Don’t be the One

Cos I don’t wanna be the one
Only overjoyed
Yeah, I don’t wanna be the one
Making all the noise
Yeah, I don’t wanna be the one
From Be The One by The Ting Tings

In the last post the topic of  safe web browsing was discussed as an attempt to update earlier advice from circa 2008. So that should keep you safe on the internet. Right? Sorry. Unfortunately, browsing the web is only half the story. The other, and arguably more dangerous half, is the part where you are automatically directed to web sites by emails, SMS texts, QR codes and nowadays NFC tags. Most of the time these automated links are desirable and very convenient like when you want to find out about a new product or go directly to your bank site to check on your accounts. But what happens when the originator of these convenience links is a malicious impostor? In other words the email, SMS, QR code or NFC tag is a phishing attack. This can be especially serious when the phisher is pretending to be your bank. Because the payoff is potentially large, these fake requests from your bank can look pretty convincing. This post from Rob Waugh at the WeLiveSecurity blog puts it this way.

Technologies change, but cybercriminals will always dream up new ways to fool you into handing over your bank details – whether via phishing emails, SMS or by phone.

These days cybercriminals will use phone calls, SMS messages, emails – and even couriers – in an effort to get your money.  Many of these attacks can seem very convincing – at least at first.

To mash up P.T. Barnum, who is often credited with saying “There’s a sucker born every minute” and The Matrix, “You are the One, Neo“, [just go with me here] how do you avoid being the One? The key is to recognize stuff your bank will never do. Again from the WeLiveSecurity post:

The key to staying safe is to recognize behavior that isn’t quite “right”. Here are ten things a bank will never do – but a fraudster, phisher, or thief will.

Text you asking for details to “confirm” it’s you

Your bank may well text you – for instance to confirm a transaction on PC – but bank texts will not, ever, ask you to confirm details, or for passwords in a text. Banks also won’t update their apps in this way. If you’re suspicous, don’t click links, don’t call any numbers in the text. Instead, call your bank on its “normal” number.

Give you a deadline of 24 hours before your bank account erases itself

Many legitimate messages from your bank will be marked “urgent” – particularly those related to suspected fraud – but any message with a deadline should be treated with extreme suspicion. Cybercriminals have to work fast – their websites may be flagged, blocked or closed down rapidly – and need you to click without thinking. Banks just want you to get in touch – they won’t usually set a deadline.

Send you a link with a “new version” of your banking app

Your bank will not distribute apps in this way – instead, download from official app stores, and ensure yours is up to date.

Use shortened URLs in an email

Cybercriminals use a variety of tricks to make a malicious web page appear more “real” in an email that’s supposedly from your bank – one of the most basic is URL-shortening services.

Send a courier to pick up your “faulty” bank card

The courier scam is a new one – your phone rings, it’s your bank, and they need to replace a faulty bank card. One of the new services they offer is courier replacement – and the bank tells you that a courier will arrive shortly to collect the faulty card.  A courier turns up, asks for your PIN as “confirmation” – and your money magically vanishes.

Call your landline and “prove” it’s the bank by asking you to call back

A common new scam is a phone call from either “the police” or “your bank”, saying that fraudulent transactions have been detected on your card. The criminals will then “prove” their identity by “hanging up” and asking you to dial the real bank number – but they’ve actually just played a dial tone, and when you dial in, you’re talking to the same gang, who will then ask for credit card details and passwords.

Email you at a new address without warning

If your bank suddenly contacts you on your work address or any other address than the one they usually use, this is [not right]. Banks will not add new email addresses [for you on their own].

Use an unsecured web page

If you’re on a “real” online banking page, it should display a symbol in your browser’s address bar to show it’s secure, such as a locked padlock or unbroken key symbol. If that symbol’s missing, be very, very wary.

Address you as “Dear customer” or dear “youremail@gmail.com”

Banks will usually address you with your name and title – ie Mr Smith, and often add another layer of security such as quoting the last four digits of your account number, to reassure you it’s a real email, and not phish. Any emails addressed to “Dear customer” or “Dear [email address]” are instantly suspicious – often automated spam sent out in vast quantities to snare the unwary.

Send  a personal message with a blank address field

If you receive a personal message from your bank, it should be addressed to you – not just in the message, but in the email header. Check that it’s addressed to your email address – if it’s blank, or addressed to “Customer List” or similar, be suspicious.

Email you asking for your mother’s maiden name

When banks get in touch – for instance in a case of suspected fraud – they may ask for a password, or a secret number. What they won’t do is ask for a whole lot more information “to be on the safe side”. If you see a form asking for a large amount of information, close the link and phone your bank.

Remember this, grasshopper: your bank already has your money so they aren’t that interested in spending any of theirs on unexpected communication with you – particularly something like courier services. The bad guys, on the other hand want your money and are willing to invest a little and try phishing thousands or millions of potential suckers hoping to find the One big payday. Your mission, should you decide to accept it, is to not be the One.

Note to self: Ease up on old TV and get out more.

Safe web browsing in 2013

2013

Back in 2008 and 2009 I did a series of posts about how real people (like your mom) could navigate the dangerous and unforgiving realm of the internet more or less safely. In this entry entitled Security ideas for your mom part 2 web threats were discussed. Circa 2008.

Web surfing risks include cyberfraud, downloaded malware, malformed images, malicious active content, leakage of personally identifiable information (e.g. some web sites will collect personal information from you in exchange for some goodie – and then sell it to spammers or phishers) and privacy invasion (e.g. tracking your surfing habits). It should be noted that your web surfing habits have a dramatic impact on the risk you incur. Specifically if you intend to visit adult (porn) or warez (pirated software) sites your risk is increased exponentially. Whereas reputable sites like legitimate shopping sites or wikipedia are relatively low risk, a trip to the typical warez site can almost guarantee several of the above threats being real and present. So the moral of this story is don’t even think about stealing software or surfing for porn unless you really know what you are doing and take extreme measures well beyond the scope of what I’m going to tell you about in these posts.

And in this post entitled Security ideas for your mom revisited some possible actions mom could take were discussed. Again circa 2008.

Use different web browsers for different purposes. Use Internet Explorer for your banking and financial sites, and no other sites. Use Firefox, Opera, Safari, Chrome or even another copy of IE for your social networking and casual surfing. I recommend IE for banking and insurance sites because they tend to work best (or only) with IE. Social sites, on the other hand tend to favor Mozilla (Firefox) or Webkit (Safari and Chrome) browsers. Sharing bookmarks is not hard and if you really want to share between multiple social browsers, get a del.icio.us account.
If you download software get a disposable virtual environment. Downloading anything from the web and installing it on your PC is risky business, even if it is from a reputable site, but it can be catastrophic if your tastes run to the wild side. A fair portion of it is infected with malware, malicious or just plain bad. What you need is a virtual environment where you can download this stuff, install it and try it out before you commit it to your real environment. This can be done a number of ways. Virtualization software like VMware and Parallels allow you to create virtual machines that are exactly that. If you trash one, you just delete it and move on. The downside, as you can well imagine, is that virtualization software requires a lot of resources (i.e. a very powerful computer) and it’s not trivial. There is another kind of software that you can use to accomplish this: sandbox software. Basically a sandbox sets aside a place on your computer where programs can play nicely, isolated from everything else. Using this kind of software, you can run any program “sandboxed”. Then if it blows up, or simply tuns out not to be what you wanted, you just clean out the sandbox. If you do happen to decide that you want to keep your changes for real, you can recover everything to your computer.

And in this post entitled Safe web browsing the series wrapped up with specific thoughts on how a real person could implement the dandy ideas discussed in the earlier posts, this circa 2009.

Use an application that brings up one and only one web site in a browser window. If you think that’s too complicated, you can achieve the same thing by simply designating one browser for use in only specific situations. For example, use Internet Explorer for doing your online banking and use Firefox for checking Facebook. The important point is that you stick to this religiously, i.e. never, ever use your online banking browser for anything else. Period.
My wife just got a new iMac when her PC bit the dust. I figured that the easiest way to transfer her data from the old PC to her new mac, especially since the laptop was toast, was to convert a current disk image from her PC into a virtual machine. She got VMWare Fusion for her iMac and was able to run the VM version of her old PC right on her iMac. During this process she discovered that some of the sites she uses, particularly government sites, just don’t work correctly under Safari, but they work just peachy under Internet Explorer. There was some fairly complicated steps involved in setting up VMware and converting her physical PC to a virtual machine, but now that it’s done she uses it all the time.

What a difference 5 years makes! Let’s take the highlighted points in order, shall we? Yes we shall. Incidentally, in case you were thinking that the snarky style of this blog had improved in 5 years, you were wrong. I’m just saying.

• Web sites will collect personal information from you and track your surfing habits, then sell it to spammers or phishers.

While this is still true, it is now pervasive on the internet. In fact, this is the primary source of funding for social networks and search engines. But I repeat myself since there are no pure “search engines” and pretty much everything has social network components – right Google? What has changed is that spammers and phishers are no longer the primary customers of this rich privacy violative [that’s Customs and Border Protection (CBP) lingo, not a real word] harvest. Nowadays it’s the NSA and law enforcement agencies who are buying and using it, not to merely annoy us but to nominally protect us from terrorists. I suspect it really has a lot more to do with fishing expeditions being way easier than actual spy craft and investigation, not to mention legal (sort of) since the Patriot Act.

• Don’t even think about stealing software or surfing for porn unless you really know what you are doing.

While this is still true, the far greater threats these days come from legitimate sites that are not technically savvy enough to protect themselves from being hijacked. Sadly the poster children sites for this are charitable and church web sites, who typically get their web technical expertise from volunteers. Whereas porn sites are businesses who can’t remain viable if they allow someone else to siphon off the juice. Who would have imagined that in 2013 you would be safer going to “HardcoreSluts.com” than “HolyChristianChurch.com” [Not real web sites, I made up those names. No, seriously.]

• Use different web browsers for different, specific purposes. Banking and insurance sites tend to work best (or only) with IE. Social sites tend to favor Mozilla (Firefox) or Webkit (Safari and Chrome) browsers.

While this is still in theory a great idea the problem is that most folks do their web surfing from mobile devices these days and as a result any site that wants traffic goes mobile or goes away. There  are a plethora of browser choices for most mobile platforms – excluding Windows Phone which still limits you to IE [actually nobody has stepped up with a decent port of anything else yet] – but it’s a serious pain in the buttocks to use multiple browsers on a smart phone, not to mention that the one that ships with it, crapware and all, is usually the best choice anyway. Except Android devices where no one in their right mind would use the standard Android browser. Also the browser landscape has changed rather dramatically in the last 5 years. Internet Explorer (IE) has been steadily declining even while it has improved dramatically with respect to security. Chrome has boomed due to it’s ease of use and real portability. Chrome is everywhere (except Windows Phone). Like lint. Unfortunately, out of the box, or rather out of the install download, it seems purpose built to transmit as much PII surreptitiously to Google as possible. And good ole Firefox, keeps plugging along and seems generally more interested in security and privacy than the others. Unfortunately their usability often suffers as a result. But you forgot Safari, you’re thinking. No, actually Apple did that. Safari is only relevant on OS/X and iOS devices and then only marginally. Bottom line is that if you want a browser you can use on your mobile device(s) and your desktop and have all of them play nice together you have 2 choices:

1. Chrome running everywhere.
2. Windows 8 on your desktop, Win 8 RT on your tablet and Win 8 Phone on your smartphone.

And no, I didn’t forget Mac and iOS devices running Safari because Safari doesn’t play nice anywhere. Sorry Apple fanbois, face the facts.
But the real change here was that this idea morphed into the browser as operating system. In other words, low cost, low power portable PCs (ChromeBooks) running an OS that boots directly to a browser (ChromeOS). Pretty slick idea if everything you do is online. And the cost is less than a decent tablet. From a security point of view, you still have all of the issues you have with any portable device, but in this case if it gets hammered by malware just reformat and start over. Or throw it away and buy a new one.

• Get a del.icio.us account.

R.I.P del.icio.us. Nuff said.

• A fair portion of download-able software is infected with malware, malicious or just plain bad.

This has reached critical proportions for the mobile “app stores”. The myth of the malware-invincible platform died with the “I’m a mac, I’m a PC” ads. With the totally closed and curated app and content stores, iTunes and Windows, this is still mostly true – only a “fair portion” of the content is malicious. The used-to-be totally-free-and-open store, Google Play, on the other hand has the “vast majority” of it’s content being malicious or utterly useless crapware. It’s getting better but in the realm of malware infected platforms Android is king.

• Virtualization software requires a lot of resources (i.e. a very powerful computer) and it’s not trivial.

This has improved dramatically. For businesses and technical users almost everything is virtualised. My personal system is a hypervisor platform where I run whatever I need in VMs. Many businesses are doing that with hypervisor platforms from Microsoft, Citrix and VMware. But what about mom? Surely she could never use virtualization. She not only can, she does. Every time she points her smart phone or tablet at a web app. Running in the cloud. On a virtual server. Virtualization didn’t go mainstream, it went to the cloud. Some would argue that it is “the cloud”. Oh – and have you looked at Parallels for Mac lately? Yeah, mom could use that easily. If she needed to. You certainly could, too.

• A sandbox sets aside a place on your computer where programs can play nicely, isolated from everything else.

Sandboxing has well and truly gone mainstream. It’s now built in to any decent browser – even some of the mobile browsers. Back in 2009 I suggested Sandboxie which was pretty much the only game in town. It is still a decent option, but like always it demands a greater knowledge of its underlying mechanisms than is practical for mom. What mom needs is an automatic sandbox where all of the details are managed in the background. Turns out that just such a system exists. The Comodo Internet Security Suite, a free set of packages from Comodo (no I don’t work for them or get spiffed in any way by them) has, among other features, “Auto Sandbox Technology”. Coupled with another feature called “Kiosk mode” it essentially turns your Windows PC into a sandboxed ChromeBook by way of Comodo Dragon (Comodo’s branded and hardened version of Chrome). I run this package in my “dangerous” Windows VM that I use explicitly for researching those really nasty corners of the interwebs. Besides who could resist browsers with names like Comodo Dragon and Ice Dragon (their Firefox variant).

So, indeed, what difference 5 years makes. Internet security and privacy tools, circa 2013, have improved both in technology and usability. But then so have the threats. I suspect that the biggest difference is that the greatest threats to privacy are coming from groups whose nominal purpose is to protect our rights, including privacy. That and the fact that we’ve been conditioned by Facebook and Google to believe that privacy doesn’t matter and freely gave it up long ago. But that’s a post all by itself.

Security For All is three years old!

Happy Birthday, now your one year older.
Happy Birthday, your life still isn’t over.
Happy Birthday, you did not accomplish much.
But you didn’t die this year i guess that’s good enough.
From Funny Happy Birthday Song by Adam Sandler

Hard to believe that last month marked the third anniversary of Security For All. Actually the really hard thing to believe is that I actually found time to do this post. Whining aside, this last year has been a corker for everybody. A whole bunch of wild, wacky, wonderful, wasteful, woeful and wicked things happened during the last 13 months. I ‘ll leave it as an exercise to the reader to assign the appropriate W-word to the items in the following list. In no particular order:

• Steve Jobs, co-founder, chairman and former CEO of Apple passed away on October 5th, 2011 after a long struggle with pancreatic cancer. He was just 56 years old. It’s hard to imagine anyone who had a greater impact on technology and society. He will be sorely missed.
• Britain’s Prince William announced his intention to marry long-term girlfriend Kate Middleton on November 16, 2010 , and subsequently followed through on that threat on April 29, 2011 where it was described thusly by USA Today: More than a billion eyes were on Kate Middleton as she stepped out of the queen’s 1977 Rolls-Royce Phantom VI in front of London’s Westminster Abbey on Friday wearing a wedding dress of fairy-tale princess-esque proportions — a dress that will be immortalized in fashion history. There were at least as many spammers and phishers rejoicing over the joyous event.
• Nasa discovered a new lifeform, a bacteria they christened the GFAJ-1 strain, that apparently substituted arsenic for phosphorus, sparking all sorts of extra-terrestrial bacterial visitation speculation. Would have been game-changing if only it had been accurate. Oh well another study for the The Journal of Irreproducible Results.
• The United States Senate voted to repeal the U.S. military’s ‘Don’t Ask, Don’t Tell’ policy of officially sanctioned homophobia. While the law has been in effect for several months now apparently a number of right wing politicians and military cheeses haven’t gotten the memo. Or maybe they just can’t figure out how to use the Reality distortion field that worked out so well for President Bill Clinton and Apple CEO Steve Jobs. The more plausible possibility is that they can’t find anyone on their staff able to read something as complex as a memo.
• U.S. Rep. Gabrielle Giffords was shot in the head by a lone wack-job after being included on Sarah Palin’s ‘Hit List’. But the craziness didn’t stop there. Sales of semiautomatic Glock pistols like that used in the shooting spiked in Arizona and across the nation in the days following the attack. Fortunately Ms. Giffords was able to overcome the staggering odds and appeared in person at her husband, Astronaut Mark Kelly’s retirement from the Navy. Not sure what the moral of this story is but I’m a little reluctant to hang out anywhere near people who disagree with Ms. Palin.
• The now aptly monikered Arab Spring began in January of 2011 with the president of Tunisia being driven from power by violent protests over soaring unemployment and corruption. In the following months Egypt and Libya have seen regime changes with  Bahrain, Syria, and Yemen also seeing civil uprisings. If Desert Storm (U.S. vs. Iraq episode 1) was the first made-for-TV conflict, Arab Spring must certainly count as the first made-for-social-media revolution. Whoever said “The Revolution will not be tweeted” was dead wrong [apologies to Gil Scott-Heron, who also died in 2011, and is maliciously mis-quoted here]. It’s also been argued, debated [no – scratch that – since real debate requires some level of basic knowledge and understanding of the topic which is simply not available in this case] and pontificated on, via traditional and the newly enfrancised social media. Speaking at the e-G8 Internet Forum in Paris, Facebook CEO Mark Zuckerberg downplayed Facebook’s role in places like Cairo, Homs and  Tunis, saying “It’s not a Facebook thing, it’s an Internet thing,” when asked about his site’s influence on the Middle East’s popular uprisings. “There’s no value to Facebook in invading the privacy of folks in those places.” [I made that last quote up – but I’m sure that’s what he meant to say].
• A tsunami rammed the coast of Japan following a powerful 9.0-magnitude earthquake causing widespread devastation and essentially shutting down some of Japan’s largest manufacturers including Honda and Toyota. But by far the greatest damage that resulted from this disaster was the meltdown of the Fukushima Dai-ichi nuclear power station in northeast Japan. This part of the tale just kept getting worse each day as the Japanese government and Tokyo Electric Power Co (TEPCO) kept trying to reassure the public and the world that things were under control. Some would argue that it’s still not entirely under control as there have been elevated levels of radiation detected in the Pacific waters as far away as the west coast of the U.S. So now a tsunami caused by a monster earthquake has turned into the worst nuclear crisis since Chernobyl in 1986, costing TEPCO 1.1 trillion yen. So far.
• Osama bin Laden, the mastermind of the 911 attack, was killed in a firefight with [actually he was terminated with extreme prejudice by] United States forces in Pakistan. Turns out he’d been living in relative comfort in Abbottabad. Right under the noses of our Pakistani “allies”. Pakistani officials were “Shocked, Shocked! To find Osama bin Laden living in Pakistan”. [OK, I made that last quote up too].
• On May 22, 2011 a massive EF5 rated tornado tore through Joplin, Missouri, killing over 120 people, carving a mile-wide path of destruction through the city and leaving fully a third of the population homeless. Somehow the people of Joplin, with the help of many other Americans, managed to rebuild enough of the devastated city to open all schools on time for the fall semester. It’s stuff like this that keeps my scant faith in my fellow citizens alive.
• Former Illinois Gov. Rod Blagojevich was found guilty on 17 out of 20 federal corruption charges — including all charges tied to allegations that the Chicago Democrat tried to trade an appointment to fill the U.S. Senate seat vacated by President Barack Obama. Guilty! Thank You, That is all. [Apologies to Mr. Toad’s Wild Ride]
• In a frenzy not seen since the televised O.J. Simpson trial, Court TV became the latest reality-TV-cum-spectator-sport. Complete with announcers and color commentators like Nancy Grace. First we had the trial of Casey Anthony, who allegedly murdered her daughter Kaylee, which got better ratings than any Soap Opera and triggered widespread protests when she was acquitted (much to the chagrin of the aforementioned Ms. Grace) and pitted Floridians against each other, some restaurants even refusing to serve jury members. Those jury members later whined that had they been allowed to listen to Nancy they would surely have reached the right decision. Then we had Warren Jeffs, a particularly egregious polygamist, child pornographer, prophet of doom and leader of strange religious cult centered, apparently, around him getting it on with very young girls being tried for that lifestyle choice. This trial was so salacious that even I was taken aback when Dr. Drew Pinsky insisted that it was the right, yea even the duty of the court TV “journalists” to show the videos of the nasty Rev. Jeffs deflowering his youngest “brides”, video apparently being a sacrament in this cult. I’m guessing that the CNN lawyers were offering up their own prayers that the FCC would ignore Dr. Drew’s apparent journalistic fervor and not go after them for child porn. And finally we have the ongoing show trial of Dr. Conrad Murray who allegedly administered the fatal dose of propofol that killed Michael Jackson. This trial is hardly worth the nightly hystrionics of Dr. Drew and Nancy Grace (tag teaming this one) since the worst that can happen to Dr. Murray (other that the fact that the king of pop died before he could get paid) is that he can get probation. He’s already lost his medical license not to mention his credibility with anyone other than celebrities with nasty prescription drug habits. If you don’t think Mark Mothersbaugh was right about ‘de-evolution‘ you should tune in some time.
• Then we had the ‘Spectaular Summer Debt Ceiling Crisis’ starring the U.S. Congress with special guest stars Pres. Barack Obama and Timothy Geitner. This long running polical theater farce, based on the hit ‘Nero Fiddling’ had them rolling in both aisles to the disgust of viewers all over the world. This amazing display of gridlock and political brinksmanship resulted in Standard & Poor’s downgrading the creditworthiness of the U.S. government to AA+ from AAA. What a show.
• In tech and business, Google acquired Motorola Motility, AT&T attempted to acquire T-Mobile but was slapped down by the DOJ. HP released the TouchPad, announced it’s killing the product line, sold the few they had built at a fire sale which was so popular they ramped up for another TouchPad fire sale. WTF? Apparently the notoriously quick on the fire-the-CEO trigger HP board had the same reaction and dumped Leo Apotheker for Meg Whitman of (GOP and E-Bay fame). But not before the stock did a swan dive.
• The Sony Playstation Network (PSN) was well and truly pwned. Fingers were pointed everywhere but in the end it was just good old bad engineering and security hubris that proved their undoing. That and trying to piss off PS3 modders.
• Then there was Anonymous whose DDoS-in-the-name-of-protest efforts were alternately lionized and villified in the media and political circus and managed to annoy pretty much everybody at sometime or another. They didn’t like Sony either and were early scapegoats in the ongoing Sony CYA efforts. Their 15 minutes is waning fast, but those Guy Fawkes masks are totally bitchun.
• Security Bloggers were busy little beavers with Dr. Anton Chuvakin taking a new job at Gartner, Martin McKeay and Josh Corman taking jobs at Akamai,  Ben Tomhave taking a job at LockPath, Jack Daniel moving into a new gig at Tenable after they acquired Astaro and Kai Roer and Mourad Ben Lakhoua editing a great book with articles by Dr. Anton Chuvakin, Margaretha Eriksson, Alistar Forbes, Brian Honan, Alex Hutton, Javvad Malik, Wendy Nather, Rob Newby, Kevin Riggins, Eric Schwab and  Lori Mac Vittie – The Cloud Security Rules: Technology is your friend. And enemy. A book about ruling the cloud.
• Finally Captain X-Ploit went completely off the rails with two spectacular holiday specials. The Halloween Special consisting of four posts: The Devil Walks Among Trustonians, Movies Can be Fun, Nightmare on Dream Street and  28 Stores Later which spoofed the classic horror films Halloween, The Ring, Nightmare on Elm Street and Dawn of the Dead respectively. The good Captain faced crazed mass murderers, lethally cursed movies, dream demons and spam distributing zombies and prevailed with great and hilarious feats of hacking. The Amazing Cross Dimensional Christmas Special was a heartwarming mashup of Fox’s “Fringe”, Dr. Suess’s “How the Grinch Stole Christmas” and Tim Burton’s “Nightmare Before Christmas” where David and President Ted save Christmas. Sort of.

So stay tuned. Maybe we’ll be a bit more concientious about blogging at Security For All. Or not. But it will probably be pretty funny and borderline informational.

Oh and be sure to actually go to the Security For All blog site and check out our annual swell theme change.

Captain X-Ploit: Maxwell D. Higgens

The Adventures of Captain X-Ploit:
A life without love is a life wasted… or whatever. ~ Maxwell D. Higgens
– Special Edition –

This is a story about Maxwell, it begins in the lab of an alien ship floating somewhere in the Betelgeuse system.

Stan cast his eyes around the lab looking for someone to exclaim in amazement to. He had done it! Finally and definitely done it. In the DNA of one human baby named David Nicholas Stone he had found what he had suspected all along. What he had found was in fact, a gene that actualized only favorable outcomes for its owner.

It had been speculated that such a gene existed ever since Blungo of the Solaris Nebula placed a million cat-like creatures in a million boxes that released poison randomly and found after 20 trials that only one cat remained. Having based his trial more on a hatred of the cat like creatures rather than an actual belief it would yield more information than was already known. In anger at his failing Blungo promptly threw the creature out the window where it fell 400 feet landing on all fours comfortable on a mattress that by incredible odds was being delivered to the building that day. Blungo then spent the rest of his life following the cat-like creature. That is to say, Blungo followed that cat until Blungo died… the cat still lives on due to randomly gaining immortality by being struck with lightning while lapping up some particularly tasty cream in a field of warm pillows that smell of tuna.

Stan, desperate to prove to the world he had indeed found the gene proceeded to clone David and activate this gene as hastily as possible, cutting out any dominant traits that even looked like they could limit or cause the “Luck Gene” to not display properly. 9 months later the baby was placed on earth to be examined by a universe full of excited scientists. He was left in the care of an extremely lucky couple who had wanted a baby since the first time they had won the lottery but had never managed to conceive.

It was a perfect summer night when Mrs. Higgens found a baby had been left in front of their mansion with a note reading “The fate of the universe does not lie in his hands, but he’s pretty cute. He represents hundreds of years of work and I’ll miss him. So take care of him. Or I’ll disintegrate you.” The Higgens couple just assumed it was a joke and the child was left by some teenage girl not ready to raise him. This mattered little to them, however, because their final dream had come true. They had a son.

Maxwell grew up different from most of the children. Statistics didn’t seem to apply to him, his brilliant blond hair and stunning blue eyes, the fact he had never been sick a day in his life, the mind boggling circumstance that whenever presented with an exam he circled at random and received 100%’s.

His life was magical and beyond perfection. He was everything everyone wanted to be, stunningly handsome, unfathomably lucky and inconceivably wealthy. His luck gave him everything, save for one part of his being, his intelligence.  It became blindingly obvious as Maxwell grew that in addition to being unbelievably lucky he was also profoundly stupid.

At the tender age of 18 Maxwell found himself in California after leaving his house in hopes of finding the one thing his luck had never given him, a girl he could love. His quest began shortly after the 37^th girl, an international super model in this case, that pledged her undying soul in devotion to him. After hearing how she said he made her feel he knew he must find a girl who could make him feel that way. He began his search in his usual way, by wandering around aimlessly for several hours.

After finding himself in California, roughly 1000 miles from where he started, he figured he’d better buy a house and some food. A few charges to his credit card later he found himself living in Beverly hills with a piece of pizza in his hands.

Several years and 462 girls professing their love on the first date later, he found himself to be one of the world’s most esteemed and famous actors, having won countless awards after accidentally wandering onto the live set of a movie and as he put it ‘just going with it’. But countless awards, unheard of amount of money, and innumerable numbers of nights with super models seemed to bring him no closer to his quest.  The universe couldn’t deny him his dream endlessly, however. One day an alien walked into his bed room with news that would bring him one step closer to his true dream.

“Did Ryan send you to show the girls out?” Maxwell asked from his bed which happened to contain and indeed be surrounded by 8 of the most beautiful human females the alien had ever seen. The alien, who was about 9-feet tall, grey, with an odd shaped head and pitch black eyes, was momentarily confused by the question.

“No, I’m here to collect the David clone. You were supposed to be in Trustonia months ago!” the alien replied.

“Really? Is that what all that mail I kept getting that said ‘fate of the universe’ and crap like that, was all about?” Maxwell asked simply.

“Did you not think it odd that your butlers keep moving to Trustonia to prepare your house?” the alien asked in amazement at Maxwell’s stupidity.

“That’s what they were doing? I thought they were moving there to look for more girls to bring me,” Maxwell replied.

“Look, just come with me, I’ve paused time and I need to introduce you to the other,” the alien explained.

Several (what would have been, if time was not paused) hours later in Trustonia:

“Greetings Miss Boulder, I bring with me…” the alien was in the middle of saying when the gorgeous man interrupted hastily “Wow! A world full of people who don’t move! Oh, I know, we must be in Canada! Yes that’s got to be it.” The alien looked pained by the handsome man’s obvious stupidity as he finished his thought “Maxwell Damian Higgens, perhaps the stupidest life form in existence.”

Sara’s jaw dropped in amazement. A more perfect face she could not dream of. Her soul all but wept for wanting of the visage that danced in front of her believing eyes. At that point she knew two things. One, she would pledge her every breath to him and two she would have him.

Note from the author:

Well at long last I finally offer you the back story of Maxwell Higgens. I feel this release has to come with an apology for its lateness. Believe it or not I actually wrote three different introductions for Maxwell.  But each of the others didn’t quite capture what I wanted Maxwell to be. I will make no more promises on release dates since work, school, friends and life keep getting in the way of my weekly goal of writing Captain X-ploit. I will state however, if you wish to get updates on what’s going on in the world of Trustonia, hop on over to Facebook and fan this series. I will post updates there.

http://www.facebook.com/pages/David-Nicholas-Stone/115707671857486?sk=wall

Common sense advice for parents of networked kids

Just lately I’ve discovered Common Sense Media and am quite impressed with their tools and advice for parents that are soundly based on, well, common sense. Anyone who has read earlier posts on this blog like this one or this one knows that I’m really big on the idea that security begins with don’t be an idiot. So I was quite pleased when Common Sense had this featured article by Liz Perle in the Common Sense Newsletter entitled Rules of the Road for Parents in a Digital Age. She had me at the first line: “Even if you’re clueless, you’re still your kid’s teacher“.

Common Sense Rules of the Road for Parents

1. Model good behavior. If we’re on our Blackberries or iPhones at dinner, why will our kids listen to us when we tell them to turn theirs off?
2. Pay attention. We have to know where our kids are going online – and what they’re doing there.
3. Impart our values. Cheating, lying, being cruel – they’re all non-starters. Right and wrong extends to online and mobile life.
4. Establish limits. Phone time, video download time, destinations. There’s really a right time and place for everything.
5. Encourage balance. Get kids involved in offline activities – especially where there’s no cell service.
6. Make kids accountable. If they have a privilege, make sure they earn it.
7. Explain what’s at stake. Let kids know that what they do today can be abused by someone tomorrow.
8. Find ways to say “yes.” That means we have to do some homework and know the sites they visit, the songs they download, etc. – and find ways to use technology that lets us say “yes” more often than we say “no.”
9. It’s not rocket science. Learn to text, send a mobile photo, set up a Facebook page, upload a video. Or have your kids show you how. It’s impossible to guide what you don’t understand. Not only that, but think of all the anxiety you can avoid by knowing how things work.
10. Lighten up, embrace their world, and enjoy the possibilities together. None of us want digital divides in our relationships with our kids. It’s up to us to join the fun and help them seize the potential.

Some great stuff here. I think the main point (well at least the point I’d like to make) is that for a parent being clueless is normal, but staying clueless is not an option. And I’d also like to draw particular attention to #5  (Encourage balance). This is where kids – and parents – discover the actual purpose and utility of the online world. Yeah, that’s right – it’s way too easy to get caught up in the fiction of  “socializing” online with people we’ve never met when in fact most of those people are not at all who they pretend to be. And some aren’t even people. The point? Social media is a powerful tool to collaborate and stay connected to real people you actually know, but to just be a poser interacting with other posers never accomplishing anything tangible in the real world is not only pointless, but boring. How do I know this? My son Nicholas is an avid gamer and web designer. So he has spent a good deal of time online since he was fairly young. Several years ago we (Nicholas and I) started volunteering for the FIRST Robotics challenge. In the real world. He now helps mentor and judge the web sites for the teams as well as doing crowd control and other jobs at the actual event. This requires collaboration and communication with other volunteers, the teams and challenge coordinators. Nicholas – and I – now have practical experience collaborating via social media with others folks who are involved in doing something that is very real, very tangible and wicked cool. Needless to say neither of us are interested in wasting time gossiping with posers when we can connect with interesting folks doing amazing stuff. Real stuff.

So if you are a parent, think about these 10 rules. It really all comes down to this: If your kids see you not being an idiot and doing cool stuff that’s what they will pay attention to. And everybody will get a clue in the process.

FIRST Robotics Challenge

This weekend we volunteered at the FIRST Robotics Challenge Colorado Regional. Not only is this a ton of fun – teams of high school students build robots to compete in a different game each year – it’s a very important activity to encourage young people to get involved in technology.

First a little background on FIRST: For Inspiration and Recognition of Science and Technology.

FIRST was founded in 1989 to inspire young people’s interest and participation in science and technology. Based in Manchester, NH, the 501 (c) (3) not-for-profit public charity designs accessible, innovative programs that motivate young people to pursue education and career opportunities in science, technology, engineering, and math, while building self-confidence, knowledge, and life skills

Founded by Dean Kamen, President of DEKA Research & Development Corporation and inventor of the Segway PT, FIRST has grown from 28 teams in a New Hampshire high-school gym in 1992 to reaching over 150,000 kids and the FIRST Championship held in the Georgia Dome in Atlanta. So what is FIRST Robotics Challenge all about? In the official words:

What is FRC?

FIRST Robotics Competition (FRC) is a unique varsity sport of the mind designed to help high-school-aged young people discover how interesting and rewarding the life of engineers and researchers can be.

The FIRST Robotics Competition challenges teams of young people and their mentors to solve a common problem in a six-week timeframe using a standard “kit of parts” and a common set of rules. Teams build robots from the parts and enter them in competitions designed by Dean Kamen, Dr. Woodie Flowers, and a committee of engineers and other professionals.

FIRST redefines winning for these students because they are rewarded for excellence in design, demonstrated team spirit, gracious professionalism and maturity, and the ability to overcome obstacles. Scoring the most points is a secondary goal. Winning means building partnerships that last.

What is unique about the FRC program?

• It is a sport where the participants play with the pros and learn from them
• Designing and building a robot is a fascinating real-world professional experience
• Competing on stage brings participants as much excitement and adrenaline rush as conventional varsity tournaments

The game rules are a surprise every year

My son and I got involved last year through the IEEE, which is a major supporter of FRC. Me, because it sounded like a great idea, my teenage son because, well, geeks + robots… you do the math. It has been an amazing experience. There is always a need for mentors, coaches and of course corporate sponsorship. I’ve volunteered both years working in the machine shop, which was provided last year by NASA and this year by a local Denver company Club Workshop, where we handled everything from minor accidents to field upgrades. I can’t say enough about this terrific program to really do it justice so I’ll just provide some pictures instead. Check FIRST out. You’ll be glad you did.

Great stuff that almost was

 

Computerworld has this article about the Top 15 Vaporware Products of All Time. Here’s an abbreviated list of stuff we waited breathlessly for or completely ignored that almost but never quite happened.

15. Ovation – In 1983, Ovation Technologies, a startup founded the year before, announced an integrated package that promised to include word processing, spreadsheet, database management, and communications software. By 1984, though, the company declared bankruptcy, having burned through about US$7 million in investor money without releasing a single product.

14. Duke Nukem Forever – May of 2009 will mark the twelveth anniversary of 3D Realms’ first official announcement of Duke Nukem Forever’s release, which was supposed to be in mid-1998. That optimistic announcement came before the developer’s decision to switch game engines–something the company would go on to do repeatedly in the ensuing years, while occasionally rewriting most of the existing game design from scratch.

13. Amiga Walker PC – After Commodore went bankrupt in 1994, the Amiga brand and technology were purchased by the German company Escom Technologies and marketed as Amiga Technologies. In early 1996, the company announced a plan to sell an upgraded version of the Amiga 1200 computer with a strikingly designed dark purple case that stood on four tiny feet–hence the Walker name. Nobody bought one.

12. Sega VR – Sega had decided to create the Sega VR as a virtual-reality add-on to its wildly popular Genesis system. Although the twin-LCD headset made the player look like a cross between Battlestar Galactica’s Cylons and Knight Rider’s KITT, it was one of the sleeker-looking VR headsets of the day. And, by all accounts, that was the best thing about it.

11. Glaze3D Graphics Cards – In 1999, the Finnish company Bitboys Oy announced the first two cards using its Glaze3D architecture, with even the less-powerful of the pair promising render speeds that were spectacular by the standards of the day. They weren’t playing leapfrog so much as doing long jumps. The not-so-secret secret behind the Glaze3D family’s amazing performance numbers was that the chips relied heavily on embedded DRAM, bypassing the bottlenecks that came from using external memory.  For two years, the company missed release dates. Of course, during those two years the rest of the industry didn’t sit still.  Bitboys went on to produce processor designs for the mobile graphics market, and ATI acquired the company in 2006.

10. Atari 2700 – Take the insanely popular Atari 2600 gaming system, put it in a new cabinet, add spiffy new controllers, and call it the Atari 2700. The end result should be a license to print money. The cabinet designers skipped the dated 1970s look of the faux-wood panel and went for a then-futuristic sleek, wedge-shaped design with matte and glossy black finishes, topped with a built-in storage container for the controllers at the top. The controllers themselves were innovative for the time, featuring built-in select and reset buttons (providing even less motivation to get off the couch), a touch-sensitive fire button, and a joystick that doubled as a rotating, 270-degree paddle. The killer feature: The controllers were wireless. In quality assurance testing people noticed that the controllers had a broadcast range of 1000 feet. Since the controllers didn’t have unique identifiers beyond “left controller” and “right controller,” playing a game would affect any Atari 2700 unit within that radius. To top it off, the electronics were based on garage-door openers, so interference with other remote-control devices was a possibility. In the end Atari decided that redesigning the system and the controllers would be too expensive, and it scrapped the 2700 project.

9. Secure Digital Music Initiative – In late 2000, the Secure Digital Music Initiative (SDMI) offered a $10,000 prize to any person or group that could, among other things, successfully remove the watermarks on four music files they provided, within a three-week time limit. A team at Princeton led by computer science professor Ed Felten did just that. The SDMI threatened to sue Felten, citing the Digital Millennium Copyright Act (DMCA), when the group learned that he planned to discuss his research at the 4th International Information Hiding Workshop the following year.

8. Action GameMaster – The portable game system was supposed to not only play its own cartridges but also handle NES, Super NES, and Sega Genesis games (with the help of adapters), as well as CD-ROM games, via another adapter. Contributing to the kitchen-sink approach were a TV tuner add-on and car and AC adapters. The company, which was likely banking on a flood of orders that never came, disappeared soon after.

7. Infinium Phantom – Slated to be, in essence, a PC running the embedded version of Windows XP, which would allow gamers to play PC games–but the primary hook was Phantom’s on-demand system, where subscribers could download any game they wanted over an Internet connection. In 2005 the Securities and Exchange Commission (SEC) gave notice that it would bring charges against former Infinium CEO Timothy Roberts. The SEC filing several months later revealed that Infinium had lost over $62.7 million in three years, with only $3.5 million going to actual development.

6. Apple Interactive Television Box – In 1993, Apple partnered with British Telecom (now BT) and Belgacom to produce a set-top box to go along with their interactive television services. The Apple Interactive Television Box was a modified 25-MHz Macintosh LC-475, and, rather modestly, allowed users to download and watch content (and fast-forward or rewind, similar to today’s TiVo-style recorders). Future plans included interactive game shows and educational content for children, as well as add-on hardware such as a mouse, a keyboard, and a CD-ROM drive. In 1994, selected households in Britain and Belgium placed the black set-top box sporting an Apple logo on top of their TVs, and trials began a year later in the United States. Apple quickly learned that consumers simply weren’t interested in interactive television. The trials ended, and the Interactive Television Box was shelved.

5. Palm Foleo – On May 30, 2007, Palm announced the Palm Foleo, a $499 Linux-based subnotebook designed to synchronize with a smart phone so that business travelers could, among other things, work on documents and e-mail without cramping their thumbs. Even such notable features as its 2.5-pound weight and its instant-on feature failed to muster more than a collective “Why?” from the digerati. Stuck somewhere between a PDA and a notebook in power and size, it seemed to be only an extra device to carry around, with too much feature overlap.

4. Taligent and Microsoft Cairo – Taligent, a joint venture between Apple and IBM. IBM, having recently parted ways with Microsoft over OS/2, had already started work on a microkernel called WorkplaceOS. Taligent merged the work on Apple Pink (an OO OS concept) and WorkplaceOS, with the intent of releasing a multiplatform operating system named TalOS. While the group did eventually release an object-oriented programming environment named CommonPoint for OS/2 and various flavors of Unix, the actual Taligent operating system never surfaced. The company was absorbed into IBM in 1998. In 1991, Microsoft launched the Cairo project which promised a distributed, object-oriented file system (Object File Store, or OFS) that indexed a computer or network’s file structure and contents automatically. Several versions of Windows NT came and went as Cairo continued development, shifting targets all the while. Eventually the company referred to Cairo as the successor to Windows NT Server, and then as a collection of technologies. Cairo development ended in 1996.

3. Silicon Film EFS-1 – February 1998, a company called Imagek announced its Electronic Film System unit, the EFS-1, to a small group of journalists. The EFS-1 aimed to fulfill the dreams of many professional photographers: In principle, the EFS-1 would act as a replacement for a 35mm film cartridge in any camera, allowing anyone to use their existing, familiar photo equipment to take digital pictures. Silicon Film’s last gasp directly addressed that last point: The EPS10-SF, announced the following year, produced 10-megapixel images while supporting more cameras and providing a 2.5-fps burst rate and an LCD preview screen. And then the company was gone.

2. Project Xanadu – In 1960, Ted Nelson first came up with the term “hypertext,” which he envisioned as something different from what it has come to mean. Hypertext as implemented now is unidirectional; you can link to a document without the document owner ever knowing. If the other party moves or renames the document, the link breaks. Nelson’s hypertext–which he now calls “deep electronic literature,” to avoid confusion–was meant to be bidirectional, so that two linked documents would stay linked, regardless of how they were moved or copied. More to the point, such a setup would allow for side-by-side comparison, version management, and an automatic copyright management system in which an author could set a royalty rate for all or parts of a document; linking would initiate the necessary transactions. In 1967, Nelson came up with a name for his project: Xanadu. The first working code for Xanadu was produced in 1972, and since then the project has largely been marked by near-misses and flirtations with bankruptcy. Project Xanadu isn’t completely vaporware. Nelson released the Xanadu source code in 1999, and XanaduSpace 1.0 released last year.

1. Apple W.A.L.T. and VideoPad – Developed between 1991 and 1993 in conjunction with BellSouth, Apple’s W.A.L.T. (Wizzy Active Lifestyle Telephone) was a tablet that doubled as a PDA; its killer app was the ability to send and receive faxes from the screen. The W.A.L.T. was never released to the general public. Tenacious as ever, Apple offered up the possibility of a new portable videophone/PDA concept at 1995’s MacWorld Expo. The Newton-like VideoPad three-in-one prototype combined a cell phone, PDA, and videophone, and sported an integrated CD-ROM drive. It too failed to pass the prototype stage, however, and Apple would stay away from telephones until 2007.

So what, if anything, can we learn from this list of potential yet unrealized products? Well we can always make our own list of categories, so how about this:

• Capital is available and we have an idea that will snag some – 7, 8, 10, 11 and 15.
• Sort of cool but poorly executed – 6, 12 and 13.
• Too far ahead of it’s time – 1 and 5.
• Amazing ideas that nobody understands – 2.
• Programmers love this, consumers don’t care – 4.
• Just missed the market window – 3.
• We won’t release until it’s perfect – 14.
• Self serving crap that nobody wants – 9.

Not much more to say except that Computerworld has the most annoying animated ads I’ve seen and I sincerely wish that the purveyors of that schlock were vaporware. But that’s just me.

Start off the new year right

Most of us have typical New Year resolutions like going on a diet and exercising more or quit smoking. While these are certainly good, healthy goals we really should be doing them anyway and New Years resolutions are simply a delaying mechanism so that we can scarf down those delicious goodies over the holidays while we watch the bowl games. Well it’s 2009 now, so go ahead and start that diet and drag your chubby carcass to the gym. But why not do something really interesting this year? Like learn a new language. I got this idea from a Lifehacker article by Jason Fitzpatrick entitled How to: Learn Basic Sign Language.

If you’re interested in learning American Sign Language or want to brush up on some courses you took in college, there is an enormous amount of information available at LifePrint. Assembled by American Sign Language teacher and evangelist Dr. Bill Vicars, LifePrint has dozens of ways for you to hone your Sign Language skills. There are basic word guides, Sign Language dictionaries, information on deaf culture and a plethora of links to other ASL resources.

The LifePrint site is a great resource that includes everything you need to learn American Sign Language (ASL) including free lessons and LifePrint Library.

So why would you want to learn ASL? You mean aside from the fact that it is the fourth most commonly used language in the United States. How about this bit of information from a study cited on the National Institute on Deafness and Other Communication Disorders (NIDCD) site:

Users of ASL have shown ability to process visual mental images differently than hearing users of English. Though English speakers possess the skills needed to process visual imagery, ASL users demonstrate faster processing ability–suggesting that sign language enhances certain processing functions of the human brain.

Now that sounds way cool to me. Being able to communicate with more people and enhancing brain processing functions too! So start off the new year right – get healthy (you were going to do that anyway) and get smarter. See, 2009 is looking better already.

Here are some useful links for learning sign language (not just American Sign Language).

• ASL Video Browser at Michigan State University
• ASL Pro
• Handspeak
• British Sign Language mobile-friendly database of signs
• Langue: Signes du Monde

Is suing your customers for fun and profit unconstitutional?

The entertainment industry has always baffled me. That’s probably why I never became a pop star. Well that and lack of talent. Actually, I understand the entertainment part of the industry, it’s the copyright policing groups like the Recording Industry Association of America (RIAA) that confuse me. This group is infamous for their Gestapo-esque tactics including lawsuits against file-sharing teens who pirate copyrighted content. The rationale goes something like this. Actually, exactly like this. I quote the RIAA:

It’s commonly known as piracy, but it’s a too benign term that doesn’t even begin to adequately describe the toll that music theft takes on the many artists, songwriters, musicians, record label employees and others whose hard work and great talent make music possible.

Music theft can take various forms: individuals who illegally upload or download music online, online companies who build businesses based on theft and encourage users to break the law, or criminals manufacturing mass numbers of counterfeit CDs for sale on street corners, in flea markets or at retail stores. Across the board, this theft has hurt the music community, with thousands of layoffs, songwriters out of work and new artists having a harder time getting signed and breaking into the business.

One credible analysis by the Institute for Policy Innovation concludes that global music piracy causes $12.5 billion of economic losses every year, 71,060 U.S. jobs lost, a loss of $2.7 billion in workers’ earnings, and a loss of $422 million in tax revenues, $291 million in personal income tax and $131 million in lost corporate income and production taxes.  For copies of the report, please visit www.ipi.org.

And so the gallant RIAA ventures forth to sue those scoundrels into submission. Thereby, no doubt, recouping some of the $12 billion pilfered. In what universe does this make any sense? Our customers aren’t buying our products because our business model sucks, so we sue them. You bet.

Yeah, but if you were one of those poor starving musicians who are championed by the RIAA you might have a different opinion. Might I? Let me tell you pilgrim, I am one of those poor starving musicians (well a poor musician at any rate) and like many of my more talented and famous peers, such as David Draiman and Janis Ian, I get nothing from the RIAA. Except severe gluteous maximus irritation. I think David Draiman summed it up pretty well in an interview with the San Francisco Chronicle.

“This is not rocket science–instead of spending all this money litigating against kids who are the people they’re trying to sell things to in the first place, they have to learn how to effectively use the Internet.” Draiman asserts that the actions taken by the Recording Industry Association of America (RIAA) are protecting corporate profits, not artists: “For the artists, my ass…I didn’t ask them to protect me, and I don’t want their protection.”

So is this going to be another interminable, pointless rant about the RIAA? Fortunately, no. It’s not.

Finally a breath of fresh sanity stands against the RIAA legal juggernaut.  A Harvard law professor, Charles Nesson, along with two third year law students have hit back hard on the RIAA’s efforts in a court filing, where it’s noted that the very basis for many of the RIAA’s lawsuits is very likely unconstitutional.

Imagine a statute which, in the name of deterrence, provides for a $750 fine for each mile-per-hour that a driver exceeds the speed limit, with the fine escalating to $150,000 per mile over the limit if the driver knew he or she was speeding. Imagine that the fines are not publicized, and most drivers do not know they exist. Imagine that enforcement of the fines is put in the hands of a private, self-interested police force, that has no political accountability, that can pursue any defendant it chooses at its own whim, that can accept or reject payoffs in exchange for not prosecuting the tickets, and that pockets for itself all payoffs and fines. Imagine that a significant percentage of these fines were never contested, regardless of whether they had merit, because the individuals being fined have limited financial resources and little idea of whether they can prevail in front of an objective judicial body.

The RIAA intimidates and steamrolls accused infringers into settling before they have their day in court and before the courts can weigh the merits of their defenses. The inherent dangers in allowing a single interest group, desperate in the face of technological change, led by a voracious, cohesive, extraordinarily well-funded and deeply experienced legal team doing battle with pro se defendants, armed with a statute written by them and lobbied and quietly passed through a compliant congress, to march defendants through the federal courts to make examples out of them should lead this Court to say “stop.”

What can you add to that? Except So long, and thanks for all the fish. And you go Charles!

OLPC G1G1 2008

The One Laptop Per Child (OLPC) organization, creators and purveyors of those cute green and white XO laptops, have announced another Give One, Get One (G1G1) program for 2008. In case you are unfamiliar with last year’s G1G1 program, its a deal where buyers pay for two XO laptops, get one machine for themselves and the other is donated to a school child in a developing nation. This year the program will run from November 17 until December 31, and the details will be similar to those from last year’s program:

$199 to give a laptop to a child in the developing world.

and/or

$399 to give a laptop to a child in the developing world and get a laptop.

In addition it was announced that OLPC G1G1 2008 will be run through Amazon, which will not only solve some of the delivery issues that G1G1 2007 had, but will also make G1G1 2008 open to Europe.

When it goes on sale the XO laptop is expected to cost £268 (313 euros) and should be available in 27 EU nations as well as Switzerland, Russia and Turkey.

The Give One, Get One programme was first run in the US in November and December 2007. The OLPC organisation claims it sold almost 190,000 machines via the scheme.

Despite the success of the scheme, it drew criticism because the OLPC group had trouble delivering machines to those who had ordered one. In a bid to resolve these issues, it signed up with Amazon in September 2008.

The OLPC News site has this handy FAQ snippet about European G1G1 2008.

1. When will G1G1 v2 be available in Europe? Monday, November 17, just like in the United States.
2. At what price?Around $399 | £254 | €312 (No VAT will be applied only shipping costs!).
3. Which countries will be included? The 27 member states of the EU, plus Switzerland, Russia and Turkey.
4. Will we get customized keyboards? No, there will only be English/International keyboards.
5. Which power-plugs will be available? European and UK.
6. How will I be able to order or donate? Also via Amazon’s online-store at amazon.com/xo from where you will be redirected to amazon.co.uk.

Aside from the excellent opportunity to contribute to a worthy cause, these are killer little devices. From the OLPC wiki:

The laptop is not a cost-reduced version of today’s laptop; we have fundamentally reconsidered personal computer architecture—hardware, software, and display. Unlike any laptop ever built, the laptop:

• Creates its own mesh network out of the box. Each machine is a full-time wireless router. Children—as well as their teachers and families—in the remotest regions of the globe will be connected both to one another and to the Internet.

• Features a 7.5-inch, 1200×900-pixel, TFT screen and self-refreshing display with higher resolution (200 DPI) than 95% of the laptops on the market today. Two display modes are available: a transmissive, full-color mode; and a reflective, high-resolution mode that is sunlight readable. Both of these modes consume very little power: the transmissive mode consumes one watt—about one seventh of the average LCD power consumption in a laptop; and the reflective mode consumes a miserly 0.2 watts.

• Can selectively suspend operation of its CPU, which makes possible further remarkable power savings. The laptop nominally consumes less than two watts—less than one tenth of what a standard laptop consumes—so little that laptop can be recharged by human power. This is a critical advance for the half-billion children who have no access to electricity.

Since last year some significant enhancements (“enhancements” in this context means “truly epic hacks”) have moved the XO well beyond a child’s edutainment toy. For example there are alternate user interfaces for adults to replace the Sugar interface that runs over the Fedora OS.

Thanks to the tireless efforts of many, we have a whole range of options for these newest XO laptop owners:

• Xfce
• LDXE
• Ubuntu
• Fedora Live

And yes, there is also the Windows XO option for those special kids in Peru, but until a pirate hack appears that’s not an option for G1G1’ers.

Note: In case you really want to see that “pirate hack”, I know this guy…

You can use an XO as a DVD player – a manually or solar rechargable DVD player! Or use it as a rather large mobile phone via Skype. Or an inexpensive e-book reader with thousands of free e-books – take that Kindle! The XO is eminently hackable with almost all of the user apps and glue written in Python and readily available for the tweaking enjoyment of the user! In other words a truly educational device.

So if you know someone who could benefit from this great technology – like your kids, or your parents, or a budding hacker, or yourself – or if you would just like to support the OLPC effort, now is your golden opportunity. Do it and you can join my mesh net.