Archive for May, 2010

Archive for May, 2010

Dystoparx — Part 2

Posted on

22:01 <acklas> << parliament has tabled a bill to deal with the volume of court cases.

Our protagonist is doodling on his arm with a pen. One of the few things meatspace (as opposed to cyperspace) has going for it: absent minded doodling. Not that the Internet hasn’t given him all kinds of things to occupy his mind. Sometimes he just needs to doodle and think about nothing.

22:05 <acklas> I guess if we’re going to have so many court cases being brought by one entity, we might as well reduce the cost to the taxpayers.

Bouncy jazz flows from the sound system in his room. The happiness in the music doesn’t match his emotions at all, but he isn’t really listening. He spins idly in his chair, mind occupied by the geometry appearing on his arm as the pen leaves its trail of blue.

fakepm: Why try court cases when obviously the pirates are guilty? #C63
acklas: @doctorow taxpayers’ $$ are going into the suits. Maybe limits are good.
m0rty: So cute. My daughter sleeping with puppy
jjdavis: Hitler upset about C63

His pen runs out of ink. Now he’s chewing on the cap. He hits a key combination so that he can post to his microblog:

Drawing on my arm. #

He ought to be doing work. He telecommutes, and as long as he delivers the boss will leave him alone. He just doesn’t feel motivated today.

22:15 <acklas> What do you think?
22:15 <nicnus> mi na se raktu
22:17 <acklas> lojban?
22:17 <nicnus> u’inai
22:19 <acklas> If you’re so bored, then do something.
22:19 <nicnus> darsygau mi ma
22:24 <acklas> What audaciousness do you bring about? ??
22:24 <nicnus> Dictionary says darsygau = encourages
22:24 <acklas> Oh.

Less bored. Mental exercise, however small, wakes him up a little bit.

The doorbell is ringing. Why is the doorbell ringing? He sets himself to away and reflexively locks his screen. The music is still playing. He’ll probably be coming back right away anyway.

His brother is at the door. Something irrational has happened in his relationship with his girlfriend. She is his girlfriend now, they finally decided to call it that a week or so ago. His brother comes in and sits down. Now there’s a torrent of emotion and confusion. It seems pretty trivial. The situation is a misunderstanding. Those usually clear themselves up, and when they don’t, making sure all sides know what really happened is often sufficient.

His brother is really upset. He has grown very attached to the girl. He’s afraid something bad will happen to their relationship because of the situation. Of course, he doesn’t say all of this. He has come to his older brother to vent, and perhaps for advice, but the depth of his emotion is not communicated.

Our protagonist listens, and then reaches around in his mind for the culturally acceptable response to this. What would he want said to him? Whatever that would be, it’s not what he should say. His brother does not want to hear that the problem is of his own making and will probably go away in time.

“That sucks. She’s being so unreasonable.” That’s the statement he finally lands.

“I know, right?” His brother seems to have accepted this direction for the conversation.

Our protagonist is lost deep in a chunk of code. This bug has taken precedence over everything else today. IMs and other incoming communications are queued up in some window that he is not looking at. He hasn’t eaten all day. Not that he notices any of this, his mind is bent on the problem.

Someone nearby starts a lawnmower, temporarily breaking his concentration. The sound is mostly white noise, however, and he quickly filters it out. There’s a developers’ meetup tonight, and he wants to have this code done by then.

This is as good a time as any to describe his living situation. As you may have gathered, he lives alone and telecommutes to work. His home is a small house near downtown with easy access to public transit. Most of his time is spent in his office, which is more like a den. When he does go out, it is usually to attend some event where a large number of attendees will be geeks.

While it may seem strange that he spends much of his day conversing with geeks on the Internet, only to go out once or twice a week to converse with many of the same geeks in meatspace, this is similar to the pattern lived out by many such people. Periodic meatspace meetups provide a very high-bandwidth platform to communicate to many at once, and also give some semblance of a traditional social life.

This particular event is made up primarily of presentations by attendees. One guy presents about designing a new metalanguage that could be translated so that programming could be done without knowing any English. Another presentation is about something to do with a Microsoft product. Still another is about an application whose primary selling point seems to be that it has a pretty interface. Probably a Mac application.

One presentation in particular, however, interests our protagonist and his friends. This developer has all kinds of data about the spyware that the media industry has installed on computers belonging to the majority of consumers. The spyware that is fuelling the lawsuits.

He first demonstrates that the spyware is sending back way more data than just filesharing usage and what songs are on the hard drive. It is monitoring emails and IMs for certain keywords, logging passwords and private keys, and all of it tagged with as much personally identifying information about the user as possible: name, email address, even telephone number if it is to be found on the system.

This sort of behaviour does not surprise anyone, but has the potential to be pretty scary.

Next, however, is the really interesting part. The data being sent back to the media industry is all digitally signed so that it cannot be spoofed. That makes sense, since if someone could just send in any data the entire system could be compromised.

The key used to do the signing, however, was not being rotated. In fact, even if it were being rotated, anyone could monitor the spyware getting the new key. This means that, in practise, anyone who has the spyware has the key. This is fundamentally the same problem that plagues all DRM systems, and in effect renders the entire system vulnerable.

Anyone could submit any data to the media industry, and sign it with their own key! Nicnus pulls down the source code to the utility that the presenter has written as an example of how one might do just that, and begins to peruse.

He waves his hand up in the air and the presenter stops to take his question. “Doesn’t this mean that any of the so-called pirates being railroaded through the courts could be completely innocent?”

The gathering snickers as one, and the presenter responds, “Yes, but we already knew that.”

“No, I know,” Nicnus hops up, “but doesn’t this mean that there’s a potential legal defence here? Reasonable doubt can exist that any given data from the software actually came from the software.”

“Since no one is exploiting it right now, I doubt any judge would consider it reasonable to doubt the validity of the evidence.”

Another hand goes up, “Just pointing out, that using this software is probably not legal.”

“Oh, yes,” the presenter apologizes, “I thought that was obvious. I’ve proved this *can* be done, but I’m certain that actually doing it would be in violation of the IP treaty.”

Our protagonist awoke the next morning to find a number of microblog messages waiting for him:

jjdavis: Spoof tool casts doubt on accuracy of media industry spyware:
acklas: RT @eff taken down for hosting illegal software.
jjdavis: Woah! The code is gone already! #
acklas: Github back up. They took down the exploit example code. #
m0rty: I hate Thursdays. Neeeed cofffeeeee.
piratepartyca: RT @doctorow # author taken in by police for questioning
acklas: @lucy2 It’s important because he’s been arrested for *writing code*.
acklas: Is anyone raising money for legal defence? #

Today will probably not be boring.