systemcall dot org

I have recently joined the IETF Smart Grid group to see what people were talking about it and to put away my fears on security and privacy. What I saw was a bunch of experts discussing the plethora of standards that could be applied (very important) but few people seemed too interested in the privacy issue.

If you see the IEEE page on Smart Grids, besides the smart generation / distribution / reception (very important) there is a paragraph on the interaction between the grid and the customers, being very careful not to mention invasive techniques to allow the grid to control customer’s appliances:

“Intelligent appliances capable of deciding when to consume power based on pre-set customer preferences.”

Here, they focus on letting the appliances decide what will be done to save power, not the grid or the provider. Later on, on the same paragraph:

“Early tests with smart grids have shown that consumers can save up to 25% on their energy usage by simply providing them with information on that usage and the tools to manage it.”

Again, enforcing that the providers will only “provide [the customer] with information”. In other words, the grid is smart up to the smart meter (that is controlled by the provider), where inside people’s houses, it’s the appliances that have to be smart. One pertinent comment from Hector Santos in the IETF group:

“Security (most privacy) issues, I believe, has been sedated over the years with the change in consumer mindset. Tomorrow (and to a large extent today) generation of consumers will not even give it a second thought. They will not even realize that it was once considered a social engineering taboo to conflict with user privacy issues.”

I hate to be pessimist, but there is a very important truth in this. Not only people are allowing systems to store their data for completely different reasons, but they don’t care if the owner of the system will distribute their information or not. I, myself, always paranoid, have signed contracts with providers knowing that they would use and sell my data to third parties. The British Telecom is one good example. He continues:

“Just look how social networking and the drive to share more, not less has changed the consumer mindset. Tomorrow engineers will be part of all this new mindset.”

There is no social engineering any more like it used to be. Who needs to steal your information when it’s already there, on your Facebook? People are sharing willingly, and a lot of them know what problems it may cause, but the benefit, for them, is greater. Moreover, millions bought music, games and films with DRM, allowing a company control what you do, see or listen. How many Kindles were bought? How many iPhones? People don’t care what’s going on if they have what they want.

That is the true meaning of sedated privacy concerns. It’s a very distorted way of selfishness, where you don’t care about yourself, as long as you are happy. If it makes no sense to you, don’t worry, it makes no sense to me too.

Recently, the Future of Privacy Forum published an excellent analysis (via Ars) on the smart grid privacy. Several concepts that are easy to understand how dangerous they can be, became commonplace to not think about it or even consider it a silly worry, given that no one cares anyway.

An evil use of a similar technology is the “Selectable Output Control“. Just like a Kindle, the media companies want to make sure you only watch what you pay for. It may seem fair, and even cheaper, as they allow “smart pricing”, like some smart-grid technologies.

But we all have seen what Amazon did to kindle users, of Apple did to its AppStore, taking down contents without warn, removing things you paid for from your device, allowing or disallowing you to run applications or contents on your device as if you hadn’t pay enough money to own the device and its contents.

In the end, “smart pricing” is like tax cut, they reduce tax A, but introduce taxes B, C and D, which double the amount of taxes you pay. Of course, you only knew about tax A and went happy about your life. All in all, nobody cares who or how much they pay, as long as they can get the newest fart app…

While EA seems to have understood how to play the game, the Swedish court (and the European legal system) not only fails to get it, but also came with a lame excuse to reject the pirate bay retrial.

On one side, one of the judges was a member of several copyright protection groups and forgot to mention that before the case. This fact itself should be enough for a reconsideration of the decision, as his interests were too tied up with the case to have a fair opinion. But what bugs me most is the reason (or rather, the excuse) of why they are still determined to make them pay for their “crimes”.

The court found them guilty because, it said, they continued to operate the service even when they knew users were being pointed to pirated material.

So, they’re not keeping any copyrighted material themselves, and they have a clause that takes away their responsibility of whatever material is shared across their networks, but that’s not enough, they should have done something.

Let’s say they did have to do something, now we should apply the same rule to others as well right? What about the weapons industry? They know it’ll be used to kill other people, but they still make it and sell it (much worse than only provide the means). What about the tobacco industry? They know it’s not healthy, they know people will get lung cancer, but they still do it (and quite a lot of it).

What about the recording industry? Yes, the same one that is accusing pirate bay of “harming the artists”, forces artists to sign diabolical contracts where they get all the money and the artists get all the work. Who’s harming the artists in the end?

I completely agree with the court decision, as long as they apply the same rule to everyone. No more firearms (for civilians, at least), no more cigarettes, 50/50 for contracts. Fair is fair.

Since the early days (millions of years ago), the human race is being watched. Not by any sort of god or alien race, but by itself.

During the cave age, human-apes lived in groups. Either on trees or proper caves, they were all together. It was, then, pretty impossible to do something and not being noticed. If you want to enjoy the sunset while all others are working hard on protecting the cave, you’ll be spotted. If you get someone’s else wife for a ride, people would know.

Empires came and went and the only thing they brought as a relief for that was the number of unknown people around you. People would know you on your neighbourhood, but you could go away a few blocks and you’d be a total stranger. Moving cities was even better, but that was nothing that you couldn’t do during the cave age.

Even with the ability of changing homes, during your stay in a particular place, you are being watched. Not all vigilance is bad, though. Some might learn that you like football and invite you for the local team. Others could notice you left your door open and warn you, and even babysit your children.

Whenever you interact with the people, you invariable leave a trace. If a policeman asks your neighbour where have you been, he’ll probably have a good hunch and that will probably help the police to find you. The only thing that matters, really, is if you’re lost (and needs finding) or running away.

The Internet is a much bigger place than any city or country, it’s far easier to go on without being noticed. But, as with real life, people are watching. Sometimes for good, other times for bad, and that doesn’t make the Internet any different than the real world.

If you come to my house, I’ll remember. When you visit websites, your IP and page you visited is logged on their servers. We eventually forget your visit, if you were not that important, or clear old logs from the server, but for a while, you are there.

Being logged in a server is no different than being remembered, and that’s hardly a bad thing. What is bad is what you do with that piece of information. And for that, it doesn’t matter if you’re on the net or at my house, it’s a violation of your freedom for me to use that information solely to my profit. Hiding behind proxies is not the way to go, because that is only pushing your freedom even further away.

So, what is neutrality?

Net neutrality is to give the freedom to people do whatever they want, whenever they want and not cap their ability for profit or legal reasons. This may seem dangerous, if someone is trying to do any harm, the chance they’ll succeed is big, but that is also the case with real life. Suicide bombers,, for instance, always manage to explode themselves and no one can do anything about it.

Well, they can, and that leads us to a much worse scenario: Guantanamo Bay. Caping everyone’s connections and inspecting everyone’s packets because some will abuse is against human rights. The same with locking people in far away prisons without any charge just because there was a hunch that he/she would do something wrong whenever they would.

Society is complex and evil. Freedom comes with a high price: harm. If you start guessing who’ll do the wrong thing and punishing them before they do, you can surely save a lot of harm being done, but also you’ll harm lots of innocent people to a no return point. Your society will be as bad as the quality of your guess.

So, judging people for the crimes they have commited won’t change the harm they have done, but will save the lives of people that didn’t commit any crime. Crime is part of the nature. Not human nature, but life itself. It’s not possible to stop it once and for all, it’s not possible to accurately predict when it’s going to happen and the outcome of trying is far worse than not, so don’t even start.

Not only that, but these guess-works give permission to certain people (or groups) to deviate the logic for their own profit. That’s the case of recording companies and the fight against copying and borrowing. That’s the case of idea patents and the inherent inability to think. That’s the case of all major wars since the second world war (and probably many more before that).

Guessing on people’s freedom is evil, not even hideous crimes are that evil.

The long dispute with Cisco has finally come to an agreement. For me, that means two things: first, they’re not trolls sucking money from the big corps for stupid patent infringement, as some might fear. Second, they’re very patient, understanding and sometimes a bit too naive.

Why the fear?

When building embedded systems or when you’re too close to the hardware (such as Cisco) you may take a wise decision to use open source software, as it’s quite likely to be stable and taken care by a good bunch of good people. Even though there are several ways of doing it independently, so your software is not virally infected by the GPL, it’s not always possible and you may have to re-invent the wheel because of that.

It’s not only GPL, patents can also cause a whole lot of damage, and it seems that TomTom has decided to go head first with the Linux community.

So, although the fear is understandable, it’s more of a hysteria than based on actual facts. The FSF hasn’t had much to show on court, and that adds up to the uncertainty of the lawyers, but it’s in cases like the Cisco that they show a much higher maturity that most companies have shown recently, even mature companies like Microsoft.

Richard Stallman

The FSF is not only Stallman. Even though he’s the boss, the organization is a large list of people, sponsors, advisers (and now interns). One thing is to fear what RMS will do when he finds you using GPL in your kitchen scale, but a completely different matter is what the FSF (as an organization) does.

The Cisco case has been going for several years. They offered help, they’ve asked politely, they’ve warned about the potential dangers and so on. A lot has been made before they have actually filled the suit, and they’ve settled it nicely. This shows that they’re not just waiting the next infringement to get you down, they actually care about their (and your) freedom.

The day the FSF starts acting stupid is the day people will drive away. It’s not like Microsoft that you have no option, there’s plenty of options out there, software, licences, partners, advisers, programmers, etc. GNU/Linux is not the decent open source operating system, the BSDs are as good, sometimes better, especially in the embedded case.

The year of Linux

Every year since 1995 is the year of Linux. For me it always was, but I can’t say the same for the rest of the world. Recently, Linux (and other open source software) has played an important role in defining the future of mankind and more and more the Linux community feels that it’s their sweat and blood.

There is a great chance it’ll become the platform of all things in a very short time-frame. Cars, mobile phones, PDAs, netbooks, laptops, desktops, servers, clusters, spaceships. One platform to rule them all and in the darkness bind them, but if they play dumb, their glory might never see daylight.

Lots of people disagree with the new revisions of the GPL license, they feel it bites the hand that feeds it. Many companies feed back open source regularly and that kinda broke the synergy. I personally think that it’s excellent for some cases, but not for all. For instance, development tools should not be restricted, especially when it comes to platforms they can’t reach. Opening the platform is an obvious way around it, but not everything can be exposed and they can’t figure out every implementation detail.

Drivers might also have trouble with GPLv3 for the same reason. Again, there are ways around it, the FSF recently opened a backdoor to develop proprietary plug-ins if they’re blessed, but that might not be suitable for every case.

Solution?

Sorry, not today. Stick to FreeBSD if you can’t cope with GPLv3, find a way to co-exist with the GCC exception and provide the source code of what you have to. If it’s not your core business, you could donate your code to the community and make it GPL too and treat your program as enabling technology, of course, providing your code doesn’t expose any patent or trade secret.

So, well, yeah. Each case is a different case, that’s the problem of being in the long tail.

Spam is good for you, at least better than you may think. Spam accounts for three quarters of all emails sent worldwide and some even attached carbon footprint to it (and here one of the reasons why it’s nonsense). But it’s good for you in ways that does not meet the eye very easily and very few people would even consider it as good in the first place.

Not only emails, think on how much regular mail you receive is really worthy and how much is spam, it’ll probably account for three quarters as well. How much of that is really mean, how that really hurts you so bad that you’d put the sender in jail for it?

Sure spam is a nuisance, sure it gets in the way of the real work, but at what cost are we, the society, willing to pay to eradicate such problem? Well, lets take a look on how spam really started…

Local business

You’re a window cleaner and recently moved to Shlobershire in a very quite little village. How would you let people know about your business? You can go on, talking to each one of the local residents but that’s a nuisance, so you print some pamphlets and post through the door of everyone.

Some will read and call you, some will be pissed off but most will just ignore you. You’ll figure out pretty quickly about those that got pissed off (if you live in a small village you know that already), but then you buy them a pint and everything is settled.

What’s the final cost? A few pamphlets, a couple pints and you got two great things: one or two windows to clean and the whole village knowing who you are. This is, by far, the cheapest marketing ever. The rest of us that can’t afford a real marketing campaign have to find ways to promote our business.

With all the fuss about global warming, organic farming and fair competition in business (if there is such thing), we want to promote and use more of local business than big brands. We’re loosing creativity, diversity and quality if we don’t.

ROI

Just like the local business, some people can’t afford big marketing campaigns. Either because they’re poor or because their business is not so legal in every country.

So, why people still send those stupid ill edited loosely formatted emails, even when it’s obvious what they want? Who wants pills, fake degrees or enlarge their penises? Well, apparently some do and the do reply and may well get what they want!

The return of investment is much, much better than most marketing campaigns. Take Microsoft’s campaign with Jerry Seinfield or the “I’m a PC” thing? It was the most expensive piece of crap ever done. Seriously, I prefer spam than that!

The return rate is very low, one reply in millions of email, but if they send billions of emails, go figure.

But that’s clearly bad, isn’t it?

Well, illegal activities are bad, of course. Either on-line of off-line, drug dealing is bad, banking scams are bad, but not all spam is a scam or a drug selling point.

First, people receive so much spam from normal companies (even those that they have explicitly opted-out) including broadband providers, software, telephone and TV etc and etc.

The smaller companies are still sending physical spam and it’s probably working much better than the electronic spam, but that’s the deal: it works and it’s cheap.

Second, what’s really illegal? Downloading a music you haven’t paid for is illegal? What if you will pay later? What if the author allowed you to? Ripping your CDs to MP3 to listen in your car is illegal? You have paid for it already!

Google has become target of many accusations of illegal behaviour because they host a number of websites, videos, personal profiles on social networks. If people started to massively upload child pornography to YouTube, would the Google guys be in jail? I bet my little finger they wouldn’t.

RIAA kills a kitten every time you download (or rip) a CD while governments detain people for years on maximum security prisons without a single charge, what’s really legal?

Pirate Bay scam

I still don’t believe it happened, even though it was on all major journals for a week, but the Pirate Bay guy actually got a jail sentence for owning a website that allowed people to share files. They’re not criminals, they’re not killing people or (more importantly) getting in the way of the course of business (after all, money is more important than peoples lives nowadays). They just set up a list of things.

File sharing is one of the biggest revolutions of the recent internet and more and more people are asking the industry to finally adopt the technique rather than fight it. Whether they like it or not, it will prevail.

What is worse, a few old ladies downloading very old music (unavailable from any shop in the world) or the fear that the recording industry poses on most governments today that allowed such a scam to ever being turn into reality?

One mistake does not justify the other, but many (sane) people are already saying: Stop fighting reality, come back to it, be part of it.

You can’t fight them, help them!

I can’t imagine a world where we wait people to deliver a pamphlet to hand-cuff them, or where someone is jailed for listening music in his player’s speakers. Unfortunately, we’re not that far from it.

Why spam works? Because there isn’t any other way for those people. Yellow pages? Who reads them? Journal advertisement? Banners? People got used to them and can ad-block automatically. Our brains are trained to ignore them, it’s just not effective any more.

Some companies say they can provide a much better ad experience for the users by spying their lives closer than their lovers. I would object that approach…

There are many (free) systems for local business, but none of them seem to cut it. Maybe because people are always trying to get money in return (weird world, isn’t it?) and end up putting paid ads bigger, colourful and in the front page, and let the real local business somewhere between marriages and obituary.

I have no idea how a system would get rid of spam once and for all and it’s not my cup of tea to think about it, but I’m sure there are many people that could tackle this problem, they just need a bit of money (from the government) and time. It’s not a matter of filtering emails, it’s a matter of removing the need to send them in the first place!

If governments are really worried about spam, let them be creative and help freedom, privacy and good relationships rather than the totalitarianism we’re seeing around the world.

A new world is rising, new machines are taking life much faster than most governments would like and the digital hand-cuffs are showing that none of them understand a bit of what’s going on. All blinds, living in their caves watching the shadows on the wall. Whoever cry wolf is right for no one knows what wolf really is and where is it. Technology is like children, the more oppressed they are, the more you loose control over them.

Einstein didn’t go to the US because he liked the land of freedom, he moved because he hoped (in vain) that they would know how to use wisely the technology he knew how to build. He knew that others would be able to build it and it was just a matter of time before any bomb was actually available. Holding it back was not the answer and he knew it.

I just hope people figure it out sooner rather than later, or 1984 will seem like a pretty boring fairy tale for our children…

Would you give away your genome to research? It’s a bit tricky to define what kind of research and who will have access to it to do what…

I would kindly give mine, if it was licensed GPLv3.

Hydrogenated, unsaturated fat and cholesterol are long enemies of the public, but recently a new type of fat has been added: FAT.

Microsoft has filed a patent suit against TomTom about its FAT implementation on their Linux satnavs. This is a bit of a long story and Microsoft is not tired yet. Probably because of the recent losses with patents, they’re trying to get some profit for themselves.

Luckily, there is hope. The guys at End Software Patents can see some light at the end of the tunnel. Looks like the Bilski case can give precedence for rejecting the lawsuit of that (and many other stupid patents they’re claiming) based on the tangibility of mathematical algorithms (software) when they’re not particularly tied to any concrete implementation (hardware).

This was how it was done before in the US until the first case passed through that wasn’t attached to any particular hardware and then with the final revision in 1998 that they could patent even cake recipes.

Why not ditch it for good?

So, FAT is rubbish, 30 years old and close to zero evolution since then, why keep it? It’s true that there are many other filesystems around, much faster, safer, optimized and well designed, but FAT still has its market: on embedded devices. Because it’s simple and stupid, it’s quite easy to support it on very small machines with reduced RAM and CPU power. It’s also light-weight and fits well for small flash cards and USB storage. But the biggest reason to keep it is another: Microsoft supports it since its birth.

Would you buy an SD card that needs to install a driver to make it work? What’d be the point?

Yet again, because of the market domination (and not technical merits), Microsoft forced rubbish down everyone’s throats live for longer that it was expected. And now, they’re trying to get the profits by suing everyone that followed them for decades. What a nice way to say thank you!

Speaking of which, not only they’re happy by suing companies by using Linux (TomTom in this case and many others during the FAT fight), they’re also asking for the open-source community’s help to make Visual Studio 2010 a better product, isn’t that nice? How lovely is the American way of life, I guess the world will never be able to thank them enough.

Ars Technica has a fantastic article on software patents in US, and how the process is slowly reversing to what it should be (and was) since the beginning.

They describe all the history, important cases, different points of view and how the whole thing was going nuts in this century. The system was due to fail since the big companies started paying billions for patent trolls, but it took a bit too long to actually start reversing…

Would that be Obama’s aura? Or does both events mean that the US people finally started to think on their own? Whatever that is, it’s in the right direction, I think.

While closed source development has its niche (and a very important one), it does feel a bit weird.

I’m now working on low-level development (debuggers) at ARM, one of the things I like most but also a rare thing to find good quality open source development (with the exception of the gnu tools, of course). Of course there is a portion of your work that goes back to the community (via open standards, limited support for the open tools) but it’s not easy to find a job to write code exclusively to the gdb or gcc.

What I’m finding weirder is the fact that the documentation you need is seldom on the Internet (Google or usenet). The good side is that the guys that created the standards and tools are at your doorstep, so it’s quite easy to get hold of them in case you need something off the charts. But that’s normally true with open source as well.

The other weird thing is knowing what you can tell and what you can’t. I have no idea of what part of my current project is public so I just don’t talk about anything of it. But I think that’s just a matter of getting used to, just like I did before. Besides, albeit at EBI I could even show my (or anybody else’s) source code, I don’t think that anybody ever cared that much.

At last, licences. It’s so easy when you develop GPL or LGPL (or similar). Just write whatever you want, use whatever library you need and put a GPL3 tag on your code. That’s it. Simple as that. Now I have to think what would be the impact of that library on the license of what I write, and that’s something I didn’t want to care…

Also, if a document is GPL-ed, you have to GPL it too. If it’s version 3, everything you write (including company’s previous ideas) become GPLv3 as well. That’s a big nuisance. I do understand GPLv3 for code, even apply that to my own source code, but it does annoy a lot when applied to documents.

Although weird for some reasons, it’s not bad at all. I have many more reasons to love my new job. Excellent team, great environment and an impressive code quality, which for me, is a must.

BBC link, It almost made me cry. At least, now, bands and writers can start making money out of their work…

Well, with Vista finally worthless and DRM abandoned for good, I can focus my attentions on things I like best: promoting open source software, low-level development and helping Camfed.

« Previous entries