Weblog on the Internet and public policy, journalism, virtual community, and more from David Brake, a Canadian academic, consultant and journalist

Archive for the 'Security and encryption' Category | back to home

13 September 2006

Just found out that the reason my wife’s PC wouldn’t connect to the Internet is that I had entered the WEP password wrongly. But Intel’s software reported a good connection to my router! Would it have been so hard to code in a “physical connection good but password is wrong please try again” dialog box? Billions of blue blistering barnacles!

Later And to compound the annoyance, I nearly thought my connection had broken again but then I realised that if you fix the password on one user account it doesn’t fix it on any of the others. Mightn’t it be a good idea to allow administrators to change all the passwords for wireless access to a given point at the same time?

29 August 2006

After spending much time with a friendly but unable-to-help Dell technician I seem to have figured out the problem with my wife’s laptop myself (or at least found a way around it). It seems that for some reason her wireless driver crashes the whole system when trying to handle WPA encryption but it can handle WEP encryption fine. So we’re using that now. Not too elegant, but if it works don’t mess with it as I said earlier!

16 January 2005

If you have a Windows PC (running Win 2000 or later) it would be well worth your while to visit Microsoft Windows AntiSpyware (Beta) and download and run it. Even if you have other anti-spyware programs you run from time to time each manufacturer seems to have their own database of spyware and each catches different things.

Oh, and if the scan does find spyware, one of the first things you should consider trying is switching browsers to “Mozilla or Firefox”:http://www.mozilla.org/ as Internet Explorer is more of a target for hackers…

2 January 2005

Or has this been festering behind the scenes for months and only recently become public? (Or has there been argument somewhere I just haven’t been noticing?) It’s becoming clear that “Chris Anderson”:http://www.edge.org/3rd_culture/bios/andersonw.html – the Editor in Chief of Wired – has views on copyright that differ somewhat from the ‘bits want to be free’ ideology that the magazine has tended to espouse.

I noticed “last month”:http://blog.org/archives/cat_ecommerce.html#001325 that Chris A (as befits an ex-Economist writer) is keen to encourage commercial companies to sueeze every last penny of value out of their intellectual property while people like “Cory Doctorow”:http://www.craphound.com/ and “Lawrence Lessig”:http://www.lessig.org/ would rather copyright protection was somewhat loosened to make it easier for people to exercise their existing rights and to encourage more theoretically-marketable but marginal content to enter the public domain.

Now Cory and Chris have “locked horns on digital rights management”:http://www.boingboing.net/2004/12/29/cory_responds_to_wir.html. Cory it seems never saw a DRM implementation he liked – Chris is a little more open to persuasion. Certainly both Cory and Larry have been able to dig up plenty of examples of how stupid DRM software rules sometimes mess up consumers’ rights and how it is always possible to circumvent DRM if you try hard enough. But my guess is that even the clumsy DRM implemented today seldom inconveniences most consumers much and most consumers don’t bother trying to get around it, unless they are trying to do something they shouldn’t like giving away copyrighted content to their friends.

If companies managed to develop sophisticated DRM that didn’t significantly impede people’s legitimate desires to share media with their friends and their other devices I wouldn’t be against it if it encouraged companies to make more of their back catalogues available more inexpensively and conveniently online. At the moment the absence of a convenient and comprehensive commercial alternative naturally drives people to the free P2P networks (particularly for more obscure fare) and this just makes the ultimate day of digital convergence further away.

The EFF and others should be encouraging responsible DRM development not just slamming it. How about a code of conduct for responsible DRM coding?

23 October 2004

I always assumed that the large amount of news I receive about battles with the US Congress about various communications policy issues (copyright, privacy, digital divide issues) was simply due to my own interest in these subjects influencing my choice of online media sources. But it seems according to a report by Syracuse University’s “Convergence Center”:http://www.digital-convergence.org/,

During the late 1990s and early 2000s, communications and information policy (CIP) replaced the environment as the policy domain of greatest congressional activity, as measured by number of hearings. From 1997 to 2001, the annual number of congressional hearings devoted to CIP surged to approximately 100 per year.

11 July 2004

Here’s something truly hair-raising I’m glad I didn’t know about at the time. Remember in all those movies where the nuclear missiles require a top-secret code to launch? It turns out for about a decade in the US the secret code was 00000000. Apparently, ‘Strategic Air Command remained far less concerned about unauthorized launches than about the potential of these safeguards to interfere with the implementation of wartime launch orders.’

3 May 2004

Eric Lee makes an interesting argument – he suggests virus writers are targetting working class people (because they don’t have the money for anti-virus software and are less lilely to have the time to develop the experience or skills to avoid viruses). I can’t see that virus writers actually bear working class people any ill will but I do think it is worth pointing out viruses as one more reason why use of the Internet is less likely among the working class.

I disagree with his suggestion following on from this that unions and other service organizations should be promoting open source software to the working class as a way for them to avoid vulnerability to viruses. As I have “said earlier”:http://blog.org/archives/cat_open_source.html#000215 because it is still not fully user-friendly it may be difficult to train non-computer literate (or indeed semi-literate) people to use. I also worry about whether the basic skills Linux users learn will be useful if they enter the world of work where the environment is Windows.

23 March 2004

I just discovered that Amazon US is selling my book Dealing with E-Mail for 60% off – it’s $2.80! At that price you’d be crazy not to buy a copy. Here’s an overview of the book:

This book was designed to be a simple non-technical guide, inexpensive enough to give to everyone in an organization, that would nonetheless introduce workers at all levels to many of the key techniques they can use to manage email more effectively and the key security and legal issues they may face. These include:

  • Filing your email automatically
  • Managing email address books
  • Making sure your address does not get picked up by spammers and…
  • Removing spam automatically when it arrives.
  • Dealing with email-borne viruses
  • Writing clear and culturally-sensitive email
  • Preventing confidential email from being intercepted and read and
  • Being aware of legal issues that may arise including sexual harassment, commercial confidentiality and breach of contract.

The book has been written to be broadly applicable to users of any e-mail system and from any country.

As organizations increasingly use email as a business-critical tool they will become vulnerable to email-borne viruses, spam, legal problems and un-manageable volumes of unnecessary messages unless they ensure that everyone – not just the IT staff and HR managers – learns some of the basic techniques outlined in this book.

There is also a “companion site”:http://www.well.com/user/derb/dealingwithemail/ for the book containing more detailed information and up to date tips.

3 January 2004

Daniel Drezner cites a “Chicago Tribune article”:http://www.chicagotribune.com/news/nationworld/chi-0312250267dec25,1,7299722.story?coll=chi-newsnationworld-hed about Xmas in Eastern Europe which notes in passing:

The biggest obstacle credit card marketers had to overcome in Hungary was fear of fraud. But consumer concerns about the safety of their cards have led to an important security innovation made possible by the explosive growth of mobile phones in Hungary.

Each time a card is used, the cardholder immediately gets a text message on his or her cell phone confirming the transaction and notifying the cardholder of the balance. Initially developed in Hungary, the messaging system is used widely in Poland, the Czech Republic and Slovakia. It is now being introduced in Western Europe.

Ingenious! Not an infallible system, however – around 2% of SMSes don’t get through I seem to recall so customers should be warned that there would still be a chance their credit card transactions could be un-confirmed. Also there is a small cost per message which would eventually be passed on to customers somehow through higher fees, lower rates or whatever.

30 November 2003

Mark Davies, the founder of BusyInternet, Ghana’s biggest cybercafe, told the BBC World Service’s latest “Go Digital”:http://www.bbc.co.uk/newsa/n5ctrl/progs/03/go_digital/24nov.ram programme that Yahoo had threatened to block all purchases to “Yahoo-hosted stores”:http://smallbusiness.yahoo.com/index.php from Ghanaian or Nigerian addresses because of the widespread fraudulent use of credit cards from his cafe. To try to head off this problem, he simply blocked all shopping. It’s extraordinary that a major portal like Yahoo could consider redlining entire nations, and that the “solution” should be for a cybercafe to block all ecommerce – particularly in a country where cybercafes may represent the only accessible Internet connection with the outside world.

A search turned up an article in “Balancing Act”:http://www.balancingact-africa.com/news/back/balancing-act_158.html from May this year with much more detail. According to the Yahoo security consultant:

The point is, 99.999% of purchases from Ghana are fraud. At least 99% of Yahoo stores don’t ship internationally anyway. Our fraud orders are up literally about 1000 percent over last year, almost all from Ghana. The cost to us in time and effort has reached the breaking point.

While it is certainly understandable why the move was threatened, imagine the furore if Yahoo had unilaterally threatened to block, say, all ecommerce from Portugal. This reveals how much unaccountable power these organizations have.

Next Page ?