Related link: http://news.oreillynet.com/pub/n/eBay_Personal_Private_Info_Giveaway

“Haaretz has obtained a recording of the lecture, in which Sullivan (eBay’s director of the “law enforcement and compliance”) tells the audience that eBay is willing to hand over everything it knows about visitors to its Web site that might be of interest to an investigator. All they have to do is ask.”

And these guys own PayPal!

Related link: http://rss.com.com/2008-1014_3-5076942.html?part=rss&tag=feed&subj=news

I have a soft spot in my heart for folks who publicize internet weaknesses that people are often too lazy or greedy to bother fixing. The whitehat cracker. A lot of folks cross the line, but this is just a personal musing so let’s not get too caught up in the details, ok?

Adrian Lamo, aka the Homeless Hacker, has been in the news a lot lately, and I recall him striking a pose for Wired a while back. After reading this interview this morning I have some serious issues cross my mind about his motives. Is this guy for real? He’s half the Dali Lama: ” It (’Faith manages’) means that nothing we do is wasted and that in the universe that we inhabit, it’s a closed system under the laws of physics in which energy is never destroyed and everything that we do is redistributed and recycled to the place it should be. “ and part completely oblivious to the reality of the world: “Q: You’ve told reporters many times in the past that you’ve entered corporate networks without permission. Did you? A: Certainly not. (laughs) Yes, yes, I have.”

I have my suspicion that Lamo is looking for a Free Lamo fanclub not trying to uncover questionable internet practices.

Is Lamo a media whore or the real deal?

Related link: http://istrip.sourceforge.net/

Hey, it’s friday. After a long week of foolishness with SCO, the RIAA, and with more worms on the way you need a break and some fun.

Let technology take you away to a magical place of fantasy, humor, entertainment and distraction…. to comics! iStrip is a php application to help you get your web comics published with minimal hassle and the management thereof.

If you lack artistic talent you can always just visit WebComics.com and have some good laughs. You’ll need it.

Related link: http://www.macwrite.com/criticalmass/gpgmail-on-mac-os-x.php

So, I’m feeling a bit down on the world today. Everywhere I turn it looks like we netizens are under constant attack. If it’s not net worms, or spam, it’s creeps like the RIAA (who are very worm-like these days) snooping on us.

I took care of having to worry about worms, on my own systems anyway, a long time ago switching to Linux and Mac OS X for various machines. Over the last two weeks I set up my own mail server in my basement so I could let SpamAssassin go Medieval on spam’s buttocks.

Which bring me to the next scourge in my list: Privacy. While the RIAA is snooping on P2P networks, which I could care less about… I’m considering changing all my shared song’s file names to something like “Menudo.mp3″… something that has always been on my todo list has been setting up encrypted mail.

I use OS X’s Mail application so I went a googling and found a great howto on setting up gnupg with Mail with a plugin for Mail named GPGMail.

Do yourself a favor and start playing with these today. The howto is incredibly easy. At the very least, a good start with these tools is to begin signing your email with GnuPG all made easy with GPGMail’s integration with Mail.

You can also find these tools, added today, on MacDevCenter’s Open Source software directory. If you use anything else drop a line.

Paranoid, or are they really after me?

Related link: http://silicon.com/news/500022-500001/1/5942.html

“Barely 24 hours after suing alleged file swappers around the United States, the recording industry has settled its first, agreeing to drop its case against a 12-year-old New York girl in exchange for $2,000.”

My Declaration of Independence from the RIAA

Dear RIAA,

I wouldn’t buy another CD from you if you had the last CD on earth.

I hereby swear, on any and everything holy, that I will never, ever buy another CD, not one mp3, not a attend a concert, not buy one piece of merchandise that might ever put a lousy penny, not one red cent in your grubby, dirty, foul smelling hands.

I also swear that I will, by all means within my power, go out of my way to make sure that no one I ever encounter gives you any opportunity to make money from them. I will patiently explain at every opportunity to anyone who will listen what pathetic dinosaurs you are, how you threaten children downloading If You’re Happy and You Know it, and how willing you are stoop so low for money, not principle.

You couldn’t make a product that I would ever consider buying again, or allow people I know to buy. I will go out of my way to support any band, no matter how awful they might be or out of a genre of music I don’t care for, that won’t have anything to do with you.

I hope your legally-perverted, falsely propped-up business model dies like so many dinosaurs before you.

Steve Mallett

P.S. Emmett Plant is taking up a collection to pick up the two grand settlement Brianna and her Mom are stuck with after settling with the RIAA. That’s the last $20 the RIAA will get outta me.

Care to sign your name?

Mr. McBride, in your “Open Letter to the Open Source Community” your
offer to negotiate with us comes at the end of a farrago of
falsehoods, half-truths, evasions, slanders, and misrepresentations.
You must do better than this. We will not attempt to erect a
compromise with you on a foundation of dishonesty.

Your statement that Eric Raymond was “contacted by the perpetrator” of the DDoS attack on SCO begins the falsehoods. Mr. Raymond made very clear when volunteering his information and calling for the attack to cease that he was contacted by a third-party associate of the perpetrator and does not have the perpetrator’s identity to reveal.
The DDoS attack ceased, and has not resumed. Mr. Raymond subsequently received emailed thanks for his action from Blake Stowell of SCO.

Your implication that the attacks are a continuing threat, and that
the President of the Open Source Initiative is continuing to shield
their perpetrator, is therefore not merely both false and slanderous,
but contradictory with SCO’s own previous behavior. In all three
respects it is what we in the open-source community have come to
expect from SCO. If you are serious about negotiating with anyone,
rather than simply posturing for the media, such behavior must cease.

In fact, leaders of the open-source community have acted responsibly and swiftly to end the DDoS attacks — just as we continue to act swiftly to address IP-contamination issues when they are aired in a clear and responsible manner. This history is open to public
inspection in the linux-kernel archives and elsewhere, with numerous
instances on record of Linus Torvalds and others refusing code in
circumstances where there is reason to believe it might be compromised by third-party IP claims.

As software developers, intellectual property is our stock in trade.
Whether we elect to trade our effort for money or rewards of a subtler
and more enduring nature, we are instinctively respectful of concerns
about IP, credit, and provenance. Our licenses (the GPL and others)
work with copyright law, not against it. We reject your attempt to
portray our community as a howling wilderness of IP thieves as a
baseless and destructive smear.

We in the open-source community are accountable. Our source code is public, exposed to scrutiny by anyone who wishes to contest its
ownership. Can SCO or any other closed-source vendor say the same? Who knows what IP violations, what stripped copyrights, what stolen
techniques lurk in the depths of closed-source code? Indeed, not only
SCO’s past representations that it was merging GPLed Linux technology
into SCO Unix but Judge Debevoise’s rulings in the last big lawsuit on
Unix IP rights suggest strongly that SCO should clean up its own act
before daring to accuse others of theft.

SCO taxes IBM and others with failing to provide warranties or
indemnify users against third-party IP claims, conveniently neglecting
to mention that the warranties and indemnities offered by SCO and
others such as Microsoft are carefully worded so that the vendor’s
liability is limited to the software purchase price, They thus offer
no actual shield against liability claims or damages. They are, in a
word, shams designed to lull users into a false sense of security — a
form of sham which we believe you press on us solely as posturing,
rather than out of any genuine concern for users. We in the
open-source community, and our corporate allies, refuse to play that
dishonest game.

You invite us to negotiate, but you have persistently refused to state
a negotiable claim. You have made allegations of a million lines of
copied code which are mathematically impossible given the known,
publicly accessible history of Linux development. You have uttered
vast conspiracy theories which fail to be vague only where they are
slanderous and insulting. You have already been compelled to abandon
major claims — such as the ownership of SMP technology alleged in
your original complaint against IBM — on showings that they were
false, and that you knew or should have known them to be false,

Accordingly, we of the open-source community do not concede that there is anything to negotiate. Linux is our work and our lawful property,
the distillation of twelve years of hard work, idealism, creativity,
tears, joy, and sweat by hundreds of thousands of cooperating hackers
all over the world. It is not yours, has never been yours, and will
never be yours.

If you wish to make a respectable case for contamination, show us the code. Disclose the overlaps. Specify file by file and line by line
which code you believe to be infringing, and on what grounds. We will
swiftly meet our responsibilities under law, either removing the
allegedly infringing code or establishing that it entered Linux by
routes which foreclose proprietary claims.

Yours truly,

Eric Raymond

Bruce Perens