Tuesday, February 28, 2006

Doug's Anti-Keylogger Software Requirements

I've had this idea for a while of an anti-keylogging technology. Keyloggers are malicious software packages that burrow into your machine, monitor your keystrokes, and can even perform screen-captures while you type. They are installed any number of ways -- usually through nefarious means like browser exploits -- and are used mostly by cyber-thieves to capture users' banking credentials.

They're so prevalent that even the New York Times devoted a major article to the topic yesterday.

I did some due diligence and have found a number of anti-keylogging software packages out there. Sure enough, every one I looked at tried to detect the presence of keylogger and then counteract it. For instance:

...[Product] doesn't depend on signature bases - just because it doesn't use them. The newly developed solutions and algorithms allow it to spot behavior of a spy program - and disable it instantly...

In other words, the majority of packages out there attempt to detect and then disable keyloggers. Given the onslaught of new keylogging technologies -- a recent article mentioned that there are over seventy different "species" of keylogger -- I contend that's difficult to do. And new keyloggers emerge all the time.

I have a different idea. Let the keyloggers go ahead and log. In fact, if you're on another party's machine (say, at a friend's house and need to logon to your bank's website), you may not want to risk doing surgery on their computer by running an intrusive anti-keylogger.

Instead, my hypothetical product says, "go ahead and log away... fat lot of good that'll do yaz!" (with a Boston accent). The idea being that you can't assume detection of every keylogging package in the world... there are way too many. Instead, defeat the very concept of keylogging.

So -- without giving away too much of the design that exists only in my head -- here are my basic requirements for an anti-keylogging software package:

[ ] Preferrably browser-based
[ ] If not browser-based, should allow execution without installation
[ ] Does not require any keystrokes or mouse-clicks to perform data-entry
[ ] Not susceptible to screen-captures, no matter how frequently they occur

Are there requirements that are definitely out of scope for this go-round? Yes. This type of anti-keylogger is not intended to defend "cheating spouses." That is, it's not designed to suppress logging of instant messaging, email, and other conventional programs. Put simply, it's designed to protect your passwords - specifically those used for online financial transactions.

More later.

Sunday, February 26, 2006

Visual Passwords

From the Digg front-page: Passclicks is a new way to logon to websites without users having to remember a password or passphrase. You can set (or reset) your password by clicking on five distinct areas of the image. Then logon by clicking those same five points with a 7-pixel margin of error.

It is quite clever - but I don't see it replacing the password anytime soon. I'd forgotten one of my locations immediately after setting my passclick... and thereby failed the test.

My quick take: user retraining and the passclick reset process will be daunting issues that will hamper adoption...

read more 

New Linux Professional Institute (LPI) exam prep

From Digg: a series of well-written Linux tutorials -- from IBM, no less -- to help you learn OS fundamentals and prepare for system administrator certification. The LPI prep tutorials help you prepare for the topics in LPI exam 201 and the topics in LPI exam 202...

read more 

Franks on the UAE and the Taliban

Tim Graham at NewsBusters noted an interesting snippet of an interview with General Tommy Franks. Franks argued that permitting UAE management of the ports is no security risk:

I personally believe that we have had no greater ally in seeking a resolution of problems in the Middle East, the Palestinian issue, the Israeli issue, than we have found in the United Arab Emirates.

With regard to maintaining contact with the Taliban, even before Sept. 11 — and I'll exercise caution how I say this — but I'll say that I believe we had every reason to be thankful for the relationship and the dialogue that existed between the United Arab Emirates and the Taliban, as it assisted us in our efforts to understand what was going on in Afghanistan.


Captured Al Qaeda Documents: The Oil Spot Strategy

Austin Bay is analyzing captured and declassified Al Qaeda communications. One interesting conclusion: the Jihadists wish to assassinate Saudi Arabia's leadership in order to destabilize the country and set the stage for a truly hardline government:

An oil spot strategy must be pursued against Saudi Arabia, with the goal of expanding the circle of jihad... Expanding the circle of jihad horizontally and vertically via assassinating some of the leaders of disbelief in the system; this is called (the oil spot).

Other tidbits relate to waging information warfare:

...Al-Qa’ida should emulate Hamas and have the statements of “martyrs” videotaped prior to their operations. If the efforts of martyrs from the Peninsula were publicized, this would have a tremendous impact on recruitment in Saudi Arabia...

...If we go back a little (to the events in Somalia) and carefully think of this situation, we will recognize the extent at which we fell short in the informational and political efforts. We did not invest these events politically to serve the jihad program. Most of the people inside [the country] are unaware of the great effort the mujahidin made against the American forces...

Somalia. How many terrorists were inspired by the egregious example of Clintonian statesmanship in Mogadishu? The answer: way too many. Read it all.

Austin Bay: The Al Qaeda Documents - The Oil Spot Strategy

The Personal Goals of Benjamin Franklin

Franklin -- certainly one of the primary instigators for American independence from the British Crown -- was also a legendary inventor, entrepreneur, writer, and publisher. In order to structure his behavior, he kept a daily chart of goals and placed a dot next to each one he achieved. He did so for nearly his entire life...

read more

Saturday, February 25, 2006

Another Network Neutrality Battle: Email

The latest scheme to violate Internet neutrality came in the form of an AOL and Yahoo announcement last month. The two content providers announced a service that would give bulk emailers the option to pay for guaranteed delivery of their messages. This approach -- called "certified delivery" -- is as much a violation of net neutrality as the carriers' bizarre schemes.

My contention is that any strategy that partitions the Internet on a "pay-to-play" basis is destined for ignominious failure.

Legitimate businesses that simply wish to use email to communicate with clients will find it difficult to cost-justify. Consider American Express, which may want to notify customers that annual account summaries are available. Will Amex really be capable of generating a business case -- with a per-email expenditure -- for this type of notification? I doubt it.

How about a newsletter company that depends heavily on email like IMN? This type of company drives sophisticated email marketing programs for large organizations that need to stay in close contact with their customers. With margins already thin, IMN would probably be forced to lift prices or create service tiers for their clients, giving them the option of the added expense.

Which businesses would be certain to pay for email? Probably only those that truly qualify as spammers, the returns for which could probably cost-justify the mailing expense. This will be the case for the same reason that telemarketing firms still do outbound cold calls: it pays, despite the do-not-call list and caller-ID.

Haven't we been through all of this before? NewsFactor mentions the ill-fated SenderID initiative:

Meng Weng Wong, CTO of the Karmasphere.com start-up, also is attacking the problem but believes the answer is an open reputation exchange... Wong previously [helped create] SenderID, a system designed to verify the domain of e-mail senders. SenderID has been invaded by spammers... "I am working on building an open reputation network that makes it very easy for people in the reputation and accreditation industry to share or sell their data... We need to get back to a world where I can e-mail a stranger and they can e-mail me and the mail gets through, and where I don't have to pay for that..."

The bottom line: I think it likely that the pay-to-play email model will result in more spam in user in-boxes, not less. And it's yet another reason that firms like AOL and Yahoo need to do much better scenario modeling. Unless, of course, they figure they can make plenty of cash charging for spam. In which case, they're destined to lose their customers anyhow.

NewsFactor: Certified Email draws Mixed Reactions

SCO battles IBM and Novell

Thomas Carey -- a partner at the law firm of Bromberg & Sunstein -- weighs in with some truly choice quotes regarding the merits of SCO's Linux lawsuits. His basic message: IT leaders shouldn't worry a bit about SCO Group's latest skirmishes against IBM and Novell.

In the interview, he explains why SCO's case is akin to going into a gun battle with a clip full of blanks:

Q: What are the implications of SCO's suit against Novell for Novell/SuSE customers?

Carey: ...SCO's lawsuit is a lost cause. The implications for Linux users are rather like the implications for passengers on an ocean liner of a seagull diving into the water nearby. A physicist might be able to measure the perturbation, but the passenger feels nothing.

Q: SCO went after, with lawsuits, Linux customers before. Do you foresee this happening again?

Carey: This might happen again. Hitler fought World War II until the Allies had nearly overrun his bunker. As long as investors are willing to provide the cash, SCO will sue because that is their business model.

You gotta love that.

Friday, February 24, 2006

Google Pages - Review

The super-techies at Google have introduced their online page creation service and HTML editor. It's called "Pages" and I managed to get in before registrations were closed. I think it's outstanding -- certainly not a full-fledged editor along the lines of Dreamweaver or Frontpage -- but more than enough for typical newbie content creators. My current page created using the technology is located here.

read more 

Yahoo's PHP Resources

Yahoo has a page specifically dedicated to implementing Yahoo services via PHP. An example: the geocoding service lets you find the specific latitude and longitude for an address. This would be useful in, say, a web app that displays points on a mapping image or for computing distances... way cool.

read more 

Top 7 PHP Security Blunders

Lots of PHP's features make it easy (too easy?) to use. New programmers -- especially to the web world -- can create insidious security holes in their web applications. Popular security mailing lists teem with notes of flaws identified in PHP applications, but PHP can be as secure as any other language once you understand the basic types of flaws PHP applications tend to exhibit.

read more 

Thursday, February 23, 2006

New GMail Feature: Smart Reply

It appears Google is getting ever closer to supporting outsourced email services for companies. A few weeks ago, of course, we heard about GMail for Domains -- a possible service that would be offered to small- and medium-sized enterprise -- in an ASP model.

Now the GMail engineers have added a "smart reply" feature. When you reply to a message that was sent to an email address other than gmail.com, it is now smart enough to use that address as the from-address when replying...

read more

Wednesday, February 22, 2006

Network Neutrality: So Simple Even the Times Gets It

It's so simple -- the world's need for Internet neutrality, that is -- even the New York Times gets it:

In its current form, Internet service operates in the same nondiscriminatory way as phone service. When someone calls your home, the telephone company puts through the call without regard to who is calling. In the same way, Internet service providers let Web sites operated by eBay, CNN or any other company send information to you on an equal footing. But perhaps not for long. It has occurred to the service providers that the Web sites their users visit could be a rich new revenue source. Why not charge eBay a fee for using the Internet connection to conduct its commerce, or ask Google to pay when customers download a video?

...If access tiering takes hold, the Internet providers, rather than consumers, could become the driving force in how the Internet evolves. Those corporations' profit-driven choices, rather than users' choices, would determine which sites and methodologies succeed and fail. They also might be able to stifle promising innovations, like Internet telephony, that compete with their own business interests.

Let me repeat my opening statement: even the New York Times gets it. And they haven't even arrived at the truly malevolent, worst-case scenarios.

BellWest Network Neutrality
Another fantastic "deal" from BellWest

Imagine that our favorite RBOC -- BellWest -- wants to get into the search-engine business. Nothing like capturing market share from Google to pump up the stock price, right? In a world without network neutrality, nothing prevents BellWest from intentionally slowing search results from Google and Yahoo while delivering their own search results at blazing speeds.

Sound far-fetched? Unfortunately, it's not. The diabolical new hardware that Cisco and other vendors are hawking to the carriers appears expressly designed for this purpose.

The carriers will tell you that they're just interested in prioritizing content from content providers who've ponied up additional fees: say, video feeds from Netflix. But what they really may be after is utter control of the content flowing through their pipes. After all, if Netflix is successful in renting out videos over the net, why wouldn't BellWest eventually create their own video service and cut out third-party video providers altogether?

This same model could extend to any online business. The carriers could conceivably enter any proven online venue by blocking or delaying content from competitors and assuring only their home-grown packets got through with acceptable performance.

And if you don't think this is what the carriers are truly after, I'd ask you to do two bits of research. First, read the synopsis of the marketing literature for Cisco's Service Exchange Framework (SEF). Then, get an answer from the carriers on these three simple questions related to their use of this hardware. What you find won't be comforting, I can assure you.

The carriers will also tell you that prioritization (QoS - or quality-of-service) is needed to deliver high-quality streaming content to the residential "last mile." But that argument, too, appears to be bunkum. Recent experiences with the new, new high-speed backbone called Internet2 provdes that a multitrack network is unnecessary to assure quality of service. In other words, "best effort" packet delivery -- the way the Internet works today -- is quite good enough, thank you.

PBS' Robert X. Cringely talked to one of the best sources of networking wisdom regarding this very topic. He came away with a memorable sound bite:

I asked Bob Kahn, the father of TCP/IP, and he made the point that the Internet is a Best Effort network and if you change that, well, you no longer have the Internet.


The funny thing is that the carriers -- the big-wig SBC/AT&T execs, for instance -- can't keep from blabbing about what they're really up to. They could have made innocuous statements about prioritization and remained circumspect about their true intentions. Instead, top execs like SBC's CEO Ed Whitacre had their moments in the sun, declaring war on content providers: "...for a Google or Yahoo! or Vonage or anybody to expect to use these pipes [for] free is nuts!"

Ahem. Let's ignore the fact that all of those providers ante up plenty each month to pay for their various giant Internet pipes. What Whitacre is talking about seems to me nothing less than "a packet protection racket". One can imagine him sitting like Don Corleone, advising his Consigliere: "Google don't wanna pay us? Thas' okay. Their packets could run into a little... trouble... along the way."

Even the highly compensated telco lobbying groups haven't shied away from glimpses into their desired end-state. NCTA President Kyle McSlarrow blurted out this gem recently:

Let me be clear: NCTA's members have not, and will not, block the ability of their high-speed Internet service customers to access any lawful content, application, or services available over the public Internet... This commitment should be consistent with tiers and terms of a customer's service plan.

Translation: you want VoIP or peer-to-peer, better pay the tax for the extra tiers of IP capability. Never mind that all of this would work fine in the current democratized Internet... our current state of network neutrality. No, the carriers want to exact new taxes for certain kinds of IP traffic, that much is clear. So much for innovations like Skype and Gnutella.

Yes, I know, it's a brain-damaged strategy -- based on a business case that has no chance of success in the real world. But it's precisely what you'd expect from unreformed monopolists who fear competing where the real action is: in the application space, at layers 4-7. Think Google, Digg, Vonage, and countless other application providers who have created real value using the commoditized world of IP plumbing.

Somehow I don't see much value being created by allowing carriers to erect tollbooths all over the Internet. I see a lot of value destruction -- and a dearth of innovation -- instead. And I'm not the only one. Stanford Law School's Barbara Van Schewick issued an amazingly detailed analysis of network neutrality regulation. Her conclusion?

The analysis shows that calls for network neutrality regulation are justified: In the absence of network neutrality regulation, there is a real threat that network providers will discriminate against independent producers of applications, content or portals or exclude them from their network. This threat reduces the amount of innovation in the markets for applications, content and portals at significant costs to society... increasing the amount of application-level innovation through network neutrality regulation is more important than the costs associated with it.

Ready to get involved? Click here to send a message to the carriers and Congress. Network neutrality is a fundamental principle of a successful, Democratic Internet. And there's no arguing that.

Tuesday, February 21, 2006

Rewriting the Telecommunications Act of 1996

Mobile phoneTwo Congressional committees are currently working on draft legislation that would revamp the Telecommunications Act of 1996. The current posture of the FCC is to ensure network neutrality: that is, to guarantee that telecommunications providers will not filter, block, delay, or impede certain types of packets over other types.

That, however, could change with the rewritten version of the Act.

Less than two years ago, FCC Commissioner Michael Copps pointed out the dangers related to killing off network neutrality:

[The current] internet may not be the one that we know in the future... Entrenched interests are already jockeying to constrain the openness that has been the internet's defining hallmark. They are lobbying the FCC to aide and abet them. They claim all they are advocating is a deregulated environment, where the market can reign supreme. But, in reality, they are seeking government help to allow a few companies to turn the internet from a place of competition and innovation, into an oligopoly.

Power over the internet would reside with the network owners, with a huge choke point, constrain consumer choices, limit sources of news and information and entertainment, undermine competitors, and quash disruptive new technologies... They can talk competition all they want, but the race to combine distribution and content spell economic constraint here, just as clearly as they did when John D. Rockefeller married distribution to his product... We cannot afford to buy into this vision. If we do, we will wind up one day, looking back, shaking our heads, and wondering whatever happened to that open, dynamic, liberating, and promising internet that once we knew...

Unfortunately, FCC Chairman Kevin Martin hasn't been quite as visionary. He's expressed an unwillingness to adopt rules to limit anti-competitive behavior, ostensibly because there's been no evidence of a problem thus far.

Martin obviously hasn't reviewed the insidious new hardware that Cisco and other vendors are hawking to the carriers. This new infrastructure is designed with one thing in mind: to monitor, filter, cap, and limit what consumers can do.

Using this new hardware, our favorite RBOC -- BellWest -- could easily prevent consumers from trying Vonage's Voice-over-IP (VoIP) offering.

Think that couldn't happen? It's already starting. Vonage head Jeffrey Citron indicates that his company's service has already been targeted by carriers on several occasions. And his conversations with telco execs aren't exactly promising: "Major phone company executives seem to suggest that our service isn't going to work as well if we don't pay them additional fees."

And if we examine new broadband service contracts, it gets even more obvious. Verizon Wireless' Broadband Access contract reportedly stipulates some rather onerous terms:

Unlimited NationalAccess/BroadbandAccess cannot be used (1) for uploading, downloading or streaming of movies, music or games, (2) with server devices or with host computer applications, including, without limitation, Web camera posts or broadcasts, automatic data feeds, telemetry applications, automated functions or any other machine-to-machine applications [Ed: peer-to-peer (P2P) file sharing likely falls into this category], (3) as a substitute or backup for private lines [Ed: Voice-over-IP (VoIP)] or dedicated data connection...

Walter McCormick, the head of telco lobbying group USTA, says all of the right things:

...We will not block, impair, or degrade content, applications or services... That is the plainest and most direct way I know to address concerns.

However, as Ronald Reagan used to say: Trust... but verify.

When even the FCC Commissioners are paranoid about the power the carriers could hold over the Internet, it's certainly time for us to be equally paranoid. Get involved by signing a petition that business and Congressional leaders will see. And help get the message out: we need network neutrality written into law to ensure the carriers keep the Internet open and Democratic.

Monday, February 20, 2006

The Iraqi Survey Group: Connecting Saddam to Al-Qaeda

The American Thinker's Ray Robison has been doing yeoman's work tracking Iraqi Government documents captured by the Iraqi Survey Group (ISG). How will the mediacrats spin this news? That is, if they bother to report it at all, the odds of which are slightly less than Michael Moore winning a gold in Olympic ice-dancing. Oh, and Robison was actually in Iraq serving as a contractor for the DIA, working with the ISG. So he knows whereof he speaks.

...On February 26th, 1993 the... World Trade Center was attacked by al-Qaeda and [Egyptian Islamic Jihad] EIJ (really two organizations that cooperated in 1993 and eventually merged).

A month later an official from EIJ was meeting with Saddam in Baghdad.

We have a document showing Saddam authorizing the IIS to “provide technical support” to the EIJ, and by extension, al-Qaeda.

And then al-Qaeda and the EIJ attacked the U.S. on September 11th, 2001 led by an Egyptian Jihadist, Mohammed Atta.

Now you have proof Saddam provided support to the EIJ and by extension al-Qaeda, both of which attacked us on 9/11...

Meet your new Palestinian Government!

The New York Post's Uri Dan introduces us to the new Palestinian bureaucracy. Not exactly Adams, Franklin, and Jefferson, to be sure:

Meet the newest members of the Palestinian government: a terrorist who tried to poison Jerusalem's water supply, a murderer serving life in prison and the war-mongering mother of three suicide killers.

Palestine's new Hamas-led rulers — who include a dozen parliamentarians currently jailed for violence against Israel — reject peaceful negotiation as a way to achieve a Palestinian state.

"Jihad comes ahead of everything, including my feelings as a mother," said Mariam Farhat, 56, a new member of parliament from Gaza — and the mother of three sons who died on suicide missions against Israel...

Bonfire of the Inanities

I smell burning. It must be the fuming of the mediacrats -- because the public just doesn't seem to care a whit about Cheney-Shotgun-Halliburton-Gate (sorry... had to throw in Halliburton for old time's sake). CFP's John Burtis performs the coup de grace  on the story:

...When Harry Whittington strode out of the Christus Spohn Memorial Hospital in Corpus Christi, Texas, wearing a blazer, a crisp white shirt and a smile, as well as a bruise and a few small scabs, to face the media last Thursday, the whole artful and painfully constructed edifice of the liberal communications industry and their Democratic hand maidens came crashing down around them.

With Harry walking into the daylight under his own power, alone, sans wheelchair, without an iron lung, without a company of white suited orderlies and paramedics to brace him, with nary an IV bottle and hose in view, without sunglasses, without constant medical attention, without a single tremor or palsied movement, without a give-away halt to his gait, with not a single visible bandage in sight, with his hair combed perfectly, the jig was up on all of the liberal media’s monkey business and clowning around.

It also became painfully obvious, even for the most backward and ill educated red state rube, that the daily death watch was over, that the high stakes mortality pool had come to an end, that the heart attack which was expected to claim the life of Mr. Whittington was firmly relegated to the past and that the high-temperature media frenzy was instantly put on ice. And, further, that this particular instrument of destruction - this latest and greatest, almost nuclear, weapon, which had fallen into the hands of the Democrats and their media tools courtesy of the Vice President, who appears to be so heedless of their power and influence that he tended to his friend before he deigned to inform them, the loyal liberal protectors and Myrmidons of progressive thought - was spent...

Have to mention, as well, that The Genius -- Mark Steyn -- weighed in with his take. It truly is the last word on the affair:

Fortunately, the Washington Post had that wise old bird David Ignatius to put it in the proper historical context: "This incident," he mused, "reminds me a bit of Sen. Edward Kennedy's delay in informing Massachusetts authorities about his role in the fatal automobile accident at Chappaquiddick in 1969."

Hmm. Let's see. On the one hand, the guy leaves the gal at the bottom of the river struggling for breath pressed up against the window in some small air pocket while he pulls himself out of the briny, staggers home, sleeps it off and saunters in to inform the cops the following day that, oh yeah, there was some broad down there. And, on the other hand, the guy calls 911, has the other fellow taken to the hospital, lets the sheriff know promptly but neglects to fax David Gregory's make-up girl!

One can only hope others agree with Ignatius' insightful analogy, and that the reprehensible Cheney will be hounded from public life the way Kennedy was all those years ago. One would hate to think folks would just let it slide and three decades from now this Cheney guy will be sitting on some committee picking Supreme Court justices and whatnot...

Art Spiegelman suddenly sounds like a Conservative

Noted liberal Art Spiegelman (author of "Maus") has a surprisingly candid -- and rational -- assessment of the cartoon debacle (hat tip: Nation):

This notion that the images can just be described leaves me firmly on the side of showing images. The banal quality of the cartoons that gave insult is hard to believe until they are seen. We live in a culture where images rule, and it's as big a divide as the secular/religious divide--the picture/word divide.

The public has been infantilized by the press. It's escalated to the point where it's moot whether one should reprint these pictures or not because now to do it puts you firmly on the side of the libeler, the defamer. And yet, it seems to me that to write about this without access to the pictures is an absurdity. The answer to speech, in my religion, is more speech, a lot of yakking--and a lot of drawing. And if a picture is worth a thousand words, very often it requires 2,000 words more to talk about the picture, but you can't replace that thousand words with another thousand words.

If The Nation and the New York Times had simply said, "We're scared s***less," I could take that. I'm not only a cartoonist--I'm a physical coward.

Wi-Fi for Everyone

FON is an interesting new service that creates an ad hoc, global Wi-Fi access network. Not without its challenges (using it could violate your broadband terms of service), FON nonetheless is promising in many respects:

How broadband access providers respond to this challenge – whether they put up roadblocks or join the party – could be the next huge issue in multimedia communication and the net neutrality issue. A group of investors that have injected $21.7 million into the fledgling company includes Google Inc., Index Ventures, Sequoia Capital LLC and Skype Technologies S.A. And the recent additions to the board of directors are a roster of players who have already been pushing the envelope of Internet communication...

Sunday, February 19, 2006

The End of the Internet?

BellWest Network Neutrality
Another fantastic "deal" from BellWest

I've devoted most of the past week's blog posts to cover the battle raging over "network neutrality." Not to put too serious of a face on it, but the future of the Internet is at risk if network neutrality is permitted to die.

The term refers to the concept that telephone companies, cable providers, and other carriers should not inspect, filter, delay or otherwise discriminate against different types of Internet traffic. That's how the Internet works today. But it may not be how the Internet works tomorrow, if the carriers get their way.

The advertisement at right -- a hypothetical telco ad from the future -- implies what might be in the cards for consumers if network neutrality is killed off. In other words, customers might only get to run applications approved by the carriers. Not only would that result in dramatically higher costs for consumers and businesses, but many speculate it would seriously hamper innovation. In my first blog post on the topic, I described what it might mean to consumers. Example: say our friendly RBOC BellWest creates their own search engine. To improve its relative performance, they intentionally delay search results from Google, Yahoo, and MSN. Sound crazy? The network hardware vendors don't seem to think so.

What's the Evidence?

In my second post on the topic, I described the hardware Cisco and other networking vendors are hawking to the carriers. This hardware is designed to analyze, filter, meter, and/or otherwise meddle with Internet traffic to financially benefit the carriers.

In my third post, I took on the argument that the carriers have offered regarding their need to prioritize traffic. They contend that prioritization is required in order to deliver high-quality voice and HDTV streams to consumers. But is that argument valid? Recent experiences with the new network backbone called "Internet2" indicate that, indeed, it is not. In fact, it appears that "best effort" packet delivery over high-speed networks results in more than acceptable performance for HDTV streams and other rich content.

In my fourth post, I addressed what I believe is the carriers' flawed business case. Let's say that the carriers actually pull off a coup and kill network neutrality in order to hatch their new business models. In doing so, they carefully meter and filter customer behavior. My assertion is that -- as the Chinese government has discovered -- customers' Internet usage is difficult, if not impossible, to police. Software platforms like Tor, SSL VPNs, and OpenVPN render packet inspection and filtering well nigh impossible.

Most recently, I asked three simple questions that the carriers should answer before they are permitted to violate network neutrality. Hopefully, someone at the FCC will require the carriers to answer these questions before pulling the plug on network neutrality.

Here's how to help preserve network neutrality

Interested in helping to preserve a free Internet? Get involved by signing a petition that business and Congressional leaders will see. And get the message out.

Saturday, February 18, 2006

Network neutrality: Three Simple Questions...

The term "network neutrality" refers to the concept that telcos, cable providers, and other carriers should not inspect, filter, delay or otherwise discriminate against Internet traffic. That's how the Internet works today. And it may not be how the Internet works tomorrow, if the carriers get their way.

BellSouth, for example, has argued against regulations that would guarantee network neutrality:

"What BellSouth is talking about in the context of net neutrality is bigger, better, faster internet -- the internet of the future," said Bennett Ross, general counsel for BellSouth's Washington office. "We see there are only two really principals and questions that have to be addressed. ... Namely is this an area which the government should regulate? And if the government is going to regulate what are those regulations going to look like?"

Bigger, faster, and better? Wow! Who wouldn't want that?

Well, technology companies and civil libertarians for starters. They contend that the carriers are up to no good and they provide some alarming scenarios. The Nation's Jeff Chester, for instance, wrote:

...[the] largest telephone and cable companies are crafting an alarming set of strategies that would transform the free, open and nondiscriminatory Internet of today to a privately run and branded service that would charge a fee for virtually everything we do online.

So who's right? Are the carriers doing what's best for us? Or for them?

Three Simple Questions

Cisco is pitching new and ominous hardware that can help filter, monitor, and control packet flow for carriers. Because of this, I have crafted three simple questions that the carriers should be required to answer before they are permitted to violate network neutrality. They are as follows:

The number 1Will you use deep packet inspection to analyze and/or meter customer behavior?

The number 2Will you offer tiered (e.g., "gold", "silver", and "bronze") Internet packages to customers otherwise operating at the same bandwidth?

The number 3Will you monitor and/or block voice-over-IP (VoIP), peer-to-peer file transfers, or any other class of communication by customers?

I believe the carriers should be forced to answer these three questions honestly and directly.

If any of these questions are answered affirmatively, the carriers should be regulated accordingly. If the carriers refuse to answer, they should likewise be regulated.

Either way, it's a Losing Strategy

In the unlikely event that the carriers do kill off network neutrality, it's still a profoundly weak strategy for their businesses. As I pointed out a few days ago, a wide range of technological solutions exist to defy packet inspection and filtering. These solutions will continue to evolve; we can expect them to be incorporated into default installations of Internet clients (e.g., the Firefox browser) to make them easier for the general public to use.

The bottom line is that either outcome is bad business for the carriers. The concept that appears to be foreign to the telcos and cable companies is simple: add value, don't subtract it.

Click here to send a message to the carriers and Congress. Network neutrality is a fundamental principle of a successful Internet. And there's no arguing that.

The Algerian Plague

Last month, Thomas Joscelyn, writing in the Weekly Standard, called out out some interesting ties between Saddam's regime and Islamic terrorist groups. One group -- GPSC -- is well-known to counter-terror outfits worldwide. Caution: don't expect to see any of this documented in your local newspaper because it runs counter to the CNN/Charlie Rangel meme that "Bush lied" and "there were no WMDs".

THE REVELATION that Saddam Hussein's Iraq trained thousands of Islamic terrorists has important ramifications for European counterterrorism efforts... last week, Spain arrested 20 suspected terrorists who are alleged to have been recruiting and funding suicide bombers to send to Iraq...

In November 2005, Italian authorities arrested three Algerians affiliated with the group. Authorities had been eavesdropping on the suspects... the intercepts revealed that the Algerians were discussing plans to kill "at least 10,000 people" and the possibility of packing a Titanic-sized ship with explosives...

...[French] authorities rounded up several members of the group who were allegedly planning attacks on the Paris metro, Orly airport, and the French intelligence headquarters. Press reports indicate that they had also considered a chemical weapons attack using ricin, but decided against it because it would be too difficult to carry out...

...Stanley Bedlington, a senior analyst in the CIA's counterterrorism center until he retired in 1994, explained, "We were convinced that money from Iraq was going to bin Laden, who was then sending it to places that Iraq wanted it to go." He added, "There certainly is no doubt that Saddam Hussein had pretty strong ties to bin Laden while he was in Sudan, whether it was directly or through (Sudanese) intermediaries. We traced considerable sums of money going from bin Laden to the GIA in Algeria. We believed some of the money came from Iraq.

Shhhhhh. No one tell the mediacrats.

Friday, February 17, 2006

Hugh Hewitt Blisters the Mediacrats

Hugh Hewitt has been on quite a roll of late, verbally torturing the blowhards who dominate what we once knew as mainstream media. Here's Hewitt blistering Helen Thomas, the longtime, Bush-hating member of the White House Press Corps:

HH: Do you think that what makes you a journalist is the fact that you won't tell people who you voted for?

HT: Did I say that? I told you that I was a straight, factual reporter for more than fifty years.

HH: And now you're an opinion columnist.

HT: That's right.

HH: And so now you can tell us who you voted for.

HT: And I don't think it's your business who I voted for.

HH: All right.

HT: And I don't think you have the right to ask anybody that question.

HH: Why not? It's a free press, isn't it?

HT: Well, it's not a fair question. It's...

HH: You want to censor my questions?

Not to spoil the conclusion, but Thomas ended the interview by hanging up on Hewitt.

And here's Hugh tasering Larry O'Donnell, the twisted partisan hack infamous for his verbal abuse of John O'Neill that resembled nothing less than a full-fledged Tourette's attack. O'Donnell had claimed he had spoken with a "dozen" lawyers, all of whom claimed Cheney was likely drunk when he shot Whittington.

HH: Larry, did you...what lawyers did you talk to that assumed Cheney was drunk?

...LO: Oh, my brothers are all lawyers. I must have talked to a dozen lawyers yesterday, including a former U.S. attorney...

...HH: Lawrence O'Donnell, I don't believe you. I don't believe you talked to lawyers who told you that Cheney was too drunk to talk. I just don't believe you.

LO: All right. Don't. Don't.

HH: Do you have any name you'll give me that we can double check?

...LO: No, it's ridiculous. I talk to lawyers all the time.

HH: Did you talk to them yesterday?

LO: What...tell me what difference that makes? Let's pretend...

HH: Well, you wrote it. I want to know about your...

LO: Let's assume that I talked to no one. Let's say that's a lie.

HH: Okay. So you did lie about this?

LO: Say it's a lie. I'm not saying...no.

...HH: No, no. I'm just trying to get the facts, Lawrence. I would like to know...

LO: Yes, I talked to a bunch of lawyers.

HH: How many?

LO: Five, six.

...HH: ...Would you give me the name of one of them?

LO: No.

HH: Because none of them really said he was too drunk to talk, right?

LO: They all did.

HH: They all said, five lawyers, and you won't let me talk to one of them?


Bryant Gumbel, Mediacratic Boob

HBO's Bryant Gumbel on the Winter Olympics:

...try not to laugh when someone says these are the world’s greatest athletes, despite a paucity of blacks that makes the Winter Games look like a GOP convention...

NB: HBO's Gumbel: Lack of Blacks Makes Olympics 'Look Like a GOP Convention'

Thursday, February 16, 2006

What Cisco and the Telcos haven't accounted for

Another compelling "deal" from BellWest

Last time out, I discussed the kinds of wares hardware vendors like Cisco are hawking to cable companies and telcos. The vendors' new hardware whets the service providers' appetite for more draconian controls over content providers and consumers alike. Certainly, the telcos' top executives have served up inflammatory rhetoric of late, which only serves to confirm their desire to pile-drive the Googles of the world into submission while turning consumers' pockets inside out every time they connect.

Not a business model that makes much sense, but about what you would expect from a bunch of classic, unreformed monopolists.

Cisco's new hardware allows the service providers to limit consumer activities, throttle performance of a rival content provider's service, inspect users' packets, and perform other fairly invasive operations on traffic. Our hypothetical RBOC -- call it BellWest -- could, for instance, slow down search engine performance for Google and Yahoo while letting its own search service perform lickety-split.

That's certainly fair for them to try. Fair, but incredibly short-sighted.

The possibility that the carriers are considering these services implies a business case for implementing them. We won't be seeing that business case anytime soon, but I'll bet you a case of Guinness it's fatally flawed. The recent WSJ article on China's Internet censorship helps point out why:

1) Tor and related anonymous routing software packages prevent deep-packet inspection and disable any determination of the true source and destination IP addresses. Tor can be distributed to an infinite number of machines, making controlling a Tor network next to impossible.

2) SSL VPN technologies allow tunneling of IP traffic through SSL (and, last time I checked, no one was routinely cracking TLS).

3) OpenVPN and related technologies allow tunneling any IP traffic through UDP using strong encryption.

These are what I would consider "first-generation" anonymizing technologies that are quickly becoming mainstream. Any combination and/or improvement of these technologies would make them even more formidable. They fundamentally resist the kinds of controls that the telcos want to slap on consumers and content providers.

What to consider some possibilities? Google distributes a version of Firefox that incorporates automatic use of an SSL VPN through its enormous -- and growing -- server farm. Yahoo distributes a version of Tor integrated with its desktop search offering. And so on.

Any business case that fails to consider the impact of these "carrier avoidance technologies" is rotten to the core.

Here's a novel concept for the carriers: try competing at layers 4 through 7, where there's value to be added. Yes, that's right. I said, "value-added." A foreign concept for the telcos, to be sure, and therefore one certain to be ignored.

Is 'Best Effort' Good Enough?

The term 'best effort' describes how packets are routed through the Internet today. No prioritization of packets occurs so, for example, a packet of audio data for a phone call doesn't get any better treatment than part of a web page you just requested.

In their efforts to wrassle the Internet back into the box it came from (think of Pandora for sheer futility here), the telcos and cable companies have been arguing that 'best effort' won't get it done. The carriers assert that video and audio require special prioritization to ensure there's little or no latency that would affect user experience.

But as fiber optic "last mile" connections get rolled out, is best-effort really good enough? Representative Boucher (D-VA) clarifies the issue:

Internet2, a nonprofit partnership of universities, companies and affiliate organizations, including federal agencies and laboratories, has been studying this matter and has demonstrated that a multitrack Internet model is unnecessary to assure quality of service. Internet2 has for the past seven years deployed an advanced broadband network to more than 5 million users and has learned that in a network with enough bandwidth there is no congestion and no bits need preferential treatment because all of them arrive quickly enough to assure excellent quality, even if intermingled...

In countries such as Japan and Korea, network speeds over the last mile of 100 megabits per second (mbps) are common. In the United States, our typical speed is less than 1 mbps. If broadband providers would increase their network speeds to approximate those in other countries, all content would reach consumers with assured quality. No prioritization of bits would be needed.

Exactly. Let's mark this down as reason #813 that the carriers should not be allowed to violate network neutrality.

Wednesday, February 15, 2006

Network Neutrality: What the Cable Companies and Telcos Want

In the plans the cable companies and telcos are considering, everyone -- from content providers to consumers -- would pay more to connect to the network. The marketing material from the networking vendors (like Cisco) -- who anticipate a windfall from new infrastructure spending -- points to an ominous future for the Internet.

Here's Cisco's brochure hawking its Service Exchange features:

...By tracking all IP traffic flows and performing stateful deep packet inspection, the solution collects statistics on the applications and services used by individual subscribers. Taking the guesswork out of capacity planning and detailing the subscriber demographics helps operators uncover the new revenue potential and hidden operational costs associated with IP service delivery in both broadband and mobile

...Specifying a User’s Bandwidth Based on Access or Type of Application - For example, depending on the way a subscriber logs on to the network, the service provider can determine the services that are available for that session...
...Identifying Subscribers and Associating their use of Specific Applications - This capability is essential to optimize application-level traffic and, furthermore, help ensure operators can accurately meter and charge for individual or bundles of premium services.

Furthermore, Cisco's marketing lit points to a future in which the carrier -- not the merit of the content provider -- determines which services live or die. Though the phrasing is couched in terms of "partnerships" with independent content-providers, the implication is clear and foreboding: the carrier will control whose packets transit the network:

One of the most significant risks that broadband service providers face is the threat from “nonfacility” service offerings. Traditional service provider services often compete with alternative “over-the-top” services such as broadband voice, online DVD streaming and downloads, and centralized multiplayer online gaming. Nonfacility services typically ride on a best-effort network and may not benefit from the same QoS as managed “triple-play” services.

Nevertheless, nonfacility operators can provide an adequate user experience with comparatively lower operational expenses and a larger addressable market, making them formidable competitors.

However, with the Cisco Service Exchange Framework, service providers can treat over-the-top services as partners rather than competition. By creating an open network environment through which nonfacility operators can ensure a more reliable customer experience for their application traffic, broadband service providers can create new revenue-sharing business models. The Cisco SEF allows service providers to efficiently and equitably identify nonfacility service traffic streams for billing, auditing, and guaranteed performance...

Read between the lines. The SEF exists to monitor and control performance of competing services. Say AT&T wants to get into the search-engine business. What better way to get started than to start slowing down the leading search engines?

Tuesday, February 14, 2006

What network neutrality might nean to you

The Center for Digital Democracy has an entire corner of its site dedicated to network neutrality. You may remember the term: it's the concept that telcos, cable providers, and other layer 0-3 providers should not inspect, filter, delay or otherwise discriminate against traffic.

That's way the network operates today. But that may change as the FCC and Congress prepare to write new regulations. The cable companies and telcos, as you might expect, are lobbying for the ability to prioritize traffic in various unspecified ways. Here's my take on what it might mean for our future:

Network Neutrality

More later.

Introducing the disgraced former President, Jimmy Carter

If there's an award for the most egregious behavior by an ex-president, Jimmy Carter's fatuous endorsement of terrorists, unwarranted criticisms of US national policy, and consistent failures of thought and action all combine to earn him the statuette.

This 1985 interview with Carter -- which I've code-named "The Sour Grapes Transcript" -- was featured on (where else?) 60 minutes. And it's simply devastating.

“"What will be the Reagan heritage is too early to say. I cannot think of a single international or diplomatic achievement that’s been realized by Ronald Reagan,'’ Jimmy Carter said...

Under Reagan, the nation has lost its place as the “"foremost proponent or user of negotiations and diplomacy,'’ said Carter, who was interviewed at his Plains, Ga., home. A transcript was released by the network.

“"… Our country’s first reaction to a troubled area … is to try to inject American military forces or threats as our nation’s policy,'’ he said.

On prospects for peace in the Middle East, Carter said substantive progress cannot be made “"without the Palestinians being intimately involved in the process.'’ He also said he believes it would be a “"good move'’ for Secretary of State George Shultz to “"sit down with'’ Yasser Arafat, chairman of the Palestine Liberation Organization...

Nice work, Mr. Peanut. It's just another tape for the Carter Presidential Library of Failures in downtown Jasper, Georgia.

PoliPundit: Introducing the disgraced former President, Jimmy Carter

Monday, February 13, 2006

The Mayor's Letter

The Mudville Gazette posts a letter from the Mayor of Tall 'Afar, Iraq to the men and women of the 3rd Armored Cavalry Regiment.

In the Name of God the Compassionate and Merciful

To the Courageous Men and Women of the 3d Armored Cavalry Regiment, who have changed the city of Tall’ Afar from a ghost town, in which terrorists spread death and destruction, to a secure city flourishing with life.

To the lion-hearts who liberated our city from the grasp of terrorists who were beheading men, women and children in the streets for many months.

To those who spread smiles on the faces of our children, and gave us restored hope, through their personal sacrifice and brave fighting, and gave new life to the city after hopelessness darkened our days, and stole our confidence in our ability to reestablish our city.

Our city was the main base of operations for Abu Mousab Al Zarqawi. The city was completely held hostage in the hands of his henchmen. Our schools, governmental services, businesses and offices were closed. Our streets were silent, and no one dared to walk them. Our people were barricaded in their homes out of fear; death awaited them around every corner. Terrorists occupied and controlled the only hospital in the city. Their savagery reached such a level that they stuffed the corpses of children with explosives and tossed them into the streets in order to kill grieving parents attempting to retrieve the bodies of their young. This was the situation of our city until God prepared and delivered unto them the courageous soldiers of the 3d Armored Cavalry Regiment, who liberated this city...

Read the whole thing. No. Seriously. Do it. You know you want to.

Sunday, February 12, 2006

Book Review: Joseph Finder's Killer Instinct 

It's like reading an action movie

Entronics salesman Jason Steadman is struggling. His career and his marriage are both suffering, the former because of lethargic sales of plasma displays and the latter due to a serious case of envy. His sister-in-law's mega-successful Hollywood lifestyle stands in direct contrast to his low-key livelihood.

All that changes one fateful day when he runs his Acura off the road. Steadman isn't hurt. But -- ever the consummate small-talk artist -- he strikes up a conversation with the tow-truck driver who happens to show up. The driver, Kurt Semko, is an interesting fellow. He made it to the minor leagues as a pitcher and later served in the special forces in Iraq. A dishonorable discharge ended his military career, ostensibly because of a disagreement with superior officers.

Steadman, a baseball junkie, recognizes that Semko might fit the bill as a ringer for the company softball team. In addition, he figures that Semko's background would be a good fit for corporate security. With Steadman's strong recommendation, Semko becomes a fixture at the company, on the softball field, and as a personal friend to the salesman.

Soon, Steadman and Semko are working out together and sharing personal experiences. Steadman voices his concerns about other salesmen, cheating competitors, and incompetent management. And, it turns out, Semko listens. Before long, Steadman's rival for the top sales position botches a major customer opportunity with a faulty plasma display. And a competitor's shipment of displays to another large customer has a rather stunning failure rate: 100%, which results in a major sale for Steadman.

Before long, Steadman is moving up the corporate ladder while gradually realizing that Semko is orchestrating the ascent through nefarious means. Recognizing that Semko's behavior is increasingly psychotic, Steadman decides something's got to be done. And that's when things get truly ugly as Semko lives up to his motto -- "Never a better friend, never a worse enemy."

Finder's work is exceptional; his easygoing writing style is a perfect match for a white-collar thriller. Don't expect to get any sleep after you get started with this one. It really is like reading a movie.

Saturday, February 11, 2006

The most secure operating system on the planet?

The most secure operating system on the planet is arguably SELinux (Security-Enhanced Linux), which is now bundled with RedHat's Enterprise Linux. SELinux began as an NSA research project, which added a mandatory access control architecture into the Linux kernel.

Now Novell has added AppArmor to SUSE Linux through its purchase of Immunix. It, too, provides a mandatory access control architecture.

So what is mandatory access control?

Traditional access control systems are called 'discretionary'. That is, a user can accidentally or intentionally provide access to his or her resources to unauthorized users. An example of this is a corporate user who creates a file on a shared drive and then gives everyone on the network the ability to read the file. This would not be wise if, for instance, the file was a salary spreadsheet or contained other sensitive data.

Another example of a discretionary access control system is more pervasive and potentially dangerous. Consider a web server that is compromised remotely by an attacker using a zero-day exploit. The attacker, running as the web server, has all the access rights the server does. The attacker could potentially wreak havoc by reading sensitive files, installing nefarious software, or vandalizing the machine.

Most operating systems we use today -- including Windows and default installations of Linux -- are discretionary access control systems.

Mandatory access controls (MAC) use a system security policy that completely restricts the access to be granted for its users and processes. Let's say I create a file. In a MAC environment, I no longer control who can access the file. A system security policy, defined by an administrator, determines my access rights. And I can't make the rights less restrictive... only more restrictive.

Take the web server example in a MAC system. The web server should only be able to access files under its direct control (say, a configuration file, logs, the document root, virtual directories, etc.). Any other access (say, of the password file) violates policy and therefore throws an alarm.

Okay, so how does MAC work?

MAC needs to be integrated at the kernel level of an operating system. An application simply can't be trusted. Therefore, the OS kernel must support MAC to ensure adherence to security policy.

In the older versions of the Linux kernel, MAC was implemented directly in the kernel code and "bolted on" with conditional compiles. As you could have expected, this got downright ugly from a maintenance perspective.

The version 2.6 rewrite of the Linux Kernel allowed designers to step back and reevaluate how MAC could be integrated into the OS. What they come up with was -- dare I say it -- downright elegant. They invented a loadable module interface called LSM (Linux Security Module), which provides a kernel API for run-time access control mediation.

The kernel now includes LSM "hooks", which make "up-calls" for each access control decision. If no LSMs are loaded, the up-calls come back with a "thumbs up". If LSMs are loaded, however, they can assess the request and come back with a "yes" or "no" answer to the kernel. The kernel can, in turn, allow the access or return an error the requestor, respectively.

The neat thing about the new LSM approach is that SELinux and AppArmor can perform their mediation work as loadable modules... no more kernel patches or conditional compiles are needed.

So why doesn't everyone use MAC?

The issue with actually implementing SELinux is configuration complexity. Trying to describe policies for processes is painful and difficult; the tools to help are rudimentary and somewhat immature. To get a sense of its complexity, the Gentoo SELinux Overview is the online equivalent of Ambien.

AppArmor, however, provides some unique tools to make administration of MAC easier. It includes "learning mode", which lets an application run unconstrained and monitors its behavior. In this mode, access control rules are ignored, but any violations are logged. In addition, process forking is monitored. Thus, AppArmor can build up a complete description of the application's legitimate activities.

Why is AppArmor easier to use?

From a user interface perspective, AppArmor provides the administrator with a profile-building application. This app reads the log and interviews the administrator. Once the interview is complete, the program profile is created. If a profile has already been started, the app can build upon the existing profile by adding incremental knowledge to it.

Profiling is typically performed for applications that access the network (e.g., a web server that could theoretically be compromised through a zero-day buffer overflow exploit). But there's nothing that prevents other programs from similar analysis.

The AppArmor documentation describes a hypothetical kiosk workstation. Each program running on the kiosk could be attacked by users. Therefore, an administrator could profile each of these apps and any attached devices (say, a bar-code scanner) to secure the system from externally sourced compromise.

Sounds neat, but... what's your point?

As MAC systems become more prevalent, expect financial institutions, communications companies, and other large organizations to run their publicly facing bastion servers on secure operating systems. It won't be acceptable -- from either a security or a liability viewpoint -- to accept the risks associated with discretionary systems.

In other words, at some point in the not-so-distant future, MAC systems will be required. Whether the requirement is explicit (e.g., via regulatory dictate like Sarbanes-Oxley) or implicit (the threat of lawsuit), expect MAC to go mainstream.

Friday, February 10, 2006

Pot, meet Kettle

The rocket scientists at the Associated Press finally discovered the Harry Reid-Jack Abramoff connection, which means someone must have duct-taped notarized evidence around a baseball-sized rock and beaned the AP reporters with it - in full view of their editors.

Senate Democratic Leader Harry Reid wrote at least four letters helpful to Indian tribes represented by Jack Abramoff, and the senator's staff regularly had contact with the disgraced lobbyist's team about legislation affecting other clients. The activities — detailed in billing records and correspondence obtained by The Associated Press — are far more extensive than previously disclosed... Reid collected nearly $68,000 in donations from Abramoff's firm, lobbying partners and clients.

AP: Reid Aided Abramoff Clients, Records Show

EarthView: See the Earth in Real Time

This FermiLab site simulates how the Earth looks from the vantage point of the Sun. It's depicted in "real time" and is easily manipulated. Trés cool.

read more 

The Good, the Bad, and the Asinine

This Henry Hyde statement resonates with the power of undying truth (hat tip: PoliPundit):

Democrats should at least silently confess to themselves that their actions pose real dangers to our country.

Got that, Richard Dowd-Pelosi Heinz?

Just to reinforce the message, here's former Democratic Congressman Robert Livingston. His statement rejects the Donkocratic party's call to criticize President Bush for wielding 'too much power' while waging war against Islamofascists (hat tip: Powerline):

The President of the United States is the Commander in Chief of our Armed Forces. He is Constitutionally obligated to do everything possible in time of war to safeguard the American People. This tempest in a teapot about treatment of cowardly un-uniformed mass murderers and terror mongers, as well as restriction of his ability to monitor conversations of potential terrorists is in my view asinine, and I will have nothing to do with any effort that might be used to undermine his ability to keep us free from terrorism.

Indeed, we are at war with a most formidable and intractable enemy. He is insidious, cowardly, and bent on the destruction of all civilized society. Innocent men, women and children are cannon fodder in his eyes, and efforts such as the one you are sponsoring will be unappreciated by practitioners of his cause. This effort would have looked insane in Lincoln’s day, and he was far more intrusive in his practice than anything that has been envisioned today. Frankly, some Members of Congress and self-appointed leakers in the Executive Branch have put this country in grave danger with this very discussion. I have seen no evidence at all that American citizens have had their Constitutional 4th Amendment rights infringed upon (as they were in the Kennedy, Johnson, and Nixon eras). Until such evidence is shown, I shall do nothing to keep this President from protecting American citizens from harm’s way.

Is that clear, Richard Feinstein Kennedy-Reid?

Thursday, February 09, 2006

Where's Waldo? Where's Mary Jo? And where's the WMD?

The New York Sun reports on a fascinating story... one with the potential to transform the '06 Congressional elections into a Democratic trail of tears.

A former special investigator for the Pentagon during the Iraq war said he found four sealed underground bunkers in southern Iraq that he is sure contain stocks of chemical and biological weapons. But when he asked American weapons inspectors to check out the sites, he was rebuffed...

...[There were] four locations - three in and around Nasiriyah and one near the port of Umm Qasr, where he was shown underground concrete bunkers with the tunnels leading to them deliberately flooded. In each case, he was told the facilities contained stocks of biological and chemical weapons, along with missiles whose range exceeded that mandated under U.N. sanctions. But because the facilities were sealed off with concrete walls, in some cases up to 5 feet thick, he did not get inside. He filed reports with photographs, exact grid coordinates, and testimony from multiple sources. And then he waited for the Iraq Survey Group to come to the sites. But in all but one case, they never arrived...

Hmmm. Care to speculate on the odds that the Democratic leadership will apologize -- en masse -- when these bunkers get opened up? I'm thinking the odds are a tad lower than the chance that Dale Earhhardt and Elvis will collaborate on a surprise duet of Viva Las Vegas  at next year's Grammies. But just a tad lower.

Why do workouts work?

LiveScience features a fascinating article on workouts:

As weightlifters know, the more that people use their muscles, the stronger they become. And unused muscles do not remain preserved; neglect causes them to waste away, or atrophy...

NASA needs to know [why workouts work]. Astronauts in space exercise furiously to keep fit. Even so, their muscles tend to weaken... To find out [which type of space workout is best], Baldwin's group gave laboratory rats a workout by activating the rodents' leg muscles with painless electrical stimulation. They tested three types of exercise: muscle contraction, muscle lengthening, and isometric, where the muscle exerts a force while remaining the same length...

...after 12 sessions, all three types of workout tended to provide about the same amount of muscle growth... In addition to measuring overall muscle mass--how "buff" [lean] were the rats? ...To their surprise, Baldwin's team found that while isometric exercises did prevent leg muscles from withering, they did not stop a decline in the amount of contractile proteins in those muscles. The muscle was actually degrading on the molecular level...

LiveScience: Why do workouts work?

Cartoon Riots

The one-and-only Mark Steyn on the cartoon riots:

Even if you were overcome with a sudden urge to burn the Danish flag, where do you get one in a hurry in Gaza? ...where do you get one in an obscure town on the Punjabi plain on a Thursday afternoon? ...Say what you like about the Islamic world, but they show tremendous initiative and energy and inventiveness, at least when it comes to threatening death to the infidels every 48 hours for one perceived offense or another. If only it could be channeled into, say, a small software company, what an economy they'd have.

And the Globe's Jeff Jacoby nets it out:

While Islamist clerics proclaim an ''international day of anger" or declare that ''the war has begun," leading publications in Norway, France, Italy, Spain, Holland, Germany, Switzerland, Hungary, and the Czech Republic have reprinted the Danish cartoons. But there has been no comparable show of backbone in America, where (as of Friday) only the New York Sun has had the fortitude to the run some of the drawings.

Make no mistake: This story is not going away, and neither is the Islamofascist threat. The freedom of speech we take for granted is under attack, and it will vanish if it is not bravely defended. Today the censors may be coming for some unfunny Mohammed cartoons, but tomorrow it is your words and ideas they will silence. Like it or not, we are all Danes now.

Wednesday, February 08, 2006

The 2006 Democratic Contract with Al Qaeda

Epiphany: after hearing an EIB broadcast regarding terrorists and their perceived "rights", AJ Strata arrived at a stunning idea. Why not officially enunciate the Democratic position on Al Qaeda with the same clarity of vision and purpose that the GOP provided America in '94?

Thus was born the "2006 Democrat Contract With Al Qaeda." And the amazing aspect of the "contract" is that you can find sound-bites from Democratic leadership clearly advocating each of these positions. Read 'em and weep for the Republic:

FIRST, we will finally kill the Patriot Act so that no member of Al Qaeda will fear using our libraries to access international websites, access their email, or do basic research on major US installations and population centers...

SECOND, We will enact legislation to release all Al Qaeda members now held in custody in the GITMO Gulag, while providing legal counsel to all who have been unfairly detained during this unfortunate international misunderstanding between Al Qaeda and America...

THIRD, we will pass legislation ensuring that all Al Qaeda members will be free from government monitoring of their phone calls and emails with comrades back home monitored without probable cause...

Read the whole thing™.

The only one he forgot, as one commenter pointed out, is that if an Al Qaeda member does happen to suffer arrest and conviction, the Democrats will work to ensure that the terrorist/felon has a vote in our political system. That would give convicted terrorists the same voting rights as corpses and illegal multi-state voters, which appear to be key Democratic constituencies.

Tuesday, February 07, 2006

The NSA, FISA and the 9/11 Commission Report

The next time you read the painfully pathetic Bob Herbert or the sour spinster Maureen Dowd, odds are they'll be carping about the NSA's "domestic" wiretaps and perceived violations of privacy on the part of the Chimpy McBushitler (or whatever they call W these days) administration.

Let's ignore the fact that the wiretaps are international and that we subject ourselves to warrantless search and seizure whenever we board a plane. And let's also ignore the fact that bi-partisan members of Congress had been briefed on the program for years -- with no complaint -- and that the NSA and the Attorney General's office stand behind it.

Instead, let's just rewind to the 9/11 Commission's Report for a moment... on the topic of the FISA court:

The FISA application process continues to be long and slow. Requests for approvals are overwhelming the ability of the system to process them and to conduct a surveillance...

..the FISA approval process involved multiple levels of review, which also discouraged agents from using such surveillance. Many agents also told us that the process for getting FISA packages approved at FBI Headquarters and the Department of Justice was incredibly lengthy and inefficient...

The New York Post's Debra Burlingame directly relates the wiretaps to 9/11:

A 2004 NBC report graphically illustrated what not having this program cost us 4 1/2 years ago. In 1999, the NSA began monitoring a known al Qaeda "switchboard" in Yemen that relayed calls from Osama bin Laden to operatives all over world. The surveillance picked up the phone number of a "Khalid" in the United States--but the NSA didn't intercept those calls, fearing it would be accused of "domestic spying."

After 9/11, investigators learned that "Khalid" was Khalid al-Mihdhar, then living in San Diego under his own name--one of the hijackers who flew American Airlines Flight 77 into the Pentagon. He made more than a dozen calls to the Yemen house, where his brother-in-law lived.

NBC news called this "one of the missed clues that could have saved 3,000 lives."

When archaeologists pick over the remains of our civilization, hopefully they'll be able to deduce that backbiting citizens who "meant well" had helped bring about the end of a country they'd hoped to protect.

Monday, February 06, 2006

NFL Names Rooney Family 2006 Champions

The first four words of the New York Times headline says it all: "Calls hurt the Seahawks..."

When referees are mentioned in a SuperBowl headline, you know you have a problem.

ABC's cameras produced enough evidence to overturn three key calls, which translated into two non-touchdowns for the Seahawks.

On the first, Hasselbeck found Darrell ("D-Jack") Jackson in the end zone on a slant. Jackson and free safety Chris Hope separated from each other after minimal contact. Back judge Bob Waggoner flagged Jackson, but replays clearly showed there was no push-off. Watching the replay, analyst John Madden said, "When you think of pushoffs, that's not what you think about, really."

And at halftime, studio analyst Steve Young was more emphatic: "That is a touchdown ... that is an absolute mistake." Michael Irvin noted, "It was a ticky-tack foul."

On another drive, Hasselbeck found Jerramy Stevens at the goal line; he made a great catch in heavy traffic. But, wait, a flag! Offensive holding had been called on RT Sean Locklear. Replays clearly showed there was no holding, no grabbing, nada.

Madden chimed in again, indicating that this too was a phantom penalty.

How about another blatant officiating gaffe? Late in the game, Seattle needed to stop Pittsburgh to get the ball back -- they were down 11. On third and six at his own 24, Steeler QB Roethlisberger called a timeout a second after the play clock ran out (replays showed this as well). Ah, but a timeout was granted by head ref Leavy, instead.

I won't even mention the phantom Steeler TD that didn't cross the goal line. And was initially spotted by the linesman short of the goal line. Until it was mysteriously, ex post spotto , ruled a TD.

And I won't bother to discuss the Hasselbeck tackle that resulted in a "blocking below the knees" penalty -- a 15-yarder personal foul -- and one that doesn't even exist in any rulebook known to professional football.

Next time, NFL, just award the Rooney family the trophy before the game. That will save us the hassle of actually watching the game when it's long since been decided in the halls of power.

Update: the NFL is defending this incompetent crew, claiming "no mistakes" were made. Not only were mistakes made, but they were discernible by announcers, analysts, and millions of viewers worldwide.

Sunday, February 05, 2006

UK and US testing EMP warhead

EMP stands for electromagnetic pulse and its effect was accidentally discovered when nuclear weapons were initially tested in the Forties. A nuclear explosion creates a series of electromagnetic waves -- pulses -- that damage or destroy electronics. And, with electronics getting ever smaller and more densely packed, vulnerability to EMP likewise increases.

The new weapon, reportedly developed by the UK and the US, is intended for use in cruise missiles and similar payload delivery vehicles. Rendering command-and-control facilities useless -- without necessarily harming civilians -- would seem to be the overriding goal...

read more 

This just keeps getting better and better

The hits just keep on coming:

> German Chancellor Angela Merkel likened Iran's nuclear plans to the threats of the Nazis.

>The IAEA voted to report Iran to the Security Council because of its obvious (even to the geniuses at the UN) attempts to craft nuclear warheads.

>Iran's president Ahmafrickingnuts Ahmadinejad ordered the resumption of uranium enrichment and an end to UN inspections. And there are reports that Iran tested a long-range surface-to-surface missile in January... capable of travelling in excess of 1200 miles.


Victor Davis Hanson lifts off to 35,000 feet to provide some much-needed perspective (don't expect the rocket scientists at the Associated Press to figure out that a true historical and geographic analysis is required in this day and age):

Ever since that seminal death sentence handed down to Salman Rushdie by the Iranian theocracy, the Western world has incrementally and insidiously accepted these laws of asymmetry. Perhaps due to what might legitimately be called the lunacy principle (“these people are capable of doing anything at anytime”), the Muslim Middle East can insist on one standard of behavior for itself and quite another for others. It asks nothing of its own people and everything of everyone else’s, while expecting no serious repercussions in the age of political correctness, in which affluent and leisured Westerners are frantic to avoid any disruption in their rather sheltered lives.

Then there is “President” Ahmadinejad of Iran, who, a mere 60 years after the Holocaust, trumps Mein Kampf by not only promising, like Hitler, to wipe out the Jews, but, unlike the ascendant Fuhrer, going about the business of quite publicly obtaining the means to do it. And the rest of the Islamic world, nursed on the daily “apes and pigs” slurs, can just scarcely conceal its envy that the Persian Shiite outsider will bell the cat before they do.

Victor Davis Hanson: Three pillars of wisdom