RoundedRounded generic acomplia atelectasis occurs when atelectatic lung tissue folds into the membranes cheap atarax internet covering the lungs. A reactive result indicates that a person retin-a cheap drug has had HBV and that their immune system has cleared prednisolone pharmacy the virus from their body. What to do in case pamoate without prescription you take too much Armour ThyroidIf you think you've taken griseofulvin no prescription too much of this drug, call your doctor. According to buy estrace the AHA, if a person experiences any warning signs of buy cheapest erythromycin on line a heart attack, they should seek medical help immediately. Dissuading cheapest dexamethasone price women from using contraceptives may also put them at risk atrovent in bangkok of sexually transmitted infections (STIs). Factors that may affect the tablet zoloft price you'll pay include your treatment plan, your insurance coverage, purchase cheapest toradol no prescription tablets and the pharmacy you use. The doctor will be able to.

The UK “Culture Secretary” is planning a “crackdown on offensive and harmful online activity,” according to the Telegraph. This would include a rating system like that now in place for movies. The Secretary, Andy Burnham, says,

There is content that should just not be available to be viewed. That is my view. Absolutely categorical. This is not a campaign against free speech, far from it; it is simply there is a wider public interest at stake when it involves harm to other people. We have got to get better at defining where the public interest lies and being clear about it.

As examples of successful rating systems he cites the systems for broadcast television (limiting what can be shown before 9pm) and video games.

I’ve already gone on a bit about Australian Internet censorship plans, and their failings. Such ideas are plainly catching on as legitimate.

But the particular way this is put shows that it emerges out of a metaphor failure. The Internet is no more like a movie theater than it is like a library. No more like a video game than it is like an encyclopedia. No more like a TV screen than it is like the postal service. Try to control one aspect of the Internet and you’ll fail. Try to control the core of the Internet and you’ll break it.

And here is a chilling passage in the Telegraph story:

Mr Burnham admits that his plans may be interpreted by some as “heavy-handed” but says the new standards drive is “utterly crucial”. Mr Burnham also believes that the inauguration of Barack Obama, the President-Elect, presents an opportunity to implement the major changes necessary for the web.

“The change of administration is a big moment. We have got a real opportunity to make common cause,” he says. “The more we seek international solutions to this stuff – the UK and the US working together – the more that an international norm will set an industry norm.”

Aux armes, cityoens! Stop these assaults. Mr. Obama, tell our British friends to leave the U.S. out of their plans.

Australian authorities are gearing up to test their plans to filter all Internet communications for illegal materials — child pornography in particular, but perhaps other materials as well. The test is focused on blocking access to web sites, and there have been several good articles on BanThisURL.com, a site specifically devoted to opposing the Australian plans. It’s a good object lesson in how hard it is to censor a distributed system and still have it work. Every now and then some member of Congress gives an if-we-can-put-a-man-on-the-moon-we-can-make-the-Internet-safe speech, and the Australian experience is a good object lesson in the special problems the Internet presents.

A good interview with a computer security expert appeared recenctly (thanks, SlashDot). It’s got a heavy dose of tech-speak, but it will be mostly comprehensible to a general reader. Here are a few of the main points.

1. Man-in-the-middle attacks are a big worry. That is, if all Internet traffic is routed through one machine, or a small number of machines, which check for bad stuff, then getting control of one of those machines becomes a big prize. Control it and you can read all the mail going back and forth between Gmail and anyone in Australia, for example. What you do with it is your choice — you can just shut it down if you want to be nasty, or read it and not tell anyone if you want to do creepier things.
2. Denial-of-Service attacks are another. You can make your filtering machines more secure by having fewer of them — but then it makes it easier for someone to try to choke them with thousands of requests every second. The way to beat a DOS attack is to re-architect the system, distributing its workload over thousands of machines — but then you have to worry about security at thousands of sites, bribes being offered to thousands of machine operators, etc.
3. Exploiting software vulnerabilities. If the government buys machines and software from the lowest bidder, and doesn’t install patches with daily devotion, the machine is sure to be compromised by some Bulgarian teenager who is up to date on the latest and greatest attacks and has too much time on his hands.
4. The filters probably won’t work. There are two basic approaches, each with its share of problems.
   1. A blacklist is just a list of URLs of web pages known to have bad content on them. The simplest approach to filtering is just to assemble a blacklist and check to see if the requested page is on the list, and to send back a “page not available” message if it is; otherwise pass the request along. But that would only begin a cat-and-mouse game. As soon as the owner of the restricted page realizes it’s on the government blacklist, he’ll move it to a different URL. Or some enterprising soul will set up a proxy server in another country — so you’ll send the URL of the page you really want to get to the proxy server (encrypted, so the government authorities can’t see what you’re asking for), the server in the other country will get the page and send it back to you (probably encrypted also). The government may blacklist the proxy server, which then moves its URL, and so on ad infinitum, or at least until one side gets tired.
   2. A content filter analyzes what’s actually being transmitted, photos or videos typically, and doesn’t let it through if it’s bad stuff. Now that requires the computer to recognize obscenity, which is a task most courts have a lot of trouble with. You can have a catalog of known bad photos (or their easily extracted hashes, but that’s a detail), but you’d have to keep that catalog up to date — at all the locations where it’s stored. You can flag photos for human screening by the percentage of the screen that is taken up with flesh tones, but that would begin another sort of cat and mouse game. Content filters don’t work very well, and to effectively screen out bad stuff, they have to err on the side of over-inclusiveness and eliminate lots of legal images too (Michaelangelo’s David, perhaps, or Botticelli’s Birth of Venus; not to mention medical illustrations and anatomy diagrams).
5. Whatever kind of analysis is done, has to be done very quickly. Particularly when delivering video content, there just isn’t a lot of time to do the processing to figure out what you’re delivering. The genius of the Internet, as we explain in the Appendix to Blown to Bits, is that in the core, it’s really, really stupid. It just passes bit packets along. Ask it to do more and it will break.
6. And of course everything you are doing has to be kept secret to foil your adversaries. Blacklists themselves become hot property — the blacklist used in Thailand became public a few days ago. It’s interesting to leaf through it — lots of garden-variety political cartoons with no sexual imagery at all.

Meanwhile, the Systems Administrators Guild of Australia has written a letter to the government stating, in essence, that it won’t work and they can’t make it work.

That’s the name of rule, no longer in force, requiring political balance in radio broadcasting. As the right has come to dominate talk radio and the left has taken control of both the executive and legislative branches of the federal government, talk of reinstating the doctrine is on the rise. George Will has an excellent column today making that case that the doctrine would, most likely, prove to be unconstitutional. After all, the First Amendment doesn’t say that the federal government should guarantee that all sides are heard; it says that the government has to stay out of deciding what should be heard.

Will notes that part of the rationale for the fairness doctrine was the scarcity argument — that there was only so much radio spectrum so the government needed to have some rules for allocating it. As he states,

The court’s 1969 ruling relied heavily on the scarcity rationale. But Brian Anderson and Adam Thierer, in their book “A Manifesto for Media Freedom,” note that today there are about 14,000 radio stations, twice as many as in 1969, and 18.9 million subscribers to satellite radio, up 17 percent in 12 months; 86 percent of households with either cable or satellite television receive an average of 102 of the 500 available channels. Because daily newspapers are much more scarce than are radio and television choices, should there be a fairness doctrine for TheNew York Times?

I haven’t read the Anderson-Thierer book (but I should: Thierer wrote a nice review of Blown to Bits). But the numbers Will quotes are only part of the reason why the scarcity argument is bogus. The way the radio spectrum is divided is an artifact of 1930s radio engineering. There are much more efficient methods today — without which it would have been impossible for most people to have their own radio station, in the form of a cell phone. As we say in Chapter 8,

There is no reason to re-establish a “Fairness Doctrine,” like that which until 1987 required stations to present multiple points of view. If there were more channels, the government would not have any need, or authority, to second-guess the editorial judgment of broadcasters. Artificial spectrum scarcity has, in the words of Justice William O. Douglas, enabled “administration after administration to toy with TV or radio in order to serve its sordid or its benevolent ends.” Justice Frankfurter’s claim that “there is no room in the broadcast band for every business or school of thought” is now false.

To get broadcast regulation right, you need to know the history and you need to know the engineering. That’s the story we tell in Chapter 8 of Blown to Bits, a remarkable drama in which Marconi, John Romulus Brinkley, Hedy Lamarr, Felix Frankfurter, and Claude Shannon all play their parts. I hope Obama’s team knows the story.

Since writing about the weird application of the Computer Fraud and Abuse Act in the Lori Drew case, I’ve gotten more fascinated, and bewildered, by all those terms you have to click “I agree” to in order to use web sites. You’ll recall that Drew was convicted of “unauthorized access” to a computer because she had made up a bogus MySpace identity, in contradiction to the MySpace Terms and Conditions, which stipulate:

By using the MySpace Services, you represent and warrant that (a) all registration information you submit is truthful and accurate; (b) you will maintain the accuracy of such information; (c) you are 14 years of age or older; and (d) your use of the MySpace Services does not violate any applicable law or regulation.

So apparently, under (b), you’re in violation of these terms if you say that Bobby is your boyfriend, and he dumps you but you don’t update your MySpace page to reflect that. (What else could it mean?)

The more you look at these “agreements” — which virtually no one ever reads — the stranger they look. Here is another clause from MySpace’s:

MySpace.com may modify this Agreement from time to time and such modification shall be effective upon posting by MySpace.com on the MySpace Website. You agree to be bound to any changes to this Agreement when you use the MySpace Services after any such modification is posted.

Now how weird is that? Is there any other circumstance under which you would sign a contract, one clause of which stated that the other party could change the entire contract at any time, without notifying you personally, just posting the revised contract in a public place, and that by signing the present contract you were agreeing to be bound by the terms of any such revised contract?

Google’s is also very odd:

2.1 In order to use the Services, you must first agree to the Terms. You may not use the Services if you do not accept the Terms.

2.2 You can accept the Terms by:

(A) clicking to accept or agree to the Terms, where this option is made available to you by Google in the user interface for any Service; or

(B) by actually using the Services. In this case, you understand and agree that Google will treat your use of the Services as acceptance of the Terms from that point onwards.

2.3 You may not use the Services and may not accept the Terms if (a) you are not of legal age to form a binding contract with Google, or (b) you are a person barred from receiving the Services under the laws of the United States or other countries including the country in which you are resident or from which you use the Services.

So in Massachusetts, where you have to be 18 (I think) to sign a contract, you can’t use the Google search engine, because by doing so you have implicitly agreed to Google’s TOS. And no child should ever have a Gmail account. You’d think they’d mention that a bit more visibly if they actually cared, wouldn’t you?

Such terms are stated, apparently, to give these services legal leeway to dump a tiny number of bad actors, not necessarily for their actual bad acting but for something. “Selective prosecution” is fine in civil matters, I suppose. But there is something strange about all this.

Lawyers, left to their own devices, will protect their clients to the max. They will want to get you if you venture somewhere near this tiny bulls-eye, so they will draw a legal circle a thousand miles in every direction around that spot. If you look like you are thinking about the bulls-eye in Harvard Square, they can throw you off the reservation because you wandered near Toledo.

What’s odd is that there doesn’t seem to be any counter-pressure. The TOS are rarely enforced, so there are not a lot of unhappy customers. When they are enforced, somebody loses access to a web site, not a big deal. There isn’t a lot of competition, so there is not much incentive for people to abandon one site because of its expansive TOS and sign up for another whose TOS are simpler.

So the situation seems unstable. What’s to prevent TOS from becoming ever more expansive, as lawyers get more clever and the sites’ gain experience about lawsuits from which they need to protect themselves?

I can’t imagine that even the Lori Drew decision, where adherence to TOS weirdly became a matter of criminal law, will make anyone start reading or paying attention to those documents.

So, as I feared,¬†Lori Drew has been found guilty. Not of the most serious charge, a conspiracy charge, but of three misdemeanor counts (for three separate times she posed as the fictitious “Josh Evans.”) Still, that’s a potential 3-year jail term.

But that’s a minor matter for the public, serious as it is for the Drews and Meiers. The important point is the one the New York Times quotes attorney Matthew L. Levine as making:

As a result of the prosecutor’s highly aggressive, if not unlawful, legal theory, it is now a crime to ‘obtain information’ from a Web site in violation of its terms of service. This cannot be what Congress meant when it enacted the law, but now you have it.

It wasn’t what Congress had in mind. Congress was legislating against hacking the databases of banks and credit card companies. The “unauthorized access” was password cracking and the like, not violation of the obscure terms in those multipage agreements we all click “I agree” on without reading them. The “obtaining information” was was getting credit card and bank account numbers, not the thoughts of teenage girls who happened to be expressing those thoughts on their MySpace pages.

In Thomas Paine’s The Rights of Man, Christopher Hitchens quotes an argument Paine made in France against the execution of King Louis XVI during the French Revolution. It is chillingly apt:

[Paine] argued that ‘an avidity to punish is always dangerous to liberty’ because it can accustom a nation ‘to stretch, to misinterpret, and to mis-apply even the best of laws. ‚Ķ He that would make his own liberty secure must guard even his own enemy from repression; for if he violates this duty he establishes a precedent that will reach to himself.’

Paine lost that argument, and the defense lost the Lori Drew case. Drew was convicted on charges completely unrelated to the awful fact that Megan Meier committed suicide. She would be just as guilty of having violated the Computer Fraud and Abuse Act if her daughter and Megan Meier had returned to being friends and all had lived happily ever after. The only difference is that the federal prosecutor would never have charged her under those circumstances. His interpretation of the law will give federal prosecutors enormous discretion about whom to put in jail simply because, as he said in about the Lori Drew trial,¬†‚ÄúThis was obviously a case that means a lot to me.‚Äù That should not be the standard for who gets prosecuted under a law and who doesn’t.

Postscript. Some commenters over at the Volokh Conspiracy have noted another interesting consequence of the fact that violation of a Web site’s Terms of Service can now be interpreted as a serious crime: When you agree to the typical ToS, you are agreeing that the site can change the ToS at any time and it is your own damned fault if you violate them because you didn’t check to see that they had changed! The relevant ToS in this case are MySpace’s, so let’s see what they say:

MySpace.com may modify this Agreement from time to time and such modification shall be effective upon posting by MySpace.com on the MySpace Website. You agree to be bound to any changes to this Agreement when you use the MySpace Services after any such modification is posted. It is therefore important that you review this Agreement regularly to ensure you are updated as to any changes.

Lori Drew is the Missouri woman implicated in the death of Megan Meier, who committed suicide after being jilted on MySpace by the fictitious boy allegedly created by Drew and a teenage accomplice. When we finished Blown to Bits, Drew had not been charged with any crime, because no statute seemed to cover what she had done, horrible though it was. We wondered in the book if she might simply have done something evil but lawful.

Drew is now being tried in California, not Missouri, on federal charges, of violating the Computer Fraud and Abuse Act. Interpreting this law to cover what Drew did is an overreach with scary implications. Let’s look at the language under which she is being charged, section a(2)(c):

whoever … intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains …  information from any protected computer if the conduct involved an interstate or foreign communication …

The government’s position is that by creating a hoax MySpace account, Drew violated this section because MySpace’s computers were in California, across state lines, and she obtained from that computer information about Megan Meier.

Now this is not what Congress had in mind when it wrote this language, and it is not the way it has ever been applied. This is a clause about computer break-ins (“hacking”). The “information” the law is talking about is information stored in the computer. It’s not a law about getting someone to tell you something using email or instant messaging. And the “unauthorized access” is also about breaking in to systems that are protected by passwords, for example, not about violating the terms of service of a service provider such as MySpace by misrepresenting who you are.

I understand the temptation to stretch to find a tool to throw at Lori Drew, but think of how many other situations would be covered if this clause were read that broadly. Fib about your age on a dating site? Jail time. Use Google or set up a Gmail account when you are only 17 years old? Jail time (2.3 of the TOS reads, “You may not use the Services and may not accept the Terms if you are not of legal age to form a binding contract with Google.”) Use different middle initials on different accounts so you can see who’s leaking your name to direct mailers? Jail time.

Would the Feds go after anyone for such minor offenses? If Lori Drew is convicted under this law, they will have carte blanche to do exactly that. That is precisely the point — they don’t really care if Lori Drew created a hoax MySpace account, they want to get her for causing Megan Meier’s death. But they can’t think of a way to do that, so they are turning MySpace hoaxing into a federal crime.

By that standard, if they can’t get you for what you’ve really done, they may settle for jailing you for failing to update your Facebook profile when you change jobs. After all, you agreed to do that when you signed up:

[Y]ou agree to ‚Ķ provide accurate, current and complete information about¬†you as may be prompted by any registration forms on the Site (“Registration¬†Data”) ‚Ķ [and] maintain and promptly update the Registration Data, and any¬†other information you provide to Company, to keep it accurate, current and¬†complete.

(Thanks to the amicus brief by Phil Malone of the Berkman Center, among others, for these hair-raising examples.)

I hope Lori Drew burns in hell, if there is one. But the federal government should not take us all down with her in its zeal to get her punished on earth as well.

:

The change.gov site lays out the science and technology agenda of the new administration. Sounds good for the most part, but let me parse it.

1. Barack Obama strongly supports the principle of network neutrality. Excellent, especially as the very first bullet.
2. Obama will encourage diversity in the ownership of broadcast media. Ugh. The right way to do this is to re-engineer spectrum use so the value of a broadcast station declines precipitously, and no one gets excluded. Somehow I’ll bet that isn’t what he has in mind, and we will have some kind of set-aside or affirmative action for minority ownership.
3. Protect Our Children While Preserving the First Amendment. Fine to say, but there is a certain point beyond which these really are inconsistent objectives. There is too much lip service paid to the dangers to children here; there isn’t really any evidence that children are any more endangered in the Internet era than they ever were. So this bullet is favoring motherhood; no one could be opposed to either. The devil will be in the details.
4. Barack Obama will strengthen privacy protections for the digital age. Again, a fine idea, but what does it mean? Will the feds still be able to seize and hold my laptop at the border without any suspicion that I’ve done anything wrong?
5. Open Up Government to its Citizens. This bullet really goes right at Bush’s obfuscations. The promise of transparency is very welcome. It will require a major cultural change in the executive branch, but change is what we were promised!
6. Obama will appoint the nation’s first Chief Technology Officer (CTO). Though I worry about symbolic gestures, on balance, I think this is a good idea — depending on who it is. (I hereby declare my availability.)
7. Obama and Biden believe we can get true broadband to every community in America through a combination of reform of the Universal Service Fund, better use of the nation’s wireless spectrum, promotion of next-generation facilities, technologies and applications, and new tax and loan incentives. Exactly right.
8. Barack Obama and Joe Biden support a trade policy that ensures our goods and services are treated fairly in foreign markets. Again, a bit of motherhood here, but that sounds protectionist to me, and anti-free-trade. But we shall see.
9. Invest in the Sciences. Thank goodness. If there is one thing I hope for from Obama, it is a return of rational judgment after too many years of politically motivated decisions.
10. Invest in University-Based Research. How could I be against that? But seriously, I hope for the sort of enlightened investments in fundamental research that gave us the Internet.
11. Protect American Intellectual Property Abroad: The Motion Picture Association of America estimates that in 2005, more than nine of every 10 DVDs sold in China were illegal copies. The U.S. Trade Representative said 80 percent of all counterfeit products seized at U.S. borders still come from China. Barack Obama and Joe Biden will work to ensure intellectual property is protected in foreign markets, and promote greater cooperation on international standards that allow our technologies to compete everywhere. Any bullet that starts by quoting the MPAA is bad news. This is the same group that persuaded Congress that if the copyright on Mickey Mouse were not extended from 70 to 90 years, Disney would just fold up its tents and not make any more movies, because it couldn’t see the point if people would start making a profit on their creativity 71 years from now. Knowing that Biden has a bad history with technology regulation, I fear that “international standards” will be crippling hardware fixes, broadcast flags, etc., that will make digital devices less generative. Here is one where the explicit mention of Biden’s name makes me worry that Obama has been hanging around with the wrong people.
12. Protect American Intellectual Property at Home: Intellectual property is to the digital age what physical goods were to the industrial age. Barack Obama believes we need to update and reform our copyright and patent systems to promote civic discourse, innovation and investment while ensuring that intellectual property owners are fairly treated. Actually, “fairness” is not the point. “Intellectual property” has many properties that make the metaphorical comparison with physical property very imperfect. The limited monopoly is not meant to be “fair” to creators, just to give them an economic incentive to create. “To promote the progress of science and the useful arts,” as the Constitution says, not “to be fair to inventors and artists.” I see this as another special-pleading by the entertainment industries.
13. Restore Scientific Integrity to the White House. Amen, and good for them for coming right out and saying that they don’t plan to consult with church leaders on every scientific question.

The rest looks fine too. I am very hopeful.

In the same FCC meeting yesterday in which opening the “white spaces” was approved, there was supposed to be a discussion of changing the rate structure that the telephone companies use for passing calls to each other. This is an amazingly complex and highly regulated business, and what makes it even more complicated is the fact that some of the terminology on which the regulatory structure rests is meaningless in the context of new technology. In the end the FCC just decided to do nothing for the time being.

Saul Hansell of the New York Times does as good a job explaining some of the issues as is humanly possible, I think.

I have an op-ed in the Boston Globe today about Internet Censorship. The FCC proceeding to which the piece refers is Proceeding 07-195 (pdf). Here’s the beginning of the Globe piece:

SUPPOSE that government regulators proposed to read all postal mail in order to protect families from things they should not see. Anything not legally prohibited would be delivered. Any unlawful words, pictures, or videos would be thrown away.

Talk about cases the Founding Fathers could not have anticipated. A federal court has ruled that computing the hash of a data file (a picture, for example) is a search, and is therefore subject to Fourth Amendment restrictions (that is, the police are supposed to get a search warrant before doing it).

What’s a hash? Hashing is a way of squeezing a lot of data down into a few bits. The same input will always give you the same output (which is called the hash, or the hash value). But because some information is inevitably thrown away in the squeezing process, it’s possible (in general) for two different inputs to give you the same output. The trick in the design of hashing algorithms is to make that unlikely.

Let’s take an example. Suppose we want to check to see if the photograph we have is one of a list of bad photographs (known child pornography, for example). Just storing all the photos on the bad list would take a huge amount of space. But we could hash each of them and just store the hash values. Then we could check our suspect photo against the list of bad photos by computing its hash and seeing if that value was in the list of hash values of bad photos. That check would be quick. Of course, if we got a match, before we arrested anyone, we’d want to compare the photos themselves just to make sure we hadn’t gotten an accidental “collision” where two photos happened to have the same hash.

A simple example of a hashing algorithm would be to treat the image as a sequence of 24-bit numbers and just add them all up, throwing away any numerical overflows. (Like doing arithmetic and just hanging onto the rightmost digits.)

Here’s how Arstechnica reports the relation of all this to the situation of one Robert Crist.

Crist had fallen behind on his rent, and his landlord hired a father-and-son pair to move the delinquent tenant’s belongings out to the curb, where a friend of one of the movers, Seth Hipple, picked up Crist’s computer. When Crist returned home, he began freaking out over his vanished machine‚Äîwhile Hipple was freaking out over what he’d found in a folder on the hard drive: Videos appearing to depict underage sex, which he promptly deleted.

Hipple called the East Pennsboro Township Police Department, and though the computer had been reported stolen, it soon found its way to the Pennsylvania Attorney General’s Office, where special agent David Buckwash made an image of the hard drive and began sifting through its contents using a specialized forensics program called¬†EnCase. Rather than directly examining the contents of the hard drive, Buckwash initially ran the imaged files through an MD5 hash algorithm, producing a unique (for practical purposes) digital fingerprint, or hash value, for each one. He then compared these smaller hash values with a database of the hash values of known and suspected child porn, maintained by the¬†National Center for Missing and Exploited Children. He came up with five definite hits and 171 videos containing “suspected” child porn. He then moved to gallery view, inspecting all the photos on the drive, and ultimately finding nearly 1,600 images that appeared to be child pornography.

No warrant had been sought to do any of this, however, and the judge threw out the evidence gathered from Crist’s computer as a result.

The government is likely to appeal, and a lot rides on the case. If, for example, the ruling is overturned and hashing isn’t a search, then the government would not need a warrant to go to your service provider’s central servers and hash every file, looking for illegal materials.