Until the election is decided, I’ll be blogging less on this site, and more on evoting-experts.com.
U.S. readers: please vote tomorrow!
New EVoting-Experts Group Blog
October 31, 2004 by
evoting-experts.com is a new group blog devoted to e-voting issues. Members include leading experts on the technology, including David Dill, Ed Felten, Joe Hall, Avi Rubin, Adam Stubblefield, and Dan Wallach (with more to come, we hope).
The site’s goal is to provide one-stop shopping for e-voting news and analysis, to the public and the press, on election day and thereafter.
Check it out, and please help us spread the word about the site.
The Big-Head Principle
October 30, 2004 by
Over the next few days, Americans will be asking themselves which candidate has what it takes to be president, or at least which one has what it takes to win the election. To answer this question, we must first determine exactly what it does take. Based on personal observation, I think I may know.
Bill Clinton is the only U.S. president I have seen up close. He walked about ten feet from me in the Princeton graduation procession a few years ago. And I couldn’t help noticing that he had a really big head. When I say this, I don’t mean he was very smart, and I don’t mean he had an inflated opinion of himself – though both of those things may well be true. I mean, quite literally, that his head was considerably larger than average for a man of his size. So much so that his head size is the one and only thing I remember about my near-encounter with him. Perhaps having a large head helps one to succeed in politics.
If you think about it, we are often drawn to big-headed creatures. Mickey Mouse. Frankenstein’s monster. Barney the dinosaur. Bart Simpson. Mister Potato Head. Spongebob Squarepants. What is it about big-heads that makes us want to watch them?
Perhaps the explanation is that babies have disproportionately large heads, and we are genetically programmed to like babies. Or perhaps large heads can better show sympathetic emotion.
In any case, head size is clearly an important factor in politics, a factor we can use to divine a hidden law of American politics – the candidate with the bigger head usually wins. Call it the Big-Head Principle.
Which candidate has the bigger head in this election? Video coverage shows the candidates shaking hands after the debates. Looking at the two men side by side, in the same shot, it’s clear that John Kerry has the bigger head.
Being nonpartisan, we will not endorse a candidate; but we can make a prediction. According to the Big-Head Principle, John Kerry will be the next president of the United States.
CallerID and Bad Authentication
October 29, 2004 by
A new web service allows anybody to make phone calls with forged CallerID (for a fee), according to a Kevin Poulsen story at SecurityFocus. (Another such service had been open briefly a few months ago.) This isn’t surprising, given the known insecurity of the CallerID system, which trusts the system where a call originates to provide accurate information about the calling number.
This is more than just a prankster’s delight, since some technologies are designed to use CallerID as if it were a secure identifier of the calling number. Poulsen reports, for instance, that T-Mobile uses CallerID to authenticate its customers’ access to their voicemail. If I can call the T-Mobile voicemail system, while sending CallerID information indicating that the call is coming from your phone, then I can access your voicemail box.
Needless to say, it’s a bad idea to use an insecure identifier to authenticate accesses to any service. Still, this mistake is often made.
A common example of the same mistake is to use IP addresses (the numeric addresses that designate “places” on the Internet) to authenticate users of an Internet service. For example, if Princeton University subscribes to some online database, the database service may allow access from any of the IP addressess belonging to Princeton. This is a bad idea, since IP addresses can sometimes be spoofed and various legitimate services can make an access seem to come from one address when it’s really coming from another.
If I were to run a web proxy within the Princeton network, then anybody accessing the web through my proxy might (depending on the circumstances) appear to be using a Princeton IP address. My web proxy might therefore allow anybody on the web to access the proprietary database. Some users might deliberately use my proxy to gain unauthorized access, and some users might be using the proxy for other, legitimate reasons and be surprised to have open access to the database. In either case, the access would be enabled by the database company’s decision to rely on IP addresses to control access.
In practice, people who design web proxies and similar services often find themselves jumping through hoops to try to prevent this kind of problem, even though it’s not their fault. One isn’t supposed to rely on IP addresses for authentication, but many people do. The result is that developers of new services may find themselves either (a) inadvertently enabling unauthorized access to other services, or (b) spending extra time and effort to shore up the insecure systems of others. Some of my colleagues who developed CoDeeN, a cool distributed web proxy system, found themselves wrestling with this problem and ultimately chose to add complexity to their design to protect some IP-address-based authentication systems. (They wrote an interesting paper about all of the “bad traffic” that showed up when they set up CoDeeN.)
It will be interesting to see how the CallerID story develops. My guess is that people will stop relying on the accuracy of CallerID, as spoofing becomes more widespread.
Pro-Competition Ruling in Lexmark Case
October 27, 2004 by
Yesterday the Sixth Circuit Court of Appeals ruled in Lexmark v. Static Control. The Court said, in effect, that Lexmark could not leverage copyright and DMCA claims to keep a competitor from making toner cartridges that work with Lexmark printers. This reversed a lower court decision.
[Backstory: Lexmark-brand toner cartridges contain a short computer program (about 50 bytes). Software in a Lexmark printer checks whether newly inserted toner cartridges contain that program, and refuse to work with cartridges that don’t. Static Control makes a chip containing the same short program, so that third-party cartridges containing the Static Control chip can work in Lexmark printers. Lexmark sued, claiming copyright infringement (for copying the program) and DMCA violations (for circumventing the program-verification step). The original trial court issued a preliminary injunction against Static Control, which the Sixth Circuit just overruled.]
The ruling is very good news on both copyright and DMCA fronts. The fundamental issue in both fronts was whether a company could use copyright or the DMCA, in conjunction with a technical lockout mechanism, to prevent a competitor from making products that worked with (or interoperated) with its products.
The interesting copyright issue is whether a copyright owner can leverage copyright to limit interoperability. Consider this hypothetical: Alice writes a computer program which I’ll call A. Alice writes a copyrighted poem, and she programs A so that it will accept input only from programs that first send a copy of the poem. Alice gives permission for Bob’s program B to send the poem, but she refuses permission to everybody else. When Charlie makes a program that sends the poem, Alice sues him from infringing the poem’s copyright. Charlie proves that there is no way for his program to interoperate with A, except by sending the poem. Should Charlie be liable for copyright infringement?
This hypothetical doesn’t exactly match the facts of the present case, as far as I can tell, but it’s pretty close. The Court ruled that Static Control was allowed to copy Lexmark’s short computer program (which is analogous to the poem), to the extent that that copying was required in order to interoperate. So Lexmark could not leverage its copyright to prevent interoperability.
On the DMCA side, Lexmark had argued (and the lower court had agreed) that the printer mechanism that checked for the presence of the small toner-cartridge program was, under the DMCA, a technical protection mechanism that controlled access to Lexmark’s software, and that Static Control had circumvented that mechanism in violation of the DMCA. The key word here is “access”. The lower court said that the mechanism controlled “access” because it controlled the user’s ability to make use of the software, and “to make use of” is one definition of the word “access”. The Court of Appeals disagreed, saying that this was not the kind of “access” that Congress meant to protect in passing the DMCA. What Congress meant by “access”, the Court said, is the ability to read the program itself, not the ability to interact with or use it. Since Lexmark’s technical mechanism did not control the ability to read the program, it was not an access control in the sense meant by the DMCA, and hence Static Control had not violated the DMCA.
This is consistent with another court’s ruling in an earlier case, Chamberlain v. Skylink, involving garage door openers.
To sum up, this ruling is a big victory for interoperability. It also strikes an important blow against one overreaching reading of the DMCA, by limiting the scope of the access control provision. The DMCA is still deeply problematic in other ways, but we can hope that this ruling has narrowed its scope a bit.
