August 2005 Archives


August 30, 2005

Knowing of my interest in triathlon, people have been pointing me to WSJ's recent article on the topic. The theme they're pushing is that the bar for what constitutes a triathlete is being lowered.
But unlike most triathletes, Mr. Ingle didn't need a week to recover. Not only were the distances in this race a fraction of those in "Ironman" competitions, he had help: His wife, Juliet, completed the one-mile swim while a friend tackled the 25-mile bike ride. All Mr. Ingle had to do was run six miles and join his teammates at a celebratory cookout to drink beer, smoke cigars and grill steaks. "We're going to change the image of the triathlete," he says.

Hold on to your stopwatches, fitness fans: The mighty triathlon, that macho emblem of athletic sadomasochism, is going soft. While grueling events like the legendary Ironman continue to grab most of the attention, the sport has quietly been expanding at the lower levels. The number of shorter "sprint" triathlons sanctioned by a national governing body has tripled in five years to 818.

The fastest growing forms of triathlon are those where the requirements are a bit lax: There are triathlons for kids, relay triathlons completed by teams of two or three, "Clydesdale" divisions for men who weigh more than 200 pounds, and events that allow contestants to run less than two miles or swim with the aid of a Styrofoam noodle. New this summer: divisions that dispense with running in favor of power-walking. "Just because you've had a knee replacement doesn't mean you can't get out there and compete," says Gary Morgan, a triathlon organizer from Cincinnati.

While there's no telling whether the triathlon boom is a sustainable shift or just the latest fitness fad, observers say one reason for the growth is something you won't get from Pilates or kickboxing -- instant jock credentials. Years ago, being a "scratch golfer" was a bragging right for upwardly mobile executives and later, "marathoner" became popular. But these days, according to Dennis C. Carey, a partner at the executive-recruitment firm Spencer Stuart, "triathlete" is all the rage. A triathlete himself, Mr. Carey estimates the term is showing up on resumes two or three times as often as it did five years ago.

A little background here. There are three major standardized triathlon distances:

Ironman2.4 mile swim, 112 mile bike, 26.2 mile run
Half Ironman1.2 mile swim, 56 mile bike, 13.1 mile run
Olympic/International1.5k swim, 40k bike, 10k run

Then there's "sprint" which isn't standardized but is less than Olympic. Typically it's something like .5k swim, 20k bike, 5k run. There's also a grand prix format that's done primarily at the pro level. The International Triathlon Union (ITU) has been pushing their "long distance" (halfway between half and full Ironman) as part of their war with the people who run Ironman but that's never really caught on with the long distance crowd.

The basic premise of this article is partly right: non-triathletes tend to think that the only kind of triathlon is Ironman and if you tell them that you've only done half or short course, it's not too uncommon to get asked "when are you doing a full triathlon"? But this isn't a new development at all. On the contrary, it's been happening at least since I was initially involved in triathlon back in 1998. Short course triathlons were popular back then, too.

What the article has wrong is that nearly everyone in the sport thinks it's total nonsense, like saying Haile Gebrselassie isn't a real runner if he hasn't done a marathon. Inside the sport, the minimal standard is an Olympic/International distance race (or maybe a sprint if people are feeling generous). It's important to remember at this point that two hours is an incredibly long time to be out on the race course--and only the best short course triathletes finish in under two hours. Stepping up a notch, a good time for a half (and by good I mean has a reasonable chance of qualifying for Ironman Hawaii) is around 4:30. I've never heard anybody claim that someone who's only done halfs isn't a real triathlete.

The Journal's implication to the contrary, I'm not sure the situation has changed much, either. It's true that sprint events have gotten more popular, but so have triathlons in general. When I first started, the United States had no official Ironman races other than Kona and only a small number of unofficial ones like VineMan. In 2006 there will be eight (Wisconsin, Florida, California, Arizona, Eagleman, Buffalo Springs, Coeur d'Alene, Lake Placid). I don't have hard data, but I suspect that the big story is how much tri has grown, not how much easier it's gotten to call yourself a triathlete.

One thing I do agree with, though. Relays don't count. There's nothing wrong with doing a triathlon as a relay. I've had friends who did it and I hear it's fun. It just doesn't make you a triathlete.


August 29, 2005

I was at a party yesterday and met someone who works for OQO, so I got a chance to look at the device. It's a pretty impressive piece of engineering, but ultimately something I don't think I'm interested in. Physically it's about the size of your average airport novel and weighs just under a pound. This doesn't sound like much, but in person it's a lot bigger than I'd want to carry around in my pocket (even my Treo 600, weighing in at less than half the weight, feels like a brick in my pocket half the time.) And once your into the business of having to carry it around in a bag, then the one of the more capable ultralite laptops starts to look pretty attractive as an alternative, since you can get serious work done on one of those.

August 28, 2005

I took Mrs. Guesswork to have her eyes lasered on Friday. She got ordinary LASIK in the left eye and wavefront LASIK in the right (wavefront is only approved for modest levels of correction and her left eye was too out of spec.) Gory (but cool) details after the break.

August 26, 2005

Once again the FDA has deferred a decision on Plan B. Why? They say they can't figure out how to stop girls under 16 from getting it:
The announcement infuriated Democrats and abortion rights advocates, who said the Food and Drug Administration allowed politics to trump science. Abortion opponents, however, said the application should be rejected.

Lester M. Crawford, the commissioner of food and drugs, said in a news conference that his agency had decided that the science supported giving over-the-counter access of the drug to women 17 and older, but that the agency could not figure out how to do that from regulatory and practical standpoints without younger teenagers' obtaining the pills, too.


The agency has never allowed a drug to be sold simultaneously over the counter and by prescription with the same label and strength, Dr. Crawford said. More important, he added, the agency could not figure out how to enforce the age restrictions.

"F.D.A. cannot have an inspector in every pharmacy in the U.S.," he said.

Huh? Alcohol is sold over the counter in many states and the 21-and-over ban is enforced by the simple expedient of carding people who look under 21 and periodically sending in young-looking cops to check that the stores are following the policies. If the Pennsylvania Liquor Control Board can figure out ID card technology, you'd figure out that the FDA would be able to.


August 25, 2005

Suppression of Aging in Mice by the Hormone Klotho

Hiroshi Kurosu, Masaya Yamamoto, Jeremy D. Clark, Johanne V. Pastor, Animesh Nandi, Prem Gurnani, Owen P. McGuinness, Hirotaka Chikuda, Masayuki Yamaguchi, Hiroshi Kawaguchi, Iichiro Shimomura, Yoshiharu Takayama, Joachim Herz, C. Ronald Kahn, Kevin P. Rosenblatt, Makoto Kuro-o

A defect in Klotho gene expression in mice accelerates the degeneration of multiple age-sensitive traits. Here we show that overexpression of Klotho in mice extends life span. Klotho protein functions as a circulating hormone that binds to a cell-surface receptor and represses intracellular signals of insulin and insulin-like growth factor-1 (IGF1), an evolutionarily conserved mechanism for extending life span. Alleviation of aging-like phenotypes in Klotho-deficient mice was observed by perturbing insulin/IGF1 signaling, suggesting that Klotho-mediated inhibition of insulin/IGF1 signaling contributes to its anti-aging properties. Klotho protein may function as an anti-aging hormone in mammals.

The improvements they're getting seem to be about 20-30%, and once again we see the insulin system implicated.

August 24, 2005

Bobby Henderson's Flying Spaghetti Monster theory of creation getting a lot of attention (see links in the Wikipedia page and links to FSM paraphernalia on BoingBoing). Now, I understand the urge to make fun of Intelligent Design, because, frankly, it's laughable. And FSM follows in a long philosophical tradition of making a serious point--in this case that intelligent design is just as consistent with any deity, even a silly one, as it is with the Judeo-Christian-Islamic deity.

The problem is that phrasing the criticism this way is that it's likely to alienate the people you're trying to convince. I suspect that most people who believe in ID are honestly ignorant, not mendacious. Making fun of them probably isn't the way change their minds. Worse yet, the FSMers aren't just saying that the FSM is an equally good explanation as Genesis, they've also made up a new parody religion based on it, complete with Jesus-fish parody logos. Unsurprisingly, most people who believe in ID are Christians. I'm skeptical that openly mocking their religious beliefs is the best way to convince them of one's point of view.


August 23, 2005

From Reuters:
NEW YORK (Reuters Health) - A drug dubbed CX717, made by Cortex Pharmaceuticals, Irvine, California, reverses the biological and behavioral effects of sleep deprivation, according to results of animal studies.

In an article in the research journal PLoS Biology, Dr. Sam A. Deadwyler and his associates propose that CX717 would particularly benefit individuals affected by extended work hours or night shifts.

To test this possibility, they taught monkeys to perform a "delayed-match-to-sample task," in which they were presented with a single image on a computer screen, then would use a cursor to identify that image in a group of several different images.

During normal alert conditions, performance accuracy of the animals was improved from an average of 75 percent to 90 percent after an injection of CX717. The drug also shortened response times, suggesting that "CX717 also facilitated attentional processes related to speed of responding on successful trials."

When the monkeys were subjected 30-36 hours of sleep deprivation, average performance accuracy dropped to 63 percent, which was restored to 84 percent after CX717 treatment.

Pretty impressive. Of course, it probably makes your head explode or something...

  • It's probably a good idea to structure this as a flat flee. If customers's aren't being billed per song then they have no direct financial incentive to hide their activity.
  • The quoted price point is £26/month for both DSL service and the ability to share music. Given that BT charges about the same price for DSL alone, that doesn't leave much money on the table for the labels. Is this the end of the $1/song price point?
Cory Doctorow over at BoingBoing reports that British ISP PlayLouder MSP has cut a deal with Sony BMG to allow file sharing of Sony's music over their network:
I spent the day going back and forth with the two principles from PlayLouder MSP, Paul Sanders and Paul Hitchman, and based on what they've told me, I'm prepared to say that this is the best thing to happen to the copyfight all year -- maybe all century.

Here's the deal. PlayLouder MSP DSL costs about the same as comparable DSL offerings in the UK (though right now, PlayLouder MSP's one-meg speeds don't compare to the high-end offerings from ISPs like Bulldog, who are offering 8-meg DSL). For their money, PlayLouder MSP customers get their regualr DSL lines, as well as:

  • The right to share any song in the Sony-BMG catalog
  • Even if it's out of print
  • In any file-format
  • Using any file-sharing software
  • At any bitrate
PlayLouder MSP's customers' license includes Sony music sourced from P2P networks, ripped from CDs, or digitized from vinyl, cassettes, or radio broadcasts.

PlayLouder MSP is using audio-analysis software provided by Audible Magic to analyze the P2P traffic that it can detect on its network and count approximately how many times each track is traded, and will deliver that, along with a cut of its revenue, to Sony.

They're also filtering traffic to the Internet to prevent Sony music tracks that Audible Magic recognizes from leaving its network via recognized P2P protocols and going to ISPs whose customers have not paid a license fee. However, they will not be stopping any tracks that Audible Magic fails to recognize, nor will they be resticting traffic using unrecognized protocols.

This is certainly food news if what you care about is principally free music. On the other hand, consider that its success totally depends on the ISP's ability to monitor all the customer's traffic, because that's how the billing gets done. Isn't this the kind of monitoring that the EFF would normally be working to stop? Indeed, privacy-enhancing tools such as Freenet and Tor (distributed by EFF!), would render the required monitoring pretty much useless. Of course, this would be more of a problem if people actually used crypto for anything other than encrypting their credit card numbers. Still, I'm kind of surprised to see Doctorow in favor of an arrangement that has forbidding crypto as its endgame.


August 22, 2005

There's been a lot of fuss about the new Kansas science standards. I thought it would be worthwhile seeing what controversial stuff they actually say about evolution.

Page iv of the document contains the following long statement about evolution.

Regarding the scientific theory of biological evolution, the curriculum standards call for students to learn about the best evidence for modern evolutionary theory, but also to learn about areas where scientists are raising scientific criticisms of the theory. These curriculum standards reflect the Board's objective of 1) to help students understand the full range of scientific views that exist on this topic, 2) to enhance critical thinking and the understanding of the scientific method by encouraging students to study different and opposing scientific evidence, and 3) to ensure that science education in our state is "secular, neutral, and non-ideological."

OK, nothing really wrong here so far. The "scientific criticisms" section is sort of red meat for the anti-evolution crowd, but there certainly is plenty of room for criticism of some of the details of evolutionary theory---though not really for the general fact of evolution--which is it's still an active topic of research.

From the testimony and submissions we have received, we are aware that the study and discussion of the origin and development of life may raise deep personal and philosophical questions for many people on all sides of the debate. But as interesting as these personal questions may be, the personal questions are not covered by these curriculum standards nor are they the basis for the Board's actions in this area.

Evolution is accepted by many scientists but questioned by some. The Board has heard credible scientific testimony that indeed there are significant debates about the evidence for key aspects of chemical and biological evolutionary theory. All scientific theories should be approached with an open mind, studied carefully, and critically considered. We therefore think it is important and appropriate for students to know about these scientific debates and for the Science Curriculum Standards to include information about them. In choosing this approach to science curriculum standards, we are encouraged by the similar approach taken by other states, whose new science standards incorporate scientific criticisms into the science curriculum that describes the scientific case for the theory of evolution.

The first paragraph is pretty unobjectionable. The accuracy of the second kind of depends on the meaning of "key aspects". Certainly, there's plenty of controversy about the details of evolution, and I guess you could call those key aspects. But realistically, the topics on which there is controversy aren't the kind of topics that are likely to be taught in your average high school science class, any more than you'd cover the failings of the Copenhagen Interpretation in your average intro high school physics class. This passage is basically code for "we're going to teach there is a controversy about whether evolution happened", a topic about which there really isn't much scientific controversy. But they don't actually say that that's what they're going to do. Anyway, this is just a statement of purpose, so we need to see what the details are later.

We also emphasize that the Science Curriculum Standards do not include Intelligent Design, the scientific disagreement with the claim of many evolutionary biologists that the apparent design of living systems is an illusion. While the testimony presented at the science hearings included many advocates of Intelligent Design, these standards neither mandate nor prohibit teaching about this scientific disagreement.

As far as I can tell, this is basically false, and since the only real (in terms of airtime, not validity) criticism of evolution comes from I-D, it's hard to see how they're going to teach evolution without teaching I-D.

Moving on to page xiii, we have:

Patterns of Cumulative Change: Accumulated changes through time, some gradual and some sporadic, account for the present form and function of objects, organisms, and natural systems. The general idea is that the present arises from materials and forms of the past. An example of cumulative change is the formation of galaxies, explained by cosmological theories involving (among other theories) gravitation and the behavior of gasses, and the present diversity of living organisms, which the biological theory of evolution, or descent with modification of organisms from common ancestors, seeks to explain. The present position of the continents is explained by the theories of continental drift, which involves plate tectonic theory, fossilization, uplift and erosion. Patterns of cumulative change also help to describe the current structure of the universe. Although science proposes theories to explain changes, the actual causes of many changes are currently unknown (e.g. the origin of the universe, the origin of fundamental laws, the origin of life and the genetic code, and the origin of major body plans during the Cambrian explosion).

This is actually really interesting, since if you accept plate tectonics as the origin of the current continent structure, you're pretty much accepting that the Earth is extremely old. Similarly, if you accept that the Cambrian explosion involved "the origin of major body plans", which this paragraph seems to, then you're pretty much accepting a historical account consistent with evolution even if you think that it's not a result of evolution. So, while this last sentence is clearly intended to limit the scope of science, it's still a big step away from Young Earth Creationism.

The next mention of evolution is on p. 46:

Millions of species of animals, plants and microorganisms are alive today. Animals and plants vary in body plans and internal structures. The theory of biological evolution is an explanation of how gradual changes of characteristics of organisms over many generations may have resulted in variations among populations and species. Therefore, a structural characteristic, process, or behavior that helps an organism survive in its environment is called an adaptation. When the environment changes and the adaptive characteristics are insufficient, the species extinct.

The hedging sections in red were introduced recently, and they imply doubt about a topic where there's actually not really any scientific doubt. Still, it's the teacher's note section and seems basically harmless. And seeing as the student is supposed to learn that: "understands that adaptations of organisms (changes structure, function, or behavior that accumulate over successive generations) contribute to biological diversity." I'm having a hard time getting worked up about this section.

Moving on to grade 8-12 in the "Science As Inquiry" section, we get:

6. understands methods used to test hypotheses about the cause of a remote past event (historical hypothesis) that cannot be confirmed by experiment and/or direct observation by formulating competing hypotheses and then collecting the kinds of data (evidence) that would support one and refute the other


6. a. Formulates multiple hypotheses about a singular historical and develops a "best current explanation" about what caused the event, such as the cause of a fire or death.

b. Predicts the kinds of circumstantial evidence that one would observe under each hypothesis.

c. Collects evidence and draws an inference as to the best explanation and whether the evidence fits either hypothesis. Explains why either explanation can not be entirely validated by a laboratory experiment.

Ordinarily, this would be totally unremarkable, but given that it was added recently, it seems plausible that it's part of the "evolution is bogus" movement. That said, it seems like a perfectly reasonable formulation of scientific procedure to me, so I don't see much of a problem here.

On page 76, we have:

c. The sequence of the nucleotide bases within genes is not dictated by any known chemical or physical law.

Some scientists have complained about this:

Case says the statement that "the sequence of the nucleotide bases within genes is not dictated by any known chemical or physical law" deliberately ignores the fact that scientists are still exploring the organization of nucleotide bases. "If you say the sequences are not dictated by any known chemical or physical law, which is itself untrue, you could go one step further and ask if the sequences are dictated by a divine law," says Case.

This strikes me as overly sensitive. The sequence of nucleotides is basically an information carrier about protein structure. It's certainly possible that one particular mapping of base sequences to amino acides is somehow physically (energetically?) superior to others, but seeing as any given protein comes in a variety of different variants, I think it's reasonable to phrase it this way. I would feel pretty comfortable saying that the sequence of symbols in computer software isn't dictated by any known physical law, too.

The really objectionable material comes in the grade 8-12 Life Sciences section, on page 78-80. Partial excerpts follow.

Benchmark 3: The student will understand the major concepts of the theory of biological evolution.

This seems eminently reasonable.

1 understands biological evolution, descent with modification, is a scientific explanation for the history of the diversification of organisms from common ancestors

I can't tell whether this is an admission of common ancestry. Anyway, it seems harmless enough.

1. a. Biological evolution postulates an unguided natural process that has no discernable direction or goal.

b. The presence of the same materials and processes of heredity (DNA, replication, transcription, translation, etc.) is used as evidence for the common ancestry of modern organisms.

c. Patterns of diversification and extinction of organisms are documented in the fossil record. Evidence also indicates that simple, bacteria-like life may have existed billions of years ago. However, in many cases the fossil record is not consistent with gradual, unbroken sequences postulated by biological evolution.

a-b are fine, but c is only true in the most trivial sense. Sure, it's true that there's not a gradual unbroken sequence for every generation, but that's not what you'd expect or what evolution predicts. (Try finding an unbroken sequence of your own ancestors for the past 2000 years). While evolution of course does predict that there's an unbroken sequence of transitional forms, we don't have a fossil of every organism, so it's not reasonable to expect an unbroken continuous sequence. The sequence is plenty continuous enough to be convincing.

d. The distribution of fossil and modern organisms is related to geological and ecological changes (i.e. plate tectonics, migration). There are observable similarities and differences among fossils and living organisms.

e. The frequency of heritable traits may change over a period of generations within a population of organisms, usually when resource availability and environmental conditions change as a consequence of extinctions, geologic events, and/or changes in climate.

f. The view that living things in all the major kingdoms are modified descendants of a common ancestor (described in the pattern of a branching tree) has been challenged in recent years by:

i. Discrepancies in the molecular evidence (e.g. differences in relatedness inferred from sequence studies of different proteins) previously thought to support that view.

ii. A fossil record that shows sudden bursts of increased complexity (the Cambrian Explosion), long periods of stasis and the absence of abundant transitional forms rather than steady gradual increases in complexity, and

iii. Studies that show animals follow different rather than identical early stages of embryological development.

I'm not an expert on the molecular evidence, but as far as I can tell, basically nobody considers this stuff as any kind of real challenge to evolution. The punctuated equilibrium argument (ii) isn't an argument against evolution at all, but merely about the rate at which evolution happens. It's annoying that the creationists keep using it as an argument against evolution. Issue (iii) is basically an attempt to rebut a particular set of embryological observations that had been interpreted as supporting evolution. It's not an argument about evolution per se. Again, this stuff is creationist red meat, but nobody in the field takes it seriously.

d. Whether microevolution (change within a species) can be extrapolated to explain macroevolutionary changes (such as new complex organs or body plans and new biochemical systems which appear irreducibly complex) is controversial. These kinds of macroevolutionary explanations generally are not based on direct observations and often reflect historical narratives based on inferences from indirect or circumstantial evidence.

Nonsense. It's also worth noting that "irreducible complexity" is precisely the Intelligent Design argument made by William Dembski, so the claim earlier that they're not going to be teaching ID is disingenuous at best.


a. A lack of empirical evidence for a "primordial soup" or a chemically hospitable pre-biotic atmosphere;

b. The lack of adequate natural explanations for the genetic code, the sequences of genetic information necessary to specify life, the biochemical machinery needed to translate genetic information into functional biosystems, and the formation of proto-cells; and

c. The sudden rather than gradual emergence of organisms near the time that the Earth first became habitable.

Well, it's certainly true that we don't really understand the origin of life well. However, none of this stuff is strictly relevant to the question of whether evolution explains the current collection of species, organisms, etc. Imagine some Fred Hoyle-type story in which the original organisms came from outer space (ignoring the problem of how it got there) and that's why we don't see any evidence of primordial soup, etc. I'm not saying that I believe that, just that it wouldn't cause any problem for evolution as the basic explanation of everything after that.

The bottom line here is that this looks to be a reasonably sound description of evolution interspersed with a number of old-style creationist or ID talking points intended to cast doubt on evolution. No alternate theory is offered (nor can one, really, in the face of Edwards v. Aguillard, since the theory that the doubters have in mind is of course creationism.) If we could only arrange that students were taught not only the objections to evolution but why those objections were bogus, we'd have a perfectly acceptable curriculum.


August 21, 2005

One of the difficulties of backpacking is that the quality of trails can change dramatically from year to year, especially if they're not being actively maintained. Today, I stumbled across the Ventana Wilderness Alliance's Trail Conditions Report: reviews of trail conditions by other backpackers who have seen things for themselves.

August 20, 2005

Alex Tabarrok comments on the implications of people's willingness to wager over global warming:
Inspired by Robin Hanson's work on betting markets, James Annan, a climate scientist, has been trying to get skeptics of global warming to put up or shut up, mostly with no success on either front.  A number of prominent skeptics refused to bet (perhaps having learnt from Paul Ehrlich's embarassment) or offered to bet only at very high odds in their favor (i.e. implicitly admitting that they thought the probability of global warming was high).  The failure to bet is telling and a nice reminder that even markets with no trades can tell you things of importance!

I don't think it's a safe conclusion to draw that people's unwillingness to bet means that they think there's a high probability of global warming. The disutility of losing this bet is substantially higher than the money, since you're made to look foolish (which is, of course, exactly what happened to Ehrlich, and this bet is constantly used to discredit him). By contrast, the benefit one gets from winning the bet and being shown right probably isn't close to the same utility. (Meaning that people wouldn't take a bet even if the chance were 50/50). It seems to me that even if global warming is not occurring1 there's an appreciable chance that the temperature will go up purely as a matter of random chance, so this asymmetry implies that the acceptable odds have to be fairly high.

1. Note: I'm not saying that I don't think it's occurring. I don't have any kind of useful informed opinion on this topic, but it seems perfectly clear that that's the scientific consensus so that's clearly the way to... er... bet.


August 18, 2005

CRYPTO 2005 is over and SHA-1 hasn't totally collapsed yet. On the bad side, it's now about 32 times easier to find a collision than it was a year ago (well, more like 50 times easier due to Moore's Law) and Wang et al. think the attack can be improved further. On the other hand, a lot more work has been put into hash functions this year than last and so one might imagine that the fact that the bar has only been moved 5 bits is some kind of evidence that it's going to be a harder to make much forward progress.

This kind of uncertainty is the unfortunate price of not having any non-ad-hoc theory of hash function security.


August 17, 2005

Stingray's home firewall product is getting a fair bit of press. Among the claims made for it are:
  1. No configuration
  2. No maintenance
  3. No patches and upgrades required
  4. Complete protection from Viruses and all Hacking attempts
  5. Stingray's line speed is 10mbps, the chances of DOS in a 10mbps Ethernet environment is virtually nil.

Claims (1) and (2) seem straightforward enough. Most consumer grade NATs can do this kind of firewalling. However, consider claims (3) and (4). With currently available technology protection against viruses takes two major forms: firewalling off potentially sensitive ports and screening for bad traffic. The firewalling step is relatively straightforward, but the screening stage relies on a database of signatures of known viruses. When the screening software detects those signatures it blocks the traffic that is carrying them. That's why your antivirus software needs to phone home periodically for updates. Unless Stingray has made a major breakthrough--and their website shows no sign of any such breakthrough or of having the high powered security staff you would expect to need to make such a breakthrough--it seems likely that either Stingray's antivirus phones home for upgrades or that it doesn't work. Now, there's nothing necessarily wrong with phoning home, but if that's what you do it's pretty disingenous to claim that you don't need upgrading. The technical term here is "automatic updates."

If claims (3) and (4) were disingenuous, claim (5) is downright strange. The Stringray interface is 10mbps so that makes it hard to DoS? Huh? I can't tell if the claim here is that DoS is difficult because the interface is too fast or too slow. In any case, it doesn't make much sense. There are two basic kinds of DoS: system resource consumption and bandwidth consumption. System resource consumption attacks are generally low bandwidth attacks that don't really depend on the size of the link. Bandwidth consumption attacks are of course easier to mount over low bandwidth links (and 10 mbps is very slow by modern networking standards), but the relevant speed here isn't the speed of the firewall's interface but of the broadband link they're connected to, which is generally in the range of 1-5 mbps for home or small business applications.

The strangest claim, though, doesn't seem to appear on their web site but on some of news coverage. Here's Gizmodo:

There are so many different firewalls out available to the public and they all share a similar idea of protection code and algorithms. What makes the Stingray Firewall different is that it randomly creates the random protection code algorithms on the fly. So random algorithms of protection = no hackz0rs stealing my garbage files.

I'm assuming that the Gizmodo guys didn't just make this up (it also appears in some other coverage), but it correspond to any security technology I'm familiar with--at least not one that works--any EG readers want to take a shot at translating this?

Steve Bellovin reports from Crypto '05 that Wang et al have made more progress on SHA-1, bringing the cost of a collision down to 263.
Shamir gave her rump session talk (and first gave a humorous presentation on why she couldn't get a visa -- she admitted to attacking U.S. government systems, and used collisions). She is indeed claiming a 2^63 attack, and found a new path to use in the attack. Because of the new path, there is reason to think the attack will get even better. Shamir noted that 2^63 is within reach of a distributed Internet effort to actually find one.

Anyone want to speculate on where this will stop? My uninformed guesstimate is around 256-260 (revised downward from around 264 a month ago...).


August 16, 2005

Adam Shostack thinks he has a way out of the Iraq conflict:
When the British were fighting the communist insurgency in Malaysia, on top of their hearts and minds campaign, one of their most potent weapons was a promise to withdraw, but only after the insurgency had ended.

It seems to me that this is the perfect move for the United States in Iraq. Some (fixed) time period after the last civilians are killed, the United States will fully withdraw all our troops. This puts the native portions of the insurgency in a bind: If their goal is to expel the United States, all they need to do is wait.

It gives the Iraqis time to build a civil government, free of attacks. If there are people whose goal is simply to kill Americans, it isolates them.

If only I had any confidence in the ability of the Bush administration to administer a foreign policy.

This strategy probably does work if you're fighting a basically nationalistic adversary, but it's not clear that that's the situation in Iraq. Iraq is a PR black eye for the US as long as we're there and the situation doesn't improve a lot. Moreover, it represents a very substantial drain on the US's resources. Combine this with the conventional wisdom that Al Qaeda wants to incite a war with the West and it seems like keeping the insurgency at a level where the US is forced to stay in and keep losing personnel is a pretty good strategy for them.


August 15, 2005

AP reports that TSA is considering significantly relaxing airplane security rules:
The Transportation Security Administration will meet later this month to discuss the plan, which is designed to reduce checkpoint hassles for the nation's 2 million passengers. It comes after TSA's new head, Edmund S. "Kip" Hawley, called for a broad review in hopes of making airline screening more passenger-friendly.

An initial set of staff recommendations drafted Aug. 5 also proposes that passengers no longer have to routinely remove their shoes during security checks. Instead, only passengers who set off metal detectors, are flagged by a computer screening system or look "reasonably suspicious" would be asked to do so, a TSA official said Saturday.

Any of the changes proposed by the staff, which also would allow scissors, ice picks and bows and arrows on flights, would require Hawley's approval, this official said, requesting anonymity because there has been no final decision.

It's helpful to reconstruct the sequence of events:

  1. Terrorists hijack an airplane using boxcutters and other knives that they're allowed to bring onto the airplane.
  2. We ban all knives (as well as other dangerous items such as nail clippers from people's carryon luggage).
  3. We nationalize airport screening despite the fact that the private screeners don't seem to have done anything wrong.
  4. The national airport screening service proceeds to crank down the screws on what you're allowed to bring on the airplane. Currently cigarette lighters are forbidden.
  5. Now, in act five, they're considering loosening the rules to where they were in the beginning.

It's incredibly irritating to not be able to bring nail clippers, pocket knives, multitools, etc. on the airplane, so this is clearly a good thing. On the other hand, if TSA really does relax the rules, it will be a pretty clear admission that the restrictions--and their concomittant cost to taxpayers and passengers--were unnecessary in the first place. One can only hope that this leak is a sign of better risk analysis at TSA, rather than just a random policy shift.


August 14, 2005

AP reports that TSA is considering significantly relaxing airplane security rules. They're also considering letting some classes of people skip airport security screenings:

The Aug. 5 memo recommends reducing patdowns by giving screeners the discretion not to search those wearing tight-fitting clothes. It also suggests exempting several categories of passengers from screening, including federal judges, members of Congress, Cabinet members, state governors, high-ranking military officers and those with high-level security clearances.

The argument in favor of this is, of course, that people like this are pretty good security risks. It's probably not easy to get elected to Congress if you're an Al Qaeda sleeper agent, and even if you were, it's not worth wasting an asset like that on a simple airplane hijacking. So, actual Congressmen are probably safe as a practical matter.

However, creating a complete exemption from security screening for one class of people suddenly makes it very attractive to be a member of that class. This raises the question of how hard it really is to impersonate someone in that class. There are 535 members of Congress and plenty of federal judges and people with high-ranking clearances. There's no way that screeners are going to know these people by sight, so they'll be checking ID. It's probably not that hard to forge one of these IDs well enough to pass a cursory security check at the airport.

Even if we ignore the security issue, there's an issue of principle and incentives. The current security screening in this country is fairly onerous and Congress is charged with overseeing that. If those restrictions are too onerous for Congressmen to endure, then why aren't they too onerous for the rest of us. On the other hand, if Congress is exempt from these restrictions, what incentive do your representatives have to value people's inconvenience appropriately?


August 12, 2005

The Safe Intersections Act bans unauthorized use of mobile infrared transmitters (MIRTs)--gizmos that let police and firefighters override traffic signal timing.
Lawmakers took an interest in the devices, called mobile infrared transmitters, or MIRTs, a couple of years ago, when it emerged that impatient commuters could purchase rogue boxes online for around $500. Several states outlawed unauthorized possession of the transmitters, and Sen. Mike DeWine (R-Ohio) introduced the federal bill in 2003. The measure won support from police and firefighter groups.

"When you first look at it, you think, 'It's not such a big deal,'" says DeWine spokesman Jeff Sadosky. "But when you realize the possible implications, somebody using one of these to go 80 miles an hour through rapidly changing lights, you realize it could be life-threatening."

Selling a device to an unauthorized user can land the vendor up to a year in prison; using an MIRT without authorization will carry a penalty of up to six months.

"We agree with the provision," says Gerald Donaldson, senior research director with Advocates for Highway and Auto Safety. "We see how (MIRTs) can be used by people who pose a security threat to American institutions and people."

If it's such a big threat, you might ask why the manufacturers of traffic signals didn't make them with better security features [*]. Had they done so, it would have been effectively impossible to make a private MIRT and this entire law would have been unnecessary. Indeed, the article goes on to say that 3M's newer pre-emption systems have just such a security feature.

This kind of thing drives security people nuts. You install some system that has clear vulnerabilities that are attractive to attack, easily exploited and easily repaired (cf. analog cell phone cloning). Then, when the market in attacking your system predictably appears you act surprised and scramble to make the attack illegal. Note that I'm not saying that unauthorized traffic pre-emption shouldn't be illegal--merely that we should never have been in a situation where it was an issue.


August 10, 2005 reports that a Sydnew magistrate has thrown out a speeding case because the speed cameras use MD5 to secure the data:
Lawyer Dennis Miralis, who has won several high-profile cases against the RTA involving speeding motorists, said the case proved a public inquiry into speed cameras was desperately needed.

"The integrity of all speed camera offences has been thrown into serious doubt and it appears that the RTA is unable to prove any contested speed camera matter because of a lack of admissible evidence," Mr Miralis said.

The case revolved around the integrity of a mathematical MD5 algorithm published on each picture and used as a security measure to prove pictures have not been doctored after they have been taken.

Mr Miralis argued that the RTA had to prove the algorithm it used was accurate and could not be tampered with. He said: "It is our understanding that since speed cameras were introduced approximately 15 years ago on NSW roads, not one single speed camera photograph has been capable of proving an offence."

Obviously this is good news for speeders everywhere, but realistically, it seems pretty unlikely that the speed cameras use MD5 in a way that would be susceptible to tampering by the current attacks. Certainly, if we're in a situation where cryptography can't be introduced as evidence unless it's provably secure than that more or less means that it can't be used as evidence at all, since even the provably secure algorithms depend on some unproven assumptions.


August 9, 2005

I've recently finished reading Chris McManus's Right Hand, Left Hand: The Origin of Asymmetry in Brains, Bodies, Atoms, and Cultures. Here's McManus's summary of his thesis, coming at the end of the book:
Most people are right-handed because they have a gene called the D gene, and that same gene means most of us also have language in our left hemisphere. The D gene was the principal factor in separating humans from other apes, perhaps two to three million years ago. Language and motor control in right-handers are controlled by the left hemisphere because the D gene is probably a mutation of the situs gene, which has been responsible for humans and all other vertebrates having their heart on the left side. Vertebrates and their predecessors have had asymmetric bodies for about 550 million years. The situs gene causes our heart to be on the left side because, early in embryological development, cilia in the nodal region waft a current containing determinants of development in a clockwise rather than an anticlockwise direction. The cilia beat clockwise because they are made principally of L-amino acides, rather than their mirror-image D- form. Almost all organisms on earth are made of L-amino acids; a predominance that is probably not due to pure chance, since amino acides found in meteorites from deep space show the same predominance. Early life evolved to contain only L-amino acids because they were the most abundant form, at least in the local areas of earth where live evolved; perhaps due to them coming from meteorites. L-amino acids may also predominate because of what physicists call 'failure of conservation of parity', which is reflected in an asymmetry of the weak interaction at the sub-atomic level. The predominance of right-handedness among humans means that many artefacts in daily life on Earth and our use of symbolic terms in language and culture are also highly asymmetric, the association of 'right' with 'good' and 'left' with 'bad' being found in almost all human cultures. It is probably not an exaggeration to suggest that when we read in the Bible of God sorting the sheep to the right and the goats to the left, or when radical politicals are described as being on the left wing and conservatives on the right, these symbolic classifications are directly linked to the organisation of language in our brains, which is linked to our manual dexterity, which is linked to our left-sided heart, which is linked to the clockwise beating of cilia, which, like the rest of our bodies, are composed of L-amino acids, the predominance of which reflects failure of conservation of parity in physics, which is a feature of the deepest laws of physics of which the universe is constructed.

McManus manages to collect a lot of fascinating information from a large variety of sources and fields in support of this thesis. This isn't my field of expertise, so I have a little trouble assessing how accurate it is, as noted in Robert K. Adair's Amazon review (scroll to end of page). However, even if the basic thesis is wrong, it's still a fascinating read, covering everything from the side of the road people drive on to the handedness of coffin screws.


August 8, 2005

My flight back from Paris (CDG-PHL) was an on Airbus A330 (specifically, a 333, though this is the only kind of A330 that USAir flys). Anyway, the important thing to know here is that Airbus has chosen to put the flotation device under the seat in front of you in a plastic bracket. This pretty much cuts off half of the underseat area (the left half in my case), so you're pretty much reduced to only putting one leg under the seat in front of you and crossing the other one. If you're really flexible, you might be able to squeeze both legs in but it's not comfortable. Plus, USAir has no Economy Plus, so the seat pitch is ridiculously short. Not a good way to spend 8 hours.
One thing that really bugs me is when an author decides to use one of his characters to spout his political views--or any political views. If I don't detect it, it's taking advantage of the suspension of disbelief that people need to have in order to enjoy fiction. And if I do detect it, then it instantly ruins the flow and my ability to take this character seriously except as the author's mouthpiece. Here's another passage from Mindscan:
"So, I've watched the ebb and flow of copyright legislation over my lifetime. It's been a battle between warring factions; those who want works to be protected forever, and those who believe works should fall into public domain as fast as possible. When I was young, works stayed in copyright or fifty years after the authors' death. Then it was lengthened to seventy years, and that's still the current figure, but it isn't long enough."


"Well, because if I had a child today—not that I could—and I died tomorrow—not that I'm going to—that child would receive the royalties from my books until he or she was seventy. And then, suddenly, my child—by that point, an old man or woman— would be cut off; my work would be declared public domain, and no more royalties would ever have to be paid on it. The child of my body would be denied the benefits of the children of my mind. And that's just not right."

"But, well, isn't the culture enriched when material goes into the public domain?" I asked. "Surely you wouldn't want Shakespeare or Dickens to still be protected by copyright?"

"Why not? J.K. Rowling is still in copyright; so is Stephen King and Marcos Donnelly—and they all had, and continue to have, a huge impact onour culture."

"I guess..." I said, still not sure.

"Look," said Karen, gently, "one of your ancestors started a brewing company, right?"

I nodded. "My great grandfather, Reuben Sullivan—Old Sully, they called him."

"Right, and you benefit financially from that to this day. Should the government instead have confiscated all the assets of Sullivan Brewing, or whatever the company's called, on the seventieth anniversary of Old Sully's death? Intellectual property is still property, and it should be treated the same as anything else human beings build or create."

I had a hard time with this; I never used anything but open-source software—and there was a difference between a building and an idea; there was, in fact, a material difference. "So, you uploaded in order to make sure you keep getting royalties on DinoWorld forever?

"It's not just that," Karen said. "In fact, it's not even principally that. When something falls into public domain, anyone can do anything with the material. You want to make a porno film with my characters? You want to write bad fiction featuring my characters? You can, once my works go into public domain. And that's not right; they're mine."

"But by living forever, you can protect them?" I said. "Exactly. If I don't die, they never fall into public domain."

There are three basic theories being espoused here:

  1. Copyright needs to be extended to provide for the children of the copyright owner.
  2. Copyright is like ordinary property and so should get exactly the same treatment as ordinary property.
  3. Authors have a (perpetual) moral right to control of their creations.

The first argument is trivially disposed of through economic arguments. Say that I've produced a property that throws off a million dollars a year in income. I die and my children get that revenue stream for the next 70 years, after which the payments stop. How much worse off are my children. The answer certainly isn't a million dollars a year. Because of inflation (assume 5%) the million dollars that my children earn in year 71 is more like $28,000 in today's dollars. Indeed, when you do the net present value of this royalty stream you find that:

YearsNet Present Value
Years 1-7019,448,326
Years 71-infinity551,674

The additional benefit to my heirs offered by the copyright extension is minimal: less than 3%. Not exactly like they're being cruelly cut off. Even with the copyright cutoff at 70 years, a very modest savings rate in the first 70 years (3% of the total sum) would let them have exactly the same return in the remaining years as if copyright were infinite. Actually, this calculation shows that the copyright term is already way too long. The total net present value of this revenue stream is $20,000,000. By year 25, nearly 75% of that amount has been paid out. We could move works into the public domain much sooner with only minimal impacts on the creators.

This brings us to the second argument, that IP is like ordinary property and should be treated the same. Sawyer raises the hypothetical comparison of seizing Sullivan's family brewery. Again, economics lets us see what's wrong with this. Because the brewery is an object, transferring it to someone else doesn't create any new wealth, just moves it from point A to point B. It's a zero-sum transaction. By contrast, because IP is infinitely copyable, putting things in the public domain actually creates value in the form of the people who can now afford to see it who couldn't before and all the new works that depend on it. Yes, that comes at some cost to the rights-holder, but that cost is smaller than the overall benefit. This is a positive-sum transaction.

The last argument is a purely moral one. "I invented my characters and I don't want anyone else screwing with them". Unlike the previous two arguments, this is at least a reasonable position, though not necessarily one I'm sympathetic with (Educated Guesswork, the Porn Movie... hmm...). But primarily this is an issue of psychic harm and there are all sorts of uses of copyrighted material that cause psychic harm that are protected by copyright (parody, in particular). So, it's not clear what line Sawyer is suggesting and why this is a principled one.

UPDATE: Fixed arithmetic error pointed out by James Wetterau


August 7, 2005

Summary: Disappointing.

Extended Summary: I don't usually read Sawyer's stuff. There's just something a bit offputting and preachy to it, like more recent Haldeman, but Mindscan has an interesting premise: a company develops the technology to upload your brain and transfer it into an android chassis. This is used to offer the old (and rich) the opportunity for extreme life extension. The original is shipped up to (and required to stay at) a resort on the moon to live out their (presumably few) remaining days. Sawyer is onto something important here: how does it feel to be the "copy" which wakes up in the original body and knows that you're still going to die? Good point, no? Unfortunately, Sawyer doesn't seem to know quite what to do with it and the result is pretty muddled. More (including spoilers) after the fold.

The FCC has decided that DSL is an "information service" which means that the Incumbent Local Exchange Providers (ILECs) will no longer be required to lease service to ISPs under the same terms that they provide service to their own ISP divisions. What everyone expects here is for the ILECs to substantially increase the price that they charge for DSL connections, thus making life hard on independent ISPs and increasing the cost of your Internet service, and the fraction of people who go with the ILEC's in-house ISP service. If this is the worst that happens, we'll be getting off pretty light.

Remember that the telcos hate being in the business of generic data service. The business they want to be in is selling overpriced end-user services like they always have (what, you thought that it really cost them $7.95 a month to give you voice mail?). But as long as people have access to generic data service, their ability to do so is limited. Sure, they can block competing third party services but if they do people will just switch to some ISP which doesn't.

However, if people can't easily switch ISPs--for instance if the price of the DSL line triples if you don't use the ILEC's captive ISP service--then it's a lot easier for the ILECs to filter out third party services and then charge you extra for providing them themselves. It's not just a matter of money, either; it's about choice. Once you're in the filtering business, it's natural to just screen everything by default, which makes it incredibly hard for third parties to deploy new applications. That's in the ILEC's interest (at least in the short term, though not necesarily in the long term since it disincentivizes the creation of new applications that might let them sell you more bandwidth) but not really in yours.

Of course, even if there's a monopoly on DSL service, it's not a complete Internet monopoly. You can still buy your service from the cable company. Unfortunately, cable Internet, partly as a result of its technological base and partly as a result of its institutional culture, is even more committed to the idea of centrally provided service than the telcos are. Don't look for them to endorse a world where any chump with a computer can stand up a new service.


August 6, 2005

From: EKR
Subject: BOF review: alien
Date: 20050805

Summary: Not ready for prime time.

The subject of this BOF was how to provide a measure of privacy
for communications traffic. Most current traffic involves
carrying around persistent identifiers (MAC address, IP address, 
TCP port pair, etc.) The idea here seems to be how to preserve
a long-term association between two communicating parties without
exposing that association to linkage by third-party eavesdroppers.

This is a somewhat active research area and there were presentations
about some of the work that has been going on. The work so far
seems to mostly work in contexts where the parties have access to
a large number of IP addresses because otherwise the IP can't
really be hidden. This makes it somewhat impractical for most
current deployments in the IPv4 environment.

The general sense of the room seemed to be that this wasn't
anywhere near ready for an IETF WG. There was some enthusiasm
for an IRTF RG. The BOF chairs (Nikkander and Kempf) are going
to work on a proposal for such an RG.
Charles De Gaulle airport does not make you take off your shoes or remove your laptop from the carrying case. They do, however, very earnestly ask you whether you packed your bags yourself, etc. They also ask you whether you are carrying anything that looks like a weapon or could be used as a weapon. I decided that this probably wasn't a good time to be a smart-ass by pointing out that a sock and a weight (say my iPod) makes a pretty good weapon.

August 5, 2005

I'm flying back from Paris today so I'll have an opportunity to observe the state of French air travel security. Seeing as CDG was where Richard Reid boarded boarded American Flight 63, it will be interesting to see whether CDG security makes you take your shoes off. So far, I can report that security at Heathrow doesn't seem to feel the need to either take off your shoes or take your laptop out of your bag.

August 4, 2005

From: EKR
Subject: MASS BOF review
Date: 20050804

A lot of spam and nearly all phishing mail is forged. This leads
to the potential implication that stopping forgery might have some
impact on them. DKIM is a merger of the DomainKeys and IIM proposals
for sender authentication via cryptographic signatures. The basic
idea is that mail servers sign the messages they forward and use
DNS to serve up their policies/keys.

BOF Review:
This is the second BOF on this topic. The last BOF was held a
year ago in San Diego and basically foundered on the lack of
a threat analysis. This BOF did the same, despite the BOF
organizer's valiant effort to redefine the problem as forgery
rather than spam and phishing. The basic tone was that a lot
of people seemed to think that this was good stuff but couldn't
really figure out what it was for.

Russ declared that a threat analysis---presumably one that
indicated that DKIM was actually useful---was required before
he approved this as a WG. I agree that this is the right

August 2, 2005

From: EKR
Subject: sechmech BOF review
Date: 20050802

Disclaimer: I was in and out of this meeting b/c I had to 
attend lemonade.

IETF (and network security in general) has an enormous number of
both authentication mechanisms and security protocols. Unfortunately
(or fortunately, depending on your perspective), not all combinations
are now possible. For instance, you can use OTP with SASL but
not with TLS, PKI with TLS but only barely with GSS, etc.
This lack of orthogonality creates some real inconveniences for
application designers for two reasons:

1. None of the protocols provides a really complete set of auth
   mechanisms so it's hard to design a really flexible application.
2. The protocols aren't all equivalently appropriate, so you can
   be left with a situation where the protocol you want doesn't
   support the authentication methods you want.

The purpose of this BOF is to try to remedy this situation so that
any auth mech can be used with any protocol. Or, at least most with

As with any modularity/plugabbility story, the basic idea is to 
have a common interface that's implemented between the mechanisms
and the protocols. Then you'd be able to mix-and-match. So,
the project appears to be two-fold:

1. Define a way to describe mechanisms so that they're more
   generic and easily portable.
2. Modify the protocols so that they are suitable for more
   mechanisms (e.g., let TLS have arbitrary numbers of round
   trips in the handshake).

It's not entirely clear how far the chairs want to take (1): whether
the idea is that you could actually define the mechanism once or that
there would be a standard form for mechanism descriptions and so
you would need a lot less per-protocol bridgework.

As I understand it, the two initial action items are:

1. Move forward on task (1)
2. Try to start on "fast-tracking" some mechanisms for use with

There seemed to be modest enthusiasm for both of these tasks, but 
only a few volunteers. 

My personal view is that this is a very hard problem to tackle
completely. In particular, I don't really believe in universal plug-and-play
without very substantial surgery on all pieces of the puzzle. Some
guidelines for writing generally usable modules would probably be a
good idea, but I'm not sure there's that much traction here.
As a philosophical issue, every new piece of complexity you add to
security protocols carries risks, so I'm not sure we really want 
things to be completely orthogonal.
Writing about penguins in Slate, David Edelstein says:
In the most upsetting scene, a bird of prey goes after a group of young 'uns and the elders make no motion to intervene. Not even the parents. Previously, we've seen a grieving mother attempt to steal a baby from another mother at which point the whole village jumps in to drive her away. I'm no naturalist, but that's obviously adaptive: You can't have a viable society in which mothers steal babies from other mothers. But letting a predator take something: That's a strategy for survival.

This sounds intuitively right, but it seems to me that it's more complicated than that. Penguin evolution doesn't have any interest in having a viable society and it's arguable that penguins don't even have one. Moreover, it's not at all clear that wanting to raise your own children is adaptive behavior.

Caring for children involves a very substantial investment of time and energy--energy that could have been invested in producing more children. In order for it to be a good deal, you have to believe that you caring for them will increase their chances of survival more than not caring for them. Obviously, that's true if we're talking about the choice is just leaving them to starve to death, but if someone else is willing to care for them, then it's quite possibly a good deal, even if they wouldn't do quite as good job as you would, since you can invest that energy in having other children. In this model, the non-adaptive behavior here isn't wanting to raise your own children, but wanting to raise someone else's children, since that doesn't improve the propagation of your genes (unless they're related to you, of course).

My intuition here is that both behaviors are a result of the inherent imprecision of evolutionary mechanisms. A strong drive to raise children is simpler than a drive to raise only your own children, since the latter requires a whole suite of mechanisms for detecting which children are yours. A generic drive is "good enough" so that's what we get Now, obviously this drive is less efficient because you might end up caring for the children of others, so one simple mechanism to reduce false positives is to have it activate just after you've bred. It's easy to see how a mechanism like this could evolve. Of course, if your own children die you might end up stealing someone else's children and that's what we're seeing here.

Similarly, a generic drive to care for your own children makes you resist attempts by others to steal them, even if they would actually do a perfectly good job of raising them. This case is even harder to detect, as it requires divining the thief's intentions. For instance, if they're taking your child to kill it, that's obviously something you don't want to allow. And since you have no good way of determining their intentions, it's best to not allow it.

From: EKR
Subject: Review of HASH BoF
Date: 20050802

In the past year, we've seen successful attacks on MD5 and SHA-1.
I won't bore you with the details, but it's made people start
to think about what we can do to deal with this. The Hash BOF
was intended to explore this space.

There are a number of potential things IETF could do:

1. Design a new hash algorithm.
2. State requirements for new hash algorithms.
3. Standardize some set of countermeasures for using existing
   hash functions more safely (randomized hashing, preprocessing,
4. Go through all the IETF protocols and figure out where we
   need to change hash functions. (The attacks don't destroy
   all uses of hashes)
5. Go through the major IETF protocols and figure out transition

There was consensus that (1) was a bad idea and some enthusiasm 
for 2,3, and 5. Not so much for 4. The BOF didn't finish with any real 
consensus on what to do.

My personal view is that we don't understand the solution space
well enough to standardize countermeasures at this point.
The IRTF is working on a draft that will probably eventually
represent the consensus of the crypto community, but we're
not there yet. Going through the protocols, where they're vulnerable,
and figuring out transition strategies seems very important, as
does requirements.
For my money, the most important advantage of frequent flyer status on United is that it gets you access to economy plus (E+) seating, which has 3-4 inches more leg room than economy, which makes an enormous difference if you're tall. United is now offering non-elite customers the opportunity to purchase a yearly pass to get into E+ for $299/year. They're also offering a discounted combined E+/red carpet club membership for $699/year.

Some implications:

  • Being non-elite and flying United is even less attractive. Currently, you can sometimes get E+ at the airport on an as available basis. That's going to be harder of other non-elites can buy it.
  • It's less attractive for elites to fly United (because they're less likely to have E+ empty) but more attractive for them to get more status to make sure that they don't get stuck in economy because of lack of room for probably a wash.
  • This basically introduces a fourth tier of service ahead Economy and behind Business. Is the endgame adjustable seats and being able to pay for every additional inch of legroom?
  • The most interesting feature here (and one that suggests we're not moving towards pay-for-inch) is that this is a membership, not a per-flight choice. That obviously has the advantage for United that it creates loyalty among people who buy the pass, since it's now much more attractive to fly United than another carrier.

Of course, a lot of people's travel is payed for by their employers. I wonder if businesses be willing to pay for people's personal memberships in this program?


August 1, 2005

Over at BoingBoing, Cory Doctorow is flipping out over the discovery that the new OS/X kernel seems to depend on TCPA.
Here's the important part though: when I use apps that aren't free, like Apple's, BBEdit, NetNewsWire, etc, I do so comfortable in the fact that they save their data-files in free formats, open file-formats that can be read by free or proprietary applications. That means that I always retain the power to switch apps when I need to. That means that if the vendor changes their policy in a way that is incongruent with my needs, or if they go out of business, or if they treat me badly, I can always go across the street to another vendor, or to a free software project, and switch. This acts as a check against abusive behavior on the vendors' part and it is, I believe, partly responsible for the quality and pricing of their offerings.


What this means is that "open formats" is no longer meaningful. An application can write documents in "open formats" but use Trusted Computing to prevent competing applications from reading them. Apple may never implement this in their own apps (though I'll be shocked silly if it isn't used in iTunes and the DVD player), but Trusted Computing in the kernel is like a rifle on the mantelpiece: if it's present in act one, it'll go off by act three.


Yeah, yeah, DRM sucks, but all this angst seems rather overwrought. Consider what we know so far: you won't be able to run MacOS/X on hardware that doesn't have TCPA:

We found out that the Rosetta kernel uses TCPA/TPM DRM. Currently their are no ways known to get the GUI working on non-Apple hardware, with this protected kernel. Even with a SSE3 enabled cpu you will never get the GUI. Read more about TCPA here:

Why is this news? Certainly, we knew that Apple intended to tie the OS to the hardware. It's extremely unsurprising that they would want to use TCPA to get this job done (though as I mentioned earlier I'm not sure that TCPA provides that much value for this). There's nothing evil about this and it's pretty much required for Apple's business model.

The risk here, I suppose, is that it seems likely that Macs will have TCPA hardware in them in the future, which means that vendors may actually take advantage of that to do DRM. I can see how Doctorow would be unhappy about that, but this was likely ever since we know that Apple was using Intel, since Intel loves TCPA (though you could imagine using non-TCPA chipsets with Intel processors) so this isn't really news either. And it's not a reason to stop using Macs any more than the fact that your PC has TCPA is a reason not to use Linux.

None of this means, of course, that Apple won't decide to provide some kind of DRM service in the OS. And certainly having the technology to do so does give them some permanent temptation to do so, but I don't think that we have much more information about their intentions on their front today than we did last week.