St. Vincent is our first indie MixTape after the successful Instant Karma launch. Check her music and schedule out. If you love Annie's music, please put it on your blog, MySpace, Facebook or other social network.
I love her music.
July 28, 2007
July 03, 2007
June 13, 2007
June 12, 2007
June 01, 2007
May 10, 2007
Lunch With A Hero... Rigoberta Menchú
It's not everyday that you meet a true hero. I had the great fortune to be invited to a luncheon with a great woman, Rigoberta Menchu of Guatemala. For those of you who do not know, Rigoberta won the Nobel Peace Prize in 1992. She came over for a lunch to ask for help as she seeks the presidency of Guatemala.
For those of you who do not know her background, here is a little information I took from the Nobel Prize page.
"Rigoberta Menchú was born on
January 9, 1959 to a poor Indian peasant family and raised in the
Quiche branch of the Mayan culture. In her early years she helped
with the family farm work, either in the northern highlands where
her family lived, or on the Pacific coast, where both adults and
children went to pick coffee on the big plantations.
Rigoberta Menchú soon became involved in social reform
activities through the Catholic Church, and became prominent in
the women's rights movement when still only a teenager. Such
reform work aroused considerable opposition in influential
circles, especially after a guerilla organization established
itself in the area. The Menchú family was accused of taking
part in guerrilla activities and Rigoberta's father, Vicente, was
imprisoned and tortured for allegedly having participated in the
execution of a local plantation owner. After his release, he
joined the recently founded Committee of the Peasant Union
(CUC).
In 1979, Rigoberta, too, joined the CUC. That year her brother
was arrested, tortured and killed by the army. The following
year, her father was killed when security forces in the capital
stormed the Spanish Embassy where he and some other peasants were
staying. Shortly afterwards, her mother also died after having
been arrested, tortured and raped. Rigoberta became increasingly
active in the CUC, and taught herself Spanish as well as other
Mayan languages than her native Quiche. In 1980, she figured
prominently in a strike the CUC organized for better conditions
for farm workers on the Pacific coast, and on May 1, 1981, she
was active in large demonstrations in the capital. She joined the
radical 31st of January Popular Front, in which her contribution
chiefly consisted of educating the Indian peasant population in
resistance to massive military oppression.
In 1981, Rigoberta Menchú had to go into hiding in
Guatemala, and then flee to Mexico. That marked the beginning of
a new phase in her life: as the organizer abroad of resistance to
oppression in Guatemala and the struggle for Indian peasant
peoples' rights. In 1982, she took part in the founding of the
joint opposition body, The United Representation of the
Guatemalan Opposition (RUOG). In 1983, she told her life story to
Elisabeth Burgos Debray. The resulting book, called in English,
I, Rigoberta Menchú, is a gripping human document
which attracted considerable international attention. In 1986,
Rigoberta Menchú became a member of the National
Coordinating Committee of the CUC, and the following year she
performed as the narrator in a powerful film called When the
Mountains Tremble, about the struggles and sufferings of the
Maya people. On at least three occasions, Rigoberta Menchú
has returned to Guatemala to plead the cause of the Indian
peasants, but death threats have forced her to return into
exile.
Over the years, Rigoberta Menchú has become widely known as
a leading advocate of Indian rights and ethno-cultural
reconciliation, not only in Guatemala but in the Western
Hemisphere generally, and her work has earned her several
international awards."
It was truly a privilege to be with with a person who hopefully will become the president of Guatemala.
May 06, 2007
May 01, 2007
April 18, 2007
In Memory Of Virginia Tech People
In real life and in second life, we grieve for all affected by the tragic events that happened in Virginia Tech.
graphics by: Perefim Cao
March 19, 2007
March 08, 2007
Venture Capital Journal Cover Boy
Ok... I did not make Rolling Stone Magazine or the Daily Show but I made it to become the cover boy of Venture Capital Journal.
Ok... I never said it was exciting. The story inside just talked about my penchant for investing in consumer product and retail companies. I guess that's why I started GoodStorm with apparel, music, movies, books and games.
I just wish I can do downloadable music so I can give Apple a run for it's money. Hmmm... What do you about that idea? Downloadable music with a Capitalism Done Right backdrop. Inspiring!
March 06, 2007
March 01, 2007
January 29, 2007
October 20, 2006
October 06, 2006
September 28, 2006
Lurkers & New Posters In Doom9 Seem To Be Trying To Bait FairUse4WM DRM Hacker | Also... DRM Could Lead To "Bricking" Devices
As I follow the threads in Doom9 (which BTW is a great site!) about viodentia and FairUse4WM, it seems that there are sudden bulletin board lurkers (...myself included) hanging around. That's not so strange. What's funny is some folks (who are obvious agents for the dark side) seem to be suddenly posting and baiting viodentia to show his source code.
Whoever is investigating this alleged theft of source code must be a junior code monkey from the dark side. You DO NOT need source code to study software internals. Whoever is asking for the source code or wants the source code should spring out the corporate credit card and buy a copy of DevPartner (formerly SoftIce).
It reminds me of the bumbling investigators HP hired to sniff out the boardroom leaks. At least the dark side can send some competent folks to ferret out viodentia but then again what's the point?
It is my opinion the dark side's DRM implementation has fundamental architectural problems need rebuilding from scratch! Patching is just a hacking challenge. Bottom line, either re-write the current DRM implementation or drop it entirely. Putting out bad software is worse than DRM itself.
The real point is DRM could create a consumer nightmare. As long as there are those who are willing to challenge DRM system and software, the possibility of "bricking" consumer devices looms. It is criminal to knowingly write and distribute software that will break systems and hardware but people do it anyway. Although destructive, bricking devices is the ultimate malicious hack.
This is not a science fiction story. There is a malicious software that goes around bricking Sony PSPs. Imagine bricked iPods and Zunes. It would be the ultimate product recall.
Remember hacking is just time, intent, motive and skill.
BTW, this is another t-shirt that you can buy from Defective by Design.
September 27, 2006
Hacking and Breaking Microsoft's DRM: Viodentia Releases Fix For Microsoft's DRM Patch! FairUse4WM rel 1.3 Download Link Here
This was sent to me by some friends and I thought it was amusing. Many years ago, I co-authored a very interesting article on Windows NT that details the weakness of Windows NT security so I know a little bit ;) about security.
It's been a while since I tinkered with encryption stuff but it seems to me that based on the description set forth by viodentia, he/she did not and does not need any access to the source code as Microsoft alleges in their federal lawsuit. In my opinion, it is totally not necessary to see the source code to execute this hack.
For those of you who are real software and crypto geeks, you know that the explanation makes perfect sense and leads one to suspect the allegations of source code theft. But then again, this is merely my opinion.
Another opinion, Microsoft does not need a patch, they need a full overhaul of the DRM architecture if they want to fix this very elegant hack.
To poke a little fun, I am featuring two very cool shirts from Defective By Design. Click on the designs to buy the shirts.
By the way, here' s the explanation by viodentia:
"This new version uses a new extraction approach, courtesy of c0redump.
The method no longer requires the selection of a DRM protected file,
and should retrieve all ECC keys at once.
FairUse4WM has been my own creation, and has never involved Microsoft
source code. I link with Microsoft's static libraries provided with the
compiler and various platform SDK files.
Thanks for Rjamorim for graciously hosting in Brazil.
http://pessoal.onda.com.br/rjamorim/FU4WMver13.zip
12815576c78a799114025b3b266dd156 *FairUse4WM.exe
by: viodentia"
In my humble opinion, the architecture of Windows DRM is defective by design.
Viodentia's further explanation in doom9.org shows he/she knows his/her stuff...
"The AES key displayed in new key extraction
For
the v11 individualization, v2ksndv.bla (or v2ks###.bla) is now an XML
file. There are two tags of particular interest, the first 40 bytes of
"c:PKCert" is the public key for ECC encryption and the "Keys" which
stores all the secondary keys.
Each time you re-individualize, the DLL sends "escrowed" key information to Microsoft's servers which decrypts it and re-encrypts it inside this secondary key table. These are all the keys for previous individualizations.
The <Keys> tag is encrypted with AES in Counter mode using the displayed key. To decrypt, create a 16-byte BIG-ENDIAN counter (that is, 16 bytes of 0, next would be 15-bytes of 0's and one 1 byte, and so forth). Encrypt that with the AES key. XOR the output with the next 16-bytes from the tag.
Once decrypted, the Keys tag holds a XML document which in turn has both the old ECC keys (which v1.3 happily extracts for you), and some RSA keys - the RSA keys are apparently new for v11, and I don't know what they're for.
By the way, if one looks at the individualization process in Wireshark, it's conceivable that future individualizations can be handled with the assistence of Microsoft's own servers."
Each time you re-individualize, the DLL sends "escrowed" key information to Microsoft's servers which decrypts it and re-encrypts it inside this secondary key table. These are all the keys for previous individualizations.
The <Keys> tag is encrypted with AES in Counter mode using the displayed key. To decrypt, create a 16-byte BIG-ENDIAN counter (that is, 16 bytes of 0, next would be 15-bytes of 0's and one 1 byte, and so forth). Encrypt that with the AES key. XOR the output with the next 16-bytes from the tag.
Once decrypted, the Keys tag holds a XML document which in turn has both the old ECC keys (which v1.3 happily extracts for you), and some RSA keys - the RSA keys are apparently new for v11, and I don't know what they're for.
By the way, if one looks at the individualization process in Wireshark, it's conceivable that future individualizations can be handled with the assistence of Microsoft's own servers."
To appreciate the technology behind the hack, you'll have to trace the thread at: http://forum.doom9.org/showthread.php?t=114916
Last opinion, Microsoft can fix it but to claim someone stole the source code to execute the hack leads me to believe that some marketing person talked to the legal guys. The techies would not allege this given the explanation by viodentia.
September 26, 2006
The Real Hack On Voting Systems... Hacking The Voter Smart Card To Hack The Vote
No instructional here but consider the following scenarios.
A smart card resembles a credit card in size and shape, but inside it is completely different. First of all, it has an inside -- a normal credit card is a simple piece of plastic. The inside of a smart card usually contains an embedded microprocessor. The microprocessor is under a gold contact pad on one side of the card. Think of the microprocessor as replacing the usual magnetic stripe on a credit card or debit card.
Magnetic stripe technology remains in wide use in the United States except for voter smart cards that do not use the mag stripes. The stripe is really
not the best place to store sensitive information. A smart card
carries the intelligence.
The microprocessor on the smart card is usually there for security but it can carry any payload it is designed for.
The host computer and card reader actually "talk" to the
microprocessor. The microprocessor enforces access to the data on the
card. If the host computer read and wrote the smart card's random
access memory, it would be no different than a diskette or thumbdrive.
Smarts cards may have up to 8 KB of RAM, 346 kilobytes of ROM,
256 kilobytes of programmable ROM, and a 16-bit microprocessor. The
smart card uses a serial interface and receives its power from external
sources like a card reader. The processor uses a limited instruction
set but can be configured to do any application.
The demonstration that Ed Felton and company from Princeton University demonstrate that given access to a machine which thousands of electoral volunteers do during the election season that it is trivial to hack the code in a machine.
The fact is if you have the intent, time, motive and skill... one can hack anything.
Reverse engineering is trivial if you are an accomplished software engineer. Check this out: http://www.acm.uiuc.edu/sigmil/RevEng/
and http://en.wikipedia.org/wiki/Reverse-engineer.
If you can hack the machine and are able to introduce a polymorphic and self-deleting virus such as the one demonstrated by the Princeton team, you can also hack it to allow the voting machine to "accept" specially configured smart cards to do whatever you want the darn machine to do. It could have special executables. It could force buffer overflows a favorite fault injection technique. Bottom line is you can do a lot with a 256K capable microprocessor.
By the way, most of the voting machine companies would never be able to detect specially constructed viruses because there is no such thing as virus protection for the operating systems that these machines use. If Windows XP could be hacked by some Bulgarian teenager, what would the possibilities be for a desperate politician or political party? Perhaps even a construction company that would benefit from a multi-billion dollar bond measure?
This would give new meaning to technical hacking and social engineering... imagine hacking a country, state or bond measure.
If the voting machine companies want to prove me wrong, then they should open their source code for public inspection.
I dare the voting machine companies to expose their software to prove they are secure.
BTW, here's a list of tools that can be useful for reverse engineering code.
http://kastanie.informatik.tu-cottbus.de/crocodile.htm dead link! http://www.gedanken.demon.co.uk/cxref/ http://www.iro.umontreal.ca/labs/gelo/datrix/ http://www.tzi.de/~davinci/ http://www.cse.unsw.edu.au/~drt/ http://www.mks.com/upspring.shtml http://esche.fzi.de/PROSTextern/software/goose/index.html http://www.research.att.com/sw/tools/graphviz/ http://www-pr.informatik.uni-tuebingen.de/Forschung/GraVis/welcome.html http://www.headwaysoft.com/ http://www.datarescue.com/idabase/ http://www.imagix.com http://case.ispras.ru/insight/index.html http://sdt.cern.ch/Insure/ http://introspector.sf.net http://infotectonica.com/juliet/ http://www.klocwork.com/ http://sdt.cern.ch/Logiscope/ http://swag.uwaterloo.ca/pbs/ http://stout.levtech.com/ http://www.refactorit.com/ http://www.rigi.csc.uvic.ca/ http://shrimp.cs.uvic.ca/ http://www.windriver.com/products/html/sniff.html http://n.ethz.ch/student/adammo/ProBrowser.htm http://www.alajava.com/aubjex/products.htm http://intland.com/html/__source_explorer.html http://www.sourcedyn.com/ http://sources.redhat.com/sourcenav/ http://oimanager.de/sn.htm (Internet Extensions) http://www.iro.umontreal.ca/labs/gelo/spool/ http://www.aonix.com/content/products/stp/stp.html http://www.lexientcorp.com http://www.cc.gatech.edu/aristotle/Tools/tarantula/ http://www.thesmallworlds.com/ http://www.site.uottawa.ca/~tcl/kbre/ http://www.togethersoft.com http://www.scitools.com/ucpp.html http://www.csr.uvic.ca/chisel/collab/reports/VIBRO/Report.html http://www.powersoftware.com/vz/ http://www.research.att.com/areas/stat/xgobi/ |
September 24, 2006
September 20, 2006
September 19, 2006
I Just Read The Declaration Of Independence
It's almost eerie to read the Delaration of Independence. I have highlighted the passages that gave me pause. I hope that if you read this, you will pause to reflect on our times.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
IN CONGRESS, JULY 4, 1776.
THE UNANIMOUS
DECLARATION
OF THE
THIRTEEN UNITED STATES OF AMERICA.
WHEN, in the Course of human Events, it becomes necessary for one People to dissolve the Political Bands which have connected them with another, and to assume, among the Powers of the Earth, the separate and equal Station to which the Laws of Nature and of Nature's GOD entitle them, a decent Respect to the Opinions of Mankind requires that they should declare the Causes which impel them to the Separation.
We hold these Truths to be self-evident, that all Men are created equal, that they are endowed, by their CREATOR, with certain unalienable Rights, that among these are Life, Liberty, and the Pursuit of Happiness.--That to secure these Rights, Governments are instituted among Men, deriving their just Powers from the Consent of the Governed, that whenever any Form of Government becomes destructive of these Ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its Foundation on such Principles, and organizing its Powers in such Form, as to them shall seem most likely to effect their Safety and Happiness. Prudence, indeed, will dictate, that Governments long established, should not be changed for light and transient Causes; and accordingly all Experience hath shewn, that Mankind are more disposed to suffer, while Evils are sufferable, than to right themselves by abolishing the Forms to which they are accustomed. But when a long Train of Abuses and Usurpations, pursuing invariably the same Object, evinces a Design to reduce them under absolute Despotism, it is their Right, it is their Duty, to throw off such Government, and to provide new Guards for their future Security. Such has been the patient Sufferance of these Colonies; and such is now the Necessity which constrains them to alter their former Systems of Government. The History of the present King of Great-Britain is a History of repeated Injuries and Usurpations, all having in direct Object the Establishment of an absolute Tyranny over these States. To prove this, let Facts be submitted to a candid World.
HE has refused his Assent to Laws, the most wholesome and necessary for the public Good.
HE has forbidden his Governors to pass Laws of immediate and pressing Importance, unless suspended in their Operation till his Assent should be obtained; and when so suspended, he has utterly neglected to attend to them.
HE has refused to pass other Laws for the Accommodation of large Districts of People, unless those People would relinquish the Right of Representation in the Legislature, a Right inestimable to them, and formidable to Tyranny only.
HE has called together Legislative Bodies at Places unusual, uncomfortable, and distant from the Depository of their public Records, for the sole Purpose of fatiguing them into Compliance with his Measures.
HE has dissolved Representative Houses repeatedly, for opposing with manly Firmness his Invasions on the Rights of the People.
HE has refused for a long Time, after such Dissolutions, to cause others to be elected; whereby the Legislative Powers, incapable of Annihilation, have returned to the People at large for their exercise; the State remaining, in the mean Time, exposed to all the Dangers of Invasion from without, and Convulsions within.
HE has endeavoured to prevent the Population of these States; for that Purpose obstructing the Laws for Naturalization of Foreigners; refusing to pass others to encourage their Migrations hither, and raising the Conditions of new Appropriations of Lands.
HE has obstructed the Administration of Justice, by refusing his Assent to Laws for establishing Judiciary Powers.
HE has made Judges dependent on his Will alone, for the Tenure of their Offices, and the Amount and Payment of their Salaries.
HE has erected a Multitude of new Offices, and sent hither Swarms of Officers to harrass our People, and eat out their Substance.
HE has kept among us, in Times of Peace, Standing Armies, without the Consent of our Legislatures.
HE has affected to render the Military independent of and superior to the Civil Power.
HE has combined with others to subject us to a Jurisdiction foreign to our Constitution, and unacknowledged by our Laws; giving his Assent to their Acts of pretended Legislation:
FOR quartering large Bodies of Armed Troops among us:
FOR protecting them, by a mock Trial, from Punishment for any Murders which they should commit on the Inhabitants of these States:
FOR cutting off our Trade with all Parts of the World:
FOR imposing Taxes on us without our Consent:
FOR depriving us, in many Cases, of the Benefits of Trial by Jury:
FOR transporting us beyond Seas to be tried for pretended Offences:
FOR abolishing the free System of English Laws in a neighbouring Province, establishing therein an arbitrary Government, and enlarging its Boundaries, so as to render it at once an Example and fit Instrument for introducing the same absolute Rule into these Colonies:
FOR taking away our Charters, abolishing our most valuable Laws, and altering fundamentally the Forms of our Governments:
FOR suspending our own Legislatures, and declaring themselves invested with Power to legislate for us in all Cases whatsoever.
HE has abdicated Government here, by declaring us out of his Protection, and waging War against us.
HE has plundered our Seas, ravaged our Coasts, burnt our Towns, and destroyed the Lives of our People.
HE is, at this Time, transporting large Armies of foreign Mercenaries to complete the Works of Death, Desolation, and Tyranny, already begun with Circumstances of Cruelty and Perfidy, scarcely paralleled in the most barbarous Ages, and totally unworthy the Head of a civilized Nation.
HE has constrained our Fellow-Citizens, taken Captive on the high Seas, to bear Arms against their Country, to become the Executioners of their Friends and Brethren, or to fall themselves by their Hands.
HE has excited domestic Insurrections amongst us, and has endeavoured to bring on the Inhabitants of our Frontiers, the merciless Indian Savages, whose known Rule of Warfare, is an undistinguished Destruction, of all Ages, Sexes, and Conditions.
IN every Stage of these Oppressions we have Petitioned for Redress in the most humble Terms: Our repeated Petitions have been answered only by repeated Injury. A Prince, whose Character is thus marked by every Act which may define a Tyrant, is unfit to be the Ruler of a free People.
NOR have we been wanting in Attentions to our British Brethren. We have warned them, from Time to Time, of Attempts by their Legislature to extend an unwarrantable Jurisdiction over us. We have reminded them of the Circumstances of our Emigration and Settlement here. We have appealed to their native Justice and Magnanimity, and we have conjured them by the Ties of our common Kindred to disavow these Usurpations, which would inevitably interrupt our Connexions and Correspondence. They too have been deaf to the Voice of Justice and of Consanguinity. We must, therefore, acquiesce in the Necessity, which denounces our Separation, and hold them, as we hold the Rest of Mankind, Enemies in War, in Peace Friends.
WE, therefore, the Representatives of the UNITED STATES OF AMERICA, in GENERAL CONGRESS Assembled, appealing to the Supreme Judge of the World for the Rectitude of our Intentions, do, in the Name, and by Authority of the good People of these Colonies, solemnly Publish and Declare, That these United Colonies are, and of Right ought to be, FREE AND INDEPENDENT STATES; that they are absolved from all Allegiance to the British Crown, and that all political Connexion between them and the State of Great-Britain, is, and ought to be, totally dissolved; and that as FREE AND INDEPENDENT STATES, they have full Power to levy War, conclude Peace, contract Alliances, establish Commerce, and to do all other Acts and Things which INDEPENDENT STATES may of Right do. And for the Support of this Declaration, with a firm Reliance on the Protection of DIVINE PROVIDENCE, we mutually pledge to each other our Lives, our Fortunes, and our sacred Honour.
John Hancock.
GEORGIA, Button Gwinnett, Lyman Hall, Geo. Walton.
NORTH-CAROLINA, Wm. Hooper, Joseph Hewes, John Penn.
SOUTH-CAROLINA, Edward Rutledge, Thos Heyward, junr. Thomas Lynch, junr. Arthur Middleton.
MARYLAND, Samuel Chase, Wm. Paca, Thos. Stone, Charles Carroll, of Carrollton.
VIRGINIA, George Wythe, Richard Henry Lee, Ths. Jefferson, Benja. Harrison, Thos. Nelson, jr. Francis Lightfoot Lee, Carter Braxton.
PENNSYLVANIA, Robt. Morris, Benjamin Rush, Benja. Franklin, John Morton, Geo. Clymer, Jas. Smith, Geo. Taylor, James Wilson, Geo. Ross.
DELAWARE, Caesar Rodney, Geo. Read.
NEW-YORK, Wm. Floyd, Phil. Livingston, Frank Lewis, Lewis Morris.
NEW-JERSEY, Richd. Stockton, Jno. Witherspoon, Fras. Hopkinson, John Hart, Abra. Clark.
NEW-HAMPSHIRE, Josiah Bartlett, Wm. Whipple, Matthew Thornton.
MASSACHUSETTS-BAY, Saml. Adams, John Adams, Robt. Treat Paine, Elbridge Gerry.
RHODE-ISLAND AND PROVIDENCE, &c. Step. Hopkins, William Ellery.
CONNECTICUT, Roger Sherman, Saml. Huntington, Wm. Williams, Oliver Wolcott.
IN CONGRESS, JANUARY 18, 1777.
ORDERED,
THAT an authenticated Copy of the DECLARATION OF
INDEPENDENCY, with the Names of the MEMBERS of CONGRESS, subscribing
the same, be sent to each of the UNITED STATES, and that they be
desired to have the same put on RECORD.
By Order of CONGRESS,
JOHN HANCOCK, President.
BALTIMORE, in MARYLAND: Printed by MARY KATHARINE GODDARD.
Outsourcing To Hell
Outsourcing is best described as the race to the bottom line. Most if not all of the Fortune 1000 have outsourced or are contemplating the transfer of many business functions to countries outside the United States. It is big business. The largest US companies, IBM, EDS, Accenture as well as emerging global players such as Infosys, Tata and Wipro are all in the game. Everything from call centers, medical transcription services to programming of critical software is being sent overseas to deliver incredible cost savings to corporations, public and private, large and small.
It is difficult not to listen to the siren song of outsourcing. Promises of up to 80% cost savings on a company’s non-core activities are just too hard to ignore. Several factors come into play - global competition, a near maniacal push towards optimum performance characterized by cost savings and efficiency and the demand for greater growth and profits all play into the hands of companies who promise incredible cost savings to America’s corporations. Unfortunately the push to higher profits and greater savings and cost efficiencies often come with greatly magnified risks.
Even the most American of companies cannot ignore the trend. “If we don’t do it, we will be killed on prices by our competition” carps one giant consulting company executive. Unabashed free traders likewise add fuel to the fire by arguing that in a global economy with borders blurred by the Internet, the outsourcing trend is an inevitable consequence of progress.
Maybe so.
In a world transformed by global terrorism, it is clear that uncontrolled, unabashed and unregulated move to outsourcing plays into the hands of those who see the current world order as fundamentally wrong and immoral. Unlike the movement of industries like Nike shoes from Portland and Levis jeans from San Francisco to China and the Philippines, the outsourcing of information processing intensive industries will inevitably bite and mangle the hands that feed it.
It is one thing to stamp automobile body parts in Korea, assemble bicycles in Taiwan or manufacture t-shirts from Ecuador and bring them back to the world’s largest market, the United States. It is a wholly different dynamic and a far more gruesome scenario when we send deeply personal and private health care, personal and corporate financial information to Bangalore, Kiev, Hyderabad, Shanghai or Islamabad. It is even more frightening that many critical system and application software and imbedded systems are being coded in countries by people who may not have the sophistication to write secure code or conversely, even worse have the evil knack and skill to create backdoors and Trojans that very few can find.
We struggled through our own complex legislative and political processes to create and pass landmark legislation such as HIPAA, Gramm-Bliley-Leach and Sarbanes-Oaxley yet we send the most precious bulk, not just pieces of information, to the most politically unstable and volatile regions of the world that are all rife with economic disparities that best described as worlds of mass poverty. One wonders about the wisdom of sending terabytes of information into places like India and Pakistan, who have gone to war over patches of wastelands, have nuclear warheads pointed at each other, fundamentally have hated each other for hundreds of years and where religious zealots of all sects are as prolific as dirt.
Further the countries that are the largest beneficiaries of the global outsourcing trend have lax laws and non-existent enforcement against those who may use the information for ill gain. What effect or deterrent does the US computer crime statutes have on a foreign call center agent making $90 a week (…or a month in some places)? There are hundreds of thousands of these folks who can harvest your full personal profile including your social security number and latest bout with genital herpes.
Imagine selling the information for $1 a name to someone’s distant third cousin (…and unabashed identity thief) in some US city (…or Europe) who can pick up the information from a computer system in a Kinkos or public library. When you have hundreds of thousands of platinum cardholder names with complete information, $100 a month becomes tip money. Shredding your mail and guarding your mailbox to guard against identity theft becomes a “why-bother?” issue.
With Internet banking showing no signs of slowing down it is not only possible to move monies out of unsuspecting accounts in seconds but also very easily turn it into untraceable yet highly negotiable assets such as precious metals, diamonds or RAM chips. Money laundering used to be the trade of corrupt bankers and financial wizards. Today it takes an Internet connection, greed or disdain for what the free world stands for to transfer huge amounts of money to unsavory people and uses.
An even more deadly and evil scenario is possible when all this information is accessible to those who consider the United States the great Satan. With the advances in laser color printing, holographic reproductions, smart chips and RFID (radio frequency identification chips) being globally available, it may be possible to steal identities without ever setting foot in the United States. These advances are greatly magnified by some grave technological shortcomings like the inability to trace cell phone calls in a globally connected telecom world. Almost anywhere in Europe and Asia, you can buy fully charged cellular phone GSM SIM cards from street hawkers that work perfectly well in the US. Even in the US, our “advanced wireless networks” cannot trace a 911 call to respond to emergencies. We can only tremble in disgust and fear on what is possible.
Consider that an act of stealing a “little information” (or a lot) from any system has been trivialized by progress in storage technology and the Internet. USB (universal serial bus) and Firewire ports make copying gigabytes of information child’s play into small handy hard drives or flash memory devices. Most of these overseas customer contact and support centers that handle the millions of inquiries by the John and Jane Does of Cedar Rapids, Iowa have computers that are connected to the internet and make the transfer of bits of information or even whole files and directories an inconsequential matter. Add a little sophisticated computer memory cache management and the act is 100% undetectable even by the spooks at the National Security Agency.
Publicly and globally available peer-to-peer file transfer and computing capabilities have already demonstrated both the great benefits and unmitigated information anarchy that is possible. Global peer-to-peer and/or grid computing systems are being used to crack genomic sequences at costs and speeds that could not even be imagined 20 years ago. On the other side, peer-to-peer software has decimated the economics of the moribund music and recording industry forcing it to turn to litigation and abuse of the subpoena process to attempt to intimidate 12-year olds from downloading the latest Eminem song. The crux of the matter is clear --- It is not getting harder to steal information; it is becoming so trifling and easy that it has lost the edge of danger, illegality and ethics. The proverbial genie is out of the bottle.
Free traders and efficiency wonks see no difference between a cashmere sweater or a can opener and the health records or financial information of a housewife, US senator or corporate executive. Very little retrospect points to a trend that is patently dangerous to the national security and interest of the United States and the civilized world in general. A Bush administration official pronounced on television recently, “…We have to be right all of the time. Our enemies only have to be right once”.
There are has always been the notion of “do-the-right-thing”. The right thing to do is to regulate the transfer of information systems and data overseas. Even after the cold war, we still do not freely transfer the knowledge needed to create weapons of mass destruction to China or Russia. Why do we transfer potentially millions of terabytes of critical personal, financial and corporate information overseas? Why do we send critical system, application and imbedded software to be coded in programming sweatshops without systems or processes to positively assure us of their security?
Surely we will all migrate to a true global economy. We are at the crucible of economic history and our fate will be determined by the wisdom of decisions we and our leaders make. Globalization is not only possible, it is here and will continue to happen. But the pace of globalization should not be driven by the bottom line. We have the ability to make decisions to either dangerously speed up the pace or proceed with prudence and caution. It should be done when we are ready and assured that social, political, economic and security concerns have been fully addressed by all parties involved.
Being the one to say, “I told you so!” or “Didn’t I warn you?” means nothing to those of us who collectively see the writing on the wall. Defenders of the information outsourcing trend are not driven by strategic intent to defend the United States or the civilized world as whole. They are motivated by selfish intentions to be messiahs of the bottom line and slaves to the quarterly reports. All they care about is winning the race to the bottom.
As far as I am concerned, they can go straight to hell.
September 18, 2006
September 14, 2006
September 13, 2006
September 12, 2006
Yesterday Ohio, Today Maryland... Midterms On November... Go Diebold!!!
Ohio is not enough. Gotta do Maryland too! Oh shucks... It's not even a swing state.
Excuse my sick wry humor today as our country is once again victimized by shoddy technology. Do we want this in November 2006? Or November 2008? Whether you are a Republican or Democrat, you can't think this is good for our democracy.
http://www.washingtonpost.com/wp-dyn/content/article/2006/09/12/AR2006091200535.html
2004 was not enough?
Buy this book and read about it:
If you're following Ohio... check these out:
Download report_on_diebold_voting_machine_fiasco_triggers_dem_outrage1.pdf
Finally a great article from the Cleveland Plain Dealer:
-------cut here---------
How do you do a recount without a printout?
Some election printers left no backup data
Monday, September 11, 2006
Joan Mazzolini
Plain Dealer Reporter
Paper printouts in Cuyahoga County's election machines are supposed to be backup records if someone disputes vote tallies on the electronic memory cards.
But what happens in a recount if the printer malfunctions or - as happened last May - election workers load paper incorrectly, leaving machines without a paper record?
The Ohio secretary of state's office says the solution is to print out the vote tallies from the memory cards to create a new paper record.
That solution robs voters of an independent backup record - a paper printout from a memory card is guaranteed to match what's on the memory card.
"Aren't you defeating the purpose of the paper trail?" Bob Bennett, chairman of the Cuyahoga County Board of Elections, wondered during a recent meeting.
The secretary of state's office is not happy about the solution, but spokesman James Lee said it's the best option available after poll workers fumbled so badly in operating the machines in the spring primary election.
"Once that occurs you have to look at the facts. . . . and the evidence as it exists," Lee said. "That's what you're seeing here . . . the election officials attempting to make the best out of a bad situation."
So on May 26, as Cuyahoga County elections officials grappled with how to conduct a recount in an election where the paper record was flawed, Judy Grady, the director of elections at the secretary of state's office said in an e-mail they should reproduce the paper record from the memory card.
Reproducing the paper record seems to conflict with Ohio law, which requires a "voter verified paper audit trail" in electronic voting machines, according to the Cuyahoga County prosecutor's office.
"The law clearly directs that for recounts, the paper trail is the official ballot of votes cast on electronic voting machines," said David Lambert, head of the civil division for the county prosecutor's office.
"While the secretary of state has broad authority to issue advice and directives to county board of elections, that authority does not include giving advice that runs contrary to the statute."
The elections board has asked the secretary of state to formalize the re-creation policy in a directive.
Lambert said Ohio's administrative code mentions the issue of the paper trail being lost or destroyed, but "it doesn't tell you what to do in those cases."
Cleveland teacher Bill Ritter does not like what the county did in his case. He ran for the 14th Ohio House District against Mike Foley, executive director of the Cleveland Tenants Organization, and was declared the winner in the unofficial count.
But after the official count, Foley was declared the winner. Ritter requested a recount, which showed him losing by 176 votes. But that recount involved some machines with missing or damaged printouts.
"They opened canisters and there was no paper inside," Ritter said.
The Board of Elections generated new printouts from memory cards. Ritter said workers had problems re-creating the paper trail, with some printouts remade more than once.
"There's no way that they know what the votes really were," Ritter said.
-----cut here----------
Oh well...
September 10, 2006
August 24, 2006
Dream 2008 Presidential Ticket: Jon Stewart / Stephen Colbert 2008
Joe Lieberman lost his party's nomination so he decided to start his own political party. Heck, I guess I can start my party and draft my version of a dream presidential and vice-presidential ticket.
I am tired of the regular news media especially on television with the right-wing Faux News, and limp MSNBC and CNN all sounding alike. Frankly, if you're smart enough there are only two "news" shows that accurately report and comment on US and global current events: The Daily Show and The Colbert Report. If you haven't seen the shows, check them out. The two shows are worth the cost of cable or satellite TV.
So I am starting a Draft Jon Stewart and Stephen Colbert movement. We'll start by asking people to buy this uber-cool shirt. We'll then start a blog or web site to initiate a letter writing campaign to convince Jon Stewart and Stephen Colbert to give up their day jobs and run for President and Vice-President in 2008.
I know I am on to something if this online poll is is an indication of the popular will. If you support this, please vote on the survey. It's better than the Iowa caucus.
What do you think?
Ohio Elections, Diebold, The Apologists Who Run Them and the Death of Democracy
Ohio voting officials hired the Election Science Institute to investigate the elections that were just held in Cuyahoga County. So ESI brings in researchers and scientists to check the results out and guess what happened? I will let the reports speak for themselves.
Democracy is in danger my friends... once again. This time, democracy's demise might be fatal. If you care, download and distribute these documents to as many folks as you can.
Here is an article from the Columbus Dispatch. Notice how Ken "Uncle Tom" Blackwell responds to the findings. I heard a rumor when Blackwell looses his run for Ohio governor, he will be joining Diebold as a board member or paid consultant.
Download the_columbus_dispatch.pdf
The BradBlog has been following electoral issues for a long time. Here is his blog's take on the ESI work.
Download cuyahoga_county_oh_officials_attack_their_contractor.pdf
Here are ESI's reports that were presented to Cuyahoga County officials... unredacted of course.
Download esi_memorandum_to_ohio_election_officials_with_attachment.pdf
Finally, here is an analysis by the electoral activist community.
If you're not scared, read John Fund's book.
Pass it on.
If you care a bit to support those who work hard to get people to the polls, please buy these awesome shirts.
August 23, 2006
DRM & Digital Audio Watermarks Do Not Stop Dishonest & Bad People
After attending the Bandwidth Conference, my eyes opened wide to the many challenges the music industry faces from multiple dimensions. 
I am going to begin writing about my thoughts and observations and maybe elicit some honest debate.
Here's the start...
So it's LimeWire next... The RIAA has just sued LimeWire for copyright infringement much like lawsuits against Napster and Grokster.
LimeWire is proposing to do audio/digital fingerprinting (sometimes called a digital watermark) as their DRM methodology. I guess this technology is the lesser of all evils compared to platform limiting Apple or Microsoft DRM schemes. My opposition to this DRM method is based on practical experience having personally designed such a system in 1998. It is prone to abuse particularly in these times when governments around the world routinely use terrorism as justification to infringe on privacy and civil liberties. Think of Sony's rootkit debacle magnified a million fold. Digital watermarking/fingerprinting is a very bad idea that takes us closer to Orwell.
I have nothing against DRM per se except it reminds me of Linus' blanket. DRM does little to stop the bad guys who will continuously steal music and video without regard to intellectual property and copyright law. Last weekend in the Alameda flea market, there were several folks selling the latest CDs for pennies on the dollar. I doubt they observed intellectual property laws.
DRM does not make honest folks more honest. It just restricts the fair use rights of honest music fans.
DRM also has very negative effect on the music ecosystem. While you can argue there are many DRM schemes, the practical reality is there is only one: Apple's DRM which creates a monopolistic ecosystem wherein the prices are set by Apple. All the labels including Sony, EMI, Universal and Warner are held hostage by Apple.
There is no other way to describe the situation. The price lock that Apple wields has detrimental trickle down effects on other music retailers, distributors, labels and artists. The price is artificial and does not allow market forces to set the economic watermarks. I am not against any form of music but it seems clear to me that John Legend's latest album might fetch more than .99 cents versus some religious chant by right-wing wannabe rockers. There is no way to do this in the current monopolistic environment.
Even more economically devastating is the backward DRM'ed subscription model that other digital music retailers use. They claim it's great for consumers. What about the artists do work hard only to get 0.0003 cents per subscribed track? Session players, publishers and other music ecosystem participants all have to share the pittance.
I was once a corporate strategist so rants (...even my own) don't impress me. In a few weeks, I will publish a practical business roadmap to eliminate DRM in a "Capitalism Done Right" framework.
August 21, 2006
Only non-DRM MP3 PlaysForSure
Elliot Buskirk from Wired News wrote a commentary on Zune and Microsoft's Play For Sure DRM scheme.
Elliot had great insights but he missed a fundamental observation that non-DRMed MP3 format music plays across all MP3 player platforms including iPods, SanDisk's Sensa players and virtually all digital music hardware platforms. In addition, all mobile phones in the next 18 months will have MP3 capabilities as a standard feature.
I suspect that hardware vendors were enticed by Microsoft with coop advertising dollars plus the promise of technology support for subscriptions and other marketing schemes. It is still hard to understand why many hardware companies fell for Microsoft's DRM promises only to find themselves being abandoned to the ash bin of broken and obsolete technologies.
On the idea of a SanDisk-type hardware manufacturer buying a Napster ~ That's like taking a sledge hammer and hitting your own head. Why would a smart person buy a package that leads them to a technological dead end? It's like buying a Microsoft Windows 3.1 and WordPerfect for your nifty little dual core laptop.
On the other hand, there is such a thing as masochism and maybe the digital music hardware companies are fans of this business lifestyle. I hope not.
After two days at the Music and Technology Bandwidth Conference, I am even more convinced that record labels will abandon DRM sooner rather than later. Labels have already seen the bad results of allowing one company to dominate the market, taking away all pricing power from both the labels and the buying public. 
On a whole other rant, Music Gremlin just released what could possibly be the ugliest MP3 player on the market.
The business model seems to be a subscription system which is oppressive to labels, distributors and artists alike. Artists suffer in the digital market with the minuscule take from subscription-based services.
Another thing, whoever did the branding for this ugly beast must be hoping that no one remembers one of the world's ugliest car: the dreaded ugly AMC Gremlin or the dumb 1984 movie: Gremlins. My theory is that the AMC Gremlin was singularly responsible for the collapse of the American auto industry. I hope the Music Gremlin folks did not pay anyone to name this product.
Capitalism Done Right applies to all. We're going to unleash a GoodStorm on the digital music scene.
Stay tuned.
This Is One Hot MP3 Player - Sansa™ e280 MP3 Player 8GB
This is one hot MP3 player, emphasis on MP3 player! I love the features...
- 8GB Flash MP3 player, the largest capacity in the market
- Sleek, thin design with large 1.8” TFT color screen for easy viewing
- Strong alloy metal back casing provides excellent durability and scratch resistance
- Simple to use, backlit controls for fast device interface navigation
- User replaceable and rechargeable Lithium Ion battery for up to 20 hours of battery life
- Includes the Sansa Media Converter to support all picture and video formats
- Features microSD™ expansion slot for additional memory capacity
- Digital FM tuner, on-the-fly FM recording, and voice recording
I can load up a bunch of GoodStorm no-DRM MP3 music on this puppy.
But there has been talk in the blogosphere that sound quality is not to par with the iPod nano. That said, I will buy one as soon as it's available and do a side by side test. I'll be using an scope and also do a blind listening test.
FDA and Bush Trump Science Again On Plan B
Today George Bush has decided to trump science again in favor of the right wing religious zealots who keep saying that Plan B causes abortions. Read the Washington Post article and clearly you'll find that even the media thinks this medical and science issue has turned into another crusade for the ultra-right wing of the Republican Party.
The zealots are equating the Plan B to RU-486! Are these zealots mad? I can understand anti-abortion radicals going against RU-486 but Plan B is not the same. The science is different, the chemistry is not the same and Plan B does not even remotely come close to affecting a fertilized egg. Plan B prevents the fertilization of an egg.
Send email to the White House, congresspeople and senators and ask them to tell the FDA to approve Plan B as an over-the-counter drug and support BitchPhD's campaign to get the drug approved as an over-the-counter item not an across-the-counter drug.
This campaign is critically important because the FDA will come up with a final ruling in the next few weeks.
Other bloggers who support this campaign include:
Go ahead and go to the Bitch PhD's GoodStorm store and buy BitchPhD's Plan B shirt!
Here's my favorite design.
Also if you're woman who needs emergency contraception, go to the Emergency Contraception Website.
Plan B is better than being sorry for a pregnancy you do not want.
Science over politics!!!
August 19, 2006
August 17, 2006
Lost Girls By Alan Moore and Melinda Gebbie
OK this is just not a book. This is the most awesome, truly collectible Alan Moore & Melinda Gebbie book. If you don't know Alan Moore, he is the author of V for Vendetta. I collect his works as they are not only good fiction reads but also has beautiful illustrations. This is not a children's book. This is for adults only and is risque. You can reserve your copy here right now on my blog. It will ship to you when it is released.
I believe I can get a bump up in allocation if I get enough orders. As usual, GoodStorm will not charge your credit card until it ships. We will however get pre-authorization on your card.
Ok, here's a little more background on "Lost Girls". This has been 16 years in development, the complete LOST GIRLS by Alan Moore and Melinda Gebbie has finally shipped to the printer, and will be hitting stores in August!
This will be the most expensive book Top Shelf has ever published, with the first printing costing almost $200K. Why so expensive? Because Lost Girls will be published as three, 112-page, super-deluxe, oversized (9" x 12") clothbound hardcover volumes, each wrapped in a beautiful dust jacket, with all three volumes sealed and shrink-wrapped in a gorgeous slipcase. The entire epic published -- all at once -- as an art object for the ages.
And to help raise the money to pay for this print run, we've decided to offer a Signed & Numbered edition, limited to 500 copies, that will be autographed by both Alan Moore and Melinda Gebbie. This is a Top Shelf website exclusive, and the money raised through this advance sale will allow Alan Moore to finance the project.
Advance orders of this special edition will ship out as soon as they arrive from the printer. But please note that this special edition will likely sell out before the summer release date, and quite possibly within days of this announcement, so pre-ordering is highly recommended.
To see what the slipcase and volumes will look like, click on either edition below and then click on PREVIEW.
If you want the signed copy go to LOST GIRLS (Signed & Numbered Edition, limited to 500 copies) http://www.topshelfcomix.com/catalog.php?type=12&title=479
-- $150.00 (US) + Shipping, FOR ADULTS ONLY, A Web Exclusive
I will not have the signed and numbered edition. I will only have regular edition. There are no discounts for this book.
August 16, 2006
August 13, 2006
August 08, 2006
August 06, 2006
August 03, 2006
July 28, 2006
July 25, 2006
July 21, 2006
July 20, 2006
GoodStorm Sail Around The Bay
- GoodStorm takes an afternoon off with the Board Of Directors to sail San Francisco Bay.
Recent Posts
- St. Vincent
- Hard Work Pays Off - Instant Karma Makes # 15 On Billboard
- Get the Instant Karma Mixtape
- Amnesty International GoodStorm MixTape Music Players
- Music meets politics in Darfur campaign - CNET News.com
- Lunch With A Hero... Rigoberta Menchú
- Initial Views On GoodStorm's MixTape
- San Francisco Chronicle Podcast
- In Memory Of Virginia Tech People
- Crowdsourcing the Good
July 2007
Photo Albums
Sites, Things & People That Matter
- SPIN Magazine
Great on-line and off-line music magazine. - Bitch PhD
- Bryght
The best Drupal developers in the planet. - MusicBrainz
MusicBrainz is a community music metadatabase that attempts to create a comprehensive music information site. - Linux On Your Ipod
- Marc Sheff's Blog
- German Shepherd Rescue of Northern California
- Jerry McNerney
- RockBox.Org
- Chris Gregoire
- Janet Napolitano
Recent Comments