EFF and Carpathia have joined forces to help Megaupload users who stored non-infringing files retrieve what they can. The only limitation is that this is only directed to users that are based in the United States (of America, North America).

If you are concerned by this than visit MegaRetrieval.com to see what can be done.

Now if you are NOT in the U.S.A. you might want to consider participating in this joint complaint organised by Pirates de Catalunya and endorsed by many other Pirate Parties as well as the EFF.

Demand Progress has started an open letter to twitter and asked its subscriber's to sign it, the letter is short and as follows:

While I am against any for of censorship I am also against telling Twitter how to run their business. In this case they aren't abusing employees, nature or other such things. If you (Demand Progress or anyone else) are not happy with their new terms and conditions you are always free to not use their services.

That said, after reading Twitter's Tweets still must flow post it seems almost kosher.. They claim they will attempt (that is the word I dislike) to mark censored posts as such, so to inform the user they are being censored according to their government's laws. If true it could actually somehow have a positive effect, imagine people's reaction when clearly seeing how much information is withheld from them.

I would also like to correct Demand Progress on one point, Twitter is not an "Open Platform", I cannot interact with twitter users in any way unless I create an account with Twitter. Open platforms are services that use Status.net (Like Identi.ca), Friendica, Diaspora and the like, they allow users to communicate between independent nodes and hence avoid any central policing and/or control of it's users and their personal data.

In conclusion I must add that if Twitter's new rules upsets anyone it's actually a good reminder that Twitter does not belong to its users nor is it a public service. Their terms of service clearly stipulate that users accept that Twitter reserve the right to remove any content, and all of Twitter's users have accepted those terms.

O2, a UK phone operator, seems to be sending along in the HTTP headers of their clients http requests the user's mobile phone number! Lewis Peckover has discovered this and set up a test page for people to see what information their mobile ISP is actually sending to websites.

To test, disable your mobile phone's Wifi and visit this page. There you should see the usual stuff, user-agent, IP, languages, etc.. If you see other things like your mobile phone number you might want to ask your ISP for explanations.

Another thing that Lewis notes is that O2 modifies content, he claims they downgrade images and insert JavaScript links. If true, this is really really bad, this is basically tampering and altering private communications. It's just like if the post office opened your letters, made reduced photocopies so your letters are lighter and then passed that on to you.

I am guessing this shouldn't work using HTTPS, however I would like to ask Lewis what is the deal on this as I do not have a mobile phone and hence cannot test this at all. I also don't have a Twitter account so... . If you do, ask him. Khtxbye : ]

Update: I found this old thread about the same sort of thing affecting other customers on other mobile networks. This is really not new and this is not an 02 issue but rather a mobile phone ISP issue.

A new book to be released in a few hours (I think this is on USA time): No Safe Harbor. This book is released by the United States Pirate Party, it features many interesting people and ideas.... .. and yes, it's licensed under the Creative Commons license. You can buy it or download it. Etc. You can even read it.

Louis CK has been distributing his latest show directly himself without any distribution thieves such as I-Tunes and the like. The video is available as a download and this without any DRM attached !

Check out the little note to torrent users (bottom of the page), it's honest at the least.

In any case he's made a lot more money then he had imagined, in just 2 weeks over a million dollars.. at 5$ a copy (not too expensive for most people). Not bad. I don't know this guy (yet), but he seems decent as over 25% of that will go to charities.Read more here for more details.

The other day I read about how Go Daddy supports SOPA (and loves Microsoft and kills elephants !). Since there has been a massive move of domains out of GoDaddy, including Wikipedia (still at GoDaddy as I write, c'mon Jimmy, it's been 5 days now!).

Since GoDaddy has changed their mind about SOPA but then it appears they haven't exactly changed their minds.

If you actually use GoDaddy you can pledge to boycott GoDaddy.. . and/or you could just up and leave them, I mean who registers a domain with a company whose name is "Go Daddy" ?

Important note, if you leave, be careful where you go as there are many GoDaddy re-sellers out there.. Just go to Gandi.net or EasyDNS, they both openly oppose SOPA and aren't just doing it for marketing's sake.

Drawing by Rike

Over the past 10 years or so the entertainment industry has been whining about losing money because of the Internet. Of course it is (most probably) false. The crazy thing isn't the bitching, it's the desire to have full control of human communication, over the Internet at least.

I am so tired of them that it is unbelievable, the only reason these people have any power is because people actually buy their products and hence provide them with a neat fortune.

From here on I am going to go out of my way to not purchase anything that provides them with income. I am already not a big client of theirs, however it can happen that I legally watch a movie or buy a movie merchandise, that's done.

I do not support the "Entertainment Industry" (anymore at least), I would like to see them disappear for good. I am not afraid of not being entertained.

The other day I saw this presentation about Convergence, it is a system designed to avoid using your browser's built-in CA (certificate authorities) for authenticating SSL certificates. Marlin talks about how the system is broken and how Comodo fails etc etc. Then goes on about various systems like certificates in DNS (I had a similar idea), but apparently they are vulnerable to DNS attacks..

Of course, I hate commercial CAs, they have no place on the Internet and have done nothing good for anyone, ever. (maybe a bit strong, but still). And of course browser vendors have sold their trust (and souls (if applicable)) to any CA available while still making you freak out when you reach a self signed certificate.. So of course I tried out Convergence, I even set up a notary (of course). After a couple of hours testing I came up with some pros and cons:

Pros

• Remove CAs from the equation

Cons

• Some sites do not seem to work, even Google (Citibank site effect, but for people outside the U.S.A. (yes, they exist)
• Slow. I have to connect to as many notaries as I have configured and compare data retrieved for each.. . slow.
• Problems with LAN sites, or sites protected by IP etc etc (sites that cannot be accessed by notaries)
• If the certificate is compromised and (hence) changed, you could be subject to hijacking as your convergence plugin will not re-query the notaries (unless you un-check the "use cache" option.. extra slow)
• DNS attacks are still possible, because most people will be using the default notaries anyway.. Which if this happens is worse then the average MITM as this would compromise ALL SSL connections !
• Crashes Firefox (but that is easily fixable I am sure)
• The "view certificate" function shows me "Convergence Local CA" and not the actual certificate of the website I am viewing, one has to go somewhere in the options to verify this.. this sucks.
• This is useless if the MITM is happening between the server and the Internet, actually, if everyone was using Convergence MITM attacks on a server's IP would now be easier to do, no need to trick Comodo into selling you certificate for someone else's domain.

As you can guess I stopped using this plugin about a few hours later. I also lost that sense of security when visiting my websites (webmail and all those things) as I have my own CA and/or know my certificates hashes, with Convergence I am lost.

I like the motivation behind Convergence (and Perspectives) but it simply appears to be totally broken. I could be missing something and would be glad to hear about it. After testing convergence I think that SSL without CAs using DNS is still a better option.

I also believe that as far as DNS poisoning goes, I do not understand why everyone doesn't have a local resolver, even and especially on laptops on the go.

Everybody loves Firefox, they are your friends, they are the "resistance", the alternative.. . the Free browser and all that crap. Yet, they somehow have started to annoy me to a point where I almost considered using Google Chrome... heck, I might just. :] (kidding!)

Here are just a couple of #$!%U*&ing things that annoyed me today..

Right Click -> New Tab: Gone

I'm not alone here, there are others annoyed by this as well. Please click on "I have this problem too" (if applicable).

Why remove such a simple ergonomically correct menu item ? People used it, they just broke it. (You can install a plugin that includes that functionality).

64bit ? But You Have to Look for it

Nowadays many computers have 64bit processors, so you can often use 64bit operating systems and enjoy 64bit programs. Cool. Some programs are not available in 64bit mode, that's fine but Firefox is available in 64bits since 4.0 .. However, you cannot easily find it. I've even found some tips on how to get the Firefox to run using ia32-libs, libraries to run 32bit programs on 64bit platforms !!

Funny thing is, while clicking through the "Need Download Help" button I found myself searching for 64 bit Firefox, the first result is "Uninstalling Firefox".

Anyway, if you still don't hate Firefox (or, like me, it's the browser you hate the least), you can get your 64 bit version from the Mozilla FTP site.. (of course this link was found somewhere on some forum or something... maybe some other rant).

I've been helping a friend with some projects of his, mostly websites and email. Very simply put, as I'm trying to host his stuff I need to set things up on my servers, this is supposed to be the "long" part, and then just edit a couple of DNS records... easy peasy.

The difficult part commenced when I tried to simply change an IP and perhaps add an MX record for one of his domains.. I logged in to NameSecure's crappy interface, I edited the record, again and again and nothing changes.. Well, maybe after about 10/15 minutes of trying it did, however the SOA was not aware of any modifications, even 3 days later !

Do this for 3 domains and you start to get a headache.

So I write to their support and ask them to apply the changes I need, to which they reply to my friend that it can take up to 96 hours... of course they are just brushing the ticket away and throwing words about propagation (of course I don't care about propagation, I ask the SOA directly when I'm checking this sort of thing). But still, nothing works anyway. A mess.

Namesecure sucks. You shouldn't take only my word, just search the Interweb and see for yourself. Or worse, register a domain that is critical to you with them.

Solution: Move to a real registrar. Your domain name is important, it should be registered with a real registrar made of real people who know how to actually do things.. One that gives you a real interface in which you can add records, press submit and magically it's there on the screen, it's like you didn't just waste your time. An example of a good company that can manage domain names properly is Gandi.net. It just works. It's quite amazing that there are so many "domain name companies", and I really mean MANY, that simply do not work and/or are totally crappy.

Anyway, the first and most important word on their website is "cheap", that means a lot.

This sink's design is broken in at least 2 ways.

This sink was installed only a few months ago in a high tech low spec building, yet the hot and cold water are distributed in 2 separate faucets. In the year 2011 you still have to chose between burning or freezing your hands every time you wash. Whoever designed this obviously isn't big on post-toilet hygiene.

The other issue, again if you use such a device, is the room left for you to maneuver your hands while washing.. . Actually, just trying to collect water is difficult, you find yourself constantly hitting the back of the sink with your hands.