Net neutrality, explained

December 16, 2017

With the recent FCC action on net neutrality, a lot of people are worked up, but almost no one seems to know what it actually means. Here is what it is all about:

The Internet is a protocol for delivering small packets of data over a wide-area network. An important property of the internet protocol (for present purposes it is the most important property) is that packet delivery is best-effort. That means that internet routers will attempt to deliver every packet, but there are no promises. If a router gets overloaded, some packets will be dropped (i.e., not delivered).

The key question is this: when packets have to be dropped, how do you pick which ones? Historically, internet routers have generally chosen the packets to drop arbitrarily.

But for many applications, this is not actually what you want. For example, in streaming video (nearly 80% of all internet traffic) some frames are more important than others. Some frames are keyframes (which give the entire picture), while most frames only describe the differences from the previous frame. If you miss a regular frame, there is some degradation in the picture, but if you miss a keyframe, you have no picture until the next keyframe arrives. Consequently, it would be best if internet routers preferred keyframes to other frames. More generally, there is an area of research called quality of service, which seeks to enable applications that require a certain amount of reliable bandwidth, and typically does so by identifying and reserving network resources.

So what is network neutrality? Network neutrality is the principle that says that routers must not distinguish between packets when deciding which ones to drop.

As a technical matter, network neutrality would tie the hands of networking innovators by prohibiting any routing strategy that intelligently chooses which packets to favor. One can improve the network by adding more hardware, but not by using the hardware one already has more efficiently. (Note: some dispute this. I will return to this point later.)

So why do some people want network neutrality? There is concern about a certain sort of network management practice that ISPs might adopt. To explain this, it’s helpful to know a few statistics.

Over three-quarters of the internet traffic in North America is from video streaming. Netflix alone accounts for over a third of internet traffic. YouTube (owned by Google) accounts for another sixth. (Figures from December 2015.) This creates a tension between ISPs and content providers. The latter’s business strategy requires that they consume a brobdingnagian amount of network bandwidth, while the former are concerned that the content providers will overwhelm their networks.

Thus, the content providers are concerned that the ISPs will throttle back their content, or that the ISPs will demand that they help pay for it. And, in fact, on a few occasions, ISPs actually did something like this.

Back in 2007, when the concern was peer-to-peer file-sharing (mostly music and video), rather than video streaming, Comcast throttled back certain file-sharing protocols. On the face of it, one could argue it was reasonable, but, being Comcast, they did it in a super-sleazy way. Rather than announce they were doing it, they just did it secretly. People noticed, made a fuss, and Comcast stopped doing it. (Ironically, Comcast is now trying to position themselves as big supporters of network neutrality, while they literally did exactly the thing that net neutrality advocates are trying to prevent.)

Nevertheless, the Comcast incident is instructive, because it was corrected by the free market without any government intervention at all. The customers noticed, the customers complained, and Comcast stopped. Years later, AT&T blocked its customers from using Facetime on iPhones, and they too stopped after public outcry.

That’s the technical background. At this point it gets political. Google (which owns YouTube) made a big push for net neutrality, and it became a cause celebre on the left.

In 2010 the FCC announced its rules governing internet routing and they were quite bad for innovation. (You can find the relevant rules on pages 17944-17956 here, but the summary in the draft rules is much more accessible.) They were full of lip service about freedom to innovate, but they never defined the key terms of “nondiscrimination” and “reasonable network management.” (The final rules improved the draft rules by giving a non-circular definition of “reasonable network management,” but they defined it (¶82) in terms of “legitimate network management purposes” which they did not define.) They specifically say (¶83) that “reasonable network management” will be evaluated on a case-by-case basis. Consequently, if you want to stay out of trouble, you have to go to the FCC for permission to do anything.

At this point, there is one more important element. The FCC actually had no legal authority to regulate the internet, and when they tried to do it anyway, they lost in court. But, never ones to allow something like that to stop them, the Obama administration reclassified the internet from an information service (which they have no power to regulate) to a telecommunications service (which they do).

A telecommunications service is a service that transmits information without change in its form or content. An information service is a service for generating, acquiring, storing, transforming, processing, retrieving, utilizing, or making available information via telecommunications. (Via Ars Technica.) The sticky thing is the internet is pretty clearly both of these. Some applications are more like an information service: the web, search engines, social media, video streaming, file sharing, cloud drives; while other applications are more like telecommunications: email, instant messaging, voice over IP, online gaming, remote login. Certainly the vast majority of traffic is in the first category, but a case can be made for either.

It is harder to make a case to reclassify the internet as telecommunications service when it is already classified as an information service, particularly since most internet usage is moving in the opposite direction. But, when the matter went to the Court of Appeals, only one of the three judges was bothered by that. The other two applied the Chevron principle which requires that judges defer to administrative agencies unless their decisions are clearly wrong. (It’s a terrible principle, but that’s another topic entirely.) As it happens, the 2-1 decision was Democratic appointees versus a Republican appointee, which emphasizes how political the matter has become.

Anyway, the reclassification allowed the FCC to regulate the internet (or, more precisely, home access to the internet). Another effect was to erase all of the FTC’s internet privacy rules. Instead, FCC crafted its own rules, but the FCC is not an agency with experience with consumer privacy protection, so the result was, as the FTC put it, “not optimal.” Moreover, there were other pernicious effects that had not fully played out yet.

At this point, net neutrality has become a proxy battle between progressives and conservatives. Conservatives oppose net neutrality because they generally oppose regulation, but especially because they don’t want to set the precedent that the government can regulate the internet. Net neutrality may be well-intentioned (if ill-conceived), but they worry that net neutrality will be just the beginning. Hillary Clinton’s statement that net neutrality is “a foot in the door” plays into that concern.

Now the FCC has re-reclassified the internet as an information service again, as it was until 2015. This makes the FCC’s net neutrality regulation null and void. So what happens now? In the near term, nothing at all. The internet survived without net neutrality until 2015, with very few abuses and nearly all of those quickly corrected by the free market. If an ISP ever tried to block an internet content provider that didn’t pay the ISP (a standard scenario in net neutrality’s parade of potential horribles), they would immediately face the wrath of their consumers, and have to reverse themselves. They know it, so they won’t even try.

In the longer term, it’s hard to say. The business model of Netflix and others, who soak up most of the internet’s bandwidth without paying anything for the infrastructure that makes it possible, may turn out to be unsustainable. If so, something will have to change. The same would have been true with net neutrality. But this is a technical problem, and the repeal of net neutrality means that networking researchers can develop a technical solution. Were net neutrality in play, technical solutions would be banned, so the solution would have to be political. That would mean that rent-seeking, not innovation, would be the future of the internet, and we would all be the worse for it.

UPDATE: Added the AT&T-Facetime affair to the preceding discussion.

ANOTHER UPDATE: The discussion above focuses on policies for choosing packets to drop, but there’s another aspect of network neutrality that I left out: concern that ISPs might block certain services entirely. This too happened once: a small phone company blocked voice over IP in an effort to force customers to pay for phone service. This case runs against my general thesis, because it was the (Bush-era) FCC, not the market, that put a stop to it. (Oddly, the FCC was able to do it at a time when it had no regulatory authority over ISPs at all, which says something about the intimidation powers of federal regulators.) Nevertheless, this is a baldly anti-competitive practice and I think the FTC has the power to address it under existing antitrust rules.

(Previous post.)


August 1, 2014

The LightSquared debacle still isn’t quite over; the remains of the politically connected company are now suing the government over its denial of a permit to operate. Since I was strongly opposed to LightSquared’s effort to make money by breaking GPS, I thought I should note Richard Epstein’s contrary take.

Epstein is a very smart guy, so maybe there’s something to this, but I don’t see how to reconcile his position with the expert testimony on LightSquared’s scheme.

(Previous post.)

It goes without saying

July 25, 2014

If Obama won’t follow his own health care law, he certainly won’t follow his own website privacy policy. I do find it amusing that he uses the same tracking company as though.

Iron Beam

March 1, 2014

Years ago, liberals made an ideological commitment to the idea that missile defense was impossible. It’s easy to understand how: Reagan was for it, and liberals were against everything he was for. Why they’ve never been able to shed that position in the ensuing decades is truly a puzzler. Despite all the things modern technology has accomplished (including successes in missile defense!), missile defense is the one thing that liberals believe is impossible.

But while America’s implementation of missile defense has been desultory, Israel hasn’t had the luxury of being able to accommodate its defense nay-sayers. They have implemented a system, and it works. Their Iron Dome system shoots down incoming rockets from Gaza, allowing their citizens to live normal lives while under constant attack.

But it’s expensive, so the Israelis have developed a cheaper solution:

At $100,000 a pop, missile interception isn’t cheap. And that’s why Israel is investigating lasers. Last week Rafael Advanced Defense Systems Ltd, the company behind the Iron Dome, unveiled its new Iron Beam system, a less expensive and more versatile laser-based addition to Israel’s defensive arsenal. The Iron Beam, which could be deployed as early as 2015, will reportedly vaporize short-range rockets, mortars, and even drones using high-kilowatt lasers.

“It’s exactly like what you see in Star Wars,” Amit Zimmer, a company spokesperson, told the Associated Press. “You see the lasers go up so quickly, like a flash, and the target is finished.”

I’ll be watching this with interest. The liberals have been very clear that shooting down missiles with lasers is impossible.

Obamacare malware

February 4, 2014

Just when you thought Obamacare’s woes couldn’t get any worse:

U.S. intelligence agencies last week urged the Obama administration to check its new health care network for malicious software after learning that developers linked to the Belarus government helped produce the website, raising fresh concerns that private data posted by millions of Americans will be compromised. . .

Specifically, officials warned that programmers in Belarus, a former Soviet republic closely allied with Russia, were suspected of inserting malicious code that could be used for cyber attacks, according to U.S. officials familiar with the concerns.

It seems astonishing that they would have hired Belarusian developers to build the Obamacare exchanges, until you remember that Obamacare’s developers were chosen specifically for their ability to refuse a Congressional subpoena. Then it doesn’t seem so astonishing after all.

On some level it even seems appropriate, since Obamacare is basically a malware attack on the US health care system.

(Previous post.)

Court rejects net neutrality, again

January 14, 2014

The DC Court of Appeals has unanimously rejected the Obama administration’s second effort to impose network neutrality. (It unanimously rejected their first effort in 2010.) This is a good thing.

In fact, while striking down the pernicious aspects of the FCC regulation, it leaves in place the regulation’s requirement that ISPs disclose what they are doing, so this seems like the best possible result. Perhaps Google (on whose behalf the administration was acting) will adopt a constructive, market-oriented approach (like this one) instead of rent-seeking now.

(Previous post.)

HHS won’t disclose security breaches

December 23, 2013

HHS, which under the execrable Obamacare law gets to make its own rules, has decided that it will not be required to disclose any security breaches, even to the people whose information is stolen.

And security breaches are a virtual certainty; recall that the system was deemed too insecure to go live, but went live anyway, in violation of government rules. Indeed, they’ve happened already.

(Previous post.)

Robot lies

December 21, 2013

I suppose programming robots to lie is a big step forward in making them behave like humans. violates security standards

November 22, 2013

It’s a good thing that doesn’t work, because the system is also insecure:

As was being developed, crucial tests to ensure the security and privacy of customer information fell behind schedule.

CBS News analysis found that the deadline for final security plans slipped three times from May 6 to July 16. Security assessments to be finished June 7 slid to August 16 and then August 23. The final, required top-to-bottom security tests never got done.

The House Oversight Committee released an Obama administration memo that shows four days before the launch, the government took an unusual step. It granted itself a waiver to launch the website with “a level of uncertainty … deemed as a high (security) risk.”

Agency head Marilyn Tavenner accepted the risk and “mitigation” measures like frequent testing and a dedicated security team. But three other officials signed a statement saying that “does not reduce the risk” of launching October 1.

(Via Hot Air.) In fact, the waiver (as CBS describes it) isn’t even allowed under government rules:

Ultimately, the letter recommended that Tavenner issue an Authority to Operate for six months while security testing continued on the site, which she approved. “This is a temporary Authority to Operate,” Sebelius said as she examined the document during the hearing. . .

Yet Sebelius’s matter-of-fact description of the temporary authorization is a lot different from the 2012 memo from Zients on federal cyber-security.

Page 11 of the Zients memo includes the following section:

Does OMB recognize interim authority to operate for security authorizations?

No. The security authorization process has been required for many years, and it is important to measure the implementation of this process to improve consistency and quality government-wide. Introducing additional inconsistency to the government’s security program would be counter to FISMA’s goals.

(Via Instapundit.) Counter to FISMA’s (the Federal Information Security Management Act) goals perhaps, but essential to the Obama administration’s political goals, and you know which takes priority.

The system’s insecurity isn’t just theoretical either. They’re already finding exploitable security holes.

(Previous post.)

Let freedom ring

November 22, 2013

You can finally use electronic devices during all phases of flight.

Obamcare problems pervasive

November 22, 2013

As a general rule, just don’t believe anything the Obama administration says:

An executive of the largest contractor working on the federal health insurance exchange website told Congress Thursday that problems with erroneous enrollment information being transferred to insurance companies were “isolated” – a claim later echoed by an Obama administration official.

But insurance industry officials have told the Washington Examiner that this is simply not true. The problems – such as duplicate enrollments being sent from the federal system to insurers, incorrect cancellations, and spouses being mixed up as children – were in fact being widely encountered across the insurance industry.

(More on this here.) To be clear, these problems are distinct from the web site being unable to handle more than a handful of applicants at a time. In fact, as we’ve noted, the fact that the web site doesn’t work actually masks this problem; if people can’t sign up, the system doesn’t get much chance to fail. With only a handful able to use the system, they’ve been able to correct the bad data by hand. If they ever get the site to take applications, the problems from its delivering incorrect data to insurers will be huge.

(Previous post.)


October 25, 2013 is 500 million lines of code. 500 million! By comparison:


Yeah, I’m sure they’ll be able to fix it really quickly. . .

POSTSCRIPT: The caption is a little inapt, since is not actually popular.

(Previous post.) (Via Ed Driscoll.)

Thermocline of truth

October 25, 2013

A superbly prophetic of prediction of disaster in the Obamacare exchanges.

UPDATE: This quote from Nancy Pelosi:

At a Thursday afternoon press conference, House minority leader Nancy Pelosi was asked by THE WEEKLY STANDARD if Obamacare should be delayed in whole or in part if still isn’t working in November or December.

“No, no,” Pelosi replied. “It has nothing to do with the programmatic part. It’s about technology.”

is a perfect illustration of Webster’s naive supervisor that sees software development as “a simple matter of programming.”

(Previous post.)

Still no Obamacare transparency

October 24, 2013

I noted on Monday that two major contributing factors to’s failure came not from typical government incompetence, but from the Obama administration’s own political malfeasance: (1) They kept systems integration in-house so Republicans couldn’t find out how things were going, and (2) they didn’t want users to find out the actual price of health insurance. In light of that, these stories seem interesting:

The Obama administration has decided to brief Congress on Obamacare’s implementation woes, but only Democrats are invited:

On Wednesday, the administration also sent Mike Hash, who runs the health reform office at Health and Human Services, to Capitol Hill to brief lawmakers on the law’s implementation.

Only Democrats were invited to that session, prompting protest from House Speaker John Boehner, whose spokesman called it a “snub” and said the administration should brief House Republicans, too.

Then there’s this:

The problems haven’t yet been resolved, but people familiar with the situation said officials are debating whether to replace parts of the registration system this weekend. By Thursday morning, a new tool that allows users to preview plans without registering appeared on the site with little fanfare.

This would allow people to see health insurance prices without giving personal information (thereby loading the system), and consequently would allow people to see the actual prices without a subsidy applied. This would seem to go against the administration’s goals for the system. But in fact:

CBS News has uncovered a serious pricing problem with It stems from the Obama administration’s efforts to improve its health care website. A new online feature can dramatically underestimate the cost of insurance.

The administration announced it would provide a new “shop and browse” feature Sunday, but it’s not giving consumers the real picture. In some cases, people could end up paying double of what they see on the website. . .

Every single page of the new feature warns people that they might be able to get a subsidy, with a big blue box that is often larger than everything else on the page. But even with that, it seems they still don’t want people to know the actual cost.

(Previous post.)

No-bid Obamacare

October 24, 2013

The primary contractor for the failed web site — the Canadian firm CGI — was hired with a no-bid contract.

Cronyism generally doesn’t surprise me, especially from these guys, but in this case I thought they really did want the system to work!

UPDATE: The senior vice-president at CGI is a college classmate of Michelle Obama.

(Previous post.) (Via Instapundit.)

Obamacare IT

October 24, 2013

The failure of comes as no surprise to its hapless developers:

As questions mount over the website’s failure, insider interviews and a review of technical specifications by The Associated Press found a mind-numbingly complex system put together by harried programmers who pushed out a final product that congressional investigators said was tested by the government and not private developers with more expertise.

Project developers who spoke to the AP on condition of anonymity — because they feared they would otherwise be fired — said they raised doubts among themselves whether the website could be ready in time. They complained openly to each other about what they considered tight and unrealistic deadlines. One was nearly brought to tears over the stress of finishing on time, one developer said. Website builders saw red flags for months.

Also, they first tested the system just five days before the system launched!

BONUS: It also seems as though some of the somewhat that did work was stolen.

(Previous post.)

It’s not the load

October 24, 2013

Obamacare’s apologists have tried to blame’s failure on heavy load. We’ve known nearly since the beginning that this wasn’t true. But some new reporting reveals it isn’t even remotely close to true:

Days before the launch of President Obama’s online health ­insurance marketplace, government officials and contractors tested a key part of the Web site to see whether it could handle tens of thousands of consumers at the same time. It crashed after a simulation in which just a few hundred people tried to log on simultaneously.

Despite the failed test, federal health officials plowed ahead.

When the Web site went live Oct. 1, it locked up shortly after midnight as about 2,000 users attempted to complete the first step, according to two people familiar with the project.

The system can’t even handle a few hundred simultaneous users. A few hundred!

Moreover, although the load was somewhat high (but not all that high) during the first couple of days when people were trying the system out of curiosity (indeed, I tried it myself), it’s much lower now:

The number of visitors to the federal government’s Web site plummeted 88 percent between Oct. 1 and Oct. 13, according to a new analysis of America’s online use, while less than half of 1 percent of the site’s visitors successfully enrolled for health insurance the first week.

(Previous post.) (Via Hot Air.) is worse than you think

October 24, 2013

Yuval Levin’s heavily reported piece on the state of the Obamacare exchanges must be read in its entirety. They are, he reports, an utter disaster. Government officials are in “a kind of restrained panic”, while among insurance industry people “there was much less restraint”. No one believes that the system can be fixed in time, and the need for some sort of delay is taken as granted.

One serious problem that has not been widely circulated is the fact that it is not impossible to use the system, just extremely difficult. This makes for a severe problem with adverse selection. It means that those who do use the system will be those who are most motivated; that is, the most expensive people. On the contrary, the purpose of the exchanges was to get a lot of cheap people into the system, so that they would subsidize the sick and infirm. If only the sick and infirm are getting it, it could bring health insurers down.

Another problem is that the back-end of the system — which reports data to health insurers — doesn’t work either. (More on that here.) This has been largely masked by the fact that hardly anyone has been able to use the system anyway, but if they manage to fix the front-end, this will be a severe problem. Levin reports that it doesn’t seem easy to fix:

CMS officials and the large insurers thought at first that the garbled data being automatically sent to insurers must be a function of some very simple problems of format incompatibility between the government and insurer systems, but that now seems not to be the case, and the problem appears to be deeper and harder to resolve. It is a very high priority problem, because the system will not be able to function if the insurers cannot have some confidence about the data they receive. At this point, insurers are trying to work through the data manually, because the volume of enrollments is very, very low.

Levin also reports that while some of the state exchanges work on the front-end, they all have problems on the back-end.

POSTSCRIPT: Megan McArdle adds a few more ways in which is worse than you think. One of them is this: The White House says you can always register by phone if the web site isn’t working, and there’s a prominent “apply by phone” button on the web page now, but you can’t really. The people at the call center use the same computer system as the web site. And that’s if you actually get to talk to a human; most people get referred back to the web site.

POST-POSTSCRIPT: The actual Obamacare phone number is 1-800-F1UCK-YO. Well, at least they made it easy to remember.

(Previous post.)

Obamacare IT

October 21, 2013

I have been enjoying the catastrophe that is the Obamacare rollout, of course. But beyond pure schadenfreude, it’s really interesting how the catastrophe came to be. The Obamacare web site goes beyond garden-variety government incompetence. It was the Obama administration’s own political malfeasance that brought about the disaster:

First, out of purely political considerations, the administration delayed issuing key rules:

To avoid giving ammunition to Republicans opposed to the project, the administration put off issuing several major rules until after last November’s elections. . .

The biggest contractor, CGI Federal, was awarded its $94 million contract in December 2011. But the government was so slow in issuing specifications that the firm did not start writing software code until this spring, according to people familiar with the process.

Second, the Obama administration’s deliberate lack of transparency was a key factor in the site not working. Consider this astonishing report:

As late as the last week of September, officials were still changing features of the Web site,, and debating whether consumers should be required to register and create password-protected accounts before they could shop for health plans.

They were still changing the fundamental design just a couple of weeks before the site launched! As it turns out the design point they were changing is key to why the system failed. The site won’t tell you anything at all without you providing personal information, which means that it cannot passively serve any pages other than the front page itself. In order to use the site at all, you need to put a heavy load on the system.

Why would they use such a manifestly foolish design? Political considerations:

“ was initially going to include an option to browse before registering,” report Christopher Weaver and Louise Radnofsky in the Wall Street Journal. “But that tool was delayed, people familiar with the situation said.” Why was it delayed? “An HHS spokeswoman said the agency wanted to ensure that users were aware of their eligibility for subsidies that could help pay for coverage, before they started seeing the prices of policies.”

The Obama administration does not want people to see the true cost of health insurance on the exchanges, they only want them to see the prices after subsidy. And as a direct consequence of their concealment of Obamacare’s true cost, the system doesn’t work. It’s poetic justice. (Except that the public are the ones who are ultimately punished.)

(UPDATE: More on this issue here.)

But wait, there’s more!

Third, the contractors who were hired to implement the system were selected not on the basis of IT experience, but out of political considerations. Most of the contractors were Beltway bandits, notable mainly for their lobbying prowess. The firm that did the site’s visual design was founded by the design manager of Barack Obama’s 2008 presidential campaign. But of greatest significance is the system integrator. They didn’t have one:

One highly unusual decision, reached early in the project, proved critical: the Medicare and Medicaid agency assumed the role of project quarterback, responsible for making sure each separately designed database and piece of software worked with the others, instead of assigning that task to a lead contractor.

Some people intimately involved in the project seriously doubted that the agency had the in-house capability to handle such a mammoth technical task of software engineering while simultaneously supervising 55 contractors. An internal government progress report in September 2011 identified a lack of employees “to manage the multiple activities and contractors happening concurrently” as a “major risk” to the whole project.

While some branches of the military have large software engineering departments capable of acting as the so-called system integrator, often on medium-size weapons projects, the rest of the federal government typically does not . . .

Why did they make such an unusual and ultimately disastrous decision? They were concerned that if they hired an outside contractor, Republicans might be able to subpoena information on the process:

Officials feared that if they called on outsiders to help with the technical details of how to run a commerce website, those companies could be subpoenaed by Hill Republicans, the former aide said. So the task fell to trusted campaign tech experts.

Note that voluntarily sharing information with Congress was out of the question; they were concerned with fighting subpoenas. And that lack of transparency directly contributed to the project’s failure.

Fourth, the administration wants to blame a lack of funds for the disaster:

Dr. Donald M. Berwick, the administrator of the federal Centers for Medicare and Medicaid Services in 2010 and 2011, said the time and budgetary pressures were a constant worry. “The staff was heroic and dedicated, but we did not have enough money, and we all knew that,” he said in an interview on Friday.

That’s pretty silly, since the cost overruns were astronomical; they ended up spending over half a billion dollars building the system. But let’s suppose we take it seriously. This is intended as an indictment of Republicans, who obviously weren’t going to appropriate any additional funds for Obamacare. On the contrary, to the extent to which it’s true at all, it’s an indictment of the administration.

They want you to forget that when Democrats rammed this turkey down our throats, they included a billion-dollar slush fund for Obamacare’s implementation. They had plenty of money, but they blew it on who-knows-what? (Literally. $67 million of it is simply missing.) After spending half a billion on the site, and blowing the billion-dollar slush fund, they now have the chutzpah to claim they didn’t have enough money.

In summary, Obamacare is failing not just because of government incompetence. It is failing because the Obama administration, for all of its determination to keep Obamacare in place, has priorities other than actually making it work.

(Previous post.)

Obamacare IT

October 14, 2013

CNN has been trying to use the Obamacare web site for two weeks now, to no avail. Never mind signing up for health care, their reporter can’t even set up an account:

Of particular note, their reporter tried at all times of day, including during the middle of the night.

(Previous post.)

White elephant

October 14, 2013

The Obamacare web site, which still doesn’t work, cost a reported $634 million to build. (Another report put the cost at a mere $515 million.) CGI Federal, the Canadian contractor that built the site, originally won the contract with a $94 million bid.

(Previous post.) (Via Instapundit.)

Obamacare IT

October 9, 2013

The Obama administration admits that the exchange system is broken, and not just suffering under unexpectedly heavy load.

Democrats will surely claim (if they ever even get asked) that the failure is somehow the GOP’s fault. Megan McArdle prebuts that narrative. The real problem is that the Democrats who crafted the law thought that they could bring a working exchange system into being, on an extraordinarily aggressive timetable, simply by decreeing it would happen. In the real world, “you can’t just order, ‘Make it so!’

(Previous post.)

Obamacare IT

October 6, 2013

More explanation of why the Obamacare exchanges melted down. As I speculated, it doesn’t appear to be excessive load:

One possible cause of the problems is that hitting “apply” on causes 92 separate files, plug-ins and other mammoth swarms of data to stream between the user’s computer and the servers powering the government website, said Matthew Hancock, an independent expert in website design. . .

“They set up the website in such a way that too many requests to the server arrived at the same time,” Hancock said.

He said because so much traffic was going back and forth between the users’ computers and the server hosting the government website, it was as if the system was attacking itself.

Hancock described the situation as similar to what happens when hackers conduct a distributed denial of service, or DDOS, attack on a website: they get large numbers of computers to simultaneously request information from the server that runs a website, overwhelming it and causing it to crash or otherwise stumble. “The site basically DDOS’d itself,” he said.

If this is true, the problem isn’t going to go away quickly as load lessens. It’s going to need a reimplementation, which will take time.

(Via Hot Air.)

UPDATE: Down for repairs. Take your time, guys.

Obamacare, or how not to implement online services

October 3, 2013

It’s not load that’s causing the Obamcare exchanges not to work, it’s bad design:

Load problems could explain servers hanging in California and New York … but the drop-downs? The standard explanation for this is “high load,” but high server loads don’t cause your security dropboxes to empty out.

“The drop-down thing is mystifying,” he told me. If federal exchanges decided to populate the security question fields by calling up a list of possible questions from another server — one that didn’t have a lot of capacity — then that might be causing the sign-up process to stall at that step. For an application that expects a lot of traffic, this is a very bad idea. . .

Why would they use such a seemingly obvious poor design?

“It can be easier to make a call to another server to get something when you need it than to implement a cache that you prepopulate either from static files or from the database on startup. Making a call to another server is also something you’d naturally think to do if you hadn’t had to focus on scalability before. The security question page is probably not the thing you’re most concerned about, so you give it to the new hire to do as their starter project. They don’t know what they’re doing, so they implement it the straightforward way … and since you’re under unbelievable deadline pressure to get something working now nobody reviews it in detail.

(Emphasis mine.)

The load they are getting isn’t all that much. Just one order of magnitude more than a prominent blog.

(Previous post.)

Obamacare IT

October 2, 2013

The Obamacare spin this morning was about how the new exchanges melted down because of intense consumer interest. But when the statistics become known (if they ever do), I think we will learn that the traffic was well within the range that a competently constructed system can handle.

The exchanges don’t work because their designers entirely neglected the problem of their implementation. They thought it was sufficient simply to decree that the exchanges would exist.

UPDATE: More here.

It’s getting hard to distinguish between criminals and law enforcement

September 18, 2013

The FBI admits that it distributed malware in order to break the anonymity of the Tor network. For a private citizen this would be a crime, but the government can do whatever it feels like.

Private messages aren’t

September 3, 2013

A new study shows that several major internet companies, including Google, Facebook, and Twitter, are compromising the privacy of their users’ emails:

Cyber-security company High-Tech Bridge set out to test the confidentiality of 50 of the biggest internet companies by using their systems to send a unique web address in private messages. Experts at its Geneva HQ then waited to see which companies clicked on the website. During the ten-day operation, six of the 50 companies tested were found to have opened the link.

The companies’ defenses:

Facebook declined to comment on the latest research but said it had complex automated systems in place to combat phishing (internet identity fraud) and reduce malicious material. Twitter also declined to comment directly but said it used robotic systems to bar spam messages from customer accounts. A source at Google said: ‘There is nothing new here. It simply isn’t an issue.’

DHCP is not a crime

August 28, 2013

A federal court has ruled that circumventing an IP-address-ban by changing your IP address is criminal. Not even changing your MAC address, mind you, which at least typically is specific to a computer, but your IP address, which isn’t specific to anything or anyone.

This is complete foolishness, and indicates that (a) the judge doesn’t understand how the internet works, and (b) the Computer Fraud and Abuse Act, insofar as it lends itself to nonsensical decisions, is much too vague.


August 19, 2013

This seems interesting:

The Hyperloop would send multi-person passenger pods through an above-ground tube at 760 miles per hour—nine-tenths the speed of sound. The tube would sit on 20-foot-high pylons that would mostly follow the route of California Interstate 5. Musk estimates the cost of the project to be around $6 billion, or less than a tenth of the estimated cost of the proposed California high-speed rail project, which Musk calls too slow and too expensive. The LA to San Francisco trip would take about 30 minutes of a turbulent-free and quiet ride.

This impressive thing about this — if all this is right — is the sensitivity to cost, which usually seems to be completely lacking in high-speed rail projects.

Skype helped the NSA spy on us, then lied about it

July 26, 2013

Details here.

(Previous post.)

The evil empire gets its mojo back

May 28, 2013

Microsoft wants to charge you admission to your own living room:

Microsoft has filed for a Kinect-related patent, and it’s a doozy of an application. The abstract describes a camera-based system that would monitor the number of viewers in a room and check to see if the number of occupants exceeded a certain threshold set by the content provider. If there are too many warm bodies present, the device owner would be prompted to purchase a license for a greater number of viewers.

Wow. Microsoft must have felt insecure in its position as technology’s evil empire.

It remains to be seen whether this “functionality” will be implemented in the next Xbox. Microsoft would be running the risk of a major consumer backlash if they did.

Would that backlash really happen? I’d like to think so, but I’ve found it very hard to predict which actions will result in a consumer revolt and which won’t. Consumers put up with all kinds of intentionally crippled products (DVD players that won’t do their bidding, always-online software, etc.) but then get outraged by things that seem more minor to me (ISPs throttling back people who run high-volume servers over residential lines), so I don’t know where they would land here.

(Via Instapundit.)

Molten-salt reactors

March 13, 2013

Another new technology for nuclear reactors is reaching maturity: the molten-salt reactor. One important aspect of the design is it’s “walk-away safe”. That means it doesn’t require any power to remain safe; you can walk away from it and it will safely coast to a halt.

A company says it’s ready to commercialize the design. Unfortunately, as is so often the case, government is in the way:

Bringing the new reactor to market will be challenging. Although the basic idea of a molten-salt reactor has been demonstrated, the Nuclear Regulatory Commission’s certification process is set up around light-water reactors. The company will need the NRC to establish new regulations, especially since the commission must sign off on the idea of using less steel and concrete if the design’s safety features are to lead to real savings.


March 6, 2013

I have no problem with killing foreign terrorists using drones, but I’m profoundly uncomfortable with the idea of Homeland Security building a fleet of drones for domestic surveillance.

Remember when the Democrats were strongly against so-called domestic surveillance? Back then, we were talking about Americans who take phone calls from foreigners under surveillance. Now we’re talking about Americans just going about their business, and Democrats think it’s hunky-dory.

I think there ought to be a simple bright-line rule: DOD can have drones (but posse comitatus applies), DOJ and DHS cannot.

(Via Instapundit.)

Clean coal

February 24, 2013

This will be cool, if it pans out:

Researchers have discovered a stunning new process that takes the energy from coal without burning it — and removes virtually all of the pollution. . .

Fan discovered a way to heat coal, using iron-oxide pellets for an oxygen source and containing the reaction in a small, heated chamber from which pollutants cannot escape. The only waste product is therefore water and coal ash — no greenhouse gases. As an added benefit, the metal from the iron-oxide can be recycled. . .

Fan’s process, called “coal-direct chemical looping,” has been proven in a small scale lab at OSU. The next step is to take it to a larger test facility in Alabama, and Fan believes the technology can be commercialized and used to power an energy plant within five to 10 years, if all goes smoothly. . .

The notion of carbon sequestration, in which CO2 would be pulled out of the air and stored, seems awfully hard. This sounds much more plausible. I hope it can be made cost effective.

POSTSCRIPT: Interestingly, the environmentalists — who ought to be delighted by a way to burn coal and generate only solid waste — seem to be against it. One might get the impression that they aren’t anti-pollution but anti-energy.

Think of the children!

February 19, 2013

Why does the left oppose nutrition for children?

Finally, after a 12-year delay caused by opponents of genetically modified foods, so-called “golden rice” with vitamin A will be grown in the Philippines. Over those 12 years, about 8 million children worldwide died from vitamin A deficiency. . .

Yet, despite the cost in human lives, anti-GM campaigners—from Greenpeace to Naomi Klein—have derided efforts to use golden rice to avoid vitamin A deficiency. In India, Vandana Shiva, an environmental activist and adviser to the government, called golden rice “a hoax” that is “creating hunger and malnutrition, not solving it.”

Glenn Reynolds adds:

For all the claims of “murder” thrown at the NRA over its policy arguments, the usual suspects are much quieter on this subject, where the connection between policy-advocacy and dead children is much clearer.

Indeed, for some perspective, consider this: 8 million children over 12 years works out to four Sandy Hook massacres every hour of every day for over a decade. Why isn’t the president surrounding himself with children and demanding golden rice?

This ain’t your father’s cover-up

February 9, 2013

Remember when officials use to cover up reports in order to hide dangers? That’s old school. Today, they cover-up reports showing that industries are safe:

Thanks to a leak from an anonymous insider, we learned Thursday that a report commissioned by the State of New York has given fracking a clean bill of health. The insider “did not think it should be kept secret” and released the document, which is now nearly one year old, to the New York Times, which reported:

The state’s Health Department found in an analysis it prepared early last year that the much-debated drilling technology known as hydrofracking could be conducted safely in New York.

The eight-page analysis is a summary of previous research by the state and others…[that] delves into the potential impact of fracking on water resources, on naturally occurring radiological material found in the ground, on air emissions and on “potential socioeconomic and quality-of-life impacts.”…[It] concludes that fracking can be done safely.

The analysis and other health assessments have been closely guarded by Gov. Andrew M. Cuomo and his administration as the governor weighs whether to approve fracking.

(Via Instapundit.)

Of course, covering up the report is a last resort. It’s preferable to falsify the tests, like the EPA is doing.

Why are they doing this? Possibly they believe that fracking is dangerous, despite the scientific consensus. (I believe that’s called being “anti-science”.) More likely, they’re just on the take, like Matt Damon and Al Gore.

Unlocking the rule of law

January 30, 2013

As of this week, it is now illegal to unlock your smartphone. Okay, that’s bad in and of itself, but what’s worse is how it happened:

Did Congress quietly pass a bill prohibiting smartphone unlocking and send it to President Obama’s autopen? No. What happened was the Librarian of Congress was empowered by the execrable Digital Millennium Copyright Act to decide what modifications of our own electronic devices we are permitted to perform. In short, Congress delegated the power to make law to this functionary, and last October he exercised his power to prohibit smartphone unlocking.

It is supposed to be unconstitutional for the Congress to delegate its legislative power, but the courts have been permitting it for a long time, provided Congress provides an “intelligible principle” for the delegate to use. This is a very bad thing.

It’s bad because the bar for an “intelligible principle” is now so low as to be meaningful. But more importantly, it’s bad because the limits of Congress’s time ought to be a safeguard against tyranny, but it’s not.

It used to be that Congress was a part-time job, but the workload of the average Congressional office has doubled every five years since 1935 (according to Senator James Buckley). That means more and more laws to burden the American people.

One might think that the absolute limit of 168 hours per week would cap the amount of rules that our legislature could generate, but not if they can delegate rule-making power to others. With delegated power, the government’s ability to generate new rules is literally unlimited.

With a limit, the government would be compelled to use its power selectively, and only address high priorities. Without a limit, government issues rules for absolutely the most trivial matters. (Yes, even for spilled milk.)

There ought to be no rule binding the American people that is not passed by Congress and signed by the president (or passed over his veto). This wouldn’t ensure that Congress would exercise good judgement, but at least it would require them to set priorities, and we could hold them accountable for every rule on the books.

UPDATE: Corrected the Congressional workload doubling period.

Aaron’s Law

January 19, 2013

A new bill to be introduced into Congress would take contracts out of the sphere of criminal law, and put them back into civil law, where they belong. Lawrence Lessig explains why that’s important.

Facebook censorship

November 2, 2012

Facebook has apologized for censoring a anti-Obama Facebook post. It’s good that they apologized, as far as it goes, but that’s not far. Without explaining how it happened, their apology rings hollow. In particular, I’d like to hear what role the Obama campaign had in the censorship; they have a history of calling for their opponents to be censored.

More generally, however, this incident (and others like it) show the weakness of proprietary social networks for free speech. When you own the medium (say, on your own blog) you can say what you want. When someone else owns it, they can shut you down. Even if they have a policy of allowing free speech, they can renege on that policy at the very moment you’re most interested in speaking, such as just before an election.

China attacks White House

October 4, 2012

This is troubling:

Hackers linked to China’s government broke into one of the U.S. government’s most sensitive computer networks, breaching a system used by the White House Military Office for nuclear commands, according to defense and intelligence officials familiar with the incident.

We need to take this sort of thing seriously. We aren’t.

Apple’s epic insecurity

August 14, 2012

Yikes! If you use Find my iPhone/iPad/Mac, all that Apple requires to authenticate your identity is your mailing address, and the last four digits of your credit card number. Those are the same digits that get displayed in plaintext everywhere since you can’t do anything with just them. With that easily-obtained information, an attacker can remotely wipe and brick all your Apple devices.


May 23, 2012

SpaceX is headed to the space station. If mankind has a future in space, it has to be with private enterprise.

Big Brother in the backseat

May 7, 2012

The Senate wants every car to contain a “black box” that records its driving “event data”. Even if you don’t see this as sinister, it certainly seems unwise, as the law would essentially require the black box to be accessible to hackers.

Don’t blame me, I voted for Zoidberg

March 5, 2012

You knew this day was coming:

Hacked DC School Board E-Voting Elects Bender President . . .

Within hours of examining the Ruby on Rails software build that constituted the voting system, Halderman’s team discovered a shell injection vulnerability, allowing them to alter an images directory on the compromised server as well as change outputs, and had guessed the admin login for the terminal server (hint: both the name and password were ADMIN).

From there, the team found vulnerabilities in the system controlling the server farm’s security camera’s, which allowed them to time attacks when nobody was around to notice the extra activity. Best of all, the team found a PDF containing authentication codes for every DC voter—you know, the ones voters use to prevent electoral fraud and prove their identities.

With this data, the team was able to change every ballot to a vote, not for any of the actual candidates, but a write-in for a fictional IT entity with Bender edging out Skynet in his political debut. Their control was so complete that even if new ballots were generated, they too would vote Bender.

Electronic voting is simply a bad idea.

Single point of failure

February 24, 2012

I found this article on our growing dependence on GPS very troubling. An excerpt:

GPS jamming and spoofing can have serious effects on geolocation and communications technologies that rely on GPS for positioning and timing; maritime and aircraft GPS use, and even stock market trading, can be affected by jamming, researchers said at the conference. . .

“Our modern society is almost completely reliant on GPS,” [University of Texas researcher Todd] Humphreys told the conference. “It could be deadly.”

We society really shouldn’t have a single point of failure. We need to fix that. But in the meantime, we probably shouldn’t let the president’s LightSquared cronies break the system.

Please don’t be evil

February 18, 2012

Just when my ire at Google was fading:

Google Inc. and other advertising companies have been bypassing the privacy settings of millions of people using Apple Inc.’s Web browser on their iPhones and computers—tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked.

The companies used special computer code that tricks Apple’s Safari Web-browsing software into letting them monitor many users. Safari, the most widely used browser on mobile devices, is designed to block such tracking by default.

Google disabled its code after being contacted by The Wall Street Journal.

Magic bullets

February 10, 2012

For those with an on-line subscription, the Economist has a great article about the XM25, the Army’s new grenade launcher that combines direct fire’s speed and precision with indirect fire’s ability to kill behind cover. Other countries are trying to build similar weapons, but ours is the only one that works.

Twitter sells out

February 8, 2012

ABC News reports:

Twitter has announced a new plan that will allow it to censor users’ tweets on a country-by-country basis if governments object to them. It says the policy is an attempt to keep doing business in countries, such as China, that do not welcome all expression.

On the company’s blog Twitter said it will now withhold offending content within the specific country that censors the language, while leaving it unaltered for the rest of the world. It will also post a censorship notice whenever a tweet is removed.

Board unanimously pans LightSquared

February 1, 2012

Forbes reports:

A special board formed to advise the federal government on the clash between Global Positioning System receivers and LightSquared’s proposed cellular/satellite communications network has concluded there are “no practical solutions or mitigations” that would allow the two to coexist on adjacent segments of the radio spectrum.

The National Space-Based Positioning Navigation and Timing Committee, in a letter released this afternoon, said it had reached the “unanimous conclusion” that the LightSquared network would “cause harmful interference to many GPS receivers” as well as a GPS-powered ground-alert system overseen by the Federal Aviation Administration.

Based upon this testing an analysis, there appear to be no practical solutions or mitigations that would permit the LightSquared broadband service, as proposed, to operate in the next few months or years without significantly interfering with GPS. As a result, no additional testing is warranted at this time.”

Recall that LightSquared’s business strategy is based not on new technology, but on using its political connections to obtain a competitive advantage. That’s why they aren’t giving up despite all the technical findings against them: they think their politicians still might prevail.

(Previous post.)


January 20, 2012

Content creators have a legitimate interest in protecting their property. With the break-the-internet bills hopefully going to defeat, is there another, better way to do it?

ASIDE: Some have said that Hollywood and its ilk are liberal institutions and we should let them swing in the wind. I despise that bunch as much as anyone, and yes, I know that that is exactly how the Democratic party operates, but I don’t think we should stoop to that kind of Chicago-style politics. The right thing to do is the right thing to do, even if it benefits Hollywood.

Darrell Issa (R-CA) and Ron Wyden’s (D-OR) OPEN bill might be right way to do it. I can’t speak to all the details, but the basic concept seems workable: Rather than censor the Internet, OPEN would go after the finances that make piracy profitable.

What makes this attractive to me is that is puts the solution in the same space as the problem. The Internet is not broken; it is a tool for transmitting data and it works well. Content piracy is a financial problem and the solution should be situated in that space.

And if Hollywood isn’t satisfied with that, they can swing in the wind.

Facebook jumps the shark

January 17, 2012

Facebook is sharing all its users’ private status updates and messages with Politico, an on-line publication focusing on politics. This is supposed to be okay, because all that material will be reviewed only by computers, not by people.

Personally, I would find that reassurance un-reassuring, even if I believed it, which I’m not sure I do. But it doesn’t really affect me, because I already recognize that nothing I put on Facebook is private.

(Via Althouse.)

Passwords and self-incrimination

January 13, 2012

An interesting legal battle is ongoing over whether a person can be forced to reveal a computer password, or whether she is protected from doing so by the Fifth Amendment’s protection against self-incrimination.

Under existing case law, the latter position seems stronger to me. The controlling case seems to be Doe v. United States. At issue in Doe was whether someone could be forced to sign a consent directive allowing foreign banks to disclose some information the government wanted. The court’s opinion wrote:

We do not disagree with the dissent that “[t]he expression of the contents of an individual’s mind” is testimonial communication for purposes of the Fifth Amendment. . . We simply disagree with the dissent’s conclusion that the execution of the consent directive at issue here forced petitioner to express the contents of his mind. In our view, such compulsion is more like “be[ing] forced to surrender a key to a strongbox containing incriminating documents,” than it is like “be[ing] compelled to reveal the combination to [petitioner’s] wall safe.”

The analogy to a safe’s combination came from the dissent, which said:

A defendant can be compelled to produce material evidence that is incriminating. . .But can he be compelled to use his mind to assist the prosecution in convicting him of a crime? I think not. He may in some cases be forced to surrender a key to a strongbox containing incriminating documents, but I do not believe he can be compelled to reveal the combination to his wall safe — by word or deed.

So the question is whether a password is material evidence like a strongbox key, or the contents of a mind like a safe’s combination. I think it’s clearly the latter.

(Via Instapundit.)

Games get better

January 13, 2012

Cracked writes that video games are getting much better (warning: adult language):

Gamers tend to complain a lot about the state of modern gaming. . . But then I stopped and realized: We have all of these amazing, fantastic, borderline magical creations in our hands that, in many ways, dwarf all the wildest predictions of yesteryear — and we’ve got the [temerity] to stand around and [complain] that they’re taking too long to load. . .


January 4, 2012

NASA’s scheme (subscription required) for getting its next Mars rover to the surface sounds awfully complicated, but it sure will be cool if it works:

Curiosity’s size makes getting it safely onto the Martian surface tricky. Previous rovers have deployed parachutes to slow their descents, and have then crashed into the ground using airbags to cushion their impacts. Curiosity is too massive for that approach to work. Instead, NASA hopes to deposit it on Mars using a contraption it has dubbed a skycrane.

As with the other rovers, Curiosity’s mother ship will rely on heat shields and air-resistance, and then on a parachute, to slow its arrival. But at an altitude of 1.6km a specially designed descent stage bearing the rover will drop away from this vehicle. The descent stage has eight rocket motors on its corners. These will slow its fall to a relatively sedate 0.75 metres a second. When it is about 20 metres above the surface, the rover will be lowered from it on wires and deposited gently onto the Martian landscape. The cables will then be cut with explosives, the descent stage will fly off and crash land elsewhere, and Curiosity will begin its mission.

Good point

December 31, 2011

XKCD on passwords:

I think this is probably an artifact of the days when passwords were a maximum of eight characters. Old habits are hard to break.

(Via Instapundit.)

Startup commercializes cell-phone tracking

December 26, 2011

A startup company can locate nearly anyone’s mobile phone in North America, given just the phone number. Yikes.

Free speech for me, not for thee

October 30, 2011

OWS Exposed is a new web site that exposes the nature and misconduct of the Occupy Wall Street protests. It was immediately subjected to a denial of service attack. When it got back up, its servers were hacked, redirecting readers to (I saw this myself.) It’s finally up and running now.

All of which tells us something about the supporters of Occupy Wall Street, without even going to the site.

Not loving iOS5

October 18, 2011

Good things about iOS5: I like being able to use the volume button to take pictures.

Bad things about iOS5: It’s taken me literally hours to get my phone working about as well as before the upgrade.


October 7, 2011

Steve Jobs is being lauded as one the greatest inventors of our time. I don’t mean to diminish his achievements when I say that (as far as I know) Jobs didn’t invent any of the products he is famous for. I mean to stick up for the role of the entrepreneur.

Jobs was unquestionably one of the greatest entrepreneurs of our times. He didn’t design the iPod, iPhone, and so forth. He built a company that designed them, built them cost-effectively, got them into the hands of consumers, and in doing all that, changed our culture. That kind of talent is much rarer than the inventor.

I also want to stick up for the Apple innovation that has been largely forgotten by other Jobs eulogists. People remember the hardware, the iMac, iPod, iPhone, and iPad, but they forget the software. I want to remember the software; in particular, the OS X operating system.

Apple products now have the reputation for running smoothly. People forget that, before 2001, Macs were crap. The old Macintosh operating system was terrible. It was unstable and its file system was incompatible with every other file system in existence. (In contrast, Windows NT was relatively stable, and, starting in 1996, it had the same point-and-click interface that the Mac was known for.)

Under Steve Jobs (history buffs: I simplify slightly), Apple fixed the problem by scrapping Mac OS entirely. They built a new operating system with a brilliant design: real Unix underneath with a Macintosh veneer on top. The main thing about it is it actually works. And I say this as someone who doesn’t actually like it.

LightSquared stink worsens

September 26, 2011

Another witness in the LightSquared inquiry has come forward to reveal that the White House pressured him to modify his testimony. Also, George Soros is involved.

(Previous post.)

How to ruin your brand

September 21, 2011

Wow. I have no idea if OnStar was a respected brand, but if it was, it sure won’t be much longer:

Navigation-and-emergency-services company OnStar is notifying its six million account holders that it will keep a complete accounting of the speed and location of OnStar-equipped vehicles, even for drivers who discontinue monthly service.

OnStar began e-mailing customers Monday about its update to the privacy policy, which grants OnStar the right to sell that GPS-derived data in an anonymized format.

Adam Denison, a spokesman for the General Motors subsidiary, said OnStar does not currently sell customer data, but it reserves that right. He said both the new and old privacy policies allow OnStar to chronicle a vehicle’s every movement and its speed, though it’s not clear where that’s stated in the old policy.

“What’s changed [is that if] you want to cancel your OnStar service, we are going to maintain a two-way connection to your vehicle unless the customer says otherwise,” Denison said. . . Canceling customers must opt of of the continued surveillance monitoring program, according to the privacy policy. . .

Collecting location and speed data via GPS might also create a treasure trove of data that could be used in criminal and civil cases. One could also imagine an eager police chief acquiring the data to issue speeding tickets en masse.

Passing on the OnStar service isn’t enough; you don’t even want their hardware installed. Thankfully, that’s easy to arrange. Just don’t buy GM.

(Via Instapundit.)

UPDATE: OnStar reverses.


September 19, 2011

Despite everything they pull, I find it hard to hate Google. Why? Stuff like this. Shopping for flights will never be the same.

Yet another scandal

September 19, 2011

The White House pressured Gen. William Shelton (commander of the Air Force Space Command) to change his testimony to favor a company, LightSquared, that wants to build a wireless network that could interfere with GPS signals. LightSquared is owned by a major Democratic donor.

(Via the Corner.)

Chinese video shows cyberattack tool

September 3, 2011

A video shown on Chinese state television apparently reveals a cyberwar tool and shows it being used to attack a Falun Gong web site hosted in the United States. Unsurprisingly, the Chinese government has taken the video down (you can still find it on YouTube) and claims that the footage is fake.

Don’t be evil, please

September 2, 2011

In a change of policy, Google will no longer give the same discounts to churches that it gives to other non-profits.

All your contacts are belong to Facebook

August 17, 2011

If you use the Facebook app on an iPhone or other smart phone, it copied all your contact info and stored it on their servers.  Read here for more, including an explanation of the incredibly (and no doubt deliberately) obscure process by which Facebook allows you to turn this off.

The “Protect IP” bill

July 28, 2011

The Protect IP bill is a terrible idea and it needs to go away. It would allow the government to shut down web sites without any due process, and it would break the Internet for good measure. In short, this thing is a dream for tyrants. Kill it.

Apple to cripple iPhone?

June 19, 2011

Apple has gone too far this time:

IPHONE users may soon be stopped from filming at concerts — as a result of new Apple technology. The leading computer company plans to build a system that will sense when people are trying to video live events — and turn off their cameras.

If this becomes a reality, I will be parting ways from Apple for good. Some things cannot be borne.

This isn’t just an issue for concerts and the like; this is an issue for any public event. Given that police in many places are already willing to break the law to keep people from recording their activities, can there be any doubt that they will be delighted to turn off cameras wherever they go. And that’s just the petty tyrants; then there are the real tyrants.

What really puzzles me is the mentality behind this. Have they forgotten who their customer is? They work for us, not for the concert promoters (and the dictators). It’s like the DVD player manufacturers who put in the “features” that prevent you from skipping to the main menu without watching ads. I paid for the player, not the studios! But this is worse than that. In that case, one could argue that the manufacturer was doing what was necessary for content to be available on DVD. That argument, implausible as it might be for DVDs, doesn’t wash at all for video recording. Are things going to stop happening in the world if Apple doesn’t prevent people from recording them?

(Via Instapundit.)

Cambridge crude

June 9, 2011

This could be a big deal, if it pans out:

A group of young MIT students has developed a new type of battery that runs on a rechargeable liquid fuel. The inventors call the fuel “Cambridge Crude,” and if the technology makes it to market, refueling an electric car could be as easy as pulling up to a pump. The batteries are powered by semi-solid flow cells, an innovative architecture that uses charged particles floating in a liquid electrolyte between two containers–one for storing energy and one for discharging energy. . .

The MIT News Office reports:

. . . Another potential advantage is that in vehicle applications, such a system would permit the possibility of simply “refueling” the battery by pumping out the liquid slurry and pumping in a fresh, fully charged replacement, or by swapping out the tanks like tires at a pit stop, while still preserving the option of simply recharging the existing material when time permits.

However, I would caution that this comes from the MIT press office, which has a history of over-hyping modest discoveries.

(Via Instapundit.)

Apple sues teen entrepreneur

June 7, 2011

This makes me mad:

Last November, we highlighted the story of New York City teenager Fei Lam, who had managed to sell $130,000 worth of white iPhone 4 parts in just a few months to customers eager to get their hands on a white iPhone 4 has Apple continued to delay the release of the official model. Lam claimed that he had developed a secondhand relationship with someone at Apple’s manufacturing partner Foxconn who had been supplying him with parts. At the time, the report noted that Lam had been contacted by a purported private investigator who claimed that Lam was trafficking in stolen goods, and Lam’s site disappeared soon after.

Apple yesterday finally filed a lawsuit against Lam and his parents, claiming infringement and dilution of its trademarks and engaging in deceptive practices through his conversion kit sales through his website at

I should mention at the outset that it appears the suit has been settled, and we don’t know the terms of the settlement. But I don’t need to know the terms to be outraged by this. I don’t know if Apple has a case under the law — but they shouldn’t have a case.

This kid was selling aftermarket parts, that’s all. There’s nothing unusual about that. It seems to me that this is Apple using a groundless lawsuit to drive a tiny competitor out of business. And if the suit actually has a basis in law, that’s even worse.

Don’t trust Google

May 27, 2011

Were you thinking that Google would apologize for locking people out of their Google accounts for criticizing Google’s customer service? Think again. Now they want to hold my money? Not bloody likely!

Massive Google fail

May 20, 2011

It’s bad enough that Ann Althouse’s blog was shut down completely for a full day, and damaged for days after that, due to completely unfounded spam accusations. It’s worse still that Althouse had to suffer abuse from Google employee/volunteer “nitecruzr” (seriously!). But people are losing access to their Google accounts for criticizing nitecruzr? Absolutely unacceptable.

I’ve moderated my distrust of Google over the past year, but this is a good reminder of why I distrusted them in the first place.

A cure for AIDS?

May 16, 2011

This is a big deal, if it pans out. (Via the Corner.)

Dog bites man

May 15, 2011

The New York Times is accusing Facebook of hypocrisy, advocating the use of real names in social networking but making anonymous attacks against Google.

The criticism is fair enough, but this shouldn’t surprise us. Corporations, like governments, are run by fallen humans and you’re making a mistake if you expect too much of them.

Uncle Sam wants to text you

May 13, 2011

The Boston Herald reports:

President Obama could soon have the ability to personally text message every single cell-phone-toting American -— whether they like it or not — with “critical emergency alerts” under a new federal program that civil libertarians and political opponents say is a Big Brother-like intrusion posing a high risk of political abuse.

Federal officials in New York yesterday unveiled the three-tiered emergency alert system that would blast messages about Amber Alerts, impending weather disasters and terror threats to mobile devices.

Cell-phone users could opt out of most alerts if they want to, but not the texter-in-chief’s presidential pages.

“It’s like the state rep sending out mailings about how wonderful they are,” said Tad Kasperowicz of the Quincy Tea Party. “President Obama says,’Here come the high winds and the thunderstorms’ and it’s not really an emergency, but, hey, he gets his name out to every cell phone in the area. I can see that. Absolutely. There’s potential for abuse there.”

Potential? I’d say near-certainty. Politicians already exploit every avenue they can find to get their names in front of you, from Congress’s franking privileges to governors stamping their name on billboards at every entrance to the state. Of course they will abuse this, but they’ve never had such an invasive tool before.

(Via Instapundit.)

TomTom sells data to police

May 5, 2011

Sounds like I’m not a fan of TomTom:

GPS mapping company TomTom apologized after it admitted selling data collected from its customers to Dutch police, the Financial Times reported Friday. The Amsterdam-based company sold data to cops in The Netherlands that was then used to help police set speed traps for motorists.

To be clear, TomTom wasn’t selling personally identifiable information (at least, such is not alleged), but what they did do is clearly against the interests of their customers.

Apple fixes iPhone tracking

May 5, 2011

The new iPhone software update removes the location tracking “feature”. To my knowledge, they still haven’t explained why it was there in the first place.

UPDATE (5/13): A reader points out the Apple press release. I’m still puzzled, though.  The press release says:

The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location . . .

But this contradicts the Guardian’s story:

The file contains the latitude and longitude of the phone’s recorded coordinates along with a timestamp . . .

I wonder who’s right. (Also, Apple has a history of collecting location information.)

Steve Jobs is watching you

April 22, 2011

The iPhone tracks all your movements using GPS, and keeps a record. Worse, that record is transfered to your computer when you sync your phone. Worse still, that record is persistent: when you migrate to a new phone, the record migrates with you.

Apple declined to explain what the hell they are doing.

Iron Dome works

April 10, 2011

Iron Dome, Israel’s new rocket defense system, has proven itself in action for the first time:

The Iron Dome counter-rocket defense system intercepted a Grad-model Katyusha rocket fired from the Gaza Strip on Thursday, proving its capabilities in combat for the first time.

IDF sources said the rocket was detected shortly after it was launched in the direction of Ashkelon, south of which a battery was deployed on Monday. Two Tamir interceptors were fired at the Katyusha and the first intercepted it, a senior Israel Air Force officer said. . .

The first Iron Dome battery was deployed outside Beersheba late last month after Hamas and Islamic Jihad fired more than 100 rockets and mortar shells into Israel in less than a week.

(Via Right Turn.)

Nowhere to hide

April 8, 2011

The Army is deploying GPS-guided mortar rounds in Afghanistan. Cool.

Delete me

March 12, 2011

The European Union wants to improve your privacy, but there’s a little problem:

The commission said consumers should be informed “in a clear and transparent way” about how their data will be used. They should also have the right to fully delete digital information, like social networking profiles, and should be informed when their data has been used in unlawful ways, the commission added.

What is this “full delete” of which they speak?

The Internet kill switch

February 19, 2011

I guess I hadn’t been paying attention. I’ve been hearing people talk about a proposed Internet kill switch, but I assumed that it was either hyperbole or a fringe proposal. Nope. This is an actual bill proposed by Joe Lieberman (D-CT), Tom Carper (D-DE), and Susan Collins (RINO-ME).

Its supporters defend it thus:

Proponents of the bill say it is narrowly crafted and does not intend to limit speech but to eliminate the vulnerability of critical systems such as banks, the power grid and telecommunications from attacks by terrorists or agents of hostile countries.

Indeed, the bill specifically does not grant the president power to act unless a cyberattack threatens to cause more than $25 billion in damages in a year, kill more than 2,500 people or force mass evacuations. The president would have the ability to pinpoint what to clamp down on without causing economic damage to U.S. interests, for anywhere from 30 to 120 days with the approval of Congress, according to the bill.

“This is not Big Brother,” says Tom Kellermann, vice president of security awareness at Core Security Technologies, and a former security expert for the World Bank. “It’s not about shutting off the Internet, but taking a scalpel to command control to key services to protect them.”

Call me unreassured. Who issues the finding that one of this parade of horribles is going to happen, thereby allowing the president to shut down the Internet? The president, of course. The bill specifically prohibits judicial review, and the Congress merely has to be notified. So the limitations are meaningless.

Remember that the Democrats have made it clear that they believe that Sarah Palin can singlehandedly instigate a mass shooting merely by posting a web page calling for the defeat of some Democrats. Against that backdrop, it’s very easy to imagine a Democratic president deciding that Republicans communicating on the Internet are going to cause mass casualties.

Worse still, the proposal is not really for a nationwide kill switch. Such an extreme power could be used only in a legitimate emergency. Instead, the proposal would give the president a “scalpel”, with the power “to pinpoint what to clamp down on.” The president can easily choose precisely who to silence without inconveniencing the general public.

But the president would never do such a thing, right? Wrong. The administration is already shutting down tens of thousands of domains, without any due process at all, for literally no reason other than its confusion about how the Internet works.

Neither is the limitation of the power to dealing with “cyberattack” likely to be any protection. We have seen many times before how racketeering and money-laundering laws have been creatively interpreted to prosecute political activity, and that was with the approval of the courts. Here, the power of creative interpretation would lie with the same person who would exercise the power (remember, no judicial review). That’s no protection at all.

This proposal needs to be soundly defeated.

It’s on

January 23, 2011

Verizon is suing the FCC to overturn the FCC’s net neutrality decree. They have a good case.

(Previous post.)

Fusion progress

January 8, 2011



January 4, 2011

Skype has finally implemented video calling for the iPhone.


January 4, 2011

This bit us on New Year’s Day:

Happy New Year! Here’s hoping you’ll wake up in time to enjoy the first morning of 2011, as multiple users are reporting that alarms set within the iPhone’s default clock application aren’t going off as expected come January 1, 2011.

However, the apparent alarm bug only affects those who go about setting their alarms in a very specific fashion on their phones. For starters, though, the bug in question only affects those running iOS 4—specifically, versions 4.2.1, 4.1, and 4.0.2 of the OS so far. And the bug doesn’t affect alarms that have been previously set up to run as recurring elements on the phone. You’ll have to set a single alarm specifically for tomorrow or January 2 in order for your iPhone to completely ignore it.

That “very specific fashion” is, of course, the normal way one sets an alarm.

This is a very strange bug, and Apple still isn’t saying what happened. A lot of people talk about the technological superiority of Apple. This incident underscores what nonsense that is. Apple is very good at design, but their products are at least as buggy as everyone else’s, often worse.

Falcon 9

December 18, 2010

SpaceX has successfully tested its Falcon 9 rocket, the first privately designed spacecraft capable of carrying astronauts into orbit. It’s a two-stage rocket, which is a little less cool than Scaled Composites’s SpaceShip One that won the X-Prize, but SpaceShip One wasn’t able to reach orbit.

Network neutrality on the ropes?

December 15, 2010

A number of network neutrality advocates are coming out against the FCC chairman’s plan to impose network neutrality despite a court ruling forbidding it.

I don’t understand it (the article doesn’t provide much detail), but I’m glad to see it.

(Previous post.)

Here’s hoping

December 10, 2010

Iran’s nuclear program may still be mired in a Stuxnet infection, despite Iranian claims to the contrary. (Via Hot Air.)

Geotagging considered harmful

December 10, 2010

Michael Yon has posted a frightening presentation on the dangers of geotagging. The presentation is from the Army, but the risks apply to anyone with enemies.

XM25 debuts in Afghanistan

December 4, 2010


Since the dawn of modern warfare, the best way to stay alive in the face of incoming fire has been to take cover behind a wall. But thanks to a game-changing “revolutionary” rifle, the U.S. Army has made that tactic dead on arrival. Now the enemy can run, but he can’t hide.

After years of development, the U.S. Army has unleashed a new weapon in Afghanistan — the XM25 Counter Defilade Target Engagement System, a high-tech rifle that can be programmed so that its 25-mm. ammunition detonates either in front of or behind a target, meaning it can be fired just above a wall before it explodes and kills the enemy. . .

[Lt. Colonel Christopher] Lehner said the first XM25s were distributed to combat units in Afghanistan this month. The 12-pound, 29-inch system, which was designed by Minnesota’s Alliant Techsystems, costs up to $35,000 per unit and, while highly sophisticated, is so easy to use that soldiers become proficient within minutes.

I first saw this weapon in the video game Ghost Recon 2. Good to see it’s finally become a reality.

Google search bias

November 24, 2010

Benjamin Edelman has done a study of Google search results that he says proves that Google intentionally biases their results. I’m not sure if his analysis proves the case or not, but it certainly doesn’t surprise me. Years ago a friend at Google told me that they adjust their search results to favor certain sites, like Wikipedia.

“People like Wikipedia,” he explained.

(Via Instapundit.)

Thorium reactors

November 6, 2010

Popular Mechanics has an interesting article on the promise of Thorium nuclear power.

White House wants new wiretapping powers

September 30, 2010

Fox News reports:

The Obama administration is developing plans that would require all Internet-based communication services — such as encrypted BlackBerry e-mail, Facebook, and Skype — to be capable of complying with federal wiretap orders, according to a report published Monday.

This may or may not be a good idea (I think not), but of one thing you may be sure: If this were President Bush’s proposal, the left (in which I include the mainstream media) would be going beserk. There would not be enough trees for all the editorials the New York Times would write.

Listen: crickets!

Microsoft does the right thing

September 15, 2010

I was all set to do a blog entry lambasting Microsoft for teaming with the Russian government to use charges (often bogus) of software piracy to persecute human rights organizations. The title was going to be Evil empire meets evil empire.

But Microsoft did the right thing. Within a day of the New York Times story, Microsoft issued a blanket license for human rights groups. The license applies automatically, without any need to apply. I have no doubt that Russia will find other ways to persecute its dissidents, but they won’t be able to use Microsoft to do it.

Well done, Microsoft.

(Via Volokh.)

Stem cell progress

August 20, 2010

Scientists have treated Parkinson’s Disease in rats using iPS cells.

Cast in a bad light

August 20, 2010

Popular Mechanics: Compact fluorescent bulbs just aren’t very good, and LED bulbs are $30-$50 each. Soon they will be mandatory, though. So when is the right time to start hoarding incandescent bulbs?

Microsoft deliberately limited privacy

August 4, 2010

The Wall Street Journal reports:

The online habits of most people who use the world’s dominant Web browser are an open book to advertisers. That wasn’t the plan at first.

In early 2008, Microsoft Corp.’s product planners for the Internet Explorer 8.0 browser intended to give users a simple, effective way to avoid being tracked online. They wanted to design the software to automatically thwart common tracking tools, unless a user deliberately switched to settings affording less privacy.

That triggered heated debate inside Microsoft. As the leading maker of Web browsers, the gateway software to the Internet, Microsoft must balance conflicting interests: helping people surf the Web with its browser to keep their mouse clicks private, and helping advertisers who want to see those clicks.

In the end, the product planners lost a key part of the debate. The winners: executives who argued that giving automatic privacy to consumers would make it tougher for Microsoft to profit from selling online ads. Microsoft built its browser so that users must deliberately turn on privacy settings every time they start up the software.

This is a particularly pungent example of a pervasive conflict-of-interest problem: “features” in software and consumer electronics that disadvantage the consumer who pays for the product.

White House seeks to monitor internet activity

August 2, 2010

The Washington Post reports:

The Obama administration is seeking to make it easier for the FBI to compel companies to turn over records of an individual’s Internet activity without a court order if agents deem the information relevant to a terrorism or intelligence investigation. . .

The administration wants to add just four words — “electronic communication transactional records” — to a list of items that the law says the FBI may demand without a judge’s approval. Government lawyers say this category of information includes the addresses to which an Internet user sends e-mail; the times and dates e-mail was sent and received; and possibly a user’s browser history. It does not include, the lawyers hasten to point out, the “content” of e-mail or other Internet communication.

Of course, the government can already demand to know who you are talking to on the phone. That’s troubling, to be sure, but at least there is a limit to what they can learn from that, because there is a sharp distinction between the phone number and the content of the call. For electronic communications, such a distinction is very hard to maintain. For many communications (e.g., web browsing, or friend requests), the recipient of the message is the entire substance of the message.

Will those on the left who condemned the Bush administration’s policy on phone records step up to condemn this far-worse overreach? We will see who was honest, and who was just scoring political points.

(Via Hot Air.)


July 22, 2010

Strong evidence that someone is plotting a cyber attack on the power grid.