that’s almost right

Real-estate projects boom near light rail

Transit officials estimate that since 2004, developers have spent close to $6 billion on public and private projects on and around the future light-rail line

Groups ask court to review laptop searches | InfoWorld | News | 2008-06-12 | By Grant Gross, IDG News Service

Circuit Judge Diarmuid O’Scannlain wrote in the panel’s April 21 decision.

“Courts have long held that searches of closed containers and their contents can be conducted at the border without particularized suspicion under the Fourth Amendment,” O’Scannlain wrote. “We are satisfied that reasonable suspicion is not needed for customs officials to search a laptop or other personal electronic storage devices at the border.”

The EFF and ACTE argue in their brief that “invasive” searches of electronic devices should be treated differently from searches of luggage. “Your computer contains a vast amount of information about your private life, including details about your family, your finances, and your health,” Tien said. “All that information can be easily copied, transferred, and stored in government databases, just because you were chosen for a random inspection.”

Tien said he expects a decision on whether to rehear the case within a few months.

Ultimately the customs people are doing it because it’s convenient. If it were as hard to search a laptop as it is to search freight shipments for drugs or nuclear materials, they wouldn’t bother.

Revision3

First, they willingly admitted to abusing Revision3’s network, over a period of months, by injecting a broad array of torrents into our tracking server. They were able to do this because we configured the server to track hashes only – to improve performance and stability. That, in turn, opened up a back door which allowed their networking experts to exploit its capabilities for their own personal profit.

Second, and here’s where the chain of events come into focus, although not the motive. We’d noticed some unauthorized use of our tracking server, and took steps to de-authorize torrents pointing to non-Revision3 files. That, as it turns out, was exactly the wrong thing to do. MediaDefender’s servers, at that point, initiated a flood of SYN packets attempting to reconnect to the files stored on our server. And that torrential cascade of “Hi”s brought down our network.

This is one of the many reasons that vigilante justice is such a bad idea. If the FBI investigation doesn’t lead to an indictment or a plea, I might change my mind — there are plenty of hackers who have faced criminal charges for doing what they thought was the right thing, but which they weren’t authorized to do.

(And if giving false information to Myspace is a crime but deliberately bringing down someone’s network because you think you might not like them isn’t, well…)

Why people don’t trust census-takers

Exchequer secretary Angela Eagle told a February session of the select committee that personal data would remain under UK control regardless. In a carefully-worded follow-up letter to the investigation, she wrote: “I can assure you that the eventual contract that ONS places with the successful bidder will have sufficient provisions to ensure that the service provider will, at no stage, allow the removal from the United Kingdom of any completed paper questionnaire, or any electronic data or images that could in any way identify an individual. Both the warehouse and the processing centre will be located within the United Kingdom.”

All UK households are required by law to complete and return the census form.

The MPs are not satisfied by Eagle’s guarantees. In the conclusions of the report they wrote: “We remain concerned that the personal information gathered through the 2011 census could be subject to the United States Patriot Act and therefore we ask the government to take clear legal advice and advice from the US State Department and to publish it in response to this report.”

First the british government has a really bad record of safeguarding even the data it wants to keep confidential. Second, “removal” and “copying” are rather different processes that have identical effects. Third, even if the electronic data stays in the UK, what’s to stop the contractor from simply picking up the phone to talk to some spooks and give them the information they want, or inviting the spooks to come in and take their own look around…

US firms use own staff to snoop on co-workers | The Register

Two in five (41 per cent) of large US firms pay staff to either read or analyse the contents of outbound emails. One in four (26 per cent) of the 300 US firms surveyed by email security outfit Proofpoint said they had sacked someone for violating email policies over the last 12 months.

Also “misuse” of blogs, message boards, social networking sites.

Of course, the survey is from an “email security” company, so they may be, uh, misspeaking about this. (Fer instance, if you put a virus scanner on outbound mail you’d reply “yes” to the survey, and once a company gets big enough, somebody is going to get fired for pretty much anything you can name over the course of a year…) But then again, given the climate of workplace intimidation in the US, they might not.

USAF Colonel goes on the offensive with botnet destroyer plan | The Register

In a recently published article, Col. Charles W. Williamson III argued an Air Force-controlled botnet could be a cost-effective means to protect military networks under near-constant attack. He envisions collecting machines that would otherwise be discarded, removing their power-hungry hard drives and then making them available to wage attacks against foreign-based computers targeting the military.

Does this guy have any idea of what a botnet actually is or what it’s good for? Are we going to go after all the evildoer-infected computers out there and make them start sending erection spam to each other? I guess it’s possible that there are vicious foreign hackers out there who aren’t in a position to use someone else’s computer to launch their attacks, or to disguise their IP addresses, or to filter nasty packets coming from .mil addresses…

But seriously, other than sending spam, botnets are good for DDoS attacks against large more-or-less fixed targets that need other machines to be able to reach them. Which does not describe people launching penetration attacks. And if you’re going after individual attacking computers — assuming that Dr Evil is no better at keeping machines patched than the rest of us — you hardly need a zombie army of old PCs to do it, because those attacks really don’t need much bandwidth.

I do, however, like the idea of the world’s largest honeypot…

This is the same kind of analysis that says it’s economically better to kill a thousand peasants in Burma than to fire one successful trader in Manhattan. (Yes, that’s glib and unfair, but it seems to me strictly true. Mostly I was infuriated by the “simple matter of programming” assumption in the first paragraph.)

The Reality-Based Community: Cap and Trade: what matters, and what doesn’t

Here the analysis meets a fork in the road. If we choose the GHG charge path, we need to decide how much to charge, which means we have to know the marginal cost of a unit of emission at current emission levels. After a while, emissions will go down, and the charge might get lower; eventually things settle down at the right level.
This charge will generate a lot of revenue, and a completely different analysis applies to what it should be spent on. It’s not as simple as it looks to argue that it should be spent on environmental programs or even GHG reduction, for example. It’s an interesting question, but the subject of another post. With a carbon charge, we’re done.

(B1) If we decide to go down the cap and trade route, we have to determine the “right” amount of global warming gases society should emit. To know this, we need to know the benefits of every possible level of emissions relative to where we are now, and the economic cost of getting to each of those levels. The right amount is where the cost of reducing more is greater than the benefits. Note that to get a cap right requires a lot more information about the world than to get a carbon charge right, and the information we need (costs of compliance) is the kind of thing firms tend to be prickly about disclosing and likely to flat-out lie about.

This analysis would be all very well if we knew the marginal cost of a unit of emission at current emission levels. But we don’t. We know that X amount of additional carbon in the atmosphere will lead to Y amount of warming (where Y is pretty uncertain), and we have some idea that Y amount of warming will do Z net present value of damage to the global economy, where Z depends enormously on discount rates, risk premiums, possible alternative responses and (here’s where the dead peasants come in) how we value economic activity and resources in different parts of the world. That valuation can be done in a bunch of ways that give wildly different numbers and that have wildly conflicting moral valences. If you do it purely by GNP-per-capita, for instance, then lost economic activity or assets in countries that are already rich count for far more than lost economic activity (including lost lives) in countries that are currently poor. Figuring out just how to do the valuation might be technically tractable, but I doubt that it’s politically tractable.

Once you’ve done that valuation, you still have to work back through the uncertainties in the economic effects of some amount of warming to the amount of atmospheric carbon responsible for that warming, and then back to the amount of carbon emission responsible for that much atmospheric carbon. Now you have your global marginal cost of carbon emission, with only a few intractabilities and some huge uncertainty, and you can set your tax rate. Let’s set it at the top of the uncertainty band, just because, well, to do otherwise would be too risky. Sure.

But wait, that’s a global marginal cost. The effects of climate change vary across regions, so some people will be getting taxed/charged at a rate that signals them to cut back more than they need to to avoid bad local effects, while others will be getting charged at a rate that signals them to cut back less. Oh, and the peasant thing rears its head again: pretty obviously people in rich countries will have a much easier time paying the carbon charge than people in poor countries. Fixing this while not subsidizing huge additional emissions or stomping on economic development will be a mess as well. A pure carbon charge, we can see, requires all kinds of information that may be even theoretically impossible to develop, plus information that people will do their best to lie about, plus information that is not information at all but a possibly-intractable series of moral and political choices.

So let me give a deceptively glib version of the argument for cap-and-trade: We know how much CO2 we want in the atmosphere to keep things not too far from the status quo ante (which seems to have been pretty OK for the global economy and human life). We know, within reasonable uncertainties, how much emission there can be to meet that goal. Now with cap-and-trade, you issue permits for that many tons of CO2, auction them off, and you’re done.

Your personal data just got permanently cached at the US border | The Register

Now that US customs agents have unfettered access to laptops and other electronic devices at borders, a coalition of travel groups, civil liberties advocates and technologists is calling on Congress to rein in the Department of Homeland Security’s search and seizure practices. They’re also providing practical advice on how to prevent trade secrets and other sensitive data from being breached.

In a letter dated Thursday, the group, which includes the Electronic Frontier Foundation (EFF), the American Civil Liberties Union and the Business Travel Coalition, called on the House Committee on Homeland Security to ensure searches aren’t arbitrary or overly invasive. They also urged the passage of legislation outlawing abusive searches.

The letter comes 10 days after a US appeals court ruled Customs and Border Protection (CBP) agents have the right to rummage through electronic devices even if they have no reason to suspect the hardware holds illegal contents. Not only are they free to view the files during passage; they are also permitted to copy the entire contents of a device. There are no stated policies about what can and can’t be done with the data.

Between customs and the NSA, they got you coming and going…