Tag Archives: geek stuff

Texan judges and juries can’t hold high tech hostage any more

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Goodbye to all that.

A particularly pathological cottage industry in east Texas is coming to an end, much to the delight of high tech entrepreneurs, and they have a low tech court case to thank for it. The federal supreme court ruled that patent trolls can’t go shopping for the most easily bamboozled judges and juries, but instead have to file law suits in the home state of the companies they’re trying to shake down.

According to a story in the Hill, the decision came in a case where Kraft – decidedly not a troll – tried to sue an Indiana-based company, TC Heartland, over water flavoring technology in a Delaware-based court…

The ruling will have broad implications for patent lawsuits, which are frequently moved to certain districts that have a track record of being favorable to patent infringement claims.

In delivering the court’s opinion, Justice Clarence Thomas wrote that much of the decision hinged on the word “resides,” which the court found to mean state of incorporation. Thomas wrote that because of this interpretation, updates to the rules by Congress did not change a 1957 Supreme Court decision that had previously found that patent suits must take place in the targeted company’s home state.

Though the TC Heartland and Kraft case focused on a disagreement between whether the case should take place in Indiana or Delaware, 40 percent of all patent suits are filed in east Texas. Ninety percent are brought in by “patent trolls,” or companies that hold patents but do not manufacture or produce anything, according to the Stanford Law Journal.

The decision hits trolls and the east Texas predatory bar that serves them, but it will also impact communities there. Big corporations, such as Samsung, have focused community relations dollars on east Texas, in the hope of building friendly relations with potential future jurors. Samsung might be able to afford to waste money on such endeavors, but few others can. The court’s ruling isn’t the end of the war against patent trolls, but it is a decisive battle.

No secrets in California’s self driving car race

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Autonomous cars will be networked cars, manufacturers will maintain constant contact, and make themselves and onboard data available to the cops. That’s one of the takeaways from a draft set of new rules for testing them on California’s public streets that was published by the department of motor vehicles. If – when – manufacturers get to the point that self-driving vehicles can be tested on the open road without someone on standby in the driver’s seat, or even without a steering wheel or other old school controls, then they’ll have to make sure that…

There is a communication link between the vehicle and the remote operator to provide information on the vehicle’s location and status and allow two-way communication between the remote operator and any passengers if the vehicle experiences any failures that would endanger the safety of the vehicle’s passengers or other road users, or otherwise prevent the vehicle from functioning as intended, while operating without a driver. The certification shall include:
(A) That the manufacturer will continuously monitor the status of the vehicle and the two-way communication link while the vehicle is being operated without a driver;
(B) A description of how the manufacturer will monitor the communication link; and,
(C) An explanation of how all of the vehicles tested by the manufacturer will be monitored.

The two-way communication requirement would remain even when autonomous vehicles go into actual service. Police would also have to be able to get in touch with whoever is monitoring the vehicles remotely, and have access to a required on-board data recorder.

That requirement isn’t as Big Brother-ish as it might be – the black box would only has to hang onto data for 30 seconds before and 5 seconds after a crash. Of course, you don’t know in advance when the crash was coming, but even so there wouldn’t be a need to keep more than minute’s worth of data at any one time. But there’s nothing preventing car makers from keeping all the data collected or particularly limiting government access to it.

The DMV is taking comments on the draft rules, and will hold a workshop in Sacramento next week..

Apple goes public with self-driving car plans. Sorta

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Apple has finally admitted that it has a self-driving car project in the works, but isn’t saying much else. It now has a permit from the California department of motor vehicles to test autonomous vehicles, which was issued, or at least posted, yesterday. According to the Wall Street Journal, its fleet consists of three Lexus SUVs which will be driven by six registered test drivers.

According to a story by Oscar Raymundo in Macworld, Apple’s business model might have shifted from making self-driving cars to developing software that’ll be offered to other manufacturers…

In 2016, however, Apple seemed to have pivoted the initiative, opting for creating just the self-driving software to license to established car-makers instead of assembling an entirely new Apple vehicle. This is a departure for Apple, which has created a legacy by developing both hardware and the software aspects of all its products.

He’s right, that would be a major strategic departure for Apple, which is why it would be a good idea not to bet the ranch that you won’t see an iCar, or whatever they’re going to call it, sometime in the future. Elon Musk expects Apple to get into the manufacturing game, and he has as much insight into what they’re doing as any outsider – in other words, no hard data but enough knowledge about the business to make an educated guess.

DMV registration carries with it an obligation to file public reports about any accidents, and to submit information once a year about whenever there a “disengagement of the autonomous mode caused by the failure of the technology or when the safe operation of the vehicle requires the test driver to take immediate manual control of the vehicle”. So we won’t have to wait too many months for a window into Apple’s development process.

In the meantime, if you’re cruising Cupertino, look for a tricked out Lexus.

Wikileaks’ CIA dump plugs massive Cisco security hole

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

If you look into the core of the Internet or just in a typical corporate or institutional data center, you’ll see rack after rack loaded with switches, routers and other gear made by Cisco. A vulnerability in even one of their products can leave a lot of networks and data open to attack. So you might come to the conclusion that spotting that kind of flaw and fixing it as quickly as possible is matter of national security.

You’d be wrong.

It turns out that more than three hundred Cisco devices can be breached via a cracking technique used by the Central Intelligence Agency and revealed in a massive document dump by Wikileaks. Company researchers have concluded that

  • Malware exists that seems to target different types and families of Cisco devices, including multiple router and switches families.
  • The malware, once installed on a Cisco device, seem to provide a range of capabilities: data collection, data exfiltration, command execution with administrative privileges (and without any logging of such commands ever been executed), HTML traffic redirection, manipulation and modification (insertion of HTML code on web pages), DNS poisoning, covert tunneling and others.
  • The authors have spent a significant amount of time making sure the tools, once installed, attempt to remain hidden from detection and forensic analysis on the device itself.
  • It would also seem the malware author spends a significant amount of resources on quality assurance testing – in order, it seems, to make sure that once installed the malware will not cause the device to crash or misbehave.

There’s a quick way to block it – disable telnet, an ancient and insecure communications protocol – but a permanent fix has yet to be released.

Generally, there are two ways the CIA could have obtained this exploit: either it was developed internally or it was purchased on the black market. If the former, it could have been duplicated by anyone with sufficient skill. If the latter, it means the CIA knew that broad swathes of the world’s IT infrastructure was exposed to anyone with deep enough pockets. In either case, its first duty should have been to plug the hole, and not sit on it until its own firewall was breached.

Wikileaks shows there’s no such thing as a top secret hack

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Not the latest version.

The Central Intelligence Agency’s guide to cracking is getting bad reviews from the tech community. Published earlier this week on Wikileaks, the thousands of files of internal documentation maintained by the CIA’s engineering development group are mostly openly available cook books and mundane advice on how not to get caught.

A story by Sean Gallagher at Ars Technica steps through some of it and concludes it amounts to an outdated “Malware 101” textbook…

It’s not clear how closely tool developers at the CIA followed the tradecraft advice in the leaked document—in part because they realized how dated some of the advice was. Back in 2013, two users of the system said so in the comments area: “A lot of the basic tradecraft suggestions on that page seem flawed,” wrote one. Another followed, “Honestly, that stuff is probably already dated…”

Four years later, some of the recommendations have become even more stale. That’s largely because of the advances made in malware detection and security tools, including those built into many operating systems. But it’s also because the tradecraft used by everyday malware authors without the benefit of state sponsorship have surpassed these sorts of tradecraft suggestions.

One of the takeaways from the Wikileaks dump should come as no surprise: the CIA is an avid collector of zero day exploits, which are bugs in applications, operating systems and hardware that the rightful owners don’t know about yet. But plenty of others will. Apparently, the CIA buys at least some of these backdoors from the grey and black marketeers that openly sell them. Even a flaw discovered by the CIA’s team isn’t exactly a secret – it’s there for the taking by anyone else with the necessary, and far from rare, skills.

Spying is the CIA’s job. But the reason for doing it is to protect the U.S. Feeding the market for malware and hoarding it instead of fixing it makes us all less secure.

Artificial intelligence naturally ignores bicycles

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

As someone who regularly spends several hours a week on a bicycle, wondering if the diesel rumble of a truck coming up behind me is the last sound I’ll ever hear, I was sorely disappointed to read that help, in the form of robotic vehicles, might be a long time coming.

A story by Peter Fairley on the IEEE Spectrum blog looks at the successes that self-driving car companies have had in developing software and sensors that can recognise other cars and predict their movements, and contrasts it with the failure to do the same with bicycles…

Nuno Vasconcelos, a visual computing expert at the University of California, San Diego, says bikes pose a complex detection problem because they are relatively small, fast and heterogenous. “A car is basically a big block of stuff. A bicycle has much less mass and also there can be more variation in appearance — there are more shapes and colors and people hang stuff on them”.

The autonomous vehicle technology is already starting to appear in automated emergency braking (AEB) systems, which is great for avoiding collisions with other cars, but not so helpful for cyclists

AEB systems still suffer from a severe limitation that points to the next grand challenge that [autonomous vehicle] developers are struggling with: predicting where moving objects will go. Squeezing more value from cyclist-AEB systems will be an especially tall order, says Olaf Op den Camp, a senior consultant at the Dutch Organization for Applied Scientific Research (TNO). Op den Camp, who led the design of Europe’s cyclist-AEB benchmarking test, says that it’s because cyclists movements are especially hard to predict.

[Computer scientist Jana ]Kosecka agrees: “Bicycles are much less predictable than cars because it’s easier for them to make sudden turns or jump out of nowhere.”

It’s not completely out of our hands, though. As artificial intelligence systems slowly learn to cope with bicycles, cyclists can try to see the road as a self-driving car might see it and do their best to ride predictably. At least it’s more comforting than just hoping the guy who’s about to pass you is looking at the road and not at his smart phone.

Google floats an operating system for geeks who can’t dance without a beat

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

If you’re reading this, it’s courtesy of one of two operating systems that were born in the Rhythmless Void between the break up of the Beatles and the Great Disco Awakening: UNIX or CP/M. (Unless you are truly an uber geek and still rocking your Commodore 64 or pre-OS X Apple or something even more esoteric – I genuflect in abject admiration. Or unless you’re a masochist and you’re reading this on a Blackberry: I salute your embrace of pain and humiliation).

Microsoft Windows is a direct descendent of CP/M, although little of the original DNA is left. Pretty much everything else is within two or three degrees of consanguinity with UNIX. Mac OS, iOS, Android, Tizen and Linux all exchanged presents in their pyjamas on Christmas morning.

It’s been a long, long time (sorry, I’ll always have Linda Ronstadt on the brain – it’s a Seventies thing) since anyone wrote a new OS kernel with staying power. But Google is giving it a try. Google posted Fuchsia OS as an open source project on GitHub this past summer, and it is still under active development. It’s an operating system that’s been built from scratch, without obvious reference to the Glitter Rock era. According to a post on Linux.com by Sam Dean

Could Google be completely reinventing the core functionality of what we consider to be an operating system? There are certainly historical precedents for that. When Google launched a beta release of Gmail in 2004, Hotmail, Yahoo! Mail, AOL Mail and other services had absolutely dominant positions in the online email space. Look what happened. Google reimagined online email. Likewise, Chrome OS reimagined the operating system with unprecedented security features and cloud-centricity.

It’s worth watching, even if it’s not strictly necessary. I’ll happily live out my years with just a stack of Linda’s 8-tracks beside me.

Will you?

Gratitude, and warm holiday wishes to all

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Take it for what it’s worth, but I am truly thankful.

Merry Christmas and a happy Hanukah to all. I don’t think today is Kwanza or Festivus or the winter solstice or whatever holiday I might be forgetting, but if that’s what rows your boat, then by all means have a joyous one of those too.

I want to thank everybody who has read this blog over the past eight years. It’s you, Gentle Reader, who makes this enterprise worthwhile and enjoyable, and I very much appreciate it.

This month marks four years of daily posting, and I’m planning to keep at it for a while longer. Readership – unique visitors, not just page views – has slowly but steadily grown to the thousands per month range, and it’s approaching that level on a weekly basis. With the added distribution and interaction on social media, Twitter and LinkedIn particularly, it’s become a wide ranging and, gratifyingly, sometimes heated conversation. I thank you all for that too.

Another major milestone this year came when a handful of my posts about AB 2395 – AT&T’s attempt to kill wireline service – went viral, thanks to CWA, TURN and, ironically, AT&T’s paid trolls. March and April saw readership approach the five figure range, with page views comfortably reaching it. A single day in March saw more than 7,500 page views and nearly as many unique visitors.

Looking ahead to 2017, I’m not planning any major changes. Minor redesign work is on the agenda – if you have any suggestions for improving readability or utility, I’d be grateful to hear them. Some server-side improvements are needed, with a searchable database at the top of the wish list. My goal is to make the mountain of telecoms policy documents I’ve accumulated more accessible and useful – again, if you have any thoughts about what you’d like to see or how it might be done, I would love to hear about it.

So Gentle Reader, whatever holiday, or lack thereof, you’re celebrating today, please accept my thanks for all you’ve done in 2016 and my best wishes for a wonder 2017!

Arizona scores a victory as DMV vanquishes Uber

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

So what if Acme got a permit?

Angry taxi drivers couldn’t do it. Stroppy city councils couldn’t do it. But California’s department of motor vehicles did it. The DMV has, um, driven Uber out of California, and into the arms of Arizona. The fight over Uber’s (sorta) self-driving car test in San Francisco ended with the offending vehicles being loaded onto a truck and hauled across the Colorado River. According to a story on SFGate.com, Arizona is happy to see them…

“Our cars departed for Arizona this morning by truck,” an Uber spokeswoman said Thursday afternoon in a statement. “We’ll be expanding our self-driving pilot there in the next few weeks, and we’re excited to have the support of Governor Ducey”…

In a statement Thursday, Arizona Gov. Doug Ducey called California’s regulations burdensome and said Arizona welcomes Uber’s self-driving car test with “open arms.”

“While California puts the brakes on innovation and change with more bureaucracy and more regulation, Arizona is paving the way for new technology and new businesses,” he said.

In contrast to the DMV, which issued a scolding press release claiming 20 companies had bowed to its authority and decreed “Uber shall do the same”, Arizona’s department of transportation said no worries, mate

Part of what makes Arizona an ideal place for Uber and other companies to test autonomous vehicle technology is that there are no special permits or licensing required. In Arizona, autonomous vehicles have the same registration requirements as any other vehicle, and nothing in state law prevents testing autonomous vehicles.

California not only requires a special permit for autonomous vehicle operation, it also demands that companies turn over test data, by default making it public. That was one, maybe the main, reason Uber pushed back. Companies, like Google, that have a working relationship with the open source world, can factor that kind of disclosure into their business plans. Up to a point, anyway. But proprietary, pre-IPO unicorns like Uber will not do their R&D in the glare of publicity – except when that publicity serves a purpose.

Instead, they’ll make a run for the border.

Uber’s DMV showdown is a make or break for self-driving cars in California

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Uber and the California department of motor vehicles appear headed to court in a dispute that could add some needed clarity to the state’s position regarding regulation of self-driving cars. On Friday, the head of Uber self-driving car team, Anthony Levandowski, said that they didn’t need the DMV’s permission to run their vehicle on San Francisco streets because it wasn’t really autonomous

From a technology perspective, self-driving Ubers operate in the same way as vehicles equipped with advanced driver assist technologies, for example Tesla auto-pilot and other OEM’s traffic jam assist. This type of technology is commonplace on thousands of cars driving in the Bay Area today, without any DMV permit at all. That is because California law expressly excludes from its law vehicles that have “collision avoidance” or “other similar systems that enhance safety or provide driver assistance” and, like our self-driving cars, are “not capable, collectively or singularly, of driving the vehicle without the active control or monitoring of a human operator.”

That brought a sharp reply from the California attorney general’s office

We, as attorneys for the Department of Motor Vehicles, by this letter, are asking Uber to adhere to California law and immediately remove its “self-driving” vehicles from the state’s roadways until Uber complies with all applicable statutes and regulations. If Uber cannot advise the undersigned that it will immediately remove its self-driving vehicles from California public roadways until it obtains the appropriate permit, as 20 other companies have done, the Attorney General will seek injunctive and other appropriate relief.

More than any other state, California has jumped into the legal and regulatory void that initially surrounded self-driving cars, even rubbing up against federal regulators who want to carve out their own, exclusive authority. In many ways, that’s been good – at the least, California’s nascent rules create a safe harbor of sorts for companies that are developing the technology.

But that early advantage can quickly turn into a disincentive, as other states follow behind and adopt a more entrepreneurial approach to self-driving cars and other advanced transportation technologies. Uber’s rapid rise to the top of the ride sharing market was the result of a willingness – almost a compulsion at times – to challenge laws and regulations that served the interests of taxi companies. Uber has been largely successful in that regard, to the great benefit of the public.

At the least, by challenging the DMV, Uber could force the state to draw a sharper line around what it does and doesn’t regulate. Where that line falls is important – a tight circle would encourage autonomous car and other advanced technology development here, expansive limits could drive innovators to Texas. Either way, at least we’ll know.