UNEASYsilence published a story two days ago about connections to 2O7.net from Adobe CS3 applications.

It’s scaremongering of the worst sort. The connections to 2O7.net are happening because the splash panel fetches a Flash graphic from Adobe’s website when you start the app. It is used to fill the bottom right corner, like this:

Anyway, when you load that graphic, it connects to Omniture (who own the 2O7.net domain) who provide site access statistics and the like. Big hairy deal.

It simply isn’t, as UNEASYsilence were all too keen to suggest, some sort of devious invasion of privacy on Adobe’s part.

There should be a variant of Hanlon’s Razor to cover this kind of thing. Perhaps something like

Never attribute to privacy infringement that which can be adequately explained by on-line content delivery, statistics gathering or software update.

It’s not quite as succinct now though. We need something snappier (suggestions, anyone?)

Or maybe people should just stop crying wolf every time Little Snitch tells them that an application is accessing the network.

Posted by alastair at 5:01 PM Digg It | Permalink | Comments (2) | TrackBacks (0)

The BBC thinks that it’s newsworthy that Liberal Democrat leader Nick Clegg does not believe in God.

I think it’s much more interesting that the BBC decided to write an article about it. Most of the British population doesn’t believe in God these days, so it’s hardly worthy of a headline on the BBC News website when we find that one of our politicians doesn’t either. That just makes Mr. Clegg representative of the people, unlike Tony Blair and Gordon Brown who both hold religious beliefs.

As a result, while this kind of thing might be big news in the United States, it’s really the fact that Blair and Brown are religious that should have made headlines over here.

Posted by alastair at 3:19 PM Digg It | Permalink | Comments (0) | TrackBacks (0)

After a couple of previous stories about data loss, you’d have thought it would be the end of it, but sadly, it isn’t. This time it’s three million driving test candidates’ data, and while it c|net’s article says that the lost disk was “formatted specifically for Pearson systems”, the fact is that that is no protection whatsoever.

OK, so in this particular instance it wasn’t the Government that lost the data. But they did give it to someone who then didn’t take enough care with it, and after introducing legislation designed to protect the public from companies doing that exact same thing.

I’ve said it before and I’ll say it again. The fault here is that financial institutions and the Government are prepared to use facts about you as your canonical identity. This is wholly the wrong approach, because there is no authentication involved.

It should be possible for me to write all my personal details on a billboard sign in the middle of London and have no fear that someone will take credit in my name. And that means that we need a different means of establishing a canonical identity, one that includes authentication.

Posted by alastair at 5:51 PM Digg It | Permalink | Comments (0) | TrackBacks (0)

OK, so I found this little gem:

Yes, that’s right, someone is looking for a pirated copy of one of our products, in this case iPartition 3.

Only in this case, this someone is Mike Gibson. How do I know? Well, easy really; look at this Dave Matthews Band “fansite”, or on the gibsonweb.net wiki where it helpfully links to Mike’s blog. Yes, Mike is EmptyG and EmptyG is Mike; check out the ICQ and AIM addresses if you don’t believe me.¹

Software isn't the only thing Mike is happy to pirate, either; there’s a copy of David Pogue’s book iPhone: The Missing Manual on Gibson’s iPhone page (there’s no link to it because you should buy it if you want a copy; what you shouldn’t do is download it from Mike Gibson’s website).

And just in case anyone doubts Mike Gibson’s pirate credentials, he’s probably also got himself an illegal copy of VMWare Fusion² (if the site I found the original post on is to be believed, where he was thanking someone for posting a link to a copy on a file-sharing site). And he recommends two other Mac-specific piracy forums, again on the same site. I’m not going to be specific about those because I don’t care to advertise them. Finally, you’ll note from the above that Mike has made 3,608 posts on the piracy board I took that screenshot from.

So if you’re wondering what a software pirate looks like, here he is, with girlfriend Dana (who I’m sure had nothing to do with any of this). If you live near Encinitas, CA, near San Diego, you might even see Mike on the street.

And Mike, if you’re reading this and wishing you had been more discreet³, you’ve missed the point entirely. You shouldn’t be trying to get hold of illegal copies of other peoples’ hard work in the first place. If you want a copy of iPartition 3, you can buy one like everyone else.

As it is, I’d say you’re hoist by your own petard. You should be ashamed.

Posted by alastair at 5:09 PM Digg It | Permalink | Comments (0) | TrackBacks (0)

Well it looks like I was right about the whole MacHeist/MacZot thing, according to a post from Steve Harris of Reinvented Software (via Daring Fireball).

Yes, Steve made a bit of money by selling through MacZot. Not much though, and his figures pretty much blow the you’ll-make-money-from-upgrades argument out of the water.

And following on from John Gruber’s original guesses as to the amount of money made by the organisers of MacHeist, Wikipedia notes that MacHeist I raised $200,000 for charities and took $800,000 in total. Using similar working to Gruber’s original calculations, we find that¹:

So MacHeist’s organisers could have pocketed as much as half a million U.S. dollars, some 86% of the profit after the charitable donation and expenses, as compared with a total of 14% for the developers, or an average of just 1% per developer, and more than twice as much as was paid to charity. That, frankly, is nothing short of scandalous, and I’m sure that the people who bought from MacHeist would expect most of their money either to go to the developers or to charity, whereas in fact the overwhelming majority has presumably ended up lining the pockets of MacHeist’s organisers.

So while I feel somewhat smug to learn that I was right about MacHeist and MacZot all along (as, I'm sure do John Gruber [and again], Paul Kafasis, and Gus Mueller to name but a few), I feel sorry for the developers, charities, and customers who I think were ripped off.

Posted by alastair at 12:42 PM Digg It | Permalink | Comments (0) | TrackBacks (0)

On occasion, when people illegally distribute our software, we end up having to revoke their licenses. I’m sure they feel that this is some sort of “revenge” measure, but it really isn’t about that; we do it for two main reasons:

• To stop others from activating copies of the files they distributed.
• To stop them from distributing future versions and updates.

As a result of one recent incident, we’ve been seeing a lot of attempts to activate illegal copies of iPartition 3. So many, in fact, that I’m quite tempted to publish the IP addresses of the people involved. Doubtless if we do that, people will whine about infringement of their privacy, but I’m not suggesting publishing their names, just their IP addresses and maybe their machine serial numbers.

I’d be interested to hear others’ thoughts on this idea.

Posted by alastair at 10:59 AM Digg It | Permalink | Comments (3) | TrackBacks (0)

Peter Brown of the Free Software Foundation (from BBC News):

“Media companies are trying to force people to think about copyright infringement almost in line with murder on the high seas.”

That’s complete poppycock, and the FSF should know better; they’ve been around more than long enough to have seen the software and music piracy phenomenon arise, and that being the case, I can’t believe they don’t know that “pirates” play up to the skull-and-crossbones image.

It’s only recently, when massive copyright infringement has become mainstream (and yes, sadly, it is mainstream), that people have started to object to the use of the word “piracy” in this context, and only then because they want to think they’re doing nothing wrong.

He goes on to say

“Copyright law is about copying and reproduction of work; that is on the statue books for everyone and is sufficient to tackle the problem.”

which, again, is complete arse-gravy (to quote Stephen Fry). We can tell that it isn’t sufficient to tackle the problem because there are many thousands of copyrighted files being shared every day on peer-to-peer networks, and the few prosecutions to date have done little to discourage that.¹

Also, anyone involved with copyright will tell you that it’s presently impossible to enforce to any reasonable extent because of jurisdictional issues. For instance, the infringer may be in (say) Italy, and may be using a service run by a German company but hosted on servers in London and whose details are being obscured by a “privacy” service run by an American company.

So, you want to start a lawsuit? You’ll first have to obtain a subpoena from a U.S. court, which requires that you file a suit in the United States. But the U.S. court doesn’t have any jurisdiction in London, so in order to get the name of the German company you’ll need to sue the U.K.-based hosting company in a U.K. court. You still haven’t got the name of the infringer yet, and you still don’t even know which country they’re in. So now you sue the German company in a German court to get them to give up the name of the infringer. If you’re lucky, you have name and address and you know the infringer is Italian. So you start another lawsuit in an Italian court.

The tally so far? Lawsuits in four different countries, which means at least four sets of lawyers; you can’t get anyone to pay for those because the people you were suing weren’t individually doing anything wrong… you just needed them to give up the name of their customers. You probably could recover the costs—which, by now are astronomical—from the copyright infringer, however that assumes that they actually have enough money to pay for all those lawsuits and lawyers, which is unlikely. And how long has all of this taken? Years, probably. Some court systems are fast; others simply are not.

This is uneconomic and impractical even for huge corporations, and Peter Brown would have us believe that it’s a viable solution for e.g. solo software developers?! I’m beginning to see why Fake Steve Jobs calls them “freetards”.

Personally, I think that the fact that the problem here is widespread misbehaviour on the part of the general public means that the only option is for copyright infringement to become a petty crime, like shoplifting. Of course, the civil rights movement will probably fight such a move, but at the end of the day we either have to accept that copyright isn’t working (in which case the only option will be strong DRM, which nobody really likes), or do something about it.

Posted by alastair at 2:15 PM Digg It | Permalink | Comments (0) | TrackBacks (0)

An Indian judge has issued a court summons for two gods.

I’d laugh my head off if they actually turned up, but given my scepticism about the existence of deities generally (gods, as far as I’m concerned, are a lot of superstitious nonsense that we could usefully do without¹), I find the prospect disappointingly unlikely.

It does put the priest in a quandary though. If they don’t turn up, who is the court going to hold in contempt? Surely the priest, as the representative of those gods, is the only option, which means he might very well win his case and go to jail :-)

Posted by alastair at 5:39 PM Digg It | Permalink | Comments (1) | TrackBacks (0)

Somewhat predictably, the “privacy” lobby¹ has been taking advantage of the increased publicity after the recent H.M. Revenue & Customs debacle.

However, the entire debate is marred by the fact that all of the people shouting the loudest are completely missing the point.

The problem is not really that HMRC has just lost 25 million sets of personal details. That’s very careless of them, of course, and it’s quite right that they should be chastised for it. But that isn’t really the problem.

The problem is that the Government, the banks, building societies, lenders and credit reference agencies use your personal details as an identifier for you, without authentication of any sort. If it weren’t possible to take out a loan in someone else’s name just by knowing a few personal details, the loss of data from HMRC would be incompetent, but largely inconsequential.

The right fix is not to enact new and even sillier laws to “protect” our personal data—to do that would be to treat the symptom, not the cause. The right fix is to close the loophole that is being exploited by so-called identity thieves². And the loophole is the fact that the Government doesn’t issue us with a decent identity mechanism that can be positively authenticated³.

The sad thing about this entire affair is that identity cards, done right, would solve this problem in a fairly satisfactory manner, and without posing any real risk of loss of privacy.

Posted by alastair at 12:01 PM Digg It | Permalink | Comments (0) | TrackBacks (0)

Apparently, one in ten U.K motorists has collided with a parked vehicle and driven off, according to the BBC. One in ten!!

If true, I reckon ten percent of U.K. motorists should probably have their driving licenses confiscated.

I have to say, I’ve thought for ages that the focus on technical proficiency in the driving test was misguided. It isn’t incompetence that causes the largest number of problems on the road, it’s peoples’ attitudes, so what we really need is a psychological test, rather than trying to beef-up what was already a perfectly good proficiency test.

Posted by alastair at 11:15 AM Digg It | Permalink | Comments (0) | TrackBacks (0)

From Universe Today:

And this was the technique that Redfield and his team used to measure the atmosphere. "Take a spectrum of the star when the planet is in front of the star," explains Redfield. "Then take a spectrum of the star when it’s not. Then you divide the two and get the planet’s atmospheric transmission spectrum. Each time the planet passes in front of the star the planet blocks some of the star’s light. If the planet has no atmosphere, it will block the same amount of light at all wavelengths. However, if the planet has an atmosphere, gasses in its atmosphere will absorb some additional light."

It occurs to me that this approach has an interesting flaw. If we were to find a planet whose body was transmissive for some reason (the example that springs to mind is a planet made entirely of glass or of some translucent or transparent mineral like quartz or diamond), the assumption that the solid body of the planet blocks light equally at all wavelengths is no longer true.

What’s the likelihood of such a body existing? Quite low, I should think; after all, many things that we think of as transparent would probably be opaque at planetary sizes. But then the universe is a big place, and there are plenty of strange and unlikely sounding objects out there already.

I suppose most such configurations are likely to show up in the line spectra, but even then my guess is that they could easily be mis-interpreted. That, of course, is one of the hazards of all of this type of research… because we can’t actually resolve the planets themselves, we don’t really know what we’re looking at. It’s all best-guess and assumptions. In a few hundred years’ time, I’m sure people will look back on the present-day planet hunters with considerable amusement, just as many of us do today at the unusual beliefs of some of our ancestors.

Posted by alastair at 2:06 PM Digg It | Permalink | Comments (1) | TrackBacks (0)

Stephen Fry’s latest post includes the following explosion of despair:

“How come we British are just about the only nation on earth who have to make the tedious and entirely unnecessary three extra keystrokes every time we type a URL? I could be stephen.fr in France, stephen.za in South Africa, stephen.ru in Russia, stephen.nl in Holland, etc, etc, but here? Oh no, it’s stephen dot co dot bloody uk. How annoying is that?”

It should really be “stephen dot me dot bloody uk”, of course. “.co.uk” is really intended for commercial organisations, but because of its liberal registration policies, like the similar “.com” TLD it has been widely abused for other uses. As a result, the general public seems, not unsurprisingly, to be a little mystified as to what the TLDs and the U.K. SLDs actually mean.

It may still seem a little irritating having to type a few extra keystrokes, though of course you’re entirely free to register “stephen.com” instead, and having these fixed SLDs does make it a little harder for people to fraudulently set up sites that appear to belong to the British Government (for instance). Particularly now that internationalized domain names are becoming available… can you tell the difference between “.gov.uk” and “.gоv.uk”? I find it quite difficult myself, but the two are different.

Anyway, if you want the reasons for the “.co” or “.me” and a list of second-level domains, Wikipedia has one.

Posted by alastair at 11:40 AM Digg It | Permalink | Comments (0) | TrackBacks (0)