The 10 most outrageous civil liberties violations of 2006.

The year in review -- a common topic in the final weeks.

Vote Early, Vote Often

We have recounts because vote counting is -- to put it mildly -- sloppy. Americans like their election results fast, before they go to bed at night. So we're willing to put up with inaccuracies in our tallying procedures, and ignore the fact that the numbers we see on television correlate only roughly with reality.

Voting Technology and Security

Essay by Bruce Schneier; link to his blog.

Home-Made Nukes

So you wanna build a nuke, huh? Simple, according to the latest reports. But remember -- these stories are coming from the same people who were screaming "WMDs! WMDs!" just a short time ago.

How to steal an election by hacking the vote

Fully one third of the votes cast in this fall's election will be recorded on electronic voting machines. You should be worried.

BushCo.'s Stay on Spying

Not a complete victory, since they have until Oct. 5 to find yet another legal loophole.

UPDATE 10/5 Nope. The current junta managed to convince the court of appeals that their illegal activities are necessary to prevent further attacks on our soil and our people, so the court is going to allow illegal wiretapping to continue while the appeal is processed.

House passes warrantless domestic spying measure

The House of Representatives passed a bill on Thursday that would provide congressional authorization for President George W. Bush's warrantless domestic spying program but subject it to new rules.

AND THOSE "RULES" ARE...?

The president would be permitted to do so, for example, after an "armed attack," "terrorist attack" or when the president deems there is an "imminent threat."

OH, I FEEL _MUCH_SAFER_ ALL READY!!

You may recall it was some two months ago BushCo. declared an "imminent threat" and banned all liquids on aircraft, jacking our secur-O-meter to "condition red", and costing us another billion or so in the process. This "imminent threat" came from a bunch of Muslims in England -- only one of whom even had a passport, and none had even purchased airline tickets. Bobbies sacked nearly 100 properties looking for additional clues after this arrest. They found nothing. No weapons, no chemicals, no explosives. Some of them have all ready been released for lack of evidence. We probably won't hear how this whole farce ends, but I'm willing to bet it goes nowhere.

How about the "imminent threat" to the Sears Tower that landed seven men in a Florida jail? Remember that one? Only one of them knew the Sears Tower was in Chicago; no evidence that he had been there. No weapons, no explosives, no WMDs and no way to get any. They called themselves Christian Soldiers.

See how easy it is to declare an "imminent threat" and grab some headlines? Does it in any way make us safer? Is this _really_ how we should be spending our tax dollars?

This truly terrible piece of legislation will have to wait for Congress to come back after the elections -- let's hope it dies quickly.

Security Analysis of the Diebold AccuVote-TS Voting Machine

This latest comes from the Center for Information Technology Policy at Princeton University:

For example, an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates. An attacker could also create malicious code that spreads automatically and silently from machine to machine during normal election activities — a voting-machine virus.

Remember this quote?

"I am committed to helping Ohio deliver its electoral votes to the president."

That's Diebold CEO Walden O'Dell, from a fundraising letter sent to Republicans in the fall of 2003. E-voting machine maker Diebold is based in North Canton, Ohio.

Doublespeak and the War on Terrorism

The American people must recognize these odious tactics for what they are and remain vigilant about our Constitution and individual liberty. Too many people seem to think that the Constitution will automatically check the government from overstepping its authority and running amok. That simply is not true. The Constitution is incapable of enforcing itself. The ultimate limit on the power of government has always been the patience of the people. As Judge Learned Hand warned many years ago, “Liberty lies in the hearts of men and women; [if] it dies there, no constitution, no law, no court can save it.”

The Black Hat Wi-Fi exploit coverup

At press time, millions of end users may be using Wi-Fi so insecure that an attacker could install a rootkit on their system in less than a minute.

That was almost a month ago, and little has changed since. The lawyers apparently are winning, and anyone using anything but an Intel wi-fi card remains at risk.

Dell Recalls Batteries Because of Fire Threat

Dell is recalling 4.1 million notebook computer batteries because they could erupt in flames, the company said today.   This will be the largest safety recall in the history of the consumer electronics industry...   The recalled batteries were used in 2.7 million computers sold in the United States and 1.4 million sold overseas.   The total is about 18 percent of Dell's notebook production during the period in question (4/04 - 7/06).   Depending on how many of the batteries are still in use, the cost of the recall could exceed $300 million.

Lithium ion batteries are used in hybrid cars, but those batteries may or may not have the same manufacturing defect that lead to Dell's problems.   Let's see how many Prius automobiles ignite this year.

Windows Genuine disAdvantage

What would you call a computer program that surreptitiously installed itself onto your computer, collected personal information about you without your knowledge or effective consent, was difficult or impossible to remove, installed pop-up banners that constantly harassed you, and presented significant security vulnerabilities?

If you were Los Angeles resident Brian Johnson, the answer would be simple. You'd call it Windows.

Life on Mars? Not Yet.

It was ten years ago when NASA exclaimed Meteorite Yields Evidence of Primitive Life on Early Mars .

From MATT CRENSON, AP National Writer:

Ten years later, the results have not been verified. Skeptics have found non-biological explanations for every piece of evidence that was presented on Aug. 6, 1996. And though they still vigorously defend their claim, the NASA scientists who advanced it now stand alone in their belief.

Hackers Expose 'Critical' Wi-Fi Driver Flaw

Maynor said the MacBook was used in the demo as a retort to the latest Apple commercials. "We don't want to bash Mac. I'm a big fan of Mac. But those commercials are just [annoying]," he said.

I wonder what he really said in place of "annoying"...   I couldn't agree more.

"This is not a big problem today. But, it should be something to take seriously now before it becomes a big, big problem a year or two from now," said Maynor.

The entire 802.11 spec needs to be examined -- or discarded.

WORST EVER SECURITY FLAW FOUND IN DIEBOLD TS VOTING MACHINE

From PRESS RELEASE -- JULY 31, 2006:

Upon examining the inner workings of one of the most popular paperless touch screen voting machines used in public elections in the United States, it has been determined that with the flip of a single switch inside, the machine can behave in a completely different manner compared to the tested and certified version.

“Diebold has made the testing and certification process practically irrelevant,” according to Dechert. “If you have access to these machines and you want to rig an election, anything is possible with the Diebold TS -- and it could be done without leaving a trace. All you need is a screwdriver.” This model does not produce a voter verified paper trail so there is no way to check if the voter’s choices are accurately reflected in the tabulation.

United States Patent: 6767717

While some Senators and the Dept. of Homeland (in)Security are screaming about how the Internet is filled with bomb-making information, some of the best information comes straight from the federal government's own open records.

Kids, don't try this at home.

Fake IDs Save Lives in Iraq

Surnames refer to tribe and clan, while first names are often chosen to honor historical figures revered by one sect but sometimes despised by the other.

For about $35, someone with a common Sunni name like Omar could become Abdul-Mahdi, a Shiite name that might provide safe passage through dangerous areas.

The Politics of Paranoia and Intimidation

The Bush administration and the National Security Agency (NSA) have been secretly monitoring the email messages and phone calls of all Americans. They are doing this, they say, for our own good. To find terrorists... It cannot work.

The whole NSA domestic spying program will seem to work well, will seem logical and possible, if you are paranoid.

4th of July Fireworks: Unredacted Hursti reports, photos released

Black Box Voting has provided the following to VoterAction.org for its litigation. This will become a public record via the litigation filed by Lowell Finley. Because public officials who have received the unredacted reports have failed to take this risk seriously and arrange for appropriate mitigations, and because Black Box Voting believes this information is of critical public interest for pending litigation and citizen actions, we are releasing it publicly now.

Diebold voting machines are flawed. Terribly. Remember this quote?

"I am committed to helping Ohio deliver its electoral votes to the president."

That's Diebold CEO Walden O'Dell, from a fundraising letter sent to Republicans in the fall of 2003. E-voting machine maker Diebold is based in North Canton, Ohio.

Measuring Progress in Iraq

A glance at various quality-of-life indicators and statistics on the rebuilding of Iraq's infrastructure... indicate a decided lack of progress. Electricity output has flat-lined. Potable water remains scarce. And despite holding one of the largest crude reserves in the world, Iraq still produces less oil than Brazil.

More important, says CFR Senior Defense Fellow Stephen Biddle, is whether Iraq's main ethno-religious identities—the Shiites, Sunnis, and Kurds—are making progress toward reaching a communal power-sharing agreement. Only such an arrangement, he argues, can reduce the cycle of violence.

A recent poll backs up Biddle's claim. Security, not jobs or round-the-clock electricity, is what ordinary Iraqis desire most. They have relied increasingly on alternative means—local militias, insurgents, organized criminals—to fill in the government's security void.

Homebrew chemical terror bombs, hype or horror?

Security services themselves need to grasp this, to avoid deploying hundreds of operatives and millions of pounds (dollars) on investigations which in the final analysis do not add up. Essentially, they need to start doing risk assessment and to stop over-reacting on the strength of 'might'. While they're chasing 'might' they can all to easily be neglecting a whole stack of 'wills'.

Oh, but where would our media be without the Movie Plot Terrorist Attacks!? Can anyone recall when our own White House suggested folks wrap their homes with plastic wrap and duct tape? Local hardware stores ran out! I suggested a smaller, personal protection system -- seal yourself in a trash bag -- but no one would take me seriously.

Data Breach: Hotels.com Customers

Ernst & Young, which has been the outside auditor for Hotels.com for several years, notified the company of the security breach on May 3.

The computer contained personal information including names, addresses and credit card information of about 243,000 Hotels.com customers.

Both Hotels.com and Ernst & Young mailed letters to Hotels.com customers this past week encouraging them to take appropriate action to protect their personal information.

IT TOOK THESE CLOWNS A MONTH TO LET FOLKS KNOW THEIR CREDIT CARD HAD BEEN STOLEN!

The Perils of PC Posture

Ouch! Guilty as charged. Read the article and think about how you are sitting as you read it.

The 25 Worst Tech Products of All Time

As voted by PC World :

1. America Online (1989-2006)
2. RealNetworks RealPlayer (1999)
3. Syncronys SoftRAM (1995)
4. Microsoft Windows Millennium (2000)
5. Sony BMG Music CDs (2005)
6. Disney The Lion King CD-ROM (1994)
7. Microsoft Bob (1995)
8. Microsoft Internet Explorer 6 (2001)
9. Pressplay and Musicnet (2002)
10. dBASE IV (1988)
11. Priceline Groceries and Gas (2000)
12. PointCast (1996)
13. IBM PCjr. (1984)
14. Gateway 2000 10th Anniversary PC (1995)
15. Iomega Zip Drive (1998)
16. Comet Cursor (1997)
17. Apple Macintosh Portable (1989)
18. IBM Deskstar 75GXP (2000)
19. OQO Model 1 (2004)
20. CueCat (2000)
21. Eyetop Wearable DVD Player (2004)
22. Apple Pippin @World (1996)
23. Free PCs (1999)
24. DigiScents iSmell (2001)
25. Sharp RD3D Notebook (2004)

Black Box Voting

It is important to understand that these attacks are permanent in nature, surviving through the election cycles. Therefore, the contamination can happen at any point of the device's life cycle and remain active and undetected from the point of contamination on through multiple election cycles and even software upgrade cycles.

These are the same machines that delivered the state of Ohio to Bush and decided the election. You may recall that Diebold was a heavy contributor to the Bush campaign. In a fall 2003 fundraising letter sent to Republicans, from Diebold CEO Walden O'Dell:

"I am committed to helping Ohio deliver its electoral votes to the president."

Blue Security Quits

"When the company's founders first approached the broader anti-spam community and asked them what they thought of the idea, everyone said this was a terrible idea and that they would eventually cause a lot of collateral damage," Underwood said. "But it's also extremely unfortunate, because it shows how much the spammers are winning this battle."

Yes, this was a terrible idea -- one that should never have been launched. No one with half a clue would have considered these folks had even a remote chance of success. So what happened? The clueless spent their money and the bad guys won. Well, DUH! I can't call that "extremely unfortunate" -- it was a fore-gone, inevitable conclusion. And now it has concluded.

Who Owns Your Computer?

An excellent essay by Bruce Schneier:

Adware, software-as-a-service and Google Desktop search are all examples of some other company trying to own your computer. And Trusted Computing will only make the problem worse.

There is an inherent insecurity to technologies that try to own people's computers: They allow individuals other than the computers' legitimate owners to enforce policy on those machines. These systems invite attackers to assume the role of the third party and turn a user's device against him.

Codebreaking Colossus returns to Bletchley Park

Because it employed parallel processing to attack its problem, the Colossus machine was enormously powerful. Even today, a desktop PC would take a similar amount of time to crack a Lorenz key... It was the first ever programmable electronic computer, predating the American Eniac (Electronic Numerical Integrator and Computer) by two years.

A forgotten piece of history, brought back to memory by the sale of an original Enigma on eBay today. Bidding is still open, but it's up to $48,700 now with over four hours left.

Assessing the Biological Weapons and Bioterrorism Threat

“For the past decade the risk and imminence of the use of biological agents by nonstate actors/terrorist organizations -- 'bioterrorism' -- has been systematically and deliberately exaggerated.” He immediately adds this practice “accelerated” after 9/11 and the mailings of powdered anthrax.

Because of the public and governmental perception that mitigation of allegedly catastrophic bioterrorism is of paramount importance , “the US biodefense research program appears to be drifting into violation” of the Biological Weapons Convention, an international arms control treaty which this country had an important role in building. It is a menacing development and has happened through a slippery evaluation process which justifies research into biological weapons threat capabilities and scenarios by repackaging what appears to be work with potential offensive application as defensive in nature.

BushCo. has been lying to us deliberately about the threat of "bioterrorism". This book, written by Milton Leitenberg for the Strategic Studies Institute of the U.S. Army War College, accurately describes the lies and concocted movie plot threats. It would appear the motivation is simple: this country wants to develop CBW agents, but we signed a treaty saying we would not -- a treaty that we developed and pushed. By claiming instead to be working on cures and vaccines we can actually work to develop the very agents themselves. The difference between offensive and defensive development is only semantic.

The Founders Never Imagined a Bush Administration

President Bush has given Commander-in-Chief Bush unlimited wartime authority. But the "war on terror" is more a metaphor than a fact. Terrorism is a method, not an ideology; terrorists are criminals, not warriors. No peace treaty can possibly bring an end to the fight against far-flung terrorists. The emergency powers of the president during this "war" can now extend indefinitely, at the pleasure of the president and at great threat to the liberties and rights guaranteed us under the Constitution.

Why Data Mining Won't Stop Terror

Finding terrorism plots is not a problem that lends itself to data mining. It's a needle-in-a-haystack problem, and throwing more hay on the pile doesn't make that problem any easier. We'd be far better off putting people in charge of investigating potential plots and letting them direct the computers, instead of putting the computers in charge and letting them decide who should be investigated.

But that's just not the way people work. People give up when the answers aren't obvious. It's been that way forever. Remember "Lost in Space"? Remember the robot? Every time the Robinsons got in trouble the robot was the go-to guy ("Robot, robot, by the wall -- say something stupid and save us all.").

People expect technology to give them answers when they haven't got a clue. Those who actually work with and understand technology know better.

The Terrorist Threat of Paying Your Credit Card Balance

Remember, all the time spent chasing down silly false alarms is time wasted. Finding terrorist plots is a signal-to-noise problem, and stuff like this substantially decreases that ratio: it adds a lot of noise without adding enough signal. It makes us less safe, because it makes terrorist plots harder to find.

This story smells a bit fishy. Either it's a hoax or the bank was just trying to cover for their own mistake.

Bush declares war on freedom of the press

"The significance of this cannot be overstated," says prominent New York litigator Glenn Greenwald. "In essence, while the President sits in the White House undisturbed after proudly announcing that he has been breaking the law and will continue to do so, his slavish political appointees at the Justice Department are using the mammoth law enforcement powers of the federal government to find and criminally prosecute those who brought this illegal conduct to light."

"This flamboyant use of the forces of criminal prosecution to threaten whistle-blowers and intimidate journalists are nothing more than the naked tactics of street thugs and authoritarian juntas."

BOING BOING'S GUIDE TO DEFEATING CENSORWARE

The fact is, there's no effective way to censor the Internet in broad strokes. Only dumb CIOs and totalitarian governments like the UAE believe that adding censorware to your network will prevent the naughty stuff from slopping in.

Agreed. Likewise, the lame excuse that it's "for the children" just doesn't wash. Use one of the many proxys described in the Boing Boing Guide.

Robot moved by a slime mould's fears

The Physarum polycephalum slime, which naturally shies away from light, controls the robot's movement so that it too keeps out of light and seeks out dark places in which to hide itself.

Kinda creepy. They gave it six legs, but it still looks like a big spider. I hate spiders.

Secure Flight Suspended!

An ambitious program to check every domestic airline passenger’s name against government terrorist watch lists may not be immune from hackers, a congressional investigator said Thursday.

And because of security concerns, the government is going back to the drawing board with the program called Secure Flight after spending nearly four years and $150 million on it, the Senate Commerce Committee was told.

Bill Scannell, a privacy advocate who manages the Web site
UnSecureFlight.com , welcomed Hawley’s announcement.

“Once again the vampire’s been driven back into its coffin,” he said. “Whether the administration is willing to shoot it with a silver bullet is another question.”

Speed up FireFox

I all ready had the pipelining set "true", but my maxrequests were only set to 8. I changed that to 30 and added the delay=0 item. These changes appear to have bumped my performance by nearly 80%.

LEGO Difference Engine

Building A Calculating Machine Using LEGO

Election Update: Do-Over on First Ballot

House Republicans are taking a mulligan on the first ballot for Majority Leader. The first count showed more votes cast than Republicans present at the Conference meeting.

ROFLMAO!!! Oh, those wacky Repugnants! They just can't stop rigging an election!

TSA Announces Key Elements of Registered Traveler Program

The Transportation Security Administration (TSA) today announced several parameters for a nationwide private sector Registered Traveler (RT) program, including the biometrics to be used for identification purposes and the redress process for individuals who are denied access to the program. The Registered Traveler program is envisioned as a means to accelerate the screening process at participating airports for passengers who voluntarily choose to enroll in the program.

Bloody Hell! I thought airport security was important! Now, for a fee, you -- or any terrorist pretending to be you -- can buy a "Blow Up My Plane" pass from a for-profit firm and get on board! Just what controls will exist on the firms' background checks? And more importantly, how will the inevitable identity errors be corrected?

US-VISIT ready at land borders

The Homeland Security Department has installed biometric entry facilities at all fixed ports of entry as part of the federal government’s program to strengthen border controls for visiting foreigners in the wake of the 2001 terrorist attacks, DHS officials said Friday.

Since January 2004, US‑VISIT has processed more than 44 million visitors. It has spotted and apprehended nearly 1,000 people with criminal or immigration violations, according to a DHS press release.

What this article DOES NOT tell you is how much did it cost to "catch" these 1,000 people -- most of whom were guilty of pretty minor offenses. So far the program has spent just over $15 billion. That works out to $15 million for each "criminal". I smell WOFTAM.

Court convicts 'Survivor' winner

Richard Hatch, the first winner of US reality TV show Survivor, has been convicted of not paying taxes on his $1m prize... He now faces up to 13 years in prison and a fine of $600,000 (£336,000)... His lawyer also said Mr Hatch was a bumbling bookkeeper who could not handle so much money.

And this is the best legal defense $1m can buy!?!?

Mass Spying Means Gross Errors

Congress_critters are now trying to look tough on terrorism -- rather than hang Bush for violating federal law (FISA), they want to make illegal eavesdropping legal.

Click the title (above) to read an article by Jennifer Granick. She is executive director of the Stanford Law School Center for Internet and Society, and teaches the Cyberlaw Clinic.

Mass surveillance isn't just illegal, it's probably a bad idea. We need to ferret out real terrorists, not create a smoke screen of expensive and distracting false positives that they can hide behind. More information doesn't make us smarter. We need smarter information.

Great Riches for You!

Greetings my dear friend and potential business partner. I am greatly excited about our correspondence today as it will lead to great riches, fame and power for the both of us.... I know that I can trust you, shrewd titan of business that you are, and I hope that my credentials (successful banker, cousin to a king, nephew of a general, brother to a famed flamenco dancer) will ensure your trust in me.

An excellent piece -- I have all ready turned over my PayPal account.

College students lack literacy

Most students at community colleges and four-year schools showed intermediate skills. That means they can do moderately challenging tasks, such as identifying a location on a map.

Almost 20 percent of students pursuing four-year degrees had only basic quantitative skills. For example, the students could not estimate if their car had enough gas to get to the service station. About 30 percent of two-year students had only basic math skills.

And these are the people who will be selecting our nursing homes....

Stardust Set to Return

In the early morning hours of January 15, 2006, the Stardust mission returns to Earth after a 4.63 billion kilometer (2.88 billion mile) round-trip journey carrying a precious cargo of cometary and interstellar dust particles. Scientists believe Stardust's cargo will help provide answers to fundamental questions about the origins of the solar system.

An Interview with Ilfak Guilfanov

Robert Lemos interviews Datarescue's senior software developer Ilfak Guilfanov, the creator of the unofficial patch for the flaw in the Windows Meta File format that saw tens of thousands of downloads prior to the official patch release by Microsoft. Guilfanov explains why he decided to issue a patch for the vulnerability, how he created the patch, and his thoughts on whether third-party patches are generally a good thing.