Tuesday, July 6, 2010

no one can protect you, no door to run to

Why was the Ajax viewer banned?

And that rather puts the lie to Linden Labs not being able to block access to whichever viewer they want--as long as that viewer internally self-identifies. Blocking Ajax means they could block other viewers, especially damaging ones like Neillife--if they wished to block them.

In ebook reader news, Amazon is a slow and subtle creature--they filed a patent for a device that was likely executed only in diagrams at that point, and filed it for the US alone--which meant they never had to inform anyone developing similar devices that they might be in violation of upcoming patent law.

Now? They have their patent. And they can start going after offenders against said patent--which didn't exist when they applied for the patent.

Sneaky, Amazon. Very very sneaky.

Internet history lesson: anything that can become Fun, and a fad, will. Witness:

Around noon on July 6th, 2010, Amanda Palmer sent this out on her Twitter feed:
amandapalmer i don't usually hop on the youtube train. this one MUST be seen. DOUBLE RAINBOW ALL THE WAY AGHHHH http://bit.ly/rainbowman
This resulted in someone auto-tuning the audio into a song, which she mentions three hours later:
amandapalmer oh my god. DOUBLE RAINBOW AUTOTUNED. man, this shit happens FAST. thanks everyone for link http://bit.ly/RainbowAutotuned
Wau. Just wau.

Meanwhile, the battle rages on for net privacy versus net transparency. The latest battleground? Battle.net, of all places. Blizzard, the company behind World of Warcraft, Starcraft, and the upcoming Diablo III, has stated their firm and unwavering intent to stand behind RealID, the certification program that links your real life information to your game accounts in all Blizzard games.

Why is this a bad idea? I spoke with one of my friends who plays WoW, and is having to deal with the repercussions of the effect. She lays out her home situation, for instance. She trusts herself, and those she friends; okay, fine. She trusts her first partner, and those he friends; also fine. She more or less trusts her other partner, but he's known to friend on whim, and she's not sure she trusts those impulses.

Move it farther out. Now, friends of her friends, friends of her first partner's friends, and friends of her second partner can also see her real name. Move farther out still, and their friends can see her real name, and she has no idea who those people even are.

What can be gotten with just a first and last name? Well, in the US:

* home address
* home phone
* birthday
* age
* appearance
* parents' names
* childrens' names
* childrens' and parents' ages
* spouse, if any

With a little financial expense and/or hacking ability:

* Driver's license number
* Car insurance number
* make and model of vehicle
* high school records
* college records
* college papers, if any were published or stored
* library card number
* rental history with library, videostore, grocery story, pharmacy...the list goes on

With a cop or private investigator involved:

* court history and/or criminal record
* military service record
* medical records
* psychological records
* vacation spots, plans, time share ownership

Yet Blizzard seems to think this is just fine and dandy.

Count me out. No Diablo III for me, that's my final decision. But it reflects a worrying trend that's on the rise.

In the meantime, trying to build, trying to review, trying to do a lot of things, but between summer heat and the grid refusing any form of stability, I'm rather stuck. Expect more tomorrow. Between spates of attempting-to-build, I did hit Operation Squeegee with a small vengeance (over $1000 as of yesterday! They're not RFL figures, but we are SO pathetically grateful for ANYTHING, and even that little will save birds, help keep the fight going, and inspire people, I swear to God), so expect pictures and product reviews tomorrow.

Noticed a few people had put out freebies for the event. Pondering making up a freebie thing. Not sure if I will or not, but hey.

And that's the news of the day, off for more battle with the grid.


Anonymous said...

"And that rather puts the lie to Linden Labs not being able to block access to whichever viewer they want--as long as that viewer internally self-identifies. Blocking Ajax means they could block other viewers, especially damaging ones like Neillife--if they wished to block them."

Actually, no. They started blocking AjaxLife.net after it started using a single stable IP address... which both made the problem clear and made it easy to block. Non-service-based clients don't have that issue.

(And you can still use your own private copy of AjaxLife run locally.)

Anonymous said...

I probably should have included a link to Katharine's blog post on the matter.

Emilly Orr said...

Thanks for the link to the blog; I had figured it was something like that, actually, and not a flaw (per se) in the viewer itself; it's good to have that confirmed.

Still, the statement, I think, stands--if your browser self-identifies, I think they can still get a fix on the client--as long as the client retains that identification and doesn't mask itself in other ways.

Which is all now moot, because as they said, they don't have the staff now to worry about such things.

Rhianon Jameson said...

Thanks for the news about the Kindle patent. Sad, but all too typical. (The literature even has a name: the "submarine patent," because it's underwater until it does its damage.) They're a big problem, possibly worse, in the standards-setting world, too: the standards group attempts to create market power by agreeing on a widely-adopted standard (e.g., the various 802.11x networking standards), but often with the understanding that they want to adopt low- or no-cost IP whenever possible. Then, when the standard becomes accepted in the marketplace, out comes the patent.

The good news is that these disputes often get resolved with little disruption to consumers. Some money changes hands, the next generation Nook gets redesigned a little, and everyone goes on her merry way. (The bad news is that it's a growing problem.)

Fogwoman Gray said...

Just a quick point on the information available with a name.
Some states (including my current) will provide criminal history, sex offender status, court history (including divorces, will filed, etc) online to the public with only a name. You don't even have to register your own name to view it.
If you carry a licensure (RN for instance, or even a hairdresser) many states also have public online access to your license number, status and home address. This is why many of us keep professional post office boxes.
Medical records, however are different. I cannot legal provide any medical information to anyone without the express permission of the patient or their designated power of attorney (and only that if they cannot speak for themselves). This is enforced by HUGE fines and possible loss of licensure. A police officer cannot access that information either. The State Attorney General's office cannot get it by asking. It MUST be obtained with a warrant, which specifies particulars of why and what precisely is needed.
Just an FYI...

Emilly Orr said...

Lady Fogwoman,

Note the specifics: a creative hacker can get access to nearly anything. And second, while yes, warrants are generally required for the heavy stuph, at this point all the justice system generally needs is a declaration of 'person of interest' in regards to terrorism, and provisions of the Homeland Security act can see someone with an active warrant, house searched, computer seized, records accessed, and never have to actually be told there's an active warrant in place.

This is, of course, restricted to the US; other countries have radically different laws regarding search and seizure, and personal records.