This Blog Is Not For Reading

When Headlines Go Bad

Bob — Wed, 09 Dec 2009 17:25:58 +0000

Bad Headline: GWAVA Releases Version 3.1 of its Novell GroupWise Disaster

Newspaper editors have it easy — whatever they write, the printers print. On the Internet it’s not that easy. On the Internet, Atom/RSS feeds of articles mean that editors can’t control the presentation on the reader’s computer. That makes it all the more important to craft headlines so that they can’t be misconstrued, or at least so that they can be truncated safely.

The headline I read was GWAVA Releases Version 3.1 of its Novell GroupWise Disaster, which doesn’t sound like an appealing product worth buying. GWAVA’s full headline was GWAVA Releases Version 3.1 of its Novell GroupWise Disaster Recovery Product. Sadly, even the headline on GWAVA’s web site is mangled, running the main headline into the secondary headline:

Even full headlines have problems of their own

Sharpen this pencil, I double-dog dare ya!

Pencil manufacturers should take note also: As the Too Cool To Do Drugs pencil is sharpened, the message transforms to Cool To Do Drugs, the semi-Hamlettian To Do Drugs, eventually to just Do Drugs and finally the non-judgmental declaration Drugs. Just the kind of thing that will go over well at school.

–Bob.

Blacklists considered harmful

Bob — Thu, 19 Nov 2009 09:26:26 +0000

The black hole that sucks up Internet Addresses

BoingBoing points me to a Security Fix article by Brian Krebs called A year later: A look back at McColo on the after-effects of Real-time Blacklists (RBLs) that targeted formerly undesirable IP addresses:

The Internet community typically shuns networks known to harbor spammers and organizations that host malicious software and other nastiness, usually by including their numeric Internet addresses on “blocklists”. Many organizations configure their e-mail servers to reject messages from addresses included on one or more of these blocklists. A heavily blocklisted network quickly becomes unattractive to legitimate businesses, since any e-mail sent out of that network will most likely be refused by the intended recipients.

“The problem is once an address block gets so polluted and absorbed into all these blocklists, it’s difficult to get off all of them because there is no central blocking authority,” said Paul Ferguson, an advanced threat researcher at Trend Micro.

(”Blocklist” is a less pejorative term for “Blacklist”)

The problem is not with the (formerly) malicious site, nor with the keepers of the blacklists, or even the lack of a central blocking authority. The problem is with e-mail server admins or firewall admins who let some unpaid, unaccountable blacklist censor their incoming mail or access to Web pages.

A blacklist should be just one of the criteria used to weight the probability that an incoming e-mail message is spam, or that an http stream contains malware. When I use a blacklist I’ll take into account the blacklist’s opinion of an IP source, but I don’t want a blacklist deciding what I can or can’t receive.

It’s far more reliable to actually examine the content stream for spam or malware instead of relying on a third-party’s opinion of an IP address. Yes, this increases the transaction cost for managing spam and malware, but as these blacklist IP address areas increase there’s an ever greater chance of false positives.

Are you using blacklists? Still think they’re a good idea? Wait until your blacklist gets compromised. An attacker takes control of a blacklist, but doesn’t interfere with its regular operations. Instead, it selectively adds and removes addresses. What better way to impose a DoS attack than maliciously subscribing your target to a well-known blacklist? In fact, for the long con I can see an attacker setting up a blacklist site, and spending a year or two building a reputation. As long as system admins rely completely on that blacklist to block certain IP addresses, those system admins are vulnerable to the whims of the blacklist operator.

I also wrote about the role of blacklists in Blocking Port 25 Considered Harmful, just under a year ago.

–Bob.

(Flickr image “Black Hole” by he who shall used under creative commons license)

Deep Packet Inspection considered harmful

Bob — Fri, 13 Nov 2009 22:29:47 +0000

Ripe for Deep Packet Inspection

Michael Geist points us to a Sandvine report analyzing global broadband traffic.

Far more interesting than the data presented by Sandvine is the fact that Sandvine has any data to present at all. How did they get this stuff? Did they buy it from Bell and Rogers? Does their throttling equipment phone home? I don’t recall giving them permission to use my data.

They claim they’re not looking at data content. Maybe that’s true, maybe it’s not. But they’ve inspected deeply enough to know that we use more streaming applications than P2P, and more Bittorrent than Gnutella. As any data analyst knows, traffic analysis of data patterns gives as much information as the data itself. Why are they allowed to gather any of this data at all? None of their business what I use on my computer.

I’m sure Sandvine is making a hefty buck selling this report, or at least using it as evidence to sell more of their DPI equipment. They’re profiting from the the data that I didn’t give them permission to use. I think the Privacy Commissioner may want to look into this.

–Bob.

Transcript: The Neutral Throttle? An interview with CRTC Chairman Konrad von Finckenstein

Bob — Sat, 31 Oct 2009 07:58:46 +0000

Search Engine Episode 15 logo

Thanx to the generous licensing terms on Jesse Brown’s awesome podcast Search Engine, I’m allowed to remix his shows. I have chosen to mix it from audio to text — I present to you Episode 15: The Neutral Throttle? An interview with CRTC Chairman Konrad von Finckenstein, The Transcript.

To listen to the show as you’re reading along get the podcast (from the Search Engine Blog, MP3, 5.8 MBytes).

Naturally, this transcript is released under the same Creative Commons license as the podcast: Transcript of Search Engine #15 by Bob Jonkman, based on work by Jesse Brown is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 2.5 Canada License

If you should find any errors in the transcript please let me know or leave a comment.

Update 1 November 2009: Added anchor links for times, the better to provide citation links when you write your blog post dissecting the interview

I would have put a notice in the comments of the Search Engine Blog, but you need to have a TVO.org user ID, and the Terms of Use are too onerous for me — they say:

If you didn’t make it, you don’t own it

which is just plain wrong (I own lots of things I didn’t make), and

By uploading a comment or idea in any format, you are affirming that you own it, and you are transferring the copyright to TVO. That means we can use it in any way we choose, in any media, anywhere, for as long as we want.

No way, dudes. That’s why I have my own blog.

(and what’s with the teeny-tiny text box for the license? Trying to discourage people from reading it?)

Search Engine Transcript

The Neutral Throttle? An interview with CRTC Chairman Konrad von Finckenstein

http://www.tvo.org/cfmx/tvoorg/searchengine/index.cfm?page_id=613&action=blog&subaction=viewPost&post_id=11263&blog_id=485

Podcast released 26 October 2009

00:00 [Theme Music]

00:15 Jesse Brown: OK, I’ll admit it. I’m confused. I don’t know what to make of the CRTC’s ruling. I wanted answers. I wanted to know what the rules are going to be. I wanted to know, Can ISPs continue to censor the Web to support their own polictical agendas, like Telus did when they blocked access to labour union blogs during that 2005 strike? Can ISPs continue to throttle the Web, reducing our transfer speeds to as little as one-and-a-half percent of what they advertise and sell to us, like Rogers and Bell do every day? Can ISPs in Canada continue to spy on our Web transfers through Deep Packet Inspection? Can they keep ganging up on any newcomer company who dares to offer consumers something different? Can they keep doing so in the name of supposedly clogged up Interweb pipes? That they refuse to actuallly show us? Can they keep giving us some of the slowest and priciest broadband service in the first world, as study after independent study has proven that they do? Can they keep acting like they own the Internet? Or will we have an open Internet in Canada? Will we have Net Neutrality? Like they’re going to have in America?

01:34 JB: Well, the CRTC’s ruling is out. And I still don’t know. Maybe you know? Maybe you’re one of the thousands of Canadians who took to Web in outrage last week, certain that the CRTC’s ruling was an anti-Net Neutrality ruling. I mean, you’d certainly have some support for that position. You’d have the Globe and Mail who reported that Canada’s big Internet carriers scored a major victory: the right to manage traffic. You’d have agreement from the NDP’s Charlie Angus, who said that the CRTC has left the wolves in charge of the henhouse. You’d even have one of the wolves agreeing with them — Bell Canada’s Mirko Bibic, who said that the CRTC’s ruling proves that, quote, we’re the experts, and we get the flexibility to determine how to manage OUR networks.

02:25 JB: But, you also have people like Michael Geist saying that the CRTC ruling unquestionably advances the ball. You have pro-Net Neutrality companies like Google coming out in support of the ruling, praising it. I spoke to the Canada policy lawyer, Jacob Glick, who you’ve heard on the show before, and he said that by his interpretation the CRTC ruling clearly prohibits the kind of throttling that’s going on today.

02:51 JB: In other words, there’s some pretty credible voices out there who are reading this ruling as a pretty good one, as a step in the direction of Net Neutrality. As something that’s, I guess, the complete opposite of the total ISP capitulation that the newspapers, the Canadian public, and the ISPs seem to think that it is.

03:10 JB: So what’s the deal? Who can clear the CRTC ruling up for me? Well there’s probably nobody better suited to that job than the guy who runs the place. CRTC Chairman Konrad von Finckenstein. Mr. Chairman, hello.

03:22 Konrad von Finckenstein: Hello, Jesse.

03:24 JB: I’ve asked the listeners of this show to submit some questions to you and, uh, I’d like to pose a few of them to you now.

03:30 KvF: Sure, OK, go ahead.

03:32 JB: Very plainly, can Internet Service Providers under this ruling keep throttling peer-to-peer traffic the way that they’ve been doing?

03:41 KvF: Now I mean, I think you… miss the prom, principle view to just go right away to throttling, the whole idea is to try to find the balance between the competing interest, the competing interest of users to use the Internet to the maximum extent, to be as innovative and uh, and experimental as they can, versus the legitimate interest of Internet providers to protect the integrity of their networks and to make sure that all users have an equal opportunity. So what we said, we, we took this very principle to port, we said first of all, the best way to deal with all of that is to build extra infrastructure so that everybody has access, and that you don’t even get into congestion issue. If you do have to, uh, use Internet traffic management process, first of all tell people what you’re doing and publishing so they know in advance, and then use economic ones. IE. Make those people who are Internet hogs pay first of all. And then if that doesn’t work and you can’t then only can you control technical, uh, issues, and one of them is what you call throttling, which is, in effect slowing down somebody’s [indistinct(1)] but if you go that far then you have to justify yourself and here’s the framework of analysis that we will apply and we will look at it and we will, uh, if there is a complaint, or if you come on us and ask for approval beforehand this is how we’re going to test it.

05:08 JB: Is that a yes or a no? I mean, uh, we know that Bell and Rogers have been throttling. Do they have to stop doing that? Give people notice, appeal to you? Is this changing the policies that are already in place?

05:19 KvF: Look, is, we only did one ruling so far and that was on the CAIP request and there we said, it is not discriminatory, it is not preferential, and therefore we allowed Bell to do it. Now as you know, there’s a review of vary on it, and that will have to be, we will have to look and we haven’t decided on that yet. So if for to clearly, if, is, if, we, uh, review it we will apply the test that you just heard. I don’t think, uh, and we will see what the outcome will be.

05:53 JB: Well that brings me to another question that somebody submitted to me: Are you going to be watching to see how they behave? Are you actively monitoring the ISPs to see if they’re compliant, or are you going to be waiting? Is the onus on the consumer and the Internet user to complain to you at which point you move towards a ruling?

06:09 KvF: The onus is both on the Inter, Internet Service Providers and the users. The Internet Service Providers now, uh, know what the rules are, and they should structure themselves accordingly, they have to give notice, if they want to use technical or economical means and they have to uh, follow the, the guidelines. The exact same thing users who find they’re being, uh, impaired in their use because of activities by the ISPs now having a basis they can lodge complaints knowing that if there are complaints will be looked at through the analytical frameworks that we set out in our decision.

06:46 JB: The ruling mentions that traffic shaping should only be employed as a last resort. Define “last resort”. What, what does that mean?

06:56 KvF: You are always, uh, you are trying to get, uh, get me to define, principles, it’s, it’s very difficult. Obviously when we say “last resort” it’s saying, you know, part of it doesn’t sound so reasonable, because reasonable is in there too, and so you have to, you know, set, in the ISP who says “I have to resort to this, I appeal”, has to basically make out the case that he cannot to himself and later on to us when comes before us. He didn’t have to cover the ability to, uh, to provide access, uh, extra access to the necessary technological in, innovation, or if he did that there was no chance of getting return on his investment in a reasonable period of time. And it depends on who the ISP is, what the service is, and what the, what the requirement is driving him to the need for Internet traffic management practices.

07:57 JB: You’re right that I am trying to get you to define the principles because I find them a little bit fuzzy. And I guess the ruling explicitly states these are not “rules” but these are guidelines that are set–

08:07 KvF: Precisely. You’re trying to get me to convert the principles to guideline tests and we said there are no guideline tests because the situation is fluid, technology changes all the time, it’s a very dynamic solution. All I can guarantee you we’ll have the principled approach, and we will approach these principles, and here they are.

08:24 JB: Bell and Rogers, they’ve come out saying that they feel that they’re already in compliance with these rulings. This, this ruling changes nothing, that they say they’re fine with it because they’re already doing what you suggest.

08:35 KvF: I hope, hope that’s true. I hope that’s true. We shall see. You know, if, uh, you, for instance, uh, advanced technological user, and we, let’s assume for argument’s sake you’re a client of Rogers find they’re not, then, then first of all you going to go on the Web site and see who’s the in, uh, apply internet management traffic practices, or have they been, perhaps they’ve been described there, and does it say what the effects of those are. If they aren’t, and you find out they applied them anyway what you going to do? You’re going to launch a complaint and we will look into it. On the other hand, if they are exactly doing what they’re saying, then wonderful, and then we have total compliance, which is the whole idea.

09:13 JB: What happens if you find that they have not been following these guidelines? Are there specific penalties?

09:19 KvF: Well, they haven’t first then we will issue orders telling them to, what they have to do to comply. That’s how the whole licensing system works, you know. You are supposed to act in accordance to the, of the dictates of the regulator, so if the regulator says you cannot do that, or you cannot only do that if you provide compensation, or only if you, uh, uh, let’s say for argument’s sake, they uh, they slowed down from, from two to eight all afternoon and we find out that this is not justified, it doesn’t pass our tests, et cetera, we say you really have only shown me that the congestion which is six to eight, and if I buy everything else, fine, you can slow down but only say, you can only do it from six to eight. And they will do that. If they don’t do that, follow our order in court, then they get a court order to get them to do it, so.

10:13 JB: Let me ask you about that congestion question because this has been very controversial. The Internet Service Providers entire argument against Net Neutrality is based on this idea that they are facing congestion on the networks, and yet they have never proven to the public that this is in fact the case. Now I understand that some of the information that was presented to the CRTC, as you were looking at this problem, was kept confidential. Can I infer from this ruling that you agree with the ISPs? That they have proven to you that in fact congestion does occur to the extent that they say it occurs? Or, or at all for that matter?

10:44 [silence]

10:48 KvF: You say it has never been proven by those, I don’t know where, uh, on what basis you make that assumption. And, and, and obviously, the only way you can prove it is when, if there’s been actually breakdown of commmucinations or, people, uh, people have been slowed down, et cetera. But there is no interest in, or capacity on the internet I think that is self-evident. Do you really have to wait ’til there is a major congestion and a major there, impairment of people’s use before you say “Hey, that’s a problem, something has to be done about it”?

11:21 JB: No, no, quite to the contrary. I’m not waiting for there to be an instance of congestion for the Internet to experience some huge cataclysmic brownout which has been predicted but has never happened.

11:30 KvF: Right.

11:31 JB: Instead, uh, the ISPs have consistently held that their information about their networks is proprietary information, even though there’s a, an intense amount of public, uh, monies that have gone into the building of those networks and they’re built over private and public land, through the right-of-way laws. We don’t know, just the data they have over how much capacity is being used, how much dark fibre is left. Some people have suggested that they’re not using a fraction of it. And yet they point to congestion as the cause of practices which might just be practices that are in their best business interests. So–

12:30 KvF: Well, well just a second. You know, you have, uh, If somebody comes forward and says this, uh, Internet Service Provider is it in, applying Internet Traffic Management, and he is, uh, this, that, unfairly, uh, discriminating against me or, uh, it may impairs my use, and the first, then the onus, as we set out in our, uh, the, our decision, is on the ISP to come forward and say either “No I’m doing it” or “Yes I’m doing it and I’m driven to it by this and this” and you go though the analytical framework. So you’re positing right away that actually that, that is happening. I don’t, you have to, that’s exactly what you are trying to do, trying to be preventive and, uh, prompt. If and when congestion arises, if it doesn’t arise then of course there’s no issue. If it does arise, then, as I said before, that’s, they may build extra infrastructure, if not they put in economic measures to, to have people pay for the use and thereby modu, modulate the use. If that doesn’t work then only you go to technical ones. Then, uh, uh, you want me to prove a disaster before it has happened. How can I do that?

13:17 JB: Is this really such a great mystery? Uh, the congestion they claim has already occurred and the throttling has already occurred. The complaints from the public have been loud and clear. All of this has been brought forward to you. Is this really a wait-and-see kind of a situation?

13:28 KvF: No but its, throttling has occurred to CAIP. So, throttling has occurred because Bell said they were running out of capacity during those hours, those hours so they came in close to the limits of their capacity. And in that decision when we heard it, you know, on the basis of the evidence we said “yeah, yeah, there’s a reasonable apprehension and therefore you’re, you’re entitled to take the measures that you were, were taking”. That’s how it always have, you know, hopefuly we won’t have cases where there has been a brownout and then people complain that says the question always is, are they close enough to brownout that they have to resort to these extreme measures.

14:05 JB: Transparency is one of the issues that this ruling speaks about.

14:08 KvF: Yeah.

14:08 JB: And is there, is there any onus on the ISPs to be more transparent about their networks to the public?

14:12 KvF: Very much so. We, we heard from some ISPs. We, through the tests have termed that they’ve, there’s really nothing on the Internet about this. And we felt, you know, if you’re already a customer you should know. You should know what it is, ’cause say for arguments sake, you’re a customer of ISP X. If ISP X employs, uh, a TM piece it has to say on it, that web site, this is what we’re doing, ta ra ta. And by the way, this is how, how it’s going to affect you, Mister User.” So that you then have these choice of saying “Well there, I am sorry, that’s unacceptable, I go to somebody else.” Or else you say “Well that seems, that seems sense, perfectly sensible, that makes sense, uh, and, and I accept it.” But you should have is the ability to choice, of choice as a consumer, and you won’t have that unless you are informed. And that’s why we’re saying transparency is absolutely vital. You have to put it on your Web site, you have to explain that you do it and what the effect is. And you also have to people, take people, give people reasonable notice so they can make an informed choice and not locked in.

15:15 JB: Well, I, I wonder if, uh, if the ISPs might just state that they’re going to do it, and then do it and the consumer options will be as limited as they are now.

15:22 KvF: Don’t forget, there’s a competitive advantage to not doing it, so if one guy does doesn’t mean the other one will do it as well.

15:28 JB: The FCC, uh, has just announced that they are going forward with much more rigid open Internet Net Neutrality guidelines. Do you feel that there is a risk of Canada falling further behind the United States in terms of the open Internet and innovation?

15:42 [silence]

15:44 KvF: Well, first off I don’t accept that we’ve fallen behind, et cetera. You have to look at all these numbers, et cetera. Specially in the context of the population based geography and the democratic distribution. To make an outright comparison between us and the States I think, it is comparing apples and oranges. So if you, if you look at it, and, put in the necessary qualifiers or weights in terms of, as I say, democra, uh, demographic distribution, geography and population base, we’re doing very well. And, uh, yes we can do better, we can always do better. But the rules that we’ve made, we made for the Canadian context. Now they, they’re not for the American context, would have surprised me very much if the US would have used similar rules. But they have a different market, and they have far more players, and they have a far bigger population base.

16:33 JB: Mr. Chairman, I won’t take up too much of your time. I have one final question for you. It’s part of my job, as it is part of yours, to take the temperature of the Canadian public, uh, on these issues.

16:41 KvF: Hmm.

16:41 JB: So I’ve followed the conversations that people are having online and people write to me about it, and I take part in those converations. And I’m sure you do too. I don’t think I’m exaggerating, at all, to say that Canadians feel, with, with certain justification, that they’re getting ripped off. By Internet Service Providers, they, they feel that they pay more than many other parts of the developed world, and that they’re getting less, and there’s studies to back this up. They feel they’re not getting the speeds and the services they’re promised that are advertised. They feel they don’t have as much consumer choice as they should and they’re forced to pay usurous rates to companies that they don’t like. And they’re afraid that our country is falling further and further behind. And that no-one’s really standing up for them. As of today I think, uh, almost 9,000 Canadians have signed a petition to dissolve the CRTC. C-c-can you speak to these Canadians and their concerns, ’cause I think that is the predominiant feeling, not that the CRTC should be dissolved, but that we’re getting ripped off by Internet Service Providers.

17:35 KvF: No, my, uh, uh, Can’t think dissolving the CRTC would have, uh, would help you in terms of Internet access. But to the, to the bigger point that you’re, you’re making. Yes, there may be, there may be a few in that further fear, uh, fear falling behind. I, I don’t, uh, haven’t seen any studies, I have, I have certainly, uh, seen, that a lot of commentators feel about that.

17:56 JB: Oh I can point to, to–

17:56 KvF: And I, uh, I, and I think you know we also do see clearly that governments have woken up and that broadband, more broadband is a necessity. And you see various provincial initiatives, you see some federal initiatives. Are there enough of them? Not really. Uh, clearly this is the very exploding area and the use is, is making demands on the infrastructure which is not being met pres, presently and we should pay attention to it. I mean, this, I think, once you only look at one aspect, the whole aspect is, is, is sort of digital red revolution and the need for digital, national digital strategy, which includes, in effect, a lot of expansion of the Internet, more of infrastructure, et cetera. I think everybody recognizes the need for it. Uh, to what extent, the government should do it, to what extent private individual do it, and what extent you can do it by, uh, by encouraging more players to enter the field, et cetera. Those are the old issues, really, of so macro-economics policies is for the government to decide, not for me as a regulator, CRTC. I can only deal with the existing infrastructure is there, and make sure that our measures are not seen as a break to further development of the broadband.

19:07 JB: Chairman von Finckenstein, thank you very much for your time today.

19:10 KvF: You’re welcome. You’re welcome. Bye-bye.

19:12 [Theme Music]

19:19 JB: Search Engine is produced by me, and a community of Internet hogs. E-mail me story tips and freelance pitches at jesse@jessebrown.ca You can follow me on Twitter @jessebrown Our Facebook group is SearchEngine TVO, and come read the blog at TVO.org/searchengine. The next podcast will be up first thing Tuesday morning.

19:42 [Theme Music]

20:07 [end]

Welcome back!

Bob — Fri, 16 Oct 2009 08:37:49 +0000

Crossing the Floor

This blog is not for reading at its new location… Here!

In politics, this would be called “crossing the floor” — not only did this blog move to a new domain name, but the underlying software has changed from Blogger to Wordpress. There’s a political statement if ever there was one.

The move isn’t done yet. There may be some superficial colour and layout changes, some slightly more substantial tweaking of sidebars and widgets, and possibly a very substantial URL change (I’d really like to get rid of “blogs” in http://bob.jonkman.ca/blogs/2009/10/16/welcome-back/, but keep the sign-in page at http://jonkman.ca/blogs/. Technical advice for crafting Apache rewrite code is welcome, and will be duly credited.

Now that it’s on the Jonkman Family web site, I hope there are other Jonkman family members who start their own blogs here too. You’ll need an e-mail address in the @jonkman.ca domain, but those addresses are available for the asking.

–Bob.

(image from Nizzlebop’s Gallery, labelled for re-use by Google Image Search)

Feedback from Copyright Consultation submission

Bob — Thu, 24 Sep 2009 16:41:00 +0000

A few days after I posted my Canadian Copyright Consultation submission I received some e-mail feedback from Robert:

Hello Bob Jonkman,

I’ve read most of your input about U.B.B. and found it surprising that you, a software developer of all people, would oppose the U.B.B. ruling.

I’ve read your blog: [link]

While reading, I’ve stumbled upon this:

“I favour shorter copyright terms, no criminalisation for
non-commercial infringement, no criminalisation of circumvention of technical protection measures, and no media levies.”

Now, as a software developer, someone who uses copyright and programs protections, to what extent that you favour the above sentence?

My reply:

Hi Robert: As a software developer I am especially concerned with Usage Based Billing. I need to access online documentation, I use forums, blogs, and mailing lists to interact with other developers and clients, I run servers both for production and to test Web applications. But what will affect me most is downloading programs, software tools, and complete CD and DVD images with operating system distributions. All this activity puts me well beyond Bell’s proposed limit of 60 GBytes per month. Connection fees will nearly double for me under UBB, and I get nothing for it.

The statement on copyright, that I favour shorter terms and no technical protection measures are completely consistent with my position as a developer. In the first place, I need to use materials that are either freely available, or purchased from commercial sources. Bad licenses that use copyright law to restrict my use of material that I’ve legally purchased are harmful to me. For example, I want to write an addressbook program for a smart phone. But the vendor has restricted my ability to read the phone’s memory, and claims it is infringing that vendor’s copyright for me to reverse engineer the phone. This is harmful to me (I can’t do the work), it is harmful to my client (who can’t get the software he needs), and it is actually harmful to the phone vendor (because neither I or my client will ever buy that phone again).

Reduced copyright and fewer technical protection measures are also good for me, because more people will be able to make use of my software, leading to more work for me. Note that I never use “programs protections” for my software — it’s just not good for business. And while my software is copyrighted, I still grant licenses under GPL to make copies, requiring only that those who use my code give me attribution, and that their code uses the same license.

I don’t sell software, by the way. People pay me to write software. The software that gets written either belongs to the client (”work for hire”, so the client has the copyright), or I retain copyright and release the code under GPL.

Some of the submissions are now posted online. Alarmingly, many of the submissions I read online are not on the site. Hopefully the immense backlog has merely delayed the Copyright Consultation folks, and they’ll appear soon.

[Added 8 October 2009: It seems my copyright submission was posted on the Copyright Consultations web site on 2 October 2009]

Even if you didn’t make a submission, you can still write to your MP and the Honourable Minister of Canadian Heritage, James Moore and the Honourable Minister of Industry, Tony Clement to let them know your views.

You can contact me too. Post a comment, or send me e-mail.

–Bob.

Canadian Copyright Consultation submission

Bob — Sat, 12 Sep 2009 23:17:00 +0000

Here is my submission to the Canadian Copyright Consultations.

Submissions have to be submitted by Sunday,13 September — that’s tomorrow as I write this.

I declare this text to be in the public domain — feel free to cut, copy, paste, use, re-use, recycle, reduce, or expand as you see fit, no attribution necessary. Just get your submission in!

–Bob.

Author: Bob Jonkman
E-mail: bjonkman@sobac.com

To:
info@copyrightconsultation.gc.ca

CC:
The Hon. James Moore, MP, Minister of Canadian Heritage
The Hon. Tony Clement, MP, Minister of Industry
The Hon. Harold Albrecht, MP
submissions@faircopy.ca

1. How do Canada’s copyright laws affect you? How should existing laws be modernized?

My name is Bob Jonkman. I am a software author and technical writer, and make use of copyrighted material in my work — reference documents, purchased commercial software, free Open Source software, and freely available software with various license restrictions. I am married to a television screenwriter, my sister is a journalist, my father-in-law is a musician and song writer, and my brothers- and sisters-in-law are fine artists, musicians, and authors. Copyright law affects me and my family in how we earn our livings at work, and how we entertain ourselves at home.

I am not a lawyer, or an expert on copyright and intellectual property law. As a technologist, I have been following the copyright arguments online, and feel qualified only to comment on how copyright should work with technology, and how technology affects the way copyright can work.

2. Based on Canadian values and interests, how should copyright changes be made in order to withstand the test of time

3. What sorts of copyright changes do you believe would best foster innovation and creativity in Canada?

4. What sorts of copyright changes do you believe would best foster competition and investment in Canada?

5. What kinds of changes would best position Canada as a leader in the global, digital economy?

The last four discussion points are very interrelated, and rather than repeat myself for each point I’d like to answer these questions for each aspect of copyright law that concerns me. Overall, I favour shorter copyright terms, no criminalisation for non-commercial infringement, no criminalisation of circumvention of technical protection measures, and no media levies. At the same time I think there can be a strong copyright law that favours creators and content owners, while not adversely affecting Canadians buying or using copyrighted material.

Length of Copyright: Less copyright is good copyright. With current terms extending fifty years after the author’s death, most works are obsolete by the time they fall into the public domain. This is especially true for technical documentation and software, where the effective usefulness may be measured in months rather than years. I would be in favour of a copyright term of 20 years, measured from the time of the creation of the work, but not to exceed the life of the author. An estate should have no copyright over a deceased author’s work — copyright is a right to exclusive copying, not a right to eternal income.

Copyright Registry: It is difficult to determine if a work is under copyright if the author is not known. With a copyright registry there is a clear and definitive determination whether a work is under copyright — if it is not registered or the registration has expired, the work is in the Public Domain. The National Library of Canada already collects all works of Canadian authors (and composers and musicians), and would make a good repository for a copyright registry. Registering copyright should be done at no cost to the author, to avoid disenfranchising the less wealthy. I realize that a copyright registry is not a popular option, and may not follow international guidelines, but here Canada has a means to create a unique solution for Canadians.

Crown Copyright: There should be no Crown Copyright. The Government of Canada and the provinces produce many good, important works, which should be placed immediately in the Public Domain. These works are produced with tax dollars, so, in effect, Canadian citizens are already the owners of these works. While purchasing government publications at the government bookstores may offset printing costs, reproducing them electronically and making them available on Web sites incurs no additional costs. With free distribution those government publications are no longer available only to those with disposable income. From the technology perspective, once government data is freely available many new online services can be created (eg. Geospatial data for mapping applications), which are now restricted by Crown copyright.

Fair Use, Parody, Satire, Criticism: The Canadian Fair Dealing exceptions to copyright are too restrictive. This makes it impossible to provide commentary or criticism in context, or any parody or satire on a work at all. Copyright law should have clear language to allow educational excerpts for parody and satire, and quoting for criticism. Educational institutions should have broad exemptions to be able to quote from copyrighted works where that work is under study, but not for freely copying reference materials. Open Source or Open Documentation licences for reference material is a good alternative, and those works can still be covered by copyright.

Format Shifting, Time Shifting, Location Shifting, Personal Use: Activities such as copying a CD to an MP3 player, recording a TV show for viewing at another time, or uploading purchased music to an Internet service to make it available to the purchaser anywhere online are all taken for granted by Canadians in the age of computers. There needs to be clear language in copyright law that making a copy for personal use is completely legal. That creating backup copies of software, digitital media or works stored in electronic formats for personal use is legal. That changing the format from text to speech or braille is legal. With clear legal standing, many new online services can be created, which today are avoided because of their potential illegality (eg. An online service which lets me pick up my digital TV subscription anywhere online, or online personal backup repositories).

Digital Rights Management (DRM), Technical Protection Measures (TPM): The circumvention of DRM and TPM must not be illegal, and the tools to perform circumvention must not be illegal, and the dissemination of knowledge to circumvent must not be illegal. The "Content Industry" tries to protect its copyright by making it difficult to make copies. Sadly for them, this is always ineffective. Even when circumvention of DRM and TPM is itself made illegal, the people who make illegal copies have no qualms about illegal circumvention either. The only harm is to people who purchase media with DRM or TPM, who are prevented from exercising their personal use rights for format shifting or time shifting. The company that holds the keys to DRM is above the law, and can remove legally purchased material by revoking the keys. I don’t advocate making DRM or TPM illegal — let those who want to apply DRM and TPM to their material do so. Their competitors who publish material without DRM will quickly out-sell them.

Lawsuits by Big Media: It seems to me that the "Content Industry" is driving much of the efforts to change copyright law. As prominent Canadian lawyers like Howard Knopf have noted, Canadian copyright law is plenty strong already. Content distributors (not authors, musicians or filmmakers) are abusing copyright law as a revenue source — it is far more lucrative to threaten and settle for thousands of dollars, or to sue and be awarded millions of dollars, than it is to actually create content. Copyright law must clearly state that commercial infringement is a criminal act, but non-commercial, personal infringement (where there is no financial gain) is not. Canadians should not live in fear of criminalisation merely for listening to music, or letting customers in the waiting room listen to music. Companies should be liable for frivolous lawsuits — making a false claim of infringement should incur far heavier penalties than those of the alleged infringement.

Making Available: It is not a crime for me to leave my bicycle unlocked — the criminal is the one who steals it, locked or not. By the same token, making copyrighted material available should not be illegal, but infringement of copyrighted content should be (with appropriate penalties depending on whether such infringement is commercial or non-commercial).

Carrier Liability: It is easier to identify the service provider hosting infringing content than the person who puts it there. Carriers should not be held liable for the actions of their customers — to use the bicycle analogy again, the parking facility is not responsible for the bike theft.

Three Strikes, Graduated Response, Notice and Takedown, Notice and Notice: It is easy to identify the Internet Service Provider hosting infringing content, but ISPs must not be put in the position of enforcers. If there is evidence of infringement then there are already mechanism in Canadian law to stop it. The law must clearly state that accusations by the "Content Industry" without proof will not result in denial of Internet service for Canadians. The content industry can report infringement to law enforcement authorities, just like any other infringing activity is dealt with in other venues. Internet service is too important to Canadians to allow the content industry to arbitrarily cut it off. Notice and Notice would be a polite way to inform someone of possible infringement, and is the right Canadian thing to do.

Of course, if Making Available is no longer an infringement of copyright, then there is no need for Carrier Liability, Three Strikes, or Notice of any kind.

Media Levies, ISP Levies: There should be no levies on media at all, nor should Internet Service Providers be required to collect levies. As technology progresses, more and more material will be available digitally. It seemed to be a good idea in 1996 to collect a music levy on CDs to offset the cost of music infringement. Unfortunately, the media on which the music levy is applied can be used for many other purposes — data storage, movies, games, software, coasters. The media levy is improperly collected more often than not. And levies cannot cover all the content available — today movies, books, newspapers and games are all available digitally too, and there are many more media capable of holding digital content: portable hard drives, solid state thumbdrives, iPods, cameras, phones and Blackberries. The amount of digital content will only increase, and new digital media will be invented. New Creative Content licenses on content are also becoming popular, which the creators explicitly want to be free. Paradoxically, collecting a levy is both overly broad and inadequate at the same time.

Secretive international agreements, eg. ACTA: Open government is good government. Inviting Canadians to submit their thoughts on copyright has sparked a national interest in the process of lawmaking, and the workings of Canadian parliament in general. Canadians have been given a direct, effective voice in how their country is governed, a textbook example of participatory democracy. Unfortunately, at the same time Canada is participating in the Anti-Counterfeiting Trade Agreements talks, which threaten to undermine all the work being done on copyright reform. Not only are Canadian citizens themselves excluded from these talks, it seems foreign interests will be dictating how Canada should form its copyright, trademark and other laws. Please ensure that any negotiations of this type are publicly reported, and that Canadians’ views on copyright are represented. If Canada can participate in these negotiations only with the condition of secrecy, then decline to participate. As these copyright consultation submissions show, Canadians are perfectly capable of designing their own copyright law.

Thank you,

–Bob Jonkman.

[Added 8 October 2009: It seems my copyright submission was posted on the Copyright Consultations web site on 2 October 2009]

Usage Based Billing Considered Harmful

Bob — Thu, 13 Aug 2009 20:33:00 +0000

The CRTC approved Bell’s request to charge the customers of third-party ISPs “Usage Based Billing”, to take effect in 90 days (November 2009).

There’s much discussion on DSL Reports. Rocky Gaudrault, the president of Teksavvy ISP, weighs in with some advice: We’ll all need to make a concerted effort to curb our downloading to ensure we don’t give a dime more to Bell than we need to. We all know this is a cash grab and anti-competitive tactic [...]

Teksavvy offers a Premium package for $29.95 with $0.25/GiByte over 200 GiBytes, and an Unlimited package for $39.95, but with the new rates Bell won’t allow Teksavvy to offer an Unlimited package. Customers who use more than 60 GiBytes of bandwidth would be charged an extra $22.50 a month. For Teksavvy’s Premium customers, this is nearly double the current price. Customers who use more than 300 GiBytes in month would be charged an additional $0.75/GiByte. For that extra money you don’t get faster speeds than today. For that extra money you don’t get more downloads than today. For that extra money you don’t get a higher quality Internet. And that extra money goes to Bell, not Teksavvy.

Image from the OpenOffice spreadsheet Teksavvy possible UBB pricing.

Disclaimer: This is presented strictly as a comparison between what Teksavvy offers today and what might be the costs after UBB is implemented. This is sheer speculation; there has been no contact with Teksavvy staff on this.

60 GiBytes isn’t much, today:

1 GiByte is about 300 average Flickr photos.

1 GiByte is about 3 hours of watching YouTube videos — if you watch an hour a day you’ll use about 10 GiBytes/month.

Using Bittorrent to download Ubuntu (or a movie) uses about 1.5 GiBytes.

Downloading one season of a TV show is about 16 GiBytes.

Downloading one High-Definition movie is about 40 GiBytes.

Remember that this is charged both coming and going, so you’ll be paying for all the spam that arrives in your mailbox, all the ads on websites, all the automatic Windows updates.

Customers who only use e-mail and do a bit of Web surfing probably won’t be affected by the rate increase. But anyone who uses the Internet more than casually will be paying more.

Even worse are the “Chilling Effects” – who’s going to develop new cool Web 2.0 applications if they’re constantly watching the meter to ensure they don’t exceed the 60 GiByte cap? Who’s going to sign up for online video services if the movies exceed the cap?

Canada has certainly fallen behind the technology curve. Usage Based Billing puts Canada in an even worse position than the OECD reported in 2008.

Image from the Excel spreadsheet Average broadband monthly price per advertised Mbit/s, by country, USD PPP (Oct. 2008) located at the OECD Broadband Portal.

If you want to protest this, submit a complaint to the CRTC.
For the type of application select Tariff, and as a subject, use File Number # 8740-B2-200904989 – Bell Canada – TN 7181. Thanx to Antonio Cangiano for these instructions!

I sent them this complaint:

I was disappointed to learn that the CRTC has approved Bell’s request to charge Usage Based Billing on connections for independent resellers, despite the CRTC’s own admission that most submissions from Canadians are opposed to such a tariff.

Usage Based Billing adds a significant cost to Internet services supplied by independent operators, reducing their ability to differentiate based on bandwidth and price. Worse, Bell’s proposed rates to its own customers appear to be less than what it is charging to independent ISPs. The obvious conclusion is that Bell is trying to eliminate its competition.

Recent reports on global bandwidth have already placed Canada next-to-last in cost per megabyte of bandwidth. This latest tariff will only increase prices for consumers, without providing any increase in service. Canada will surely be in absolute last place globally when the next report is issued.

The CRTC is mandated to provide telecom regulation to benefit Canadians. With this tariff, the only Canadians to benefit are Bell shareholders.

–Bob.

Invalid HTML considered harmful

Bob — Tue, 28 Apr 2009 14:21:00 +0000

Valid HTML is not just useful for browsers. One of the big benefits of having valid HTML is that search engines can properly index your site. If the HTML is invalid, then the search engines may index you incorrectly, or not at all. Google isn’t the only search engine out there, and you want to drive as much traffic to your site as possible.

There appears to be some contention whether valid HTML makes a difference to search engines or not. Some say it doesn’t; or that it depends on the search engine; others have evidence it matters a lot.

Even if you’re not coding by hand, I urge you to have a look at HTML Dog, a set of tutorials on creating valid HTML. When things don’t work as expected you can turn here for examples in XHTML.

http://htmldog.com/

If you’re going to be using an editor for your Web pages, pick an editor that creates proper HTML code. Abandon FrontPage. I suggest using KompoZer, which is based on the same rendering engine as Firefox (Gecko).

http://www.kompozer.net/

You should also be checking your pages in Opera, which is a browser that is even better for standards-compliance than FireFox. The Chief Technology Officer for Opera is the same guy that wrote the Cascading Style Sheets specification, so it has a good pedigree.

http://opera.com

If you’re using Firefox then be sure to check your pages with the HTML Validator addon:

http://users.skynet.be/mgueury/mozilla/

And when you think your site is done, check each page with the full-strength validator:

http://validator.w3.org/

http://jigsaw.w3.org/css-validator/

–Bob.

Kindles and the Death of Newspapers

Bob — Thu, 05 Mar 2009 15:08:00 +0000

Lately, there’s been lots of online hullabaloo about Kindles and the death of newspapers and journalism.

Dave at Wordsworth made me think about this, and like an old curmudgeon I disagree with everyone about everything.

E-books are not going to be the death of journalism, but they’re another nail in the coffin for newspapers. Regardless of what I’m reading or reading it on, someone still has to write it. There always need to be authors^[1], journalists and bloggers. What I don’t necessarily need is another book, magazine or newspaper to clutter up all my horizontal surfaces.

Journalism isn’t dead, and Marshall McLuhan was wrong — the medium is irrelevant.

Neither are fiction and non-fiction dead, but the sales of physical books will probably continue to decline while the sales of e-books increase. Partly it’s because e-books are displacing physical books, and partly it’s due to long tail effects. Digital books won’t be pushed by your bookstore’s favourite sales force, and so a single title’s sales may well fall off when there’s so much other choice. But more titles can be published: Printing on demand is becoming cheaper, and the vanity press will likely be making a comeback. The total sales of all books are likely to be greater, since many more books can be published at next to zero cost, especially with digital-only titles, distributed online.

So why will I never get a Kindle? It’s not the form factor, although I’d like an e-book reader I can snuggle up with. Somebody needs to mash up a plush toy, a Chumby, and a Nintendo DS (the hinge and double screen would make it a great book analogue!) No, what completely turns me off the Kindle is the DRM, or Digital Restrictions Management. Unlike a real book, you cannot loan a Kindle e-book to a friend. There are no Kindle used e-book stores, and there will never be Kindle e-book libraries. All the convenience I take for granted about books don’t exist on a Kindle.

Unlike the United States, Canada does not have a “right of first sale” in its copyright law. Fortunately, this means authors or publishers cannot legally prevent the re-sale of a book. But with DRM they can technically prevent the re-sale of an e-book. This puts authors and publishers in a position above the law. They are now the ones who get to decide what we can and cannot read, at least on their devices.

So, no Kindle for me, and I’m not the only one.

The other Kindle hoopla has been the Authors Guild vs. Text-To-Speech. [T]he guild is asserting is that authors have a right to a fair share of the value that audio adds to Kindle 2’s version of books. Later the Authors Guild tried to backpedal :

The remarks have been interpreted by some as suggesting that the Guild believes that private out-loud reading is protected by copyright. It isn’t, unless the reading is being done by a machine. And even out-loud reading by a machine is fine, of course, if it’s from an authorized audio copy.

This is completely erroneous; for an e-book there is no difference between an “audio copy” or a “visual copy” . Once I have a legal copy of an e-book all the author’s rights have been satisfied, and it makes no difference if I consume that e-book with my eyes, my ears or with my fingers on a Braille device. It’s exactly the same bits in the e-book. Fortunately, the Author’s Guild has been held up to ridicule on this. Sadly, Amazon immediately acquiesced, and will be adding still more DRM to prevent us from using text-to-speech! Fortunately, Amazon has been held up to ridicule on this, too.

So, no Kindle for me. And it doesn’t look like any e-book reader manufacturer will get it right — all the other e-book readers have been crippled with DRM too, and e-book stores have to sell at least four different, incompatible formats. Even worse, the DRM is incompatible with itself. If your e-book reader breaks, you won’t be able to use the e-books you’ve already bought on a replacement device. Some e-book readers are keyed to the credit card number you use to buy the e-book, so if you change credit cards you won’t be able to buy new e-books for that reader.

So, no Kindle for me. I’ll stick to real newspapers, real magazines and real books.

And yes, Dave, I’ll still rely on knowledgeable people to read books (or e-books) and recommend them to me. There’s nothing like someone else’s fresh perspective as an introduction to a new author or genre. The problem with Amazon’s recommendations is that they get you into a rut — if I buy science fiction I’m unlikely to get a recommendation for a mystery. One of the highlights of visiting a bookstore is talking to the staff to get their views on what they’ve read. That in-person interaction is a valuable service you can’t get online.

–Bob.

Footnote 1: Full Disclosure — I’m related to writers.

Image by DG Jones, used under CC