Sorry, ISPs. You’ll have to deliver what you promise.
Unless you own a telecommunications company with a business model based on selling more bandwidth than you can deliver and then punishing your customers, this should be good news.
The FCC ruled against Comcast on Friday, saying that their interference with customers’ file transfers was a violation of federal policy. While it’s far from a guarantee of future network neutrality, it’s probably as good a precedent as we could have hoped for from this case.
Comcast has been given until the end of the year to get their act together and stop undermining the proper function of their service. While that is a lot further than the deadline I would have given them, the good news is that the Electronic Freedom Foundation has released the Switzerland Network Testing Tool. This means that Comcast’s customers should now be able to easily watch their ISP to make sure that they’re complying with the ruling.
No secret software for public voting or security!
Another blogger has an article up about Christine Peterson’s talk at the O’Reilly Open Source Convention. She argues that privacy and security are compatible, and she’s right.
She predicts that Washington’s technologically clueless will use top-down, individual-surveillance methods when they have access to next-generation technology like high-precision chemical detectors, and that they will do it using secret procedures and secret software just as they have done with electronic voting.
Unlike what happened with electronic voting, she says, we need to see this coming, head it off, and make it clear that software secrecy and individual surveillance are bad security measures. It can’t be framed as a debate around open source software. It needs to be a security issue, and those of us who understand that the Internet isn’t a series of tubes need to explain it clearly.
Here’s my shot at it:
There is only one way of proving that a program is secure : getting as many people as possible to test it and examine the code. Anything short of this is a half-measure.
Any idiot can design a security system that he can’t figure out how to break. Diebold, the makers of the American electronic voting machines, may claim that their system is secure. All this means is that they haven’t spotted any flaws.
Their are a lot of smart hackers out there. Few, if any, work for Diebold. Many of them may be hostile to your country’s government or people.
Don’t assume you have the best hackers, or that secrecy will protect you. The Germans tried that in World War II, and their supposedly unbreakable Enigma cipher machine was defeated. Their secret communications were intercepted.
If we want to assure our physical security, we need to make our security systems open to inspection to make sure that they actually work.
We also need to use the tools we have to go after the threats that exist. As far as I know, there is no machine that detects terrorists. There are, or will be soon, machines that allow us to test for individual particles of specific substances. The obvious use that almost every politician will find for this? Drug testing. Cracking down a little bit more on what you get to do with your body. Taking away your freedom.
A sensible and effective security policy would be to use these detectors to find things like anthrax and plutonium. Something tells me that if you find the guys smuggling WMDs, you’ll find the terrorists.
Unless we do something about it, we will instead get a security policy based on wiretapping citizens and drug testing, using secret systems.
Telephone conversations are not a threat. Marijuana is not a threat. The real threats are natural and economic disasters, WMDs, private companies with exclusive control over the democratic process, and politicians who don’t understand security or technology.
Learn
Watch Now
-
Archives
- August 2008 (6)
- July 2008 (13)
- June 2008 (6)
-
Categories
-
RSS
Entries RSS
Comments RSS
