August 22, 2017

Archives for 2003

Spammers Concerned by CAN-SPAM?

Alan Ralsky, one of the biggest spammers, thinks the new CAN-SPAM act will hinder his spamming business, according to Saul Hansell’s story in today’s New York Times. Naturally, eventhing this guy says should be viewed skeptically, but the article is interesting nonetheless.

Mr. Ralsky talks a lot about himself in the article, and a revealing picture emerges. He has constructed a (rationalized) view of himself as a legitimate businessman who has been forced by those nasty antispam technologies to resort to practices like operating underground, forging mail headers, using open relays, and so on. Now the CAN-SPAM Act will ban some of those practices – and he wants us to feel sorry for him!

Mr. Ralsky also claims that he has been inactive (i.e., not spamming) for the past few weeks. I’ve been remarking to people for the last couple of weeks that there seems to be less spam than there was before. I almost wrote a blog entry asking all of you whether you had seen the same thing. Is it just the holiday season? Or is this one guy sending lots of my incoming spam?

Mr. Ralsky says he will soldier on, continuing to spam while complying with the new law. But he worries that his compliance will make it easier for people to filter out his messages. Let’s hope so.

RIAA Subpoena Decision, and Fallout

There’s been lots of talk about the DC Circuit court’s ruling that the RIAA cannot compel ISPs to identify customers who the RIAA suspects of infringing copyrights. The court ruled on narrow grounds, saying that Congress, in the text of the DMCA, did not authorize the type of subpoena that the RIAA wants to use.

This is good news, but it is not as big a deal as some people think. The subpoena provision in question was hardly the greatest injustice in the world. Yes, it was open to abuse by various bad actors; and yes, not everybody identified to the RIAA turned out to be an infringer. If I were king, I would not allow RIAA-style subpoenas without judicial approval. But unless you shed tears for the actual infringers whose names were revealed to the RIAA – which I don’t – this is not the huge privacy boon that some have suggested.

What happens next? One of two things. The RIAA may ask Congress to change the law, to allow the subpoenas in question. My guess is that Congress would give them what they want, perhaps with a few new safeguards to prevent the most egregious abuse scenarios. Alternatively, the RIAA may cut a deal with the major ISPs, in which the RIAA agrees not to ask Congress to change the law, and the ISPs agree in exchange to forward RIAA warning messages to customers who the RIAA identifies as probable infringers.

In the meantime, the RIAA says they intend to file John Doe lawsuits, in which they sue first and then use a traditional subpoena to identify the defendant.

More E-Voting Follies

Lately it seems that we’ve seen one story after another about the carelessness of e-voting vendors, especially Diebold. Here are two.

(1) Kim Alexander of the California Voter Foundation (who has been, in my experience, a reliable source of information) reported this:

This afternoon [apparently Tuesday – EF] I attended a meeting of the California Secretary of State’s Voting Systems Panel, which is in charge of certifying and decertifying voting systems for California elections.

At this meeting the initial results from the Secretary of State’s audit of counties using Diebold equipment were released. The Secretary of State’s auditors discovered that of the 17 counties using Diebold equipment (both optical scan and touchscreen), all 17 had some software or firmware version in use that was not certified by the Secretary of State.

It was an astonishing piece of information – no one knew how widespread the problem was of Diebold installing uncertified software in voting systems as was discovered in Alameda County. It turns out all of Diebold’s California clients are using some version of Diebold software or firmware that is not certified by the state.

It was a real bombshell. Secretary of State Kevin Shelley came into the meeting to address the panel and spoke very firmly and passionately about the need for voters to have confidence in elections. He also suggested that it is possible Diebold could be decertified in California altogether.

(2) An AP story by Rachel Konrad reported on allegations that Global Election Systems, a company purchased by Diebold, had employed convicted felons, some in upper management. Here’s a sample:

The programmer, Jeffrey Dean, wrote and maintained proprietary code used to count hundreds of thousands of votes as senior vice president of Global Election Systems Inc. Diebold purchased GES in January 2002.

According to a public court document released before GES hired him, Dean served time in a Washington correctional facility for stealing money and tampering with computer files in a scheme that “involved a high degree of sophistication and planning.”

Diebold said that Mr. Dean left his job when Diebold bought GES. Diebold apparently did not comment on the status of the other four current or past employees who are said to be convicted felons.

[Link credit for (2): Siva Vaidhyanathan.]