Slashdot Mirror

Pig Hogger writes "It's official. The IETF has officially decided NOT to " consider requirements for wiretapping " in protocols, says this Wired.com story.

Now that they won't touch it, does this means that the vendors will implement it themselves? If so, I can't wait to see the backstabbing and fumbling that will happen when they will try to keep their proprietary ways under wraps... What will we see, a CISCO wiretapping standard, which is thoroughly incompatible with the Lucent Bugging Protocol??? "

Krimsen writes "Looks like Clemson Universty felt the pressure from angry students being denied free long distance. They are allowing access to dialpad.com."

Eraser_ writes "Wired has an article on China's latest attempt to control the masses. All companies and individuals using any form of encryption had to register with the government in a small building in an alley. Only a few people showed up. I wonder if they will execute the nine million who didn't register."

The MPAA (or rather, the MPAA's law firm) is now sending out demand letters to Web sites which they are accusing of violating the Digital Millenium Copyright Act by posting, or even linking to, the css-auth code. One recipient's draft response looks to be quite succinct. Wired is also running a summary of the legal maneuvers surrounding CSS.

[Aside: The strategy here is fairly clear: file suit against a few individuals who can be characterized as "hackers", "copyright pirates" or whatever the appropriate derogatory term is today, wait until that story hits the press, then use a search engine and the whois database to locate and send scary letters off to hundreds or thousands of other sites which post or link to the LiViD code.

The MPAA realizes, of course, that they cannot file suit against everyone who has posted the css-auth code. So for the suits that it does file, it's important to pick people who call themselves "hackers" and can be characterized as thieves to the court, whether they've actually committed any offense or not. Thus they chose defendants such as 2600.com rather than more "respectable" individuals.]

The MPAA (or rather, the MPAA's law firm) is now sending out demand letters to Web sites which they are accusing of violating the Digital Millenium Copyright Act by posting, or even linking to, the css-auth code. One recipient's draft response looks to be quite succinct. Wired is also running a summary of the legal maneuvers surrounding CSS.

[Aside: The strategy here is fairly clear: file suit against a few individuals who can be characterized as "hackers", "copyright pirates" or whatever the appropriate derogatory term is today, wait until that story hits the press, then use a search engine and the whois database to locate and send scary letters off to hundreds or thousands of other sites which post or link to the LiViD code.

The MPAA realizes, of course, that they cannot file suit against everyone who has posted the css-auth code. So for the suits that it does file, it's important to pick people who call themselves "hackers" and can be characterized as thieves to the court, whether they've actually committed any offense or not. Thus they chose defendants such as 2600.com rather than more "respectable" individuals.]

Stavr0 wrote to us with a return of an idea that already had its time. Yes, despite death of DIVX, a company is working on creating DVD discs that will work with existing DVD players but will stop working after a certain amount of time. The process is at least an interesting one: the company has created a special coating that is activated when hit by the DVD laser. From that moment of contact, the disc begins degrading, a process which can anywhere from minutes to three days.

No Such Agency writes "Wired News reports that Hedy Lamarr has died at the age of 86. Lamarr was not only a sex symbol and film star in the 30's-40's but also invented 'spread-spectrum' or frequency-hopping radio (with composer George Antheil). Originally intended to provide jamming-proof communications and remote torpedo control, the technology is one of the foundations of modern wireless communications, including wireless internet connections and GPS. Unfortunately their innovation was not appreciated until after their patent had expired. You can read more about Lamarr and spread-spectrum radio here."

kerouac points out a Boston Globe story about a man charged with civil rights violations for his Web site, after a slow two-year investigation. He writes: "Okay... I don't want to start a race flame-war, but it looks like the courts are starting to regulate 'hate speech'. I take pride in the fact that my bleeding-heart liberalism makes me hate what this guy's site is all about, but the U.S. courts are regulating/censoring this person's right to be a jerk." As described, the Web page sounds like a death threat, which would not be protected speech. A Wired story has more detail. For some reason the DoJ has not filed criminal charges for the alleged threat, so the man is being charged under the Fair Housing Act for preventing someone from making use of the FHA.

Paul Johnson writes "In this news story Wired says that the Australian net censorship law is about to come into effect, and give some details of how it will work. In particular it seems that the Australian Broadcasting Authority is 'unlikely to release the specific names or Web addresses of sites in order to avoid granting them unnecessary publicity.' So it would seem that Australians are not even allowed to know what is being censored." That's the way it works: keeping us in the dark makes it harder to judge whether keeping us in the dark is fair. It doesn't make sense; even Sen.McCain urged full disclosure for censorware.

Quite a lot of people have been submitting the Wired article about the "discovery" of two strains of bacteria that could be extra-terrestrial in origin. Carrying along with that beat, the Boston Globe has a report about where life on Earth came from, and whether it was Martian in origin. *Rant* The Wired article in particular makes me cross. Two strains in question, to my knowledge, have been known by biologists for at least a couple decades. The fact that they /might/ be able to survive extra-terrestrial conditions doesn't mean they are extra-terrestrial. In fact, the environments where bactera like this are often found, like deep sea vents, are in many ways just as "bad" as extra-terrestrial travel. Perhaps it's a pot-kettle situation with me, but bad science coverage irritates me greatly. */Rant*

Wired has a follow-up on religious leaders in Jerusalem banning the use of the internet for their followers. Includes some great quotes from a woman who's inflicted nine children on the world but who apparently has no ability to control them.

cencini writes "Here is an article from the MIT Technology Review regarding the future possibilities of nanotechnology in hospitals and genetic engineering. " There's been some recent coverage of the possibilites of using nanotechnology in medicine including a Wired article earlier this week. As always, this is merely one facet of what nanotechnology can - and will do.

Omicron writes "Scientists have now discovered how to clone animals from cells that have been in "storage" for an extended period of time, something previously though impossible. The technology can also be used to help repair organs and body parts without having to clone an entire animal/person. You can read the story here at Wired. "

The Inphidel wrote, "Hackers, and maybe even crackers, the goverment wants YOU. Seems the pentagon wants to make sure enough GEEKS are on hand to kick some technological [redacted]. Sounds like fun to me." Story at Wired; another one on the same topic at Yahoo! News was submitted by Doofus.

Fillup writes "According to this article from Wired News, the ever-so-security-conscious Microsoft has overlooked yet another major privacy and security issue." Basically the bug allows sending of email from unknowing WebTV surfers. Amusing that they're using it to spam the abuse email address, but its a definite concern.

The big Y2K news was that there wasn't any. What happened? Was this a catastrophe averted or invented? After several years of sustained computing industry, media and political hype, could anybody could have imagined that there would be no serious Y2K problems at all in the developed and non-developed worlds? That no city in the world turned dark, no bank shut down, no phones were cut off, no planes fell from the sky, no dearth of food or water cropped up anywhere? In fact, as of Monday no human being was known to have died or been injured - or truthfully, even significantly inconvenienced - as the result of any computer-related problem at the end of the century.

"Why did we fall for this hype?" e-mailed one member of a Year 2000 online discussion group. "I feel cheated, betrayed, misused, abused, deceived and everything else!"

It's a good question, and it was being asked all over the Internet, and in much of the world. Were we duped or saved?

There were minor equipment failures at a handful of hospitals and nuclear plants. Financial industry employees around the world completed their second day of testing and said they encountered few, if any problems, and anticipate little trouble when U.S. markets opened today.

This after an incalculable drumbeat of alarm, hysteria and wild speculation. For sure, genuine problems had surfaced, and hats off to the planners, programmers and engineers who spent the past few years fixing them. But the reality was wildly divergent from the hysteria that preceded it. If anything, the Y2K obsession suggested just how central technology has become to much of the world, and just how little even the so-called experts really know about it or how it works.

By this morning, it was no longer clear whether Y2K was a miracle or a disgrace.

Friday afternoon, a wave of e-mail and reporters in Australia and New Zealand signalled the fizzling of one of the biggest stories in the history of technology. By Friday night, bored and bewildered TV reporters were broadcasting live from someplace called the Y2K International Co-Operation Center, but they had no news to report, and by midnight, some federal workers could be seen dozing at their terminals. The FAA Control Center in Virginia had giant screens showing thousands of airborne blips moving peacefully to their planned destinations. There were some heart-monitors down in Swedish hospitals, a U.S. Army cash register malfunctioning in Okinawa, and slot machines in Delaware out for a few hours. A spy satellite went on the fritz for awhile.

Otherwise, in an act of spectacular defiance, even heroism, tens of millions of people all over the earth gathered in urban centers to celebrate the new century. They did not stockpile food and water, as they were advised to by many newspapers, TV stations, government agencies, and local Red Cross chapters. They did not hoard cash. Much more than their pundits or elected leaders, they put their faith in technology.

They celebrated the new century with a defiant global outpouring of optimism and faith. As was the case 100 years ago, technology was a central theme of the century change, from the Millenial Dome in England to the techno-themed ferris wheels rotating along the Champs Elysee in Paris. A curious exception to the global celebration was the United States, content to watch it's ball drop in Times Square, a crowded and exuberant but comparatively visionless and primitive national celebration.

The big news may be that people don't really have to rely on bureaucrats and journalists anymore -- a reason, maybe, why they were so calm and happy. More than 6 million people logged onto New Zealand websites to learn for themselves early Friday that the Y2K had arrived without harm or injury. This good news was followed on the Net from East to West all day long.

"Was the threat of technology failure overstated?," asked the New York Times on Sunday, "or did spending hundreds of billions of dollars to fix things avert a catastrophe?"

Most engineers and programmers seemed to agree that there were, in fact, real problems associated with Y2K bugs, and that real trouble had been averted by the billions spent globally to upgrade and de-bug.

But it also seems obvious that Y2K problems were wildly exaggerated, online and off.

Modern media are almost continuously irrational when it comes to covering technology. The Internet has given the off-line world a rolling nervous breakdown, from which it has yet to recover. For much of the past year, TV stations, networks and newsmagazines sounded a steady stream of alarms about Y2K - the very term became a household world.

Last week Wired News, irked by all the greatest -hits lists emerging about the 20th century, offered a refreshing look at a "century of spectacular failure" from the Titanic to World Wars I and II, the Challenger launch and Chernobyl. They called their report "A Century of Spectacular Failure," citing one techno-disaster after another.

It was a healthy antidote to all the heavy breathing. This past century, we were assured by journalists and politicians, was also going to end unhappily, in a nightmare of collapsing programs, off-line banks and utility and transportation programs.

Countless individual humans pulled us back from that supposed abyss. There were no spectacular failures. They got the 21st century off to a great start.

But the biggest Y2K question looms even larger this morning than it did on Friday. Was the Y2K scare real? Was it a catastrophe averted or invented? Jump on in:

Yesterday, while the management of eToys was faxing, calling, and emailing the media to get its story out, its legal team had sent a very different message. You probably saw our pointer to the Wired story which claimed the toy company had "given up." No such luck. The story behind the scenes was a little different. Click for more.

It's one thing to drop a lawsuit. It's another to "move away" from it. According to Chris Truax, the lawyer for the Etoy art group, which version the media heard depended on what time they were in touch with the eToys management. The initial version, he claims, was that eToys was dropping the suit. A later version was that they were "backing away" from the suit. A third version reassured the press that a precondition specified in the legal document was never intended to be a demand - only a request.

To see how the coverage changed throughout Wednesday, see the first Wired story, then the NYT/CNET story, the Yahoo/TheStandard story, and then the second Wired story.

The problem was that eToys.legal was not working from the same playbook as eToys.PR. The precondition, clearly a showstopper, also calls into question whether the giant toy firm has a clue about what is really at stake.

That precondition was:

"to give good faith consideration, as our neighbor on the Internet, to concentrating the profanity, nudity and violence that is sometimes part of the etoy corporation message on etoy corporation's other websites."

Asking artists to censor their work, of course, flies like a lead wheelbarrow. At the same time the company spokesman was saying "our intent was never to silence free artistic expression," their legal team was doing precisely that. The entire short letter in which this request was made was focused on finding a resolution to the perceived problem of "profanity, nudity, and violence," and concluded by noting that co-existence was possible if "etoy corporation will respond favorably to this proposal."

The later Wired story quotes eToys management as putting this spin on it:

"This is a simple, straightforward, good-faith effort on our part to resolve this matter. We are asking that they make good-faith efforts to put some of the material that kids and parents might find offensive on another part of the site."

They can repeat the words "good faith" all they like, but that doesn't make this any less censorship. Imagine operating as an artist, knowing that for the rest of your tenure with the Etoy art group you must work very carefully not to put material inappropriate for children too close to your homepage. One use of the F-word already led to this lawsuit; how hair-trigger would the lawyers be the second time around? You'd want to tone down your message, lest you be accused of working in "bad faith."

But maybe this letter was just badly worded; perhaps there was a miscommunication somewhere between the PR and the legal departments.

Or, maybe this whole episode was a cynical attempt to calm down the activist community and get the story out of the public eye.

Think about what eToys is really saying. They have cost the art group a fair amount of money in legal bills and have shut down their website for (to date) a month. Now they say they want to walk away as long as Etoy does the same.

If someone came onto your property, stole your computer - and then a month later, after you'd spent thousands of dollars trying to get it back, offered to return it on the condition that you promised not to sue - would you be inclined to accept that condition?

How would you feel if they asked you to make a "good-faith effort" not to use your computer to write any "profanity"?

Chris Truax stopped short of saying whether Etoy would or would not continue their defensive countersuit if eToys' original suit were dropped, saying only "if the suit is dropped unilaterally, that's a very positive step." In my talks with him, he has seemed committed to finding a way to settle this matter without resorting to a knock-down, drag-out court battle, and he has said he'd like to help eToys management to educate themselves about being good netizens.

But he also pointed out several times that "the devil is in the details." And, of course, he's right. This whole mess won't be over until it's over.

It's a shame that the courts are still seeing issues like these at the end of 1999; those in positions of power should have learned about being good netizens by now. Etoy's story isn't all that unusual. While the art group has been under fire, there have been simultaneous attacks on the scholarly arts organization Leonardo and a computer club which happens to share the same initials as the BBC. Stay tuned.

Yesterday, while the management of eToys was faxing, calling, and emailing the media to get its story out, its legal team had sent a very different message. You probably saw our pointer to the Wired story which claimed the toy company had "given up." No such luck. The story behind the scenes was a little different. Click for more.

It's one thing to drop a lawsuit. It's another to "move away" from it. According to Chris Truax, the lawyer for the Etoy art group, which version the media heard depended on what time they were in touch with the eToys management. The initial version, he claims, was that eToys was dropping the suit. A later version was that they were "backing away" from the suit. A third version reassured the press that a precondition specified in the legal document was never intended to be a demand - only a request.

To see how the coverage changed throughout Wednesday, see the first Wired story, then the NYT/CNET story, the Yahoo/TheStandard story, and then the second Wired story.

The problem was that eToys.legal was not working from the same playbook as eToys.PR. The precondition, clearly a showstopper, also calls into question whether the giant toy firm has a clue about what is really at stake.

That precondition was:

"to give good faith consideration, as our neighbor on the Internet, to concentrating the profanity, nudity and violence that is sometimes part of the etoy corporation message on etoy corporation's other websites."

Asking artists to censor their work, of course, flies like a lead wheelbarrow. At the same time the company spokesman was saying "our intent was never to silence free artistic expression," their legal team was doing precisely that. The entire short letter in which this request was made was focused on finding a resolution to the perceived problem of "profanity, nudity, and violence," and concluded by noting that co-existence was possible if "etoy corporation will respond favorably to this proposal."

The later Wired story quotes eToys management as putting this spin on it:

"This is a simple, straightforward, good-faith effort on our part to resolve this matter. We are asking that they make good-faith efforts to put some of the material that kids and parents might find offensive on another part of the site."

They can repeat the words "good faith" all they like, but that doesn't make this any less censorship. Imagine operating as an artist, knowing that for the rest of your tenure with the Etoy art group you must work very carefully not to put material inappropriate for children too close to your homepage. One use of the F-word already led to this lawsuit; how hair-trigger would the lawyers be the second time around? You'd want to tone down your message, lest you be accused of working in "bad faith."

But maybe this letter was just badly worded; perhaps there was a miscommunication somewhere between the PR and the legal departments.

Or, maybe this whole episode was a cynical attempt to calm down the activist community and get the story out of the public eye.

Think about what eToys is really saying. They have cost the art group a fair amount of money in legal bills and have shut down their website for (to date) a month. Now they say they want to walk away as long as Etoy does the same.

If someone came onto your property, stole your computer - and then a month later, after you'd spent thousands of dollars trying to get it back, offered to return it on the condition that you promised not to sue - would you be inclined to accept that condition?

How would you feel if they asked you to make a "good-faith effort" not to use your computer to write any "profanity"?

Chris Truax stopped short of saying whether Etoy would or would not continue their defensive countersuit if eToys' original suit were dropped, saying only "if the suit is dropped unilaterally, that's a very positive step." In my talks with him, he has seemed committed to finding a way to settle this matter without resorting to a knock-down, drag-out court battle, and he has said he'd like to help eToys management to educate themselves about being good netizens.

But he also pointed out several times that "the devil is in the details." And, of course, he's right. This whole mess won't be over until it's over.

It's a shame that the courts are still seeing issues like these at the end of 1999; those in positions of power should have learned about being good netizens by now. Etoy's story isn't all that unusual. While the art group has been under fire, there have been simultaneous attacks on the scholarly arts organization Leonardo and a computer club which happens to share the same initials as the BBC. Stay tuned.

Yesterday, while the management of eToys was faxing, calling, and emailing the media to get its story out, its legal team had sent a very different message. You probably saw our pointer to the Wired story which claimed the toy company had "given up." No such luck. The story behind the scenes was a little different. Click for more.

It's one thing to drop a lawsuit. It's another to "move away" from it. According to Chris Truax, the lawyer for the Etoy art group, which version the media heard depended on what time they were in touch with the eToys management. The initial version, he claims, was that eToys was dropping the suit. A later version was that they were "backing away" from the suit. A third version reassured the press that a precondition specified in the legal document was never intended to be a demand - only a request.

To see how the coverage changed throughout Wednesday, see the first Wired story, then the NYT/CNET story, the Yahoo/TheStandard story, and then the second Wired story.

The problem was that eToys.legal was not working from the same playbook as eToys.PR. The precondition, clearly a showstopper, also calls into question whether the giant toy firm has a clue about what is really at stake.

That precondition was:

"to give good faith consideration, as our neighbor on the Internet, to concentrating the profanity, nudity and violence that is sometimes part of the etoy corporation message on etoy corporation's other websites."

Asking artists to censor their work, of course, flies like a lead wheelbarrow. At the same time the company spokesman was saying "our intent was never to silence free artistic expression," their legal team was doing precisely that. The entire short letter in which this request was made was focused on finding a resolution to the perceived problem of "profanity, nudity, and violence," and concluded by noting that co-existence was possible if "etoy corporation will respond favorably to this proposal."

The later Wired story quotes eToys management as putting this spin on it:

"This is a simple, straightforward, good-faith effort on our part to resolve this matter. We are asking that they make good-faith efforts to put some of the material that kids and parents might find offensive on another part of the site."

They can repeat the words "good faith" all they like, but that doesn't make this any less censorship. Imagine operating as an artist, knowing that for the rest of your tenure with the Etoy art group you must work very carefully not to put material inappropriate for children too close to your homepage. One use of the F-word already led to this lawsuit; how hair-trigger would the lawyers be the second time around? You'd want to tone down your message, lest you be accused of working in "bad faith."

But maybe this letter was just badly worded; perhaps there was a miscommunication somewhere between the PR and the legal departments.

Or, maybe this whole episode was a cynical attempt to calm down the activist community and get the story out of the public eye.

Think about what eToys is really saying. They have cost the art group a fair amount of money in legal bills and have shut down their website for (to date) a month. Now they say they want to walk away as long as Etoy does the same.

If someone came onto your property, stole your computer - and then a month later, after you'd spent thousands of dollars trying to get it back, offered to return it on the condition that you promised not to sue - would you be inclined to accept that condition?

How would you feel if they asked you to make a "good-faith effort" not to use your computer to write any "profanity"?

Chris Truax stopped short of saying whether Etoy would or would not continue their defensive countersuit if eToys' original suit were dropped, saying only "if the suit is dropped unilaterally, that's a very positive step." In my talks with him, he has seemed committed to finding a way to settle this matter without resorting to a knock-down, drag-out court battle, and he has said he'd like to help eToys management to educate themselves about being good netizens.

But he also pointed out several times that "the devil is in the details." And, of course, he's right. This whole mess won't be over until it's over.

It's a shame that the courts are still seeing issues like these at the end of 1999; those in positions of power should have learned about being good netizens by now. Etoy's story isn't all that unusual. While the art group has been under fire, there have been simultaneous attacks on the scholarly arts organization Leonardo and a computer club which happens to share the same initials as the BBC. Stay tuned.

Yesterday, while the management of eToys was faxing, calling, and emailing the media to get its story out, its legal team had sent a very different message. You probably saw our pointer to the Wired story which claimed the toy company had "given up." No such luck. The story behind the scenes was a little different. Click for more.

It's one thing to drop a lawsuit. It's another to "move away" from it. According to Chris Truax, the lawyer for the Etoy art group, which version the media heard depended on what time they were in touch with the eToys management. The initial version, he claims, was that eToys was dropping the suit. A later version was that they were "backing away" from the suit. A third version reassured the press that a precondition specified in the legal document was never intended to be a demand - only a request.

To see how the coverage changed throughout Wednesday, see the first Wired story, then the NYT/CNET story, the Yahoo/TheStandard story, and then the second Wired story.

The problem was that eToys.legal was not working from the same playbook as eToys.PR. The precondition, clearly a showstopper, also calls into question whether the giant toy firm has a clue about what is really at stake.

That precondition was:

"to give good faith consideration, as our neighbor on the Internet, to concentrating the profanity, nudity and violence that is sometimes part of the etoy corporation message on etoy corporation's other websites."

Asking artists to censor their work, of course, flies like a lead wheelbarrow. At the same time the company spokesman was saying "our intent was never to silence free artistic expression," their legal team was doing precisely that. The entire short letter in which this request was made was focused on finding a resolution to the perceived problem of "profanity, nudity, and violence," and concluded by noting that co-existence was possible if "etoy corporation will respond favorably to this proposal."

The later Wired story quotes eToys management as putting this spin on it:

"This is a simple, straightforward, good-faith effort on our part to resolve this matter. We are asking that they make good-faith efforts to put some of the material that kids and parents might find offensive on another part of the site."

They can repeat the words "good faith" all they like, but that doesn't make this any less censorship. Imagine operating as an artist, knowing that for the rest of your tenure with the Etoy art group you must work very carefully not to put material inappropriate for children too close to your homepage. One use of the F-word already led to this lawsuit; how hair-trigger would the lawyers be the second time around? You'd want to tone down your message, lest you be accused of working in "bad faith."

But maybe this letter was just badly worded; perhaps there was a miscommunication somewhere between the PR and the legal departments.

Or, maybe this whole episode was a cynical attempt to calm down the activist community and get the story out of the public eye.

Think about what eToys is really saying. They have cost the art group a fair amount of money in legal bills and have shut down their website for (to date) a month. Now they say they want to walk away as long as Etoy does the same.

If someone came onto your property, stole your computer - and then a month later, after you'd spent thousands of dollars trying to get it back, offered to return it on the condition that you promised not to sue - would you be inclined to accept that condition?

How would you feel if they asked you to make a "good-faith effort" not to use your computer to write any "profanity"?

Chris Truax stopped short of saying whether Etoy would or would not continue their defensive countersuit if eToys' original suit were dropped, saying only "if the suit is dropped unilaterally, that's a very positive step." In my talks with him, he has seemed committed to finding a way to settle this matter without resorting to a knock-down, drag-out court battle, and he has said he'd like to help eToys management to educate themselves about being good netizens.

But he also pointed out several times that "the devil is in the details." And, of course, he's right. This whole mess won't be over until it's over.

It's a shame that the courts are still seeing issues like these at the end of 1999; those in positions of power should have learned about being good netizens by now. Etoy's story isn't all that unusual. While the art group has been under fire, there have been simultaneous attacks on the scholarly arts organization Leonardo and a computer club which happens to share the same initials as the BBC. Stay tuned.

A lot of people have caught the word that eToys has dropped their lawsuit against eToy. This story has been brewing around here for a while. It's good to see the side of reason prevail in this situation. The solution that eToys is proposing is that both sides drop their respective claims against each other (eToys and eToy both have claims against each other) I've talked with Ken Ross, eToys VP of Communications. Click below for his take on it.

Essentially, eToys has proposed that both parties drop their respective claims against each other. This means that the injunction against against Etoy would be dropped.

The reason they're trying to do this is that they've heard from people, quite a bit over the last few weeks. Quite a number of people from the arts community had contacted them, and they are responding to this, says Ken Ross of eToys.

Time for an etoy.com news roundup. The Etoy artists are still operating under a ridiculous injunction that bars them from operating a website at their domain. NSI caved to what they perceived as a court order and put the entire domain on hold, so email is blocked too. And Monday's meeting with the judge turned out to be merely a status conference which, according to Etoy's lawyer, "took all of 45 seconds." Nothing was decided, and the injunction remains in effect. But there's good news about the trademark. Click to read more.

The status conference was scheduled for 8:30 AM on the Monday after Christmas weekend, and Etoy's lawyer wasn't able to attend. Essentially it was the judge checking in with eToys' lawyers; the next meeting is scheduled for Jan.10, but that will probably also be just a status conference.

Here's the good news. According to Etoy's lawyer, one of eToys' major claims to trademarked ownership of "etoy" has been shot down.

eToys had purchased the trademark "ETOYS" from Etna Toys, a New York importer which had secured the mark for itself in 1990. In this way, the company which hadn't formed a website until 1997 could claim that it owned a trademark older than the art group which had been operating on the web since 1995.

Fortunately for Etoy, the Trademark Office decided that "ETOYS" was too generic to be trademarked, and invalidated it. According to this decision, prefixing "e" to the generic term "toys" is not enough to make it trademarkable. This decision may yet be overturned, but it's looking more promising by the day.

Meanwhile, Wired reports that John Perry Barlow and Douglas Rushkoff have joined the etoy crisis advisory board. Barlow calls this domain name dispute "the battle of Bull Run." He's got a point - NSI has taken a highly unusual action based solely on the bullying of a legal firm and a single clueless judge. If that matters more than the time-tested rules of the internet, we're all in trouble. Barlow says that Jon Postel, who worked so hard to establish those rules, would be in tears.

TBTF points out that eToys' stock has been plummeting since Dec.1 and asks why. Since that story, it has continued to fall. Some think this has something to do with their bullying Etoy; others disagree; there are some good comments in the Take It Offline forum that TBTF started.

Etoy's supporters' website at toywar.com promises "TOYWAR.com 1.0 will leave the etoy.BETA-LABS in a few days" but it's been saying that for weeks.

Finally, Etoy's friends at RTMark have taken it upon themselves to wage a game against eToys. The point is apparently to drive their stock price to zero. To me, this sounds about as fun as Quake over a 1200 baud modem, but maybe I'm just too bourgeois.

Ant wrote to us with Wired's depressing end of the century list. Reasoning that all of these "best of the eons" lists need to have an ugly relative, they commisioned the folks at Ig Nobel to come up with a list of notable failures.

You've almost certainly heard that the DVD CCA [Copyright Control Association] is trying to get a restraining order that would force hundreds of Web sites to remove all links to information about DeCSS. Slashdot is one of the named sites. The hearing is today, in San Jose, California. If you can get there, we urge you to go and help "show the flag." You won't be alone. If you can't make it in person, stay tuned. We'll have updates throughout the day. Meanwhile, click below now for news, opinions from various members of the Slashdot crew, and a long list of links to other resources and stories elsewhere about the DVD CCA's attempt to not only stop DeCSS, but to stifle anyone who publishes or links to information about DeCSS. Update at 1:20 p.m. EST. (Please see bottom of the story.)

Leading up to Today's Hearing
- by Emmett Plant
Emmett Plant is Slashdot's newest author.

Monday, DVD Copy Control Association, Inc. filed for a restraining order in a California court. The targets of this cease-and-desist order were individuals and organizations who had made DVD decryption source code freely available on the net, by hosting the code themselves or linking to a website that did. Commmunity response has been fast and furious, with a deluge of Slashdot comments and submissions, and the immediate organization of Open Source community members to attend the hearing this morning.

Technically, the argument boils down to the issue of reverse engineering. Ideologically, the argument challenges the ideals of free speech, freedom of information, and the ability to innovate on behalf of computer users, hardware engineers and software developers all over the planet.

On Monday night, I spoke to a gentleman who had received the order just minutes prior, and although he didn't want his name mentioned, he provided with me with his thoughts.

"It should be legal when you've got people reverse engineering this kind of stuff. But a small minority in the business community want to lock down the information, citing that it's a trade secret. It's sort of like being busted in math class for passing answers around. [The code] is basically a mathematical equation that decrypts poorly encrypted DVD data. I support the free human right to freedom of thought. That's how civilization has gotten to where it is today, without lawyers heading innovators off at the pass."

Would he be willing to go to court to defend himself?

"Probably not. There are a lot of sites that are mirroring [the code], and they'll keep the program alive. I'll sleep easy at night knowing I did my part."

In many ways, the cease-and-desist only made it easier for people to get their hands on the code. As soon as the community heard about the order, many people posted the code on their websites as a sign of protest. Many community members have made the code available on overseas servers that don't face the possible legal repercussions associated with sites located in the United States.

Another interesting point of this case is that anyone who linked to a site that contained the information is also being held liable in the case. This is particularly frightening. This means that in the spirit of the cease-and-desist order, almost everyone on the web with a site that links to anywhere else falls into the legal maelstrom, as long as it eventually leads to a site with the code posted on it.

The legal ramifications of the case are extremely influential. The DVD CCA lawyers are fighting a battle against reverse engineering, an engineering process that enables the computer industry to utilize powerful tools like the IBM-compatible personal computer and countless hardware device drivers.

The hearing will take place this morning at 8:30 a.m. Pacific Standard Time in the Superior Court of Santa Clara County, California.

----------

Funny and Sad at the Same Time
- by Hemos

The particularly humorous section of the lawsuit, at least for me, is that what they are trying to do is make linking illegal. That's right. Linking. Is. Illegal. Once we cross the the bridge of dictating what can and cannot be linked to, than we open ourselves up to a world of people being able to sue whenever something they don't want linked is linked. Without linking, the Web is dead.

----------

Shaky Legal Grounds
- by Michael Sims

The legal standing for the DVD companies is so shaky it's not even funny. The danger is that they can effectively paint the opposition as a bunch of crooks and the judge will feel that *justice* requires a ruling in their favor despite the law - that can be averted if the defense makes a strong competent showing tomorrow, presumably. The second danger is that they will inflict sufficient costs on the defendants that others will be dissuaded from doing even perfectly legal things. That can't be prevented.

----------

Planning to Join the Protest in Person?

The best source of information on how to help out at the Santa Clara County Courthouse is this page from Chris DiBona's Web site. It tells you where and when to be, what to wear, and what to expect. Worth reading even if you can't make it. Nice to know that Chris and others, including the Electronic Frontier Foundation, are doing a great job for all of us on this!

----------

Update by Emmett @ 1:20 p.m. EST:

Chris DiBona called me at 8:30 a.m. PST from right outside the courtroom, letting me in on the scene. The Open Source community has about 25 people there, as well as a lawyer or two of their own. The community members present are busy distributing the DeCSS source code on floppy disk as well as leaflet hard copy. No pictures will be taken of the interior of the courtroom, and there wasn't enough time to apply for the permit to record what happens inside.

Chris will be calling me as soon as they let out with up-to-the-minute information and notes from the community members inside the courtroom.

----------

Links to Other DVD CCA Stories and Sites

Boston Globe
Washington Post
Wired News
ZDNet
siliconvalley.com
Chris DiBona's excellent page
PZ Communications DeCSS Resource Site
CNN.com
Lemuria.org DeCSS Defense page
Dan Gillmor (SV.com columnist)
Santa Clara County Superior Court info
OpenDVD.org
EFF to the Rescue!

----------

Please send additional links to roblimo@slashdot.org so we can add them to the list. Thanks.

TGmentor wrote to let us know that Wired has an article about Richard Stallman's boycott of Amazon.com for its patent policies. The patent question is the recent victory that Amazon won over B&N for its 'one-click' shopping patent. Good work on the part of RMS ^[?] - we need to show companies that just because they can patent something, they don't need to.

TGmentor wrote to let us know that Wired has an article about Richard Stallman's boycott of Amazon.com for its patent policies. The patent question is the recent victory that Amazon won over B&N for its 'one-click' shopping patent. Good work on the part of RMS ^[?] - we need to show companies that just because they can patent something, they don't need to.

vitaflo writes "Aparently, now Network Solutions has stepped into the fold and shut down etoy.com's email, even though that wasn't part of the ruling in the court. The court ruling was to stop the use of www.etoy.com. Also there's talk that there has been a big response from the web community, so far as to say that people are talking about "electronic warfare" on eToys." Full Story at Wired .

According to this Wired article, the Australian Broadcasting Authority, which has been working to censor its citizens since 1995, got its site defaced by a cracker on Friday. The site was taken down for half a day for repairs. Among the messages left: "People only now can get connectivity the USA has enjoyed for years. And now one of the greatest resources we have for free speech and free learning will be stifled by a vocal minority with no understanding of the underlying technology." For info on the situation, visit Electronic Frontiers Australia.

Rolan writes "Wired is carrying a story about a botched domain trasfer that cost a customer "a large wad of money". In the end they say it's not their problem, even though they botched it, and Lawyers say he probably can't do anything about it. " Its an interesting article actually, and it doesn't sound like an isolated incident.

mochaone writes "wired has a story about flaws in the GSM scrambling algorithm can allow snoopers to pry in on "private" calls in less than one second. " The article talks about other problems with GSM phones too. Some interesting comments on the practicality, but they say a Pentium with 128 megs of RAM can pull off the decrypt.

Wired is running a story with further information about the Australian Government authorising legalised hacking of private computer systems by its internal security organisation, ASIO.

A couple of readers pointed us to one of Wired's stories that is journaling the aftermath of a recent Slashdot story. The story was about a web hosting company that pulled a Y2K spoof movie, under pressure from the FBI. The disappointing part is the tone of the e-mails that were sent to the one-man operation. Wired has some samples from said e-mails. Please, before hitting send on e-mails and postings, think about the whole situation. In this case, after checking with legal people, the web-hosting company put back the movie and does not deserve the flame generated against it. The FBI is the culprit in this case, and rather then rail on one guy, we should be banding together to fight against actions like the FBI's. For more discussion read Thoughts from the Furnace, Rob's feature about flaming on the Web.

Addition: 11/30 by michael : I thought I'd chime in here, since I started the fracas.

Blaming the ISP is sometimes appropriate, and sometimes not. Huge national ISPs have legal staffs to evaluate whether something should or should not be pulled. In general, they display an astonishing lack of backbone in defending customer sites, because even minor hassle from law enforcement just isn't worth it to them, and they don't have much excuse when they knuckle under. Small ISPs are a much different matter. No legal staff, facing the loss of your entire business if you guess wrong. Let's say he stood up for this guy and refused to pull the site, and the FBI seized the ISP's computers. Would all you flamers have stood up for him, sent him money to fight the good fight, talked to his other customers and begged them to stay on even though their sites were down? Yeah, sure you would. He made the best business decision available to him. The difference between this guy and one of the national ISPs is that they wouldn't have put the site back up again at all.

And if Wired has it right and you people are writing to the ISP's other clients, that's just sad. Save your anger for someone who's actually done something wrong. You want to get pissed off, give the FBI a call and ask them how their "investigation" is going.

GreyyGuy writes "Found an article from The Chronicle of Higher Education linked on Wired about an artist who made a prayer circle of computers that recite prayers to one another...." Reminiscent of an old Arthur C. Clarke short story, The Nine Billion Names of God, in which a group of Tibetan monks who believe the purpose of the universe is to name God in all possible ways - and buy a computer to speed up the process. The British techs who install the machine are skeptical, but when the program finishes its run they look up at the sky - and see the stars going out, one by one.

Yannick writes "Wired is reporting that Canadian [mobile] DJs are now (legally) permitted to use MP3s in their 'performances'. Seems that there's CA$200 cover charge (and further fees per additional hard disk). The whole thing has some interesting implications for the music industry in general..."

Neil Andriessen writes "Wired has released a story that tells of how Bubbleboy is now in the wild. It was found on an unnamed Japanese website. The Bubbleboy virus was mentioned in this discussion on Slashdot. A patch is now available from Microsoft. I wonder were it will go from here."

Neil Andriessen writes "Wired has released a story that tells of how Bubbleboy is now in the wild. It was found on an unnamed Japanese website. The Bubbleboy virus was mentioned in this discussion on Slashdot. A patch is now available from Microsoft. I wonder were it will go from here."

Slashdot's received a lot of submissions about RIAA actions recently, and the actions of colleges taken after the RIAA sent them nasty letters. One of the interesting things about this is that the RIAA is apparently not listing any specific offenders, just sending general warnings to any and all colleges with computer networks. Under the Digital Millenium Copyright Act, copyright holders acquired several new rights, with the promise they wouldn't abuse them. They're abusing them. (More...)

A good example is a demand letter to a Swiss university, ETH Zurich, which demands that the school immediately terminate all web pages with illegal MP3 files (illegal is of course a judicial decision; the letter presumes that all MP3s are illegal); that the school provide names and home addresses of all students with MP3 files hosted on the school's servers; that the school provide the date that those MP3 files were first hosted (for every MP3 on every server); and that the school provide the IP address for every machine anywhere on the internet which downloaded a MP3 file from the school's servers.

The letter closes with a carrot: we'll adjust our monetary demands based on how well you comply with this letter. Better hope your IP address doesn't appear too many times in those web server logs.

We can probably assume that the demands to U.S. schools are much the same - far-reaching, extortionate letters which are not specific about any particular infringement alleged to be occurring, but which are intended nonetheless to scare the universities into cracking down on their students. The terms of the compromise of the Digital Millenium Copyright Act were that the RIAA and related groups would do the policing of their copyrights - if they found a specific file that they alleged was unlawfully infringing, they have a procedure to follow, specific information to provide about the specific infringing file, and the ISP (college or whatever) is supposed to "do their part" by deleting/removing said file if the paperwork is correct. ISPs and colleges are not supposed to do the grunt work themselves - that results in the kind of overbroad crackdowns that we've seen. This was the subject of specific negotiations during the process of creating this law.

But the RIAA, of course, would prefer that schools and ISPs do their cracking down for them. So they send these general scare letters, hoping to trigger a reaction.

Scare tactics work. Universities scan through student computers, trying passwords on protected directories. The new Rio players will incorporate all of the RIAA's desired protections against copying of MP3 files - the price of settling the RIAA's lawsuit. The next target is Napster.

RIAA will now be filing suit against Napster, an application which effectively functions like a single purpose IRC server, connecting people who want to share MP3 files, whether legally or not. (There's a linux port of Napster; better download it quick.) Some schools, like Oregon State University, are so scared they're blocking all access to Napster servers from school systems. In the ideal world, Napster should probably win - the RIAA could monitor their servers and demand that infringing users be eliminated, but the service equally provides people with an avenue to share legal MP3 files, and this significant non-infringing use is all that is needed under copyright law. The article I just linked to and a nice Wired story both show Napster feebly trying to insist on their duties under the DMCA, saying that the RIAA needs to tell them in writing about specific instances of infringement - but the RIAA doesn't care about the law.

Napster, of course, has no money to fight a lawsuit. This is exactly what happened to the Rio: they won in court, but since the RIAA planned to appeal the suit and drain more money out of Diamond Multimedia, they settled by promising that future Rio's would include the RIAA's copyright protections. Like the Dentist's extortion tactics in Cryptonomicon[1], RIAA lawsuits are equally powerful whether they are on solid legal grounds or not - Napster will lose this suit, whether they win or lose, because the RIAA can afford the money to fight it and Napster cannot. So presumably Napster and RIAA will come to some agreement, settle the lawsuit, and Napster's next generation will incorporate the RIAA's demanded copyright protection system.

Just remember, RIAA CEO Hilary Rosen says she loves the idea of Napster to build communities, "but not on the backs of huge mega-corporations with billions of dollars of revenue quarterly."[2]

The RIAA is hardly the only abuser. The Business Software Alliance, essentially a front group for protecting Microsoft's copyrights, does similar things with regard to "pirated" software. (What a PR genius it was who thought of describing all copying of software as piracy! Probably the same person behind the "cyber-squatter" label for anyone who owns a domain that a company covets.) The BSA is now raiding homes of people accused of copying software.

The idea behind copyright is to expand the amount of information available to the public by creating a government-mandated monopoly on reproducing it - for a limited time (28 years maximum, at the beginning - today the maximum copyright term could be over 150 years). Copyright has always has the inherent give-back to society - the work would pass out of protection, and then anyone could copy it and use it as they saw fit. But copyright is now essentially unlimited - over the last twenty years, the length of the copyright period has increased by forty years, so that essentially no materials produced since World War I have entered the public domain. In about 15-18 years, copyright holders will again be petitioning Congress to extend the copyright term, so that entities like Mickey Mouse never enter the public domain. The extension is now being challenged as unconstitutional, but the challengers lost in District Court and it's far from certain that this suit can succeed.

In today's world, it's customary to speak of copyright as some sort of innate right. It isn't. It's there for the betterment of society, but its functioning, today, contributes nothing to society - all it is is a government-sanctioned monopoly transferring money from your pocket to others, with nothing ever given back - and no possibility of give-backs until 2019, under current law.

We need to rethink copyright. It's not a fundamental right of corporations to receive a 95-year government monopoly. Businesses plan on a five-year cycle - if something isn't forecast to make a return on investment in five years, it doesn't get done. A five-year grant of copyright to corporate authors would serve just as well in promoting the development of new material, and would bring a tremendous amount of material into the public domain, which is copyright's true intent. With a much smaller amount of material actually under copyright, enforcement of it would be far simpler and more straightforward.

But naturally this would cost certain companies a lot of money - they're used to wallowing in their government-granted monopoly. Disney has made back their costs for creating Mickey Mouse billions of times over, but they're used to the cash flow now and would be willing to buy an entire Congress to protect it. The Digital Millenium Copyright Act was passed with the aid of a great deal of subterfuge, but most importantly, a great deal of campaign contributions. Now you can be a criminal not just for actually copying anything, but for making a "device" (hardware or software) which facilitates copying - we're talking five years in Federal prison. Imagine doing five years in Federal prison so that Congress can protect their campaign donations, errr, I mean, Disney's cash flow.

We're extremely close to the day when debuggers are illegal. Through threats, strategic campaign donations, and outright extortion practiced on upstart companies, copyright-holders like the RIAA are building copyright protection into the very infrastructure of computing.

Making changes in this system requires a fundamental commitment from the U.S. populace that it be changed. The commitment doesn't exist yet, but as more and more people experience the power of copyright to affect what they can and cannot publish online, and the abuses of the companies dedicated to protecting copyright beyond the terms of the increasingly-protective law, perhaps it will in the future.

Some slashdot readers will no doubt say, "Open source, you idiot!" Open source is a reaction to these problems, not a solution to them. Despite the open source phenomenon, the trend is toward more and more works being locked up, and locked up permanently, behind laws and cryptographic protocols. It shouldn't have to be a war between words, pictures and code that is always free to use and words, pictures and code that is locked up for all eternity - we should demand that the social contract envisioned in the Constitution be fulfilled by forcing copyright holders to give back to society, whether they want to or not.

-- Michael Sims

[1] Gratuitous Cryptonomicon reference provided free of charge.

[2] Quote may not reflect Rosen's exact words, but does reflect her intent.

bgarcia writes "There is a PR Newswire story stating that Red Hat and RSA Security have signed an agreement to include RSA's BSAFE SSL software in Red Hat Linux Professional Edition." And Wired tells us Red Hat is coming out with with a new version that improves large system performance and speeds crash recovery. (Click below for more)

Plus, earlier this week we read about the e-commerce product they're working on with Oracle and their rumored Cygnus acquisition. Hot stuff, especially for corporate Linux users.

It looks like Red Hat is back on track, doing great Linux stuff, instead of fooling around with peripheral things like their Linux version of MSNBC (with Salon, The Industry Standard, and The Register jointly playing NBC).

According to a friend of mine who dabbles in the stock market, Red Hat's stock is up nicely as a result of their decision to go back to doing more of what they do best: improving Linux and extending its marketability.

Mazeltov!

Declan McCullagh of Wired covered the IETF meeting last night, and his report notes that the IETF rejected creating any sort of wiretapping standard. However, the companies who build routers and similar networking fundamentals stated that they would still move ahead with implementing tap-ability into their equipment - so the IETF action is a hollow victory, your internet communications will still be easily tappable.

Its happened before, but with the recent MS happenings, MacWeek, MSNBC and to a certain extent Wired have written stories based largely on Slashdot comments: Specifically those that appeared on Microsoft Addresses World, Instant Legal Analysis and Microsoft==Monopoly. The mainstream media now thinks that picking a few comments from a thread on Slashdot is a story (of course they often don't properly credit or link them). More interesting is that by picking a few extreme comments, or poking fun of "Anonymous Coward" that they somehow have the pulse of Slashdot as a whole. Regardless, they are watching, its fascinating to see what they think we think.

TRUSTe, the steward of the most visible symbol on the internet, is making a tough decision today. Today, it reveals what it intends to do about its client Real Networks. At stake is whatever's left of its credibility. (Update: 11/08 02:55: Real got off on a technicality: "because the transmission of user data ... did not involve collection of data on the RealNetworks Web site, the privacy incident was outside of the scope of TRUSTe's current privacy seal program.")

Unquestionably TRUSTe is the leader in third-party privacy assurance. Its only alternative is BBBOnline, which can boast only 100 members to TRUSTe's 750. But it's having a hard time living up to its motto, "Building a web you can believe in": sometimes it's hard to know what to believe.

TRUSTe's original idea was to allow a website to display one of three icons, indicating whether its privacy policy was good, ok, or bad. There turned out to be problems with this - strangely enough, no site wanted to post an icon saying that their privacy sucked - and the icons looked too similar anyway. So they went with one icon, a "badge" that every member site posts.

All the badge means is that the site has a privacy policy, and that, as far as TRUSTe knows, they haven't violated it.

If you think this is a questionable basis for a consumer advocacy group, you're right. But the real question is how it plays out in practice. Let's take a look at TRUSTe's track record.

Round I: TRUSTe and GeoCities. In June 1998, the FTC announced - to everyone's surprise - that it and GeoCities had come to a settlement regarding violations of consumer privacy.

Everyone was surprised because this was the first anyone had heard of it. Where was TRUSTe?

Caught flat-footed, TRUSTe scrambled for a few days, then made its own announcement. It pointed out that GeoCities had begun the alleged privacy violations before applying to become a member (in April) and being accepted (in May). Therefore, TRUSTe claimed, the violations were technically not under the scope of their investigation.

But turn that around and put it another way - it was able to become a TRUSTe member even while under investigation by the FTC, and TRUSTe said nothing.

It gets worse. The FTC and GeoCities issued conflicting releases about what the settlement actually meant. The FTC said that GeoCities had "misrepresented the purposes for which it was collecting personal identifying information" (including children's). GeoCities denied the charges.

So who was right? We still don't know. Despite this being precisely the issue that TRUSTe was set up to resolve, TRUSTe refused to confirm or deny the FTC's allegations.

In a 1998 open letter, I asked whether TRUSTe's initial review of GeoCities had included any really tough questions such as "are you currently under investigation by the Federal Trade Commission?" No answer. In fact, mention of the GeoCities incident seems to have been removed from TRUSTe's website.

The organization that wanted to make the FTC obsolete was not off to a good start.

Round II: TRUSTe and Microsoft. March 1999. This was the "Global User ID" case. It turned out Microsoft had been embedding a user ID into every document you created with their software. Since they put that ID on file when you registered their software, they have been capable for years of tracking authorship of even supposedly-anonymous documents.

And don't think it's just a theoretical concern. Just weeks later, the Melissa macro virus was unleashed, and its author was tracked down using this same ID. Any technology that can lead the cops to your door is potentially dangerous technology.

TRUSTe announced that this "compromises consumer trust and privacy" (duh), but said that since the Global User ID does not, strictly speaking, involve the Microsoft.com website, it had no jurisdiction. Their conclusion: "TRUSTe has determined that Microsoft.com was in compliance with all TRUSTe principles."

In reality, Microsoft's privacy page (prominently labeled with the TRUSTe seal) also discusses online registration of software products, and notes that the "personal profile" from their software registration appears on the website and is editable from the website. And that page claims that registration is covered by the TRUSTe guidelines. For TRUSTe to claim it's not requires some Clintonesque redefinitions.

CNET's headline was exactly right: "TRUSTe Clears Microsoft on Technicality."

Round III: TRUSTe and Deja News. April 1999. Again TRUSTe is taken by surprise when a computer sleuth discovers that Deja News has been collecting data on email sent by its users. When a reader clicked on an email link in a discussion posting, the destination email address was recorded, along with the presumable topic of discussion, the sender's IP number, and if registered, the sender's personal data.

This is not what one expects when sending private email! And this clearly involved Deja's website, so there was no question of another technicality.

TRUSTe's analysis of this situation was only two paragraphs long; here's all that happened:

"TRUSTe specified certain clarifying language to be included in the privacy statement. Deja News, independent of TRUSTe, then decided to discontinue the practice of tracking IP addresses in conjunction with the mail-to feature."

In fact, the situation was resolved long before TRUSTe even bothered to issue that statement. TRUSTe's suggestion of "clarifying language" had been obviated long before by Deja's indepedent action. See ZDNet's story of May 4th, which hopes that TRUSTe "will likely issue some sort of statement...this week." But TRUSTe stayed silent for four weeks.

Round IV: TRUSTe and Microsoft (again). A wide-open security hole in Microsoft's Hotmail is breached, and for a few hours everyone's inboxes are public domain. (If you don't think this is a serious privacy violation, read the stunning anonymous tale of cracking into an enemy's email, published on Salon.com the next day.)

TRUSTe's response is to call in an independent accounting firm to talk with Hotmail's programmers and security people, look over the source code, and generally try to make sure such a problem won't happen again. This isn't a bad idea - it just wasn't much of anything that Microsoft wouldn't have done on its own. Locking the barn door after the horse is gone doesn't help the people whose privacy has been lost. Microsoft is out of pocket a few bucks for the audit, and gets more than its money's worth by being able to say that TRUSTe still gives them a clean bill of health.

How can all these incidents have passed by without punishment of any kind? It's because of what TRUSTe is actually guaranteeing. Not that any company will actually keep its data private - but that the company is not lying in its privacy assurance.

That's right. You know those privacy promises you never read, the ones that are different on every website and all seem ten pages long? What TRUSTe does is promise you that, if you had read them, you'd know your rights.

If it wanted, a company could have its lawyers dress up "we will spam your email every day and sell your name and address to anyone who asks for them" in legalese, and get a TRUSTe badge on their homepage. Would you know you were being screwed? Not unless you speak fluent lawyer.

Is the FTC such a bogeyman that we really need to sell our privacy so cheap?

When Ralph Nader was pressing the government to impose strict safety standards on the auto industry, Henry Ford II complained that they were "unreasonable, arbitrary and technically unfeasible." After the laws were enacted anyway, a decade later he conceded: "We wouldn't have [these] kinds of safety ... unless there had been a federal law."

Imagine if our only automotive safety regulations were that Detroit must abide by its lawyers' fine print!

The usual argument is that requiring an actual guarantee of privacy would stifle business. The purpose in forming TRUSTe was to keep the internet corporation-friendly, by keeping the government out. TRUSTe was well-intentioned, no question. It was a noble experiment.

But, according to some influential people and groups, it has failed.

Forrester Research studies topics related to the internet and made privacy its concern in its September 1999 report, "Privacy Wake-Up Call." Its conclusions should not be surprising:

"Most privacy policies are a joke." Forrester says corporate privacy policies are legalese set up mostly to protect the corporations.

"Few companies meet key privacy protection principles." About 10%.

"Third-party programs show little traction." Hundreds of TRUSTe licensees don't amount to much on the billion-page net.

And, "third-party privacy firms...like TRUSTe...become more of a privacy advocate for industry rather than for consumers."

(Slashdot has more on this study.)

Even the Electronic Frontier Foundation, after years of straddling the fence on the issue, has finally recognized that self-policing just doesn't work. The EFF is not just the best-recognized internet rights advocacy group; it created TRUSTe.

Yet, in an October letter to the FTC, the EFF laid down its cards:

"Creation of TRUSTe and its seal program was one such early innovation of EFF. TRUSTe was successful in several areas. ... We now must move out of this awareness-raising mode and into an action mode where real protection can be achieved. Legislation is needed in order to achieve that goal. ... we think it is time to move away from a strict self-regulation approach to protecting privacy online."

The latest nail in the coffin came on November 1, when EFF Program Director Stanton McCandlish laid out the facts on the fight-censorship mailing list:

"Our stance has basically been that industry self-reg would be worth trying, but might or might not be enough. We did the 'proof of concept' ourselves, by launching and spinning off TRUSTe. But TRUSTe was intended to be and is a separate, independent entity, and was created as an experiment. The experiment is in many ways a failure..."

(McCandlish's personal opinion is even more scathing. Follow the link to read it.)

You wouldn't know this if you read the TRUSTe website. Their homepage proudly tells you about the six-month-old Georgetown study, but makes no mention of the Forrester Research report. It tells you that the FTC supports self-regulation (based on Georgetown), but won't tell you that its own parent, the EFF, thinks the ride is over.

If TRUSTe is a consumer rights and advocacy group, why are they only feeding us the feel-good stories? Aren't consumer groups supposed to be the ones that dig up dirt and tell us about potential problems?

The money trail leads to the answer. TRUSTe isn't a consumer advocacy group. TRUSTe doesn't get its money from consumers. Its money comes from corporate sponsors, and nobody wants to bite the hand that feeds them. Besides, those corporations want the message to be one of constant calm. Concerned customers are not good for sales.

Remember the GeoCities FTC findings that TRUSTe wouldn't comment on? GeoCities had just done an IPO and millions of dollars were at stake. GeoCities' sister corporation Engage Technologies (they are both subsidiaries of CMG Industries) was a Contributing Corporate Sponsor of TRUSTe. That conflict of interest was never mentioned.

(GeoCities has since been purchased by Yahoo.)

Remember the Microsoft incidents that TRUSTe waffled on? Microsoft is not just a member, but also a Premier Corporate Sponsor of TRUSTe. That conflict of interest totals $100,000 per year.

Round V. By now you've guessed that this is leading up to the current furor over Real Networks. Real is a TRUSTe member. Do I need to mention that it's also a Contributing Corporate Sponsor?

TRUSTe said that it would render judgement on Real Networks by the end of last week. Now it's saying today.

And it's making noises like they're actually going to do something this time:

"We could take the company to court for breach of contract, since they do have an agreement with us. Or, we can forward the case to the FTC... I guarantee that the damage to the reputation of the first company that we do that to will be big."

For its own sake, it had better. We're talking about a company whose product is a Trojan Horse that secretly scans your hard drive for valuable personal data. If TRUSTe doesn't unload with both barrels, its credibility will be negative zero.

Anything TRUSTe does may have a negligable effect in any case. Corporations only understand the bottom line, and RealNetworks stock shot up 25% in the five days following the privacy debacle. With the company's market cap $1.9 billion higher than it was a week ago, how much are they really going to care about some nonprofit gnat?

We can hope. Real.com today unveiled its new website, a music portal, which investors will be watching carefully. Also happening today is a conference held by the FTC and Commerce Department for data-profilers to announce what they're going to do to protect privacy. So if TRUSTe were trying to maximize the effect of their announcement, today would be the day they'd pick. It could be that the gnat will have a nasty bite that surprises everyone.

Still - you can dress an organization up in not-for-profit clothes, but that doesn't change that it's beholden to its revenue stream. TRUSTe says we can trust them to be objective, on the theory that their revenue stream will dry up if they don't do right by consumers. So far, there doesn't seem to be much truth to that. They haven't been doing us right, but their number of contributors and members just keeps growing.

I enjoy reading about the future envisioned by people like Gibson and Stephenson, where the net is totally unregulated and a "right to privacy" is a dim memory, or a joke. That doesn't mean I want to live in that future. Europe has consumer protection laws that are, from an American perspective, astonishingly strong. Maybe we should take a look at other countries' solutions, to see if there's something we could learn.

So far, all we've learned is what fails.

- Jamie McCarthy

Wired revealed this morning a "New Privacy Glitch" which may actually be years old. Real Networks' RealJukebox isn't its only software to send a Globally Unique Identifier (GUID): RealPlayer does too. The free RealPlayer has 69 million users of all its versions; Real isn't saying which versions send the GUID. It's sad when the "good news" is that RealPlayer doesn't scan your hard drive. Oh - and by the way - Windows Media Player sends one too but it's OK because registration is not required. Are we living in cuckooland? Update: 11/08 08:44 by J : On the just-launched real.com site, their Software Privacy Statement says: "the Globally Unique Identifier - GUID has been disabled for electronic registration so it cannot be used to identify you." This is for RealPlayer 7: still, apparently, no word on earlier versions.

Bolero writes "Wired News has an article on the future of DVD after the CSS hack. It is an interesting read, and focuses on why the crackers (who Wired describes as Linux users) did what they did. " So, I'm sure you all have opinions - what's going to happen now?

Bolero writes "Wired News has an article on the future of DVD after the CSS hack. It is an interesting read, and focuses on why the crackers (who Wired describes as Linux users) did what they did. " So, I'm sure you all have opinions - what's going to happen now?

sashae writes "Wired is reporting that that scientists at the University of Washington suspect that cell-phone usage causes long-term memory loss after a series of tests involving rats swimming in a pool of milk, attempting to find a platform in the centre of the pool. The rats exposed to cell-phone radiation were unable to find the platform after being exposed. "

Devastator writes " Wired has a good article how how the DVD encryption was cracked. The DVD industry is scared speechless about the news." Its actually an interesting little summary of the situation. I wonder what it means for the DVD industry.

Devastator writes " Wired has a good article how how the DVD encryption was cracked. The DVD industry is scared speechless about the news." Its actually an interesting little summary of the situation. I wonder what it means for the DVD industry.

Numeric writes "Wired is reporting a story of a man who has converted a Boeing 727 into a home. The conversion project contains journal entries as well as some photos of his new home. Strangely, this will not be the first person who has moved into a converted airplane. Another company, Max Power Aerospace, has three Boeing 727s ready to be converted into two- or three-bedroom homes. The houses will sell for $290,000 and will include two bathrooms, a small kitchen and a large living area in the middle. So is that a starter home or what?"

shawnb writes "Wired has an aticle describing Red Hat's new Non-Profit Open Source group. The group's aim is to 'sponsor, support, promote, and engage in a wide range of scientific and educational projects intended to advance the social principles of open source for the greater good of the general public.' "

sredding writes "The House has voted to ban "cybersquatting", the pre-empting of Internet domain names with the aim of selling those names to companies or people with trademark associations to them. " Sounds nice right? Well, there maybe some downsides to the bill. The Clinton Administration, however, opposes the bill, saying courts are the best place to settle disputes.