Also, lipitor because biosimilars are very similar to biologic drugs, they don't order cheap viagra require the same costly testing. However, it's important to note prednisolone online stores that short-term trials didn't show an increase in blood pressure order kenalog lowest price dosage or blood sugar in people who gained weight during Lyrica levitra buy treatment. This is because cancer and cancer treatments can reduce where to buy cialis the number of red and white blood cells and platelets. buy generic estrace This is a minimally invasive, nonsurgical procedure called bronchoscopic lung vibramycin no prescription volume reduction (BLVR). The progression of nuclear sclerosis is irreversible, buy cheap viagra alternative but certain lifestyle factors can help slow the process. The cheap prescription without consultation colchicine order drug information contained herein is subject to change and is order cialis in us not intended to cover all possible uses, directions, precautions, warnings, side effects purchase gel cheap drug interactions, allergic reactions, or adverse effects. When a person cheap cialis samples needs a heart-lung machine in ICU, they may have additional people.

 

 

Yesterday, Microsoft delivered the coup de gr?¢ce to MSN Music DRM. May it rest in peace.

Digital Rights Management (DRM) is the practice of distributing digital content together with control programs that restrict how it can be used. For example, a publisher can distribute music that can played only a designated number of times, or only on designated computers, or that must periodically “phone home” over the Internet for reauthorization and relicensing. Content providers, notably the recording industry, embraced DRM as a way to cope with unauthorized downloading and file sharing.

Blown to Bits argues that DRM schemes are ineffective and anti-competitive and in the long run a bad deal for publishers and customers alike. If you buy music that must contact a license server before it can be played, then the music isn’t really yours ‚Äì if the license server goes away, ‚Äúyour music‚Äù becomes a useless wad of encrypted bits.

That drawback of DRM was driven home yesterday when Microsoft announced that it would be shutting down the license servers for MSN Music, a DRM scheme introduced in 2004 to the fanfare announcement that this would “finally bring digital music to the masses.” Music tracks purchased from the MSN Music store can be played only on computers licensed for that track. You can have at most five computers licensed for a track at once. If you get a sixth computer, you must contact the MSN server to de-authorize one of the five and license the new one. A “new computer” here means not only a new physical machine: if you upgrade your operating system, you need new licenses for all the music tracks.

Microsoft stopped selling new MSN Music in 2006, when it introduced Zune Marketplace. In an email yesterday from the General Manager of MSN Entertainment Services, purchasers of MSN Music tracks learned that the license server will be shutting down on August 31. After then they’ll be stuck: no more licensing new machines ‚Äì replace a computer, or upgrade an operating system after the summer, and their music can’t be transferred to it.

The anti-consumer nature of DRM is becoming increasingly apparent, and publishers are starting to move away from it. And yet, as described in the book, the desire to shore up DRM gave birth to the innovation-hostile anticircumvention provisions of the Digital Millennium Copyright Act, and new DRM-inspired legislative proposals are still very much alive on Capitol Hill. What can consumers do when the content they purchased phones home, but no one answers? Perhaps they should have it phone Congress.

 

 

As everyone keeps telling us over and over, we should never send sensitive information to an email address, or enter it into a web page, unless we’re confident we know where it’s going. Tricking people with bogus network addresses is called phishing. It’s an online fraud that goes back to the pre-Web days of America On Line, but its prevalence has skyrocketed over past decade because it’s so easy to accomplish with today’s web browsers. A text link you see on a web page might read ‚Äúwww.bankofamerica.com,‚Äù but if you were to examine the program code, you’d see that it’s not Bank of America’s web site you visit when you click on the link, but some other site, perhaps located in Eastern Europe, which looks just like the Bank of America site. Enter your account number and password, and they are dutifully stashed away as loot for identity thieves.

It’s a well-known trick, and even people who should know better get fooled all the time. For the past several several months, a large fraction of the MIT community has been receiving email messages from ‚Äúthe MIT network administrators‚Äù telling them that their MIT email accounts are about to expire and they need to re-register by emailing their password to an address shown in the message. You’d think MIT people wouldn’t fall for this, but it happens. The real MIT network administrators watch for email outgoing to the bogus address and contact the hapless victims, a group that’s included a few faculty members in the past month.

When everything is bits, frauds easily cross from one domain to another. In a variant of phishing known as vishing (‚Äúvoice phishing‚Äù) the perpetrator uses bogus caller ID information to trick victims into thinking they are being called by a bank, mimics the bank’s automated answering system, and asks for credit card information to be entered by touch tone. Spoofing the caller ID information ‚Äì making a fake phone number appear on recipient’s caller ID display ‚Äì is simple thanks to Voice over IP and the open Internet architecture that lets anyone create phone applications. There’s phone software widely available that includes spoofing as a ‚Äúfeature,‚Äù and even services like www.spoofcard.com that will sell you an account from which you can make spoofed phone calls: merely type in the called ID number you’d like your recipient to see, and call.

Just today, I encountered a variant of this trick I hadn’t seen before ‚Äì a cross-domain phishing hoax (phvishing ?) that almost fooled me. It came in the guise of an official looking email from Bank of America informing me that I needed to call them ‚Äúregarding recent activity on your account.‚Äù The email included the usual strong warnings against replying by sending account information by email. No bogus phishing links on this web page: all the links really did go to the BofA web site. But phoning the 800 number reached an official sounding automated answering system that asked me to punch in my account number, expiration date, and credit card validation code. It then told me that my card information had ‚Äúalready been registered‚Äù and everything was OK. Luckily, the email spoof was poorly done, and a close look at the return address showed that the mail was bogus, so I knew enough not to enter my real credit card data. It turns out that this hoax has been around since at least 2006; I just hadn’t encountered it before.

I doubt that I would have been fooled for an instant had this been a pure email hoax or a pure phone hoax, but the combination of the two was something I hadn’t expected. We all know to be cautious about internet messaging, but fewer of us feel are as suspicious about phone numbers, especially when we’re the ones doing the calling, as with the phony Bank of America number. The root of this difference in attitude is that the Internet (as described in Blown to Bits) has grown up as an open architecture, while the phone system has not. As the communication systems converge, they produce hybrids to which our instincts and attitudes are not attuned. Where this will end up, we don’t know. But of this we can be certain: digital convergence will continue, and so will human fraud.

 

 

One sign of a maturing industry is the development of aftermarkets. First there were cars, then there were used car dealers. And first there were bits, and then there were … used bits dealers? Some used bits transactions are legit, if possibly annoying. You give Sam’s Health Foods your email address so Sam can confirm your order for organic bean sprouts, and the next thing you know, you are receiving emails from Mary’s Gardening Tools. Sam decided to share his email address files with Mary, and Mary thinks that bean-sprout-eaters are more likely than other people to be gardeners. Of course, this is the kind of “sharing” that puts a few bucks in Sam’s pocket.

Other used bits dealers are like the people who steal catalytic converters and fancy headlamps from late-model cars and then sell them on the black market. There is a robust underground economy in bank account numbers, credit card numbers, eBay accounts, and even full identities. According to Symantec Global Internet Security Threat Report (downloadable free here), the going rate for bank account numbers is $10-$1000, while credit card numbers are $0.40-$20.00 each (but are usually sold in bulk). Bank account numbers cost more, because getting money from a bank account is quicker and, if properly done, leaves fewer fingerprints than converting a credit card number to cash. Identities go for $1-$15, but EU identities cost more than US identities, perhaps because of rising demand.

It’s a fascinating report. Symantec is in the security business, but many of the trends and recommendations are of general interest, unrelated to Symantec’s products. For example, the robust market in bank account and credit card numbers has made services like Paypal increasingly popular. Such electronic payment systems are guaranteed against misuse and they do not require revealing any financial information to the online store.