Toyota Stalks Woman, Claims She Consented


In a lawsuit filed Sept. 28 in Los Angeles Superior Court, Amber Duick claims she had difficulty eating, sleeping and going to work during March and April of last year after she received e-mails for five days from a fictitious man called Sebastian Bowler, from England, who said he was on the run from the law, knew her and where she lived, and was coming to her home to hide from the police.

There was even a fictitious MySpace page reportedly created for Bowler.

Although Bowler did not have Duick’s current address, he sent her links to his My Space page as well as links to video clips of him causing trouble all over the country on his way to her former house in Los Angeles, according to the lawsuit.

“Amber mate! Coming 2 Los Angeles. Gonna lay low at your place for a bit till it all blows over,” the man wrote in one e-mail….

It turns out the prank was actually part of a marketing effort executed by the Los Angeles division of global marketing agency Saatchi & Saatchi, which created the campaign to promote the Toyota Matrix, a new model launched in 2008. …Tepper, Duick’s attorney, said he discussed the campaign with Toyota’s attorneys earlier this year, and they said the “opting in” Harp referred to was done when Duick’s friend e-mailed her a “personality test” that contained a link to an “indecipherable” written statement that Toyota used as a form of consent from Duick….(“Woman Sues Toyota Over ‘Terrifying’ Prank,” ABC News.)

Dear Toyota attorneys: a contract involves, first and foremost, a meeting of the minds. We’ve had years of farcical and indecipherable privacy policies. Anyone who’s ever tried to read them knows that you can’t figure them out. Everyone knows that no one even tries. The final thing which any first year law student knows: neither of those lead to terms which shock the conscience.

I’d like to ask readers to blog and tweet about this until Saatchi, Saatchi and Toyota explain what went wrong, and agree to all of Duick’s demands.

Shown, Toyota’s attorneys in conference with representatives of Saatchi and Saatchi. Photo by Jrbrubaker.

A Little Temporary Safety

So I saw this ad on the back of the Economist. (Click for a larger PDF). In reading it, I noticed this exhortation to “support the STANDUP act of 2009:”

The STANDUP Act* (H.R. 1895) creates a National
Graduated Driver Licensing (GDL) law that [limits nighttime driving, reduces in-car distractions, puts a cap on the number of friends in the car and increases the required hours of training and supervision. ] congressional representatives When states have implemented comprehensive GDL programs, the number of fatal crashes among 16 year old drivers has fallen by almost 40%.”

Now I was curious as to how many lives that was, and so I went looking. I found a lot of interesting stuff. For example, “Beginning with Florida in 1996, graduated licensing systems also have been adopted in most U.S. states.” That’s from the “Insurance Institute for Highway Safety/Highway Loss Data Institute.” But they also tell us: “A national evaluation reported that states with 3-stage graduated systems had 11 percent fewer fatal crashes per population of 16 year-olds during 1994-2004 than states without such systems.” Last I checked, 11 is not almost 40.

It also turns out that the number of teens killed in New Jersey last year was 60. Now, I don’t want to minimize the pain for the families who lost their children, or those injured by teens driving like, well, teens. But based on Allstate’s high number, these laws about graduated driving privileges may save as many as 25 lives a year. Based on the IIHS assessment, it may be 6 or 7.

Now there’s an old saw “Where are you from? New Jersey. Oh, what exit?” The truth is that life in New Jersey is car-centric, and saving those lives involves restricting the behavior of about 110,000 teens. (Or so I estimate, based on New Jersey Quickfacts from the US Census, who say that there are 8.6MM people, and roughly 24% are under 18, and so I figure that roughly 1.3% of the population is 16.) Those teens are in the process of exploring who they are, and asserting their independence from their parents and geography. They’re in the process of growing up. Part of that growing up is taking risks, and I suspect that some of the risk taking is simply delayed, not removed.

The other thing I don’t get about Allstate’s ad is that the insurance industry says “most states” already have such laws. Setting a national law is hard, and Congress is busy investigating baseball players. So clearly, they have important tasks to be working on. What’s more, phrases like “A national evaluation reported that states with 3-stage graduated systems had 11 percent fewer fatal crashes … than states without such systems.” A stronger argument for continued experimentation by laboratories of democracy is hard to imagine.

But stepping back, the real issue I have here is the desire to drive one particular danger to zero without consideration of the costs or alternatives. These folks are dedicated to stopping deaths in cars (which is appropriate for the IIHS, less so for Allstate). But what fraction of teen deaths are in cars that a teen is driving? What are the costs of a little temporary safety for teens?

[updates: corrected quote, added link to text]
[update2: Don’t miss Kenneth Finnegan’s comment about having 5 teens all drive separately from point A to point B, with attendant environmental and parking impact.]

BBC Video of Liquid Explosives

The BBC has some really scary video “Detonation of Liquid Explosives.” However, as I thought about it, I grow increasingly confused by what it purports to show, and the implications.

At the end of the day, I think there are two possibilities: It’s a fair representation, or it’s not. I’m leaning slightly towards the second.

If it’s a fair representation, then why are we still drinking on planes? What’s the point of allowing us to bring in smaller amounts of stuff if a 16 ounce bottle can be bought at the airport, washed out, and used to contain whatever that is?

The second choice is that it’s misleading. First, we don’t see what’s being mixed: we see an orange powder poured into a liquid, with a jug labeled water nearby. We the expert tilting the bottle back and forth to mix it. Second, we don’t see how it’s detonated. Third, we don’t really see the placement of the bottle, or how many bottles are placed. There’s an implication that it’s one, but no statement. (In fact, there’s a lack of a statement of how much of a liquid bomb was used. The BBC website say “a liquid bomb.” We don’t see if there were squibs or other games played.

The BBC ought to tell us more about what they showed.

Off to the Moscone Center

Every year around this time, thousands of people converge on the Moscone Center in San Francisco for RSA. I had never given much thought to who Moscone was–some local politician I figured.

I first heard about Harvey Milk in the context of the Dead Kennedys cover of I Fought The Law:

The law don’t mean shit if you’ve got the right friends
That’s how this country’s run
Twinkies are the best friend I’ve ever had
I fought the law
And I won

I blew George and Harvey’s brains out with my six-gun
I fought the law and I won

I learned about Harvey Milk, but didn’t really remember George. I learned who he was from Milk, the movie.

When you hear someone talking about the absolute catastrophe that getting hacked might be, put it in context of human life. Most hacking incidents are annoying, some have real financial impact, and some few have the potential to do real and irreparable harm.

So as we go to the Moscone Center, remember the murders committed by an authorized entrant into city hall. When you hear someone talking about the absolute catastrophe that getting hacked might be, put it in context, and remember George Moscone and Harvey Milk.

Children, Online Risks and Facts

There’s an interesting (and long!) “Final Report of the Internet Safety Technical Task Force to the Multi-State Working Group on Social Networking of State Attorneys General of the United States.” Michael Froomkin summarizes the summary.” Adam Thierer was a member of the task force, and has extensive commentary on the primary online safety issue today is peer-on-peer cyber-harassment, not adult [sexual] predation, along with a great link roundup. Kim Zetter at Wired gives unfortunate credence to hyperbolic claims by some attorneys general that “harsh reality defies the statistical academic research underlying the report.” Uh huh. I’m glad Richard Blumenthal knows the truthy, and isn’t going to let facts stand in his way. I’m less glad that Wired chose to portray that as a ‘controversy.’ I’d call it an embarrassment to the state of Connecticut.

Crime in Barcelona

george orwell square.jpg
While having a wonderful time in Barcelona, I took the metro a fair amount. Over the course of 8 days, I saw 2 turnstile jumpers, (40€ fine) 3 smokers (30€ fine) and didn’t see as one friend got pick-pocketed (reported fine, one beating).

So which crime annoyed me most? The apparently worthless invasion of privacy.

There were cameras everywhere. They seemed to have no deterrent effect whatsoever. Now, maybe crime was really rampant before they put the cameras in. Maybe they’re being used to track down criminals. It’s hard to judge. But my Catalan friends say that the crime has been like this for a long time.

Someone should come up with a pithy quip about those who trade privacy for a little promised security.

Photo: Amlwch to magor.

Blaming the Victim, Yet Again

malware dialog box

John Timmer of Ars Technica writes about how we ignore dialog boxes in, “Fake popup study sadly confirms most users are idiots.”

The article reports that researchers at the Psychology Department of North Carolina State University created a number of fake dialog boxes had varying sorts of clues that they were not real dialog boxes, but sham ones. The sham dialog boxes had varying levels of visual clues to help the user think they were sham. One of the fake dialogs is here:

The conclusion of many people is summed up in the title of the Ars Technica — that people are idiots.

My opinion is that this is blaming the victim. Users are presented with such a variety of elements that it’s hard to know what’s real and what’s not. Worse, there are so many worthless dialogs that pop up during normal operation that we’re all trained to play whack-a-mole with them.

I confess to being as bad as anyone. My company has SSL set up to the mail server, but it’s a locally-generated certificate. So every time I fire up the mail client, there’s a breathless dialog telling me that the certificate isn’t a real certificate. Do you know what this has taught me? To be able to whack the okay button before the dialog finishes painting.

The idiots are the developers who give people worthless dialog boxes, who make it next to impossible to import in local certificates, who train people to just make the damned dialog go away.

Computing isn’t safe primarily because the software expects the user to be a continuously alert expert. If the users are idiots, it is only because they stand for this.

Keeping abreast of the threat


The German Bundespolizei have announced what the BBC are calling a “bullet-proof bra“.

It may sound like a joke, but this is a serious matter – the policewoman who came up with the idea said normal bras can be dangerous when worn in combination with a bullet-proof vest.
“The impact of a bullet can push the metal and plastic bits of the bra into an officer’s body, causing serious injury,” said Carmen Kibat, an adviser on equal opportunities for the Hamburg-based Bundespolizei – Germany’s federal police force.
“I always thought normal bras posed a safety risk and I wanted to change that,” she said.

Now, I’m sure Frau Kibat’s heart is in the right place, and I would certainly not want it to be pierced by either a bullet or a brassiere clasp or underwire fragment, but I have to suggest here that “I always thought” doesn’t suggest that the decision to develop this article was made based on empirical data.
While I admit it’s interesting to see “Polizei” on a brassiere, it’d have been better to ask those that are concerned about the “risk posed by normal bras” to simply buy one that is made entirely of cloth, since they are readily available through non-governmental channels.
Photo: Reuters, via Die Welt

Black Hat (Live) Blog: Keynote

Ian Angell from the London School of Economics gave a great keynote on complexity in systems and how the desire to categorize, enumerate, and add technology can break things in interesting ways.

An example of his: there’s an increasing desire among politicians and law enforcement to create huge DNA databases for forensic purposes, to aid in crime fighting and whatever. This will work until criminals start collecting DNA samples and scatter them at a crime scene creating confusion.

Angell didn’t mention a counter-measure, and I have one that I’m sure the politicos will want to use: make the possession of DNA a crime. There’s the obvious exemption for your own DNA, but this brings new and important expansions of the old standby of “inappropriate contact.”

This brings me to a complaint and irony about the “improvements” to Black Hat this year. The ironies occurred to me as Angell was speaking, talking about the ways added complexity brings new ways to fail.

One of the Black Hat improvements is that Black Hat is adopting a number of cool web-isms. There’s a Twitter feed, for example. They’re encouraging blogging by handing out blogging credentials for Defcon. This good and cool.

However, one of the other improvements is to move The Wall of Sheep from Defcon to Blackhat. Professor Angell’s cat Oscar would have a thing or two to say about that. However, Nick Matthewson of Tor said it best, I think.

If you are not familiar with The Wall of Sheep, it is a project in which the shepherds run a protocol analyzer on the network looking people using insecure protocols, plaintext passwords, and the lot. They quasi-anonymize them and then offer them up for what in Puritan days would be a pillory.

Nick’s comment about this, was that it’s a very 1990s thing. Here we are in the late aughties, and you have assume that if someone is at a security conference and using a non-secure protocol, that it is a lot like not wearing pants. If you’re at a conference in Vegas and someone there is not wearing pants, it’s probably wise to assume that they know they’re not wearing pants, and that they are not wearing pants for some reason.

I was paying enough attention at the time to note that Nick was wearing a kilt when he said that.

The Wall of Sheep is the Pants Police. They run a Pants Panopticon in which they rush around madly looking for people with no pants and posting them up on the Wall of No Pants. They’ve decided on their own that a lack of pants is a ridiculable offense, even for people who know they’re not wearing pants, and don’t care what you can see. Even moreso, they also post the mere rumor of pantslessness. I have heard tell that some people enjoy hacking the Pants Police by telnetting to some service and typing in usernames and passwords to be sniffed. I would never do that myself, but I’ve heard stories. They’re actually more the Pants TSA than the Pants Police, but Pants TSA doesn’t alliterate.

The Angell-quality irony here is that all these new communications systems that on the one hand we’re being encouraged to use are — questionable. Twitter looks a lot like knickers to me. And let’s face it, WordPress won a Pwnie award for the incredible number of vulns they’ve coded.

In short, you’d be a fool to use Twitter at Black Hat, or to blog, or — well, use DNS. For Pete’s sake, we’re being told to set up manual arp entries. (Yes, I know. You can use a VPN, or you mobile, or something else. That’s all very good, but once the Pants Police decide your Bermudas look like Speedos to them….)

The message of Black Hat that people should take away is that nothing is safe. That’s not necessarily bad. If we wanted houses to be safe as houses, we’d take out the windows and turn off the electricity. Technology is risk, as Angell said eloquently and entertainingly.

This is just more of the security wags naming, shaming, and blaming the victims. Is the message that one should take away from Black Hat is not to use a computer there? Even Professor Angell isn’t that pessimistic. He thinks that four ounces in an eight-ounce tumbler means you have too much glass.

Which is it at Black Hat? Web or no web? Pick one. Either Black Hat is (like Defcon) an open free-for-all in which griefing is just another way to spell 1337 and you’re a fool to bring electronics, or it’s an information exchange between smart people who blog, Tweet, and Plurk. Is a handshake a greeting, or a way to get a DNA sample? Are we using cutting edge or trailing edge technologies? If the former, remember that their security is going to suck until they get beat up — cutting edge techs can make you bleed. To phrase it another way, pick a century we’re in — 20 or 21. It matters less which one you pick than that you pick.

I hope it’s 21. I think Twitter is twee, but I’ve been using it and I smile when I do. (Plurk is much cooler, but I can hear The Good, The Bad, and The Ugly theme every time I go there.) I truly believe that blogging is just journalism in the cheapest free press civilization has ever had. AJAX is scary, but it’s scary in the way that driving a go-cart is scary. I don’t want to have to worry about the Pants Police, too, to make fun of me if I’ve misconfigured something I’m not as adept at as IRC. I’d like to deliver a live blog about the opening keynote on the day it was given, as opposed to while I’m still alive.

I think Black Hat is moving in a very good direction to make information flow better, more interesting, and more fun. Let’s just leave the old school hectoring back in era, and find out how to fix the new things by using them.

On Gaming Security

Adam comments on Dave Maynor commenting on Blizzard selling authentication tokens.

Since I have the ability to comment here, I shall.

This isn’t the case of a game having better security than most banks (as Maynor says). This is a game company leaping ahead of some banks, because they realize they have bank-like security issues.

It’s been a year or so since I read on El Reg that on the black market, a credit card number sells for (as I remember) £5, but a WoW account sells for £7. I would look up the exact reference, but I’m not in the mood. Your search skills are likely as good as mine.

The exact reasons for this are a bit of a mystery, but there are some non-mysterious ones. There is a black market for WoW gold and (to a lesser extent) artifacts. That black market is shuddering because Blizzard has done a lot to crack down on it. (Blizzard’s countermeasures are one main reason that the artifact market is low. Most artifacts become bound to one character when used, and so are not transferrable and so are not salable.) Nonetheless, many WoW players have gold in their pockets that would sell for hundreds to thousands of dollars on this black market.

(If you think from this, that WoW can be a profitable hobby, think again. That many players have gold worth some real change says more about the time they have spent playing than anything else. If you live in a first-world country, you can earn far more flipping burgers than playing WoW. It is only if you are in a third-world country that WoW is a reasonable career choice.)

This means that by putting a keylogger on someone’s system, you can steal a pretty penny from them and sell it on the black market. A not-insignificant number of WoW players have logged into their accounts to find their characters naked and penniless. However, there’s an interesting twist on this. Blizzard can and does restore the lost gold and items.

Presumably, Blizzard has a transaction log and can rewind it. However, this is work for them and annoyance for the victim. Two-factor authentication will lower Blizzard’s costs but fear of robbery is high enough among the players that they’re snapping these things up and are willing to pay for them.

Bank customers rightly think that increased security is something that the bank should pay for. So in the banking world, the cost-benefit calculation of two-factor authentication is complex. In the gaming world, it’s pretty straightforward. Since Blizzard can shift the cost of the device to the customer base, it’s easier to justify.

L’affaire Kozinski

Kim Zetter on Threat Level has written about Larry Lessig’s comments about Judge Alex Kozinski’s problems with having files on a personal server made public.

Zetter has asked to hear people’s opinions about the issue. I thought I’d just blog about mine.

Basically, I agree with Lessig. The major place that I disagree with Lessig is in his metaphor of someone jiggling open a lock. I think I would use the metaphor of someone pressing a camera to the judge’s window, and shooting pictures of the library through the gauze curtains. It was rude and inappropriate, whatever we might think of Kozinski as a judge. It was a privacy violation, and yes, a form of trespass. Perhaps somewhere in there it shows some hypocrisy, but privacy advocates who cheer showing someone’s hypocrisy by violating their privacy are hypocrites, too. (I am not accusing any specific people of this hypocrisy, I’m making a point.)

As Lessig and others have noted, nothing Kozinski did was illegal. Even in the case of his having MP3s, this was not illegal nor infringing, given what we know. It is completely legal in the US to make MP3s from your other media. It is not legal in the UK, nor in other countries, but he’s not a judge there. It’s also not infringing to set up a private server for family and friends.

RIAA, the MPAA, and other alleged defenders of intellectual property frequently deny that these things are legal, but if someone wants to show Kozinski’s hypocrisy by taking up those arguments, they’re essentially carrying RIAA’s and the MPAA’s water. This may be hypocrisy itself, if the people wanting to play gotcha consider themselves anti-RIAA/MPAA. It might also be simple stupidity, too. The media companies often and repeatedly advance opinions that if there were any reasonable regulation of the lawyers would get the media lawyers disbarred. Bringing those cracked opinions to bear against Kozinski only gives them credibility they do not otherwise have.

The one place I do wish to take issue with Zetter’s article is this:

On a separate note, the ABA Journal, a publication of the American Bar Association, has a good story today that examines the MP3 issue, noting that Kozinski wrote the dissenting opinion in a copyright case last year in which he sided with the copyright holder in saying that credit card companies that process payment for material that violates copyright should be liable for facilitating illegal sales of copyrighted material. This would imply that if it turns out that Kozinski’s site was making MP3 files available for download, he would consider himself liable for facilitating the illegal trade of copyrighted material.

I’ll again note that I think I’m disagreeing with the ABA Journal, not with Zetter’s remarks on it.

No, this doesn’t imply that. The Home Recording Act specifically allows one to time-shift content, media-shift content, and to share that content with family and friends. If Kozinski’s son implemented an el-cheapo equivalent of a Slingbox or iTunes Music Sharing and there were bugs in that implementation that let a clever person make unauthorized, infringing copies of the Kozinski Clan’s media, that’s an embarrassment. I am quite certain that Kozinski fils and père are quite properly embarrassed now. Unless we’re going to move from carrying the RIAA’s water to insisting on software liability for amateur programmers (won’t the FOSS crowd love that), then let’s let it drop.

Freedom isn’t doing what you want, freedom is defending people you disagree with. I actually don’t know if I disagree with Kozinski. I do know that I agree with Lessig. Privacy is an important right, and an intrinsic right. Everyone is deserving of privacy, even judges.

Woodie Guthrie said that some will rob you with a six-gun and some with a fountain pen. It is not as euphonious to note that some will hack you with Metasploit and some will hack you with Google, but it’s no less true. I’m not going to stretch that metaphor much further, but I will note that the technological difficulty of an act doesn’t change its character. There’s good hacking and bad hacking. It isn’t good just because it was easy. Conjuring up dirt on a judge with an easy hack is conjuring up dirt a judge. Here’s Lessig:

Now imagine … some disgruntled litigant … finds some stuff that he knows the local puritans won’t like. He takes it, and then starts shopping it around to newspapers and the like: “Hey look,” he says, “look at the sort of stuff the judge keeps in his house.”

I take it anyone would agree that it would outrageous for someone to publish the stuff this disgruntled sort produced. Obviously, within limits: if there were illegal material (child porn, for example), we’d likely ignore the trespass and focus on the crime. But if it is not illegal material, we’d all, I take it, say that the outrage is the trespass, and the idea that anyone would be burdened to defend whatever someone found in one’s house.

Lessing spoke of illegal material. An infringing MP3 is not illegal material. Infringement is not theft, but even if it were, a stolen Rembrandt is not kiddie porn. Lessig understand that and that’s why he picked the exception he did.

I’m one of Lessig’s anyones. It is outrageous to violate this person’s privacy and trump up their personal quirks (like thinking they can save a few bucks and write their own media server) into imagined crimes. If you believe in the right of privacy as a fundamental human right, then you should be outraged, too. We are all deserving of privacy. Even judges. Even judges who defend copyright. Even judges whose sons write buggy software.

Those of us who believe in the right to control the media we legally have in the way we see fit, not the way the media companies see fit should be defending Kozinski. Those of us who believe that creating software should be an unencumbered right should be defending Kozinski. We need to remember which side we’re on. It’s the side of liberty, not control.

Cat Le-Huy, Dubai and the moral high ground


Cat Le-Huy is a friend of friends who has been “detained” entering Dubai. I put detained in quotes, because he’s been thrown into prison, where he’s now spent a few weeks.

He claims he was carrying melatonin, which is legal in Dubai, and the authorities have charged that there was .001 gram (1 milligram) of hashish, which is basically some specs of dust. The law firm representing him wants a £25,000 retainer.

It used to be that the United States, the United Kingdom (where Cat lives), and Germany had a certain moral high ground with regards to the arbitrary detention of their citizens. Unfortunately, the executives of our countries have tossed away that high ground with our own arbitrary detentions. In the US, we detain not only foreigners, but our own citizens.

So, what does this mean to you?

First, please donate to Cat’s legal defense fund.

Second, don’t go to Dubai. They’re competing to be the next “Disneyland with the Death Penalty,” and that should hurt their businesses and that should hurt their bizarre attempts to bring in tourists.

It might mean other things, but we’ll leave that for future blog posts.

[Updated: fixed donation link.]

What Would One Actually Do With A Persona?

I asked Bob Blakley and Mike Neuenschwander some questions about Limited Liability Personae. Rather than focusing on the implementation, I wanted to talk about the high level purposes, as well as concerns that most people have with the idea of a persona. Whenever I discuss personae, there are issues that frequently come up, for example:

Mordaxus: What do you have to hide? That’s the obnoxious way to ask why one needs a persona. What problem does a persona solve? Is there another way to do this?

Bob Blakley: It has nothing fundamentally with “hiding”. It has to do with compartmentalizing risk.

There’s no good reason getting my social security number stolen should result in my bank account getting cleaned out and my credit record being polluted. This only happens because I have to “invest” my bank account in a transaction (and hence put it at risk) every time someone asks for my SSN. If I have a persona which has its own ID number and a separate bank account with a limited amount of my money in it, when I engage in a transaction I only have to put “as much of my resources and information as necessary” into the transaction. This means that my other resources (the ones I “hide”) do not have to be exposed to thieves and other bad actors.

One can of course use a persona to adopt a personality other than the one used at work or socially. This can be destructive (as when it’s used to perpetrate fraud or otherwise deceive) or constructive (as when one builds an interesting character in an online game, or constructs a persona as an artist, and so on).

Mordaxus: Won’t this just let people run amok? Many people think that “anonymity” (which I put in quotes because it includes pseudonymity
to these people) is the root of many evils. I disagree and think it
is a lack of accountability. It doesn’t really matter, though. How
will personae make the situation better for anything from identity
theft, to paying one’s bills, to politically-motivated Wikipedia edits?

Bob Blakley: An LLP isn’t anonymous, and it is accountable. The government agency which creates it requires a registration process. If something socially harmful is done using the LLP, the normal legal process can be used to associate the LLP with its owners (in fact ownership is usually public information). But as long as the law is followed, the liability incurred by the LLP does not transfer to the owners, and the owners can shield their “real” identities from transaction partners as long as the follow the law and the rules of LLC operation.

Regarding Wikipedia edits, assuming for the moment that there is actually a problem with them, an LLP is not designed to prevent politically-motivated activity of any kind including edits, and, as noted above, it’s not designed to be a vehicle for unbreakable anonymity.

Mordaxus: How will it actually protect me? This comes back to asking what a persona is actually good for.

Bob Blakley:Liability limitation is what LLCs are all about. The fundamental notion of the corporation is that it allows individuals to invest some of their resources in an enterprise which might sustain significant losses, without putting at risk resources which are not invested in the corporation.

Today the liability-limitation (and taxation) benefits of incorporation are enjoyed by business enterprises and the wealthy, but mostly not by private citizens who are not wealty. The LLP proposal is essentially intended to provide the risk-management benefits today enjoyed by the rich to everyone.

Mike Neuenschwander Good questions. I know Bob already took the bait on this one, but I’ll add a little more in the way of theoretical background.
First, persona building is an important human activity. In everyday experience, it’s easy to perceive the self as unified, fixed, separable identity, but that’s not the case at all. (The philosophical / scientific discussion of the topic can be found here.)
When you probe the idea of self bit deeper, you realize that people construct personas for nearly every relationship they engage in. They do this to fill a role that the relationship requires. Personas help set expectations among participants in a relation, provide protections for participants, and set parameters for behavior. Personas also “instruct” participants on how to behave. Role playing an archetypal character is an efficient method for humans to disseminate wisdom throughout society and across generations.

In the natural world (vs the online world), mechanisms exist to place costs on the creation of personas, so people can’t create an indefinite number of them. The natural world also makes it costly to shed personas or to defect from relations and society. In other words, there are natural processes in the natural world from keeping the system in check. In the digital world, they’re woefully sparse. We have “emoticons” (which emote individuals’ feelings) but we need “social emoticons,” which promote empathy, reciprocity, and trust among individuals.

Trespass and Forgiveness


A man in the UK has been arrested somewhat dramatically for illegally using a WiFi connection. The BBC reports it here as “Man arrested over wi-fi ‘theft’” and El Reg as “Broadbandit nabbed in Wi-Fi bust.” Each is worth reading.

The police statement is worrying. El Reg says:

Despite not having secured a conviction yet or even charged the man, DC Mark Roberts of the computer crime unit said: “This arrest should act as a warning to anyone who thinks it is acceptable to illegally use other people’s broadband connections.”

The worry is that the police seem to have decided what the TOS of the connection is for themselves. Bruce Schneier has said somewhat famously that his home wireless system is unprotected because he feels it is “neighborly.” Ross Anderson leaves his open because he feels it leaves doubt open as to who did what on his network. An RIAA fishing expedition, for example, would have a harder time sticking on either of them.

If, as DC Roberts seems to be saying, it is illegal to use any wireless that is not clearly marked as being open, how does someone declare their wireless as open? Do you need to put some statement in the SSID?

That is a fine answer, but it leads to a second question: would then, having an open wireless system with a generic name be an attractive nuisance? It’s a nuisance to have a swimming pool that is not fenced off, for example, because someone could stumble into it and fall in. In this case, an open wireless system is a nuisance because someone could stumble into it and commit a Computer Misuse without even realizing.

Could not then, there be civil or criminal penalties attached to putting up an unsecured wireless?

Or perhaps it be better for the police to only respond to complaints? That response could even include asking the complainer, “Have you put a password on your network?”

Photo courtesy of sholden.

Obscenities in Passwords


El Reg reports that “Pipex invites customer to get ‘c**ted’” in which the generated passwords that the Pipex system suggested contained a rude word. A screenshot is available on the Register article.

There is, however, a second obscenity here that is far more subtle.

That obscenity is in the password selection advice and suggestions. The advice is:

We highly recommend you include at least one of each of the following to make your password more secure:

  • A capital letter
  • A lowercase letter
  • A number

In case you’re having trouble thinking of a new password, here are three that might be suitable.

Of course there’s the amusement factor of the rude one being described as “might be suitable.” I will note that ages ago when the world was young, some operating systems allowed vetting of generated passwords to avoid precisely this issue.

But that brings us to the two obscenities in the three suggested passwords. As you, Clever Reader, have no doubt already noticed, all three of the suggestions are eight-character passwords that are a capital letter followed by six lowercase letters followed by a digit.

Naïvely, they thought that this would be more secure than just lower case. However, there are 80,318,101,760 total passwords using their scheme, and 208,827,064,576 total passwords if you just use lowercase. The latter number is 2.6 times as many passwords.

In case you’re bored with math, eight lowercase numbers is 268 total possibilities. In the latter case, you are trading 26 lowercase possibilities with 26 uppercase possibilities in the first character, so there’s no actual improvement. Combine this with replacing 26 lowercase possibilities with 10 digit possibilities in the last character. Thus you have 267 * 10. Dividing them out, a lot of 26s cancel, leaving you with a ratio of 26/10 or 2.6. (If you are not only bored with math but bored with people explaining math, skip this paragraph.)

Here, then, is the second obscenity. Pipex customers are less secure for taking Pipex’s advice.

This is also the problem with trying to increase the number of characters people use in a password. If you tell them to use a capital letter, they will capitalize the first one. If you tell them to use a digit, it will usually be the last character and usually be a 1. If it’s not a 1, it’ll be (ooo, this is so cool) “4u” or equivalent.

In short, when you convince people that using their dog’s name, at best they move from “fluffy” to “Fluffy14me”.

Photo “#26 Power street” by jnoc.