Networking

REVIEW: “Consent of the Networked”, Rebecca MacKinnon

BKCNSNTW.RVW   20121205

“Consent of the Networked”, Rebecca MacKinnon, 2012, 978-0-465-02442-1, U$26.99/C$30.00
%A   Rebecca MacKinnon
%C   387 Park Ave. South, New York, NY   10016-8810
%D   2012
%G   978-0-465-02442-1 0-465-02442-1
%I   Basic Books
%O   U$26.99/C$30.00 special.markets@perseusbooks.com
%O  http://www.amazon.com/exec/obidos/ASIN/0465024421/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/0465024421/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0465024421/robsladesin03-20
%O   Audience n Tech 1 Writing 1 (see revfaq.htm for explanation)
%P   294 p.
%T   “Consent of the Networked: The Worldwide Struggle for Internet Freedom”

In neither the preface nor the introduction is there a clear statement of the intent of this work.  The closest comes buried towards the end of the introduction, in a sentence which states “This book is about the new realities of power, freedom, and control in the Internet Age.”  Alongside other assertions in the opening segments, one can surmise that MacKinnon is trying to point out the complexities of the use, by countries or corporations, of technologies which enhance either democracy or control, and the desirability of a vague concept which she refers to as “Internet Freedom.”

Readers may think I am opposed to the author’s ideas.  That is not the case.  However, it is very difficult to critique a text, and suggest whether it is good or bad, when there is no clear statement of intent, thesis, or terminology.

Part one is entitled “Disruptions.”  Chapter one outlines a number of stories dealing with nations or companies promising freedom, but actually censoring or taking data without informing citizens or users.  The “digital commons,” conceptually akin to open source but somewhat more nebulous (the author does, in fact, confuse open source and open systems), is promoted in chapter two.

Part two turns more directly to issues of control.  Chapter three concentrates on factors the Republic of China uses to strengthen state censorship.  Variations on this theme are mentioned in chapter four.

Part three examines challenges to democracy.  Chapter five lists recent US laws and decisions related to surveillance and repression of speech.  The tricky issue of making a distinction between repression of offensive speech on the one hand, and censorship on the other, is discussed in chapter six.  The argument made about strengthening censorship by taking actions against intellectual property infringement, in chapter seven, is weak, and particularly in light of more recent events.

Part four emphasizes the role that corporations play in aiding national censorship and surveillance activities.  Chapter eight starts with some instances of corporations aiding censorship, but devolves into a review of companies opposed to “network neutrality.”  Similarly, chapter nine notes corporations aiding surveillance.  Facebook and Google are big, states chapter ten, but the evil done in stories given does not inherently relate to size.

Part five asks what is to be done.  Trust but verify, says (ironically) chapter eleven: hold companies accountable.  MacKinnon mentions that this may be difficult.   Chapter twelve asks for an Internet Freedom Policy, but, since the author admits the term can have multiple meanings, the discussion is fuzzy.  Global Information Governance is a topic that makes chapter thirteen apposite in terms of the current ITU (International Telecommunications Union) summit, but the focus in the book is on the ICANN (Internet Committee on Assigned Names and Numbers) top level domain sale scandals.  The concluding chapter fourteen, on building a netizen-centric Internet is not just fuzzy, but full of warm fuzzies.

There are a great many interesting news reports, stories, and anecdotes in the book.  There is a great deal of passion, but not much structure.  This can make it difficult to follow topical threads.  This book really adds very little to the debates on these topics.

copyright, Robert M. Slade   2013   BKCNSNTW.RVW   20121205

The death of AV. Yet again.

And in other news, Gunter Ollman joins in the debate as to whether Imperva’s quasi-testing is worth citing (just about) and, with more enthusiasm, whether AV is worth paying for or even still breathing. If you haven’t come across Ollman’s writings on the topic before, it won’t surprise you that the answer is no. If you haven’t, he’s thoughtfully included several other links to articles where he’s given us the benefit of his opinions.

If it’s free, never ever bothers me with popups, and I never need to know it’s there, then it’s not worth the effort uninstalling it and I guess it can stay…

Ollman notes:

In particular there was great annoyance that a security vendor (representing an alternative technology) used VirusTotal coverage as their basis for whether or not new malware could be detected – claiming that initial detection was only 5%.

However, he doesn’t trouble himself to explain why the anti-malware industry (and VirusTotal itself) are so annoyed, or to comment on Imperva’s squirming following those criticisms. Nor does he risk exposing any methodology of his own to similar criticism, when he claims that:

desktop antivirus detection typically hovers at 1-2% … For newly minted malware that is designed to target corporate victims, the rate is pretty much 0% and can remain that way for hundreds of days after the malware has been released in to the wild.

Apparently he knows this from his own experience, so there’s no need to justify the percentages. And by way of distraction from this sleight of hand, he introduces ‘a hunchbacked Igor’ whom he visualizes ‘bolting on an iron plate for reinforcement to the Frankenstein corpse of each antivirus product as he tries to keep it alive for just a little bit longer…’ Amusing enough, I suppose, at any rate if you don’t know how hard those non-stereotypes in real anti-malware labs work at generating proactive detections for malware we haven’t seen yet and multi-layered protection. But this is about cheap laughs at the expense of an entire industry sector that Ollman regards as reaping profits that should be going to IOActive. Consider this little exchange on Twitter.

@virusbtn
Imperva’s research on desktop anti-virus has stirred a fierce debate. @gollmann: bit.ly/XE76eS @dharleyatESET: bit.ly/13e1TJW

@gollmann
@virusbtn @dharleyatESET I don’t know about “fierce”. It’s like prodding roadkill with a stick.

What are we, 12 years old? Fortunately, other tweeters seem to be seeing through this juvenilia.

@jarnomn
@gollmann @virusbtn @dharleyatESET Again just methaphors and no data. This conversation is like trainwreck in slow motion :)

The comments to the blog are also notable for taking a more balanced view: Jarno succinctly points to VirusTotal’s own view on whether its service is a realistic guide to detection performance, Kurt Wismer puts his finger unerringly on the likely bias of Ollman”s nebulous methodology, and Jay suggests that Ollman lives in a slightly different (ideal) world (though he puts a little more politely than that). But no doubt the usual crop of AV haters, Microsoft haters, Mac and Linux advocates, scammers, spammers and downright barmpots will turn up sooner or later.

There is, in fact, a rational debate to be held on whether AV – certainly raw AV with no multi-layering bells and whistles – should be on the point of extinction. The rate of detection for specialized, targeted malware like Stuxnet is indeed very low, with all-too-well-known instances of low-distribution but high-profile malware lying around undetected for years. (It helps if such malware is aimed at parts of the world where most commercial AV cannot legally reach.) And Gunter Ollman is quite capable of contributing a great deal of expertise and experience to it. But right now, it seems to me that he and Imperva’s Tal Be’ery are, for all their glee at the presumed death of anti-virus, a pair of petulantly twittering budgies trying to pass themselves off as vultures.

David Harley
AVIEN/Small Blue-Green World/Mac Virus/Anti-Malware Testing
ESET Senior Research Fellow

Why can’t my laptop figure out what time zone I’m in, like my cell phone does?

We got new cell phones (mobiles, for you non-North Americans) recently.  In the time since we last bought phones they have added lots of new features, like texting, cameras, email and Google Maps.

This, plus the fact that I am away on a trip right now, and Gloria has to calculate what time it is for me when we communicate (exacerbated by the fact that I never change the time zone on the laptops to local time), prompted her to ask the question above.  (She knows that I have an NTP client that updates the time on a regular basis.  She’s even got the associated clocks, on her desktop, in pink.)

Cell phones, of course, have to know where they are (or, at least, the cellular system has to know where they are) very precisely, so they can be told, by the nearest cell tower, what time it is (or, at least, what time it is for that tower).

Computers, however, have no way of knowing where they are, I explained.  And then realized that I had made an untrue statement.

Computers can find out (or somebody can find out) where a specific computer is when they are on the net.  (And you have to be on the net to get time updates.)  Some Websites use this (sometimes startlingly accurate) information in a variety of amusing (and sometimes annoying or frightening) ways.  So it is quite possible for a laptop to find out what time zone it is in, when it updates the time.

Well, if it is possible, then, in these days of open source, surely someone has done it.  Except that a quick couple of checks (with AltaVista and Google) didn’t find anything like that.  There does seem to be some interest:

http://stackoverflow.com/questions/8049912/how-can-i-get-the-network-time-from-the-automatic-setting-called-use-netw

and there seems to be an app for an Android phone:

https://play.google.com/store/apps/details?id=ru.org.amip.ClockSync&hl=en

(which seems silly since you can already get that from the phone side), but I couldn’t find an actual client or system for a computer or laptop.

So, any suggestions?

Or, anybody interested in a project?

Canada’s Fastest Network! (Yeah, right.)

I’ve mentioned before that I use Shaw as my ISP at home.  Right at the moment, they have an advertising campaign that claims they are, or have, Canada’s fastest network.

Now, I’m willing to believe that Shaw is not being deliberately mendacious or misleading.  There is probably someplace, or some part of Shaw’s network, that transfers data faster than other vendors in that area or for that component.

And, I have to admit that, since I am not, generally, a high volume user, even the basic service I have for them is usually sufficient.  In the afternoon and most evenings.

But, right where I am, Shaw can’t seem to get any data moving in the morning.

I first noticed this a few months ago, and spent quite a bit of time contacting Shaw’s generally unhelpful help staff.  This involved them asking me to try a different network cable to the router, or a different computer, or bypassing the router, and checking their speedtest.  (None of which made any difference.)  They finally sent someone around.  The next day.  Of course, by that time the problem had resolved.  But by that time I’d noticed that traffic was only slow in the morning.

So, over the past few months there have been numerous mornings when it has been slow.  I don’t mean just “they promised me speeds up to 5 Mbps and I’m only getting 1.39″ slow, I mean “they promise a minimum of 1 Mbps and their own speedtest is showing 0.02 Mbps and that’s only when it actually completes” slow.  It doesn’t happen every morning, but often enough to see that the pattern is extremely regular, starting about 8:30 am, and trailing off (as in, network speeds start working again) around 11:30 am.

I’ve reported this to Shaw’s technical support, mostly through Twitter, since it takes less time than fighting your way through their phone voice menu tree and it doesn’t matter what reporting method you use, they never do anything anyway.  (Along the way I have learned that the ShawHelp Twitter people have a “Hello $username. If you follow and DM your account info and phone number we can look into it for you” macro, and that, if you submit details about the speeds and the fact that you have tried various configurations, you will receive a “No issues in your area, modem signal is good. Is computer direct to modem or are you using router?” message about 3 or 4 hours later.

It’s been annoying, but I’ve lived with it for a while.  Except that, for the past week and a half, this has now happened every single day.  It is pretty much impossible to do anything in the morning.  This morning was particularly bad: I couldn’t even get the speedtest to run, for the most part.

So, if I suddenly stop posting, you’ll kn()^(*%(&*(&*(&^ NO CARRIER