New computers – Windows 7 – compatibility (2) XP Mode

In researching the purchase of the new desktop, I found/was told/noted that you needed Windows 7 Pro version for “XP compatibility.”  Naturally, I assumed that this would be built into the product that I bought.  (Actually, I was a bit worried by that statement, since one would assume that a new version of an operating system would still run stuff that the old one did.  I still use programs that I first ran on MS-DOS 2, and they were still working fine on XP.)

Not so.

Well, I’m sure that Microsoft would take issue with that statement.  After all, when you try to use the “recommended settings” when troubleshooting compatibility, it tells you that it is running “Windows XP (Service Pack 2)” compatibility mode.  (Pretty much regardless of what the program or utility is.)  And if, trying the more manual troubleshooting, you tell the troubleshooting program that it did run under previous versions of Windows, there are XP SP2 and XP SP3 options (among nine others) to choose from.

It doesn’t matter which you choose.  I haven’t found any of them to work with any program to date.

However, the advice to buy Win7 Pro is sound, if you want to have much of a chance of running anything (interesting) that you have been using up until now.  You absolutely must have XP Mode.  It solves all your problems.  (Well, it solves a bunch of problems, and you can probably fix the rest with some scripting, which is annoying, but better than nothing.)  You have XP Mode if you buy Win7 Pro.

Well, no you don’t.

XP Mode turns out to be part of Windows Virtual PC.  You don’t have it with the base install.  You have the right to have it, but you don’t have it, and you have to download it and install it.  In trying to find out why I couldn’t run stuff that had run perfectly well under XP, I found a mention in the Help system, which made me realize this was a possiblity.  Sure enough, chasing this mention down through a few related help articles, I found a link to go and get it.  So I did.

Well, I tried.  In order to install Windows Virtual PC, Microsoft wants to run MGA.  MGA stands for Microsoft’s Grasping Authenticator.  Microsoft disputes this, and refers to it as Microsoft Genuine Advantage, but there is absolutely no advantage to you, the user, in MGA.  There definitely is an advantage to Microsoft, because, if you need MGA to run or install something, and anything at all goes wrong, you have to pay Microsoft to get it fixed.  Even if you’ve paid already.  I had no fear of MGA, because a) I knew that it was a genuine product, and b) I’d already had to run MGA to get the updates to work, and it hadn’t blinked.  This time, however, it would not believe that my Win7 Pro was Win7 Pro, and would I please cough up an extra $200.

(I took it back to the store I bought it from.  They got it fixed, for no money, but it did take them two days to do it.  And all my passwords were gone.  Oh, you thought passwords were there to keep people out of your computer?  Silly you.)

So now I have Windows Virtual PC, and XP Mode with it.  And, absent the fact that it creates a virtual disk for itself, and that, if you want to work on anything on your real disk you probably have to copy it on to this virtual disk, and mess around with settings, it runs everything just fine.  Per my previous posting on compatibility, Netscape/Communicator 4.8 works.  Eudora 1.5.2 works.  My beloved WordPerfect 4.2 (yes, that old) works.  So does WordPerfect 5.1, which is what Gloria prefers.  (I’m not sure I’m going to go to all the trouble of setting up the system that allows us to print from WordPerfect to a winprinter: we really only need to get at the files for reference purposes.)  Good stuff.

I did have to do a whole bunch of Windows Updates on XP Mode itself, which seems very strange to me.  Seeing as how I was downloading it from Microsoft, couldn’t they keep it patched and up to date?  Three or four sessions with Windows Update, and something close to a hundred updates by the time it seemed to settle down.

Ceterum censeo Microsoft esse delendam.


New computers – Windows 7 – general observations

It took me about a month or so to create my first hard, no-you-can’t-recover-with-Ctrl-Alt-Del, pull-the-plug-and-hope-the-filesystem-isn’t-trashed crash on Win NT.  It took longer than that for XP.

Three days after installing, taking a break and watching an amusing little video, Win7 crashed.  Black screen.  Well, it does a black screen rather a lot, really, and it’s getting a bit nerve wracking, but usually it starts showing stuff within a few seconds.  Not this time.  This time I got a full, right back to the boot sequence event, with some very worrying questions along the way.  Although it did seem to recover OK.
Since I’m going to be complaining about Win7 rather a lot (going on my initial experiences) I suppose I should note some things that I do like.

The main reason that Gloria has her own account and “Desktop,” rather than both of us just using the same one, is that I’m right handed, and she’s left handed.  So her account has the mouse buttons switched.  (And I always buy symmetric mice.)  An ongoing annoyance on XP is that, once it’s been on Gloria’s account, the mouse is left-handed until signed on to a right-handed account.  And vice-versa.  So it’s nice to know that, in Win7, someone at Microsoft has finally realized that, when you are switching users, there is need for context menus, and therefore both buttons can be active.  (It is annoying that they’ve added an extra screen you have to click through when switching …)

Also, it’s very cute that when a program is doing something that requires a progress bar, the toolbar button matches the “progress” with a green shading of its own.


New computers – Windows 7 – compatibility (1)

Windows 7 is not compatible with anything before Vista.  (I refused to have Vista in the house, so I have no idea about whether Win7 and Vista are compatible.)  If your artsy friends are bugging you to get a Mac, or your geek friends are bugging you to get Linux, and you have been limping along with Windows XP, and are now desperately in need of a new computer (all of which applied to me), then go along with whichever set of friends will give you the most help, and switch.  It’ll be easier than trying to figure out how to make Windows 7 work the way you’ve been used to.

That’s an overstatement, of course, but not much of a one.

First off, you’ll have to throw out all your previous software.  I tend to stick with computers for too long, and with software for too long.  At least, that would be the position of software vendors.  I figure a) if it ain’t broke don’t fix it, and b) why should I have to spend a lot of time learning the mixed up new interface that some idiot down in marketing thought would be kewl, and try to find the functions that I need down where they have buried them.  (Often I find that the stuff I really need is completely gone.)

Think I’m kidding?

I use Firefox.  No particular problem there.  Except that Mozilla wanted me to install 5.0.1, after I’ve been used to 3.6.18 for a while.  And I only then realized that I had no idea how to move the bookmarks over to my new system.  I have no idea where Firefox puts them.  Now, under the previous versions of Firefox, it was pretty good about using any sets of settings you might have lying around, including old bookmarks files.  Now it’s gotten fussy.  Of course, now Firefox has a new Sync feature.  That’ll probably help in future, but it’s not much use right now. (Yes, I’m reading up on how to use it in the old version, and, yes, I’ll probably be able to get everything across.  Eventually.)  (And, besides, all of this is Mozilla’s fault, and I know you are eager for me to get on with the Microsoft bashing.)

So, Firefox works (wonder of wonders).  I use a mail program called Pegasus, which, with a little care and attention on installation, also works.

I also use Netscape 4.8.  (Actually Communicator 4.8, but …)  Yes, I know, old tech.  But, it is a very safe browser, especially with JavaScript turned off, and, as a malware researcher, I have occasion to look at some pretty dangerous places.  Also, it uses the old bookmark.htm file, which is really handy for managing and transfering my collection of bookmarks.  The installer will not run in Win7.

(Yes, I researched the problem, and, yes, somebody mentioned SeaMonkey.  Interface is very similar, I grant you, but I can’t find out where they keep the bookmarks.)

(Also, Windows 7 initially choked big time trying to run the installation.)

My wife likes the simplicity (and I like the safety) of Eudora.  Version 1.5.2.  Doesn’t run.

For both programs I have tried the “Troubleshoot compatibility” option.  I bought, and paid extra for, Windows 7 Pro specifically because it was “compatible” with WinXP.  I tried the “recommended” settings, which supposedly ran in-or-as WinXPSP2.  I tried the manual troubleshooting, telling it that the programs ran just fine under Win95/98/NT/2K/XP and/or 2003.  They didn’t run under any compatibility mode.

And, of course, don’t even bother to try and run any DOS or other command-line utilities.  (Even using “Run as administrator.”)

(Using utilities that mess with internals is one area where you don’t expect compatibility.  So I was surprised, and very pleased, to note that the Frhed hex editor works just fine under Win7, particularly after all the other problems I had.)

Some of these problems can be overcome, or worked around, using Windows Virtual PC XP Mode.  More on the trials of that, later

Ceterum censeo Microsoft esse delendam.


New computers – Windows 7

OK, I’ve thumped on Macs for a while now, so I guess it’s time to give Microsoft some bad words.

(I said a lot of bad words during this process …)

I bought the new computers back before Christmas, and it’s only now (well, last week, about seven months after I bought them) that I’m getting the new desktop set up.  Partly it’s been one darn thing after another, but partly it’s been a bit of anxiety.  And the anxiety was justified.

This will take a couple of postings to get through …


Fake Online Reviews

We’ve had means of expressing our opinions on various things for a long time.  Amazon has had reviews of the books pretty much since the beginning.  But how do we know that the reviews are real?  Virus writers took the opportunity presented by Amazon to trash my books when they were published.  (Even though they used different names, it only took a very simple form of forensic linguistics to figure out the identities.)

More recently, review spam has become more important, since many people are relying on the online reviews when buying items or booking services.  A number of “companies” have determined that it is more cost effective to have bots or other entities flood the review systems with fake positive reviews than it is to make quality products or services.  So, some nice people from Cornell university produced and tested some software to determine the fakes.

Note that, from these slides, there is not a lot of detail about exactly how they determine the fakes.  However, there is enough to indicate that sophisticated algorithms are less accurate than some fairly simple metrics.  When I teach about software forensics (aspects of which are similar to forensic lingusitics, or stylistic forensics), this seems counterintuitive and surprises a lot of students.  Generally they object that, if you know about the metircs, you should be able to avoid them.  In practice, this doesn’t seem to be the case.  Simple metrics do seem to be very effective in both forensic linguistics, and in software forensics.


Aurasma: Graffiti meets YouTube

A company called Autonomy, which has been selling image search technology, has launched an apparently freely available (open?) project called Aurasma.  At the moment only available on iPhone 4, this allows you to “augment” the reality (that the mobile device sees) by adding video to overlay it.

In this article, a BBC reporter/commentator opines that this is a cute trick, but only that.  I’m going to go out on a limb and predict that this assessment is short-sighted (albeit only if the technology expands to other platforms).  Given that YouTube users are uploading 48 hours of video to the site every minute of the day, I suspect that the ability to create video graffiti, and “tag” it to any vista, location, or object, will be irresistable.

Apparently the company thinks this will be a platform that companies will use to create ads, to promote their products or shops at related locations.  They probably will.  However, myriad users will be creating other content, for the same images, and we will have SEO (Search Engine Optimization) battles that will make the malware and phishing sites we see now pale in comparison.  The Tokyo Chamber of Commerce or tourism board may wish to overlay video over certain landscapes or landmarks, but how will they stand up against thousands of geeks who’ve all seen Godzilla?


A recent flight …

Security wanted to open up my suitcase and look at the bag of chargers, USB sticks, etc, and was concerned about the laser pointers.  He decided they were pens, and I didn’t disabuse him of the notion.  Why disturb the tranquility of his ignorance?


New computers – Mac (Flash)

First off, I probably have to modify the perception that I may have left, in this series of postings, that I hate the Mac and everything it stands for.  Not true.  While I find the “Apple knows best” attitude frustrating at times (all right, many times), the MacBook Pro that I purchased is a nice machine in many ways.  For one thing, it’s the most powerful machine I’ve got at the moment.  (Until I get the time to install the new desktop, anyway.)  For another, it hibernates (or suspends, or sleeps, or whatever you want to call it) really well.  I appreciate that ability to simply close the lid, and open it up, and all my stuff is still ready to go, within seconds.  (This has been a particular frustration with the Asus netbook, which sometimes hibernates, and sometimes decides to think about it.  Forever.  Or, until I take the battery out, whichever comes first.)  I like the ongoing and very accurate battery indicator (although I’ll have more to say about that in another post).

It was the battery indicator that first alerted me to the issues with Flash.  As one of my Mac resource helpers noted when I found this out, Flash may, single-handedly, be responsible for global warming.  It is rather odd to pull up a YouTube video, or any other page with a high Flash content (news sites are particularly vile in this regard) and watch the battery life almost instantly cut in half (or drop even further).  To get your battery life (well, most of it, anyway) back again, all you have to do is drop the offending Flash page.

The thing is, I’ve never noticed this before on my other laptops.  Certainly Flash, on Windows, doesn’t have anything like that same effect on the battery life.  Yes, it’s more of a drain, and, yes, you’ll probably have to keep an eye on heating issues.  But the battery life isn’t half of what it was simply because of viewing videos.

Apple doesn’t like Flash.  The converse may also be true.  Because, despite the Mac’s much-vaunted prowess in multimedia areas, online video definitely seems to be a problem for it.

At home, we’ve recently been watching some TV programs via the Internet.  (We’ve done this because, at home, I get Internet service from Shaw, which provides our cable TV, as well.  And, they seem to be just as unreliable at providing the uninterrupted TV feed as they do at providing Internet service or help.  So we’ve had to fall back on the Internet to catch up on shows we’ve missed while the cable was out.)  Because of this, I’ve had a chance to do some comparison between a seven-year old Windows (XP) desktop machine, and a brand new MacBook Pro.  The old Windows machine wins, hands down.  We’ve watched streaming feeds of shows from the company Websites of CBC, GlobalTV, and Bravo, all at the standard presented resolution, and in the full-screen display.  All of these sites use Flash.  And the old (seven years old, remember) Windows machine, using Firefox, has won every round against the Mac, using Safari.  The streaming is just as good (which is odd, considering the sheer age of the Windows box), but the Mac tends to lock up (or go random places) any time we use the controls to rewind, or pick up a missed segment.

To repeat what I started out with, the Mac is great in many areas.  Viewing Twitter, even with the new (and heavily script-laden) interface, the Mac is very much faster, and Safari opens new windows and loads them quickly.  Which I why I found the online video weakness to be so odd …


Great new security tech, or fraud?

While at CanSecWest, I was noting a news story about how somebody had, yet again, defrauded the US government and military by selling them a terribly sophisticated computer algorithm that promised to find secret information about enemies and/or terrorists, but actually didn’t work.  I suspect that this will be a complex case, since the vendor will undoubtedly claim that his work is so sophisticated and complicated that it does work, it’s just that the users didn’t understand it.

In view of this, I found it really interesting to note a very similar case, just a few days later.  Computerized Voice Stress Analyzers (CVSAs) have been promoted and sold for a least 25 years now.  This despite the fact that, four years ago, the U.S. Department of Justice did a study and concluded that “VSA programs show poor validity -neither program efficiently determined who was being deceptive about recent drug use. The programs were not able to detect deception at a rate any better than chance … The data also suggest poor reliability for both VSA products when we compared expert and novice interpretations of the output.”

In a sense the CVSA case is much worse, because, since it is a private company selling to private companies, there is nobody to say that these people are a) wasting money, and b) making poor hiring decisions based on what is essentially a coin flip.


New computers – Mac (learning curve)

I’m working through a book to learn about my new Mac.  (You’ll see the review eventually, and probably recongize some of this text when you do.)  It provides the information necessary to begin to operate the computer, but it also gives the lie to the statement that the Mac is easy to use.  There are a huge number of options for different functions, so many that it is impossible to remember them all.  The material is generally organized by topic, but there are notes, tips, and mentions buried in the text, and it is almost impossible to find these again, when you go back to look for them.  (The “delete” key definitely needs to be listed in either the index or the key shortcuts appendix.)

One of the appendices is a Windows-to-Mac dictionary, which can be quite handy for those who are used to Microsoft systems.  It could use work in many areas: the entry for “Copy, Cut, Paste” says they work “exactly” as they do in Windows, but does not give the key equivalent of “Command” (the “clover” symbol) -C rather than Ctrl-C.  (It was also only in working through some practice that I discovered that what the book describes as the “option” key is portrayed, in Mac menus, with a kind of bashed “T.”  Yes, I suppose that, once you know this, it does look kind of like a railroad switchpoint, but it’s hardly intuitively obvious.)

There is a style issue in the written material of the book: the constant assertions that the Mac is better than everything, for anything.  The first sentence of chapter one says “When you first turn on a Mac running OS X 10.6, an Apple logo greets you, soon followed by an animated, rotating `Please wait’ gear cursor–and then you’re in.  No progress bar, no red tape.”  Well, if the gear cursor isn’t an analogue of a progress bar, I don’t know what it’s supposed to be.  Also, this statement is false: when you first turn on a Snow Leopard Mac, you have to go through some red tape and questions.  This is only one example of many.  This style may have some validity.  After all, anyone who does not use a Mac comes across the same attitude in any Mac fanatic, and, even without the system chauvinism, a positive approach to teaching about the computer system is likely helpful to the novice user.  However, the style should not get in the way of factual information.

I’m used to UNIX, and I’m already into Terminal, but it’s annoying to have that be the only way to access some of the material, given the repeated assertion that the Mac is so easy to use.  Another little quirk today: yes, you can access Windows servers, but you can’t save anything to them.  (I did find a way around that: create the file in Windows, open it on the Mac, copy information into it, and then save.  Easy, right?)


HDCP Master Key Leaked

High-bandwidth Digital Content Protection (HDCP) is a form of copyright protection developed by Intel. It is designed to prevent the copying of digital audio and video as it travels accross media interfaces such as HDMI, DisplayPort or Unified Display Interface (UDI).

The system is meant to stop HDCP-encrypted content from being played on devices that do not support HDCP or which have been modified to copy HDCP content. Before sending data, a transmitting device checks that the receiver is authorized to receive it. If so, the transmitter encrypts the data to prevent eavesdropping as it flows to the receiver.

Manufacturers who want to make a device that supports HDCP must obtain a license from Intel subsidiary Digital Content Protection, pay an annual fee, and submit to various conditions.

On 14th September 2010 the HDCP Master Key was somehow leaked, and published online in various sources. At present it is unknown how this Master Key was obtained, or whether Intel is doing any investigations as to how this happened. Intel has however threatened to sue anyone.

The leaked master key is used to create all the lower level keys that are stored within devices, so you can see what a nightmare this must be for Intel.

Intel have threatened to sue anyone that makes use of this key under intellectual property laws. However it will now only be a matter of time before we start seeing black market devices appearing.

If anyone’s at all interested though, you can find the key here.


Reflections on Trusting Trust goes hardware

A recent Scientific American article does point out that is is getting increasingly difficult to keep our Trusted Computing Base sufficiently small.

For further information on this scenario, see:  [1]

We actually discussed this in the early days of virus research, and sporadically since.  The random aspect (see Dell problems with bad chips) (the stories about malware on the boards is overblown, since the malware was simply stored in unused memory, rather than being in the BIOS or other boot ROM) is definitely a problem, but a deliberate attack is problematic.  The issue lies with hundreds of thousands of hobbyists (as well as some of the hackers) who poke and prod at everything.  True, the chance of discovering the attack is random, but so is the chance of keeping the attack undetected.  It isn’t something that an attacker could rely upon.

Yes, these days there are thousands of components, being manufactured by hundreds of vendors.  However, note various factors that need to be considered.

First of all, somebody has to make it.  Most major chips, like CPUs, are a combined effort.  Nobody would be able to make and manufacture a major chip all by themselves.  And, in these days of tight margins and using every available scrap of chip “real estate,” someone would be bound to notice a section of the chip labeled “this space intentionally left blank.”  The more people who are involved, the more likely someone is going to spill the beans, at the very least about an anomaly on the chip, whether or not they knew what it did.  (Once the word is out that there is an anomaly, the lifespan of that secret is probably about three weeks.)

Secondly, there is the issue of the payload.  What can you make it do?  Remember, we are talking components, here.  This means that, in order to make it do anything, you are generally going to have to rely on whatever else is in the device or system in which your chip has been embedded.  You cannot assume that you will have access to communications, memory, disk space, or pretty much anything else, unless you are on the CPU.  Even if you are on the CPU, you are going to be limited.  Do you know what you are?  Are you a computer? Smartphone?  iPod?  (If the last, you are out of luck, unless you want to try and drive the user slowly insane by refusing to play anything except Barry Manilow.)  If you are a computer, do you know what operating system you are running?  Do you know the format of any disk connected to you?  The more you have to know how to deal with, the more programming has to be built into you, and remember that real estate limitation.  Even if all you are going to do is shut down, you have to have access to communications, and you have to a) be able to watch all the traffic, and b) watch all the traffic, without degrading performance while doing so.  (OK, true, it could just be a timer.  That doesn’t allow the attacker a lot of control.)

Next, you have to get people to use your chips.  That means that your chips have to be as cheap as, or cheaper than, the competition.  And remember, you have to use up chip real estate in order to have your payload on the chip.  That means that, for every 1% of chip space you use up for your programming, you lose 1% of manufacturing capacity.  So you have to have deep pockets to fund this.  Your chip also has to be at least as capable as the competition.  It also has to be as reliable as the competition.  You have to test that the payload you’ve put in place does not adversely affect performance, until you tell it to.  And you have to test it in a variety of situations and applications.  All the while making sure nobody finds out your little secret.

Next, you have to trigger your attack.  The trigger can’t be something that could just happen randomly.  And remember, traffic on the Internet, particularly with people streaming videos out there, can be pretty random.  Also remember that there are hundreds of thousands of kids out there with nothing better to do than try to use their computers, smartphones, music players, radio controlled cars, and blenders in exactly the way they aren’t supposed to.  And several thousand who, as soon as something odd happens, start trying to figure out why.

Bad hardware definitely is a threat.  But the largest part of that threat is simply the fact that cheap manufacturers are taking shortcuts and building unreliable components.  If I was an attacker, I would definitely be able to find easier ways to mess up the infrastructure than by trying to create attack chips.

[1] Get it some night when you can borrow it, for free, from your local library DVD collection.  On an evening when you don’t want to think too much.  Or at all.  WARNING: contains jokes that six year olds, and most guys, find funny.


Caller-ID spoof and voicemail

It’s easy to spoof caller-ID with some VoIP systems.  There are a few Websites that specifically allow it.  It’s a little harder, but geekier, to spoof or overflow caller-ID with a simple Bell 212A modem: it’s transmitted with that tech between the first and second rings of the phone.  (Since most people have caller-ID these days, many telcos don’t play you the first ring.  Since we don’t have caller-ID, we often get accused of answering the phone before it rings.)  (Of course, the rings you hear on the calling side aren’t necessarily the rings heard on the other end, but …)

Apparently AT&T allows immediate access to voicemail on the basis of caller-ID.

Apparently, with Android phones, it’s also gotten even easier to spoof caller-ID.



Like freedom of the press, ultimately, net neutrality is going to be reserved for those who own one.

Well, we’re getting closer.

Consider the case of cell/mobile phones.  The device is basically useless for communications, unless you have service through a provider.  They have the cell towers, and link through to the public telephone network.  You have to pay them, and they get to manage how calls are made.

(Just as a side issue, the more people who are subscribers in a given location, the worse chance you have of getting to make a call.  You get to be a victim of their [the telco's] success.)

Now, consider.  Cell phones are getting smarter all the time.  Already they can connect with (and via) wifi.  And we can build applications for them.  Recently I didn’t have Internet access for my laptop, and someone with an Android phone was able to set up a wireless access point for me, through his phone, and give me that connection.

OK, lets extend the routing a bit.  We’ve developed a lot of good routing protocols from building the Internet.  Let’s extend those to handle hops from phone to phone.  And, using voice over IP, and a few other technologies, pretty soon we can make calls without hitting a cell tower.

(And, bearing in mind technologies such as CDMA2000, note that, in opposition to the cell tower contention model, the *more* cell phones we put into an area under this model, the *better* our coverage and bandwidth is going to be.  The closer the devices are to each other, the faster [more bandwidth] they can talk to each other.)

Latency may be a problem.  Security (in terms of confidentiality) will definitely need to be addressed.  Long distance transmission will be a concern (although it’s rather amazing how many ideas start popping up as soon as those issues are raised).

Basically, any form of communication will follow from the same model.  With a bunch of cell phones where your only cost is the initial cost of the phone itself (no subscription, no usage cost, no long distance charges) it won’t take long for landline phones to be phased out.  Data communications, for any “store and forward” model (basically, anything other than streaming) will be even more efficient.  Maybe there will still be a place for the telcos: if you want faster service for real time streaming of content.  Of course, they’d have to be willing to set the price point for unlimited data low enough to be attractive …

However, we would now seem to be nearer the end than the beginning.  It’s mostly a matter of which platform to start with.  Google has demonstrated that it *can* term off applications, but, in this case, why should it?  Apple might want to jump in on the ground floor, but they turn off a lot more apps, and, in any case, it probably isn’t best to start with a phone where you have to hold your tongue (or your hand) just right to get it to work.


National Strategy for Trusted Identities in Cyberspace

There is no possible way this could potentially go wrong, right?

Doesn’t the phrase “Identity Ecosystem” make you feel all warm and “green”?

It’s a public/private partnership, right?  So there is no possibility of some large corporation taking over the process and imposing *their* management ideas on it?  Like, say, trying to re-introduce the TCPI?

And there couldn’t possibly be any problem that an identity management system is being run out of the US, which has no privacy legislation?

The fact that any PKI has to be complete, and locked down, couldn’t affect the outcome, could it?

There isn’t any possible need for anyone (who wasn’t a vile criminal) to be anonymous, is there?


Sound good?

By the way, in non-Sonne-erous G8/20 news, our government(s) have spent a billions dollars on security for a couple of days of meetings.  Even given the degraded value of the American billion, that’s a lot of money.

Part of it was used to buy sound cannons.  (The police don’t like you saying that: they prefer the term “long range sonic control devices.”)  These sound cannons generate noise at 130 decibels, which the civil liberties folks are concerned will damage human hearing.

That’s the same level of noise a vuvuzela makes.

So, look, why didn’t we save the billion dollars, go down to Canadian Tire, and, for a hundred bucks (possibly in Canadian Tire money) equip the entire riot squad with vuvuzelas?