textbook. Most computer books simply give you data, or even information, in a straightforward manner, hopefully punctuated by some interesting anecdotes. Britcher, instead, has packaged with words slices of time which illustrate various points about where computer programming has been, and where software development is going (note the terminology change). I certainly won't try to describe them all, but theme which runs through the book is illustrated in the opening quotation: software is not our savior. There is no "one great system" that will be able to handle things. The FAA's botched air traffic control system is used as one illustration in the book, but the point is made about all software: we cannot and must not worship it.

There's one point that I find simultaneously funny and sad: It's in the chapter on testing, and the inherent futility of such an activity on complex programs. Britcher discusses the Y2K bug, and mentions the survivalist movement.

"Just as regular folks built bomb shelters in the 1950s and 1960s to add life time to a planet white with nuclear snow, regular folks are now storing large caches of food, water, toilet paper, clothing, and, of course, the American twinship: sacred literature and ammo. One man who agreed to be interviewed for the piece was quoted: 'When you first hear about it, most people are in total denial. They can't believe that Bill Gates won't come up with a magic bullet.' (That the general population believes that Bill Gates has the answers to our programming problems is more frightening than the rollover of the millennium.)" (TLOS, 59)

I quote this not as a shot at Bill (although, this being Slashdot, I'm sure some will take it that way), but to point out the inherent risks in the statement, which illustrate Britcher's point. Software is dangerous, because it does so much yet is so fragile. We (even we programmers at times) view it as a holy grail. We cannot understand how our mechanical saviors could possibly fail us. Yet, software failures are rampant, in every facet of our society (see the Risks Digest if you need examples). Software cannot solve our problems. Our problems are inherent within ourselves. As we continue to rely more and more on machines to live for us, we must remember that they, like their creators, are fallible. What's Bad? / What's Good?

When I finished TLOS, my first reaction was to think of the old saw about the life of a fighter pilot: "hours and hours of sheer boredom, punctuated by moments of sheer terror." Britchner's stories seemed to drone on at points. The FAA story was left to the end. Why did he have to go on and on about all this random stuff?

In retrospect, though, I think I have a better grasp of what Britcher was trying to convey. This is not a disaster movie told in the guise of software engineering; this is a story about one man's journey through software, and the conclusions he's come to. Read this as an technological autobiography, and I think you'll appreciate the points being made. As I said earlier, it's different, but rewarding in the end.

So What's In It For Me?

A reminder that the Tower of Babel still lives in the hearts and minds of men.

You can purchase this book at Fatbrain.

Table of Contents

• Foreware by Robert L. Glass
• Prologue
• Part I
  1. Early Systems
  2. Theories of Programming
  3. The Human Element
  4. Designing
  5. Code: The Stuff of Programs
  6. Testing Computer Systems
  7. The Impossible Profession
  8. Life on the Project
• Part II
  1. Supervision Through Language
  2. How Technology Changes Methods
  3. Size and Intellectual Gravity
  4. The Marketing of Science
  5. Errors
  6. The One Great System
  7. The Government of Programming
  8. The System to End All
  9. The End-All of Programming
• Afterward
• Reading List

WeThree writes " A German couple drove their BMW with great confidence under control of its computerized satellite navigation. Indeed, they drove it past a stop sign, down a ferry ramp, and into the Havel River in Caputh, near Potsdam/Berlin, Germany. The computer system reportedly neglected to tell them they needed to wait for the ferry." Looks like it's not quite ready to put in autodrive mode yet.