I was just interviewed on CNET radio concerning the Consumer Broadband and Digital Television Promotion Act (CBDTPA, originally SSSCA). I made an analogy between this proposed law that would make all “interactive digital devices” enforce copyright, and a hypothetical campaign against purse snatching.

Let’s say there was a rash of thieves riding by women on bicycles or scooters and snatching purses. So the federal government passes a law saying that no transportation device may be manufactured or sold unless it incorporates protection against purse snatching.

That may sound ridiculous, because nobody knows how to design a bicycle or scooter that can foil purse snatching. But the situation is the same with computers under the CBDTPA. No secure protection scheme has yet been invented; all have been broken fairly quickly. What the CBDTPA would do is put enough barriers in the way to keep the average CD or DVD user from doing ordinary things like playing it on his computer, while not putting barriers in the way of the pirates who make a living off of copyright infringement.

It gets worse, when you consider innovation. Using my hypothetical transporation analogy, someone with a substantially new idea–such as Dean Kamen with his Segway–would have to go before a Board of people who know very little about transportation (and don’t really care about it) to prove that his device couldn’t be used to snatch purses. The equivalent under the CBDTPA is a vaguely defined bureaucratic institution that the entertainment industry would set up under the guidance of the FCC. Clearly, innovation would move offshore until Congress wised up.

There’s nothing new about regulation and standards, and sometimes these have been burdensome in the past. But the barrier to innovation and adoption in the CBDTPA is unusually radical, and inimical to the basic purpose of the devices being regulated.

Related link: http://www.wired.com/news/business/0,1367,51218,00.html

Liability for software problems is an increasingly hot topic. Just look at the pressure on Microsoft to fix buffer overflows and other flaws. Every few years, a call comes up to make programmers or their companies liable for bugs. This court case will get people arguing for a long time who’s liable.

Most of us believe that scanning a mail server to make sure it’s a spam relay is normal usage. Who would expect to be sued, much less arrested, for this bit of Internet hygeine? Who’s really responsible, the person doing the scanning or the company that produced software that crashed during the scan? What will this case do to search engines and other robots? Are they protected as normal practice?

Related link: http://www.wired.com/news/politics/0,1283,51106,00.html

AAAS hactivist Patrick Ball, who recently presented evidence against Slobodan Milosevic, notes that human rights work is best served by free software. He and his data coding team used Linux, Apache, MySQL and Python to analyze data on refugees and create his presentation.

Related link: http://www.icannwatch.org/article.php?sid=621

In a recent weblog, I compared ICANN’s irresponsibility to Enron’s. This was no rhetorical exaggeration. Now we see the fruits of its financial and organizational fooling around: a lawsuit from Karl Auerbach, one of the few board members who was elected by popular vote.

At their most recent meeting, ICANN adopted
resolutions that end public voting (the process that allowed Auerbach to get on the board) while affirming that their should be some role for the “At Large community.” Clearly that role would not include any kind of oversight or ability to change the board’s direction. Not in an organization that won’t even allow a member of the board to do his job and check their finances.

Should a board member be allowed to check the books?

Related link: http://www.linuxandmain.com/essay/sgordon.html

Shawn Gordon’s essay reveals more about Shawn Gordon than it does about creating a viable business in an open source world. Using open source tools The Kompany produces polished software like BlackAdder, an IDE for Ruby and Python, Kivio, a flowchart tool, Kapital, a personal finance manager. They also contribute back to the community many of the tools they use to make that software. I was hoping to find some insightful ideas about his experience. Instead, this is primarily Gordon’s complaints.

It’s difficult to feel sorry for Gordon when he complains about the abuse he receives for wanting to charge for GPL’d source code. Gordon seems surprised that RMS complains about this while admitting nothing in the GPL says he has to provide the code for free, just that it be made available. Geez! What was he thinking?

I think other commercial developers for Linux can take from this a lesson in how not to present yourself to your customers. Whining is rarely attractive. And, of course, don’t use GPL and charge for source code unless your want to be a free software pariah.

The following email from the Free Software Law Discussion list can really bring home to every computer user how inane the SSSCA is. Since I don’t believe it has been archived anywhere (although it has been widely forwarded), I am reprinting it here in full. Thanks, Ben Tilly!

From: Ben_Tilly@trepp.com
Date: Fri, 1 Mar 2002 11:43:20 -0500

On Thursday, Feb 28, 2002 Senator Hollings lead a hearing on
his proposed Security Systems Standards and Certification
Act, known as the SSSCA.

The problem, as Mike Godwin said at
<http://www.interesting-people.org/archives/interesting-people/200202/msg00273.html>,
is that Congress doesn’t understand the technical issues
involved. So we must find examples of those technical
issues in contexts that they understand.

Email makes a good example. Most people are familiar with
it, and it shows the relevant copyright issues.

I am sending you an email. If you like it, you might
forward it to a friend with a brief comment added. You
might send it back to me with corrections made. You might
copy phrases out of it to put into a report or memo. It
might, as with the message I linked, find its way onto a
website on the Internet.

By the act of writing you this email, I have a copyright on
my words. In these common tasks you have redistributed,
modified, and taken away my attribution. Under the SSSCA
the software cannot be allowed to let you do that because
the software is failing to protect my copyright. According
to Hollywood and Senator Hollings, you would be a pirate and
criminal for abusing my copyrighted material. Under
existing copyright law your actions might infringe, or might
be fair use. Mostly it is fair use.

So how would the SSSCA solve the problem of your using email
as it was designed and intended to be used? Very simply, it
would make your email program illegal. The software must be
rewritten. Once rewritten it cannot contain a “forward”
button. It cannot allow you to copy and paste text from
it. It cannot allow you to create a reply with my words
included. It cannot allow you to send mail to existing
email programs because they don’t implement copyright
protection. According to the good Senator, only pirates and
criminals would want to do any of these things. My
copyrighted content MUST be protected from criminals and
pirates like you.

Email is but one kind of program that is affected. (Do not
be fooled. The phrase they use may be “digital device”, but
their definition of a digital device includes virtually all
software programs.) Our lives are filled with electronic
content that we produce, transfer, and manipulate. Whether
you paste from one Word document to another or copy a
spreadsheet, features you use can violate copyrights.
Therefore Senator Hollings wants to ban your software.

They call this the Security Systems Standards and
Certification Act. They claim it is meant to protect poor
copyright holders (like me) from criminals and pirates (like
you). I call this the complete dismantling and destruction
of our computer infrastructure. Please let your
representatives know what you call it. You can find their
contact information as follows:

Senators:
<http://www.senate.gov/contacting/index_by_state.cfm>
Congress: <http://congress.org/>

Sincerely,
Ben Tilly

PS Your email software has not (yet) been crippled in accord
with the proposed SSSCA. Please feel free to use it to
forward this message.

Would the SSSCA really have such far-reaching effects?

When the Enron scandal broke, many analysts warned, “There
are lots of other Enrons out there.” One such corporation,
ICANN, is in the
process of breaking up now.

Like Enron, ICANN led a charmed life and received favor
after favor from governments and corporations alike, in
disregard of its dubious behavior. Like Enron, ICANN was
run like a private corporation but threw its weight around
everywhere on public policy. Like Enron, ICANN had every
avenue open to success and yet failed, wasting huge amounts
of money in the process. ICANN is even facing its own
incipient financial scandal, stemming from its refusal to
show its books to one of its own Board members.

On February 24 came the latest in a series of scathing
critiques of ICANN that have emerged on a regular basis
since the institution was first proposed out of the blue to
a surprised public by the Internet Assigned Number Authority
and the monopoly domain name registrar, Network Solutions.
What is novel about the

current critique is its author—the president of ICANN.

Many of President M. Stuart Lynn’s critical points are
reminiscent of those leveled by critics outside ICANN:

• That it has made little progress on the key Internet issues
  for which it was formed.

• That it is encumbered with a structure far more complex than
  its tasks or size demand.

• That its attempts at accountability are “artificial.”

• That it is living outside of its financial means.

• That its obscurantist process has driven away many important
  potential participants.

Mr. Lynn’s solutions differ radically, of course, from those
of the best-known critics outside the organizations. These
critics have highlighted the far-reaching implications of
his proposals by calling them “ICANN 2.0.” Even that epithet
understates the case, because Lynn is actually threatening
to revoke all the contracts and memoranda on which ICANN was
based and start over, doing whatever he wants in their
stead.

Recalling the original documents and “near consensus” that
predated ICANN, law professor Michael Froomkin
writes,
“The Lynn paper seeks to throw it all out, pretty much
single handedly, and does so in a way that does violence to
the substance and spirit of the original deal—and
without much thought for what motivated it either.”

To start with, Lynn’s definition of the problems is
self-serving. For instance, he is correct to label as overly
ambitious, and perhaps counterproductive, ICANN’s attempt to
set up elections that involve every interested Internet user
in the whole world. However, he wouldn’t dare admit that
this experiment, awkward as it was, created just about the
only toehold for democratic activity in ICANN. In fact, two
well-informed and severe critics of the organization were
elected to the board, and this is probably what scared its
leaders away from voting, not its theoretical weaknesses.
(I don’t feel sure, though, that an expansion of this
cumbersome voting method would have produced more democracy.
It might well have led to abuse and capture once powerful
observers figured out how to play the game.)

I admire Lynn’s boldness in throwing off the cloak of
rhetoric and bureaucracy that has shielded ICANN up to now
from facing its problems. He has taken the gamble of opening
up a debate that ICANN proponents have been vigorously
suppressing for four years. The question is, since ICANN has
failed, why should we bother listening to a solution that
comes from inside ICANN?

Given that ICANN made only laughable and token efforts in
major areas (such as its seven new top-level domains), and
given that it has renounced the “appropriate membership
mechanisms” required by the
memorandum
in which the U.S. Commerce Department gave ICANN legal
backing, why should we prolong its expensive tenure or grant
its leaders any more power?

(The origin of the “appropriate membership mechanisms”
clause is historically pertinent. The Commerce Department
was persuaded by a group of expert critics, the Boston
Working Group, to insert this clause. It was seen as a
necessary check on the power of a private corporation that
controls a key part of the information infrastructure. One
of the Boston Working Group members, Karl Auerbach, became
one of the dissident board members elected through the
democratic experiment that resulted from the clause. He has
subsequently challenged many of the organization’s seamy
procedures and made it harder for the old boys’ club to roll
along as it had before.)

What is to prevent the Commerce Department from thanking all
the ICANN board members, staff, and volunteers for their
efforts, then sending them home? We could easily roll back
the debate four years and start again the public process
that was aborted by the creation of ICANN. If Lynn were
really willing to make “hard decisions” and work from a
“candid assessment of ICANN’s performance,” he would have
reached the same conclusion.

Several observers, including David R. Johnson and Susan
P. Crawford in their paper
ICANN 2.0,
explain that ICANN is under contract to domain-name
registries and registrars and cannot unilaterally change all
the rules of the game. Lynn’s proposals were
rejected
even by RIPE NCC, an IP address assignment authority and one
of the Internet’s most central and long-established
organizations.

Many who currently follow ICANN’s antics do not know what
the domain name debate was like before ICANN was proposed.
In truth, many healthy activities were taking place. In 1997
and 1998, the Commerce Department started an open, public
comment process and released a href="http://www.ntia.doc.gov/ntiahome/domainname/6_5_98dns.htm">White
Paper that provided a focal point for all the groups
interested in domain names. The locus for discussion was
called the International Forum on the White Paper (IFWP) and
was the only organization in the history of this sorry
affair that included all stake-holders. They were making
progress toward consensus, too, when they were pre-empted
and undermined by the proposal to create ICANN.

The initial board of ICANN was chosen by a small group of
people in a secret process. No one on that board had prior
experience in areas of Internet policy. The backers of ICANN
probably thought this strategy would maximize the power of
the puppeteers hidden in the rafters, but instead it created
paralysis and incompetence. Thus, ICANN did not fulfill the
White Paper so much as flout it. The organization has
labored unsuccessfully since its inception to gain
legitimacy; in his aggressive treatment Lynn could well have
dealt his patient the death blow.

The environment now is quite different from what it was in
the Spring of 1998, of course. The
World Intellectual Property Organization
is trying to make policy in domain names, as the
U.S. government asked it to do in the White Paper (though it
certainly needed no invitation). Relationships between
participants in the debate have been reshuffled by new laws
such as the ill-considered “Trademark Cyberpiracy Prevention
Act,” passed by the U.S. in a whirlwind of back-hall
trading. Good or bad, such laws have given trademark
holders the powers they were asking ICANN and WIPO for.

Meanwhile, many of the best contributors to the debate in
1998 have experienced cynicism and burn-out. Few people have
the patience for a truly consensual decision-making process;
someone is going to have to take a little more control. This
time, however, the solution should reflect the expertise of
Internet leaders who have studied the domain name issue all
these years.

As Lynn points out in his report, the high-tech economy is
very different now from when ICANN was formed. This may
actually be good for debate. The dot-com boom of the late
1990s made corporations drunk with excitement about getting
on the Internet; they felt that the Information Highway was
paved with gold that was theirs to enjoy if only they gained
control. That is why the stakes seemed so high in the debate
between trademark holders and ordinary folks on the
Internet. Now these businesses are humbler and less
convinced that domination will lead to profit. A sane policy
for domain names is possibly more likely to get a hearing.

ICANN itself has changed the environment in ways that we
can’t reverse, and probably don’t want to. For instance,
there’s no point in eliminating the handful of new top-level
domains they created, or in taking away the power of the new
registrars with which they signed contracts. But the
significance of these domains and registrars (such as it is)
will soon vanish in the swarm of new TLDs that a new body
can create. This would also be a good time to recognize the
thriving world of alternative domains that is already in
operation thanks to the

Open Root Server Confederation (ORSC),
Name.Space, New.net, and others.

Similarly, we should probably keep the
Uniform Domain-Name
Dispute-Resolution Policy (UDRP) over which so many
people toiled. As a document, it is not too bad. But the
accompanying rules that (inconsistently) guide its
implementation have to be completely overhauled. One of the
key issues, given the severe bias in the current system shown by
Michael Geist
and others,
is how to provide expedient and low-cost arbitrators who do
not favor either side. (By the way, Geist has just
updated
his study to show that things have not improved.) Furthermore, new TLDs should be
created that are safe havens from the policy; there should
be a Hyde Park Corner in domain name space.

In short, the few accomplishments that ICANN managed to put
in place can stay. Lots more remains to be done.

For instance, the most important addressing issue that faces
the Internet today—rendering the fuss over domain
names almost trivial—is the global implementation of
IPv6, a new Internet numbering system that will greatly
increase end-user participation and make network
administration and routing easier. One would expect the body
responsible for assigning addresses to take a leading role
in promoting this historic shift, and whatever body succeeds
ICANN will hopefully do so.

In conclusion, it takes a lot of audacity—to use a
polite word—for an organization that tried and failed
to gain hegemony over an area of public policy to ask for a
second chance. In order to cut short an argument over who gets
to kick off the new process (an issue I have previously
referred to as

“booting the system for Internet decision-making”),
I recommend we return to the White Paper and the Commerce
Department. There are certainly many other stakeholders who
are more informed and mobilized to lead; one candidate, in fact, is the

Civil Society Democracy Project
set up by the organization I support,

Computer Professionals for Social Responsibility.
But to prevent destructive power plays, the simplest
solution is to ask for consensus on rolling back the process
to where it started.

The current Commerce Department cannot boast of the
experience and track record that the Clinton Administration
showed in high-tech. (They gradually learned that they had
to abandon anti-encryption proposals, for instance, and the
Commerce Department promoted universal access projects that
the Bush Administration is trying to dismantle.) But the
current department also doesn’t have to answer for the bad
decision made by that earlier body in contracting with
ICANN. It should be made clear that public interest
defenders are not going away and that we will not tolerate
another end-run around the transparent discussion process
that was originally carried on by the IFWP. Let’s see
whether we can recapture the openness that everybody claims
is the strength of the Internet.

Should ICANN be allowed to replace ICANN?

Related link: http://www.internetnews.com/isp-news/article/0,,8_984931,00.html

Boingo, a wireless startup brought to you by Earthlink founder Sky Dayton, seeks to serve as a commercial aggregator of hotspot bandwidth, but clearly they have missed the point of community networking:

[Boingo] has declined to offer node operators free access (limited or unlimited) to the Boingo service. In exchange, Boingo is
only offering promotion of the group’s public network.

“There’s no real incentive for me to do it in the first place,” said Dustin Goodwin, a member of NYCWireless.net and an operator of a node on
Cornelia Street in Manhattan. As for the publicity value of being part of Boingo, “I don’t think we need Boingo for that. I prefer the distribution method that exists. It seems to be working okay. I just feel
Boingo is getting more out of it.”

If that wasn’t bad enough, perhaps even more dubious is the quote from Oren Michels, CEO of Wi-Finder, who reportedly says:

“It all boils down to: ‘you get what you pay for.’ A strong community
network gets people to try the technology. But once you try it, it gets
addictive. At a certain point, the community people will get tired of
giving it away or the quality of service will degrade to the point where
people are more than willing to pay.”

Now, I think Mr. Michaels is wrong on both counts. The community people will never get tired of promoting freedom
(you know, freedom?), and the quality of service will more likely degrade to the point where no sane person will pay for it. Selling services on an unlicensed band is begging for trouble — you can’t provide quality-of-service
guarantees. That’s *why* the FCC makes a mint selling public spectrum to private interests. Where do they come up with these ideas? (Speaking of which, when will the press catch on that the really interesting thing about 802.11b isn’t hotspots, it’s paranets?)

How do you feel about Boingo refusing hotspot operators free access to other affiliated hotspots?

Related link: http://www.javascript-games.org/

Yes, it’s truly an arcade of games written in JavaScript, playable in DHTML-capable browsers (your mileage may vary). They’ve even got a really good version of Donkey Kong that also serves as an example for Gamelib, a JavaScript API for writing your own in-browser games.

Now go play^H^H^H^H research some games before the boss comes back!

Related link: http://3dhtml.netzministerium.de/

Here’s a project I’d love to see develop farther - 3dHTML. No Java, no Flash, just JavaScript, CSS, and HTML is what it took to create beating hearts, rotating molecules, and other strangely interesting 3d baubles. And all around 5Kb or less! What a bandwidth bargain …