Topics discussing when software code acts as a form of policy, what Lawrence Lessig , author of Code and Other Laws of Cyberspace would call (US) "East-coast-code meets West-coast-code".

US: Scientists Call Diebold Security Flaw 'Worst Ever'

This article by Ian Hoffman includes:

Computer scientists say a security hole recently found in Diebold Election Systems' touch-screen voting machines is the "worst ever" in a voting system.
The hole allows someone with a common computer component and knowledge of Diebold systems to load almost any software without a password or proof of authenticity and potentially without leaving telltale signs of the change.

See: Freedom to Tinker: Report Claims Very Serious Diebold Voting Machine Flaws

No ballots (electronic or otherwise), no accountability, no transparency, no security... and why are we trusting the most fundamental aspects of our democracies (elections) to them?

Critical policy failures of the Canadian online Census

(Also carried by p2pnet)

I have seen this issue covered in a variety of locations, and is being discussed in a number of different forum. On Thursday there was a Newsforge article by Bruce Bayfield with the headline "Canadian online census discriminates against FOSS". A few citizens have written letters to their member of parliament about this embarrassment to Canada.

I thought I would weigh in on this issue as a technical, policy and security consultant.

Everyone Wants to 'Own' Your PC

Bruce Schneier is the CTO of Counterpane Internet Security and the author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World.

His recent article for Wired Magazine includes:

When technology serves its owners, it is liberating. When it is designed to serve others, over the owner's objection, it is oppressive. There's a battle raging on your computer right now -- one that pits you against worms and viruses, Trojans, spyware, automatic update features and digital rights management technologies. It's the battle to determine who owns your computer.

China president at Gates house, not White House

This Reuters article includes:

SEATTLE--The first lavish dinner of China President Hu Jintao's historic visit to the United States next week will be in a big, secure house in Washington where the host is one of the world's most powerful men.

The White House? No.

It won't be in Washington D.C., but Seattle, and the Tuesday dinner will be held at the $100 million lakeside mansion of Microsoft founder and the world's richest man, Bill Gates.

The approximately 100-person guest list is a who's who of the U.S. Pacific Northwest power elite, including Starbucks Chairman Howard Schultz and Washington state Gov. Christine Gregoire, said event organizers.

Cradle of Liberty Lags on E-Voting

The advancement of e-voting technology in England, continental Europe, and Australia is overtaking the U.S. effort because of the first three regions' wholehearted movement to endorse standards such as Election Markup Language (EML) and make the e-voting process transparent, in contrast to America's laissez-faire attitude and policies.

Read full article on IEEE DS Online

Note: While there is a focus on transparency of the software and interoperability of the software and processes, there was not enough attention on the need for a voter verifiable ballot (electronic or otherwise).

May v. Ferndale Institution: Case lost because software was closed-source

A BLOG posting by Matthew Skala includes:

Some Federal inmates were transferred to a higher-security prison on the recommendation of a computerized risk-evaluation system. When they appealed, they wanted the details of the software's "scoring matrix"; and the Supreme Court allows the appeal, saying "Without the scoring matrix which provides information on the numerical values to be assigned to each factor and to the manner in which a final score is generated by the computerized tool, the inmates were deprived of information essential to understanding the computerized system which generated their scores and were prevented from formulating a meaningful response to the reclassification decisions."

Letter to Information Commissioner: further questions about failed ATIP request.

The following letter was sent in the mail today. I posted the initial ATIP request on this BLOG as well.

Note: I am aware of, but haven't yet read, the ATIP manual provided by On the Identity Trail.

Dear Information Commissioner of Canada,

I sent an Access to Information request to PWGSC as follows:

List of vendors consulted and text of documents created by vendors in relation to the "Shared Services" initiative. The results of any negotiations with vendors that are being considered to supply the so-called common operating system, common application or servers software, and common directory services.

The two branches of the creators' rights movement.

As an independent author of software and non-software literary works, it should be obvious that I come at issues of copyright from a creators' rights point of view. The problem is that there are two very different, and often opposed, interpretation of these rights from within the creator community.
I believe that one of the best articulations of creators rights comes from the United Nations Declaration of Human Rights, article 27 which has two parts:

(1) Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits.
(2)Everyone has the right to the protection of the moral and material interests resulting from any scientific, literary or artistic production of which he is the author.

Creators need a balance between the right to create and the right to receive rewards from past creativity, with the only beneficiaries of an over-protection of the second part being non-creator copyright holders (media and content intermediary corporations).

The Parliament Hillbillies in Ottawa: Episode 02 - Wave of the future, baby

The 3'rd episode of the The Parliament Hillbillies in Ottawa is available. There are many topics this week of interest to a digital rights activist, from copyright (Bill C-60, audio recording media levies), to accountability/transparency of the software potentially being used for the next census, to the CRTC hearings on the implementation of the "don't hesitate to call" (they didn't call it that) legislation.

It was great to hear politically minded people talking about technology law (copyright, etc) that are outside of the "usual suspects". These are not people who have spent years studying this stuff, but picked up on a few issues very quickly. Their focus was on the overall issues of copyright, and whether copyright should be pragmatic and reflect the actual usage of technology (allowing a new generation of creators to harness business models that respect modern technology).

A quick note to the Bank of Montreal about their new security "Enhancements"

The following was sent to BMO's feedback address about their Online Security FAQ about new security "enhancements".

Please note that as an Internet consultant who is partly hired for my security expertise, I would be forced to avoid BMO banking based on the information in your FAQ. It demonstrates a lack of security in mandating insecure use of vendor-specific Macromedia Flash and Microsoft ActiveX, as well as ECMAScript (Previously known as JavaScript).

I already recommend customers disable these insecure client-side technologies, and would need to recommend customers against being a BMO customer as you seem to be promoting and dependent on these insecure technologies.

Syndicate content