Posts Tagged‘senate’

SOPA, PIPA and the Insanity of the US Copyright System.

For over 100 years rights holders have resisted any changes to their business models brought about by changes in technology. From a business perspective its hard to blame them, I mean who wouldn’t do everything in their power to ensure you could keep making money, but history has shown that no matter how hard they fight it they will eventually lose out. Realistically the world has moved on and instead of attempting to keep the status quo rights holders should be looking for ways to exploit these new technologies to their advantage, not ignore them or try to legislate them away. Indeed if other industries followed suit you’d have laws preventing you from developing automated transport to save the buggy whip industry.

The copyright system that the USA employs is a great example of where legislation can go too far at the request of an industry failing to embrace change. At its inception the copyrights were much like patents: time limited exclusivity deals that enabled a creator to profit from their endeavours for a set period of time after which they would enter the public domain. This meant that as time went on there would be an ever growing collection of public knowledge that would benefit everyone and not just those who held the patent. However unlike the patent system copyrights in the USA have seen massive reform in the past, enough so that works that would have come into the public domain will probably never do so.

Thankfully, whilst the copyright system might be the product of an arms race between innovators and rights holders, that hasn’t stop innovation in the areas where the two meet. Most of this can be traced back to provisions made in the Digital Millennium Copyright Act (DMCA) that granted safe harbour to any site that relied on user generated content. In essence it put the burden of work on the rights holders themselves, requiring them to notify a site about infringing works. The site was then fully protected from legal action should they comply with the request, even if they restore the offending material after receiving a counter claim from the alleged offender. Many sites rely on this safe harbour in order to continue running on the web because the reverse, them policing copyright themselves, is both technically challenging and resource intensive.

However just like all the technologies and provisions that have been made for the rights holder industry previously those safe harbour provisions, which enabled many of the world’s top websites to flourish, are seen as a threat to their business models. Rights holders associations have said that the DMCA as it stands right now is too lenient and have lobbied for changes that would better support their business. This has come in the form of 2 recent bills that have dropped in both houses: the PROTECT IP Act (PIPA) in the senate and the Stop Online Piracy Act (SOPA) in the house of reps. Both of these bills have attracted heavy criticism from the technology and investment sectors and it’s easy to see why.

At their core the bills are essentially the same. Both of them look to strengthen the powers that rights holders have in pursuing copyright infringers whilst at the same time weakening the safe harbour provisions that were created under the DMCA. Additionally many of the mechanisms described in the bill are at odds with the way that the Internet is designed to work, breaking many of the ideals that were set out in order to ensure ubiquitous access. There’s also many civil liberty issues at stake here and whilst bill supporters have assured everyone that they don’t impact on them in any way the wording of the bill is vague enough to support both interpretations.

The main issue I and many others take with these bills is the shifting of the burden of proof (and thus responsibility) away from the rights holders and onto the web site owners. The changes SOPA advocates mean that web site administrators will be responsible for identifying copyrighted material and then removing it from their website, lest they fall prey to having their domain seized. Whilst this more than likely won’t be the downfall of the sites that made their fame inside the safe harbours of the DMCA it would have a chilling effect on start-ups looking to innovate in an area that would have anything to do with a rights holder group. Indeed it would be the sites that have limited resources that would be hit the hardest as patrolling for copyright infringement isn’t a fully automated process yet and the burden could be enough to drive them under.

It’s also evident that SOPA was put together rather haphazardly when some of the most known copyrights infringement sites, like The Pirate Bay, are actually immune to it. Indeed many sites that rights holders complain about aren’t covered by SOPA (just by the current laws which, from what I can tell, means they’re not going anywhere) and thus the bill will have little impact on their activities.

You might be wondering why I, an Australian who’s only ever been to the USA once, would care about something like SOPA. Disregarding for the moment the principle argument and the fact that I don’t want to see the USA technology sector die (I could justify my point easily with either) the unfortunate reality is that Australia has a rather liberal free trade agreement with the USA. What this means is that not only do we trade with them free of tariffs and duties but we’re also obliged to comply with their laws which affect trade. SOPA is one such bill and should it pass it’s highly likely that we’d be compelled to either implement a similar law ourselves or simply enforce theirs. Don’t think that would happen? A leaked letter from the American ambassador to Spain warned them that not passing a SOPA like bill would see them put on a trade blacklist effectively ending trade between the two countries.  This is just another reason as to why everyone, not just Americans, should oppose SOPA in its current form.

The worst part of all of this is the potential for my site, the one I’ve been blogging on for over 3 years, to come under fire. I link to a whole bunch of different places and simply doing so could open me up to domain seizure, even if it wasn’t me putting the link there. I already have limited time to spend on here and the additional task of playing copyright police would surely have an impact on how often I could post and comment. I don’t want to stop writing and I don’t want people to stop commenting but SOPA has the very real potential to make both those activities untenable.

So what can be done about SOPA and its potential chilling effects on our Internet ecosystem? For starters if you’re an American citizen write your representative and tell them to oppose SOPA. If you’re not then the best you can do is help to raise awareness of this issue, as whilst it’s a big issue in the tech circles, even some of the most versed political pundits were unaware of SOPA’s existence until recently. Past that we just have to hope we’ve made enough of an impression on the USA congress critters so that the bill doesn’t pass, at least in its current form. The hard work of many people has made this a very public issue, but only continued pressure will make it so it won’t damage the Internet and the industries it now supports.

EDIT: It appears that the strong opposition has caused the American congress to shelve SOPA indefinitely. Count that as a win for sanity.

LulzSec: Easy to Hate, Easy To Love.

It’s nigh on impossible to make a system completely secure from outside threats, especially if it’s going to be available to the general public. Still there are certain measures you can take that will make it a lot harder for a would be attacker to get at your users’ private data, which is usually enough for them to give up and move onto another more vulnerable target. However, as my previous posts on the matters of security have shown, many companies (especially start ups) eschew security in favor of working on new features or improving user experience. This might help in the short term to get users in the door, but you run the very real risk of being compromised by a malicious attacker.

The attacker might not even be entirely malicious, as what appears to be the case with one of the newest hacker groups who are calling themselves LulzSec. There’s a lot of speculation as to who they actually are but their Twitter alludes to the fact that they were originally part of Anonymous, but decided to leave them since they disagreed with the targets they were going after and were more in it for lulz than anything else. Their targets range drastically from banks to game companies and even the USA senate with the causes changing just as wildly, ranging from simply for the fun of it to retaliations for wrong doings by corporations and politicians. It would be easy to brand them as anarchists just out to cause trouble for the reaction, but some of their handiwork has exposed some serious vulnerabilities in what should have been very secure web services.

One of their recent attacks compromised more than 200,000 Citibank accounts using the online banking system. The attack was nothing sophisticated (although authorities seem to be spinning it as such) with the attackers gaining access by simply changing the identifying URL and then automating the process of downloading all the information they could. In essence Citibank’s system wasn’t verifying that the user accessing a particular URL was authorized to do so, it would be like logging onto Twitter and then typing say Ashton Kutcher’s account name into the URL bar and then being able to send tweets on his behalf. It’s basic authorization at its most fundamental level and LulzSec shouldn’t have been able to exploit such a rudimentary security hole.

There are many other examples of LulzSec hacking various other organisations with the latest round of them all being games development companies. This has drawn the ire of many gamers which just spurred them on to attack even more game and related media outlets just so they could watch the reaction. Whilst it’s kind of hard to take the line of “if you ignore them they’ll go away” when they’re unleashing a DDoS or downloading your users data the attention that’s been lavished on them by the press and butthurt gamers alike is exactly what they’re after, and yes I do get the irony of mentioning that :P. Still had they not been catapulted to Internet stardom so quickly I can’t imagine that they would continue being as brash as they are now, although there is the possibility they might have started out doing even more malicious attacks in order to get attention.

Realistically though the companies that are getting compromised by rudimentary URL and SQL injection attacks only have themselves to blame since these are the most basic security issues that have well known solutions and shouldn’t pose a risk to them. Nintendo showed that they could withstand an attack without any disruptions or loss of sensitive data and LulzSec was quick to post the security hole and then move onto to more lulzy pastures. The DDoSing of others though is a bit more troublesome to deal with, however there are many services (some of them even free) that are designed to mitigate the impact of such an incident. So whilst LulzSec might be a right pain in the backside for many companies and consumers alike their impact would be greatly softened by a strengthening of security at the most rudimentary level and perhaps giving them just a little less attention when they do manage to break through.

 

NASA Hamstrung By Congress Once Again.

It seems that whenever I mention NASA and the US congress together I’ve never really got anything positive to say. Indeed my last 3 posts tagged congress are all critical of the government’s involvementin NASA’s affairs and how their constant medlinghas caused nothing but harm. Still I recognise that without congress’ involvement there wouldn’t be a NASA at all and that whilst I may lament the organisation being used as a part of pork barrell politics it at least keeps their budget from being drastically slashed. Today I was hoping to write about some of the more positive news that had come out of the US congress but unfortunately the relationship hasn’t changed one bit.

About 4 days ago saw the passing of a bill in congress that saw some funding approved for NASA. Now usually this would be something to celebrate but in true congressional style they’ve managed to bollocks it up once again:

 The House Science and Technology Committee approved H.R. 5781 with strong bipartisan support July 22, sending forward a bill that authorizes only a small fraction of the $3.3 billion NASA sought to invest in a commercial crew transportation system over the next three years. The bill authorized $150 million through 2013 for commercial crew and another $300 million in the form of government-backed loans or loan guarantees. The measure also would continue much of the work being done under NASA’s Constellation program, a 5-year-old effort to build new rockets and spacecraft optimized for lunar missions that President Barack Obama targeted for termination in his 2011 spending proposal delivered to Congress in February.

Now whilst I’m excited at the fact that they’re adding another space shuttle flight to the manifest (as that means I’ll definitely be able to go and see it next year) the rest of the bill shows a complete disregard for Obama’s vision for spacethat was laid down at the start of this year. The idea of replacing all of NASA’s routine activities with cheaper commercial solutions was a sound idea, especially when companies like SpaceX are proving just how capable they are. $3.3 billion would have bought at a rough guess about 30 fully stacked Falcon 9 rockets with Dragon capsules on top, more than enough to tide NASA over for several years. $150 million would probably cover the cost of a single rocket and little more, meaning that all you’d really get would be one demonstration flight.

Keeping the Constellation program alive is something I can’t really support unless it gets a whole bucket load of new funding. Right now many of NASA’s other activities like robotic space exploration and science have suffered because the Constellation program is using resources that were once planned for them. The program’s vision was too ambitious for the amount of funding it was given and unless new money is brought in to complete it NASA will continue to suffer under its burden. You know that this is all done in the name of pork barrelling when the bill will “prohibit NASA from laying off civil servants for at least six months following the bill’s enactment”.

Most often the criticisms I see laid at the commercial alternatives to NASA’s own launch systems is that they don’t have the experience nor do they meet the safety ratings required for NASA’s human program. The first is somewhat valid as whilst companies like United Launch Alliance have a vast wealth of launch experience they have never actually launched people into space on one of their rockets. On the other hand however the requirements for man ratingare well known and SpaceX’s Falcon 9 conforms to all required specifications. ULA has also has specifications for man rated versions of their ATLAS-V and DELTA-V rockets so the notion that commercial space alternatives aren’t up to the task is plainly false.

The bill makes even less sense when you consider some of the most recent developments coming out of the commercial space industry. SpaceX just recently announced their plans for some new launch systems and boy are they impressive:

For the transition from Earth to Mars, however, SpaceX believes nuclear thermal is the preferred propulsion means for the piloted aspect of the mission, while solar-electric power could be used to transport supplies.

The U.S. government “should take the lead on nuclear and commercial industry should take the lead on building heavy-lift launch vehicles,” Markusic says. “Low-level propulsion technology research and development should be government-led, with a transition to flight development in 2025.”

A growth development, dubbed Falcon X Heavy, would employ nine engines clustered in three cores. Collectively these would generate 10.8 million lb. of thrust at liftoff and boost 125,000 kg. to orbit. The ultimate launch vehicle, the Falcon XX, stands as tall as the Saturn V, is configured with six engines in a single core and is designed to lift 140,000 kg. to LEO.

SpaceX’s new rockets are simply staggering in their specifications. The Falcon X Heavy already outpaces the Saturn V (the biggest rocket in history) and the Falcon XX is nipping at the heels of the planned Ares V. They’ve nailed the point that the private industry should be responsible for the more routine activities of getting into space as NASA has no real need to do this when cheaper, viable alternatives are available. Interestingly enough this is the first I’ve heard anyone talk about nuclear thermal propulsionin quite a long time and realistically I’ve always seen it as the next logical step in rocket technology once chemical propulsion reached its limits. Whether or not SpaceX’s push to get NASA to develop such technology gets off the ground is another matter however and it might be another decade before it sees any traction.

I’ve always been disillusioned with the US congress when it comes to meddling in NASA’s affairs and these recent developments haven’t done anything to help that. The private space sector is really starting to pick up steam and it just makes sense for NASA to drop their current launch systems in favor of cheaper alternatives. This will allow them to get back to their roots of pioneering in space rather than getting caught up in the routine activities that can be easily offloaded to someone else. With Elon Musk’s plan to retire to Mars I’m sure we’ll be seeing a lot more progress from the private sector in the decades to come and right now it looks likely that they’ll become the ones to inspire the next generation. Maybe then congress will wake up and let NASA do what they do best.