I went to see Chronicle last night. The trailer left me very underwhelmed but like most reviewers I liked the movie. Deeper than most superhero movies, and practically all found-footage movies. The most important and encouraging part to me was the validation of the antagonist's pain - but I'll write about that some other time. As in any flying superhero movie, it had the obligatory "casually sitting on the edge of a very tall building" scene - so of course I went straight out and emulated it ^_^

Here are some quotes about superheroes I came across today:

The only difference between a hero and an ordinary person is that heroes have learnt that fear is just a feeling, not a reflection of reality.

Me

Never tell me the sky is the limit when there are footprints on the moon.

Anonymous

Our deepest fear is not that we are inadequate.
Our deepest fear is that we are powerful beyond measure.
It is our light, not our darkness that most frightens us.
We ask ourselves, Who am I to be brilliant, gorgeous, talented, fabulous?
Actually, who are you not to be?
You are a child of God.
Your playing small does not serve the world.
There is nothing enlightened about shrinking so that other people won't feel insecure around you.
We are all meant to shine, as children do. We were born to make manifest the glory of God that is within us.
It's not just in some of us; it's in everyone.
And as we let our own light shine, we unconsciously give other people permission to do the same.
As we are liberated from our own fear, our presence automatically liberates others.

Marianne Williamson, Return to Love

Permalink | Leave a comment  »

Last week they backed down over a single site, dajaz1.com, a popular hip hop blog. They had mistakenly shut it down for over a year, denied all due process, and hid all the details. Despite their obvious lie that none of their seizures were being challenged, they had refused to respond to requests for basic information from dajaz1's lawyer for the entire time. Now that the domain is released, the RIAA continues to threaten dajaz1 with legal action, despite no evidence of wrongdoing, for daring to compete with their business.

This isn't just problematic for reasons of fair competition, due process, and free speech, but also for privacy, as ICE's method is also a means of internet surveillance.

Today the popular sharing website Megaupload announced it is suing Universal for taking down its content from YouTube - content that Universal has no rights to whatsoever. It is this kind of thing which causes thousands of videos to be wrongfully removed every day - YouTube's takedown policy is "shoot first, ask questions never". Usually the rightful uploader can't afford the legal fees, so it's nice to see rare instances like this where the issue gets a chance in court.

These examples from the last week are excellent demonstrations of situations which will be made far worse if US laws like SOPA and PROTECTIP are passed. I previously blogged about PROTECTIP, under which US citizens could get 6 years jail for uploading a video of themselves singing a copyrighted song. SOPA, an even more draconian law, is being debated in the House of Representatives on Thursday. Here's an infographic summary of SOPA, and another summarizing the legal battle. SOPA could destroy the internet - and my language is not too strong.

The imminent passing of SOPA is highlighting the ridiculous hypocrisy of the White House on internet issues that I blogged about in August, and mainstream media is beginning to catch on to the duplicity.

While Chinese users appreciate the irony of SOPA, MPAA boss Chris Dodd actually asked, "If the Chinese censor the internet without a problem, why can't the US?".

Update 14 December: Amendments have been introduced that water down SOPA a bit - the jist of it remains, but it's not quite as insane. It now targets only non-US sites (since US sites can already be dealt with legally) - although for the end-user it's not at all obvious whether a site is foreign or not, and US sites will still be required to self-censor references to those foreign sites. Breaking the internet's DNS system is no longer required, but optional. Also,

Under the amended plan, which was released late Monday, a judge would have to order ad networks to stop doing business with a site “dedicated” to infringing activities. Under the original proposal, a rights holder could make those demands on an ad network or payment processor and effectively kill off the site.

The amendment, however, still gives legal immunity to financial institutions and ad networks that choose to boycott "rogue" sites."

And there are other reasons it's still a very bad law.

Update 10 January 2012:

• The controversy over SOPA has been almost completely ignored by the US TV networks. Not surprising as they all enthusiastically support the bill, and more public attention is unlikely to help their cause. Since October 1, there has only been a single segment covering the issue, by CNN (which did not disclose its parent company Time Warner's support for the bill). Surely this will change as SOPA is becoming an election issue.
• Every member of congress has received more campaign money from supporters than from opposers, usually significantly more (10-70 times as much). So far, supporters have given $92m and opposers $7m. Despite the fact that the opposing internet companies make far more in profits than the big media companies driving the bill.

Permalink | Leave a comment  »

I've been enjoying popology, a great series of mini-sermons based on chart-topping pop music videos, from Christchurch's Steve Bell. I felt the need to spend half a day writing a reply to his most recent video (embedded below):

Your message seems confused - as you admit, even you don't know what you mean. It's tempting to forget the whole message as a wishy-washy muddle, but I'm a fan of your reviews and you state some wonderful truths in this one so I think it's worth trying to sort it out (even if it's taken me half the day).

Of course love doesn't exist in itself - it's a concept. "Love itself has no meaning, but rather it gives meaning to everything. It gives significance to those you love, they become important because you love them." This is great. But the following statement "Love does not exist as something that is itself significant" is confusing. Love is clearly a significant concept, since you're bothering to talk about it. I'd argue it is the most significant concept of all.

Together the two statements "Love doesn't exist" and "Love calls everything into existence" are a contradiction. Something that doesn't exist can't bring anything into existence. But this contradiction can be resolved, and I will do so below.

I think I understand something of what you're getting at. We find truth, meaning, and beauty, by loving each other. Truth is not to be found through academic belief in concepts, but in the active and messy genuine care of others. Any concept of "God" that gets in the way of that is wrong.

But love isn't just a feeling - how do we know we are loving, how do we measure the truth and goodness of love? Like you said in your last review ("We Found Love"): there is good love, and bad love (or alternatively, a spectrum of love from pure to flawed to fake). Pure love is purely giving. But by what basis can we assert this? And how can we believe that good love is possible, or that it really matters?

Because God has shown us good love. We cannot find truth, or love, without God. I'm not saying an athiest can't find truth and love, but I am saying that an athiest finds them because God does exist. God is love but love is not God: For some reason you don't make this distinction, and this probably more than anything is what muddles your message. God exists in himself, unlike love. God is other, a person not a concept, so he can love us, and he can "call everything into existence". And we can love him in return. In God we find not only an object of love, but a definition.

(Disclaimer: Nowadays there's a need to explain the use of the male pronoun "he" in reference to God. It doesn't mean I think God has a gender, it's that in English the gender neutral pronoun "it" is impersonal, and one of the most important things about God is that he is a person we can relate to. I could use "she", but in the Bible, God is much more often referred to as a father than a mother, I am following the Hebrew tradition of the male pronoun, and I'd needlessly offend more people by breaking that tradition.)

Without God, there is no definition of love - or indeed anything at all beyond our own subjective definitions. Without God, all our philosophy, all our talk of truth and love, is like a discussion about colour between the congenitally blind. God exists, so beauty is more than just a subjective feeling, it is a transcendent truth, with basis in the existing, objective world. God exists, so we can have confidence and persistence in believing that love matters, and that we matter, in a broken world which so often tells us to give up.

You do no one a service by falling for the split in our culture that puts objective truth (many would say "science") on one side and subjective love, beauty, and experience on the other. Each is essential for giving meaning to the other.

Love without truth has no definition and is meaningless. Truth without love is useless and meaningless. God is both, but much more than that, we can love him and therefore have a commitment to an ideal of love, and perfect loving actions, which do not exist in the world - apart from a sole example, Jesus.

Through the story of the Bible, God has shown us that he loves us - that we are meant to love and live in unity with the world - and that his love is so perfectly unselfish that he gave himself to die for us, so that we can ourselves aspire to, and ultimately attain, an attitude whereby we love like Jesus did.

The life, death, and resurrection of Jesus is the most beautiful story of love I've ever heard. All other stories pale in comparison with the purity of the love God showed on the cross, the epic scale, and accessible focus on the raw humanity, questioning, and suffering of Jesus. It is that love which gives my life meaning and which has kept me from ending it all when I've been in very dark times, doubting the validity of my own existence, and giving in to the messages of meaninglessness pervasive in our world.

Don't water down your message, despite its inherent offence in rebuking our human arrogance and apathy. Don't pretend even for a second that you have a better definition of love than God. Without God, you have no message at all.

Now more than ever people need to find a love with substance and truth - a love like Jesus: "love with skin on", God with us.

* * *

P. S. To those reading this who don't share my faith - this isn't a complete message of the good news of Jesus, it doesn't make sense by itself. If you're interested in hearing the whole thing, and addressing any objections you may have, I'd love to talk with you more about it - get in touch with me via email (chris at gracefool.com) or Facebook.

* * *

Update 13/12: Steve explains himself in our Facebook discussion, reproduced below:

Steve (12:34 12/12/2011):

Christopher, what an excellent response. There is so much I like in what you've written on your blog post.

I like your disclaimer. And I like that your worldview leads to meaning and life in dark times.

I have trouble with your assumption that, because I don't understand, I must be confused. I don't necessarily equate the two. Do you?

What makes you think I've watered down my message?

Here's a song by a favourite artist of mine. I've just become aware, thanks to your post, that my review/comment may be doing to some just what this song does to the listener:

Sadly, no nice video to accompany it, but I find the lyrics compelling enough. It took me a long time to get this song. I'm sure the point of it will be more apparent to you.

Me (14:20 12/12/2011):

Thanks Steve :)

Looking at my post now, I disagree with a lot of it, the way I said it. It touched a sensitive spot in me, and I'm sorry for taking a more oppositional stance, and especially for my arrogance.

I don't know if you are confused - I just said your message was confused. I should have said "unclear". Your message was unclear on purpose, which means it's more likely that people will take your message the wrong way - which is probably what I did.

So what do you mean by "God does not exist"? I agree that, like love, God is in a different category of existence, because he "calls everything into existence". We cannot know God without embracing mystery, the fact that we cannot understand him, we cannot fit him in our head, let alone the way he exists. Nevertheless we can know him - we can relate to him - and this is where I took exception. God may be in a different category of existence - but he also makes himself available in our category of existence - we can know him as a real person, and be certain of his being there for us. Do you mean to say this isn't true?

I don't think you do, which is why I wondered if you were compromising your message. Taken by itself, your video seems to be that way. I think you're right - like "It's Better To Be Dead" (great music BTW, and funny how the protagonist is Christopher :p) it tears down our assumptions, our vain attempts to categorise and understand everything, and find meaning in what we do. Like Ecclesiastes, "It's Better To Be Dead" reminds us that everyone dies, whether foolish or wise... we should stop trying to judge everything, happiness is not to be found that way... a worthy message, but stopping there, as the song does, is quite depressing. Like that, your video leaves us hanging, without answers or meaning... so I guess I jumped in to fill it. We can't be happy without meaning, we can't move without at least the illusion of it, and we can't live with a belief vacuum - something will jump in to fill it, the only question is whether it is truth or lies. To be sure, I have spoken messages like yours, to create questions, to highlight meaninglessness, but I regret every message of mine which stopped there. We have been given such an awesome message of hope, why not tell it?

Steve (14:39 13/12/2011):

No worries, I totally appreciated that I would be shot at dawn for this review.

The point of "It's Better To Be Dead" is less about reminding us of our ultimate fate, and more about what it does to the listener in hearing it: No-one goes, "Yes. Yes it is better to be dead, for the dead feel nothing".

Instead, it's like placing a strawberry on the table, and telling my three-year old son that he must not touch it. Of course he'll rally against what he's been told - it's his nature - that strawberry has one destination - his grinning chewer.

To tell the living that life is not for them is to call the living to life in perhaps the most powerful way.

Though I acknowledge it was not my witting intention in this review, what then happens when the listener is told that God - or love - does not exist? Christopher devotes half a day to making a case that God is. You weren't really trying to convince me, were you?

Me (15:20 13/12/2011):

Hehe well then, nicely played ;) I'll happily spend more than half a day (my whole life) making a case that God is.

I wasn't sure. I haven't seen you come out and say your purpose, your main message, in any of your videos (although I've only seen about half of them).

Steve (16:21 13/12/2011):

Don't watch the other half - I probably would take issue with myself about what I said by now... ;)

Permalink | Leave a comment  »

You may have noticed, I went ahead and moved this blog from gracefool.posterous.com to my own domain gracefool.com. Unfortunately this means you can't see the likes and retweets for the old posts. Some +1s have shown up, so looks like Google+ has it sorted, but not Facebook or TweetMeme. Oh well - they're out there somewhere. So yeah it's not that my blog had no audience until now. My most popular post was "From next week, P2P in New Zealand is illegal", despite it being my least favourite (it turned out the main point didn't really matter). My followup post was much better, but it didn't catch on. It wasn't helped by Wikia looking ugly.

After my trial run with Wikia I decided it isn't ready for what I want (a blog with MediaWiki collaboration tools). Perhaps it's possible to make it look nice like Posterous, but it would be a lot of work. I also found a bunch of very annoying bugs, including an inability to edit old revisions, and issues with blog posts. Wikia isn't quite what I want anyway, it doesn't give the admin full control of the wiki - if an admin doesn't logon for 30 days, the wiki is released for adoption by someone else.

I think Wikia is still worthwhile for other things though, so I started the Ultimate Snap wiki with a comprehensive rule set. Ultimate Snap is my favourite tabletop game - if you think Snap is boring or just for kids, try Ultimate Snap and you'll likely change your mind, the only limits are your imagination, and it's inevitably hilarious. Strategy is simple and card counting isn't much use so it's a perfect party game. I made the Facebook page for Snap too, because I like creating pages - Facebook is my favourite computer game ^_^

Permalink | Leave a comment  »

A rambling introduction to practical epistemology, or "How you're ignorant and almost totally clueless":

Cluelessness

Most people have some conception of their ignorance; but as the saying goes, "the more you know, the more you know you don't know" - as your circle of knowledge (the dot in diagram) grows, your circle of ignorance grows even faster. It's not that you're actually becoming more ignorant: things in your circle of cluelessness are now in your circle of ignorance - you're now aware that they exist, but you don't understand them. Cluelessness includes all those things we're completely unaware of; we don't even know to ask questions about them.

Cluelessness, the set of "unknown unknowns" only includes things you could know; it does not include unknowable unknowns, which would be a vastly larger (probably infinite) set. These are things our human brains - or even enhanced human brains (if you believe that may one day be possible) - cannot know, despite their being true. For instance, the knowledge of the state of every impulse in your own brain at the present time - a brain cannot fully know itself. Examples of things mainstream science believes to be unknowable include quantum uncertainty, knowledge of things beyond the cosmological horizon, and certainty in the future of anything beyond the simplest isolated systems (chaos theory demonstrates how complex systems quickly become totally unpredictable - even if you understand how every element operates).

Resolving details

To me, the modern computer, being the most complex tool ever created by man, is a great example of straightforward, knowable knowledge. Everyone who has heard of a computer is aware that they're ignorant of how they work (even world experts don't know the details of parts beyond their specialty). For most people, "how computers work" is almost entirely in their circle of ignorance. To most, a computer is a magic box which takes input (eg. via mouse & keyboard) at one end, and emits a picture at the other, and they have no conception of how the box works beyond it using electricity. They're aware of their ignorance; they're unaware of all the details, which are in their circle of cluelessness. For instance, they can't ask a single question about why their computer sometimes stops working for no apparent reason, beyond "Why?". Their circle of knowledge can be increased by believing a statement like "some of the electrical power in your computer is used to spin a 3.5 inch metal disc at 7200rpm". Knowledge creates knowledge, and they are now able to link this new fact with previous knowledge, perhaps realising that "drilling a hole in my laptop while it's on may be dangerous, even if I'm protected from electrical current". It also moves information from their cluelessness circle into their ignorance circle: if their laptop stops working, they might now ask a relevant question "Was the spinning of the disc disturbed (perhaps because I was dancing while holding my laptop)?" All this despite being ignorant about what the disc does (apart from spin and use power), and clueless about the details.

Interestingly, even in entirely man-made systems like computers, there are things humanity is clueless about - as circuits gets smaller they get closer to the limits of our knowledge about how particles interact on a nanoscopic scale, and surprising behaviours emerge. So yes there exist truly inexplicable computer bugs (they're mostly compensated for through redundancy).

Resolving details is the easiest kind of cluelessness reduction. More important kinds of cluelessness are less straightforward; for example, grasping the fact that other people have different ways of thinking and feeling. The evidence of how well a person knows that is their ability to communicate.

Self-deception

The above diagram represents the set of knowable truths: the best we can discover with our capabilities (mostly defined by being human, but capabilities also differ between people). This best is an absolute ideal, not relative - given who we are.

Our failure to reach that ideal isn't because we don't know enough stuff, it's more because we're unable to tell fact from fiction: most of what's in our circle of knowledge isn't actually true. We decide what knowledge to investigate, and what to accept, on the basis of our belief system, which is extremely biased. Here's a close-up of the previous diagram:

The self-deception circle may seem too big, but that's because it's unconscious (or semi-conscious). We're aware we have some self-deception, but we're clueless about the details. As Freud pointed out, the facts we grasp are often cherry-picked by our emotions (conscious and unconscious), which are often echoes from our early childhood - false impressions of ourselves and the world that we adopted, not having enough knowledge to correctly interpret what was going on. Another example of how knowledge enables more knowledge - the wise get wiser in the same way that the rich get richer (but more powerfully since wisdom is harder to lose than money).

The only way to shuffle these circles in such a way as to increase your set of true knowledge is to compare your sets with those of knowledgeable people and adjust accordingly. The trivial increase is to reduce your ignorance - Google is handy for that. You can also learn new ways of thinking (reducing your unknown unknowns), and become more self-aware (reducing your self-deception) - but these are much more difficult as they push against your habits and ego. These latter, along with your base assumptions and ultimate authorities of truth, determine your ability to recognize truth. Knowledge about knowledge, and the ways you compare your knowledge, is therefore of the utmost importance.

An example of some ways people mis-compare knowledge is the Dunning–Kruger effect, where highly competent people are likely to assume others are similarly competent, therefore underrating their own ability (illusory inferiority), while the incompetent are unable to recognize their own mistakes, thereby being much more confident than their abilities warrant (illusory superiority). Interestingly, this phenomenon is much less common in East Asia, often even reversed.

Going back to the example of computers, I've experienced first-hand (having provided IT support since my pre-teen years) how the people who are the most impatient with computer technicians, are the people who are the most ignorant about computers. People with a bit of a clue get less frustrated when something goes wrong because a) they don't expect computers to never fail, b) they realise they may have unknowingly contributed to the problem, and c) they don't assume the solution is simple. The most ignorant people don't realise any of that, because they don't even know they're ignorant, and the knowledge of the expert threatens their self-deception: that they understand their world. It doesn't help that young computer experts are notorious for underestimating the ignorance of non-experts (the other side of the Dunning-Kruger effect).

We can reduce and compensate somewhat for our biases by developing our awareness of them. Hence the ancient Greek maxim "Know yourself". When we're unaware of our inherent biases, we're vulnerable to making all sorts of unfair judgements, and to being manipulated, whether we're being sold a product, a religion, or any knowledge. Mostly we develop self-awareness by the feedback of wiser friends, but some theory is useful too. Some of my favourite teachers of psychological patterns include:

• Wikipedia's list of cognitive biases
• You Are Not So Smart (blog and book)
• Wired's Frontal Cortex blog
• The Power of Persuasion
• Fooled by Randomness (it also has an excellent bibliography I'd love to work through)

Epistemology

Knowledge about knowledge includes trust in the ability of a discipline (eg. science or another philosophy) to discover reality, trust in a reconstruction of history, trust in a person, or trust in a Creator. In other words, meta-knowledge is faith. Faith makes possible the acceptance of unknowns, or unknowable unknowns (mystery and wonder). Other kinds of knowledge include the physical (eg. distinguishing smells, bodily co-ordination), humour, sex, hope, aesthetics, and love.

Some epistemologies, especially love, embody an implicit understanding of the human condition of knowledge, being humble enough to recognize the limitations of knowledge, enabling the celebration of the other despite not understanding them, creating the desire to know others despite their differences.

* * *

Inspired by a five-part series from the New York Times about anosognosia (the unawareness or denial of disability).

If you have practical knowledge about knowledge, please share your thoughts or titles of books you've found valuable on the subject.

Permalink | Leave a comment  »

When I discovered this, I was shocked. Essentially, you have no privacy when you browse the internet (let alone actively communicate with it) - and you can mitigate this only by means which severly impact usability. Here's how it happens, and what you can do to protect yourself.

The problem

The above article by a researcher at Stanford is a great explanation of what is probably the biggest problem with browsing the internet: Your visit to almost every popular website is tracked by ad networks. This interactive infographic from the Wall Street Journal demonstrates how each visit to a selection of popular kids websites is being tracked by hundreds of advertising companies. Here's a list of the top 100 webpage elements used to track you.

Companies often claim the data they collect is "anonymous" because they don't directly record your name or data directly identifying you. This is false - the data is more than enough to uniquely identify you (I'll explain how below). If desired, they can link that data to your "real-world" information - name, address etc - thereby generating a detailed profile of you and your history of browsing, purchasing, and other online interactions. There's a growing market for such services, called "de-anonymizing", a kind of data-mining that turns supposedly anonymous information into real identities.

This is just part of the larger issue of increasingly widespread privacy violations by private companies that have very little accountability.

Customer data is valued immensely by corporations, and you're giving it away constantly just by loading webpages. Imagine if someone read through your browser history every day. Major ad networks have the capability to do that, for the sites their scripts run on - that is, almost all the sites you're likely to visit. Do marketing companies and random websites really deserve your trust - that they won't use your data in an undesirable way, or hand it on to third parties? And if they're trustworthy for that (which is doubtful, since they have little or no accountability for how they use your data), do you also trust that they won't be hacked, or subverted by a rogue employee?

How the networks track you, and what you can do about it

You might think that your privacy is protected by virtue of sharing a connection (IP address) with others, or being with an ISP that gives you a dynamic IP address (an address which sometimes changes). Firstly, there are statistical methods to separate users with a known probability of correctness; more importantly, all such protection will disappear under IPv6, where there are enough addresses for every machine to have a permanent address.

But in any case, tracking companies don't even need your IP address to uniquely identify you. They can use your browser.

Even if you block cookies and hide your IP address through a proxy, you can still be uniquely identified through Javscript in your browser, in two ways: One, websites can re-create any of their cookies that you remove and block. Two, your browser provides a huge amount of information to websites. EFF's Panopticlick project demonstrates how that information is enough to uniquely identify you. The only proper protection is to completely disable Javascript - which stops most websites from displaying properly and some being readable or functional at all. Torbutton does all of the above and is widely considered the best way to protect your privacy online - but expect a frustrating experience as your browsing is much slower and websites depending on Javascript fail to work properly. So I don't use it much, instead I use a raft of browser add-ons and custom settings to make me more difficult to track (some of which make browsing more complicated and frustrating, but they also increase security). I also use PeerBlock to block loading content from known ad-network IPs (PeerBlock is very ineffective at stopping anti-piracy detection, which is what most people use it for, but it can be a minor help in increasing privacy), and Scroogle (scraped Google) to search without being logged.

Measures like this are really the only thing you can do - apart from educate your friends about why privacy on the web is important, so eventually the issue might become important enough that governments better protect the privacy of their citizens. That being said, laws aren't likely to have a huge impact, and there isn't much incentive to favour consumer privacy over corporate interests. The market will never fix itself because private information is a lemon market. In New Zealand, the Privacy Commission has done some great work but it's like trying to stop the tide.

Of course privacy from the government is another issue (an important one, which I will deal with more in another article). Preventing the government from spying on your online activity is harder still - it's possible but you need a good awareness of your exposure. Torbutton is a minimum requirement, stronger protections like Off-the-Record Messaging, friend-to-friend networking and steganography tools like OpenPuff are needed in many cases. And of course don't login to websites like Google and Facebook which provide your private data to governments via an automatic interface without needing a search warrant - so you'll also need an alternative email provider.

As you can see, this stuff is complex. One thing interested people in Wellington like myself are working on is making real privacy easier for ordinary users. We need your help - especially programmers, web designers, logo designers, marketing and communications people.

Permalink | Leave a comment  »

In a landmark speech that defined Internet freedom as a key tenet of U.S. foreign policy, [US Secretary of State Hilary Clinton] repeatedly named countries, including China, which had thwarted progress. ''Those who disrupt the free flow of information in our society or any other pose a threat to our economy, our government and our civil society," Clinton said. "Countries or individuals that engage in cyber-attacks should face consequences and international condemnation.'' She warned "countries that restrict free access to information or violate the basic rights of Internet users risk walling themselves off from the progress of the next century."

Washington Post, 20 January 2011

That sounds great. But let's examine it for a moment:

"Countries or individuals that engage in cyber-attacks should face consequences and international condemnation.''

Is Clinton condemning the US? Cyberwarfare is a reality and the US is, as in every other military technology, at the forefront of it. In 2008 Congress ordered DARPA to spend $30 billion or so on cyberwarfare technology. The US has been conducting cyber attacks for years, for instance this one in 2008 on a webforum in Saudi Arabia (which inadvertently disrupted more than 300 other servers in Saudi Arabia, Germany and Texas). The Department of Defense knows the danger the internet poses to their military power. An American think-tank influential on the Bush Administration wrote:

Control of space and cyberspace. Much as control of the high seas - and the protection of international commerce - defined global powers in the past, so will control of the new "international commons" be a key to world power in the future. An America incapable of protecting its interests or that of its allies in space or the "infosphere" will find it difficult to exert global political leadership.

Rebuilding America's Defenses, p. 51

Or this from a document commissioned by the Pentagon in 2003:

DoD's "Defense in Depth" strategy should operate on the premise that the Department will "fight the net" as it would a weapons system.

Information Operation Roadmap, p. 13

Still, it's understandable that Clinton would say something like that - even US head of cybersecurity Howard Schmidt said in March 2010:

There is no cyberwar... I think that is a terrible metaphor and I think that is a terrible concept. There are no winners in that environment.

"White House Cyber Czar: ‘There Is No Cyberwar’", Wired magazine

So the White House is saying one thing, while the DoD continues their massive effort to conduct covert cyber-attacks and improve their attack capabilities. The same is true of internet censorship:

"Those who disrupt the free flow of information in our society or any other pose a threat to our economy, our government and our civil society."

"Countries that restrict free access to information or violate the basic rights of Internet users risk walling themselves off from the progress of the next century."

Indeed, the US is spending $19m to help people circumvent government internet filtering. But it hardly compares to the $30b the DoD is spending to do the exact opposite - developing tools to take control of the internet and block unwanted traffic.

It also doesn't compare to the censorship and surveillance tools sold by US companies (Cisco, Oracle, Motorola and others) to repressive states like China and Iran. A leaked internal Cisco presentation from 2002 talks about how its products can be used to address China's goals of "maintaining stability" and "combat 'Falun Gong' evil religion and other hostiles". The US is making no effort to prevent the sale of surveillance and filtering tools to authoritarian regimes.

At the same time, commercial interests have successfully convinced the US to filter the internet against file-sharing and video websites, despite this being in violation of the US constitution. Due to pressure from "American companies" - namely, the entertainment oligopoly - it is using free trade agreements to successfully pressure governments worldwide (eg. UK, NZ, France, South Korea) to push through copyright laws in violation of their own constitutions (as well as the US constitution). These laws are having a chilling effect on free speech through subversion of copyright law.

Other quotes from Clinton in the same Washington Post article:

"Censorship should not be in any way accepted by any company from anywhere... American companies need to take a principled stand. This needs to be part of our national brand."

"We must be wary of the steel vise in which many governments around the world are slowly crushing civil society and the human spirit"

It's a good call. But it's doublethink.

Not only is the US leading the way in developing tools to disrupt the internet, shutting down international websites, censoring peer-to-peer communication technologies to appease select industries, and pushing undemocratic laws onto other counties.

Along with other western governments they are increasingly shutting down cellphone and internet communication in an effort to prevent protests.

In future posts I'll write more about censorship and how the US government is being tempted to go too far, with no real benefit to national security or public order.

Whether government duplicity on cyberwarfare and censorship is strategic and intentional, or a result of confusion and division (probably both): if the land of the free wants to stay that way, the brave need to step up and ensure it.

Other sources

• "Pentagon Secretly Goes To War With The Internet", Infowars.net

Permalink | Leave a comment  »

I'm considering leaving Posterous for something better: Wikia! I'm still working it out, until I do I'll cross-post the links to here.

Full post from yesterday

(This is the sequel to last week's post, "From next week, P2P in New Zealand is illegal".)

Permalink | Leave a comment  »

Firstly, the latest footage.

Many are proud of their looting and vandalism - these girls say they're "showing the rich people we can do what we want". Why?

Ros Griffiths, who runs the Employment café in Brixton, which provides advice to jobseekers, says the violence across the capital is the result of years of tension between working-class people and the authorities.

"Young people who feel vulnerable feel that there's no jobs, there's no future, there's no prospects. They feel that nobody cares about them so they don't care.

"They've lost respect for authority because at the end of the day if it was just about what happened in Tottenham, that'd be an isolated situation. That was just a trigger," Ms Griffiths says.

A theory echoed by Professor John Pitts, a criminologist who advises several London local authorities on young people and gangs:

Prof Pitts says riots are complex events and cannot be explained away as "just thuggery".

They have to be seen against the backdrop of "growing discontents" about youth unemployment, education opportunities and income disparities.

He says most of the rioters are from poor estates who have no "stake in conformity", who have nothing to lose.

"They have no career to think about. They are not 'us'. They live out there on the margins, enraged, disappointed, capable of doing some awful things."

from BBC, UK riots: What turns people into looters?

The best thing I've read on the insufficiency of the knee-jerk condemnation that we've been hearing so loudly is this blog post from someone living in one of the rioting areas. Why don't people seem to understand that asking why is important? Do they really think crime can be prevented without understanding its causes?

More discussions worth reading about the "growing discontents":

1. conditions similar to those before the Great Depression (The Telegraph, 8 Aug)
2. resentment against the police and the wealthy (The Guardian, 8 Aug)
3. The poor are copying the rich by looting (Liberal Conspiracy blog, 9 Aug)
4. (Added 14 Aug): Anarchy and Austerity: Why London Won't Be the Last City to Burn (The Atlantic, 10 Aug)

Meanwhile, as usual with disasters of all kinds nowadays, there are spur-of-the-moment web-apps trying to help the situation: Zavilia is crowdsourced criminal identification.

On the other side of the technology, more reasons to be careful what you say on Facebook:

1644 GMT: Two 18-year-olds are arrested in Folkestone, Kent, after Scotland Yard says a number of "inflammatory" comments were seen on Facebook in relation to rioting in London and other cities.

1436 GMT: Strathclyde Police have arrested a 16-year-old from Glasgow after a Facebook message allegedly inciting others to commit acts of disorder. Police say they're monitoring social networking sites closely and will take "decisive action" to prevent copycat violence in the Strathclyde force area.

As of 1650 GMT, Scotland Yard says 563 people have been arrested in relation to the riots, and 105 people have been charged. The youngest person arrested is 11 years old. As usual for violent protests, there will be innocent people caught up in it.

More worrying is the recent announcement from the Met that plastic bullets (a British invention for reducing fatalities) are now being given to police to use against the crowds. Thankfully nowadays riot police are much more measured in their approach - frustrating as that may be, the police are protecting life, not property, so hopefully innocent people aren't killed, as happened with plastic bullets in Northern Island.

All of the above found through the BBC's live feed (the page is currently struggling to keep up with traffic).

Update 11 August: Russel Brand agrees.

Update 14 August: My follow-up post.

Permalink | Leave a comment  »

Well, it won't actually be illegal - but you could get fined anyway.

Thanks to a Facebook discussion on the 3strikesNZ page, I've discovered yet another reason the NZ copyright amendment is bad. Non IT-geeks can skip the next paragraph, to summarize it: some rightsholders are targeting not just infringing files, but potentially any user using some kinds of peer-to-peer filesharing software.

Apparently some rightsholders are using the BitTorrent DHT (distributed hash table) to find infringing users. This is terrible practice, because a BitTorrent client, simply by running (even if it has never downloaded or uploaded anything, let alone anything infringing), participates in the DHT and passes on information about which peer to get files from - and some of those files may be infringing. A rightsholder using this method can't distinguish between clients simply participating in the DHT, and those actually sharing the file.

This applies to not just BitTorrent, but any other P2P software using a DHT, eg. eMule, LimeWire, BearShare, Shareaza, giFT clients...

We can reasonably expect these infringement notices to get through the Copyright Tribunal unchallenged, because to challenge it the accuser needs technical knowledge of how their P2P software works. Otherwise all they can say is "I don't know why you think I infringed, I just know I didn't", which of course won't hold up since it's not evidence. People in that situation probably won't bother going to the Copyright Tribunal, they'll just pay the fine.

Come September, it is possible that people will be fined simply for using P2P software.

Hopefully this will help highlight the problems with the new law - despite rightsholder groups pointing to their innocent victims and saying "look how many people we've caught infringing!"

To lazy / non-technically minded people, to be totally safe you should uninstall all your P2P programs. Or, if you're careful and you have some basic knowledge, read the next paragraph:

If you want to be certain to avoid infringement notices, you have to ensure you never run P2P programs using DHT, except through a proxy (which may have a signigicant negative impact your speeds). Don't use BitTorrent through Tor - since you should to be careful that all data goes through Tor, not just the initial connection to the tracker, which slows down both your connection, and everyone else's on the network. If you're not using a proxy for all your data, you you need to either disable DHT (which will also slow you down as you won't connect to as many peers), or stop such P2P programs from running on startup or ever. You could still file-share using a seedbox, or filesharing software designed to be anonymous, like OneSwarm or I2P.

It's worth starting to do this on Thursday (August 11th) rather than September 1st, since you can get notices for activity 21 days before the notice is sent. Tony Eaton, director of NZFACT (NZ Federation Against Copyright Theft), representing the MPAA, says they won't backdate notices from September 1, but the law isn't stopping them or other rightsholders from doing so.

It's ridiculous that I'm giving such advice. I'm a big fan of peer-to-peer for legitimate filesharing, especially in isolated countries like New Zealand, as it means less bandwidth usage, faster download speeds, and better content discovery. Too bad.

There's another important ramification: Don't let any untrusted or ignorant person use your computer or your connection, since they could run a file-sharing program, and even a few seconds of use is enough for the rightsholders' tracking software to potentially find you.

More essential reading on the new copyright law:

• The basics that everyone needs to know
• More details and why it's bad for everyone

Update (1 day later): This doesn't seem to be at all common - it may have happened a few times, but you're unlikely to be caught this way. Still it is a possibility, so if you want certainty, you should take this into account. I've made edits to highlight that.

Sequel (1 week later): This pales in comparison to how rightsholder groups could get people fined just for using the internet... Fined for using the internet? Possible as of today in NZ

Permalink | Leave a comment  »

Customs recently trialled full-body scanners at Auckland International Airport. Here's why we need to stop them being introduced in New Zealand:

1. The most important point: It's security theatre. It doesn't actually improve security, it only makes people feel more secure. There have been multiple instances of box-cutters, razors and even pistols getting through undetected; and in any case there are various simple and undetectable methods for carrying explosives.
2. Safety concerns
   1. The European Commission and several others have recommended they are not used on pregnant women and children.
   2. The machines are not open to scrutiny from independent researchers, the software is closed-source.
   3. If the X-ray beam is stopped for even a second, the concentrated radiation would cause serious injury. Any use of powerful X-rays is inherently dangerous. Even medical scanners have malfunctioned and caused delivered significant overdoses (causing hair loss, full-body rashes and seizures¹) despite all safety precautions; even more disturbingly, in some cases overdoses were not detected for over a year. Normally the very small risk of malfunction, and the radiation dose (with its corresponding increased risk of cancer), is acceptable because of the very likely benefits; but in this case there is no direct benefit to the person being scanned.
3. Privacy concerns
   1. Many people believe it is against their religion to expose themselves to a stranger.
   2. Machine specifications require the ability to store the images (despite TSA claiming the opposite).
   3. Airport employees have been caught using the nude pictures of women as pornography.

References at the Wikipedia article. Which BTW is messy and biased so as always feel free to improve it!

Permalink | Leave a comment  »

Seriously.

Sign this to protest

I never thought I'd be considering voting Green, but they're the only party with an informed stance of any kind on issues of the interwebs - you know, those ethereal pipes where we now spend half our lives.

Permalink | Leave a comment  »

This is a repost of a post I made on Facebook on March 27.

There is a systematic problem with research arising from the conflict of interest of scientists whose funding is not dependent first and foremost on finding the truth. I first encountered the problem at university when we were told what the result of our lab work should be and taught how to manipulate our results. Several scientists I spoke to admitted that fudging results was standard even in academia - because negative results aren't published.

John Ioannidis is an extremely influential meta-researcher whose paper "Why Most Published Research Findings Are False" has been widely read. He found that 80% of non-randomized trials (by far the most common type) are later refuted. For randomized trials, 25% are later refuted, and 10% of large-scale randomized trials (these are very expensive and hence rare). He also found that of 49 of the top most highly regarded and cited research findings in medicine over the previous 13 years, 45 claimed to have uncovered effective interventions, 11 of those had *never* been retested, and of those that were, 41% had been convincingly shown to be wrong or significantly exaggerated. "Even when the evidence shows that a particular research idea is wrong, if you have thousands of scientists who have invested their careers in it, they’ll continue to publish papers on it."

Even after that, Ioannidis says, "the odds that anything useful will survive from any of these studies are poor." And it's not just medical science; the same issues distort research every area, from economics to archaeology to physics.

"We could solve much of the wrongness problem, Ioannidis says, if the world simply stopped expecting scientists to be right. That’s because being wrong in science is fine, and even necessary—as long as scientists recognize that they blew it, report their mistake openly instead of disguising it as a success, and then move on to the next thing, until they come up with the very occasional genuine breakthrough. But as long as careers remain contingent on producing a stream of research that’s dressed up to seem more right than it is, scientists will keep delivering exactly that.

“Science is a noble endeavor, but it’s also a low-yield endeavor,” he says. “I’m not sure that more than a very small percentage of medical research is ever likely to lead to major improvements in clinical outcomes and quality of life. We should be very comfortable with that fact.”"

The above four paragraphs are mostly from this article: http://www.theatlantic.com/magazine/archive/2010/11/lies-damned-lies-and-medical-science/8269

The related problem to the expectation that scientists be right, is the expectation that scientists be impartial. Although open-mindedness is the ideal that scientists (and indeed all people) aim for, scientists are as biased as anyone else, and we should expect that, like everyone else, their beliefs and self-interest will affect their conclusions. Instead of presuming superhuman detachment, we need to encourage scientists to be honest about their biases. Only then can their research be taken with the necessary grain of salt so that the people who make important decisions based on that research do not give it undue weight or credibility. Also, bias can often be compensated for using meta-analyses and comparing research of opposing bias.

Some other articles:

• http://www.newsweek.com/2011/01/23/why-almost-everything-you-hear-about-medicine-is-wrong.html
• A lot of meta-analyses only make the problem worse, by hiding even more bias under the cover of supposedly reducing it: http://www.patrickholford. com/index.php/blog/blogart icle/928/

⁂

The rest of my health science bullshit series, for reference (let me know if you don't use Facebook and are interested in me reposting these here on posterous):

1. Series intro, and is fat & cholesterol really so bad for you? https://www.facebook.com/gracefool/posts/154133517981285
2. Watching your weight is stupid https://www.facebook.com/gracefool/posts/191197527585943
3. The shoe industry https://www.facebook.com/gracefool/posts/150231125040416
4. Most anti-depressants are placebos https://www.facebook.com/note.php?note_id=10150127929393926
5. The "fat burning zone" on your treadmill https://www.facebook.com/gracefool/posts/10150111367876160

Permalink | Leave a comment  »

If you're interested in geeky computer stuff, you may have heard of Bitcoin, the peer-to-peer cryptocurrency. There's been a new wave of interest in the last few weeks, and prices have risen to over $8/BTC from its beginning in Feb 2009 - giving the market a valuation of over US$55m. So I thought I'd investigate, as it implements many interesting ideas.

Bitcoin tries to replace central banks with cryptography. The idea is to have money that, unlike other currencies, can't be controlled by a central government. The currency is seeded by using processor power to perform intensive cryptographic calculations, the digital equivalent of running in circles. This is now barely worthwhile as more people have bought into it (this is by design).

My verdict: Bitcoin is "a speculative investment vehicle backed by no physical assets masquerading as a currency substitute"¹, and a poor payment system. Here's why:

Bitcoin as a currency

Bitcoins claim to be "safe from instability caused by fractional reserve banking and central banks". This is ridiculous. Adam Cohen's answer at Quorum demonstrates that Bitcoins are far more unstable: No central bank and no backing by physical assets means no stability - and stability is the most important thing about a currency. So far, its extreme liquidity has meant it is extremely volatile - just like a speculative bubble.

It's also likely to run afoul of the law - in most countries it's technically legal, but all governments want control of the money supply. It will never become popular since you can't pay your taxes in Bitcoins. It is also a favoured payment system for digital fraudsters. Bitcoin is commonly used for:

1. Fraud and scams
2. Money-laundering (anonymizing criminally-obtained money)
3. Black-market trading (eg. drugs)
4. Income tax avoidance
5. Structuring (see below)

More importantly, not only is it far from "safe from instability", it can be controlled by governments.

Bitcoin as a payment system

As a payment system, it's not what it's cracked up to be:

• It doesn't offer anonymity, despite some claims to the contrary - it's merely pseudonymous as all transactions are public to the world. There are techniques to increase your anonymity but they are difficult. As Bitcoin becomes more popular, it will become easier to be anonymous, but still Bitcoins are far more traceable than cash, even after taking precautions. Anonymity techniques involving bitcoins worth large amounts of money (over FJ$1,100 to US$58,000, depending on your jurisdiction) are likely to violate anti-structuring laws.
• It's vulnerable to takeover by processor farms and botnets.
• It's vulnerable to being outlawed by governments, for the same reasons as for the currency. If it becomes sufficiently popular for criminal activity, or popular enough in general, governments and banks will respond (to the illegal usage and the destabilizing effect).

Conclusion

While an interesting idea, Bitcoin is flawed.

As an investment or store of value, it's speculation propagated by gullible survivalists and technoutopian anarchists. It may not be a purposeful scam, but it has the same function - a few people (especially the developer and some botnet herders) have made a lot of money from latecomers. It's a bad investment, no matter how much you want to support the general concept.

Bitcoin isn't worthless as a payment system. It's an interesting experiment for people wanting to work around the government and willing to take the risks inherent in that. Like cash, it has legitimate uses, but unlike cash, it's not anonymous, and it's nonetheless likely to run into trouble from governments.

Other sources - for

• Wikipedia
• Bitcoin FAQ
• Why Bitcoin is smart, and not a scam
• Is Bitcoin the Wikileaks of Monetary Policy?

Other sources - against

• BitCoin skeptics and boosters debate @ BoingBoing
• Post @ Bogleheads

This article has been cross-posted at Quora (1, 2) and improved thanks to discussions there and here (below).

Permalink | Leave a comment  »

Yesterday police seized the servers of Germany's Pirate Party.

Apparently this is because the Pirate Party hosted a document collaboration tool (EtherPad, forerunner of the collaboration tools in Google Docs) - on one of their servers. Someone posted an SSL key in the (public) document, which was then used by the hacker group Anonymous to attack the website of the world's largest utility, French company EDF. EtherPad was only running on one of the servers but nevertheless police took all servers including their mail and other important infrastructure. This was in response to a request of the French police, and the German police were not legally required to comply. In fact Germany has some of the best privacy protections in the world, which makes it more shocking.

Rick Falkvinge, head of the Swedish Pirate Party, wrote:

Doing this to a democratic party — Germany’s sixth largest, actually — two days before an election is nothing short of a democratic sabotage. This shows why we must introduce understanding of information policy into the justice system all across Europe. A computer is not just something you can carry away; doing so has consequences. It is not a wrench, and yet the law (and police) treat it like any tool, just like a wrench.

Not terribly surprising that the website of the German police has been down since not long after the news was announced... The Pirate Party has distanced itself from the attacks.

Other references

• Early story at TorrentFreak
• Story at Ars Technica
• Slashdot discussion

Permalink | Leave a comment  »