Slashback: Activism, VOIP, Ivies

Slashback tonight brings you a response to Declan McCullagh's approach to political activism (and tangentially related, evidence of Bruce Perens' very different way of doing things), a link to a few more VOIP Blasters, tantalizing news from the Blender front, and more -- all below.

Until we know how to get to Stallman's Gulch ... sbrown writes: "Public Knowledge responds to Declan McCullagh's call for less activism, more code. Don't fool yourself geeks, political participation is absolutely necessary to maintain the freedom to write code. Public Knowledge has a plan to make geek political participation easy and effective."

Speaking of activism, Roblimo reported yesterday that Bruce Perens might be leaving HP. Today, IDG reporter Matt Berger confirms the break, writing that "Perens says he is leaving HP to pursue political activism. His protests against the DMCA and other legislation that Perens says threatens the open source community, apparently, were too much for HP to handle. So he is becoming an independent consultant and will work with HP as a consultant. He also plans to follow through with a presentation of a DVD player cracking software that he says is in violation of the DMCA. HP stopped him from doing the demonstration at the O'Reilly Open Source Convention last month."

Might these be the basis of a long-distance relationship? AndersBrownworth writes "After Creative nixed their VoIP Blaster, ($20 USB to "plain old telephone line" converter with free software available) ebay prices eclipsed the $200 mark. Now, it seems Creative has found some VoIP Blasters still hanging around and is selling them as refurbished units for $29.99. Ebay prices have reflected the move in Internet time."

Much more fun than a PBS pledge drive. Kodi writes "In case you haven't been watching, Blender's campaign to become open source by raising 100,000 is almost complete, with about 85,000 raised. If you were holding back, perhaps a little doubtful that they would make it, now's the time to chip in and push it over the top."

If your donation happens to be The Last Straw (and the Blender folks can verify it), I will provide you with your choice of ThinkGeek T-shirt ;)

And such pretty campuses, too. guttentag writes "Several weeks ago, Slashdot ran a story about the Princeton admissions dean who used applicant information to hack into a Yale Web site. Today Princeton announced it will remove the official from his position; however, it will offer him another, undisclosed job. It also revealed that Princeton and other Ivy League schools were aware of the break-ins as early as May 15.

MIT's The Tech adds Princeton officials previously said they were unaware of the incident prior to July 24 when Yale's president informed Princeton's, and that Yale notified the FBI the next day (President Bush's niece was among those students whose privacy was violated). It was not until that point that Princeton placed the official on administrative leave.

Apparently, misusing applicant information to commit identity fraud is not a serious offense at Princeton unless the public learns of it (or a member of the president's family is among the victims), and even then it's not serious enough to warrant dismissal. Princeton's president also said other school officials will be disciplined, but declined to provide details, presumably to protect the privacy of those officials or the university."

Hacking = terrorism

[AntiNorm]

Princeton admissions dean who used applicant information to hack into a Yale Web site.

If hacking is now considered terrorism, why isn't the government all over this one?

Re:Hacking = terrorism

[jjoyce]

Because it's a dilemma for Bush:

Breaking into computer system = bad
Erosion of personal privacy = good

Easy

Because only the poor can be criminals.

Re:Easy

[fmaxwell]

Stepping out of the terrorism context, what about the recent wave of corporate fraud investigations? Are all those guys poor?

Are they in jail? We live in a country where kids with no prior record are being jailed for years at a time for having, not selling, drugs at rock concerts. A car thief can expect to spend years in jail, but George W. Bush violated securities laws multiple times and he's in the White House.

Re:Easy

[fmaxwell]

So he filed a bunch of forms late. Big whoop-de-doo.

You missed the key point. G.W. Bush filed the forms late so as to hide the fact that he was engaging in insider trading:

The tardiest --34 weeks late--was his Form 4 report disclosing that he had sold $848,560 of Harken stock on June 22, 1990, just weeks before the company filed a quarterly report revealing that it had hemorrhaged $23 million during that period. Bush had sold his stock for $4 a share. By the end of the year it was trading not much above $1.

Linux and OSS grows up

[stwrtpj]

The NewsForge article had a very interesting comment about the LinuxWorld Expo:

There are not a lot of hippie hackers hanging out, and hardly anyone is wearing funny costumes. The combination Trekkie convention and Renaissance Faire feel a lot of early Linux get-togethers had is gone. This is a business gathering.

The author apparantly meets this with dismay. I would like to argue instead that it's about time.

I hate doing things in stuffy, overly-businesslike ways. I much prefer the more freewheeling, hacker style, and I am sure that many /. readers do also. But these are also the same people that want Linux and OSS in general taken seriously. Well, as unfortunate as it may be, to be taken seriously by business-type people, you have to act like business-type people, or at least hire people to do it.

Like it or not, movements that have gatherings of people in "funny costumes" or that have a "trekkie convention" atmosphere are going to be trivialized. Columnists will report these events in the "for your amusement" part of the newspaper, sandwhiched between Dear Abby and the horoscopes. By adopting a more serious attitude at events like this, now you start to get recognition where it counts, like in the Wall Street Journal.

As much as it galls most hacker types (myself included), appearance is everything. But the OSS community needs to remember that it has something more than just appearance, something that many proprietary vendors are missing: substance. OSS code actually works and delivers on what it claims in most cases.

So OSS hackers should keep coding and wearing funny costumes, or whatever floats your boat. But also let the business people and marketers loose. Let them promote what you're doing (think of it this way: it gives you even more time to code).

Re:Linux and OSS grows up

[Ian+Bicking]

By adopting a more serious attitude at events like this, now you start to get recognition where it counts, like in the Wall Street Journal.

You shouldn't buy into Wall Street Journal's bullshit. They claim relevency for themselves, for their economic order, for their definition of achievement, for their suits and their lingo. But the free software we have was written by individuals, and they didn't wear those suits, they haven't been doing it for that model of success, and they don't use that lingo. They have been and continue to be relevant because of their actions and their creations.

Linux has survived all the dot-com bullshit because it was always by the people and for the people. The companies that have come and gone never effected the sole of the movement. They've helped at times, they've hurt at times, but they never were essential. If they all went away, free software would continue. If all the hackers went away, free software would die -- even if its licenses lived on and were used, even if its code continued to be extended by hired hands, its sole would be gone. It would just be another business efficiency, cast aside at some future date when the suit's whimsy changed.

We didn't get here by asking suits what was important or trying to get their approval. We didn't need them then, and we need them even less now. We might be able to use them -- but they aren't us and never will be. We should not forget that.

The pendulum is swinging back

First Napster rules
Then RIAA/MPAA/Politician cartel throws down
Now the pendulum is swinging back... ... as developers get a little pissed!

We need to assault the politicians on all fronts:
- with code
- with law
- with awareness-campaigns
- with boycotts of companies who support politicians

Remember when people ask us to have faith in the law system and that everything will work out we should not trust them. As bleak as it sounds we cannot have faith in many things and should trust only ourselves and that is why WE need to be actively doing all the above bulleted items.

"activism"

[Chris+Johnson]

The tough thing about activism in the 21st century, is, how the HELL do you choose? There's too much- impossibly too much that needs to be addressed.

Do you fight against the DMCA and people's right to exchange information with each other?

Do you fight for clean air? I live in VERMONT and today we have worse smog than fucking LA, which I learned courtesy of online EPA ground level ozone reporting information. I would not have believed that possible. Today southern Vermont is at smog danger levels for children, elderly or those with asthma. I have asthma...

Do you fight against water privatization? The global fresh-water situation is getting desperate at a horrifying rate. Part of the problem is overuse, and part of the problem is- get this- corporations forcing entire countries into privatization because the World Bank demands it as a condition of doing business with the country. Once privatized, in the spirit of 'free trade' the corporation (such as Vivendi out of France) can export the country's water elsewhere- like America, if it wants- and refuse water to those in the original country who can't pay for it.

Or you could fight against corporations polluting, like in Anniston, Alabama. When Monsanto dumps so much poison into the creek that fish fucking explode and fall apart within minutes after being put in the water, you HAVE to buy water that Vivendi exported from some African nation where people die of thirst unable to afford water, because if you dig a well for water and drink it, you die!

Or you could google for 'Operation Northwoods', learn that in the 60s, McNamara repeatedly vetoed proposals from our own military to attack US citizens in order to basically create martyrs, blame it on Cuba and stir up enthusiasm for a war they felt desperately necessary... and ask whether any of that seems familiar, try to see if you can do better than 40 years of silence on what's going on today.

These are either great or horrible times to be an activist. The situation is so bad it forces any sane person to question. But there's too much to be done!

You have to pick a thing and work on that, or you just get ulcers and die early... mind you who can tell with the amount of poison and pollution in our air, our water, our food...

Re:"activism"

[extrasolar]

Naively, it seems the real solution is to fix the problem. In otherwords, if politics worked the way its supposed to--none of them things you list would not be on the way towards being solved. Fix the system, and the rest comes after.

It seems to me the problem is the corruption of money in politics and business. If only there is a way of causing money to loose its political power, then we'd be on the way towards a more perfect union.

Thanks Bruce

[extrasolar]

I'm glad you're on our side.

In another note, here's an interesting rebuttal to the Declan article.

Also, know the Digital Speech Project. Best not reinventing any wheels.

Princeton vs. Yale: editorialization and omission

[jdbarillari]

I should be shocked, shocked! that the Slashback blurb on the Princeton-Yale fiasco is heavily editorialized, and don't even bother linking to the primary source. (ObDisclosure: I'm an undergrad there, and I know LeMenager) But I'll let that slide.

I'm still curious as to three things:

1. Why did the editors post this blurb without indicating that independent investigators concluded that admissions director LeMenager intended only to check the security of Yale's website? The implication that he intended to spy on innocent applicants who entrusted him with their personal information is irresponsible.

   Quoth the press release.

   Mr. LeMenager entered the Yale site by using the name, birth date and social security number of a Princeton applicant who he thought might also have applied to Yale, fully expecting that he would then be asked for a password or an ID number. He was surprised to learn that there was no security beyond name, birth date and social security number.

   If LeMenager was actually committing "identity fraud" for fun and profit, why on earth would he tell Yale exactly what he did at an admissions conference in May? Read the source. LeMenager made the mistake of repeating the entry to demonstrate how it was done. That hardly qualifies him for dismissal. Quoth the press release.

   While we do not in any way condone these actions, there is no evidence that there was any intention on Mr. LeMenager's part to do anything other than test, and then demonstrate, the site's security or that he used confidential information for any other purpose.

   Lest we forget, Yale sat on this story for two months before releasing it. I've no idea why.

2. Given the sheer quantity of Slashdot wailing and chest-beating about the tragic propensity for computer-security whistleblowers to get reprimanded, sacked, or prosecuted, the sarcasm of the last paragraph of the blurb is unexpected, if not downright hypocritical.

3. I can understand why the mainstream news calls this a 'hack'. But Slashdot should know better. I'm not referring to the ESR/RMS "Editor, when you say hacker, you really mean cracker" lexicographic crusade -- I'm referring to the fact that using a name/SSN pair obtained legitimately (i.e., from an applicant who mailed it to you) to access a website is not "hacking" by even the most tortured definition of the term. It is social engineering, maybe. It is illegitimate, if done with malice, sure. But it is not "hacking."

I can understand why the mainstream press screws up. Six years ago, how often could you find an article about the Internet that didn't contain enough glaring errors to qualify it for a good MST3King? How much better are they today? Not much.

I expected better from Slashdot.

Joe

Stop saying "Hacked!"

[chill]

Damn, since when has entering a name, dob and SSN been elevated to "hacking". How about firing the moron who approved such a system, instead of the slightly more secure "mail them a PIN" or some such.

I'm sorry, that isn't a hack.

Unfortunately, I didn't see the web site, so maybe someone who did can say. Where was the "do not enter name other than yourself" disclaimer? In big letters on the login, or buried on the "privacy policy" page?

What a joke.

Strange incentive

[cDarwin]

If your donation happens to be The Last Straw (and the Blender folks can verify it), I will provide you with your choice of ThinkGeek T-shirt ;)

Doesn't this encourage people to wait longer to make a contribution?

Stop exaggerating this hacking nonsense...

[SMN]

While I do agree that what LeMenger and others does warrant disciplinary action, I think that if you read the full findings of the investigation, you might realize that what took place was not nearly as bad as you make it out to be, and I daresay even understandable. The full story can be found in President Tilghman's statement. Here's a better summary that I posted somewhere else yesterday:

The statement explains each of the accesses, which basically comes down to LeMenager testing Yale's security and getting in, then showing how he did it to others three times, then 8 accesses by "junior" members who then thought it was OK and were interested in whether certain students were accepted, and one more access they're not clear on (actually, they mention a total of 14 accesses from the admissions office, but I only count them explaining 13?). As expected, all of the accesses were _after_ the decisions letters were dropped off at the post office. More interestingly, LeMenager isn't being fired (on account of his 20 years of experience, it seems), but he is being moved out of the admissions office. For now, he's being moved to the Communications Office, and according to a local paper (this isn't in Tilghman's statement) his salary will remain the same as it was before.

According to the full findings, LeMenager first entered the information because he wanted to see what he expected was a step 2 of the sign-in process, which would likely be a PIN number or password - wound up it wasn't there. Three more accesses were LeMenager showing his superior, Dean Hargadon, and others how it worked. The some junior staff members, seeing this, though it was ok to check the site themselves, thus leading to a total of 14 accesses - all of which are justifiable, even if they still deserve punishment.

Furthermore, there was a very interesting take on the fiasco published on Slate yesterday; go ahead and read the full story there. The independent author makes a strong case saying that the only reason Yale bothered to accuse Princeton of wrongdoing was that the Yale Daily Herald had discovered what was happened, and was about to make the report public; Yale wanted to distract attention away from their inadequate security, and did so by blaming Princeton.

Re:The stock price was up higher shortly thereafte

[fmaxwell]

It's amazing how many people don't realize that stocks go up, stocks go down, especially small companies.

And stocks tank after a company announces that it has lost a huge sum of money. Bush, an insider in the company, sold right before such an announcement and the stock tanked. That it later recovered is irrelevent.

The same group of right-wing nut-cases that get so morally indignant because Clinton lied about a blowjob think it's fine for Bush to violate securities laws and engage in insider trading. You probably thought the Whitewater investigation into a 20 year old land deal in which the Clintons lost money was $50million well spent, but you all want us to look the other way when Bush violates securities laws. As you said, "it's amazing."