Follow Slashdot stories on Twitter


Forgot your password?

Comment: Re:Human Shield? (Score 1) 136

by dgatwood (#49552515) Attached to: Pirate Bay Blockade Censors CloudFlare Customers

1. The court who handed down the injunction is the arbiter for copyright law

Agreed so far.

2. The cache-only service is the means of enforcing the injunction.

Nope. The cache-only service isn't the one being enjoined. The party being enjoined is ISP A (the users' ISP). However, they aren't in a position to actually do anything about the injunction because they aren't ISP B (the Pirate Bay mirror's ISP). Their only way of "handling" it is to block the site in a manner that directly harms the business of CDN C (CloudFlare) and hundreds of other innocent businesses. CloudFlare, in turn, is also not capable of truly enforcing the injunction, because the Pirate Bay website mirror can trivially switch off CloudFlare with a simple DNS change and avoid any block that CloudFlare might put up.

The sole plausibly effective means of enforcement is for the courts to order CloudFlare to disclose the source IP for the website, and to then get an injunction against the correct ISP. And if that ISP turns out to be outside the UK, then it is likely beyond the reach of UK law, and that's a reality that the UK government will simply have to accept.

3. If you go to the other end of the spectrum and follow the lowest level of law the copyright is dead on the internet.

The reality is that there will always be sites on the Internet in countries that have weak laws. Any government that thinks it can somehow put up road blocks that will adequately prevent people from accessing those sites is a government of fools. Just take a look at how many people pay for VPN service to get around geo-blocking of TV shows, or to avoid censorship by oppressive governments.

As John Gilmore put it, "The Net interprets censorship as damage and routes around it." That's the way it has always been, and practically speaking, that's the way it always will be.

For this reason, if you want to fight piracy, you cannot hope to do so using technical measures. It never worked before, yet in spite of more than thirty years of trying to do so and failing (think Macrovision, floppy disk copy protection, etc.), corporations keep trying to make it work, and idiotic governments keep trying to find ways to legislatively turn this hopeless cause into something that's magically feasible. You know what they say about insanity?

Mind you, I don't have the right answer; if I did, I'd be rich. But I do know how to spot the wrong answers.

4. The cache only service could segregate the different sources to different IPs so different countries could enforce their own laws by blocking selected content.

First, there are only so many IP addresses. They can't realistically cache each site on its own IP address. The cost would be astronomical. Second, even if they could, how can you do that without also making it easier for oppressive regimes to suppress information? Ethically and morally speaking, a CDN must be content-neutral. There's simply no acceptable alternative.

Comment: Re:Solar rarely enough for the whole house (Score 1) 277

by dgatwood (#49551131) Attached to: Tesla To Announce Battery-Based Energy Storage For Homes

And 48kWh, which is cited above as "about average", means, no home-servers running 24x7 (about 200Watts*24h=4.8kWh — or 10% more than the estimate — per server), no super-duper Christmas lights [], and other limitations...

My home server runs 24x7. It draws 11W when idling, or about 264 watt-hours per day, and the current versions draw barely half that. Compared with heating and cooling, the server is lost in the noise. Unless you're serving a site that absolutely requires staggering amounts of computing power or desktop-sized hard drives, might I suggest you consider more power-efficient server hardware?

If I were still using such an ancient 200W horror, replacing it with a 6W server would save me almost $650 annually at my current PG&E rate. In other words, the new hardware would be basically free after the first year or so.

Comment: Re:Cloudfare blocks Tor (Score 2) 136

by dgatwood (#49551071) Attached to: Pirate Bay Blockade Censors CloudFlare Customers

Cloudfare blocks Tor exit nodes heavily; you have to fill out a captcha almost every other page refresh. It makes it almost impossible to navigate a website.

CloudFlare blocks any IP address that sends an insane number of page hits in a short period of time, because the vast majority of those IPs are being used by automated bots running on sites like Amazon EC2 to scan websites and post spam links en masse. There's no good way for CloudFlare to tell the difference.

And yeah, that policy is problematic. It caused me to endure a protracted back-and-forth with Amazon over getting my affiliate account activated, because CloudFlare was treating Amazon's web crawler bot's IP range as a potential spammer and showing it a captcha page for every result.

That seems incompatible with your distaste for "kowtowing to the enemies of freedom" and trying to allow customers access to your books even if a government doesn't want them to have access.

There's also a decided benefit to blocking web-posting mass spammers, and although the captchas are annoying, they don't prevent you from using the site entirely; they merely make it a pain in the backside. On balance, although it isn't ideal, it is acceptable, IMO, because A. it is trivial for end users to get around and thus is not a true block, and B. it serves a very useful purpose in the default case while causing a hassle for only a tiny fraction of a percent of the site's users (at most).

(Incidentally, the book thing was purely hypothetical; my books are pretty tame.)

Comment: Re:Human Shield? (Score 1) 136

by dgatwood (#49551015) Attached to: Pirate Bay Blockade Censors CloudFlare Customers

In any case, you're asking the wrong questions. You're looking at it from the perspective of one of those big cloud providers. The truth is, the big players can't protect your site. The big players have too much to lose. If you want your site protected, you can not go to the cloud.

On the other hand, the big players are also the only ones that can protect the site. The small players who have nothing to lose will just get blocked and won't have enough pull to do anything about it. They'll have no choice but to bend to any random government's demands if they want to avoid their entire IP range getting blocked en masse. Only a company that is big enough to serve real companies' content can be even slightly effective at protecting you against bullying by world governments.

So basically, when you combine that fact with your statement, you end up with a world in which there can be no protection from free speech, because the only companies big enough to defend it have too much to lose, and thus cannot afford to do so. In effect, the world's free speech becomes limited to the lowest common denominator—to content that complies with the strictest limits of all of the strictest sets of laws in the world. I know that's what the leadership of those countries would like, but it is simply too high a price.

IMO, what is needed is a U.S. law that says that any U.S. company, being an entity that exists solely at the pleasure of the U.S. government, can be fined for not preserving, protecting, and defending the Constitution, including the first amendment, against all threats, foreign and domestic. That would at least provide a counterweight—a punishment for bending too far.

In the absence of that, though, the CDNs need to step up on their own. They need to stand up for free speech, and they need to defend their presumed innocence as a blind cache by requiring that all legal actions be taken against the original site directly, and by taking steps to make it painful for anyone who tries to make an end run around that policy. It is a legally defensible position to hold, and more importantly, it is the only morally and ethically reasonable position to hold. All other positions are a slippery slope that eventually leads to blocking speech that truly deserves defending.

Comment: Re:Human Shield? (Score 1) 136

by dgatwood (#49550949) Attached to: Pirate Bay Blockade Censors CloudFlare Customers

Cloudflare could serve from different IPs if they wanted to but don't. That's what I mean by "human shield". Shield infringing material with non-infringing material. That is much the same as shielding combatants with non-combatants.

Except it isn't. As a rule, nobody dies if a cat pictures website gets blocked. Financial loss and human loss are two very different things to most people.

Besides, what determines whether something is infringing: the U.S.'s insane copyright laws, China's lax copyright laws, or something in the middle? There is no one worldwide standard for what is and is not protected by copyright. As soon as you allow one country to hold you hostage over copyright, you allow any country to do so, no matter how absurd their laws might be.

User-created content, for example, is protected by copyright in the U.S. What happens when some country takes that one step further and demands that site owners pay users every time the sites show their user-contributed content? It would be insanity, but there's nothing preventing a country from passing such a law, and if you aren't really careful with your licensing terms, it could even happen in the U.S. under U.S. copyright law.

The moment someone sues for an injunction, there would be millions of websites around the globe that would be technically violating copyright laws, and blocking all the sites that do so would also be very directly blocking free speech. Thus, as you can see, by allowing a caching-only service to be the arbiter for copyright law rather than requiring the aggrieved party to take legal action against the original site, you're just a hair's breadth away from throwing all free speech under the bus.

Comment: Re:Human Shield? (Score 1) 136

by dgatwood (#49550891) Attached to: Pirate Bay Blockade Censors CloudFlare Customers

Sorry but "sharing" artistic works that can be purchased elsewhere is not speech.

Even as someone who makes most of his income off of intellectual property, I consider that a ridiculous claim. Speech is the dissemination of information, period, full stop. Therefore disseminating information about where you can download something is speech. The fact that the download is illegal in most of the world doesn't change that, nor does the fact that the download is (arguably) immoral and unethical change that.

The moment you start deciding that one thing is speech and another isn't, regardless of your personal views on the merits of that speech, you begin running headlong towards despotism. This isn't to say that you must tolerate all forms of speech on your own sites, but there's a big difference between that and a government—any government—making that decision for you.

Comment: Re:Human Shield? (Score 4, Insightful) 136

by dgatwood (#49549865) Attached to: Pirate Bay Blockade Censors CloudFlare Customers

The thing is, you could say the same thing about any other form of speech that happens to be illegal in a particular country. For example, a site hosting Nazi propaganda would be illegal in Germany. A site hosting pornography would be illegal in most of the Middle East. A site hosting news coverage or historical documentaries about the events of June 4, 1989 would be illegal in mainland China. And so on.

Where do you draw the line? Which countries' laws do you require all your sites to comply with? And what is lost by doing so?

Comment: Re:Inept, or the plan? (Score 5, Insightful) 136

by dgatwood (#49549843) Attached to: Pirate Bay Blockade Censors CloudFlare Customers

As a current CloudFlare customer, the fact that they're so quickly and easily kowtowing to enemies of freedom disturbs me greatly. If I publish a book that makes some random government cranky and gets my site on a ban list, are they going to threaten to throw me off, too? What if somebody posts a link to an illegal torrent on my blog and I don't notice it quickly enough? Where do you draw the line? At what point does the threat of government censorship become too great a burden for the Internet to bear, stifling creativity by causing site owners to be afraid of their own shadows, and destroying the most basic freedoms upon which the 'net as we know it was founded?

In my opinion, CDNs should send a clear, unwavering message by declaring in one voice that government censorship of the Internet is unacceptable in a free society, and simply cannot be tolerated. That's what I look for in a CDN. If the CDN providers have any cojones at all, they should deliberately ensure that torrent mirrors and other potentially objectionable content share IPs with some of the most high-value targets that they host, so that blocking one of those sites would cause as much collateral damage as possible, and then refuse to do anything about it. Let the sites that are blocked complain to Cloudflare, let Cloudflare redirect their complaints to the ISPs who are doing the blocking, and let the ISPs scream at their MPs to demand that the laws be changed.

Basically, the CDNs need to parade the naked emperor down the street. Only by maximizing the extent to which these ill-conceived laws destroy citizens' access to the Internet can we force the clowns in power to actually take the time to understand how the Internet works, and understand why these laws can only cause harm, and can never actually be successful in any meaningful way. The only way those laws will ever get fixed is if a million people wake up tomorrow and call their MPs screaming because their IP violator block lists are preventing them from using or Pinterest or Facebook.

So for the next "Ask Slashdot", does anybody know of a CDN that actually has a spine?

Comment: Re:Fairly easy way to protect data. (Score 1) 75

by dgatwood (#49549469) Attached to: Good: Companies Care About Data Privacy Bad: No Idea How To Protect It

And sometimes not even then. I was at a company when they had a breach involving financial info. It cost them hundreds of thousands of dollars to purchase credit protection for thousands of our customers. However, they just kept on operating the same way, storing credit card information in the clear because that's the way they've always done it, and upgrading the back-office accounting system to allow tokenization of transactions would have cost money. Nobody in upper management had the balls to go to the CFO and say "You will fix this, and you will fix it now. I don't want any excuses. Get it done."

Don't worry. The second time it happens, the army of lawyers climbing all over each other to file a class action lawsuit against the company for gross negligence will almost certainly be successful at obtaining an injunction to shut down the business until they fix it.

Comment: Re:Fairly easy way to protect data. (Score 1) 75

Well, that's not always possible, but it's a good start. I'd suggest a more nuanced/layered approach:

  • To the maximum extent possible, don't collect it.
  • If you must collect it, don't retain it.
  • If you must retain it, use end-to-end encryption, so that you cannot access the data yourself.
  • If you must retain it and must be able to access it, use encryption correctly, use access controls to limit access as narrowly as possible, and audit the heck out of your code.

Comment: Re:Not a Piece of Shit (Score 1) 127

by dgatwood (#49538229) Attached to: POS Vendor Uses Same Short, Numeric Password Non-Stop Since 1990

Better choice is #5. Ship a different, randomly-generated password on each device. Print it along with the serial number on a slip of paper that comes with the device. That way, there's a strong default passcode for people who won't bother to set a good one, and it isn't shared across devices.

Comment: Re:Help me out here a little... (Score 1) 533

by dgatwood (#49534735) Attached to: Utilities Battle Homeowners Over Solar Power

If the filament is big enough, with low enough resistance, then sure. The point is that if the 8 AA batteries (12V, not 6) in series can provide enough power to run the bulb, you can safely switch to a car battery without burning up the bulb. (For a resistive load, the same voltage + more amperage = lasts a lot longer before the battery dies and/or lets you drive more bulbs.)

Comment: Re:Headline doesn't really match study conclusion (Score 1) 339

by dgatwood (#49525127) Attached to: Study Confirms No Link Between MMR Vaccine and Autism

The more accurate headline on Slashdot and the UT San Diego website would be, "Study finds immunized siblings of autistic children not at higher risk of developing autism than immunized siblings of unaffected children."

No, the correct headline is "Study finds immunized siblings of autistic children not at higher risk of developing autism than non-immunized siblings of autistic children."

Additionally, this study says the precise opposite of what you said the headline should read, finding that siblings of autistic children were almost 8x as likely to develop autism as children who did not have an autistic sibling, regardless of whether those children were vaccinated or not.

Comment: Re:Help me out here a little... (Score 1) 533

by dgatwood (#49517525) Attached to: Utilities Battle Homeowners Over Solar Power

Let's take water as our analogy. Water flows to meet demand in the form of open taps. But very few of those taps are strictly regulating, and the outflow is a function of how far the tap is opened and the pressure in the system. Put more water into the mains and the pressure goes up, therefore more water is delivered at the tap. If your house has pressure regulating valves, you won't see this, but the pressure is then further increased at someone else's house.

That analogy doesn't really work very well, for two reasons:

1. Water pressure is more closely equivalent to voltage, not amperage. Adding more solar panels increases the amperage, not the voltage.

2. Most electrical equipment is strictly regulating (ignoring inrush). Resistive loads consume a consistent amount of current regardless of how much current is available. That's why it doesn't matter whether you power a 12V bulb with eight AA batteries or a 12V car battery. The latter can provide a lot more current, but the bulb still draws just as much current as it needs.

I think a better analogy is to think of the voltage as the height of a water tower, and the amperage as its diameter. If you have a ten-foot-diameter tower that forms a 50-foot column of water, the pressure is proportional to the 50-foot height of the water column. An overheating condition would be equivalent to the pipe breaking because someone is sucking water out of the pipe faster than the pipe can pass it.

If you expand the tower to be thirty feet in diameter, the column is still about 50 feet high, so the pressure is about the same (assuming the sides of the tank are vertical and the bottom is flat). However, doing so allows you to add more pipes and/or larger pipes out the bottom so you can provide water to more houses without drawing down the reservoir too quickly (and thus causing... what, a vacuum in the water tower? This is where the analogy starts to break down unless you're talking about a battery).

System going down at 1:45 this afternoon for disk crashing.