|
 Friday, September 26, 2003
How The Ohio Cable Modem Uncappers Fared. Dave writes in with a link following up on a story from last year about some Ohio residents who found themselves facing federal crimes prosecution for simply uncapping their cable modems. The details of the story were sickening. While you can understand why a cable company might get annoyed at someone for uncapping their cable modem to allow for faster speeds - at most you'd expect a warning letter or (worst case) cutting off the service. Instead, this cable company happened to "estimate" damages of over $11,000 a person (with no justification). It just so happens that was the level needed to get the FBI interested - so suddenly these folks who wanted a little more bandwidth found themselves facing federal charges. In a followup to the story, it was noted that the cable company was coming down particularly hard on a lawyer they didn't like due to some of his actions as a local prosecutor. So now, a year later, Broadband Reports has written up a followup to look at what happened to all of the accused uncappers. Most of them settled, paying thousands of dollars in fines and agreeing to community service. Some cases were dropped outright. The lawyer, though, went to court - and won. It turned out that the terms of service from the cable company didn't actually say you couldn't uncap your modem. No matter what the result, it's still disturbing to see the FBI getting involved with some people who just wanted faster internet connections.
[Techdirt]
Continuing abuses of cartels of the federal system. How can this be construed as a federal crime? Don't we have better things to do, like get some terrorists? And I love that the actual person who went to court won. So many of these tactics are simply intimidation. Charge someone with a psuedo crime that has extremely harsh penalties, create a loss of millions, suggest that they could be sent to hard labor for years and most people would settle. Like the RIAA cases, the goal is NOT to take these to court but to create publicity. The huge penalities serve to get a lot os cases settled. This way the bullies win on all sides. It is wrong and is one reason I will never get a cable modem if given a choice. Unfortunatley, we have little choice in broadband today. 4:07:05 PM 
|
|
River Person or Goal Person. Dina Mehta quotes from an article by Chuck Frey:
The late self-help expert, Earl Nightingale, once explained that there are two types of people: river people and goal people. Both types of people can experience personal fulfillment and success in life, although in different ways.
Goal People
Most of us are undoubtedly familiar with goal people. They are the individuals who write down their objectives and timetables for reaching them, and then focus on attaining them, one by one. By laying out a roadmap of future achievements in front of them, goal people give their creative minds a clear set of stimuli to work on. Their subconscious minds can then get to work incubating ideas and insights that will help them to reach their goals.
River People
River people, on the other hand, don't like to follow such a structured route to success. They are called river people because they are happiest and most fulfilled when they are wading in a rich "river" of interest -- a subject or profession about which they are very passionate. While they may not have a concrete plan with measurable goals, river people are often successful because they are so passionate about their area of interest.
River people are explorers, continually seeking out learning opportunities and new experiences. For river people, joy comes from the journey, not from reaching the destination -- exactly the opposite of goal people.
Recognizing both qualities in yourself -- Most people are a combination of these two personality types. I know I am. In my full-time job, I am expected to be goal oriented. I have specific personal and departmental objectives for which I'm responsible. At the same time, however, I get the most "juice" out of being an explorer, learning new skills, collecting information and writing about innovation and technology.
So beautifully written. I guess I am a bit of both, though the river person tends to dominate. What about you? [E M E R G I C . o r g]
I've have always used a different metaphor. I would rather blaze a trail than build the town. Finding a new path is much more exciting for me than getting just the right brick for the wall. I would rather wander, finding things I would never think to look for, than make sure the roads are straight. Adventuring versus process. We need both but I prefer the former and will fight to be allowed to go a'roamin'. 12:43:17 AM
|
|
|
Ohmigod! Reading this report on Maryland and digital election machines (see below) is like reading something from Bizarro World. What would they have implemented if this review had not taken place, if the software had not been leaked? Here are some nice excerpts:
AccuVote-TS voting system is not compliant with State of Maryland Information Security Policy & Standards Yes, the system that is going to be used did not even meet the state's own security standard. This leads to this wonderful material:Failure to meet the minimum security requirements set forth in the State of Maryland Information Security Policy and Standards indicates that the system is vulnerable to exploitation. The results of a successful attack could result in voting results being released too soon, altered, or destroyed. The impact of exploitation could lead to a failure of the elections process by failing to elect to office, or decide in a ballot measure, according to the will of the people. The impact could be a loss of voter confidence, embarrassment to the State, or release of incomplete or inaccurate election results to the media. I'll bet it would have an impact!!
SBE [State Board of Elections] does not require the secure transmission of election vote totals Yes, transmissions could be altered in transit and there is no process to detect this.
SBE relies upon Diebold (the AccuVote-TS vendor) to load the version of software certified by the Independent Test Authority (ITA) Yet, it has no process to verify that the software actually loaded is correct. Great.
SBE GEMS server is connected to the SBE intranet Current security controls state that the voting system not be on a network. Not only is it but it also contains parts of MS Office and other irrelevant software. They recommend testing for trojans or other exploits. Another 'Who thought connecting the voting server to an intranet was a good idea?' This section ends with this gem:We recommend that SBE discontinues the use of an FTP server to distribute the approved ballots. Amazingly, the ballots were to be distributed by a very non-secure system. I bet the hackers are just drooling about what they can do hacking into these systems
The system, as implemented in policy, procedure, and technology, is at high risk of compromise. Application of the listed mitigations will reduce the risk to the system. Any computerized voting system implemented using the present set of policies and procedures would require these same mitigations. This is the final statement of the risk of this system. Not a very hopeful one, considering that these are basic ideas about security. Why did it require an outside investigation to uncover these things? What would have happened if this investigation had not taken place? And it would most likely not have taken place if someone had not gotten ahold of code they were not supposed to see. I will only believe in digital voting if it uses processes that are open and transparent, at least to more than just the commercial pressures present in a for-profit company. The needs of the company are not those of the state or its voters. What sorts of penalties would there be for a company that provided faulty software? Absolutely none, since it would most likely blame the state. In the meantime, we would have elections that no one could trust. I guess I'll just move to an absentee ballot. Those are secure, right? 12:13:35 AM
|
|
|
|
|
