Sunday, May 29, 2011

"Password Reuse"

I always think of this xkcd comic when the issue of personal privacy/information on the net is brought up.

Saturday, May 28, 2011

Hacking and Hacktivisim: For Advances in Technology and Society

"For hackers, technology is a playground." As Douglas Thomas explains in "Hacking As the Performance of Technology", there is a culture of people around which the use and management of technology is central. These are hackers; programming and and play become one and the same with the right knowledge of technology, computers, programming, etc.

There is an expectation that computers/machines be user friendly. But, this is subjective and relative. To whom are they user friendly? And who makes them to be that way? The user-computer interaction is a framework based on trends, expectations, programming, and the art of usability and interfacing. So, as computers are improved on, programmed more skillfully, and with higher data storage capacities, they are more trusted. Computers are a central component in most infrastructures, including those that are for the management of secure data. Their automation makes them ideal for use of managing massive data loads and speedy algorithmic computation.

So, what makes a computer behave? Well, their programs/programmers do. And the systems and interfaces people get used to get built into some kind of societal expectation. But... that doesn't mean its secure, does it? More code might be hard to break through, but that means more space for holes. It's a vast misconception; I recall watching TechTV (now G4) in 2006 and hearing reports that the Xbox 360 is "un-hackable". Well, that's nice and all, but 5 years later it's been hacked.

What does this mean exactly? It's been exploited; worked around. Computers are universal machines. Using math and logic, interfaces, and the right machinery, computation can be used to emulate or synthesized pretty much any other process or function. But computers are programmed for dedicated purposes, restricted access, and in the case of an Xbox 360, they're to play games and not play pirated games. And yet, mod chips (hardware add-ons for access changes and firmware patches) came about anyway. Heightened defenses may work, but they're not fool proof. Hackers know this. More code means more holes (a criticism I have for Microsoft's applications, stems from this problem).

So then, why hacking? Well, hacking stems beyond just the technologies and methods involved, and into the cultural purposes to which they're applied. There's an element of play and hobbyist fun. But the act of extending the use of a technology is an element too. There are those that like to create, and extending the capabilities of powerful technologies is a way to do this. An example is the OpenKinect project, allowing for the use of computer drivers for the personal computers to interface with the Xbox Kinect. The Kinect drivers/libraries could be tied into new applications that utilize the Kinect's motion detection capabilities. This was the fruit of a bounty put out by DIY/hobbyist electronics site Adafruit.com.

Then, there's hacktivism. Where hacker technique is used as a tool for activist agendas. Julian Assange (before he was THE Julian Assange, Wikileaks Founder) wrote a piece for leftist political online newsletter, Counterpunch in 2006. Assange recalls the potential first case of hacktivist activity, the "WANK worm", a software worm that made its way onto secure networks such as the Department of Energy, and NASA. 'WANK' = WORMS AGAINST NUCLEAR KILLERS. The worm would strike and change log-in screens to the prompt:
W O R M S A G A I N S T N U C L E A R K I L L E R S


_______________________________________________________________
\__ ____________ _____ ________ ____ ____ __
_____/
\ \ \ /\ / / / /\ \ | \ \ | | | | / / /
\ \ \ / \ / / / /__\ \ | |\ \ | | | |/ / /
\ \ \/ /\ \/ / / ______ \ | | \ \| | | |\ \ /
\_\ /__\ /____/ /______\ \____| |__\ | |____| |_\ \_/
\___________________________________________________/
\ /
\ Your System Has Been Officically WANKed /
\_____________________________________________/

You talk of times of peace for all, and then prepare for war.

During the cold war, nuclear fears and tensions flared between the US and the Soviet Union, and their respective allies. Australia was the site of US spy, warning, and nucelear submarine detection and communications bases, making it a nuclear target for the USSR (though Russia claimed it was not). In 1984, New Zealand declared itself a nuclear free territory, earning it scrutiny from the US as well as violations of the US's defense treaties and trade sanctions (among other subsequent issues). However, the WANK Worm source revealed that it had been designed to avoid New Zealand computers. The worm was applied specifically to machines implicated in the nuclear political issue.

Another example of hackers at work would be the recent breach on Sony and the PlayStation Network. Hackers were able to gain access to their PS3 systems, spoof developer systems, by which they got into the largely under protected PSN data. Account databases (containing usernames, passwords, emails, and most idiotically mothers' maiden names) were breached. A criticism was that said database was not encrypted as it could have (and should have) been. Even worse, the systems ran on slightly old software, something subpar for a large company like Sony. There's this idea of user access that Sony relied upon, because PS3 systems were secure. But one breach was all it took for a good sized privacy breach.

The result in this recent instance is clearly going to bring about an improvement in the PSN network structure and data format (if they're smart). But, this comes at an obvious cost to Sony. Sony reports an estimated $171 million in losses due to the hack (counting investments in improved security and projected future losses).

So, what is "bad" about hacking? The victimization or damage is all subjective. There is definitely a victimization arguable in most cases of typical hacking. But, that is a relative concept. Even in malicious attacks for personal gain, the counter-offense or strengthened defense means a greater technological power. Systems are upgraded and even if not hackable, they are more suitable and secure for their intended tasks. In good cases, benign hacks safety before things go bad. But not everyone is always so lucky. (Such as Sony now).

Julian Dibbell's article, "Viruses Are Good for You" argues the positive effects of malicious software. These intrusions or unexpected, exploitative uses of technology lead to a realization of the potential behind that technology. Part of the application of early viruses were for amateurs and academic to gauge the size of the internet and the scope of its users (just, without the permission of those users) with replicating worm programs. The replicating and evolving nature of malware has brought about a dedicated vast branch of computer business and research. It is with viruses and the internet that hackers and coders see potential for new forays in parallell computing. Sure, cloud computing is all the corporate rage now, but it came long after the spread of viruses that could grow, replicate, and share themselves over vast networks.

Dibbell writes: "It's hard to say which is really the more characteristically human trait - our drive toward complexity or our sometimes irrational fear of it." Perhaps it is stretch to delve into the nature of viruses and computer security from a software extent. But, I don't think so, as long as one considers the scientific/technological as well as social implications of hacking (and the importance of social circumstances). There are many ways, and reasons to make ones way into a computer and repurpose it or explore its potential. To quote Robert Morris, American former cryptographer and former NSA security specialist (whose son wrote the first internet worm): "The three golden rules to ensure computer security are: do not own a computer; do not power it on; and do not use it."


Friday, May 27, 2011

Open Source & Remix - Cultural Production vs Plagiarism

On the matter of remix, a video immediately comes to mind. About the popular breakbeat, The Amen Break:

For its simplicity, I really appreciate this piece. The video provides a good bit of insight for unsuspecting music fans, showing how the advent of the sampler led to the revival of one basic sample (the amen breakbeat), that trended its way through music to a level of complete saturation in modern music. As the video shows, the amen break exists so deeply within modern music that there's simply too much to hope to extract it from, and too much to competently take legal action against.

Admittedly, it wasn't until taking Understanding New Media that I associated remix and open source. Granted, I listen to a great deal of remix works, follow the debates on sampling and where the law makes it hard for artistic expression of DJ's (it hurts good hiphop and house music). I'm also a fan of open source (mostly, and typically in the software context). The connection makes a great deal of sense, I just didn't bother to tie them: shared assets that are compounded into better or new things. Art and music can be open to expansion and reinterpretation.

My favorite group is House music duo, Daft Punk, who reached expanded popularity from their album Discovery, which made use of MANY disco samples. Followed by groups like Trip Hop "band" Gorillaz, British DJ duos like Basement Jaxx, Orbital... There's a trend here. I appreciate some hiphop acts too, like the supergroup duo Madvillian, half of which (the DJ Madlib) openly samples illegally. Frankly, I think he has enough money to get away with it. And he's willing to face litigation for his art. It's good art.

I can understand the issue when artists want credit and compensation for their works. But there's an all too familiar greed component at play. They don't mind reusing other works, they just don't want theirs used. Because they, these supreme and original artists, are THE original big shots. That seems to be rational, anyway. As a result of this, and the court ruling that prohibits sampling of others' works, there is a faction of composers and artists who were early enough in the game that they made their success, and now have the monetary means to press on with sampling and recording. Now, it's hard for new artists who are boxed out. Unless of course you're Dangermouse and use the internet very wisely.

The video above makes an interesting assertion, regarding the early 1980's growth of Hip Hop (before many knew the potential of the genre's success): "During the 80s, when DJ's plundered old jazz and R&B records, looking for samples, hiphop in particular and electronic music in general were not the pop phenomenon and money makers we know them as today. There seemed to be a brief few sort of glory years, back then. When the novelty of sampling, and the rate at which it was being employed as a new technique, grew faster than the rate at which any sort of copyright bureaucracy could maintain the law."

In a short sighted vision, sole ownership is key for profitability. But there is such a thing as over-protection. Cultural creation comes from the inspiration or re-use of older concepts, compounded on one another. In computer programming, even where open source isn't concerned, the concept abstraction exists. Basically: don't reinvent the wheel. Use existing tools (if working well), and compound from there. The opening of content for opportunities to remix or retool content is of value to the general public. Better yet, it allows for an ability to profit off of open content by the potential to reapply said content in original applications. The strategy of creating content, guarding it, then suing anyone who uses the content is faulty and oppressive. Not just to individual artists but to the publica and culture at large.

Related readings:

Game Culture and Identity

The first formal videogame (ie graphical computer game) was "Spacewar!" And I think it's safe to say that next to no one identified with it, found much of a persona in the context of the game, or even really played the game. Those that did, however, played along with the simulation. They stared into a small terminal screen and allowed for the suspension of disbelief enough to pretend that they were piloting an spacecraft (or expected to be simulating as much anyway).

There is a forked development chain that brings us what we would today perceive as the modern videogame. Early games (from the 70s to early 80s) of the golden age of arcade games in the US saw games that were kind of simulations or continuous trials of sorts. Games like Galaga, Pacman, Pong. One simply played for their score. The player was, however, immersed in a virtual simulated reality, even if simplistic. Pong ≠ tennis. Pong's played on a television. But that player IS their paddle. One is able to extend their sense of self and movements into the flow of controls granted by the handheld controller.

The other side of this development chain took place in Japan. Chris Kohler of Wired Magazine's Game Life blog writes in his book Power Up: How the Japanese Gave Videogames a Second Life that Shigeru Miyamoto's Donkey Kong was the first game to have a cinematic flow to it. That is, the game had a clear beginning, middle, and end. If anything, these games employed a philosophy Miyamoto implies of creating games that are controlled environments with enough player-control to FEEL like the player is winning by originality.

But, backtracking, Sherry Turkle calls upon a different gaming path. RPG's (Role Playing Games). The tabletop originals like Dungeons & Dragons. While games like Donkey Kong and Mario certainly had an effect on RPG's (like the concepts of bosses and how story is structured in videogame counterparts), the games themselves are all about the social and character aspect. Players / friends get together to interact, play, and NOT be themselves. To an extent, anyway. This interaction is changed by computers and videogames. While some do still play tabletop style RPG's (like me, for instance, I play D&D), there is a new paradigm by which players can enact a persona with ease, and a seemingly original environment. Then, they can beat their game, move onto another, try out another persona.

Turkle points out that the computer is more than a task-accomplishing tool, but also a means of interaction and socializing, shaping our outlooks and inner-perspectives. Games are a big chunk of that process.

Personally, the Nintendo game Animal Crossing is probably my most arbitrary roleplaying vice (that I can recall). I can think of less justification for playing it than playing D&D. And yet, I'm an avid fan. My father teasingly asks if I'm playing "that game where you do nothing" as I (or my avatar anyway, complete with a semi-personalized face and clothing I've picked) scurries through my town (repeat: my town), fulfilling requests for my neighbors and shopping for my house. In words these just sound like... chores? But they're goals, challenges, in calm little world where my avatar takes pride in the layout of his house, the collection of videogames, and the town he lives in. There is an element of control that isn't my own, but a town that is. The town encompasses hobbies and amusing ways to pass the time. So, I think as long as Nintendo keeps releasing them (original games or not), I'll be buying them. And subsequently planting flowers.

Net Neutrailty: The debate that shouldn't be

In my own experience, the real issue with the net neutrality debate is the problem of it being deemed a debate in the first place. It comes off as some kind of awkward argument on behalf of common sense in the face of a greedy agenda. It's almost easily likened to the pre-abolition slavery debate: sure it's effective, gets (some) people what they need, but it pads the pockets of the privileged at the cost of natural rights of others (note: I said almost; slavery's worse than losing net neutrality). But, I digress. There's a problem with infrastructure (be it political, industry, telecom, and everyone else implicated). The success and profitability of a technology (the internet) is almost solely reliant upon the general pedestrian public. And yet, the public is oblivious to the issues surrounding their rights of use, access, and potential to gain a foothold later. Worse yet, it's the old issue of having phone and telecom companies grow and grow and eventually get out of control (it's happened before). Where is the room for a rival to Google or Yahoo if such a site can't serve up anything?

To stick to one problem, it is this idea of access and ranking. It's easy to speculate that the right telecom lobbyists are buddies with the right recording industry lobbyists. While I know ISP's save money by throttling someone's World of Warcraft connection, they'll get more out of dumbing down file sharing (which "helps" record industry exec's - or so they're convinced). But, let us say that file sharing is not the agenda (and whether or not we believe this idea is another issue entirely).

There remains this issue of having to declare what neutrality is, or whether it's okay. The attitude is worryingly reminiscent of McCarthyism. Since when did equality become so dirty? How did we (as a country) forget that so many of the tech industry giants of today were the startups of the 1990s? And some much newer than that! Where would a fledgling social network for college students out of Harvard, MA wind up if it were just two guys at Harvard pushing it, but with no decent bandwidth or internet-connectivity compared to larger rivals like MySpace and Friendster? "The Social Network" would make a different movie if it had a part about getting decent bandwidth from the ISP to stop being slow and ignored.

I for one am not advocating that a standard home user should get the same download and upload rates as a server farm for their pay. Far from it. But they deserve equal access. If Yahoo and Google pay for high speed connections and servers of comparable quality, then it follows that a user on a standard connection can access them similarly. And, moreover, that a third party could move in and try to do the job better with the right resources, without bias in connectivity. If another server exists for download purposes, or users want to connect peer-to-peer, then the same should apply. It's their internet, they pay for it, let them use it how they want: content and sharing is an afterthought, better not to mingle these issues.

It just doesn't make a whole lot of sense; it must make sense to someone, on paper. But the issue then is that these policy makers are all too often the computer illiterate. Then again equality is the name of the game, right? But, policy makers are in a higher position of authority. So, shouldn't they at least learn what they're talking about? Lest we have more "dump truck"/"series of tubes"- quality conclusions, or (worse yet) logic along the lines of that which brought on the court ruling that RAM may be used as a legal record/document (in spite of the fact that RAM is temporary). The contradiction is blatant enough to more computer-savvy users. Don't they have a place at the table here?

The bitter truth is: There are parts of government and ISP companies that would prefer that the public have their internet the way these "providers" want them to have it. For a fee, the public should check their email, and not download music. And, if a company wanted to sell music, then as a business they should have to pay for that (by this thinking). They think this service should still cost the people money. I say: you can't have it both ways. Control a service or sell that service. And, if it's got to be a controlled system, then make room for those of us who'd like to build an open one. We have the technologies, so it's only fair. It's our right.

In response to:
For reference: Appendix