Tuesday, October 03, 2006

Interview with Pete Ashdown

Quite a while ago, I asked for an interview with Pete Ashdown who is running for the U.S. Senate. I never got a reply back and assumed he was was a bit busy, what with running a business and running for public office at the same time. I figured living on the other side of the world from me may have also had something to do with it as well.

I was wrong. Pete did get back to me as I discovered while I was going through some raw logs, and so I present it here with my deepest apologies.


Alex H - Why did you decide to run for public office?

Pete Ashdown - Initially I was interested in backing whoever was going to be running in this race on the Democratic ticket. Senator Hatch's stands on copyright vs. the Internet had caused me concern and I wanted to see him challenged in this race. However, as I started to ask inside Democratic circles in Utah, it became apparent that nobody wanted the task. So I had to decide whether running for office was something I wanted to do. I talked to my family, employees, and friends and they were all very supportive, but they were emphatic about starting early and doing it full time. So I declared in March of 2005 and have been working on this race full time ever since.

Alex H - Utah has one of the highest rates of bankruptcy in the U.S. which a number of studies have linked to a growing entrepreneur culture in your part of the world. As the founder of a well known high-tech company, how do you see these budding enterprises working out? What are some of the pitfalls facing Utahns looking to start their own businesses, especially in the tech sector?

Pete Ashdown - The model for starting a business in the U.S. seems to have evolved into hiring a board of directors, getting a load of venture capital, advertising, then hoping to cash out with an IPO or an acquisition. I took the more traditional approach in my business of starting small, wearing several hats, not paying myself initially, and resisting acquisition for the sake of cashing out. That fiscal conservatism allowed me to not only steer the company in a direction I felt was most appropriate without the permission of a board or shareholders, but to move faster than my larger rivals. I think the largest pitfall in American business today is believing you can cash out quickly. The "five years to profitability" adage was thrown out in the 90's.

Alex H - You're campaign has taken some pretty amazing steps towards opening up the democratic process, like the Wiki for creating policy and your calendar. How are those aspects the campaign going and what has the reaction been from the public?

Pete - People find it refreshing across the political spectrum. I think many conservatives are caught off guard when they find a Democrat who is not only willing to listen, but adopt their position if it something that makes sense. Frequently, I hear the sentiment that people are tired of the bickering between the two sides more than anything else. They want to see the divisiveness end and some real solutions come forward. I believe that collaboration and transparency are cures to many of the ills of American politics. My experience so far is that most Americans want that too.

Alex H - Is there anything that particulary irks you about Orrin Hatch's policies?

Pete - His one-sidedness in the debate over copyright was a real problem for my business and for the consumer. The artist should be rewarded for their work, but I think the middle-man model that the recording industry wants to preserve is rapidly going out of date due to the Internet. Fighting it through legislation is not what the free-market is about in my opinion. Senator Hatch stated in his Presidential campaign in 2000 that the government should keep its "Grubby mitts off the Internet." If he had retained that sentiment, I most likely would not be running against him.

Alex H - What is the difference between intellectual property and tangible property?

Pete - Intellectual property can be used without depriving the inventor of using it themselves. If by this question you are trying to probe my feelings on IP, I do recognize IP protection of inventors, but believe as Jefferson did that after a reasonable time it should fall into the public domain. I think that patent review should be opened up for peer participation as long as there is some protection while that evaluation is going on. I am against frivolous, obvious, and derivative patents.

Alex H - You guys (and gals) in Utah have the lowest child poverty rate in the United States and are often mentioned as one of the best places to raise a child. How did that come about? Is it a community values thing, a public policy thing or is there something in the water?

Pete - Utah has a high sense of community. It also has one of the highest volunteer rates in the country. People here are very generous with their time and resources. My success in business has also depended upon giving away my services to non-profits, charities, religious organizations, and candidates without bias. I think you'd be hard pressed to find any other ISP or media company with a similar philosophy.

Utah tends to be an enigma to outsiders and a well kept secret to insiders. We have some of the best recreation and most beautiful scenery in the nation. Some complain about the cultural aspects, but I think some of that is responsible for an extremely energetic underground music scene. I've traveled a fair share, and although I admire some aspects of other states and countries, I would choose no other place to raise my children than where they are right now.

Alex H - Since the whole Enron debacle went down there has been quite a lot of focus on America's energy policy. What's your take on this?

Pete - Our energy policy is the greatest shame this country has. I fully blame the congress for a lack of imagination in regards to new technologies. The last energy bill that came out of the Senate had looking for more oil as its focus with a slight nod towards hybrids and alternative technologies. I want to turn that around. I do believe we need to look for more oil and build refineries, but for every refinery built, I want to see 100 windmills put up. For every well drilled, I want to see a solar chimney constructed. I want to see the scientists at Sandia fully funded in researching their hot-fusion Z-Machine. I advocate for government bounties like the Ansari X-Prize for energy research into all areas. Rapid rail transit is something that America has taken a backseat on that we need to be on the forefront again. I find it ironic that we had better rail infrastructure in the 19th century than we do in the 21st century.

Energy policy is not only responsible for the broad issues of global warming its responsible for the acute issues of mercury emissions and funding monarchies and dictatorships in oil-rich countries. I believe America needs to find a way to generate its own cheap, clean, and plentiful energy and we can do it if we had people in office that understood the possibilities of science.

Alex H - Please don't take offence at this, but there are a lot of people not living in the U.S. who think you guys are proposing and enacting some pretty whacked out laws. How do you think this has come about (or do you even agree with that statement)?

Pete - I am equally dismayed about the eroding of our constitutional rights in the United States. I believe in a broad interpretation of the constitution rather than attempting to find loopholes. Surveillance without a warrant is not constitutional and I think it shouldn't be approved by a "secret court" either. There are very good reasons to shine the light in on the process, primarily because it has been abused in the past. When the government says, "Trust us," I think everyone should be demanding full accountability.

There also been more abuse of the political system than ever by moneyed interests lobbing for their own agenda. The concern of government should be broad, but its currently being controlled by entities whose concerns are narrow. That generates laws that are very specific towards benefiting a few rather than the people.

Alex H - In the past, you've criticized a number of sections in the Digital Millennium Copyright Act; a pretty significant piece of legislation which was 8 years old a few weeks ago. What lessons have been learnt since it was enacted?

Pete - My own experience as an ISP has shown me the economic problems of being forced to serve as media companys' copyright police when they have automated bots doing the reporting. I am thankful for the safe-harbor provision, but I think a request for investigation should carry compensation for execution.

The freedom to tinker with your hardware, own your media, and have fair-use is important to the consumer. DMCA prevents much of that. I want to see this power returned to the individual and the "punishing of the innocent" ceased.

Alex H - Your views on the proposed Intellectual Property Protection Act?

Pete - More effort to restrict the fair-use rights of consumers, add punitive damages beyond what violent crime dictates, and put our tax-funded public enforcement in charge of protecting private media concerns for free. The only benefit is some positive movement on archival of orphan works.

Alex H - So do you think the U.S. will ever get around to releasing a Constitution 2.0? I mean, with all the Amendments, people could be forgiven for thinking you guys were just releasing patches while working out something that would work for maybe 50 to a hundred years. Is the Constitution a "living document"? What things are, or are going to be, important to people in the long term?

Pete - The constitution should be interpreted broadly and I believe that efforts to bypass and find loopholes in the constitution deserve clarification. If not by the court then by amendment. I do not believe the constitution should be amended to restrict or contradict other protections of rights already in the constitution, nor do I believe we need to start over with Constitution 2.0. The founders of the USA had a remarkable clarity of vision about the responsibility of government and the rights of the citizen. If anything we need to work towards our laws respecting the constitution more, not less.

Alex H - Thanks for your time and good luck with the campaign.

Pete - Thank you Alex.


Pete Ashdown's website can be found at http://peteashdown.org/

The DMCA Down Under

First published here.

The Australian government has been looking to make some changes to the law regarding Digital Rights (*cough* Restrictions *cough*) Management tools and like any good citizen, I decided to drop them a line with my thoughts on the Copyright Amendment (Technological Protection Measures) Bill 2006.

The Exposure Drafts can be found here.

Dear Sir/Madam,

Please find my comments on the Draft Exposure Bill for the Copyright Amendment (Technological Protection Measures) Bill 2006.

116AK Section 3 (Exception - Interoperability) and 132APA Section 3 (Exception - Interoperability)

These sections do not allow for a person (such as a computer programmer) to provide a copy of a computer program to another person for the purposes of obtaining the other person's opinion of the computer program. Under this section it will be incredibly difficult for two or more people to collaborate on a project where the aim is to provide interoperability between computer programs and at some stage, someone will break the law by making an infringing copy of the original program.

Also, the only way for a programmer with limited funds available to obtain the original program which he or she intends to provide interoperability for may be by obtaining an infringing copy. In essence, this section is prejudiced against individual or hobbyist programmers in favor of large corporate software vendors.

It would be wise not to underestimate the contribution made by individual or hobbyist programmers as these people are responsible for the creation of the majority of available software and provide an invaluable service to commercial software vendors by releasing add-ons, plug-ins and patches which increase the value of the commercial vendor's products. The proposed exception for this section is a welcome inclusion, but I urge you to err on the side of freedom, rather than on the side of restriction.

116AL Section 1 and Section 132 APB

This section does not allow for "middle men" to assist researchers by providing facilities for them to trade ideas and "proof of concept" examples. It would also prevent people from improving their knowledge in particular areas where more knowledge may be of great advantage to society in general. For example, under this section it would be illegal for someone to provide a copy of a file, such as a media file, which has a TPM attached to it from that person's website. The website owner may have noticed that the file in question is sending data to the copyright holder's website but does not know what that data is. The website owner may post a message like this:

"Hey everyone, I've discovered that this file (download it here) is sending some weird data. Can anyone tell me what information it's sending and where that information is going? I don't want this file sending any private info about me".

Many people are proficient enough to provide circumvention devices, but not to create, use or modify them and many people who can create, use or modify a circumvention device are happy to leave the facilitation of their work to less knowledgeable people.

It would be ironic if someone working for the Australian government in a position of national security could only obtain the information to do their job by visiting a website made illegal under this section. After a terrorist's cypher has been broken using tools available from a public website, should the website owner be jailed for providing the cracking tools to the government officer? Would the terrorist get more jail time that the website owner?

Again, it would be wise not to underestimate the valuable service provided by individual hobbyists who may want to provide services to others in the expectation that those people will use their service in good faith.

202A

Well done. This section will go some way to ensuring that computer programmers and researchers do not suddenly find themselves the subject of legal threats. If the themes of my comments above are addressed in any material way, this section will go a long way to protecting Australians from the baseless legal threats that have become so common in other parts of the world which are now known as Strategic Lawsuits Against Public Participation (or SLAPPs).

Regarding the proposed exceptions:

*Access where a TPM is obsolete, lost, damaged, defective, malfunctioning or unusable and a replacement TPM is not provided

Lost - Please include a detailed definition of "lost". It illustrate: if a commercial TPM provider goes bankrupt, their assets, including the software which can unlock the TPM, will be transfered to another party.

If the other party does not advertise the fact that they are in possession of the master keys for the TPM, it may for all practical purposes be lost. A definition of how and when a TPM may be considered "orphaned" would be appropriate.

Damaged, defective and malfunctioning - I don't think I have heard of anyone buying a product for the TPM that comes with it, so if the damaged, defective or malfunctioning TPM does not affect the consumer's ability to use the product, I can't envisage them bothering to remove it. It would probably be a good idea to allow it though.

Unusable - As the TPM is separate from the protected work, this will need to be clarified. If the TPM itself is unusable there should be no need to remove it. If, on the other hand the TPM causes the protected work to be unusable, there will need to be strong mention of interoperability with other software or devices. A TPMed work that is unusable on one device should be allowed to be removed until a TPM is available that allows it to be used on that device. For example, a TPMed music file may not play on a particular brand of mp3 player, solely as a result of the TPM. A person who legitimately purchased the music file and who wants to listen to it on the unsupported brand of mp3 player should be allowed to remove the TPM so that they may do so.

*Access where a TPM damages a product, or where circumvention is necessary to repair a product -

I have yet to see a TPM that does not damage a product. Digital "watermarking" for instance is the practice of inserting extra data into a media file so that in the event that file is found to be freely available on the internet, the person who was assigned the watermark found in the file can be tracked down. This damages the file as it is not a true and correct representation of what the artist(s) created. All TPMs damage the product they are attached to on a fundamental level - the TPM is an "optional extra" that is attached to the product after it has been created and prevents the product from being used as it would be possible to if the TPM was not attached.

Where circumvention is necessary to repair a product, I believe allowing this is just plain common sense. It is wasteful to discard something that could be fixed and I do not believe it is in our society's interest to spend further time re-acquiring a product in it's entirety, whether in digital or in physical form if less time and resources could be spent repairing it.

Regarding the exceptions for consideration:

* Making back-up copies of computer programs
* Correcting errors in computer programs
* Allowing institutions to assist people with an intellectual disability
* Making copies of works for inclusion in broadcasts, and
* Making copies of copyright material for criticism, review or news reporting by broadcasters.

I believe all of these should be allowed. All these exceptions will be of benefit to Australians and disallowing them would work to our detriment.

On an unrelated note I would like to mention that I do not and will not support any company or individual that uses a TPM on their products. TPMs create artificial barriers that will prevent me from using the protected content as I (usually) want to use it and do not protect the content in general. People who do the right thing and purchase media from legitimate channels are stuck with a crippled product that all experiences up till now show is doomed to fail, yet those who obtain infringing copies can use them freely. For example, after purchasing a computer game I will usually look online for a crack that allows me to play the game without having to insert the game disc into my PC. I don't believe that I am acting maliciously in doing this as I have financially supported the creators of the game, but I resent the fact that I am currently labeled a criminal for making that product easier for me to use.

I will continue to support distributors like magnatune.com who allow me to use my purchases without restriction and artists who are happy to let me download and share their material.

Regards,
Alex H


Anyone not interested in seeing the Australian government importing the most backward of American laws (like the DMCA) would be well advised to keep an eye on the Attorney General's website for more juicy pickings.

Monday, May 15, 2006

p2pnet Sued For Libel

A brief diversion from my own writings:

p2pnet is being sued for libel. Jon Newton, the owner of p2pnet has not revealed many details but states that "I'm being sued principally as a publisher, not for something I wrote."

The main page of p2pnet will be carrying the latest news on this (so keep checking it), but it is worth noting that libel is a very serious accusation and further details will obviously show how much hot water this alternative news site is in.

Wednesday, May 10, 2006

The Last Card You'll Ever Need

First published here.

Good lord, not again! As reported by the Sydney Morning Heral a few days ago, Australia is looking to introduce a national identity card.

The Australian Prime Minister, John Howard is again dragging out the tired old, "It'll make us safer" reasoning and rather than just whinging about vague civil liberty issues, we should be focusing on specific civil liberty issues and the fact that a national ID card will not actually make us safer at all.

Bruce Schneier, Founder and CTO of Counterpane Internet Security wrote an excellent essay on national ID cards a few years ago where he unequivocally states, "everything I've learned about security over the last 20 years tells me that once it is put in place, a national ID card program will actually make us less secure."

As he argues, security isn't measured by how well it works, but by how badly it fails. Anybody who remembers the complete systematic failure that allowed the 9/11 attackers to carry out that devastating attack on America will agree on this point. In such cases, 99% effectiveness is as good as having no security at all: try telling the grieving families you "almost" stopped the hijackers.

Also, if this really is going to be The Last Card You'll Ever Need, the technology for reading these cards is going to be commercial and widely used. And you can be sure that when the Most Secure Card Ever arrives, there'll be a very small, very smart group of people who'll make it their sole aim in life to hack that card. It can't NOT be hacked because the incentive to exploit the uber-card will be absolutely huge: you could be one of maybe a dozen people carrying an un-fakeable fake ID. You could slip through the cracks, rent a truck and...

That's actually a bit sensationalist because to get the new ID, you have to prove who you are using all the currently available and (according to the government) incredibly insecure forms of ID out there at the moment. People with fake IDs now can simply upgrade them and their second identities will go into the database along with everyone else's.

And that brings us to the database. There'll be literally thousands of people with varying degrees of access and some of them will abuse that access, whether for personal gain ("Mmmm, free holiday in Fiji in exchange for medical info"), social engineering ("Hi, this is Jack and I forgot the password for my social security login") or plain incompetence ("Do we really have to wipe these old hard drives twice before sending them to auction?").

Take a look at how seriously we take security now, where stolen laptops can compromise the personal information of hundreds of thousands of people and say "that will never happen here" while keeping a straight face.

Leaving internal security aside for a moment, does anybody really expect the database to actually be accurate? Only 4% of Australian organizations have someone who is ultimately responsible for the accuracy of their data, according to Australian data quality software company QAS, so the likelihood that even the basic information such as the spelling on your last name, or the possibility that your home address will be wrong, is pretty high and cause for justifiable concern.

And let's not forget "function creep" either.

A fantastic example of function creep is copyright. It used to be about letting authors exploit their work for a limited time, but it's evolved into a system whereby the author's great grandchildren never have to work a day in their lives (also known as About A Boy Syndrome). Someone, at some point, will suggest that including sexual orientation on the ID cards would be a really good idea (probably for welfare administration), but I'm betting that religion will get on there first.

And even after all that, there will still be screw ups because IDing people is a fucking boring job.

Only last week I was out on the town with some mates and at the first place we went to, the doorman handed back my ID to my friend and my friend's ID to me. We visited four other venues and it was only until we were trying to get into the last one that the doorman twigged that we were holding each other's drivers licenses. That's three people in a row who didn't look at the photos printed clearly on our cards before letting us through the doors. I really hope we have airport guards who are a bit more switched on.

Then again, at $9 per hour after tax I wouldn't be paying much attention either.

In the file sharing world, we've known since the fall of Napster that centralization is bad. Napster couldn't withstand attack from a determined foe and it would be naive to think the inevitable database that holds all the information will not be a target for hackers, viruses and well coordinated DDoS attacks.

Decentralised p2p hasn't been shut down even with the RIAA, MPAA, BPI, ARIA, CRIA, etc, throwing millions of dollars at the (alleged) problem.

Grid computing is starting to take off because (get this) it's a really good way of handling and processing lots and lots of data.

Why in God's name are people seriously proposing that we ignore these new processes and revert back to the old systems that we've been trying to get away from?

And as Bruce Schneier asks, "what good would it have been to know the names of Timothy McVeigh, the Unabomber, or the DC snipers before they were arrested? Palestinian suicide bombers generally have no history of terrorism. The goal is here is to know someone's intentions, and their identity has very little to do with that."

Maybe a national ID card would have been a good idea when John Howard opposed it back in 1985, but as he's telling us now, "the world is a very different place". Should we really be trying to have an American-style national "feel good" drive anyway? You know, that war-with-somebody-is-better-than-war-with-nobody reasoning that gets the U.S. into hot water whenever they try it.

ID cards will not make us safer, will be very convenient for cataloguing the Australian population and have absolutly no place in Australia today.

Wednesday, April 26, 2006

DMCA 2.0 - Just Steal CDs

First published here.

Ed Felton recently pointed out that under the proposed extensions to the Digital Millennium Copyright Act (or DMCA 2.0 as it is becoming known as), non-commercial copyright infringement such as file sharing would carry a bigger penalty than manslaughter - up to ten years in the big house.

Compared to the average sentence for manslaughter (33 months in jail), one really does have to wonder if Lamar Smith has actually thought about his proposed bill, or if the rush of campaign contributions from Hollywood has gone to his head, because under the DMCA 2.0, you'd be better off going old school and just stealing CDs from Wal-Mart.

That's larceny and will get you a whopping 8.3 months in jail if the Wal-Mart rent-a-cops catch you on the way out.

The same goes for the increased anti-circumvention provisions that are on the table. DMCA 2.0 would make it illegal to simply have anti-circumvention tools in your possession with intent to distribute them, and it's easy to imagine a federal prosecutor arguing an internet connection serves as proof that an unlucky researcher was planning to share their 133t h4xor tools with the world.

I can see the headlines now: "File sharing Down 2%, Petty Theft up 862%", followed closely by "IP Laws Backfire On U.S., Smart Yanks Flee Country".

So what happens if you can't be bothered cracking it yourself and just go find the guy who designed the copy protection and point a shotgun at him until he posts the source code online? Well, that would add up to about 20 years. So you'd be better off just sending anonymous threats about his family - that's only worth about seven years on average, and it'd be easier to argue you weren't actually serious about the whole thing if you were to be caught.

Even if you did get sent down for it, you'd still come in three years under the sentences being handed out to geeky researchers.

And hey, if you only get five months inside for telling eBay's ceo you're going to "haunt and hurt you and your family," I'm sure there will be some one out there willing to sacrifice themselves so that everyone can enjoy unencrypted HD movies.

Or more likely, someone driven to insanity by overly restrictive DRM (and I understand "temporary insanity" goes down well with the judge). Just. Copy. Damn. Thing. To. Ipod. Ahhhhhh!

It's also easy to imagine a scenario where the author of a virus and the guy who develops a patch for it end up sharing the same cell. All the virus writer would need to do is include some rudimentary encryption in his code to ensure no anti-virus researcher would be keen to write a fix if the only way to do so would be to crack the encryption.

I wonder how many anti-virus providers would be ready to step up and fight this in court? I wonder how many of their employees would agree to work on a fix in the first place, considering they themselves would be in the dock facing a federal prison sentence?

Perhaps Lamar Smith believes some intellectual property is more worthy of protection than other intellectual property? If intellectual property is an absolute right, as some misguided people seem to think it is, we should remind them that an individual's rights don't suddenly disappear when they break the law. (Well, Guantanamo Bay aside, an individual's rights don't suddenly disappear when they break the law).

The author of an annoying, but harmless, mass mailing worm should get the same protection for their work as anyone else. Right?

What if the worm was genuinely written to explore and evaluate security holes, like to find out how many copies of a dodgy mail server are in operation? A very black hat way of going about things, but the intention behind the act may be as worthy as the corporate anti-virus researchers (and also the most practical way of fixing the problem if your warnings about security holes have been ignored previously).

Pfft! Who cares? Let the courts figure it out. They're the ones who're experienced in dealing with ill-conceived laws after they've been passed.

It seems that the entertainment cartel's men in Washington have gotten a little carried away with protecting their interests online 'cause if the DMCA 2.0 passes, you be better off giving up p2p and taking a full time job as a heroin dealer - you'd actually be able to afford the CDs and good lawyers then.