law

Ghost brides in China

law, religion, weird / /

From Reuters’ “China arrests men for murdering “ghost” brides” (26 January 2007):

BEIJING (Reuters) – Chinese police have arrested three men for killing two young women to sell their corpses as “ghost brides” for dead single men, a Chinese newspaper reported, warning the dark custom might have claimed many other victims.

Yang Donghai, a 35-year-old farmer in western China’s Shaanxi province, confessed to killing a woman bought from a poor family for 12,000 yuan ($1,545) last year.

She thought she was being sold into an arranged marriage, but Yang killed her in a gully and sold her corpse for 16,000 yuan, the Legal Daily reported on Thursday. He and two accomplices then killed a prostitute and sold her for 8,000 yuan before police caught them.

The women were victims of an old belief, still alive in the yellow-earth highlands of western China, that young men who die unmarried should go to their graves accompanied by deceased women who will be their wives in the afterlife. Often these women die natural deaths.

Police in Yanan, the poor and dusty corner of Shaanxi where Chairman Mao Zedong nurtured his Communist revolution, said the dark trade went beyond these cases.

Yang and two helpers sold the bodies to Li Longsheng, an undertaker who police said specialized in buying and selling the dead women for “ghost weddings.” It was unclear what happened to Li.

Ghost brides in China Read More »

The widespread corruption at the heart of Greek culture

business, history, law, politics / /

From Michael Lewis’s “Beware of Greeks Bearing Bonds” (Vanity Fair: 1 October 2010):

In just the past decade the wage bill of the Greek public sector has doubled, in real terms—and that number doesn’t take into account the bribes collected by public officials. The average government job pays almost three times the average private-sector job. The national railroad has annual revenues of 100 million euros against an annual wage bill of 400 million, plus 300 million euros in other expenses. The average state railroad employee earns 65,000 euros a year. Twenty years ago a successful businessman turned minister of finance named Stefanos Manos pointed out that it would be cheaper to put all Greece’s rail passengers into taxicabs: it’s still true. “We have a railroad company which is bankrupt beyond comprehension,” Manos put it to me. “And yet there isn’t a single private company in Greece with that kind of average pay.” The Greek public-school system is the site of breathtaking inefficiency: one of the lowest-ranked systems in Europe, it nonetheless employs four times as many teachers per pupil as the highest-ranked, Finland’s. Greeks who send their children to public schools simply assume that they will need to hire private tutors to make sure they actually learn something. There are three government-owned defense companies: together they have billions of euros in debts, and mounting losses. The retirement age for Greek jobs classified as “arduous” is as early as 55 for men and 50 for women. As this is also the moment when the state begins to shovel out generous pensions, more than 600 Greek professions somehow managed to get themselves classified as arduous: hairdressers, radio announcers, waiters, musicians, and on and on and on. The Greek public health-care system spends far more on supplies than the European average—and it is not uncommon, several Greeks tell me, to see nurses and doctors leaving the job with their arms filled with paper towels and diapers and whatever else they can plunder from the supply closets.

A handful of the tax collectors, however, were outraged by the systematic corruption of their business; it further emerged that two of them were willing to meet with me. The problem was that, for reasons neither wished to discuss, they couldn’t stand the sight of each other. This, I’d be told many times by other Greeks, was very Greek.

Tax Collector No. 1—early 60s, business suit, tightly wound but not obviously nervous—arrived with a notebook filled with ideas for fixing the Greek tax-collection agency. He just took it for granted that I knew that the only Greeks who paid their taxes were the ones who could not avoid doing so—the salaried employees of corporations, who had their taxes withheld from their paychecks. The vast economy of self-employed workers—everyone from doctors to the guys who ran the kiosks that sold the International Herald Tribune—cheated (one big reason why Greece has the highest percentage of self-employed workers of any European country). “It’s become a cultural trait,” he said. “The Greek people never learned to pay their taxes. And they never did because no one is punished. No one has ever been punished. It’s a cavalier offense—like a gentleman not opening a door for a lady.”

The scale of Greek tax cheating was at least as incredible as its scope: an estimated two-thirds of Greek doctors reported incomes under 12,000 euros a year—which meant, because incomes below that amount weren’t taxable, that even plastic surgeons making millions a year paid no tax at all. The problem wasn’t the law—there was a law on the books that made it a jailable offense to cheat the government out of more than 150,000 euros—but its enforcement. “If the law was enforced,” the tax collector said, “every doctor in Greece would be in jail.” I laughed, and he gave me a stare. “I am completely serious.” One reason no one is ever prosecuted—apart from the fact that prosecution would seem arbitrary, as everyone is doing it—is that the Greek courts take up to 15 years to resolve tax cases. “The one who does not want to pay, and who gets caught, just goes to court,” he says. Somewhere between 30 and 40 percent of the activity in the Greek economy that might be subject to the income tax goes officially unrecorded, he says, compared with an average of about 18 percent in the rest of Europe.

The easiest way to cheat on one’s taxes was to insist on being paid in cash, and fail to provide a receipt for services. The easiest way to launder cash was to buy real estate. Conveniently for the black market—and alone among European countries—Greece has no working national land registry. “You have to know where the guy bought the land—the address—to trace it back to him,” says the collector. “And even then it’s all handwritten and hard to decipher.”

On he went, describing a system that was, in its way, a thing of beauty. It mimicked the tax-collecting systems of an advanced economy—and employed a huge number of tax collectors—while it was in fact rigged to enable an entire society to cheat on their taxes.

Tax Collector No. 2—casual in manner and dress, beer-drinking, but terrified that others might discover he had spoken to me—also arrived with a binder full of papers, only his was stuffed with real-world examples not of Greek people but Greek companies that had cheated on their taxes. He then started to rattle off examples (“only the ones I personally witnessed”). The first was an Athenian construction company that had built seven giant apartment buildings and sold off nearly 1,000 condominiums in the heart of the city. Its corporate tax bill honestly computed came to 15 million euros, but the company had paid nothing at all. Zero. To evade taxes it had done several things. First, it never declared itself a corporation; second, it employed one of the dozens of companies that do nothing but create fraudulent receipts for expenses never incurred and then, when the tax collector stumbled upon the situation, offered him a bribe. The tax collector blew the whistle and referred the case to his bosses—whereupon he found himself being tailed by a private investigator, and his phones tapped. In the end the case was resolved, with the construction company paying 2,000 euros. “After that I was taken off all tax investigations,” said the tax collector, “because I was good at it.”

The Greek state was not just corrupt but also corrupting. Once you saw how it worked you could understand a phenomenon which otherwise made no sense at all: the difficulty Greek people have saying a kind word about one another. Individual Greeks are delightful: funny, warm, smart, and good company. I left two dozen interviews saying to myself, “What great people!” They do not share the sentiment about one another: the hardest thing to do in Greece is to get one Greek to compliment another behind his back. No success of any kind is regarded without suspicion. Everyone is pretty sure everyone is cheating on his taxes, or bribing politicians, or taking bribes, or lying about the value of his real estate. And this total absence of faith in one another is self-reinforcing. The epidemic of lying and cheating and stealing makes any sort of civic life impossible; the collapse of civic life only encourages more lying, cheating, and stealing. Lacking faith in one another, they fall back on themselves and their families.

The structure of the Greek economy is collectivist, but the country, in spirit, is the opposite of a collective. Its real structure is every man for himself. Into this system investors had poured hundreds of billions of dollars. And the credit boom had pushed the country over the edge, into total moral collapse.

The Vatopaidi monastery, along with 19 others, was built in the 10th century on a 37-mile-long-by-6-mile-wide peninsula in northeast Greece, called Mount Athos. Mount Athos now is severed from the mainland by a long fence, and so the only way onto it is by boat, which gives the peninsula the flavor of an island. And on this island no women are allowed—no female animals of any kind, in fact, except for cats. The official history ascribes the ban to the desire of the church to honor the Virgin; the unofficial one to the problem of monks hitting on female visitors. The ban has stood for 1,000 years.

The ferry chugs for three hours along a rocky, wooded, but otherwise barren coastline, stopping along the way to drop monks and pilgrims and guest workers at other monasteries. The sight of the first one just takes my breath away. It’s not a building but a spectacle: it’s as if someone had taken Assisi or Todi or one of the other old central-Italian hill towns and plopped it down on the beach, in the middle of nowhere. Unless you know what to expect on Mount Athos—it has been regarded by the Eastern Orthodox Church for more than a millennium as the holiest place on earth, and it enjoyed for much of that time a symbiotic relationship with Byzantine emperors—these places come as a shock. There’s nothing modest about them; they are grand and complicated and ornate and obviously in some sort of competition with one another. In the old days, pirates routinely plundered them, and you can see why: it would be almost shameful not to, for a pirate.

Otherwise the experience was sensational, to be recommended to anyone looking for a taste of 10th-century life. Beneath titanic polished golden chandeliers, and surrounded by freshly cleaned icons, the monks sang; the monks chanted; the monks vanished behind screens to utter strange incantations; the monks shook what sounded like sleigh bells; the monks floated by waving thuribles, leaving in their wake smoke and the ancient odor of incense. Every word that was said and sung and chanted was Biblical Greek (it seemed to have something to do with Jesus Christ), but I nodded right along anyway. I stood when they stood, and sat when they sat: up and down we went like pogos, for hours. The effect of the whole thing was heightened by the monks’ magnificently wild beards. Even when left to nature, beards do not all grow in the same way. There are types: the hopelessly porous mass of fuzz; the Osama bin Laden/Assyrian-king trowel; the Karl Marx bird’s nest. A surprising number of the monks resembled the Most Interesting Man in the World from the Dos Equis commercial. (“His beard alone has experienced more than a lesser man’s entire body.”)

For most of the 1980s and 1990s, Greek interest rates had run a full 10 percent higher than German ones, as Greeks were regarded as far less likely to repay a loan. There was no consumer credit in Greece: Greeks didn’t have credit cards. Greeks didn’t usually have mortgage loans either.

But this question of whether Greece will repay its debts is really a question of whether Greece will change its culture, and that will happen only if Greeks want to change. I am told 50 times if I am told once that what Greeks care about is “justice” and what really boils the Greek blood is the feeling of unfairness. Obviously this distinguishes them from no human being on the planet, and ignores what’s interesting: exactly what a Greek finds unfair. It’s clearly not the corruption of their political system. It’s not cheating on their taxes, or taking small bribes in their service to the state. No: what bothers them is when some outside party—someone clearly different from themselves, with motives apart from narrow and easily understood self-interest—comes in and exploits the corruption of their system.

The widespread corruption at the heart of Greek culture Read More »

Arguments against gay marriage make no sense

history, law, politics / /

From Theodore B. Olson’s “The Conservative Case for Gay Marriage” (Truthout: 12 January 2010):

What, then, are the justifications for California’s decision in Proposition 8 to withdraw access to the institution of marriage for some of its citizens on the basis of their sexual orientation? The reasons I have heard are not very persuasive.

The explanation mentioned most often is tradition. But simply because something has always been done a certain way does not mean that it must always remain that way. Otherwise we would still have segregated schools and debtors’ prisons. Gays and lesbians have always been among us, forming a part of our society, and they have lived as couples in our neighborhoods and communities. For a long time, they have experienced discrimination and even persecution; but we, as a society, are starting to become more tolerant, accepting, and understanding. California and many other states have allowed gays and lesbians to form domestic partnerships (or civil unions) with most of the rights of married heterosexuals. Thus, gay and lesbian individuals are now permitted to live together in state-sanctioned relationships. It therefore seems anomalous to cite “tradition” as a justification for withholding the status of marriage and thus to continue to label those relationships as less worthy, less sanctioned, or less legitimate.

The second argument I often hear is that traditional marriage furthers the state’s interest in procreation — and that opening marriage to same-sex couples would dilute, diminish, and devalue this goal. But that is plainly not the case. Preventing lesbians and gays from marrying does not cause more heterosexuals to marry and conceive more children. Likewise, allowing gays and lesbians to marry someone of the same sex will not discourage heterosexuals from marrying a person of the opposite sex. How, then, would allowing same-sex marriages reduce the number of children that heterosexual couples conceive?

This procreation argument cannot be taken seriously. We do not inquire whether heterosexual couples intend to bear children, or have the capacity to have children, before we allow them to marry. We permit marriage by the elderly, by prison inmates, and by persons who have no intention of having children. What’s more, it is pernicious to think marriage should be limited to heterosexuals because of the state’s de-sire to promote procreation. We would surely not accept as constitutional a ban on marriage if a state were to decide, as China has done, to discourage procreation.

Another argument, vaguer and even less persuasive, is that gay marriage somehow does harm to heterosexual marriage. I have yet to meet anyone who can explain to me what this means. In what way would allowing same-sex partners to marry diminish the marriages of heterosexual couples? Tellingly, when the judge in our case asked our opponent to identify the ways in which same-sex marriage would harm heterosexual marriage, to his credit he answered honestly: he could not think of any.

The simple fact is that there is no good reason why we should deny marriage to same-sex partners. On the other hand, there are many reasons why we should formally recognize these relationships and embrace the rights of gays and lesbians to marry and become full and equal members of our society.

California’s Proposition 8 is particularly vulnerable to constitutional challenge, because that state has now enacted a crazy-quilt of marriage regulation that makes no sense to anyone. California recognizes marriage between men and women, including persons on death row, child abusers, and wife beaters. At the same time, California prohibits marriage by loving, caring, stable partners of the same sex, but tries to make up for it by giving them the alternative of “domestic partnerships” with virtually all of the rights of married persons except the official, state-approved status of marriage. Finally, California recognizes 18,000 same-sex marriages that took place in the months between the state Supreme Court’s ruling that upheld gay-marriage rights and the decision of California’s citizens to withdraw those rights by enacting Proposition 8.

So there are now three classes of Californians: heterosexual couples who can get married, divorced, and remarried, if they wish; same-sex couples who cannot get married but can live together in domestic partnerships; and same-sex couples who are now married but who, if they divorce, cannot remarry. This is an irrational system, it is discriminatory, and it cannot stand.

Arguments against gay marriage make no sense Read More »

A summary of Galbraith’s The Affluent Society

business, education, history, law, politics, science, technology / /

From a summary of John Kenneth Galbraith’s The Affluent Society (Abridge Me: 1 June 2010):

The Concept of the Conventional Wisdom

The paradigms on which society’s perception of reality are based are highly conservative. People invest heavily in these ideas, and so are heavily resistant to changing them. They are only finally overturned by new ideas when new events occur which make the conventional wisdom appear so absurd as to be impalpable. Then the conventional wisdom quietly dies with its most staunch proponents, to be replaced with a new conventional wisdom. …

Economic Security

… Economics professors argue that the threat of unemployment is necessary to maintain incentives to high productivity, and simultaneously that established professors require life tenure in order to do their best work. …

The Paramount Position of Production

… Another irrationality persists (more in America than elsewhere?): the prestigious usefulness of private-sector output, compared to the burdensome annoyance of public expenditure. Somehow public expenditure can never quite be viewed as a productive and enriching element of national output; it is forever something to be avoided, at best a necessary encumbrance. Cars are important, roads are not. An expansion in telephone services improves the general well-being, cuts in postal services are a necessary economy. Vacuum cleaners to ensure clean houses boast our standard of living, street cleaners are an unfortunate expense. Thus we end up with clean houses and filthy streets. …

[W]e have wants at the margin only so far as they are synthesised. We do not manufacture wants for goods we do not produce. …

The Dependence Effect

… Modern consumer demand, at the margin, does not originate from within the individual, but is a consequence of production. It has two origins:

  1. Emulation: the desire to keep abreast of, or ahead of one’s peer group — demand originating from this motivation is created indirectly by production. Every effort to increase production to satiate want brings with it a general raising of the level of consumption, which itself increases want.
  2. Advertising: the direct influence of advertising and salesmanship create new wants which the consumer did not previously possess. Any student of business has by now come to view marketing as fundamental a business activity as production. Any want that can be significantly moulded by advertising cannot possibly have been strongly felt in the absence of that advertising — advertising is powerless to persuade a man that he is or is not hungry.

Inflation

… In 1942 a grateful and very anxious citizenry rewarded its soldiers, sailors, and airmen with a substantial increase in pay. In the teeming city of Honolulu, in prompt response to this advance in wage income, the prostitutes raised the prices of their services. This was at a time when, if anything, increased volume was causing a reduction in their average unit costs. However, in this instance the high military authorities, deeply angered by what they deemed improper, immoral, and indecent profiteering, ordered a return to the previous scale. …

The Theory of Social Balance

The final problem of the affluent society is the balance of goods it produces. Private goods: TVs, cars, cigarettes, drugs and alcohol are overproduced; public goods: education, healthcare, police services, park provision, mass transport and refuse disposal are underproduced. The consequences are extremely severe for the wellbeing of society. The balance between private and public consumption will be referred to as ‘the social balance’. The main reason for this imbalance is relatively straightforward. The forces we have identified which increase consumer demand as production rises (advertising and emulation) act almost entirely on the private sector. …

It is arguable that emulation acts on public services to an extent: a new school in one district may encourage neighbouring districts to ‘keep up’, but the effect is relatively miniscule.

Thus, private demand is artificially inflated and public demand is not, and the voter-consumer decides how to split his income between the two at the ballot box: inevitably public expenditure is grossly underrepresented. …

A summary of Galbraith’s The Affluent Society Read More »

The Irish Church lies in creative – and evil – ways

history, language & literature, law, religion, security, word of the day / /

From Patsy McGarry’s “Church ‘lied without lying’” (Irish Times: 26 November 2009):

One of the most fascinating discoveries in the Dublin Archdiocese report was that of the concept of “mental reservation” which allows clerics mislead people without believing they are lying.

According to the Commission of Investigation report, “mental reservation is a concept developed and much discussed over the centuries, which permits a church man knowingly to convey a misleading impression to another person without being guilty of lying”.

It gives an example. “John calls to the parish priest to make a complaint about the behaviour of one of his curates. The parish priest sees him coming but does not want to see him because he considers John to be a troublemaker. He sends another of his curates to answer the door. John asks the curate if the parish priest is in. The curate replies that he is not.”

The commission added: “This is clearly untrue but in the Church’s view it is not a lie because, when the curate told John that the parish priest was not in, he mentally reserved the words ‘…to you’.”

Cardinal Desmond Connell had explained the concept to the commission as follows:

“Well, the general teaching about mental reservation is that you are not permitted to tell a lie. On the other hand, you may be put in a position where you have to answer, and there may be circumstances in which you can use an ambiguous expression realising that the person who you are talking to will accept an untrue version of whatever it may be – permitting that to happen, not willing that it happened, that would be lying. It really is a matter of trying to deal with extraordinarily difficult matters that may arise in social relations where people may ask questions that you simply cannot answer. Everybody knows that this kind of thing is liable to happen. So mental reservation is, in a sense, a way of answering without lying.”

In Mr Madden’s case, emphasised he did not lie to the media about the use of diocesan funds for the compensation of clerical child sexual abuse victims.

[Cardinal Connell] explained to [Andrew] Madden [a sexual abuse victim, that] he had told journalists “that diocesan funds ARE (report’s emphasis) not used for such a purpose; that he had not said that diocesan funds WERE not used for such a purpose. By using the present tense he had not excluded the possibility that diocesan funds had been used for such purpose in the past. According to Mr Madden, Cardinal Connell considered that there was an enormous difference between the two.”

The Irish Church lies in creative – and evil – ways Read More »

David Foster Wallace on the impossibility of being informed & the seduction of dogma

art, education, history, language & literature, law, politics / /

From David Foster Wallace’s “Introduction” (The Best American Essays 2007):

Here is an overt premise. There is just no way that 2004’s reelection could have taken place—not to mention extraordinary renditions, legalized torture, FISA-flouting, or the
passage of the Military Commissions Act—if we had been paying attention and handling information in a competent grown-up way. ‘We’ meaning as a polity and culture. The premise does not entail specific blame—or rather the problems here are too entangled and systemic for good old-fashioned finger-pointing. It is, for one example, simplistic and wrong to blame the for-profit media for somehow failing to make clear to us the moral and practical hazards of trashing the Geneva Conventions. The for-profit media is highly attuned to what we want and the amount of detail we’ll sit still for. And a ninety-second news piece on the question of whether and how the Geneva Conventions ought to apply in an era of asymmetrical warfare is not going to explain anything; the relevant questions are too numerous and complicated, too fraught with contexts in everything from civil law and military history to ethics and game theory. One could spend a hard month just learning the history of the Conventions’ translation into actual codes of conduct for the U.S. military … and that’s not counting the dramatic changes in those codes since 2002, or the question of just what new practices violate (or don’t) just which Geneva provisions, and according to whom. Or let’s not even mention the amount of research, background, cross- checking, corroboration, and rhetorical parsing required to understand the cataclysm of Iraq, the collapse of congressional oversight, the ideology of neoconservatism, the legal status of presidential signing statements, the political marriage of evangelical Protestantism and corporatist laissez-faire … There’s no way. You’d simply drown. We all would. It’s amazing to me that no one much talks about this—about the fact that whatever our founders and framers thought of as a literate, informed citizenry can no longer exist, at least not without a whole new modern degree of subcontracting and dependence packed into what we mean by ‘informed.’8

8 Hence, by the way, the seduction of partisan dogma. You can drown in dogmatism now, too— radio, Internet, cable, commercial and scholarly print— but this kind of drowning is more like sweet release. Whether hard right or new left or whatever, the seduc- tion and mentality are the same. You don’t have to feel confused or inundated or ignorant. You don’t even have to think, for you already Know, and whatever you choose to learn confirms what you Know. This dog- matic lockstep is not the kind of inevitable dependence I’m talking about—or rather it’s only the most extreme and frightened form of that dependence.

David Foster Wallace on the impossibility of being informed & the seduction of dogma Read More »

Bernie Madoff & the 1st worldwide Ponzi scheme

business, history, law, tech in changing society / /

From Diana B. Henrioques’s “Madoff Scheme Kept Rippling Outward, Across Borders” (The New York Times: 20 December 2008):

But whatever else Mr. Madoff’s game was, it was certainly this: The first worldwide Ponzi scheme — a fraud that lasted longer, reached wider and cut deeper than any similar scheme in history, entirely eclipsing the puny regional ambitions of Charles Ponzi, the Boston swindler who gave his name to the scheme nearly a century ago.

Regulators say Mr. Madoff himself estimated that $50 billion in personal and institutional wealth from around the world was gone. … Before it evaporated, it helped finance Mr. Madoff’s coddled lifestyle, with a Manhattan apartment, a beachfront mansion in the Hamptons, a small villa overlooking Cap d’Antibes on the French Riviera, a Mayfair office in London and yachts in New York, Florida and the Mediterranean.

In 1960, as Wall Street was just shaking off its postwar lethargy and starting to buzz again, Bernie Madoff (pronounced MAY-doff) set up his small trading firm. His plan was to make a business out of trading lesser-known over-the-counter stocks on the fringes of the traditional stock market. He was just 22, a graduate of Hofstra University on Long Island.

By 1989, Mr. Madoff ‘s firm was handling more than 5 percent of the trading volume on the august New York Stock Exchange …

And in 1990, he became the nonexecutive chairman of the Nasdaq market, which at the time was operated as a committee of the National Association of Securities Dealers.

His rise on Wall Street was built on his belief in a visionary notion that seemed bizarre to many at the time: That stocks could be traded by people who never saw each other but were connected only by electronics.

In the mid-1970s, he had spent over $250,000 to upgrade the computer equipment at the Cincinnati Stock Exchange, where he began offering to buy and sell stocks that were listed on the Big Board. The exchange, in effect, was transformed into the first all-electronic computerized stock exchange.

He also invested in new electronic trading technology for his firm, making it cheaper for brokerage firms to fill their stock orders. He eventually gained a large amount of business from big firms like A. G. Edwards & Sons, Charles Schwab & Company, Quick & Reilly and Fidelity Brokerage Services.

By the end of the technology bubble in 2000, his firm was the largest market maker on the Nasdaq electronic market, and he was a member of the Securities Industry Association, now known as the Securities Industry and Financial Markets Association, Wall Street’s principal lobbying arm.

Bernie Madoff & the 1st worldwide Ponzi scheme Read More »

What Google’s book settlement means

art, business, language & literature, law, politics, tech in changing society / /
Google Book Search
Image via Wikipedia

From Robert Darnton’s “Google & the Future of Books” (The New York Review of Books: 12 February 2009):

As the Enlightenment faded in the early nineteenth century, professionalization set in. You can follow the process by comparing the Encyclopédie of Diderot, which organized knowledge into an organic whole dominated by the faculty of reason, with its successor from the end of the eighteenth century, the Encyclopédie méthodique, which divided knowledge into fields that we can recognize today: chemistry, physics, history, mathematics, and the rest. In the nineteenth century, those fields turned into professions, certified by Ph.D.s and guarded by professional associations. They metamorphosed into departments of universities, and by the twentieth century they had left their mark on campuses…

Along the way, professional journals sprouted throughout the fields, subfields, and sub-subfields. The learned societies produced them, and the libraries bought them. This system worked well for about a hundred years. Then commercial publishers discovered that they could make a fortune by selling subscriptions to the journals. Once a university library subscribed, the students and professors came to expect an uninterrupted flow of issues. The price could be ratcheted up without causing cancellations, because the libraries paid for the subscriptions and the professors did not. Best of all, the professors provided free or nearly free labor. They wrote the articles, refereed submissions, and served on editorial boards, partly to spread knowledge in the Enlightenment fashion, but mainly to advance their own careers.

The result stands out on the acquisitions budget of every research library: the Journal of Comparative Neurology now costs $25,910 for a year’s subscription; Tetrahedron costs $17,969 (or $39,739, if bundled with related publications as a Tetrahedron package); the average price of a chemistry journal is $3,490; and the ripple effects have damaged intellectual life throughout the world of learning. Owing to the skyrocketing cost of serials, libraries that used to spend 50 percent of their acquisitions budget on monographs now spend 25 percent or less. University presses, which depend on sales to libraries, cannot cover their costs by publishing monographs. And young scholars who depend on publishing to advance their careers are now in danger of perishing.

The eighteenth-century Republic of Letters had been transformed into a professional Republic of Learning, and it is now open to amateurs—amateurs in the best sense of the word, lovers of learning among the general citizenry. Openness is operating everywhere, thanks to “open access” repositories of digitized articles available free of charge, the Open Content Alliance, the Open Knowledge Commons, OpenCourseWare, the Internet Archive, and openly amateur enterprises like Wikipedia. The democratization of knowledge now seems to be at our fingertips. We can make the Enlightenment ideal come to life in reality.

What provoked these jeremianic- utopian reflections? Google. Four years ago, Google began digitizing books from research libraries, providing full-text searching and making books in the public domain available on the Internet at no cost to the viewer. For example, it is now possible for anyone, anywhere to view and download a digital copy of the 1871 first edition of Middlemarch that is in the collection of the Bodleian Library at Oxford. Everyone profited, including Google, which collected revenue from some discreet advertising attached to the service, Google Book Search. Google also digitized an ever-increasing number of library books that were protected by copyright in order to provide search services that displayed small snippets of the text. In September and October 2005, a group of authors and publishers brought a class action suit against Google, alleging violation of copyright. Last October 28, after lengthy negotiations, the opposing parties announced agreement on a settlement, which is subject to approval by the US District Court for the Southern District of New York.[2]

The settlement creates an enterprise known as the Book Rights Registry to represent the interests of the copyright holders. Google will sell access to a gigantic data bank composed primarily of copyrighted, out-of-print books digitized from the research libraries. Colleges, universities, and other organizations will be able to subscribe by paying for an “institutional license” providing access to the data bank. A “public access license” will make this material available to public libraries, where Google will provide free viewing of the digitized books on one computer terminal. And individuals also will be able to access and print out digitized versions of the books by purchasing a “consumer license” from Google, which will cooperate with the registry for the distribution of all the revenue to copyright holders. Google will retain 37 percent, and the registry will distribute 63 percent among the rightsholders.

Meanwhile, Google will continue to make books in the public domain available for users to read, download, and print, free of charge. Of the seven million books that Google reportedly had digitized by November 2008, one million are works in the public domain; one million are in copyright and in print; and five million are in copyright but out of print. It is this last category that will furnish the bulk of the books to be made available through the institutional license.

Many of the in-copyright and in-print books will not be available in the data bank unless the copyright owners opt to include them. They will continue to be sold in the normal fashion as printed books and also could be marketed to individual customers as digitized copies, accessible through the consumer license for downloading and reading, perhaps eventually on e-book readers such as Amazon’s Kindle.

After reading the settlement and letting its terms sink in—no easy task, as it runs to 134 pages and 15 appendices of legalese—one is likely to be dumbfounded: here is a proposal that could result in the world’s largest library. It would, to be sure, be a digital library, but it could dwarf the Library of Congress and all the national libraries of Europe. Moreover, in pursuing the terms of the settlement with the authors and publishers, Google could also become the world’s largest book business—not a chain of stores but an electronic supply service that could out-Amazon Amazon.

An enterprise on such a scale is bound to elicit reactions of the two kinds that I have been discussing: on the one hand, utopian enthusiasm; on the other, jeremiads about the danger of concentrating power to control access to information.

Google is not a guild, and it did not set out to create a monopoly. On the contrary, it has pursued a laudable goal: promoting access to information. But the class action character of the settlement makes Google invulnerable to competition. Most book authors and publishers who own US copyrights are automatically covered by the settlement. They can opt out of it; but whatever they do, no new digitizing enterprise can get off the ground without winning their assent one by one, a practical impossibility, or without becoming mired down in another class action suit. If approved by the court—a process that could take as much as two years—the settlement will give Google control over the digitizing of virtually all books covered by copyright in the United States.

Google alone has the wealth to digitize on a massive scale. And having settled with the authors and publishers, it can exploit its financial power from within a protective legal barrier; for the class action suit covers the entire class of authors and publishers. No new entrepreneurs will be able to digitize books within that fenced-off territory, even if they could afford it, because they would have to fight the copyright battles all over again. If the settlement is upheld by the court, only Google will be protected from copyright liability.

Google’s record suggests that it will not abuse its double-barreled fiscal-legal power. But what will happen if its current leaders sell the company or retire? The public will discover the answer from the prices that the future Google charges, especially the price of the institutional subscription licenses. The settlement leaves Google free to negotiate deals with each of its clients, although it announces two guiding principles: “(1) the realization of revenue at market rates for each Book and license on behalf of the Rightsholders and (2) the realization of broad access to the Books by the public, including institutions of higher education.”

What will happen if Google favors profitability over access? Nothing, if I read the terms of the settlement correctly. Only the registry, acting for the copyright holders, has the power to force a change in the subscription prices charged by Google, and there is no reason to expect the registry to object if the prices are too high. Google may choose to be generous in it pricing, and I have reason to hope it may do so; but it could also employ a strategy comparable to the one that proved to be so effective in pushing up the price of scholarly journals: first, entice subscribers with low initial rates, and then, once they are hooked, ratchet up the rates as high as the traffic will bear.

What Google’s book settlement means Read More »

A beheading in Saudi Arabia

law, politics, religion, security / /
Judith Beheading Holofernes, Oil on canvas, 19...
Image via Wikipedia

From Adam St. Patrick’s “Chop Chop Square: Inside Saudi Arabia’s brutal justice system” (The Walrus: May 2009):

This is Saudi Arabia, one of the last places on earth where capital punishment is a public spectacle. Decapitation awaits murderers, but the death penalty also applies to many other crimes, such as armed robbery, rape, adultery, drug use and trafficking, and renouncing Islam. There’s a woman on death row now for witchcraft, and the charge is based partly on a man’s accusation that her spell made him impotent. Saudi Arabia executed some 1,750 convicts between 1985 and 2008, yet reliable information about the practice is scarce. In Riyadh, beheadings happen at 9 a.m. any given day of the week, and there is no advance notice. There is also no written penal code, so questions of illegality depend on the on-the-spot interpretations of police and judges.

… The Saudi interpretation of the Koran discourages all forms of evidence other than confessions and eyewitness accounts in capital trials, on the theory that doing otherwise would leave too much discretion to the judge. But at any time until the sword strikes, a victim’s family can pardon the condemned — usually for a cash settlement of at least two million riyals ($690,000 or so) from the convict or his family.

Many who live to recount their experience in the Saudi justice system report that police promised freedom in exchange for a confession — or tortured them to get one.

In Riyadh, beheadings take place in a downtown public square equipped with a drain the size of a pizza box in its centre. Expatriates call it Chop Chop Square. … The job is a coveted one, often passed from father to son. In a Lebanese TV clip now on YouTube, a Saudi executioner shows off his swords and describes his approach: “If the heart is compassionate, the hand fails.”

A beheading in Saudi Arabia Read More »

Various confidence scams, tricks, & frauds

business, history, law, science, security / /

From “List of confidence tricks” (Wikipedia: 3 July 2009):

Get-rich-quick schemes

Get-rich-quick schemes are extremely varied. For example, fake franchises, real estate “sure things”, get-rich-quick books, wealth-building seminars, self-help gurus, sure-fire inventions, useless products, chain letters, fortune tellers, quack doctors, miracle pharmaceuticals, Nigerian money scams, charms and talismans are all used to separate the mark from his money. Variations include the pyramid scheme, Ponzi scheme and Matrix sale.

Count Victor Lustig sold the “money-printing machine” which could copy $100 bills. The client, sensing huge profits, would buy the machines for a high price (usually over $30,000). Over the next twelve hours, the machine would produce just two more $100 bills, but after that it produced only blank paper, as its supply of hidden $100 bills would have become exhausted. This type of scheme is also called the “money box” scheme.

The wire game, as depicted in the movie The Sting, trades on the promise of insider knowledge to beat a gamble, stock trade or other monetary action. In the wire game, a “mob” composed of dozens of grifters simulates a “wire store”, i.e., a place where results from horse races are received by telegram and posted on a large board, while also being read aloud by an announcer. The griftee is given secret foreknowledge of the race results minutes before the race is broadcast, and is therefore able to place a sure bet at the wire store. In reality, of course, the con artists who set up the wire store are the providers of the inside information, and the mark eventually is led to place a large bet, thinking it to be a sure win. At this point, some mistake is made, which actually makes the bet a loss. …

Salting or to salt the mine are terms for a scam in which gems or gold ore are planted in a mine or on the landscape, duping the greedy mark into purchasing shares in a worthless or non-existent mining company.[2] During the Gold Rush, scammers would load shotguns with gold dust and shoot into the sides of the mine to give the appearance of a rich ore, thus “salting the mine”. …

The Spanish Prisoner scam – and its modern variant, the advance fee fraud or Nigerian scam – take advantage of the victim’s greed. The basic premise involves enlisting the mark to aid in retrieving some stolen money from its hiding place. The victim sometimes believes he can cheat the con artists out of their money, but anyone trying this has already fallen for the essential con by believing that the money is there to steal (see also Black money scam). …

Many conmen employ extra tricks to keep the victim from going to the police. A common ploy of investment scammers is to encourage a mark to use money concealed from tax authorities. The mark cannot go to the authorities without revealing that he or she has committed tax fraud. Many swindles involve a minor element of crime or some other misdeed. The mark is made to think that he or she will gain money by helping fraudsters get huge sums out of a country (the classic Nigerian scam); hence marks cannot go to the police without revealing that they planned to commit a crime themselves.

Gold brick scams

Gold brick scams involve selling a tangible item for more than it is worth; named after selling the victim an allegedly golden ingot which turns out to be gold-coated lead.

Pig-in-a-poke originated in the late Middle Ages. The con entails a sale of a (suckling) “pig” in a “poke” (bag). The bag ostensibly contains a live healthy little pig, but actually contains a cat (not particularly prized as a source of meat, and at any rate, quite unlikely to grow to be a large hog). If one buys a “pig in a poke” without looking in the bag (a colloquial expression in the English language, meaning “to be a sucker”), the person has bought something of less value than was assumed, and has learned firsthand the lesson caveat emptor.

The Thai gem scam involves layers of con men and helpers who tell a tourist in Bangkok of an opportunity to earn money by buying duty-free jewelry and having it shipped back to the tourist’s home country. The mark is driven around the city in a tuk-tuk operated by one of the con men, who ensures that the mark meets one helper after another, until the mark is persuaded to buy the jewelry from a store also operated by the swindlers. The gems are real but significantly overpriced. This scam has been operating for 20 years in Bangkok, and is said to be protected by Thai police and politicians. A similar scam usually runs in parallel for custom-made suits.

Extortion or false-injury tricks

The badger game extortion is often perpetrated on married men. The mark is deliberately coerced into a compromising position, a supposed affair for example, then threatened with public exposure of his acts unless blackmail money is paid.

The Melon Drop is a scam in which the scammer will intentionally bump into the mark and drop a package containing (already broken) glass. He will blame the damage on the clumsiness of the mark, and demand money in compensation. This con arose when artists discovered that the Japanese paid large sums of money for watermelons. The scammer would go to a supermarket to buy a cheap watermelon, then bump into a Japanese tourist and set a high price.

Gambling tricks

Three-card Monte, ‘Find The Queen’, the “Three-card Trick”, or “Follow The Lady”, is (except for the props) essentially the same as the probably centuries-older shell game or thimblerig. The trickster shows three playing cards to the audience, one of which is a queen (the “lady”), then places the cards face-down, shuffles them around and invites the audience to bet on which one is the queen. At first the audience is skeptical, so the shill places a bet and the scammer allows him to win. In one variation of the game, the shill will (apparently surreptitiously) peek at the lady, ensuring that the mark also sees the card. This is sometimes enough to entice the audience to place bets, but the trickster uses sleight of hand to ensure that they always lose, unless the conman decides to let them win, hoping to lure them into betting much more. The mark loses whenever the dealer chooses to make him lose. This con appears in the Eric Garcia novel Matchstick Men and is featured in the movie Edmond.

A variation on this scam exists in Barcelona, Spain, but with the addition of a pickpocket. The dealer and shill behave in an overtly obvious manner, attracting a larger audience. When the pickpocket succeeds in stealing from a member of the audience, he signals the dealer. The dealer then shouts the word “aqua”, and the three split up. The audience is left believing that “aqua” is a code word indicating the police are coming, and that the performance was a failed scam.

In the Football Picks Scam the scammer sends out tip sheet stating a game will go one way to 100 potential victims and the other way to another 100. The next week, the 100 or so who received the correct answer are divided into two groups and fed another pick. This is repeated until a small population have (apparently) received a series of supernaturally perfect picks, then the final pick is offered for sale. Despite being well-known (it was even described completely on an episode of The Simpsons and used by Derren Brown in “The System”), this scam is run almost continuously in different forms by different operators. The sports picks can also be replaced with securities, or any other random process, in an alternative form. This scam has also been called the inverted pyramid scheme, because of the steadily decreasing population of victims at each stage.

Visitors to Las Vegas or other gambling towns often encounter the Barred Winner scam, a form of advance fee fraud performed in person. The artist will approach his mark outside a casino with a stack or bag of high-value casino chips and say that he just won big, but the casino accused him of cheating and threw him out without letting him redeem the chips. The artist asks the mark to go in and cash the chips for him. The artist will often offer a percentage of the winnings to the mark for his trouble. But, when the mark agrees, the artist feigns suspicion and asks the mark to put up something of value “for insurance”. The mark agrees, hands over jewelry, a credit card or their wallet, then goes in to cash the chips. When the mark arrives at the cashier, they are informed the chips are fake. The artist, by this time, is long gone with the mark’s valuables.

False reward tricks

The glim-dropper requires several accomplices, one of whom must be a one-eyed man. One grifter goes into a store and pretends he has lost his glass eye. Everyone looks around, but the eye cannot be found. He declares that he will pay a thousand-dollar reward for the return of his eye, leaving contact information. The next day, an accomplice enters the store and pretends to find the eye. The storekeeper (the intended griftee), thinking of the reward, offers to take it and return it to its owner. The finder insists he will return it himself, and demands the owner’s address. Thinking he will lose all chance of the reward, the storekeeper offers a hundred dollars for the eye. The finder bargains him up to $250, and departs.…

The fiddle game uses the pigeon drop technique. A pair of con men work together, one going into an expensive restaurant in shabby clothes, eating, and claiming to have left his wallet at home, which is nearby. As collateral, the con man leaves his only worldly possession, the violin that provides his livelihood. After he leaves, the second con man swoops in, offers an outrageously large amount (for example $50,000) for such a rare instrument, then looks at his watch and runs off to an appointment, leaving his card for the mark to call him when the fiddle-owner returns. The mark’s greed comes into play when the “poor man” comes back, having gotten the money to pay for his meal and redeem his violin. The mark, thinking he has an offer on the table, then buys the violin from the fiddle player (who “reluctantly” sells it eventually for, say, $5,000). The result is the two conmen are $5,000 richer (less the cost of the violin), and the mark is left with a cheap instrument.

Other confidence tricks and techniques

The Landlord Scam advertises an apartment for rent at an attractive price. The con artist, usually someone who is house-sitting or has a short-term sublet at the unit, takes a deposit and first/last month’s rent from every person who views the suite. When move-in day arrives, the con artist is of course gone, and the apartment belongs to none of the angry people carrying boxes.

Change raising is a common short con and involves an offer to change an amount of money with someone, while at the same time taking change or bills back and forth to confuse the person as to how much money is actually being changed. The most common form, “the Short Count”, has been featured prominently in several movies about grifting, notably Nueve Reinas, The Grifters and Paper Moon. A con artist shopping at, say a gas station, is given 80 cents in change because he lacks two dimes to complete the sale (say the sale cost is $19.20 and the con man has a 20 dollar bill). He goes out to his car and returns a short time later, with 20 cents. He returns them, saying that he found the rest of the change to make a dollar, and asking for a bill so he will not have to carry coins. The confused store clerk agrees, exchanging a dollar for the 20 cents the conman returned. In essence, the mark makes change twice.

Beijing tea scam is a famous scam in and around Beijing. The artists (usually female and working in pairs) will approach tourists and try to make friends. After chatting, they will suggest a trip to see a tea ceremony, claiming that they have never been to one before. The tourist is never shown a menu, but assumes that this is how things are done in China. After the ceremony, the bill is presented to the tourist, charging upwards of $100 per head. The artists will then hand over their bills, and the tourists are obliged to follow suit.

Various confidence scams, tricks, & frauds Read More »

Stolen credit card data is cheaper than ever in the Underground

business, law, security, tech in changing society / /

From Brian Krebs’ “Glut of Stolen Banking Data Trims Profits for Thieves” (The Washington Post: 15 April 2009):

A massive glut in the number of credit and debit cards stolen in data breaches at financial institutions last year has flooded criminal underground markets that trade in this material, driving prices for the illicit goods to the lowest levels seen in years, experts have found.

For a glimpse of just how many financial records were lost to hackers last year, consider the stats released this week by Verizon Business. The company said it responded to at least 90 confirmed data breaches last year involving roughly 285 million consumer records, a number that exceeded the combined total number of breached records from cases the company investigated from 2004 to 2007. Breaches at banks and financial institutions were responsible for 93 percent of all such records compromised last year, Verizon found.

As a result, the stolen identities and credit and debit cards for sale in the underground markets is outpacing demand for the product, said Bryan Sartin, director of investigative response at Verizon Business.

Verizon found that profit margins associated with selling stolen credit card data have dropped from $10 to $16 per record in mid-2007 to less than $0.50 per record today.

According to a study released last week by Symantec Corp., the price for each card can be sold for as low as 6 cents when they are purchased in bulk.

Lawrence Baldwin, a security consultant in Alpharetta, Ga., has been working with several financial institutions to help infiltrate illegal card-checking services. Baldwin estimates that at least 25,000 credit and debit cards are checked each day at three separate illegal card-checking Web sites he is monitoring. That translates to about 800,000 cards per month or nearly 10 million cards each year.

Baldwin said the checker sites take advantage of authentication weaknesses in the card processing system that allow merchants to conduct so-called “pre-authorization requests,” which merchants use to place a temporary charge on the account to make sure that the cardholder has sufficient funds to pay for the promised goods or services.

Pre-authorization requests are quite common. When a waiter at a restaurant swipes a customer’s card and brings the receipt to the table so the customer can add a tip, for example, that initial charge is essentially a pre-authorization.

With these card-checking services, however, in most cases the charge initiated by the pre-authorization check is never consummated. As a result, unless a consumer is monitoring their accounts online in real-time, they may never notice a pre-authorization initiated by a card-checking site against their card number, because that query won’t show up as a charge on the customer’s monthly statement.

The crooks have designed their card-checking sites so that each check is submitted into the card processing network using a legitimate, hijacked merchant account number combined with a completely unrelated merchant name, Baldwin discovered.

One of the many innocent companies caught up in one of these card-checking services is Wild Birds Unlimited, a franchise pet store outside of Buffalo, N.Y. Baldwin said a fraudulent card-checking service is running pre-authorization requests using Wild Bird’s store name and phone number in combination with another merchant’s ID number.

Danielle Pecoraro, the store’s manager, said the bogus charges started in January 2008. Since then, she said, her store has received an average of three to four phone calls each day from people who had never shopped there, wondering why small, $1-$10 charges from her store were showing up on their monthly statements. Some of the charges were for as little as 24 cents, and a few were for as much as $1,900.

Stolen credit card data is cheaper than ever in the Underground Read More »

Storm made $7000 each day from spam

business, law, security / /

From Bruce Schneier’s “The Economics of Spam” (Crypto-Gram: 15 November 2008):

Researchers infiltrated the Storm worm and monitored its doings.

“After 26 days, and almost 350 million e-mail messages, only 28 sales resulted — a conversion rate of well under 0.00001%. Of these, all but one were for male-enhancement products and the average purchase price was close to $100. Taken together, these conversions would have resulted in revenues of $2,731.88 — a bit over $100 a day for the measurement period or $140 per day for periods when the campaign was active. However, our study interposed on only a small fraction of the overall Storm network — we estimate roughly 1.5 percent based on the fraction of worker bots we proxy. Thus, the total daily revenue attributable to Storm’s pharmacy campaign is likely closer to $7000 (or $9500 during periods of campaign activity). By the same logic, we estimate that Storm self-propagation campaigns can produce between 3500 and 8500 new bots per day.

“Under the assumption that our measurements are representative over time (an admittedly dangerous assumption when dealing with such small samples), we can extrapolate that, were it sent continuously at the same rate, Storm-generated pharmaceutical spam would produce roughly 3.5 million dollars of revenue in a year. This number could be even higher if spam-advertised pharmacies experience repeat business. A bit less than “millions of dollars every day,” but certainly a healthy enterprise.”

Storm made $7000 each day from spam Read More »

Small charges on your credit card – why?

business, law, security / /

Too Much Credit
Creative Commons License photo credit: Andres Rueda

From Brian Kreb’s “An Odyssey of Fraud” (The Washington Post: 17 June 2009):

Andy Kordopatis is the proprietor of Odyssey Bar, a modest watering hole in Pocatello, Idaho, a few blocks away from Idaho State University. Most of his customers pay for their drinks with cash, but about three times a day he receives a phone call from someone he’s never served — in most cases someone who’s never even been to Idaho — asking why their credit or debit card has been charged a small amount by his establishment.

Kordopatis says he can usually tell what’s coming next when the caller immediately asks to speak with the manager or owner.

“That’s when I start telling them that I know why they’re calling, and about the Russian hackers who are using my business,” Kordopatis said.

The Odyssey Bar is but one of dozens of small establishments throughout the United States seemingly picked at random by organized cyber criminals to serve as unwitting pawns in a high-stakes game of chess against the U.S. financial system. This daily pattern of phone calls and complaints has been going on for more than a year now. Kordopatis said he has talked to the company that processes his bar’s credit card payments about fixing the problem, but says they can’t do anything because he hasn’t actually lost any money from the scam.

The Odyssey Bar’s merchant account is being abused by online services that cyber thieves built to help other crooks check the balances and limits on stolen credit and debit card account numbers.

Small charges on your credit card – why? Read More »

Could Green Dam lead to the largest botnet in history?

business, law, politics, security / /

Green_Damn_site_blocked.jpg

From Rob Cottingham’s “From blocking to botnet: Censorship isn’t the only problem with China’s new Internet blocking software” (Social Signal: 10 June 2009):

Any blocking software needs to update itself from time to time: at the very least to freshen its database of forbidden content, and more than likely to fix bugs, add features and improve performance. (Most anti-virus software does this.)

If all the software does is to refresh the list of banned sites, that limits the potential for abuse. But if the software is loading new executable code onto the computer, suddenly there’s the potential for something a lot bigger.

Say you’re a high-ranking official in the Chinese military. And let’s say you have some responsibility for the state’s capacity to wage so-called cyber warfare: digital assaults on an enemy’s technological infrastructure.

It strikes you: there’s a single backdoor into more that 40 million Chinese computers, capable of installing… well, nearly anything you want.

What if you used that backdoor, not just to update blocking software, but to create something else?

Say, the biggest botnet in history?

Still, a botnet 40 million strong (plus the installed base already in place in Chinese schools and other institutions) at the beck and call of the military is potentially a formidable weapon. Even if the Chinese government has no intention today of using Green Dam for anything other than blocking pornography, the temptation to repurpose it for military purposes may prove to be overwhelming.

Could Green Dam lead to the largest botnet in history? Read More »

Green Dam is easily exploitable

business, law, security, tech in changing society / /

Green_Damn_site_blocked.jpg

From Scott Wolchok, Randy Yao, and J. Alex Halderman’s “Analysis of the Green Dam Censorware System” (The University of Michigan: 11 June 2009):

We have discovered remotely-exploitable vulnerabilities in Green Dam, the censorship software reportedly mandated by the Chinese government. Any web site a Green Dam user visits can take control of the PC.

According to press reports, China will soon require all PCs sold in the country to include Green Dam. This software monitors web sites visited and other activity on the computer and blocks adult content as well as politically sensitive material.

We examined the Green Dam software and found that it contains serious security vulnerabilities due to programming errors. Once Green Dam is installed, any web site the user visits can exploit these problems to take control of the computer. This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet. In addition, we found vulnerabilities in the way Green Dam processes blacklist updates that could allow the software makers or others to install malicious code during the update process.

We found these problems with less than 12 hours of testing, and we believe they may be only the tip of the iceberg. Green Dam makes frequent use of unsafe and outdated programming practices that likely introduce numerous other vulnerabilities. Correcting these problems will require extensive changes to the software and careful retesting. In the meantime, we recommend that users protect themselves by uninstalling Green Dam immediately.

Green Dam is easily exploitable Read More »

Interviewed for an article about mis-uses of Twitter

business, law, personal, social software, tech in changing society / /

The Saint Louis Beacon published an article on 27 April 2009 titled “Tweets from the jury box aren’t amusing“, about legal “cases across the country where jurors have used cell phones, BlackBerrys and other devices to comment – sometimes minute by minute or second by second on Twitter, for instance – on what they are doing, hearing and seeing during jury duty.” In it, I was quoted as follows:

The small mobile devices so prevalent today can encourage a talkative habit that some people may find hard to break.

“People get so used to doing it all the time,” said Scott Granneman, an adjunct professor of communications and journalism at Washington University. “They don’t stop to think that being on a jury means they should stop. It’s an etiquette thing.”

Moreover, he added, the habit can become so ingrained in some people – even those on juries who are warned repeatedly they should not Tweet or text or talk about they case they are on – that they make excuses.

“It’s habitual,” Granneman said. “They say ‘It’s just my friends and family reading this.’ They don’t know the whole world is following this.

“Anybody can go to any Twitter page. There may be only eight people following you, but anybody can go anyone’s page and anybody can reTweet – forward someone’s page: ‘Oh my God, the defense attorney is so stupid.’ That can go on and on and on.”

Interviewed for an article about mis-uses of Twitter Read More »

German twins commit the perfect crime

business, law, science, security / /

From “Twins Suspected in Spectacular Jewelry Heist Set Free” (Spiegel Online International: 19 March 2009):

Saved by their indistinguishable DNA, identical twins suspected in a massive jewelry heist have been set free. Neither could be exclusively linked to the DNA evidence.

German police say at least one of the identical twin brothers Hassan and Abbas O. may have perpetrated a recent multimillion euro jewelry heist in Berlin. But because of their indistinguishable DNA, neither can be individually linked to the crime. Both were set free on Wednesday.

In the early morning hours of February 25, three masked men broke into Germany’s famous luxury department store Kaufhaus Des Westens (KaDeWe). Video cameras show how they climbed into the store’s grand main hall, broke open cabinets and display cases and made off with an estimated €5 million worth of jewelry and watches.

When police found traces of DNA on a glove left at the scene of the crime, it seemed that the criminals responsible for Germany’s most spectacular heist in years would be caught. But the DNA led to not one but two suspects — 27-year-old identical, or monozygotic, twins with near-identical DNA.

German law stipulates that each criminal must be individually proven guilty. The problem in the case of the O. brothers is that their twin DNA is so similar that neither can be exclusively linked to the evidence using current methods of DNA analysis. So even though both have criminal records and may have committed the heist together, Hassan and Abbas O. have been set free.

German twins commit the perfect crime Read More »

Criminal goods & service sold on the black market

business, law, security, tech in changing society / /

From Ellen Messmer’s “Symantec takes cybercrime snapshot with ‘Underground Economy’ report” (Network World: 24 November 2008):

The “Underground Economy” report [from Symantec] contains a snapshot of online criminal activity observed from July 2007 to June 2008 by a Symantec team monitoring activities in Internet Relay Chat (IRC) and Web-based forums where stolen goods are advertised. Symantec estimates the total value of the goods advertised on what it calls “underground servers” was about $276 million, with credit-card information accounting for 59% of the total.

If that purloined information were successfully exploited, it probably would bring the buyers about $5 billion, according to the report — just a drop in the bucket, points out David Cowings, senior manager of operations at Symantec Security Response.

“Ninety-eight percent of the underground-economy servers have life spans of less than 6 months,” Cowings says. “The smallest IRC server we saw had five channels and 40 users. The largest IRC server network had 28,000 channels and 90,000 users.”

In the one year covered by the report, Symantec’s team observed more than 69,000 distinct advertisers and 44 million total messages online selling illicit credit-card and financial data, but the 10 most active advertisers appeared to account for 11% of the total messages posted and $575,000 in sales.

According to the report, a bank-account credential was selling for $10 to $1,000, depending on the balance and location of the account. Sellers also hawked specific financial sites’ vulnerabilities for an average price of $740, though prices did go as high as $2,999.

In other spots, the average price for a keystroke logger — malware used to capture a victim’s information — was an affordable $23. Attack tools, such as botnets, sold for an average of $225. “For $10, you could host a phishing site on someone’s server or compromised Web site,” Cowings says.

Desktop computer games appeared to be the most-pirated software, accounting for 49% of all file instances that Symantec observed. The second-highest category was utility applications; third-highest was multimedia productivity applications, such as photograph or HTML editors.

Criminal goods & service sold on the black market Read More »

Some facts about GPL 2 & GPL 3

business, law, tech in changing society / /

From Liz Laffan’s “GPLv2 vs GPLv3: The two seminal open source licenses, their roots, consequences and repercussions” (VisionMobile: September 2007):

From a licensing perspective, the vast majority (typically 60-70%) of all open source projects are licensed under the GNU Public License version 2 (GPLv2).

GPLv3 was published in July 2007, some 16 years following the creation of GPLv2. The purpose of this new license is to address some of the areas identified for improvement and clarification in GPLv2 – such as patent indemnity, internationalisation and remedies for inadvertent license infringement (rather than the previous immediate termination effect). The new GPLv3 license is nearly double the length of the GPLv2 …

GPLv3 differs to GPLv2 in several important ways. Firstly it provides more clarity on patent licenses and attempts to clarify what is meant by both a distribution and derivative works. Secondly it revokes the immediate termination of license clause in favour of licensee opportunities to ‘fix’ any violations within a given time-period. In addition there are explicit ‘Additional Terms’ which permits users to choose from a fixed set of alternative terms which can modify the standard GPLv3 terms. These are all welcome, positive moves which should benefit all users of the GPLv3 license.

Nonetheless there are three contentious aspects of GPLv3 that have provoked much discussion in the FOSS community and could deter adoption of GPLv3 by more circumspect users and organisations.

Some facts about GPL 2 & GPL 3 Read More »

Open source & patents

business, law, politics, tech in changing society / /

From Liz Laffan’s “GPLv2 vs GPLv3: The two seminal open source licenses, their roots, consequences and repercussions” (VisionMobile: September 2007):

Cumulatively patents have been doubling practically every year since 1990. Patents are now probably the most contentious issue in software-related intellectual property rights.

However we should also be aware that software written from scratch is as likely to infringe patents as FOSS covered software – due mainly to the increasing proliferation of patents in all software technologies. Consequently the risk of patent infringement is largely comparable whether one chooses to write one’s own software or use software covered by the GPLv2; one will most likely have to self-indemnify against a potential patent infringement claim in both cases.

The F.U.D. (fear, uncertainty and doubt) that surrounds patents in FOSS has been further heightened by two announcements, both instigated by Microsoft. Firstly in November 2006 Microsoft and Novell1 entered into a cross- licensing patent agreement where Microsoft gave Novell assurances that it would not sue the company or its customers if they were to be found infringing Microsoft patents in the Novell Linux distribution. Secondly in May 2007 Microsoft2 restated (having alluded to the same in 2004) that FOSS violates 235 Microsoft patents. Unfortunately, the Redmond giant did not state which patents in particular were being infringed and nor have they initiated any actions against a user or distributor of Linux.

The FOSS community have reacted to these actions by co-opting the patent system and setting up the Patent Commons (http://www.patentcommons.org). This initiative, managed by the Linux Foundation, coordinates and manages a patent commons reference library, documenting information about patent- related pledges in support of Linux and FOSS that are provided by large software companies. Moreover, software giants such as IBM and Nokia have committed not to assert patents against the Linux kernel and other FOSS projects. In addition, the FSF have strengthened the patent clause of GPLv3…

Open source & patents Read More »