October 22, 2017

Archives for May 2004

Word Tracking Bug Demo and Remover

Alex Halderman has created a page about the Word tracking bugs I described yesterday. He offers an example Word tracking bug for you to examine, and a scanner program that can find and remove Word tracking bugs on your computer.

Email Tracking: It Gets Worse

When I wrote Monday about the new didtheyreadit.com privacy-invading email tracking system, I had no idea that an even more invasive system has been on the market for two years or so. This system, called readnotify.com, was pointed out by commenter Brian Parsons.

readnotify.com is an email tracking system that uses Web bugs (like didtheyreadit) and also uses a trick involving IFRAMEs (unlike didtheyreadit). The IFRAME trick cannot be disabled by the standard countermeasure of turning off remote image loading. There may not be an easy way to disable it in today’s email software, short of turning off HTML email entirely.

Worse yet, readnotify offers a service that lets anyone put hidden tracking bugs in Word documents, Excel spreadsheets, and other OLE-compliant document formats. When somebody opens a document containing one of these trackers, the time of the access is reported, along with the accessor’s IP address (which often reveals their geographic location) and some configuration information about their computer.

The vulnerability in Word that readnotify exploits was discovered back in 2000 by Richard M. Smith. It got some press coverage back then, but was mostly ignored because there were no reports (at that time) of anybody exploiting the vulnerability. Now there are commercial products that exploit it. It’s time for Microsoft to fix this vulnerability.

Must-Read Copyright Articles

Recently I read two great articles on copyright: Tim Wu’s Copyright’s Communications Policy and Mark Lemley’s Ex Ante Versus Ex Post Justifications for Intellectual Property.

Wu’s paper, which has already been praised widely in the copyright blogosphere, argues that copyright law, in addition to its well-known purpose of creating incentives for authors, has another component that amounts to a government policy on communications systems. This idea has been kicking around for some time, but Wu really nails it. His paper has a fascinating historical section describing what happened when new technologies, such as player pianos, radio, and cable TV, affected the copyright balance. In each case, after lots of legal maneuvering, a deal was cut between the incumbent industry and the challenger. Wu goes on to explain why this is the case, and what it all means for us today. There’s much more to this paper; a single paragraph can’t do it justice.

Lemley’s paper is a devastating critique of a new style of copyright-extension argument. The usual rationale for copyright is that it operates ex ante (which is lawyerspeak for beforehand): by promising authors a limited monopoly on copying and distribution of any work they might create in the future, we give them an incentive to create. After the work is created, the copyright monopoly leads to inefficiencies, but these are necessary because we have to keep our promise to the author. The goal of copyright is to keep others from free-riding on the author’s creative work.

Recently, we have begun hearing ex post arguments for copyright, saying that even for works that have already been created, the copyright monopoly is more efficient than a competitive market would be. Some of the arguments in favor of copyright term extension are of this flavor. Lemley rebuts these arguments very convincingly, arguing that they (a) are theoretically unsound, (b) are contradicted by practical experience, and (c) reflect an odd anti-market, central-planning bias. Based on this description, you might think Lemley’s article is long and dense; but it’s short and surprisingly readable. (Don’t be fooled by the number of pages in the download – they’re mostly endnotes.)