Cyber Intelligence Sharing and Protection Act which would enter U.S. law if passed, the House of Representatives will be voting on this in the next few days. There are many flaws with this, the EFF has a good FAQ about CISPA. In short it gives power to private companies to share their user's data with 3rd parties whenever they feel like it. This concerns anyone who uses an American company for anything from forums to email and so on.

Obama promised to veto it which could mean he'll actually sign it and say he has some reservations, a bit like with the NDAA.

We Don't All Live in America

There are a few Internet defense organisations based in the U.S.A., many do a brilliant job of gathering informations and breaking them down, investigating and so on. They often will have an option for non-Americans to participate, which is cool. Yet still, the whole thing feels way to America-centric and non-Americans have their own problems too, problems that these organisations do not address unfortunately.

As a non-American, it's perhaps time to stop playing along with American laws/bills and all their protests and petitions. These things just come back over and over again, that's how it works. People invest so much time reading about the new amendments, signing petitions, discussing these things on forums and chatrooms, but in reality it feels more like a big waste of time and energy. Time that could be spent actually doing things.

Actually, Most of Us Do Live in America, Virtually

There are 1 billion active Facebook users (according to Pingdom 2012 in numbers) out of 2.4 billion Internet users. If you want to know what people are thinking and doing, design a law that lets you into the Facebook and you have access to almost 50% of the world's profiles.

Facebook is an American company, if you are a European with a Facebook account then your profile is subject to American law. Even if your data is stored on a server located in Europe. In this case a part of you lives in America.

Facebook is obviously just one example, the same applies to any and every American operated Internet service, so Google, Hotmail, Twitter, Reddit, and so on. Even DuckDuckGo. Within the lot there are some companies that are more or less "good guys", others may be submissive and silent, in the end they are all subject to the Patriot Act and other goodies.

You may be interested in reading Safe Harbor: Why EU data needs 'protecting' from US law.

What Else Can I Do Besides Sign and Tweet ?

CISPA and many of its friends exist only because the overwhelming majority of Interweb users use centralised services. The problem is that almost everyone uses the same communication tools. This makes it easy to design laws that would target them and exploit their already exploited users. And that's what they do.

If the majority of users used their own servers all these laws would be very hard to implement. It would require actual work to start gathering a user's profile, so much that it would probably only happen when it's at least somewhat justifiable.

Running your own server isn't half as complicated as it sounds, I wont go into details here, but there are tools that make it easy (DISS for example, maybe not the best, but I tried at least). The ideal is to do this with friends and provide email services to your family and friends. Cheap and reasonably reliable servers exist and can be found under 20 euros a month even, they could host quite a few users.

All those Internet defense groups should be promoting self hosting, when they do that I will take them seriously.

If you are American it is possible that by violating the Terms of Service of a website (which constantly change without warning) that you are a criminal. With that in mind, here are my Terms of Service: By visiting this website you are exceeding your authorized access. Therefore you are a criminal.

Of course this is a slight exageration, yet in practice the CFAA is unclear and as interpreted would make the Terms of Service of a website an amendment to current law for the user of a website. For example if a website says that you must be over 18 to view the content, then by doing so at the age of 17 you are breaking US law, not just the terms.

With that in mind the terms could contain anything, there's no reason to dismiss absurd terms which may regulate how you may view the site, for example the terms could state that using Ad-Block is forbidden, or even using certain browsers why not. Facebook (and many others) state that you should never give your password to anyone, by doing so you could be found guilty of breaking the law.

I think the terms should remain a private agreement and should simply allow the website owner to deny access/service and/or delete posts from a user, why not. However considering the Terms as an amendment to the law is so insane it's insane.

Further reading:

• Are You A Teenager Who Reads News Online? According to the Justice Department, You May Be a Criminal
• Rebooting Computer Crime Law Part 1: No Prison Time For Violating Terms of Service
• Take Action via EFF (for Americans mostly I guess)
• Fix the CFAA (another link to an EFF site)

Click here to sign the Defective By Design petition

The discussion about implement DRM in HTML has been ongoing on the W3C mailing lists for a while now. Sometimes it seems more of a flame war than others. Companies like Netflix, Microsoft and even Google are trying to push for a standard that would allow the content distributors to control the user's usage of the delivered content.

It's called Encrypted Media Extensions and it says this: This proposal extends HTMLMediaElement providing APIs to control playback of protected content.. They would like to have a standard method for controlling your usage of their content. This means things like restricting users from even being able to pause a video, fast forward/rewind and of course restricting users from recording the content to disk.

I don't see how it would be possible for a user to have a 100% Free and/or Open Source browser that can access a video but yet restrict the user from doing certain things. Or the browser could be Free but then the user would have to install some proprietary piece that will work with the HTML spec to then restrict themselves.

Currently these things are done via non-free plugins such as Flash or Silverlight, maybe also with Java but you really have to be made of hate to make a restricted video player in Java.

The problem that the "content" industry has is that these proprietary plugins are dying, they are limited in adoption, function and they are not optimised for performance. They are a pain in the class (programming joke, sorry). Hence the dream of making DRM part of the standard.

Anyway, I don't see why such a specification should be part of W3C's standard. Those that want to restrict the usage of user's computers could simply get together and create a communal plugin, like Flash or Silverlight, but better and standardised, if they want, even open-source. But in the HTML spec, there should be no effort made to help people restrict users. That's not the point.

Please sign the petition by Defective By Design against DRM in HTML. Indeed, this is defective by design, in so many ways.

How malicious is your ISP ?

If they practice DNS hijacking then it's pretty damn messed up and should obviously be illegal. Yet for some reason there are ISPs that do this and have been getting away with this for years. Even stranger is that it's apparently tolerated, by clients as well as law.

Today I helped a friend who couldn't connect to his server, it turned out that the issue was because his ISP, TalkTalk, was returning the wrong IP address for his domain name ! TalkTalk's DNS said 92.242.132.16, obviously that's not the IP we were looking for.

I helped him change his DNS settings to use domain name resolvers that don't commit man-in-the-middle attacks. A recent similar attack on users was caused by the DNSChanger virus.

A 'whois' reveals the IP 92.242.132.16 is assigned to Barefruit.

Barefruit is a company that helps ISPs patch and break their DNS software (Bind, djdbdns, PowerDNS) to make sure they hijack user's DNS queries. Their solution substitutes NXDOMAIN (non-existant domain) replies with A records to an IP that hosts spam (non solicited advertising).

This is what Barefruit claims (source, their website): Using Barefruit for DNS and HTTP error resolution improves the user experience for the vast majority of Internet users by suggesting relevant alternatives as opposed to serving unintelligible error messages.

Because Barefruit thinks that "Server not found" or "This webpage is not available" is unintelligible... . If a person does not understand "This webpage is not available", how could they understand any other web page that contains words ? Or worse, how can they even understand that they mistyped the website's url ?

Their goal of course is good old user monetisation. Even error pages can generate revenue. They demonstrate having no shame as they write:

I must point out that these pages are not "ISPs' error pages", they are "user's error pages".

Barefruit has a page on "Opt Out" which is even more ridiculous. Barefruit recognises that some people - mainly technically savvy advanced users, may wish to opt-out of this service. Besides the fact that it should be "Opt In" if anything, actually using the address bar has become something that "mainly technically savvy advanced users" only ever do. But mostly, how many people even understand the implications of this ? Every user who understands what's going on should want to opt-out. These ISPs are undoubtedly taking advantage of their customer's ignorance.

The damage list goes on. Not all services are HTTP based, so when you try to connect to a non-web server you don't even see the advert/spam pages. This can make it more difficult to figure why your application might be failing, but even worse, all traffic you might be trying to send to the server you were trying to reach is intercepted by Barefruit (they can take it or leave it, but they are technically intercepting it).

There is absolutely no good reason to accept this, unless you think it's a good idea for a phone company to redirect their customers to a cold caller when they misdial a phone number. It's exactly the same thing.

TalkTalk and Barefruit hijacking redirect users to their own web servers

It's not just TalkTalk who's doing this, there are many many more including Virgin Media. In fact I haven't (yet) found a full list of ISPs who hijack their client's DNS and redirect traffic to their own servers. A friend of mine showed me that Virgin Media also does this.

Some might react by thinking of using 3rd party DNS, why not, but beware, most of them do the same thing, like OpenDNS, DNS Advantage, Norton DNS and probably others. Google DNS does not hijack DNS so far, I believe they are smart enough to not do that and be satisfied with the data they gather.

You can test if your ISP does this by either trying to visit a domain that clearly does not exist, like this link for example. You could also just use dig to search.

Example using DNS Advantage: manu@computer$ dig respect-mah-internetz.1 @156.154.70.1 ; <<>> DiG 9.8.1-P1 <<>> respect-mah-internetz.1 @156.154.70.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42094 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;respect-mah-internetz.1. IN A ;; ANSWER SECTION: respect-mah-internetz.1. 600 IN A 92.242.144.2 ;; Query time: 160 msec ;; SERVER: 156.154.70.1#53(156.154.70.1) ;; WHEN: Fri Oct 19 22:20:05 2012 ;; MSG SIZE rcvd: 80 As you can see, we get a status: NOERROR where we should have status: NXDOMAIN and the IP 92.242.144.2 belongs to Barefruit again. Others such as OpenDNS and Norton use their own IPs.

These DNS servers are so desperate they'll resolve anything that has a dot.

The only case for this to be acceptable is when a user explicitly chooses to use such a service and understands the implications. There may be some interesting positives uses, but certainly not done without your consent.

You can "opt-out" of these services they say, but here's the thing, DNS is such an important aspect of the Internet that messing with that is exactly the opposite of what we should be doing. It can lead to phishing, censorship and other malicious activities. Altering the content of communications is probably very illegal, and this is that.

Lately there have been more and more attempts to legislate, censor and control the Internet and with that many protests to counter these measures. There are also more and new groups and political parties that advocate Internet freedoms, freedom of speech and all that stuff. Even some website that wants to have a "Bat signal" to gather activists when action is needed.

There are a few things that have been bothering me for quite some time now, if you already understand how we ended up with the Internet we have today you may skip to the end.

Brief History

Internet was designed to be a global distributed network, which means no central point of failure or governance. Having a decentralised network was key in the design, this made it virtually impossible to shut down communications between peers as there would be many different possible routes from point A to B.

Before 2000 it seemed normal or at least common for people to host their own services even at home on their desktop computer.. Even though things like AOL, Hotmail and other such services existed, censoring and/or controlling the Internet was nearly impossible. People used so many different email providers, different search engines and various forums and chatrooms, the users were scattered all over the place.

The network slowly concentrated in to bigger centres. Some services grew and became better and better to a point were their names became synonym for the type of service they initially provided. Some extended their services to new domains, like that search engine who quickly understood that user data was the real money maker. They offered to capture user data as a service, they called it "email with unlimited space". People loved it so much that the other providers had to follow the same path or risk extinction. It became the most popular way of monetizing the Internet.

Later on newcomers landed directly on this new world of "ad-supported data violating web based services" and saw it as normal Interweb procedure. Meanwhile many "computer geeks" abandoned their personal servers and signed up for FaceSpace+ accounts, with that the wild west style communities started to die off, their users were outraged by any web page that did not have Ajax effects or OMG kittens. The first battles in the war on Digital Autonomy and Freedom were lost to fancy user interfaces and pokes.

Current Situation

It's very simple, most users rely on one major search engine to tell them where to go, the same company provides them communication tools (email, chat), news aggregation, maps, calendars, document editors, etc etc. If you look at the top 500 global sites (according to Alexa) you can see that most of the biggest sites are all owned by a very small club.

Internet services are mostly centralised. It is now easier than ever to censor content on the Internet, Twitter accepts per country censorship on their network. Google has been complying too. In this case I am not judging Twitter and Google on their censorship policies and/or methods, they are quite open about this unlike others we might not always hear about.

This shows how easy it has become to control what information gets propagated on the Internet. Countries like Egypt may find it more effective to censor Tweets and Google searches rather than pulling the plug on the whole Internet. This more discreet approach should have something closer to the desired effect, indeed censorship works best when it goes unnoticed.

Tracking Users to Provide Tailored Content

Most Internet users nowadays have all their emails read by robots/scripts which then find the most appropriate advertisement to incorporate to their webmail page. Most of the data we feed into the machine gets mashed up into data that is sold to marketing researchers. If you don't have an account with any of these companies, you might still be feeding them copious amounts of data via cookies, analytics and other types of embeded web content.

It is nearly impossible nowadays to visit a web page that does not ask your browser to retrieve data from other sites. Even a simple image embeded to a website will provide useful statistics. True story, some random guy once linked to an image from my website for his site's footer, I suddenly had his complete visitor statistics.

Imagine how much more can be done from a company that owns an incredible amount of very popular websites and provides many analytical services to a point where almost every website visited implies a request to at least one of their servers. Now imagine that a lot of the people running around on this Internet are logged in to this big company's services and are hence personally trackable among almost all the sites they visit.

One of the goals of all this is to provide "tailored content", not the advertisements that happen to match your recent conversations, but your actual search results, news, etc. You might not have the same results using Google as someone sitting right next to you. Some say this is good, others say this is evil. I say is that it's a demonstration of what is technically possible today and it should make you react.

Internet Freedom Defenders, Please

The main reason why any of those CISPA/ACTA/PIPA/SOPA/CABANA things could affect the Internet is because of the way most of us use the Internet. Being mainly passive users has made it technically possible to apply very creepy legislation. I see these protests mainly as a wake up call for people to start changing their habits and to take the Internet back.

A few things many movements that try to defend and promote Freedom, Internet freedom, Free speech or any variant of those things need to start doing are:

• stop using Facebook as your primary point of contact
  

  I get that you must use those tools to reach the masses, but you are losing the core by doing so exclusively. I really can't take you seriously if you communicate mostly via the same website that supports the law you are protesting against (Facebook supports CISPA). Just setup a public webpage somewhere with the infos people need, then share/spread the info via other mediums such as social networks, email, forums, etc.

• Learn to use distributed and decentralised social networks
  

  You should use and promote usage of social networking tools that do not depend on a central authority, a great example is of course Friendica, there are many others too. Avoid corporate policy censorship by being your own social network administrator.

• Don't use URL shorteners
  

  It should be obvious that shortened links are obfuscated links, there is no good reason to use them, ever. If you have a link to share, just share the link, not a link to the link.

• Emails, install your own server
  

  This should be the most important element, a private mail server. This is where you tend to concentrate most of the confidential stuff. You should already want to do this by default, especially if you want to defend the Internet and Freedom, etc etc... . .

• Avoid embedding tracking devices on your websites
  

  All those gadgets to "like", "sign in with", "comment using", etc etc are often tracking devices. By embedding them you automatically identify most users to their email and/or social network providers about their visit, without the user's consent.

Just one more thing, when Facebook, Twitter or some site like that starts acting weird, remember this: Their terms of Service allow them to do pretty much anything and you agreed to them (if you have an account). They do not owe you anything because you are not the customer, you are the product.

I feel sad sight when I see organisations like Demand Progress ask their subscribers to sign a letter to ask Facebook to stop supporting CISPA. Instead of trying in vain to change the corporation, do what these fine people did when Godaddy supported SOPA, change your habits.

What you do counts more than what you sign.

You may have already heard about CISPA (or CISPA or CISPA at !wiki), if not the simple version is: It's another law/bill/treaty/crap designed to waste everyone's time.

The slightly longer version is that it is a bill designed to allow companies to share data with other companies or governments with less hassle, like the hassle of asking or even informing the person who's data is shared. The full title says it nicely: To provide for the sharing of certain cyber threat intelligence and cyber threat information between the intelligence community and cybersecurity entities, and for other purposes.

One interesting thing has popped up in the news, it's that Facebook supports CISPA. Here are some other letters from some brave companies who support CISPA. In Facebook's case I can totally understand their view, their whole business is based on user's data. How could they not support this ?

Now the expected thing to do, if you are interested in privacy and that sort of thing, is to spend hours reading boring legislative crap until your brain starts pouring out of your ears. However, I really don't care this time. This might sound selfish or just lame, but I don't feel very affected by this. I don't have personal data on third party services (or ones I can't trust).

The real reason I don't care is not because I feel covered, it's because many of those that aren't covered do not care. Seriously, so many people believe that the practicality of having an email provider that let's you "star and tag" emails and the convenience of keeping up with friends just by clicking on their name outweighs any reason for concern, since years.

So if you use such services, and again disagree with this sort of legislation then it's your problem to solve now.. You can delete your account(s), write to them or just hope it will go away magically.

Many ISPs or other Internet services in these current days will often voluntarily co-operate with the authorities without requiring warrants and such. Some will be even working directly with the MPAA/RIAA. However there are some people out there, like Nick Merrill who are are totally not like that.

Today he is raising money to start a non-profit ISP and mobile phone service that will be designed to resist surveillance, with things like encryption, minimal logging and mostly by challenging requests by the authorities that are abusive and/or illegal and/or unconstitutional.

So if you do live in the U.S.A. and more precisely NY for now, you could be very interested in checking out Calyx Institute and perhaps donating via Indiegogo or via their Paypal form.

Also, check out the people on the advisory board.

The UK would like to implement a new system (originally brought up by the Labour party) that would oblige Internet access providers to monitor all electronic communications. The ISPs would have to store logs of all communications, though they say the actual content of emails wouldn't be recorded without a warrant.

They will most likely forge email providers certificates in order to intercept encrypted traffic, because most browser by default trust just about any certificate emitted by a "company" most users wont even notice.

If you are a UK citizen you can sign this petition. You can also check out ORG who follow these issues very closely (the only thing they do wrong is that they use bitly links!).

This came out yesterday, yet it's not an April fools joke..

Read more:

• Phone and email records to be stored in new spy plan - telegraph.co.uk
• Backlash over email and web monitoring plan - bbc.co.uk
• Stop the government snooping on every email and Facebook message - action.openrightsgroup.org
• Scrap Plans to Monitor all Emails and Web Usage - epetitions.direct.gov.uk

In some coffee shops you can easily get access to the Internet, what they do is just give you the password and voila. Neat right ? Anyway, these other coffee shops, chains to be precise, hire a 3rd party company to do it for them. So the other day I went in to one of them to get a coffee and an IP. This is what I noticed.. images.

And then, just to make sure I could feel the chilling effect of being censored... They blocked reddit.com/r/ACTA !!

Actually they blocked ALL of Reddit.

So there you go, the future of the Internet could be this.

Vic Toews wants to spy on underage children, and all other Canadians. At least that is what I understood from what I read today.

A Twitter user created the account vikileaks30 to enable others to get to know Vic Toews a bit better. It's an interesting demonstration of how it can be disturbing to have your personal life available to people you don't know.

One of the things that if find interesting in this proposal is: Force internet providers and other makers of technology to provide a "back door" to make communications accessible to police. It reminds me of Symantec's dodgy unpatched and perhaps intentional backdoor they let lay around for a few years.

Anyway, it's been hard keeping up with the torrents of laws that are being thrown around these days, but most of them lately are focused on the dying entertainment industry. The other thing being again, that this law seems to want to actively gather information about the users themselves, read their emails and all that stuff. Every Canadian's emails that is, and every Canadian child of course, hence Vic Toews wants to spy on underage children.

Update: This very short clip tells a long story..

A new book to be released in a few hours (I think this is on USA time): No Safe Harbor. This book is released by the United States Pirate Party, it features many interesting people and ideas.... .. and yes, it's licensed under the Creative Commons license. You can buy it or download it. Etc. You can even read it.

It's no news that Fox News is mostly made up of real geniuses who always deliver properly researched, reliable and fair information. Today they published an article on how"savvy moron surfers circumvent Wikipedia blackout.

The article goes on about how people have found ways of getting access to knowledge by using alternative sources (other websites!!) but the most striking part was that they announced how to get actual content from the Wikipedia itself.. ORLY!

For the diehard Wiki-fan who simply cannot do without Wikipedia, there is even a way to circumvent the blackout, using a system that relies on Google's cache of online sites.

This is how: Enter a search item in Google's search box, click on the double gray arrow that will appear when you hover your mouse on the right side of the search results. When a snapshot shows up on the right, click on "cache" ... and voila! ... you will be directed to the last snapshot of your search item in Wikipedia.

Of course, you could also click on the "Learn more" link provided by the blacked out Wikipedia page and find a simpler solution like:

During the blackout, Wikipedia is accessible on mobile devices and smart phones. You can also view Wikipedia normally by disabling JavaScript in your browser, as explained on this Technical FAQ page. Our purpose here isn't to make it completely impossible for people to read Wikipedia, and it's okay for you to circumvent the blackout. We just want to make sure you see our message.

Of course, for Fox News it is much easier to relay the stupidest crap on earth then to go read 4 sentences.

Senator Chris Dodd, Chairman and CEO of the Motion Picture Association of America (MPAA) speaks about the anti SOPA/PIPA blackout, noticeably about Wikipedia.

It is an irresponsible response and a disservice to people who rely on them for information use their services. It is also an abuse of power given the freedoms these companies enjoy in the marketplace today. It’s a dangerous and troubling development when the platforms that serve as gateways to information intentionally skew the facts to incite their users in order to further their corporate interests.

Indeed, nobody should be allowed to take down their own website, only MPAA and friends should have that kind of power.

Parts of the Internet will be on strike tomorrow as you may have noticed on this site. Join us while it is still legal.

A few good links:

• List of sites on strike
• BoingBoing on strike
• EFF on SOPA

There are many many many more out there, click them while they are still legal.

A friend pointed out this article on how Richard Stallman was right all along and of course, I agree and actually was not part of those who think/thought that RMS is too paranoid/crazy. I don't have a mobile phone and don't have a googlebookspace account, etc etc.. Like you too right ?

Anyway, lately pieces are being put together, SOPA (crap), ProtectIP (also crap), HADOPI (merde), Spain blocking websites, Belarus bans anything foreign, etc etc. . . Oh, and Obama signed the National Defense Authorization Act which in short allows the U.S. (of North America) to detain anyone they suspect/want indefinitely..

It's all crap, and then you realise that half of the "cool Internet" has been using Godaddy as their registrar !!

The other day I read about how Go Daddy supports SOPA (and loves Microsoft and kills elephants !). Since there has been a massive move of domains out of GoDaddy, including Wikipedia (still at GoDaddy as I write, c'mon Jimmy, it's been 5 days now!).

Since GoDaddy has changed their mind about SOPA but then it appears they haven't exactly changed their minds.

If you actually use GoDaddy you can pledge to boycott GoDaddy.. . and/or you could just up and leave them, I mean who registers a domain with a company whose name is "Go Daddy" ?

Important note, if you leave, be careful where you go as there are many GoDaddy re-sellers out there.. Just go to Gandi.net or EasyDNS, they both openly oppose SOPA and aren't just doing it for marketing's sake.

Over the past 10 years or so the entertainment industry has been whining about losing money because of the Internet. Of course it is (most probably) false. The crazy thing isn't the bitching, it's the desire to have full control of human communication, over the Internet at least.

I am so tired of them that it is unbelievable, the only reason these people have any power is because people actually buy their products and hence provide them with a neat fortune.

From here on I am going to go out of my way to not purchase anything that provides them with income. I am already not a big client of theirs, however it can happen that I legally watch a movie or buy a movie merchandise, that's done.

I do not support the "Entertainment Industry" (anymore at least), I would like to see them disappear for good. I am not afraid of not being entertained.

Today I heard about OEmbed, my first reaction was to implement it, of course ! The idea is to define a way of providing a page preview. Say you post a link on a microblog or something, the said microblog or something can visit the link, figure out what the resource is to obtain the preview, or OEmbed version (embeddable), and then chose to display that preview. Neat.

For it to work you need what they call an OEmbed provider, A provider is another service that will return the summary (JSON, XML or HTML). Apparently the client could specify the format they want the reply in.. To get the provider it seems there is a list of "well known providers" !! This means you take your link and ask the provider (another url) to transform your initial link into an OEmbed formatted something.... . FAIL !!11!!1.

Another thing is discovery, now this is a good thing, obviously, to put in the header a link to get the OEmbed version of the page, like RSS maybe ? The stupid part is that it requires that the link contains a url GET parameter, that supposes that instead of just providing a link to a OEmbed happy version of the page you MUST provide a "OEmbed provider link" that will take the URL of the page you are visiting, parse it and.. . BROKEN.

Why can't it just be an alternate link ?

Of course there are 3rd party providers now, and that is exactly what we don't need... It's so simple to generate a JSON or XML file that why would anyone ever think of a 3rd party web site whose role it would be to scrape your site to then provide a.. .OMG BROKEN.

As the idea is good but the implementation sucks why not simplify it, lets say we either use HEAD, like Jared Hanson and Vitorio Miliano pointed out in May 2008, or just use an alternate link a la RSS feed. If it's simple and easy for everyone to implement it will work.

Over and over again corporations have been trying to control the Internet and make it their product and governments have been trying to make it their terrain. Meanwhile many, the masses, think it's fine, nothing wrong with any of this People like shiny new products and the government is just trying to protect it's people (just like in Libya, Egypt, Syria, Bahrain, Yemen, China, etc etc).. . ..

Since the UK riots, the UK prime minister, David Cameron, would like to have a red button that can shut down "social media" in case. In case his subjects through a fit or something. A red button that can shut down Twitter, Facebook, Blackberry Messenger and probably everything I guess because.. I mean.. wait, maybe he doesn't know about the other websites and services that exist, lets not tell him.

Not so long after that, like a few days ago, during an attempted protest in San Francisco, the Bay Area Rapid Transit (BART) cut off access to the mobile phone network. So, no protest, no problems. No problems at all.

Of course Anonymous played around with the BART's website and exposed how securely they store their user's data. However, penetrating websites and exposing data, flaws, etc is just not going to be enough, BART probably does not care, they will reset their passwords, apologise to their clients and move on. As for the incident, they gave a nice explanation for their actions.

Maybe I'm just getting too paranoid, I mean, communications are private and nobody reads your emails, chat sessions and SMSes right ? Of course not, but still, police arrest a man for organising a water fight via Blackberry Messenger! A water fight !? And how did they know ... .

Maybe because Blackberry has agreed to help the police and has probably opened their doors wide open so the government can investigate on the riots. And on anything else they seem to stumble on. Like water fights ?! I still can't believe this.

Many have been comparing the looting and riots to the Arab Spring, obviously that is stupid as the UK's citizens have so much freedom compared to any Arab Spring affected country. That being said, as they are fighting and gaining freedom, others are getting very close to losing it.

Maybe we will all soon be dreaming of escaping to North Korea.

A victory for the creative industry, finally. A British court has ruled that BT (British Telecom) must block access to Newzbin2 (if you can't access it check via Herdict).

Some say this is good news for the audiovisual entertainment industry as they will finally be able to pay their bills and such. Indeed it is well known that the industry behind the MPA (Motion Picture Association) have been in complete financial decline since the popularisation of the Internet.. check the numbers. They have been selling approximately the same amount of tickets every year for the past 15 years yet the revenue has doubled, that means they are doing bad right ?

Others say this is an attack on our Freedom of w4r3z.. .. People need w4r3z, that's why the Internet was invented.

And others, more seriously, point out the issues between having ISPs enforce content filtering, websites being blocked more and more easily, innocent bystanders... and websites getting blocked for "copyright" reasons when it will in reality be for other reasons, like political for example.

Worse comes to worse, they block all of this stuff from the Internets and people will have no choice but to do other things with their lives. I think that because I doubt people will spend more on music and movies than they already do. Because people already spend a lot of money as it is..

Read more at Guardian/filesharing.

I don't even know how to go about writing about this.. So the Internet used to be a place where physical location did not matter.. Then websites started to deny access depending on your IP's declared physical location... .

Innovation being a part of the Internet, it seems that we may soon have a system to mimic real world borders, at least in Europe that is. It would work just like regular borders, most people can come in, some will need a visa others just a load of cash or something.

Of course internal movement will be free, except from time to time, like in case of revolutions in countries bordering Europe, France and Italy will try to close the borders down to national levels.

Anyway, the good news is that this might just slide as it is probably just a some kind of tantrum from Hungary's tenure of European presidency.

I just read a sad piece of technical journalism from Charles Arthur for the Guardian. I'll resume his rant; he blames p2p (file-sharing) usage for the new "no more unlimited mobile networking" policy that apparently O2 is moving into. He cites an O2 blog post which actually makes no mention of this.

According to the very imprecise graphic 97% of the users consume less than 500MB a month, the average would be 200 and 0.1% use more than 690MB. In short, very very few people tend to exaggerate IP (data) usage. If that caused any real nuisance to the network that would mean that either the operator's network is insufficient and/or they do not have the knowledge to implement simple QoS regulations (example: slow down the speed when network usage goes up so that all traffic can be on the move). So what is the real deal here ? Why are operators no longer happy to offer unlimited data for a fixed price ?

My conspiration theory is as follows: Now that you can access the Internet via your mobile device you can trade limited "text messages" (SMS) for unlimited text via realtime chat (irc/msn/aim/icq/etc) or email, you can trade phone calls for VOIP (skype, etc). And all this being on The Network (Internet) means that there is no difference between local and long distance communications. This is precisely, in my opinion, the real part where the operators may feel cheated. Users can escape the overcharges of calls and text messages not included in their plans, and why not even get a minimal call/text deal and just go for the unlimited mobile internet.

In reality the very few who actually do use p2p networks (illegal or legal btw) are not a real nuisance for the network, they are instead, AS USUAL, an excuse to change policies, pricing and laws. In this case, it's actually a "technology journalist" ranting about this, as if 0.1% of the data/phone users stole directly from his pocket.

Oh, and one more thing, I'm pretty sure those statistics include users who bought the mobile Internet dongle thing, you know the 3G usb device intended to connect computers to the Internet, in that case it's more than normal to go over 690MB in one month..

The other day I was running some tests because it seemed that my VPN traffic was being slowed down quite alot. One of the tests was plain FTP, that went at about 1mbyte/sec, then FTP via VPN, that seemed capped at around 200kbytes/sec. Some say "overhead because encryption", and I believed it, until I tested between two weak machines (VIA 2ghz) on a LAN:

• FTP: 10Mbytes/sec
• FTP/VPN: 6.5Mbytes/sec

obviously 200kbytes is a joke.

I of course suspected one of my ISPs (ADSL or dedicated server provider) of doing something uncool.. this lead me to discovering two things:

• Some ISPs openly cap VPN traffic like PlusNet. They actually have a whole timetable with various speed limits for various services ! You might have noticed P2P gets the lowest speed ever and youtube is way up there.... ..in short, the client's needs are not important, what is important is who's paying.. anyway.
• a cool tool called shaperprobe. This tool helps detect if there is any packet shaping happening on your network.

I soon after figured out where the issue was, my ISPs who say they don't throttle or shape etc are correct. : ] The issue was with this WAG54GS I hooked up temporarily that has this super cool option called "SPI Firewall", it's sole purpose is to slow down your VPN traffic, that's all it does.

In the end I learned that there are many bad ISPs nowadays that decide what's good for you, I am glad mine(s) don't, but how long will this last ? As they say, it's the consumer who decides, so if this matters to you, pick an ISP that doesn't shape their bandwidth.