SOPA is bad news

I haven't been paying a whole lot of attention to American politics of late. At least one variant of SOPA, as proposed, will mess with DNSSEC.

I believe - wholeheartedly - that DNSSEC has the ability to improve the security of the Internet for everyone. It's a critical component of my cerowrt project, comcast just rolled it out nationwide, many other providers are also doing so, and that has taken tens of thousands of people, over 10 years of effort to accomplish.

I have also been working for years to make DNSSEC just work, only to look up now, to see clueless politicians in the pay of a a few lobbyists playing with technologies they don't understand.

I've been busy this year, on another front - trying - and succeeding!! - making the Internet, actually better, for everyone.

It really bugs me to see all the time, energy, and money, that can go into screwing up the internet, especially vs all the time, energy, and money that goes into making it better.

I don't have a comprehensive grip on what sopa does, but here's one reference that seems good. Doc Searls also ranted well...

Seeing wikipedia go dark today, was a terrible, terrible thing. I'd like to keep the light of knowledge, burning bright, throughout the world, for everyone, all the time.

Labels: sopa

  ¶ 9:44 AM 0 comments links to this post

  Departing France for England, then 'home'.

So, I looked up, and realized that it was time to leave Paris.

Tomorrow.

I'm sad to be packing up and leaving, and mad at myself on a few particulars, but on the whole, it's been a wonderful experience to have spent time in one of the still beating hearts of civilization.

As a tourist I got to see the Eiffel tower, and tour the entire Louvre - (it wasn't the Mona Lisa that grabbed me, it was the painting on the opposite side of the room that really blew my mind - and the statuary - oh, my!)

I ate dinner at nearly every restaurant between my apartment and my graciously donated office at LINCs lab, and a few other places. I got turned onto some wonderful places with friends that I will never find again. The wine, was wonderful... I had a couple dates, too, but romance escaped me - and I was working my brain dry... I spent 99.9 % of my time obsessively trying to beat the bloat.

I met some people I'd only corresponded with for years, helped a couple students, gave a couple talks, did a ton of research, and my life revolved around work, primarily. Darn it. Again.

There was so much more I could have done - in particular I'm sad I missed seeing both the catacombs and Monet's gardens, but I hope to be back one day, and those will be tops on my list. I wish also - although I fell in love with Duc Lombards and the two other big jazz clubs in Halles - that I'd actually got to *all* the jazz clubs, and seen some plays and concerts, but it was very hard to navigate alone...

I didn't manage to learn that much French. I will have to study the language far more fully before I choose to return. I did learn lua, though.

I'm off to London now for a week (I'm giving a talk at UKnof21), and I hope to spend time there, seeing things and people that I've always wanted to see, in that country. Then... Back to Florida to see my folks, and after that...

I have NO idea. Usually I write up a summary of the last year, and make some new years resolutions, and review the old, and I guess I'll start doing some of that, while trying to ingest as much of Europe as I can, in my time remaining here.

I wish I'd got to Amsterdam, Spain, and Italy on this trip, too.

Ahh, well. The work was good.

Labels: paris

  ¶ 8:53 AM 0 comments links to this post

  An incredible stream of co-incidences passing me by

For the past couple days, while waiting for code to compile, I've been playing an old song of mine, "Living in the ooze", revising the lyrics, coming up with a bridge (finally! 6 years without a bridge!) that I think might work. This morning I even went out to get batteries for my recorder. I didn't get them because I don't know how to pronounce 'batteries' in French, and staggered back, defeated, to my apartment in Paris.

I've told the story behind the song in multiple posts over the past 6 years, and we're coming up on asteroid appreciation day feb 29th, next year, and I don't have a plan or place for the party... and in part those stories are always about impossible co-incidences and weird stuff happening at all the same time...

I have NOT been paying attention to space stuff AT ALL for the last 9 months, being deeply immersed in bufferbloat. I even stopped reading the Arocket mailing list. I spent the weekend completely immersed in a set of algorithms that finally, finally might reduce latency over wireless to sane values once again, only to end up with one bug per line of code and multiple kernels that wouldn't boot. Never left the house all weekend. Still haven't made it to the louvre. Or anywhere else in paris but the LINCs lab. I'm insanely frustrated with this project.This morning at 12:40 AM I was ready to chuck it all and get on the next plane to anywhere that didn't have computers... but was stuck on thinking where on earth that might be, so I did a few other things about my stuck-ed-ness..

I haven't been reading the news, either, as news.google.com insists on coming up in French no matter what I do. I'm still stuck on the six different ways to pronounce 'e', in my French-english dictionary.

So, later this morning, in an impossible co-incidence, I meet someone who just spent the summer in Nicaragua, who points me at her huffpost article, and I send a link back to one of my adventures in australia which happened to be the last thing I'd written about this particular song... and happens to be about some weird coincidences in spite of my agnostic-ism...

And then... I notice... at the top of HER post...

Quarter mile wide asteroid to miss earth Tuesday.



Nerts. It's going to miss Texas. It almost hits the moon though! That would have been spectacular! And the article has quotes from Lance Benner who I've exchanged multiple emails with over the years, and I still point actively at the data he collects on plausible rendezvous trajectories...

Perhaps the universe is telling me something. About what, I don't know. Perhaps some sort of sacrifice to it is needed. Perhaps it - or something in it - needs attention.

Either I get back to recording this song or go back to work, or go for a rendezvous.

OK, I've googled for how to pronounce batteries. And I wonder what can rhyme with UV55?
PS: Boycott the Hôtel Ibis Sainte Catherine, Bruxelles  ¶ 5:46 AM 0 comments links to this post

  12 suggestions for startups

I'd written this months ago and meant to post it then. Having been through 14 startups now (of which 3 I started, 1 (none that I started) that worked out ok), I figure I have sufficient background to give advice... especially to myself. I tend to forget one or another of these points much to my own detriment, in the heat of creating a startup.

I keep forgetting to apply points 10 & 11 below to my own work. At present, I'm merely applying startup-like methods, some of which are working, some not, to a major R&D project. The number of points missing on the strategy are sometimes glaring - I merely want to fix a problem (bufferbloat) so well that it never bothers anybody again. As for profit motive, I have none - merely cutting my own annoyance level regarding the behavior of wireless networks back to "mellow", almost suffices.

12 suggestions for startups

1) Retain control. Most successful startups go through three rounds of
funding.

If done wrong, by the last round the founder(s) generally reduced to a tiny minority shareholding and have lost control of the company... and are usually forced out by the 4th round or IPO.

If done right, the founders retain 80% or more of the stock in the 3rd round.

I note that 9/10th of startups are not successful, and that a large percentage of the ones that 'make it' did so without benefiting the principals or employees to any real extent, only the VCs.

2) Paul graham is good. I'm a big fan. The ycombinator model appears to be working, but as to how much it meets goal 1, above, I currently have no insight.

3) Have a pitch, and a plan, pitch it often, *listen* to the responses and objections, and revise after every meeting. Don't be deterred by failure. Make sure your goals are shared with the people working with you, as well.

4) Selling something is great.

Selling something you can actually make and sell at a profit is vastly to be preferred.

5) Get to plausible promise before seeking any money at all. If you can't do a startup's initial development on what you already have, you can't afford to take risks of this size, and should stay gainfully employed at something else.

Once you start chasing money, chase it hard, chase it continously, get it in the bank, and spend it appropriately. While there is such a thing as 'too much money' while in growth mode, it's a nice problem to have.

6) Decide on your exit strategy early. "go public, "stay private", "make money for 5 years", "lose money for 5 years".

Cynically I note that you don't have to share your exit strategy with your employees or your investors.

It does help in planning and in motivating your people if you know what your exit strategy is - there are very different motivators for 'GOING IPO IN 2 YEARS' vs 'Make money, reliably, starting in 2 years', or 'provide a valuable service', or 'solve a global problem', and it changes the kind of people you get.

7) Incorporate early. Twice. The first company loses money, the second is in reserve. Both are handy to have around. Shell companies in particular establish credit that exists independent of your own income, over time.

It is best to have had a company around for 3+ years before starting to really use it.

If it were legal, given todays legal and tax environment, I'd incorporate kids at birth. As it is, at the moment I'd recommend incorporating 'em as soon as legal in Delaware rather than overseas. It really complicates you life unnecessarily. (that said, doing business with other businesses outside of the US is mildly easier, and shipping your kids overseas will give them a bigger picture than they can get in the US of world needs)

8) Get a good lawyer. Also, get a good accountant. Take the advice of both particularly as regards to points 5 and 6, not me! Two lawyers and two accountants are an even better idea. Bad lawyers and bad accountants have sunk more than a few startups.

Have a clear goal, corporate rules, etc, laid out, in a mission statement, etc.

I have no opinions regarding sub-s or LLCs. A few years back LLCs were all the rage. Talk to two lawyers and one accountant about it.

Regardless, you're going to lose money for a while. It's good to make that tax-deductable any way you can. Cash-flow will always be a problem, whether it's early days of no income or while facing unexpected growth.

9) Contract to hire. Never hire until you have to. The costs both of hiring someone and of firing them far outweigh the extra costs of paying contractors of various worthiness. Getting business insurance is a problem, getting health insurance is also a problem.

Limit your fixed commitments rigorously.

Contract yourself if you want. I use MBO partners for this - they get me a pair of 401ks, 1m in business insurance and take care of a ton of details that I don't want to, in exchange for 5% off the top of my billings (in the US) - where most agencies take 40%.

10) Recognize your own faults. If you are a detail person, get someone that can stay focused on the big picture. If you are a big picture person, get people that do details. If you can do both, do both, but on separate days. REMEMBER to do both, regularly.

(Being a detail person myself, I have to reset with long weekends periodically to review the mis-fired plans and replan. I've had to do a lot more of that this year, than I'd like)

In all cases, having a good and well enabled AA/secretary working for the CEO primarily is tremendously useful. Get stuff WRITTEN DOWN. (I use transcribr.com whenever possible)

Also having a good shared scheduling system is helpful. I could go on for pages here...

11) Set goals, and plan, rigorously, and both conservatively and optimistically. Revise your plan monthly. Software developers are notorious for over-estimating what can be done in a month, and underestimating what can be done in 2 years. Marketing guys are notorious for missing trends until they've already happened, and selling visions of things that can't be built by any software developer on the planet and promising them 'tomorrow'.

12) If you are risk-adverse, don't do a startup. By all means, DO! form a company to fund your own interests, and lose money with it profligately, it makes the IRS mad, and that's worth it in itself.

The seed capital to accomplish the starting procedures above is about $15k. Yearly, maintaining the corporations depends on your locality, but runs less than $1k each, accountant < $1k, lawyer less than $3k, and if you can't find a way to lose 3x that much money pre-tax on a regular basis to make up for it, see multiple points above.

Labels: startups

  ¶ 5:17 AM 0 comments links to this post

  Steve Jobs, RIP.

I am going to miss Steve Jobs. I'd admired/hated/loved/wanted to be like/unlike him for much of my adult life, and now that he's gone, I can't think of anyone else in the industry that could have stirred up such emotions and thoughts in me. He spoke well, here at Stanford. RIP, Steve. I intend to stay both hungry and foolish, for as long as I can, thanks to your inspiration.  ¶ 3:39 PM 2 comments links to this post

  Welcoming my father to the blogosphere

Ron Taht, my dad, is finally, blogging! My mom and I have been encouraging him for years to stop wasting his time with letters to the editor, which would - whenever published - always get published, truncated, with salient points removed.

A few months back I showed him how to use blogspot and finally - after a few false starts, he started generating some good stuff, at lengths more suitable to what he has to say.

I'd delighted to see him finally getting his full say - and while my dad and I don't see eye to eye on many things, he instilled in me a great love of debate, that I didn't exactly appreciate when I was younger, while I seeking moral guidance rather than debate. Back then, he'd always pick the opposite side of whatever I was thinking about, no matter what he actually thought, just to sharpen my wits (and leave me confused about, well, just about everything)

Now, after finishing his career as a prosecutor, lawyer, and judge, he speaks with conviction, about what he really thinks, and *I'm* the one that automatically picks the opposing side when discussing anything with him!

I'm very glad he's finally writing his stuff down, and speaking his true thoughts from his heart and mind.

He has tons of entertaining stories that I'd like him to blog about, too - fishing tales, golf stories, multiple episodes in court both tragic and funny, hysterical funny scenes from housing sales, and scary stuff from his prosecutor days...

But, as he's not much of a typist (as yet), he's primary writing about the issues that concern him now, deeply, about the current problems and future of America... and I find myself agreeing with him far more often than I'd like (or am willing to admit, while debating with him)

I hope for a big welcome from the blogosphere it's newest 75 year old member at ronsravings.blogspot.com, my dad, Ron Täht. Comments and criticism of what he's writing about will be deeply appreciated.  ¶ 10:22 AM 0 comments links to this post

  Any other musicians at linuxcon in Vancouver?

I was wondering if the old band could get together for the 20th anniversary... I've got the management behind borrowing the hyatt bar and the piano....

Labels: linuxcon vancouver

  ¶ 9:31 AM 0 comments links to this post

  Me, 46, Cerowrt - RC5

Usually I write a long, contemplative blog post on my b-day, but I simply haven't had time to gaze into my navel all that much.

I AM however, hoping that the RC5 candidate for CeroWrt proves out to be a good one, and begins to address the mistakes I made a decade ago, and mistakes everyone has been making since the 802.11n deployment.

I spent the last week with the incredibly helpful folk at ISC getting a lab put together to test this release of CeroWrt, and it's looking really good... but I did make the go/no go decision on a RC at 2:38 AM this morning, which worries me - but hopefully there will be few problems.

I'm hoping actually, for a dramatic difference in wireless network behavior for those giving the RC5 a test - certainly in testing I saw some of the cleanest TCP/IP streams I've seen all year.

I also look forward to people exploring all the new ideas inside of Cerowrt - DNSSEC, mesh networking, a local web server, etc, etc.

There are still a ton of bugs left to fix, but no priority ones, and that... is good enough to take a day off on, and enjoy wandering a park or two in california, and play some guitar. I'm off to Vancouver for a pair of conferences next - and I hope to stage a reunion from the band we played in, in Nicaragua - with the flautista, Angel, as well. Got a few new songs in my stack now, notably 'Please come to boston'.

So while blogging has been light, if I'm lucky, things will slow down enough for me to talk about what we've been up to for the last 8 months, and where we're going. Where I'm going next, after Canada... is Paris!

The greatest gift I've ever got for a birthday! - was the help of hundreds of people, all helping to fix, and finish the internet.

I'm in awe and delight. Thank you all, above!

Despite all that sentiment... First up this morning, on my list, is laundry.

Labels: cerowrt

  ¶ 10:33 AM 2 comments links to this post

  Battling the bloat

So, I've been so busy for the past few months as to have let multiple things slide. I've been all over the US - florida, Georgia, Pennsylvania, NJ, Boston, California, Georgia, and now, I am back in NJ, living out of a suitcase with increasingly irrelevant clothing for the weather.

I hope to jaunt to Europe next, after my billings catch up with me. Then back to Nicaragua.

On the minus side:

My main email went down for a month. I hardly noticed.
I completely forgot an important anniversary... for over a week. The lady involved is not speaking to me.

My laptop crashed 5 days after I'd used the USB stick I use for backups for something else.
I haven't checked my voicemail in a month, at least.

I got no exercise.

On the plus side:

Eric Raymond now has IPv6. So does Evan Hunt. Two down, several billion to go.

The latest and greatest bind9 - with dnssec support - is now available for openwrt in the Cerowrt git repository, for testing, as part of ISCWRT. DNSSEC is a mere 3 configuration commands away!

I gave a fairly well received talk at asilomar about the problems with the Net outside the USA.

I attended jim gettys' recent google tech talk, and breathed the same air as Vint Cerf.

The debloat-testing kernel now has most of the features we were trying to test (SFB,etc) , and it has been updated to 2.6.39.

There is now an extensively debloated (but not perfectly by a long shot) version of
openwrt - which also contains the critical stuff from debloat-testing, so we can test
end to end connectivity in all sorts of ways.

That release is entering the final stages of testing, and is codenamed, Capetown. It works on the netgear wndr3700v2, which is a wonderful piece of hardware.

And some routers using that are now up and running, capetown, South Africa, as part of the Bismark project, which I'll be helping out at through mid-august.

The last 4 weeks of my life I worked at a level I have not worked at since my late 20s.

I'm beat. And I'm taking the weekend off. Hopefully someone else will enjoy this stuff and put it to good use in their research into battling the bufferbloat problem.

Labels: bufferbloat

  ¶ 7:50 AM 0 comments links to this post

  Operator overload & nuclear troubles at Fukushima 1

I'd actually written my last blog post on monday, thinking it was tuesday, and wednesday in Japan. Shows how much sleep I've been getting.

The quality of media coverage has improved significantly, but the scope of the cascading failures at the Fukushima nuclear plants has grown - with secondary damage from the explosions and over 500 aftershocks in Japan complicating matters.

The original links I pointed to in my first post have been updated and revised, with MIT's department of nuclear energy doing a better job of filtering through the events involved than any other media organization.

MIT has not addressed the questions raised about the Mark I containment facility that concern me the greatest. I daren't speculate.

Several other aspects of the news coverage and analysis bother me:

A) lack of understanding of the effects of all those aftershocks, and for that matter, coverage seems to be limited to talking about the first quake, even on wikipedia. It's obvious that these had effects, in part, making post-quake inspection difficult.

B) lack of understanding that these were some of the oldest and most obsolete plants in the world, not just Japan. I keep seeing calls for increased safety, or damning nuclear plants for their lack thereof, when these were generation II plants, kept running long beyond their initial design life, due, in part, to the difficulty in getting new plants built.

Generation III+ plants such as the AP1000 have, for example, entirely passive cooling systems, and have safety ratings 1000+ times better than the Gen II plants did. Furthermore they use their fuel more efficently with less waste. Nuclear energy is much more well understood now, nearly 50 years after these plants were designed.

C) The on-going storage of the fuel rods - due to being unable to find another place to store them - is likely the largest danger now, as it appears as though at least one storage pool was damaged in one of the quakes and explosions.

Everybody - on all sides of the nuclear debate - agrees that continued storage of the fuel rods at the facilities was dangerous - and most facilities were not designed with long term storage in mind.

Now, that after the fact, the "out of sight, out of mind" nature of the ongoing storage of fuel rods in ad-hoc facilities in the presence of such debate has been exposed - perhaps some rational decisions about what to do with the spent fuel will emerge.

I doubt the US will become rational on this point anytime soon. I suspect Japan will become so. I also think we'll see a surge of interest in solar power worldwide.

D) with less than 50 operators on duty, that translates out to 12 or less operators managing the 4 reactors in trouble - I imagine that some of the additional failures since monday were in part caused by exaustion and overload, and the inattention to other pre-emergencies due to these factors. It's unclear how many people are monitoring plants 5 & 6.

One of the big causes of both prior major nuclear accidents was operator overload. Too many things beeping, and buzzing and alarms going off, and too much complexity in the control systems.

Future plants - if they are ever built - should have a good offsite management and monitoring facility inconceivable to those in the pre-computer design era.

For all that, I do wonder that the world-wide reaction is overblown. I can't imagine, were I in charge - not sending in every available qualified volunteer and resource available.

For all the worry reported in the press, this (via wikipedia as of about 10AM Wed MDT), remains true:

“To date, the radiation leaks beyond the plant's boundaries have not reached a level high enough to constitute any significant detriment to public health. However, there is still significant risk that a leak at levels high enough to affect public health may occur.”

E) There have been more than a few hair brained schemes floated to cool the reactor pools - for example, cooling the overheating fuel pools by dumping water via helicopter. Dumping water by helicopter cannot be done gently, and would release a great deal of radiation to the crews dropping it.

There is a huge amount of mis-information on the web regarding the deaths of the pilots that flew over Chernobyl, I've been unable to determine the truth of matters.

I find myself tearing up at the dedication of those working to stop an even worse nightmare not just at Fukushima, but throughout the country and the world. I wish I could help.

I also remain in awe and admiration at an high-tech engineering culture and country that could go through a disaster this size, and have under 20,000 dead.

Labels: Fukushima, japan quake, nuclear energy

  ¶ 9:39 AM 0 comments links to this post

  bad wednesday for nukes in japan...

after my last blog entry, lots of bad, scary information came to light, 2 more reactors ended up with more problems than the first two.

Notably, the presence of spent fuel rods onsite and old flaws in the mark 1 containment system led to my greater concern, particularly after more hydrogen explosions damaged the surrounding area.

According to wikipedia, after a fire at reactor 4, hourly radiation reached 100 000 μSv. That's a big number. A scary, bad, number. But not a (rapidly) deadly number. Reactor unit 3 reached 400,000 μSv. Why people are reporting micro (10^-6)rather than milla (10^-3) bothers me,

Years ago, I wrote about the dangers of running nuclear plants past their design life. Now, with accident cascading into accident, the operators are tiring and making mistakes, and all seems grim in Japan to constrain meltdowns in several plants.

My heart goes out to those attempting repairs. Things may turn for the worse as it gets tougher to spend time at the site, safely.

Update: Wednesday 8AM MDT

I'd written this blog entry on monday, actually, thinking it was tuesday in the US and wednesday in Japan. Shows how much sleep I've been getting.

Labels: japan quake, nuclear energy

  ¶ 11:19 PM 0 comments links to this post

  Heroic civil engineering and disaster planning in Japan

Shortly after I'd written a piece on my other blog about the amazing successes of civil engineering in Japan to withstand the 8.9 earthquake vs previous disasters, I got wind of another piece that was written by someone IN japan that goes into more and better detail overall, and a third, that talks clearly to the nuclear issues.

Universally - wikipedia and the bloggers have beat the conventional press hands down for accuracy on this nightmare. It's too bad that everything that hit print thus far is so off.

Labels: earthquake

  ¶ 11:52 AM 0 comments links to this post

  Beating Our bloat

At my brother's wedding last week (way to go Steve!), one of his friends noted I had stopped blogging... instead, I've been making serious progress on this New Years resolution:

Collaborate more. Make a stronger effort to find people worth collaborating with. Use email more. Use usenet again. Push into the mainstream more patches - but logout at the end of the day - create some music.

Back in mid-November I'd first caught wind of bufferbloat from Jim Gettys' blog.

At first I was merely intrigued...

I had seen the kinds of TCP traces jg was getting while I was in Nicaragua (working on the wisp6 greenfield wireless mesh network), and in several cybercafes and hotels. I'd assumed then it was merely the tin cans and string connecting Nica to the rest of the world. I'd seen traces like this, in particular, a lot:



I didn't understand the effects on TCP of bufferbloat until I saw his traces and then his more detailed analysis with different tools.

This is a normal TCP trace:



This is a bufferbloated TCP trace:



It looks like an EKG on crack! (That's what Steve Lord called it, anyway). I envision this picture on a milk carton, with the caption:

"Have you seen this trace?

Login to bufferbloat.net to learn how to fix it..."

I got interested.

So, I re-ran his experiments, against the wisp6 router testbed. The results, under bad conditions (heavy rain), were horrifying.... 10s of seconds of delay in the routers (!@#@!#!)... and explained why NTP, DNS, ND, DHCP, and most other traffic had stopped working under those conditions.

Still, even at this point (late December), I thought it was a local, device specific, problem. I did a little patch to those routers and fixed it, (but good!) and went on my merry way, trying to cope with my other wisp6 problems of autoconfiguration, ipv4 in 6 encapsulation, ipsec, mtu size...

Then I saw the netanylzr data and watched and listened to jim's presentation about 3 times...



The diagonal lines are showing latencies - across paths that should be taking under 100ms to do anything - all over the world - measured in SECONDS.

I realized, finally, it wasn't just me and my devices and my little network in Nicaragua.

Bufferbloat was a global internet-wide problem, one probably growing worse, rapidly.

I got alarmed. If NTP, DNS, DHCP, ND, etc., start breaking we're in a world of hurt, but if TCP/IP starts breaking worse really bad things will happen...

I emailed Jim Gettys on January 10th about the mis-understandings thus far in the press that I'd been trying to correct, and volunteered to donate a pair of servers that I had lying around, and maybe write an article about traffic shaping... he told me I was exactly correct in my own analysis...

I'd met him a couple of times, we'd worked on the same stuff, like handhelds.org, X11, and OLPC...

...and so I found myself instead hacking ruby and redmine, getting multiple servers running, using my rock and roll promotion skills to get people all over the world in disparate disciplines involved, hacking kernels, fiddling with AQMs and new algorithms, reading 70+ theoretical papers, writing multiple pieces and wiki pages, making deals, swapping services, picking up dropped balls, making a ton of phone calls and exhausting my personal email address book to get bufferbloat.net to be a real, functioning entity, with developers, theorists and users from all over the world, and not a talk shop.

And the rest, is history in the making.

I still haven't got around to writing the piece about traffic shaping.

Basically, Bufferbloat (see FAQ) is a new name for an old problem (RFC 970) that has gradually been re-introduced over the last 10 years. It's especially bad in cable modems, 802.11n gear, FIOS, but also can be seen in just about anything that has a wide dynamic range (GigE switches hat do 100Mbit). It's bad, it's ugly, it's screwing up the Net, big time, and it's just a mistake that we've (as engineers and network designers) have all been making for a long time...

Head. Desk. Head. Desk. Head. Desk.

The Bufferbloat problem is almost as bad as Y2k... And more solvable. It's just that the Internet is so much bigger now than in 1999 that is intimidating. More cell phones are being added to the Internet every quarter than we had total users in 1999. There's also a persistent fear that it will get much worse, before it gets better.

So we've been lining up people to fix it ever since.

While doing all that, along the way, I came up with a good idea for a cosmic background bufferbloat detector that was extensively discussed on usenet, and the bufferbloat mailing list. Nobody found any holes in the concept which means (darn it) I'm going to have to code it up - or convince someone else to do so.

Good stuff keeps happening... there are nearly 200 members of the bloat mailing list now, John Linville just released a debloat-testing kernel containing not only a new algorithm (eBDP) for wireless, but two new AQMs and some driver patches. Doc Searls graciously loaned me his column for an editorial in Linux Journal's upcoming June issue... Vint Cerf loaned Jim Gettys his column for IEEE computer (due out in a few days), multiple other writers have chipped in... Theorists, coders, cats and dogs, all talking to one another on the mailing lists...

About the only flaw in all this activity of mine is that I've been so buried by it all as to stop blogging!! The effort required to write something for a more general audience is so much greater than carrying out conversations with the people I'm collaborating with presently on email and irc that I've stopped journaling entirely. I'm trying to fix that today, a little.

I've learnt that while journaling/blogging is important, even necessary, to the writer and his/her creative process, writing the history down behind the writing matters to no-one else. (I'm journaling today so that I can remember the timelines here)

Also, cutting the history from the finished work helps a lot. I just learned this trick from esr, who has also taken time out on irc to teach me more about writing in the last 2 months than I've learned in 10 years of blogging. (It also took 5 other polished writers - Evan Hunt, Bill Weinberg, Richard Pitt, & Jim Gettys, to tell me in no uncertain terms that I was doing some things wrong - for it to register. I've undergone a writerly "intervention". It was painful, but I'll survive)

I wish now, that I'd opened up my writing to a writers cabal 25 years ago, or earlier. I might have got a few books done by now.

Tomorrow (wednesday) I'm in open-to-all VOIP conference call about bufferbloat, with the freeswitch folk. Please join the call to hear more. Or check out bufferbloat.net.

After I gave up on SIP based VOIP (after working on it for 6 years), and gave my last presentation on it, in 2006, at Astricon, I'd had no idea then that a goodly portion of the problems I'd had with SIP were tied to bufferbloat. No idea what-so-ever.

Solutions seem feasible, across the Internet, for a whole new level of interactive applications after we get bufferbloat fixed. SIP phones now do IPv6, which solves a lot of problems, too. I'm seriously encouraged.

Sometimes it takes giving up on something, utterly, in order to make progress. It's been a zen 2011 that way. And also resolving to actually resolve your new years resolutions - works too.

All this said, I'm going to take a break from all this soon and write a bit about listening to, and making great music, and about an old, cherished concept of mine (and jeff stram's) called the jam-o-phone.

Labels: bufferbloat

  ¶ 7:07 AM 0 comments links to this post

  2010 - A Very Hard Year, thankfully over

It was the best of times, it was the worst of times..

In 2010:

My wisp6 project got close to completion. I'm still writing it up. That's going to take months. I find myself fixing bugs, and working on the technical problems I'd encountered, like bufferbloat, far more than the write-up.

In April the Survivor TV show rented my house in Nicaragua out from under me - killing the album I was recording there with the Pobrecitos AND the wisp6 project. The property dispute related to that house cost me a lot of hair, weight, money, and friendships. It was a massive no-win scenario, there was no way I could make anyone on any side happy, including myself. I don't think I'll ever be able to write up what happened in those final weeks before survivor hit town; it's still too painful. Maybe I could fictionalize it and deal with my demons that way.

The result of that stress got me down to 180 pounds, finally, from about 190. It's about the right weight for me. I got hypoglycemic, but looked good, especially for a 45 year old. I was already in the best shape I'd been in in a decade. I swam for hours each day at that house. I miss the 2AM swims the most - far better than sleeping pills!

At the start of the year I'd ended a relationship that wasn't working. I feel very lost without a better half, but was even more lost with a worse half.

I left Nicaragua, looking and feeling about 80 years old. I don't even remember the month now. May?

I took a grand (train) tour of the US to calm down and get my bearings. I went from a crashing two month low to a really wild engagement party - I met up with a zillion old friends! and inside of a few weeks - although still very tweaked overall - was feeling much better - but it wasn't until August before I even felt halfway normal - and bad stuff kept happening. In particular, I got slammed with an 270k overdue tax bill (since cut to 24k after spending months finding and then filing the paperwork). The government still has the entire contents of my savings account, however. I shan't ever see it back.

I reconnected with a lot of old friends, helped a few out of trouble, and met in person net-friends and net-family I'd actually never met in person.

I fell into a brief love affair with my Android phone. It's broken now, and I don't care.

I looked for a new place to live and settled on trying out Colorado, if I decided to return to the US.

In August, some work I did 12 years ago turned out to be more important than I thought. I got in trouble for writing about it, too. I was asked to take the piece down. I didn't. A small rebellion, to be sure.

Prior to the tax bill I was planning to return to the wisp6 project, now I can't, except at a low, background level.

In September - during the rainy season, the worst time of year - I went back to Nicaragua.

I debated long and hard about sticking it out, about resuming my projects, about restarting my life there...

In the end, I packed up or gave away most of my stuff, said goodbye to everyone, had one last - perfect - surfing session. A lot of people I know there had already left for gr$$ner pastures, too. Survivor brought on a sea change.

I quit a gig that conflicted too much with my conscience, and lost another friendship due to that. I'd taken money and hardware for the job, and ended up giving all that way. My conscience remains conflicted.

I returned to the US with nothing but a suitcase, laptop, guitar, and a broken heart.

I erased the 60,000 words of the book I'm never going to finish in a fit of pique. I'm GLAD it's gone, I can think up new things with what I learned while failing to write it.

I didn't surf enough last year. I didn't play enough music, either. The band I'd been in broke up the year before, and I'd loaned out my bass on what ended up a permanent basis, and without that, my skills slipped.

I wrote two pieces of new software, gnugol and cryptolisting. Gnugol is shaping up nicely and a couple friends are helping out. I am loving working with other people with complementary skills, and getting complementary feedback.

I switched to a new blogging system, and went back to Emacs for as much work as possible. My productivity seems to be improving.

The week I arrived in Colorado I had a shot at good jobs at two big companies, but couldn't bring myself to sign the NDAs they had for the mere interviews. The legal language was genuinely frightening! There's too much left I want to write about and publish to cope with having a gag across my mouth and mind. I think I'm stuck at being a consultant for small firms; where I can negotiate a fair NDA - at least in the US, the IP regime has become impossible to deal with. The opportunities crossing my desk lately have been really trivial and un-interesting. Not for the first time, I'm going to have to make up my own gig, or find a way of promoting what I'm interested in doing out wide enough to find a match.

On the whole, this was probably the fourth most stressful year I've ever had. I went from the high of near success with wisp6 to a totally out of the blue and sideswiped by a reality (show) low. From happy and healthy and productive to vibrating all over the place.

I made many bad decisions this year. I've dwelt on them a lot more than I would have liked, too. If I could have the last 18 months or so back, I'd have done something totally different.

Right now I'm not adjusting to the cold of Colorado well, and lacking a car, can't go anywhere on a whim. It was easy - even pleasant - to walk 6km in Nica - not so much here. I'm back up to 200lbs...

I'm glad this past year is over. There were so many things I didn't finish - what I regret most was only getting halfway through that album, even more than wisp6. There's no way to finish - or even restart it, now.

I have no idea what will happen next year! It's a blank page!

At least, I survived survivor. I'm paying down debt and working towards having options. I'm enjoying coding up gnugol. I'm (badly) coping with the irony of having a great protools studio downstairs and not having except my (admittedly great) roomate to play with. It still hurts too much to listen to the half mixed record I will never finish.

I miss Nicaragua and my friends there a lot, and yet I think I'd like to try somewhere else, perhaps Brazil, or Spain, whenever I can find a way to do it. I feel like my time, healthy, on this planet, is getting short. I want to spend more time with friends and family, and less time with computers, and see more of the Real World, with my own eyes.

My New Years Resolutions thus far:

When faced with a difficult decision: sleep on it, write it out, get independent advice. If people pressure me to do what they want, and want an answer now, they're probably on the wrong side of the issue: Say no, more often, sooner, not “maybe”.

Collaborate more. Make a stronger effort to find people worth collaborating with. Use email more. Use usenet again. Push into the mainstream more patches - but logout at the end of the day - create some music.

Learn some more (Filk) songs on guitar. Work on the hard parts (drum tracks, mostly) and get them nailed.

In the late winter, take a trip, maybe go to a SF con, maybe go east, maybe go west, maybe go south.

Go skiing, once, to see if I still like it.

Finish something - anything - so that I'm totally happy with it.

Live as simply as possible. Love, learn, and be honest and true to myself.

Say less, and listen more.

Stay alert for new opportunities. Or make some.

Pay attention to the results of the Dawn mission.

Have a happy new year, everyone!

(even those that have been acting http://www.alternet.org/story/149369/8_smears_and_misconceptions_about_wikileaks_spread_by_the_media/?page=entirelike tools in the wikileaks saga)  ¶ 9:35 AM 0 comments links to this post

  So what else happened during the info-skirmish?

Was a week long wonder, or something else?
The week of wikileaks saw “revealed wrongdoing, war crimes, corruption, hypocrisy, greed, espionage, double-dealing and the cynical exercise of power on a wondrous scale.”. And that was just the cables!

While the weapons of mass distraction were deployed: the US passed a hotly contested budget deal, which reinstated a less regressive estate tax. I wonder if anyone managed to actually read the bill in its final form?

Also, the Federal Reserve data dump took back seat to all the other news. What else did we miss, I wonder?

The climate talks concluded in Cancun, google released Culturnomics.

The launch of the space shuttle was pushed back 2 months.

The falcon 9 made orbit, and it's capsule, Dragon, landed, successfully, after two orbits. The coolest thing about that was Marty Anderson's *overnight* repair of a cracked nozzle skirt.

Labels: banking, space, wikileaks

  ¶ 3:43 PM 0 comments links to this post

  Some notes from the infowar

I've been watching with horrified fascination the entire wikileaks thing, and taking notes all week, instead of getting anything done. Rather than just keep accumulating notes I'm just going to post this article as is and if anyone has constructive suggestions or good links to add, please comment.

Weapons of mass distraction, unleashed

As I write, there's over 13000 articles on wikileaks on news.google.com. It's damned difficult to find any that are actually about the leaks!!

Here's some pointers to the actual journalists's series reporting on the actual CONTENTS of the wikileaks cables:

* http://www.guardian.co.uk/world/the-us-embassy-cables The guardian cables.
* http://www.nytimes.com/interactive/world/statessecrets.html NY Times "State Secrets"
* http://www.spiegel.de/international/topic/wikileaks/ Der Spiegel (in english)
* http://www.elpais.com/documentossecretos/ El Pais (a chance to exercise mí Español or google translate)

And some knowledgeable journals have set up sites to discuss the issues.

http://wikileaks.foreignpolicy.com/ Foreign Policy (I found their investigation into the Zimbabwe diamond racket fascinating.

And then there's the previous War Logs analysis by the NY times, which I hadn't read before now.

I am delighted that some of the above have RSS feeds, so that I can subscribe to the content, and not the noise. (Getting this blog entry into a web format rather than an RSS format is proving a problem! I've basically had to abandon the web to stay on top of things)

I really miss netnews. Issues were categorized into topics and anyone wanting to read or post something on that topic did. You could implement - on your own machine/account, a filtering mechanism that rated the authors of the posts, so you could filter them up or down for factual-ism or bias. It was called scoring - and that's difficult to do on the web. The current architecture of twitterers and followers and fans is not as good.

There's also been some very interesting stuff from the horses' mouth:

http://www.commondreams.org/view/2010/12/07-1 Assange's editorial in the Australian, or the interview in Time.

And there has been some truly compelling commentary -

Glenn Greenwald in particular, here, and especially here, but also the Harvard Business review, and mother jones and the New American. I freely admit that this paragraph of links conforms to my own biases, however:

I try really hard to read original sources, and not the extracts and analysis repeated by talking heads, I only read newspapers and news-magazines and bloggers that have an open commenting policy (often the comments are better than the news!), and also turn to wikipedia's talk pages to try and gain real insight into the debate inside of presenting an issue.

I also try very hard to compare the news with my direct experience. For example I saw clear signs of a DDoS in Nicaragua at the time of "suicide" of Managua's mayor, and learned yesterday (via the wikileaks cables) that my private opinion of the Hondouras Coup may have been correct.

Lastly, I try to avoid groupthink myself by going to sites that I know hold opposing philosophies, such as redstate. I always come back from that pretty shaken, with a need both to recheck my facts, and take a shower, and sometimes, comment myself - but usually that's in such a poisonous atmosphere that sustained participation proves impossible. I'm still nerving myself up to make a comment about how good current cryptography is, over there.

Even with all those critical methods in place, I find it really hard to separate fact from opinion! I owe a big thanks to my reliable commenters to straighten me out when I go off half cocked.

These methods don't help those that still read paper, or watch TV news, they are all victimized by what I call the meme war: the quest, by all media, for a simple, convincing phrase that jams a complex issue into a pre-biased word-bucket.

The meme war has been going on, and escalating, ever since the invention of mass media.

99% of modern “journalism”, via mass media, seems to involves capitalizing on a key phrase and then endless repetition thereof.

Conventional media - particularly broadcast media - only has a fixed amount of words to fit any issue into - and no feedback mechanism exists besides the long, slow process of a letter to the editor, and the occasional printed retraction.

So we see, over time, various sides of an issue testing new phrases out on the public, and seeing what sticks, then repeating it endlessly as a substitute for refer-ing to original sources or a quest for the truth. So far I've seen "whistleblowing web site" mostly replaced and “hactivist” now competing with “terrorist”, and numerous other examples of a loaded word in nearly every article I read about the controversies.

As soon as you tag a noun with a loaded phrase, pre-thinking happens. The weapons of mass distraction still work, really, really well, and I hate that.

Simultaneously with all this nonsense going on is a giant budget deal with congress, huge revelations about the Federal Reserve, and no doubt other news that has been buried by the WMDs in play this week.

Keeping score on the infowar

Netcraft is tracking uptimes for afflicted sites.
Leakylinks reports, as I write this, that there are over 1411 sites successfully mirroring wikileaks, and over 14 DNS mirrors.
Paypal released wikileaks funds.
EasyDNS - after being mistakenly targeted by a DDos attack, decided to supply DNS to wikileaks, when asked. They say their customers love it.
2600 has come out with a well defined position.

On the Mass replication of wikileaks

Massive replication of network links and data was part of the Internet's original design - it's the only way to be nuclear war-proof - and as a side effect of that we got freedom of speech. And spam. And DDoses. It's not a perfect world!!, but I note that it is possible to build up your organizations infrastructure - whether you are a small or large business, to where you can serve your customers better in the general case. If you host your own DNS - have many copies - distribute your data regionally - and internationally - you can serve up more data, faster, with less latency, and less catastrophic failure modes - whether they be power failures, incompetency, someone with a backhoe in the wrong place, or a DDos,

Replicating services regionally is something that those afflicted by Anonymous - OR those that fear government sanction - or simply want to build a better service, would do well to emulate.

Other news organizations should explore the benefits of torrents and tor to see if they reach new markets, for example, beyond the great firewall.

One of the grave difficulties in doing data replication is that web content today is difficult with the complexity of the presentation stack - you need a database, a web server, some sort of dynamic content language, javascript, and and a horde of other specific tools.

Serving static content requires 1/1000th the resources a modern web site requires, for 90% of the functionality. It's why wikileaks is no longer a mediawiki. We'd be burning a lot less electrons and buying a lot less servers with more static content.

Cloud computing

I've been really critical of the cloud in the weeks prior to this, long before I ever heard of wikileaks. Now it sounds like a few others are "getting it", talking about the privacy of medical records, for example. There was a good piece that I can't find right now about localizing records like this.

I was unaware, until now, that the HITECH Act gives doctors $44,000 over five years to establish electronic health records.

I'm a strong advocate of privacy and security for everyone - and technologies like pgp and otr and distributed databases are some of the means to get that.

The DDoses

One overwhelming early narrative is that "wikileaks was under attack by hackers". That narrative was started by wikileaks themselves and picked up, without question, by every piece of news media out there.

What hackers? Whose hackers?

For over a decade now, I've figured any government worth its salt has been participating in a covert cyber-war, with multiple levels of plausible deniability. I can also imagine useful idiots, criminals, and cannon fodder on all sides with their bot-nets at the ready, ready to participate in whatever crazy idea a charismatic or well funded person or organization or government might come up with.

No hacker organization behind the attacks on wikileaks has come forward with the exception of a poser - So who attacked wikileaks? Is anyone investigating that?

Update: PLEASE NOTE: I am mortally opposed to the use of DDoS attacks for any purpose, by anyone. If technologically feasible I would deny this avenue of attack or protest to everyone -

Unfortunately, botnets remain a fact of life, and will remain so so long as insecure systems like Windows continue to exist, and third party apps like flash contain holes you can drive a truck through, and clouds remain cheap. I've been encouraging users for 20+ years now to be aware of security concerns, to not click on shiny objects, install and keep updated virus checkers, run adblock+ and noscript, and install Linux over their old Windows partition, or to switch to Macs... without much success.

On maintaining secrecy

Gary Warner (a very smart security guy) has one of the more cogent descriptions of information security lessons learned so far:

We can agree to disagree on whether Manning is a Patriot, an Anarchist, or a Traitor, but the important outcome of any event of this nature is that we document our Lessons Learned.

* Consider your own Information Collection in your workplace.
* What are the "Categories of Information" and how is access to those categories assigned?
* Within each area what are the "Sensitivity Levels" or "Classification" of that data?
* What is a "reasonable volume" for accessing data in each of those categories and classes?
* Perhaps most importantly, who is in charge of monitoring access to those categories of information, and how are "alarms" set when a category, class, or volume condition is reached?

Lastly...

Here's a plug for the often overworked, overtired, and certainly mis-understood security professionals and software engineers that have been working their asses off for decades to protect the computers of their friends, families, companies, organizations and governments from script kiddies, spam, and internet AND political attacks. 99.99999% of them are white hats, neutral - acting to keep the internet open for all. They defend, rather than attack. They work in an extremely complex, dynamic field.

It's a really high-stress job - it involves high tech skills, and eternal vigilance, with no upside - you get no respect or recognition if you do your job well, and take the rap if you get beat. Getting beat involves high stakes, too.

I used to do that for a living, until it burned me out. Defending against attacks and abuse like the "Ping Of death", etc, has cost me a lot of hair, and a lot of sleep. Instead of being on the front lines of defense, I merely observe them now. I have been working on new protocols (ipv6, sctp, hip) that I hope won't have the problems that the current Internet has. I'm not too hopeful about that, but to not try, would be to fail.

I'm very glad there are still people working hard at defending all our systems, technical, and legal. Otherwise, we wouldn't be having this conversation right now.

I'm also glad that, despite all the other weapons of mass distraction deployed this week, that spacex had a perfect launch and recovery yesterday.

I'm going back to work. (While researching new ways to defend and improve the systems of myself and clients, I discovered that - maybe - maybe- a key argument in the net neutrality problem was technical rather than political. It's called bufferbloat. I'm fiddling with the idea now)

Lastly (Really!), Laughter

Some outrages are best met with a giant belly laugh and outright ridicule. Here's a hysterical (and TOTALLY NSFW - oh, the irony!) defense of the first amendment. In response to homeland security doing a deal for an anti-terrorist campaign inside of wallmart, here's this response.

Seriously... going back to work now.

well, this presentation on how good modern humans really have it cheered me up enormously.

Update 2 (friday morning): I just realized I was deploying weapons of mass distraction on myself. ah, well, sometimes you have to let the world take care of itself for a while. I'm going to TRY to not look at any wikileaks output until tonight.

Labels: meme war, wikileaks

  ¶ 7:03 AM 1 comments links to this post

  Practiciing safe hex

Note to future possessors of crippling government documents: it would be best to practice safe hex. Or to be a monk.

Update: to be fairer to all sides, this deserves some thought, as does this.

And to be snarky, the king of Sweden has had a really great time on the public dime.

Labels: meme war

  ¶ 3:36 AM 1 comments links to this post

  The new social contract

There's an overriding law in the land now, the "End user services agreement", the EULA. Being accused of violating one is enough to see your service cut off.

Non-disclosure agreements and employment contracts are truly frightening things. Mortgage agreements are stacks of paper 6 inches high. The size of the federal register, I try not to think about.

I try not to think about all the EULAs I've clicked on, without reading, in order to use a valuable service. Somewhere in the (must be hundreds, by now) of the end user agreements I've had to navigate, I've probably clicked away the rights to my first-born, and any unique idea I'll ever have, should it prove profitable, my right to my last name, and god knows what else.

I took time out to read the few agreements I'm knowingly subject to this morning, that violating in any way would impact my ability to function in America.

I don't read patents, in the normal case, because of the triple damages rule, and because I find reading them very depressing. Every time I'm exposed to one, I'm non-productive for months.

Comcast

I started my morning's reading with Comcast. I wasn't aware of this clause, until this morning:

“10.2 Comcast may update the use policies from time to time, and such updates shall be deemed effective seven (7) days after the update is posted online, with or without actual notice to Customer. Accordingly, Customer should check the above web addresses (or the applicable successor URLs) on a regular basis to ensure that its activities conform to the most current version of the use policies.”

Comcast terms of service are 17 pages long. They just released an update to the terms of service on 10/25/10, which added the following clarifications to their agreement:

* The Service cannot be resold or otherwise made available to anyone on the Premises or outside the Premises (i.e. wi-fi, "hotspots", or other methods of networking), directly or indirectly, unless done with Comcast’s written approval in accordance with an applicable Service plan.

* The Service cannot be made available to anyone other than you or your authorized employees or contractors unless done with Comcast’s written approval in accordance with an applicable Service plan.

* The Service cannot be used to send unsolicited bulk or commercial messages or "spam" in violation of the law.

* The Service cannot be used to run servers unless you have selected a Service plan which includes a static or statically assigned IP address.

* If you have selected a Service plan with a static or statically assigned IP address, the Service can be used to host a public website.

It's nice of them that running your own web server is expressly allowed, and I wholeheartedly approve of the anti-spam proviso. It's worrisome that running any other kind of server is expressly left a little vague, even if you have rented a static IP address. It's clear that - at least at present - I can run my own DNS and chat servers. :whew:.

But, at a stroke, they've banned wifi coffee shops and throwing a 12 dollar cat5e cable over to my neighbor to share internet service. Routing ipv6 around town with my nifty new meshed nanostation M5 radios... looks impossible. I wonder how airstream wireless, in Australia, and the various mesh networks in Europe are managing to innovate around restrictions like these? Do they have similar EULAs to deal with?

For "normal" comcast cyberserfs, it appears that many (most?) people are violating the comcast terms of service as they stand today. Anybody that uses dynamic DNS, or a squeezebox server, even a fileserver, seems expressly forbidden now. Is it against the new terms of service to have ANY other kind of server in your house if you don't have a static IP?

There's a special set of rules for teleworkers. I'm not sure what they are, because they aren't online. You have to call to get them.

If you want merely a job interview with comcast, you gotta sign an insanely restrictive NDA. Without a signature, there's no interview, and there's NO negotiation over the terms. After seeing their just-for-a-job-interview-NDA I'm sure their employment contracts make slavery or working in the food service industry look like a more appealing option.

Google

At least in mid 2007, Google would let you get away with not signing a NDA for the job interview, as C Scott Ananian fully documented his discomfort and experience at signing that one. He evidently didn't get the job, but at least he can still talk about technology, including google, at a deep level.

Google maps' terms of service are not horrible.

THEN there's google's terms of service for using their search API, which I'll talk to at another time.

Craigslist

Craigslist terms of use, um, makes my brain dump core.

I'm aware that the vast majority of provisos in all these agreements are rarely enforced, and are there primarily to cover corporate arses, but I'd like there to be AT LEAST the following things addressed in America's corporate culture:

1) All basic legal agreements (interview, employment NDAs, employment contracts, EULAs) posted online as a condition of being allowed to function as a corporation... people need to know what they are getting into.

2) There be some attempt at thoroughly vetting these vs a vs the actual laws of the land so people like me, without full knowledge of the law, do not have to be attached to a lawyer at the hip everywhere we go...

3) and some attempt at commonality, of thorough vetting by independent organisations - that would reduce the reams of paperwork regarding using any new service or signing any corporate contract to something sane. I'd like STANDARDs for contracts, in other words. A consumer reports for contracts. Something like that.

Personally,

4) I'd like, by law, that ALL NDAs in particular, should EXPIRE in a reasonable time - like, 3-5 years - except where national security is concerned, which should be more like 10-20 years.

5) Contracts should not be able to be changed on a whim and forward updating changes accepted as part of the contract.

I run Linux, exclusively, these days, because the terms of service in the Microsoft EULA are unacceptible to me, as are most Microsoft based products. I understand how the various licensing schemes Linux uses work - there's only about a dozen - very vetted by various court decisions - that I can rely on, and trust.

The one piece of commercial Linux software I have - fully paid for - is the cepstral speech synthesizer. After reading their agreement today, it looks like I can't distribute an example of the cool way how I use speech synthesis with my email notification system, which is too bad, I've been meaning to do that...

I don't know if there was an age, ever, where legal agreements so cluttered one's mental landscape. All I have is a distant memory of loyalty oaths during the McCarthy era. Now, THAT, was a simpler time.

After having my eyes glaze over on the first 120 pages of agreements today I decided to not look at blogger's and just post this piece. I remember reading blogger's EULA 8 years ago, and it didn't have a clause in it that required I read it again, then.

All my NDAs, except one of dubious enforcability, have expired. I'm glad of that. The EULAs though, are beginning to bother me.

Labels: law, patents

  ¶ 10:28 AM 1 comments links to this post

  wikileaks investigations from overseas

I am really saddened that I have to get most of my journalism into the latest crop of wikileaks from overseas.

Labels: meme war

  ¶ 9:33 AM 0 comments links to this post

  Wikileaks reduced to an IP address overseas

At first I thought wikileaks' loss of their .org domain either a convenient excuse or an example of technical incompetence. I mean, if a DDoS could take out the .org root there is something seriously wrong with the people running it.

It turned out that wikileaks wasn't running their own DNS servers, but relying on the free US based service, EveryDNS to propagate their IP addresses. IF wikileaks was using their own DNS servers, and merely using a primary .org as the root, they'd be able to not only lower the load on any given root server - but be able to tackle and analyse the sources of the DDoS attacks on their own, which I think would be a very interesting investigation in and of itself. I'd like very much to see the sources of the DDoS published.

John Gilmore famously wrote, in 1993, “The Net views censorship as damage, and routes around it.”

That was in an age of Netnews, where tens of thousands of copies of any given message existed on tens of thousands of servers distributed throughout the world, managed by a network of volunteers, and the contents, more or less - covered by common carrier law. The Net, then, as we knew it - was impossible to censor.

What we call the cloud today is very weak in comparison to netnews, and putting your data in the cloud is subject to arbitrary constraints.

In our new, golden age of the web based internet, information tends to reside in one place, on only a few IP addresses, where the loss of DNS or web services is crippling. The Streisand Effect is no longer as effective as it used to be, particularly with the infrastructure required to build a modern website in early 2000's style - php, database backends, etc, etc.

I remained puzzled as to why wikileaks isn't using (whats left of) netnews, and rss, and tor (.onion), using blogger and things like github, and opennic to get their information out, and also putting up mirrors on IPv6, and signing up volunteer mirror DNS and web sites left and right. I don't know how their site is designed but it should be shipping out static html via some non-interactive wiki compiler and a database that's duplicable and other easily mirrored techniques like that to lighten the server load and make DDoS attacks less feasible.

Update: Since writing this post I've discovered that there are now a LOT of sites mirroring wikileaks. Here's one. Another site documents many more mirrors as well as a tor (only findable if you install tor) and freenet site. Still..

The 80 cable-a-day format of wikileaks's current strategy would be perfect for highly entertaining netnews newsfeed, actually, but I don't know if what is left of the netnews network can still function, or if anybody but me still reads it. RSS would be highly distributable as well, with a bunch of mirror sites signed up. I'm glad twitter exists, but netnews would be better.

While I have deeply mixed feelings about the content of wikileak's current stash, and feel the timing of the release is being used for other purposes (or, worse, is all the hoo-rah a distraction to take away attention from the shenanigans at the federal reserve? or the 9.8% jobless rate?), I feel wikileaks has brought good information to light in the past, and more is promised for the future...

...and I wish more of the Net story was about the content of the cables, rather than wikileaks's battle to stay online, and about how censorship, of any kind, is a bad thing, for all citizens of the world.

I can forgive EveryDNS for bailing on providing services to wikileaks, as they were working for free - but not Amazon.

EveryDNS posted yesterday:

Wikileaks's services were terminated for violation of the provision which states that "Member shall not interfere with another Member's use and enjoyment of the Service or another entity's use and enjoyment of similar services." The interference at issues arises from the fact that wikileaks.org has become the target of multiple distributed denial of service (DDOS) attacks. These attacks have, and future attacks would, threaten the stability of the EveryDNS.net infrastructure, which enables access to almost 500,000 other websites.

BUT As for this level of doublespeak from my own government:

R. CROWLEY: The official position of the United States Government and the State Department has not changed. We value a vibrant, active, aggressive media. It is important to the development of civil society in this country and around the world. Our views have not changed, even if occasionally there are activities which we think are unhelpful and potentially harmful.

QUESTION: Do you know if the State Department regards WikiLeaks as a media organization?

MR. CROWLEY: No. We do not.

QUESTION: And why not?

MR. CROWLEY: WikiLeaks is not a media organization. That is our view.

I would love for the state department to define what, exactly, IS, a media organization... or when it is, or isn't.

In our increasingly Orwellian world, I still (barely) remember the history of and ultimate fate of paranoia.com.

Bonus link: Glenn Greenwald, in full flower.

“...any attempt by political officials to start blocking Americans' access to political content on the Internet ought to provoke serious uproar and unrest...”

Update II: I feel remiss in talking about the controversy rather than the issues raised by the leakage so far. Here's a list (via greenwald, above) of the kind of stuff wikileaks is bringing to light:

(1) the U.S. military formally adopted a policy of turning a blind eye to systematic, pervasive torture and other abuses by Iraqi forces;
(2) the State Department threatened Germany not to criminally investigate the CIA's kidnapping of one of its citizens who turned out to be completely innocent;
(3) the State Department under Bush and Obama applied continuous pressure on the Spanish Government to suppress investigations of the CIA's torture of its citizens and the 2003 killing of a Spanish photojournalist when the U.S. military fired on the Palestine Hotel in Baghdad (see The Philadelphia Inquirer's Will Bunch today about this: "The day Barack Obama Lied to me"); 
(4) the British Government privately promised to shield Bush officials from embarrassment as part of its Iraq War "investigation"; 
(5) there were at least 15,000 people killed in Iraq that were previously uncounted;
(6) "American leaders lied, knowingly, to the American public, to American troops, and to the world" about the Iraq war as it was prosecuted, a conclusion the Post's own former Baghdad Bureau Chief wrote was proven by the WikiLeaks documents;
(7) the U.S.'s own Ambassador concluded that the July, 2009 removal of the Honduran President was illegal -- a coup -- but the State Department did not want to conclude that and thus ignored it until it was too late to matter;
(8) U.S. and British officials colluded to allow the U.S. to keep cluster bombs on British soil even though Britain had signed the treaty banning such weapons, and,
(9) Hillary Clinton's State Department ordered diplomats to collect passwords, emails, and biometric data on U.N. and other foreign officials, almost certainly in violation of the Vienna Treaty of 1961. 

If wikileaks isn't a media organisation, then what is?

Labels: meme war

  ¶ 4:22 AM 0 comments links to this post