While order betnovate scientists still do not know the main cause of ulcerative order triamterene colitis, they do know that certain factors include exposure to generic advair environmental factors like air pollution, imbalance in the gut microbiome, asacol professional and immune system issues. If you've had an allergic reaction purchase retin-a online to Symbicort or any of its ingredients, your doctor will generic arcoxia prescription professional likely not prescribe Symbicort. Open communication and forming trusting relationships estrace online sale may help individuals overcome the desire to avoid physical contact colchicine prescription or intimacy with others. They can also be lower than buy viagra generic normal if the tumor is large enough to press on cheap drops pill the pituitary cells that typically make those hormones. Plant-based meat buy asacol lowest price is a term that people use to describe foods that estradiol sales mimic meat products but are made from plants. In addition, get cheapest cipro low price canada L-tryptophan may contribute to eosinophilia-myalgia syndrome, a condition that causes buy robaxin online severe muscle pain and can result in death. However, if a.

US District Judge Douglas P. Woodlock has issued a temporary restraining order (pdf¬†here) to MIT students to prevent them from speaking at the DEFCON Conference in Las Vegas about how cracking the fare card systems used by our local mass transit system, the MBTA. According to the MBTA‚Äôs complaint (pdf¬†here), the students were working under the supervision of Professor Ron Rivest of MIT, a pioneering figure in the the modern development of cryptography. The complaint and the restraining order are directed against MIT as well as the three undergraduates, because ‚ÄúMIT has been unwilling to set limits on the MIT Undergrads‚Äô activities.‚Äù Imagine — a university not telling its students to hold their tongues about their discoveries.

The story is covered in the Boston newspapers (Herald story here, Globe story here). The most complete account is in the UK Tech site, The Register.

Prior restraint of speech is serious business, especially for the press and for academic researchers. A quick reading of the documents in this case suggests that this order is wrong. No human lives are at stake here, just the revenues of the MBTA, which are threatened not by the students’ acts but by the MBTA’s technical incompetence.

Ironically, the court has made public a document the students submitted in response to the complaint. This document (PDF here, courtesy of Wired) reveals a great deal of what the students were going to say. Similar information was apparently included in a class presentation that has been publicly available for weeks, and in materials thousands of conference registrants received on checking in. The injunction against speech is, if nothing else, moot.

Though details matter, the students seem fundamentally to have discovered a hole in the security fence and now are being taken to court for their plan to tell people about it. The most gaping hole the students report in the MBTA’s security system is that Charlie Tickets (paper tickets with a magnetic stripe) use a laughably weak form of security, which does not deserve to be called encryption. To guard against someone altering a few bits on the card to increase its value, the card includes a “checksum,” just a sum of all the bits, keeping only the lowest-significance six bits of the sum. If you imagine the data being in decimal rather than binary, this is equivalent to adding up a column of numbers and appending to the column the last two digits of the sum. Then if you wanted to check whether any of the numbers had been altered, you could compute the sum yourself and see that the last two digits matched what was on the card. Of course, if you knew how to alter the checksum too, you could easily defeat this crude check. And with only a hundred possibilities, it’s pretty easy to figure out how the checksum is computed and to forge it as well. (With six bits of checksum, there are only 64 possibilities to test.)

There will be a lot of fallout from this case. To be sure, the students might have used a more academic tease than “Want free subway rides for life?” to draw in an audience. And they may be in hot water for going into the MBTA’s network control rooms in the course of discovering that they were routinely left unlocked — a huge security problem. On the other hand, the statute the MBTA complains the students have violated — the Computer Fraud and Abuse Act — hardly seems applicable. The MBTA is claiming that the transmission of the vulnerability from the lips of the students to the ears of the listeners falls under a statute designed to outlaw fraudulent electronic attacks over computer networks.

At its core, the situation has arisen because the MBTA violated one of the basic principles explained in Chapter 5 of Blown to Bits: Kerckhoffs’s Principle. A security system is more likely to be secure if everyone knows what it is. Keeping the design secret is an invitation to crack it — if the students hadn’t done it, then criminals would. History has countless examples. What the MBTA should have done is to post its security design on its Web site and challenge all the world’s students to crack it. Technologies exist for secure data encryption. Keeping your bright idea on how to do it secret is not the way to get a good design.

The Electronic Frontier Foundation is defending the students. In the meantime, I would note one interesting detail. According to the Register’s report, when the students met with an MBTA representative earlier this week, “The MBTA official made clear the level of concern reached all the way up to the governor’s office.” Governor Patrick has styled himself a champion of personal freedom. Mr. Governor, you can call off the dogs. This is not the way to solve the state’s problems.

One of the points of contention in a variety of ongoing controversies about regulation of Internet Service Providers is whether they would ever abuse the power they hold over who sees what. In Blown to Bits we talk about the case of Verizon denying text messaging service to Naral, a pro-choice group, because it considered Naral’s agenda “controversial.”

Today we have a silly example, but one that drives home the point that ISPs have arbitrary and unlimited authority, and where there is little or no competition in broadband services, they have the power to control what the public knows. Verizon told one Dr. Libshitz, a retired radiologist of unquestioned reputation, that he could not have DSL service because he wanted to use an identifier — his name — that contained a word on Verizon’s no-no list. A helpful employee suggested to Dr. Libshitz that he change the spelling of his name to accommodate Verizon’s decency standards. After several more telephone calls, Dr. Libshitz got his DSL connection — but only after Verizon tracked down the guy in India who could override the automated name filters.

Not to put too fine a point on it, the Chinese government has double-crossed the International Olympic Committee. Having agreed that journalists would be given the same electronic freedoms they enjoyed at previous Olympic games, the Chinese now say they just meant they’d be given free access to that part of the Web relevant to the games themselves. And the IOC, which presumably had a chance to stand for something about press freedoms, caved. An IOC spokesman says that the IOC and the Chinese agreed that “some sensitive sites would be blocked on the basis they were not considered Games related.”

If there is a showdown on this, it will have to come from the press. I am guessing that doesn’t happen. The media have enough problems; no one wants their reporters thrown in Chinese jails.

In the meantime, the Chinese have also announced that they would increase the level of monitoring of communications out of hotel rooms. A memo to the hotels says, “In order to ensure the smooth opening of Olympic in Beijing and the Expo in Shanghai in 2010, safeguard the security of Internet network and the information thereon in the hotels . . . it is required that your company install and run the Security Management System.” Ah yes, security. In addition to those two stories (from Reuters and the LA Times, which was the first to break it), there is a story today in the NYT.

So much for the cute panda bear logos and the long-heralded opening of the new China to the West.

A couple of hints for those actually going to China. Blackberries work, and because the communication is encrypted from your handheld to the Blackberry server, you should be able to get anything you want that way. Run Google from your Blackberry and you are really using Google US, but the bits that arrive at your device are undecipherable along the path to you and are only descrambled by your handheld.

If you have a corporate server to which you can establish a VPN connection, you should be able to get unfiltered information (and send and receive unfiltered email) that way.

And finally, there is a neat tool for transporting encrypted information on your laptop. By way of background, encrypted information is indecipherable (if the encryption algorithm is industry-strength). But the very fact that you are moving or carrying what seems to be piles of random bits may tip off an eavesdropper to the fact that you are conveying or receiving secrets. That’s the advantage of steganography (discussed in Chapter 3 of Blown to Bits) — steganographically encoded data doesn’t seem to be a message at all.

Truecrypt is free software for storing information on the hard disk of your laptop that is encrypted and also steganographically hidden. It doesn’t seem to be there at all; a look at the laptop’s file system, were you compelled to show your laptop at the border, would not reveal that your hidden files even existed.

UPDATE, August 2; According to the Guardian (UK), the ban has been lifted, and the entire Internet is viewable from Beijing. Doesn’t mean they aren’t keeping track of who goes where, of course ‚Ķ

Readers of Chapter 7 of Blown to Bits will know some of the story of the U.S. government’s efforts to make the Internet “safe” for children to see by banning from it many things that are legal and appropriate for adults. (We talked about part of this story yesterday, in our post about the COPA legislation.)

Now the FCC has come up with the bright idea of a child-friendly Internet, that is, an Internet where no one could ever say anything that would be “harmful” to children, down to the age of 5. (I mentioned this briefly in a posting a few weeks ago.) No medical images, presumably, of the kind that teenagers from time immemorial have sought out to satisfy their curiosity. No discussions, it would seem, of sexual matters that you would not discuss with your 5-year-old. The standard is so absurd as a weapon to put into the hands of government censors that one has to assume large parts of classical English literature and daily adult discourse would be barred.

The parallel universe the FCC imagines would be created by companies using a block of wireless spectrum. They would be allowed to bid on this block only if they agreed to use part of it to provide free public access to this parallel, child-friendly Internet universe.

The proposal is absurd, and the cyberspace it imagines could not be the Internet. There could presumably be no encryption, for example, else how could the censors be sure whether the data being sent represented a birthday card or a dirty joke in Yoruba? (In fact, how would the censors recognize unencrypted dirty jokes in Yoruba, that a Yoruba-reading child might see?) It seems likely that the FCC’s proposal, if it went into effect, would eventually be ruled unconstitutional on First Amendment grounds, just as the government couldn’t ban swearing in Yellowstone National Park on the theory that it was public property and children went there. The FCC proposal is here. The critical passage is on page 26, the stipulation that the network must have technology

That filters or blocks images and text that constitute obscenity or pornography and, in context, as measured by contemporary community standards and existing law,  any images or text that otherwise would be harmful to teens and adolescents.  For purposes of this rule, teens and adolescents are children 5 through 17 years of age

I have joined a number of other Fellows of the Berkman Center for Internet and Society to comment on the FCC proposal (pdf here). This “comment” has a calmer, more measured and nuanced explanation of the stakes than does this intemperate post. Thanks to Wendy Seltzer, Geoff Goodall, and Steve Schultze for carrying the burden of drafting it and of incorporating the hundreds of suggestions they got back.

Persephone Miel has a nice quick summary of our position here.

Chapter 8 of Blown to Bits tells the tale of how the federal government got into the business of determining which parts of the female anatomy may be shown on broadcast television and for how long, and whether the occasional s-word or f-word may be spoken. It’s an important story, because it’s one of the few clear-cut instances of a sweeping override of the First Amendment by a government body. And that body, the Federal Communications Commission, keeps reaching farther. For example, it has proposed to grease the rails for companies willing to provide a free-to-the-public, fully censored parallel Internet universe over the airwaves, an Internet with a mechanism

That filters or blocks images and text that constitute obscenity or pornography and, in context, as measured by contemporary community standards and existing law,  any images or text that otherwise would be harmful to teens and adolescents.  For purposes of this rule, teens and adolescents are children 5 through 17 years of age.

You read that right: nothing unsuitable for a 5-year old could be said or shown over this network.

While I have no interest in the famous Janet Jackson halftime stunt (I love the Superbowl, but never watch the halftime shows), I am delighted that the FCC fine was thrown out by a federal court as being capricious and arbitrary. The court essentially ruled that the FCC had improperly raised its standards. The Technology Liberation Front has a good explanation of the decision and a link to the decision itself.

An even more important judicial deliberation will be happening in the coming Supreme Court term, when the entire issue of the FCC’s indecency standards will be under review.

In the meantime, isn’t it odd that the FCC is working so hard to make broadcast TV safer for children than it has ever been, just at the moment when from what I can tell, the advertisers think the only people watching network TV are those who need AARP, Viagra, and motorized wheelchairs?

“Dr.” John Romulus Brinkley, the notorious medical quack, makes a cameo appearance in Blown to Bits as the plaintiff in a suit against the Federal Radio Commission. When the Supreme Court upheld the FRC’s authority to strip Brinkley of his radio license, it set the stage for all subsequent federal censorship of the airwaves. The technological part of the court’s reasoning now rests on shaky ground, as our book explains.

Pope Brock’s recently released book¬†Charlatan is the amazing tale of Brinkley and his lifelong battle with Morris Fishbein of the American Medical Association. It’s a terrific read, highly recommended. The Supreme Court case is barely mentioned, but there is a lot about Brinkley’s pioneering role in radio — he was the first to do major country music programming, and to use recorded music to time-shift the performances. When he had to move his station to Mexico and federal authorities said he couldn’t telephone his broadcast from the States, he recorded them and sent the records to Mexico to be played. A communications pioneer to be sure.

Brock has dug out lots of nice details — for example that the first time Johnny Cash heard June Carter sing was on Brinkley’s radio broadcast! Good summer reading.

Here’s¬†a good AP column about the way the major players limit what can be said in order to satisfy what they consider appropriate standards of taste. There is a wonderful example of a Dutch photographer whose documentary photo of a street scene in Romania was taken down from Flickr — twice. The problem? It showed a young adolescent boy smoking, as happens a lot on the streets of Romania. Flickr didn’t want to encourage youth smoking, or perhaps didn’t want to be accused of encouraging youth smoking, or perhaps received actual complaints about the photo and found it easier to censor than to argue.

This is a tough problem, as private enterprises should generally be left to do whatever they feel is best for business, and it’s hard to see this kind of censorship as harmful. But as sites like Flickr become the technological equivalent of the public square, attracting huge numbers of participants because a huge number of participants are already there, it’s equally hard not to think that the personal judgments of random employees should not be decisive in what can be shown and what can’t be. And government regulations immediately raise the problem that web sites are multinational and governments aren’t.¬†

1) Comcast and Time Warner are experimenting with metering Internet usage, on the principle that the Internet is like the water supply system. Problem with this idea is that there is no bits shortage as there is a water shortage. They should be building more pipes rather than maintaining the pipe scarcity and jacking up their prices for the water.

2) The FCC wants to auction off a piece of the spectrum to someone willing to use part of it to build a nation-wide, free, wireless Internet. The catch? This parallel universe will be censored. According to the Wall Street Journal, “Details about how to define what content would be unacceptable for viewing over the free network is still under discussion.”

Neither the FCC nor any other government agency has any business in Internet censorship, as the courts have repeatedly held. (In fact, the FCC has no business in broadcast censorship any more either, but see Chapter 8 of Blown to Bits for that story.) There are so many problems with this idea, it’s hard to know where to begin, but Scott Bradner’s column would be a good start for those wanting to know more and to get some of the background. Fundamentally, the flaw with this proposal rests on another metaphorical failure. See also David Weinberger on this.

The Wall Street Journal reported Friday that “Sen. Obama is a supporter of legislation that would guarantee ‘network neutrality.'” Sen. McCain reportedly prefers a “market-based” approach, meaning that he opposes neutrality rules. We all love markets, but ask yourself how much a market there is in broadband services where you live. About half the country has zero or one choices, and virtually all the rest at most two, DSL and Cable. Hard for the free market to operate in a monopoly-duopoly world. In the absence of real broadband competition and consumer choice, the service providers have to be regulated to prevent them from using their carrier power to dictate content.

The story reports that Obama has reassembled some of the Clinton telecomm brain trust, including Reed Hundt, who had nice things to say about Blown to Bits. I suppose McCain just asked Cindy? (See the earlier post, McCain and Google.)

Both the New York Times and the Washington Post have reported on the agreement reached between the Attorney General of New York (Andrew Cuomo) and several Internet Service Providers (Verizon, Sprint, and Times Warner Cable) to limit the dissemination of child pornography. I had planned to blog this as soon as I read the story in the Times, because it seemed to me an important development. Then I hesitated, because after reading that story, I couldn’t figure out what was really going on. The Post’s story is clearer, but you need to dig deeper, for example into Susan Crawford’s blog, to get the details.

As a step toward controlling child pornography, the agreement appears to accomplish very little. The ISPs have already been taking down child pornography when it is reported to them, and have been sharing information and cooperating with law enforcement. (Child pornography is illegal. First Amendment protections don’t apply, because of the harm done to children while producing it.) The ISPs will be checking for duplicates of known child-pornography images, using a “hash value” of the photos (a digital fingerprint that can be easily checked). This is an attempt to block the same images from turning up in new places. It’s not likely to be very effective for very long; it’s easy to disguise the images so they have different hash values. The mice always win such cat and mouse games. If the tests for what constitutes a “match” are made looser, legal material is going to be blocked at the same time.

The agreement does give the Attorney General a political victory, at no apparent cost. How many state AGs get front page coverage of their actions in the nation’s two major dailies, with barely a word of criticism? And what’s the downside? No one defends child pornography. No one. It’s hard to think of another law for which there is such unequivocal support as there is for the anti-child-pornography statutes.

My guess is that it took two seconds for the Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA) to get on the phone to Cuomo asking for equal protection. Unauthorized downloads of copyrighted music and movies are also illegal. Most of us don’t feel quite the same revulsion about Madonna downloads as we do about child rapes, but the recording and movie industries have tried in the past to create just such analogies. The MPAA president once told Congress that video recording was to his industry “as¬†the Boston strangler is to the woman home alone.‚Äù

If ISP’s can be coerced into “agreeing” to make sure you don’t get illegal photos, they can be coerced into “agreeing” to watch for you illegally downloading songs. The New York AG’s announcement is precedent-setting. Watch closely for what happens next. There will be much “if you’re not doing anything illegal, you have nothing to worry about,” and when it turns out that legal material is being blocked and innocent parties are being prosecuted, a good dose of “we’re never going to accomplish anything about this terrible problem if we don’t at least try.”

(P.S. Today’s TImes story on the First Amendment in the context of the global Internet is much better than its coverage of the child pornography agreement. This issue is¬†also¬†discussed in “Blown to Bits.”)

Postscript added at 5pm. The easiest and surest way for ISPs to comply with this agreement is to drop some or all of the Usenet newsgroups, even though less than 1% have ever been found to have any child pornography on them. It seems that some of the ISPs are planning to do exactly that. Thus does voluntary self-censorship again, carving out huge areas of legally protected material as the cheapest way to satisfy agreements with the state to screen out a tiny amount of illegal material.