SOPA and the Denmark historical perspective.

I just spotted this on Techdirt

“What happened in Denmark.
Ole Husgaard, Dec 22nd, 2011 @ 11:17am

7 years ago we got a child pornography filter on the Internet in Denmark. Some people said that it was a bad idea, but others said these people were just paedophiles, or trying to help paedophiles. Some people said that it was against our constitution, which it was. So the censorship was implemented in a way so it was formally (but not in reality) voluntary, which ensured that it was not formally a violation of our constitution.

Some people warned that once the censorship infrastructure was in place, it would most likely be used to censor other things. But they were told “Never! This is ONLY to prevent this horrible crime, and will never be used for other censorship.”

Fast-forward a few years, and the Danish recording industry did not like allofmp3.com, so they went to court to get a court order against the Danish ISPs to start censoring allofmp3 off the Danish Internet. The judge basically said “ahh, you already have the infrastructure in place, so there will be no extra cost”, and issued the order to censor allofmp3.com. It was not a violation of our constitution because it was ordered by a judge.

Since then other “pirate” sites have been censored. Most notably The Pirate Bay, which found out that the court would not even allow them to speak their case in court, or even submit a written brief.

Then our politicians found out that they wanted to protect and expand income from taxes. In particular the high taxes gambling providers pay. The official excuse was to limit the horrible disease of ludomania. So they decided that foreign gambling providers had to pay the taxes in Denmark too if they were on the Internet and could be seen in Denmark. If they refused to pay taxes, they should be censored off the Danish internet. So they passed a law saying that if a foreign gambling provider refused to pay taxes in Denmark, a court would – on the request of our government – have to order ISPs to censor its sites off the net, and payment processors to block all payments to it. If an ISP does not censor, or a payment processor or bank does not block payment, hefty fines are issued.

Now our politicians worry that some foreign companies selling medicines on the net are not licensed to sell medicines in Denmark. So they are preparing new legislation that will censor these sites off the net, and block payments to them.

So our Internet censorship started a few years ago with a very limited purpose and good intentions. And it was solemnly promised that nothing else than child pornography would be censored.

But once the infrastructure for censorship was in place, the censorship started spreading to other areas. And the censorship is getting more and more widespread.”

http://www.techdirt.com/articles/20111221/03420017156/how-sopa-creates-architecture-much-more-widespread-censorship.shtml#c710

All these technical solutions that are put in place with the “best intentions” end up being able to be abused in many ways, even if the politicians that implement them promise us that they will “only be used for good”. Well I for one don’t trust them as far as I can throw them, and will keep objecting to censorship and “technical solutions” on the internet as they will be able to be used and will be used to silence certain parts of society.

On “Reflections on Trusting Trust”

In 1984, Ken Thompson wrote “Reflections on Trusting Trust”, and it is still valid today.

All students writing anything higher level than machine code (does anyone still do that?) should have an appreciation of what goes on at various points in the toolchain, and how it can be exploited at each of those levels.

The article can be read here and is also has some refelections on Open Source to consider.

Obfuscation can happen at many levels and nobody’s commits should be taken at face value – only vigilance in code reviews will keep everyone honest.

Oh, and apparently he implemented it, but never distributed the compiler.

Strike action and letter from HR

Dear Professor Lloyd,

I would not normally take part in strike action, the University usually being a reasonable and sensible employer. The recent letter date 14th March 2011 from Susan Chambers titled “UCU NOTICE OF INDUSTRIAL ACTION – WHAT YOU NEED TO DO” has led me to question my previous assessment.

The fact that staff this time are being asked to record their presence at work, to be validated by the line managers appears to be somewhat strange when taken with the statement that the action is only restricted to UCU members. Do you have some way to eliminate non-UCU members from any penalty that you will apply if they fail to complete your form? I thought that the British judicial system was based on the tenet that you were innocent until proven guilty. I would have thought that those on strike would have been proud to say so, as they have done in the past – or is there such a problem with staff morale at the moment that you assume that staff will use the strike as an excuse to just have a day at home?

On the subject of penalties that you are going to impose, I see that you are going to deduct 1/260th of salary for that lost day of work. If this happens, then I will take that as a clarification of my contract and that you do not expect me to work on weekends, and will adjust my behaviour in accordance with this when asked to come in for visit days, open days and other weekend activities, and will inform my colleagues that this appears to the policy of the management.

I trust that you will enjoy your final salary pension including your recent pay rise, when you are offering the academic staff a real terms pay cut and removal of the final salary pension whilst increasing work load through the expansion of student numbers.

Richard Shipman

Don’t annoy Immigration Officers…

From Risks Digest:

UK Immigration Officer Puts Wife on the No-Fly List

Bruce Schneier
Tue, 15 Feb 2011 00:03:31 -0600

[From CRYPTO-GRAM, 15 Feb 2011. PGN]

A UK immigration officer decided to get rid of his wife by putting her on
the no-fly list, ensuring that she could not return to the UK from abroad.
This worked for three years, until he put in for a promotion and—during
the routine background check—someone investigated why his wife was on the
no-fly list.

Okay, so he’s an idiot. And a bastard. But the real piece of news here is
how easy it is for a UK immigration officer to put someone on the no-fly
list with *absolutely no evidence* that that person belongs there. And how
little auditing is done on that list. Once someone is on, they’re on for
good.

That’s simply no way to run a free country.

http://www.cnbc.com/id/41372870
http://www.loweringthebar.net/2011/02/immigration-officer-puts-wife-on-the-no-fly-list.html
http://www.dailymail.co.uk/news/article-1351937/Immigration-officer-fired-putting-wife-list-terrorists-stop-flying-home.html

A short video

For those of you wondering what FOSDEM is all about, here’s a short video that explains a little…

It’s a relaxing look back at what was a very hectic conference for me, so it is interesting to get a different view.

Oh and Aber Comp Sci students feature in it too…

Arduino Pong Clock

I am currently enjoying building interesting electronic clocks. I’ve built a couple of nixie clocks from kits, but I came across an Arduino project on make magazine blog. It linked to Nick’s LED Pong clock so I ordered the bits and built it in a couple of hours on Sunday afternoon. I bought a different real time clock module to the one that Nick used, mine came from Blue Smoke Labs and is a very neat little module.

So when I got it up and running I decided to put my own twist on it and started playing with the code a bit. First I added lowercase letters to the font and altered the character drawing routine to accommodate them. Next I added some space invader characters to the font and played around with adding a couple of animations to scroll them across the screen. Thirdly I thought that I’d try to replicate some of the functionality that I have on the nixie clocks and add a nighttime mode that allows the clock to dim between certain hours.

These changes took me a few hours, and tidying up the bits of code things stopped working – especially the button press routines, so I fiddled with the code for a while and before I knew it it was 3am, and I decided that I wasn’t going to fix it so went to bed.

Tonight I came in and methodically worked through my additions and within half an hour I had worked out what the problem was which had been staring me in the face for two hours the night before and had fixed it. Just goes to show what a night’s sleep can do.

Anyhow, a little video of it working showing the lowercase and space invaders follows, still more work to do on the invaders mode and I want to add a scrolling text mode and add some way of setting preferences and storing them in eeprom…lots of ideas.

Possible backdoors in NetBSD IPSEC stack?

I just picked this up from a friend at the FSFE.

Apparently, someone who was working with the FBI a few years ago alleges that he came across information regarding backdoors that had been inserted into the IPSEC stack.

I know, that this is technical but it comes down to the fact that the FBI can snoop on “secure communications” that are encrypted using the NetBSD IPSEC stack. Now is the time for a code review, especially as it appears that the FBI have apparently been pushing use of the allegedly backdoored stack for firewalls and VPN tunnels.

The email that details this is linked below:
http://marc.info/?l=openbsd-tech&m=129236621626462&w=2

I do like the “Merry Christmas” at the end.

Google Instant Blacklist

So you’ve used google instant right?

What happens if you accidentally type in something that might return some “dodgy” results? Well, good old google will protect you from yourself through its blacklist.

You can still get the full results by pressing return in the search box, so make sure that you press return if you want all those results.

And for a full list of words on the blacklist, pop over to 2600.com…
http://www.2600.com/googleblacklist/

Spam filtering, and how not to do it.

Alun is not having a very fun time with secureserver.net and from the sounds of their technical support staff, they’re secure through a certain amount of incompetence.

I’m sure that you will enjoy reading the exploits of a sys-admin at a UK university, so here’s the link secureserver spam blog entry

Oh, and this counts as a little assistance in getting pushed up the google search rankings