Can You See Me Now?

 

A new law goes into effect on December 20, 2020, banning Internet Service Providers (ISPs) from charging a rental fee to consumers for company equipment such as modems and routers even when consumers prefer to use their own equipment instead. For years, ISPs have gotten away with charging rental fees on the basis of network compatibility and service support, conveniently ignoring instances where equipment owned by consumers may be the equal of equipment provided by the ISPs, or even superior to it. This was a situation rather like a subscription meal service grabbing an additional monthly fee for the rental of its proprietary tableware and cutlery, regardless of whether the subscriber already possessed adequate means to prepare and eat the provided meals.

Théophile-Alexandre Steinlen - Tournée du Chat Noir de Rodolphe Salis (Tour of Rodolphe Salis' Chat Noir) - Google Art Project
An 1896 poster by Théophile Steinlein (1859-1923) advertising a tour of The Black Cat cabaret troupe led by the impresario Rodolphe Salis.

 

This is no small matter in these times of exponentially increasing broadband internet use as video conferencing, a bandwidth hog, has taken off with businesses, consumers, and students and their schools because of the demands of the coronavirus pandemic. When parents are working on their computers at home, using Zoom or any of a half dozen other video conferencing applications to stay in touch with employers, employees, and clients, and at the same time their children are at home learning remotely from teachers on their computers, also using video conferencing, the demands on a home router are greater than ever before, and the consequences of poor performance are more critical than they would be for streaming entertainment during hours off from work or school.

Now that ISPs are no longer allowed to penalize consumers for using their own equipment, the next step is to make it easier for consumers to ascertain compatibility of any equipment with their provider’s network and service plans. It’s understandable that 1Gbps (Gigabit per second) service requires a modem capable of handling that speed of throughput, and that a router handling data requests from multiple devices simultaneously needs to be more robust than a router dedicated to only one device. ISPs and equipment manufacturers should make it easy for consumers to determine compatibility prior to purchase, rather than blindly trying to match equipment to service through trial and error.


For many years, Henri, Le Chat Noir (The Black Cat), was the star of short films featuring his dour philosophical musings. Henri, who retired a couple of years ago, died earlier this month, but his legacy lives on among internet surfers as one of the first standouts in the cat video genre, and always among the best.

 

Better communication between ISPs and equipment manufacturers could develop standards that can be easily determined by consumers through labeling of a piece of equipment’s network compatibility and its minimum and maximum performance capabilities, cross referenced with the network’s requirements for safe and effective performance. Such easily referenced labeling will free up everyone’s time and energy for more worthwhile pursuits, like watching cat videos when they’re not on Zoom calls.
— Techly

 

No Question of Right or Wrong

 

As we tumble headlong toward an imminent future of ubiquitous “smart” machines, the question of ethics in artificial intelligence keeps cropping up. The machines themselves have no ethics, of course, and it’s easy to forget that as they come closer to mimicking human intelligence and even emotion. Does a furnace have ethics? What if we attach a computer to it and it malfunctions, causing the deaths of everyone in a house where, say, the “smart” furnace allows a gas leak while the inhabitants sleep, never to wake up?

 

We understand that machines malfunction, clear and simple. Why impute anything more to an artificially intelligent machine when it malfunctions? We should refer any question of ethics in their use and misuse to their makers. No artificially intelligent machine, no matter how smart, has free will. Until it can be demonstrated that a machine has free will, that machine acts for good or ill at the behest of its makers and users.

Ales golem
An 1899 illustration by Mikoláš Aleš (1852-1913) of the Golem with Rabbi Loew.

There are fortunes to be made in smart machines with artificial intelligence, and there are fortunes to be lost when things go wrong and the courts end up deciding matters of liability. When a smart car hits and kills a pedestrian, even though the pedestrian’s partial negligence may have contributed to the accident, the makers of the car and, in the case of the 2018 incident in Tempe, Arizona, the driver who was supposed to be monitoring the car’s progress need to be held accountable by the law and the courts. Technology companies are trying to muddy the waters where artificial intelligence is concerned so that they can escape liability while still reaping profits. No machine is smart enough to have figured out an ethics dodge like that.
— Techly

 

We Gotcha

 

Anyone who uses the internet regularly has likely encountered a CAPTCHA or reCAPTCHA gatekeeper at a website requiring a login, and the puzzles they present to the user are meant to distinguish human visitors from bots, which is a good idea. Another good idea from the standpoint of Google, or Alphabet or whatever they’re calling themselves these days, is the use of unpaid labor from solvers of the puzzles to train artificial intelligence for tasks such as digitizing books or driving cars.

Waymo self-driving car side view.gk
A Waymo self-driving car on the road in Mountain View, California, headquarters of Google, or Alphabet or whatever they’re calling themselves these days. Waymo is a division within the technology behemoth, and logically it would be filed under “W”. Photo by Grendelkhan.

 

Ten years ago, internet users mostly encountered CAPTCHAs, which stands for Completely Automated Public Turing test to tell Computers and Humans Apart. CAPTCHAs were text-based puzzles, and Google put people to work solving them in the interests of both internet security and of training artificial intelligence to recognize letters and numbers in all sorts of peculiar configurations, such as might be found in all the books Google was digitizing. Now reCAPTCHAs are more common, and they are handy for training self-driving cars because they are image-based, and the images are most often of street scenes.

No doubt the engineers and executives at Google count themselves as quite clever for employing digital security puzzles to help amass the enormous amount of data necessary to train artificial intelligence without spending a penny, at least for labor. It’s a good bet most internet users are unaware of their exploitation at the hands of that technology behemoth or of other ones, like Facebook, which uses photographs uploaded by its users to train facial recognition software. Of those who are aware of what’s going on, some may not care. The technology companies, in that case, have little concern for the possibility of a public outcry over their exploitative practices; people are so eager to hand over their personal data for purposes they perceive as benefiting themselves that they don’t notice or don’t care how the companies are using the mountains of freely given information.

Artificial intelligence requires so much data to be effective that not even all the free data sneakily gleaned from internet users is enough, and therefore the technology companies have to pay some laborers, however poorly, to do the monotonous tasks necessary to train artificial intelligence for every imaginable scenario. The weakness of artificial intelligence, being nothing more than an extremely powerful computer, is its incapability of imagining scenarios outside of logic, or of imagining anything at all. Powerful as it is, it is still only a number cruncher.



John Cleese in conversation with Appian CEO Matt Calkins at a technology conference in 2018. In another video, John Cleese demonstrates the leaps of imagination and intuition that set the human brain apart from artificial intelligence.

 

Google’s reCAPTCHA sometimes gets the wrong message from its images, for example by insisting a diagonally striped no parking zone is a pedestrian crosswalk. There is no arguing with it. All the internet user can do in order to move on then is play along with the error or try reloading a different image. One has to wonder if training one’s replacement for free is not enough of an indignity without also suffering the insult of having to humor an insufficiently intelligent automaton that is nonetheless a humorless and dully unimaginative know-it-all.
— Techly

 

Leave It to Google

 

People go out of their way to use the Linux operating system on their desktop and laptop computers for all sorts of reasons, and it’s a fair guess that among them is the desire to stay clear of the tentacles of major technology companies like Microsoft, Apple, and Google. Microsoft has never made any pretense of being anything but evil, while Apple has pretended to be above the fray, and perhaps the least trustworthy of the three is Google, which tipped everyone off to their evil intentions by sanctimoniously proclaiming at one time “Don’t be evil”. Any individual or organization professing to abide by moral certainties that should not even be in question is not to be trusted.

 

It’s ironic then that because of some holes in Linux development such as lack of drivers for some peripherals, usually printers, Linux users may find themselves forced to rely on Google services as workarounds. In the case of printers, incompatibility with Linux has become less of a problem over the past 20 years as Linux has climbed in market share to around five percent. Microsoft’s Windows is around 75 percent, with Apple’s Mac operating system at about 15 percent, although it seems no one can agree on the exact numbers. Google’s Chrome operating system makes up most of the remaining percentage in use for desktops and laptops, and because it has access to all Google services built in, including Google Cloud Print, printing from Chrome OS is never a problem even if proprietary drivers are not available from the printer manufacturer.

 

MagpieOS infofetch
Magpie OS is an Arch-based Linux distribution, developed by Rukunuzzaman, a Bangladeshi developer. Screenshot by Kabirnayeem.99. There are hundreds, perhaps thousands, of different Linux distributions, enough to suit anyone’s preference.

Some printer makers still do not provide drivers for Linux, and in cases where generic drivers won’t work the Linux user is confronted with either turning their incompatible printer into a doorstop or falling back on workarounds like using Google Cloud Print. It’s an efficient service that comes in handy. It’s also free. Free often comes at a price, however, and in the case of Google, like many other technology companies, that means turning the user of the free service into a product sold to marketers. Google is perhaps no worse in this respect than companies like Facebook, only more pervasive by its utter ubiquity. It’s nearly impossible to escape Google entirely and still get along in today’s technological world. Google’s Chrome OS may bring up the rear among major desktop and laptop operating systems, but its Android OS for smartphones leads the next highest competitor, Apple’s iOS, by a huge margin at around 85 percent to 15 percent.

Printer manufacturers appear interested mostly in configuring their drivers for the two biggest desktop and laptop operating systems, Windows and Mac, and Linux is generally an afterthought. Chrome can fend for itself, and to some extent Linux can as well, but not without having to resort to using Google services occasionally. Linux developers are volunteers, and they can’t keep up with the myriad of proprietary configurations for all the printer models hitting the market each year. Much of the proprietary nature of printer drivers has nothing to do with actually making the product perform its basic functions, but rather with marketing gimmicks like greeting card suites.

Al Pacino in The Godfather: Part III, a 1990 film directed by Francis Ford Coppola. Not that large technology companies are necessarily comparable to the Mafia, but to some people their grasp may feel similarly inescapable.

Now more than ever people need a reliable printer at home. About the only way left of obtaining tax forms is to download them from the internet and print them at home. Using the internet and printing out web pages has become a major factor in children’s schoolwork, and their parents need to print out receipts and coupons or run a home office. Getting along without a printer, or having to jump through hoops in order to get one to work properly, can no longer be part of how most people cope with the modern world. For most people, the 90 percent who use either Windows or Mac computers, compatibility problems are rare to nonexistent; for the 10 percent minority, and particularly those who wish to go against the flow with Linux, incompatibility between operating system and printer should no longer be an issue if manufacturers want to sell their wares to all consumers and ensure the same ease of use long enjoyed by the majority. It’s about time for proprietary drivers to go into the desktop trash can.
— Techly

 

Just Say No

 

As if the lack of trust hadn’t sunk low enough between internet users, advertisers, and the websites which host advertisements, along comes cryptojacking, a method for either honestly or dishonestly using the computing power and electricity of internet users to mine cryptocurrency. Last week, users of YouTube in some countries noticed that their antivirus and antimalware programs were alerting them to code hidden in ads on YouTube which were enlisting their computers for cryptomining without their permission. Google, which administers YouTube, claims to have fixed the problem. Unfortunately, there are many small websites that don’t have Google’s Information Technology (IT) resources and may have been hacked and had cryptojacking code installed without their knowledge.

 

Cryptojacking sounds like it should be illegal, but oddly enough it is not. There can be repercussions such as blacklisting for hiding code in ads, and of course this sort of activity serves to push more people toward the use of ad blockers, which deplete the revenue of honest websites as well as dishonest ones. There are now outfits on the web, Coinhive being the most notable, which promote to website owners the idea of replacing ads altogether with a bit of JavaScript code on the website itself that will enlist the computers of visitors in mining Monero, a type of cryptocurrency that, unlike Bitcoin, doesn’t require high end equipment. Coinhive takes 30% of the resulting mining revenue, and the website owner gets 70%. Coinhive rather dubiously promotes this as a fair business model for the website owner in a time of declining revenue from ads, while not mentioning its relative fairness for the website visitor.

Cryptocurrency Mining Farm
A mining farm of Genesis Mining in Iceland. These are mainly Zeus scrypt miners. 2014 photo by Marco Krohn. No subterfuge involved in this cryptocurrency mining operation. Note that because the calculations required to create the currency generate a lot of heat, there are fans at the ends of all the units.

As originally set up by Coinhive, the JavaScript ran without the internet user’s knowledge or permission. If an internet user visited a website running Coinhive‘s JavaScript code, and the user’s security software did not alert the user or block the code from running, the only indication the user had of being legally cryptojacked was how unusually busy their computer was and, when the electric bill arrived, how unusually high it was. Savvy computer users might also check running processes monitored by the task manager on their computer. But it’s a good bet that most computer users have no idea about task manager or where to find it on their computer. Some users don’t run any security software at all, or if they do, they misuse it. Running Coinhive software without the knowledge or permission of website visitors is sneaky at best, and more likely just plain unethical, and any arguments from Coinhive or anyone else that it is a fair replacement for ads is mere sophistry.

After some amount of pushing from internet users, Coinhive started offering an above board, opt-in type of cryptomining code so that website visitors knew what was being asked of them. Naturally that version has not proved popular with the website owners who partner with Coinhive because advising visitors of cryptomining activity only leads to the great majority of them declining to participate. People who are not computer savvy, when confronted with an option which will in all likelihood confuse and frighten them, will resort to the safest option and just say no. More computer savvy visitors will likely decide it’s not worth their while to have their computer slowed down to a crawl and their electricity bill hiked by a few dollars a month just to visit a website. Only the most indispensable websites could get away with it, and they are apt to have access to many other less complicated sources of revenue. Coinhive, meanwhile, continues offering the original, surreptitious version of its software.

Naturalist David Attenborough discusses brood parasitism among birds in this BBC wildlife segment.

The arms race between website owners and advertisers on one side, and website visitors on the other side, began when internet service was incredibly slow and most consumers had data caps. Ads, particularly Flash ads that jumped up and down to attract the visitor’s attention, slowed down internet service even more and sucked up the visitor’s limited data. Enter ad blockers. The thing about ad blockers, however, is that even though most of them offer users the ability to whitelist websites, most users are either unaware of that option or don’t bother to use it unless prompted by the website. Ad blockers often act effectively as blunt instruments then, punishing honest websites which display discreet, reputable ads in an above board manner, along with dishonest or careless websites which display gaudy ads that may or may not harbor malicious code. Like many other areas of life, on the internet a few bad actors can spoil the honest efforts of the majority of website owners. The answer to declining revenue from the arms race between advertisers and advertising blockers is not for website owners to get sneaky, however, which erodes trust, but to develop trust with their visitors and exercise restraint on their advertisers.
— Techly

 

Open Sesame

 

The latest crisis in computer security comes from news of the Meltdown and Spectre Central Processing Unit (CPU) exploits. Nearly all desktop and laptop computers are affected, and most tablets, smartphones, and other small devices are also affected.* The difference is on account of the types of CPUs used for the various computers and devices. Since home users usually access password protected accounts like email and online banking from smaller devices as well as larger computers, they could see their privacy and online security compromised across platforms. In other words, hackers can exploit a hardware flaw in the CPUs of home computers, and then hackers could use that vulnerability to access private email and banking passwords in software that crosses platforms.

 

עלי באבא מתחבא על העץ
In the story “Ali Baba and the Forty Thieves”, Ali Baba overhears one of the thieves say “Open Sesame” to open the entrance of the cave where they store their loot. Illustration by Rena Xiaxiu.

CPU makers like Intel† are racing to fix the problem, which was first discovered by Google security researchers last June, and internet browser makers, where many users store passwords, are hurrying to tighten security on their end. In the meantime, people need to be vigilant about email and banking security themselves, starting with changing their passwords if they suspect unusual activity in their accounts and running a full suite of anti-virus, anti-spyware, and anti-malware programs on their computers. Those are routine security measures that people ought to be taking already, but unfortunately some folks don’t even do that much. When their computers are compromised by hackers, those home users are often as not completely unaware they are being used as part of a rogue network, called a botnet, to spread spam and other nasties throughout the internet. When everything is linked as with the internet, the weakest links are the easiest targets of hackers.

Even after tightening up individual computer security by using strong passwords and storing them securely, by not clicking on links in untrusted emails, by surfing the web safely using the anti-phishing feature built into most browsers, by regularly updating a security suite and running scans with it, even after all that a careful home user can still have difficulties, whether it’s because of something completely out of their control in the so-called cloud, such as when credit reporting agencies got hacked, or simply because their Internet Service Provider (ISP) momentarily gives them the Internet Protocol (IP) address of a blacklisted spammer, causing their email provider to block their account.

Since the majority of IP addresses are dynamic rather than static, meaning that each time a computer user connects to the internet the device that user is on, or possibly a larger network it is part of, is assigned a different IP address rather than keeping the same IP address from session to session. Because dynamic IP addresses are recycled, it’s a wonder that the unfortunate coincidence of being assigned a blacklisted address does not happen more often than it does. It’s impractical to remove a bad address from the rotation entirely because spammers can jump from address to address so quickly that soon all of them would be blacklisted, or the addresses would have to be prohibitively long.

Alfred Hitchcock’s 1956 film The Wrong Man explores the nightmare of mistaken identity.

The other way to get blacklisted as a spammer is to get hacked as described earlier, either through negligence or bad luck, and end up an unknowing part of a botnet distributing spam to friends and strangers alike. The use of biometrics like fingerprint and iris scans are no better a solution to account security than passwords since hackers have been at work on spoofing mechanisms for biometrics. Police can also compel people to grant access to their computers and other devices when they are locked by biometric measures, whereas they cannot compel people to divulge their passwords. There is no single, simple solution to keeping private data entirely secure on any computer or device as long as it is connected to the internet. It’s like the locks on doors and windows, which ultimately will keep out only honest people. Dishonest people will find a way in if they are determined enough, but it’s better for everyone else if it’s not too easy for them, and if they get caught sooner rather than later.
― Techly

*Post updated to enlarge number of devices affected.

†In November, long after he had learned of the vulnerability in his company’s products, but of course before the flaw had become general knowledge last week, Intel CEO Brian Krzanich sold almost all of his stock in the company for $39 million.

 

Your Bitcoin or Your Files

 

The WannaCry, or WannaCrypt, ransomware that attacked mostly networked computers running unpatched Windows operating systems last month did not affect many non-networked home computer users, but that doesn’t mean those users will avoid future attacks. The computers of home users are often just as vulnerable as those used by banks, hospitals, and other large institutions. They are less likely to be attacked only because they aren’t generally tied into a larger network and because loss of their data is not critical. Home users also have less money, or access to Bitcoin, than large institutions, making an attack on them not as worthwhile for hackers.

 

Computer Using Cat
Cat using computer; photo by EvanLovely.
Any computer running any operating system connected to the internet is vulnerable to ransomware, malware, viruses, and a host of other exploits. Macintosh and Linux operating systems are partially less vulnerable than Windows, but not invulnerable. The same goes for the Android and iOS mobile phone platforms. Frequently updating an operating system with patches downloaded from the operating system provider is key to maintaining security. An equally important best practice is to avoid human error in daily computing, such as being wary of web links or attachments in suspicious emails, and even being careful of clicking on ads from unknown providers on sketchy websites. The internet is a teeming public square where pickpockets mix with everyone else, and where some side streets and alleyways lead to unwholesome places, increasing the likelihood of something bad happening.

 

All this seems like common sense and fairly common knowledge, so why are large institutions with professional Information Technology (IT) staff on hand nonetheless vulnerable to cybercrime exploits that home computer users who are conscientious about updating their software and careful when visiting the internet can usually avoid? Are the IT departments incompetent? The answer is they apparently do their best most of the time, like anyone else with a job to do, but their efforts are many times hobbled by that second factor mentioned above – human error. And the larger the organization and the more computers tied into the network, the greater the chances for one small human error to multiply throughout the organization. IT specialists are also hobbled by the unwillingness of higher ups to let go of outdated operating systems like Windows XP. The WannaCry ransomware targeted unpatched, networked Windows XP computers.


From Woody Allen’s 1969 movie Take the Money and Run, a job interview presumably for an IT position, with a nod to the old TV quiz show, What’s My Line?

Here we have blame enough to go around for everyone: from the executives who, whether out of cheapness or reluctance to overhaul their company’s computer systems, failed to modernize; to the IT specialists who, whether from incompetence or overwork, failed to install vital patches to an outdated operating system; to the end users or user sitting at a computer who, whether out of ignorance or foolishness, clicked on a malicious link or fell for a phishing scam, and then passed it on to co-workers. What made the WannaCry ransomware especially vicious was its ability to exploit the very minimum of human error in order to replicate throughout a network. Computer experts are still not certain of the attack vector WannaCry used to gain initial access. The patch Microsoft issued months earlier should nevertheless have protected Windows XP computers, human error or no.

 

1940 Oldsmobile Station Wagon
1940 Oldsmobile Station Wagon advertisement. You rarely see Woodies like this on the road these days!
Windows XP was Microsoft’s most popular operating system ever, and it’s understandable many users are reluctant to let it go. There are a lot of reasons Microsoft has tried to move on from Windows XP, as popular as it remains, and at this stage those reasons, good or bad, believable or not, are beside the point. The fact is Microsoft is moving on. For computer users to cling to Windows XP at this point is like automobile fanciers who own vintage cars: Yes, having a fine old car can be engaging, but don’t expect there will be many qualified mechanics available to work on it, or driving it on interstate highways will be a safe and effective means of travel in the 21st century. Windows 10, the up to date model of Microsoft’s operating system, has plenty of faults, among them being a data hog that is far too chatty with its home base so that it can mine the user’s personal data for sale, a lesson Microsoft learned well from Google, but at least it’s safely built for travel on today’s internet, the information superhighway, as Al Gore called it. Drive safely.
― Techly