December 9, 2021

Time to Retire "Hacking"

Many confidential documents are posted mistakenly on the web, allowing strangers to find them via search engines, according to a front-page article by Yuki Noguchi in today’s Washington Post. I had thought this was common knowledge, but apparently it’s not.

The most striking aspect of the article, to me at least, is that doing web searches for such material is called “Google hacking.” This is yet another step in the slow decay of the once-useful word “hack”, whose meaning is now so vague that it is best avoided altogether.

Originally, “hacker” was a term of respect, applied only to the greatest of (law-abiding) software craftsmen. The first stage of the term’s decline began when online intruders started calling themselves “hackers,” and the press began using the term “hacking” to refer to computer intrusions. This usage tends to reinforce the (often false) impression that intrusions require great technical skill.

As a shorthand term for illegal computer intrusions, “hacking” was at least useful. But the second phase of its decline has drained away even that meaning, as “hacking” has lost its tie to illegality and has become a general-purpose label of disapproval that can be slapped onto almost any activity. Nowadays almost any lawsuit over on-line activity involves an accusation of “hacking,” and the term has become a favorite of lobbyists seeking to ban previously accepted practices. Who would oppose a ban on hacking?

Calling something “hacking” conveys nothing more than the speaker’s disapproval of it. If you’re trying to communicate clearly, it’s time to retire “hacking” from your lexicon. If you don’t like what somebody is doing, tell us why.

Standards vs. Regulation

The broadcast flag “debate” never ceases to amaze me. It’s a debate about technology, but in forum after forum the participants are all lawyers. And it takes place in a weird reality distortion field where certain technological non sequiturs pass for unchallenged truth.

One of these is that the broadcast flag is a technical “standard.” Even opponents of the flag have taken to using this term. As I have written before, there is a difference between standards and regulation, and the broadcast flag is clearly regulation.

For future reference, here is a handy chart you can use to distinguish standards from non-standards.

written by engineers written by lawyers
voluntary mandatory
enables interoperation prevents interoperation
backed by technologists opposed by technologists

Simple, isn’t it?

UPDATE (March 7, 8:00 AM): On further reflection (brought on by the comments of readers, including Karl-Friedrich Lenz) I changed the table above. Originally the right-hand column said “regulation” but I now realize that goes too far.

Standards, or Collusion?

John T. Mitchell at InteractionLaw writes about the potential antitrust implications of backroom deals between copyright owners and technology makers.

If a copyright holder were to agree with the manufacturers of the systems for making lawful copies and of the systems for playing them to eliminate all trade in lawful copies unless each transaction (each resale, trade, gift or rental) has the consent of the copyright holder, there is of course no doubt that such agreement would constitute a naked restraint of trade. If, instead, the copyright holder agreed with the manufactures of copying and playing technologies to deploy a system which simply obeys the instructions of the copyright holder (including instructions which have the purpose and effect of eliminating the resale, trade, gift or rental of the copy, or of enlarging the copyright monopoly by charging for private performances), then the agreement to have technology automatically do the deed is certainly no better than the first. It is akin to a company saying to the prospective co-conspirator: “Listen, I can’t agree with you to do what you are asking because my lawyers tell me it would be illegal, so what I’ll do is program my machine to do what you tell it to do, but just don’t tell me.”

I understand that antitrust law is suspicious of backroom deals in which companies agree not to produce certain otherwise legal products, but that there are some exceptions for standard-setting. Perhaps that is why the various inter-industry groups try to dress up their agreements as “standards.” As I have written before, most of these agreements don’t look at all like technical standards, and to label them as such is misleading.

True technical standards are voluntary, and allow products to be more functional by giving them a way to interoperate (i.e., to work together). Most of the DRM “standards” are mandatory, and make products less functional by banning some kinds of interoperation.

Whether these agreements violate antitrust law is beyond my expertise, but I do know that a reasonable exemption for technical standard-setting ought not to apply to them.