Chao-Kuei's Notes | 資訊.人.權.貴隨便記

Consumers Don't Own Computers "Designed for Windows 8", and They Go to Landfills Earlier (True Intention and Side Effects of "Trusted Computing")

HUNG Chao-Kuei — Monday, October 10 2011

[ Traduction française par Georges Khaznadar; 中文版 1/2; 2/2]

Microsoft Windows 8 alpha is released and downloadable. But no, I am not recommending it. Nor am I denouncing it in favor of GNU/Linux (well, not in this article anyway). What you should be aware of and concerned about as a consumer is those machines labeled as "Designed for Windows 8". Much more so if you care about the environmental and humanitarian problems caused by e-wastes, for these machines will end up much faster as e-wastes than the ordinary machines manufactured now.

Machines labeled as "Designed for Windows 8" have to support UEFI。 UEFI is said to have many nice features, which I am not knowledgeable about and will not discuss. But I can assure you that one of those features is a downright hoax, scam, and lie. The "secure boot" feature in UEFI is claimed to make your computer more secure by disallowing intrusions from untrusted sources. This and certain other features in UEFI are important elements of Trusted Computing, a mechanism advocated by Microsoft and other big IT companies. The claim is that booting a computer from an untrusted source (such as a tux usb key which has applications in tourism, education, environment preservation, LOHAS, and ethics) is a security threat and should be avoided.

There is just one tiny problem: it's not you, the consumer, who gets to decide who is to trust. The propaganda claims that the consumers are too dumb (well, ok, actually phrased in a much more polite way) to make their own decisions about whom to trust. ("Microsoft or Chao-Kuei?") Software booting from an untrusted source may contain rootkit, for example, which would gain absolute control of your computer. The real, unsaid intention, however, is to prevent consumers from using alternative players and readers on alternative operating systems to circumvent the human-right infringing and infamous Digital Rights Management. If the big IT companies let you decide whom to trust, then they cannot trust you as a DRM-abiding consumer. With the secure booting mechanism in UEFI, the IT companies finally can trust that you will not be able to ask your computer to do what is best in your interest, for example exercising your fair use right and other rights requested in the digital consumer bill of right.

Ironically, history shows that one of the most famous rootkit invasions was not performed by individual bloggers and GNU/Linux lovers like me who have to build reader trust by behaving well and telling truth, but rather by big companies who can repeatedly abuse consumers and yet successfully keep them buying. In 2005, Sony BMG invaded consumer computers. The lovely music CD that consumers buy play nicely in CD players or DVD players. But it hijacks your Windows if you play it on a Windows computer -- Sony installed a rootkit in addition to establishing a DRM mechanism in your Windows. This creepy behavior was exposed on the Internet and caused protests. Sony BMG's Global Digital Business President responded, "Most people, I think, don't even know what a rootkit is, so why should they care about it?" But the most interesting part is the reactions of Microsoft and Anti-virus companies. What would you do if you were Microsoft and if Sony invaded your customers' computer? I would definitely provide security update and then also advise against buying these CD's or even sue Sony, depending on how nice I wanted to be with Sony. But Microsoft did nothing for several months. Nor did most big-name anti-virus companies. These are the companies who take your money, vouch to "make your computer more secure", and assure you that you can "trust" them.

Even more ironical is the ensuing fairuse4wm event in 2006, in which Microsoft behaved exactly the opposite. The newly upgraded windows media player employed DRM measures and suddenly deprived users of their backup right. Someone with the ID of viodentia wrote and shared on the Internet a piece of software called fairuse4wm to restore the users fair use rights. This time Microsoft swiftly produced "security updates" to disable fairuse4wm within 10 days. Viodentia updated fairuse4wm to circumvent Microsoft's updates, and Microsoft produced further security updates to disable it, ... and so on. Whom do Microsoft's "security updates" serve and which of viodentia and Microsoft is more trust-worthy?

History has shown that some of the big IT companies unitedly decided not to trust you. So who would you, consumer, trust? Oh, I am sorry. I should not address this question to you, for it is not you who get to choose whom to trust. I should ask computer manufacturers who enforce trusted computing for you. And for sure we all know that Microsoft is the only party for any consumer to place trust in -- according to the manufacturers. "We decide for you whom to trust. And of course it's us." That's the true intention of trusted computing. The "secure boot" feature of UEFI, enforced in computers "Designed for Windows 8", is one of its pieces. To learn more about trusted computing, you can read the EFF article. My article "DRM and Other Forces Overriding the Three Laws of Robotics" ( English, French, Spanish), my paper "1984 in the Making: Stealthy Invasion of Consumer Rights and Privacy by ICT Corporations" and my novelette in Chinese explain the relationship among DRM, Trusted Computing, and DMCA. It's also summarized in the picture to the right. Search for "windows 8 linux" for recent controversy about Microsoft enforcing UEFI on manufacturers.

To be more precise, it is not true that secure boot precludes other operating systems in principle. If the hardware manufacturer is willing to certify some minor OS, this lucky minor OS can also boot from a "designed for windows 8" computer. Still, the decision is for the hardware manufacture, not you, to make. Finally, some manufacturers may decide to allow the buyers to optionally disable the secure boot feature of UEFI. It is this last category of future computers that we will recommend everyone to buy -- not only because you would want to be a wise consumer but also because it prevents worsening of the environmental and humanitarian problems caused by e-wastes.

As explained in the e-waste part of the censored 4-part iPhone game "phone story", the discarded electronics either end up in landfills or exported to developing countries for "recycling", which in fact employ methods that are harmful to both human health and the environment. Unfortunately the business strategy of planned obsolescence meant to increase the profits of the big IT companies further intensifies this process at the extra cost of the planet and its inhabitants. It's bad enough when phone companies pursue their profits with little regard to the planet, but it adds insults to injury when the computer manufacturers do this without even really increasing their own profits.

You see, you may not care about GNU/Linux, but people like Helios devoted to refurbishing recycled computers for the disadvantaged choose GNU/Linux over outdated or pirated Windows for good reasons -- it makes the recycled computers greener, cleaner, more Ethical, and more educational. With manufacturer-enforced secure boot, these computers would go to the landfills or "recycling" centers instead of going to the disadvantaged because Helios and other people who care would not be allowed to install GNU/Linux for them. And the hardware manufacturers don't even make more money because of these extra, unnecessary harms done to the disadvantaged and to the planet, if profit-making is ever a justifiable excuse for irresponsible manufacturing behaviors! These disadvantaged people are not going to buy new computers just because they cannot get properly refurbished computers. They will just live without one. The planet, the people working in the "recycling" villages under unhealthy conditions, and people who could have ended their digital disadvantage with the help of GNU/Linux all suffer as side effects of trusted computing.

What can you do to help? Grab (perhaps with the help of you Linux friend) some live Linux CD from distrowatch. Better yet, create a live usb from it. Demand to boot the live CD or live usb before purchasing your next computer. Make sure that it is some minor Linux distribution, not just the store-suggested Linux distribution, that successfully boots. It's not about denouncing big brand Linux versions. It's about making sure that you get to decide whom to trust your computer security to. Show the computer guys in the store this article if necessary and insist on buying a computer that allow the buyers to disable the secure boot feature of UEFI. You don't need to love or use or even learn GNU/Linux if software freedom do not appeal to you. You can simply use it as a tool for testing the computer and discard it afterwards (though that would be a pity -- you are forfeiting the opportunity to lead a computer LOHAS life). Please do this for the planet, for the disadvantaged, for the society, if not for yourself as a wise consumer who knows to claim his/her full ownership of the purchased computer and basic user rights.

Designing Government ICT Strategies that Benefit from the Internet

HUNG Chao-Kuei — Tuesday, August 23 2011

A national government can choose to design its ICT strategy to flow along with or against the forces and phenomena of the Internet. (See picture "internet phenomenon map" for details) To give some examples, a government setting up policies and formulating regulations may find itself facing dilemma such as:

government transparency vs national secret
government transparency vs citizen privacy
use value (and cultural value) vs sale value [of digital contents]
freedom of speech vs protection of minors

There can be compromises or even agreeable solutions if non-ICT measures are employed, but in most situations the underlying ICT solution by itself will likely lean towards one direction or the other. In fact it almost always lean towards freeing information. Many failure stories of DRM and censorship provide good examples. Choosing to favor the free flow of information as much as possible in setting up national ICT strategies will more likely put a country on the winning side in the new world of attention economy. The following are some suggestions to achieve this, some non-technology suggestions to ameliorate part of its undesirable effects such as causing loss of privacy, and some other reminders regarding the design of a national ICT policy. regarding the design of a national ICT policy.

Madating the use of open file formats and open protocols is essential for data to be retained for a long time, for software components to be replaceable with competitive or new alternatives, and for there to be true competition in the market.
Free/Libre/Open Source Software or their proprietary derivatives (such as Apple's iOS) are the choice of technology in both the top supercomputer market and the mobile market. Only the desktop markets in developed countries are burdened with a legacy choice of platform. Choosing FLOSS or at least mandating a comparison before a proprietary solution is adopted can be an important factor in helping developing countries to leapfrog.
The knowledge of SEO (search engine optimization) can be a natural incentive for the public (in particular the small businesses owners) to learn the importance of searching and of being visible on the Internet.
Thinking from users' point of view is more productive than thinking exclusively from digital content (e-books/music/software/...) producers' point of view. Exposing math/physics/chemistry teachers to drgeo, gnuplot, maxima, ghemical, etc., for example, is much more productive than thinking of helping the ICT industry itself making money by way of cloud computing. A society in which the electricity companies make a lot of profits is certainly not a society that greatly benefits from electricity.
Exposing students to free software and free culture helps future citizens to recognize the power of collaboration, transparency, and ultimately the power of the Internet.
The debates between network neutrality and deep packet inspection (DPI) lies beneath many other debates.
The attention economy as explained in Michael Goldhaber's article is the key for scholars and policy makers to understand many social phenomena brought about by the Internet.
Stanford Law professor Lawrence Lessig's suggestion regarding regulation of spam and porn is not perfect but is a better compromise than no regulation and a far better compromise than DPI. In general, "code is law" is a must-read for law makers (though I don't think many read it, and that's why Internet laws in many countries are badly made).
Citizens need be educated about the fact that there can hardly be any privacy on the Internet. Privacy might be protected if citizens are consciously thinking about it before they put any personal information on the Internet in the first place.

By the way, the strategy and planning game of lincity (or its modern successor lincity NG) might provide lots of insights for politicians of any country, many of whom can't think far enough into the future. Might a country turn out to be more competitive if it include this game (or some other similar strategy games) in its politics degree curriculum ? :-)

Graphviz+Jessyink as a Latex-Style Potential Alternative to Prezi and Mindmap Presentations (How to Beat MS PowerPoint)

HUNG Chao-Kuei — Sunday, August 14 2011

For those of us who prefer spending more time with content than visual effects and prefer fiddling with texts than mouse/button/graphics, graphviz and jessyink could be a latex-style potential alternative to Prezi and Mindmap presentations -- if a few improvements are made. Please click on the picture and then use arrow keys to navigate thru the "slides".

Having blogged and given speeches (mostly in Traditional Chinese) a lot about FLOSS, open file formats, any browser campaign, free culture, and government transparency, I come to see a big picture of how the Internet is transforming our society. So I drew this picture: "the Internet Phenomenon Map" and wish to make it into the presentation "slides" for my future talks. I would love to talk about the content of this picture (I did already in Chinese), but for this post we will concentrate on the technicalities of its creation.

So I begin by creating a source file net-pheno-map.dot to be processed by graphviz. (I update the dot source file frequently, but don't update the following files, so there may be some major layout discrepency that doesn't hurt the explanations.) But I'd like to have it in two languages. So I concatenate the English text and the Chinese text together as the node names (I should have used labels instead but that's a minor issue) and use "#" as a separator between the two languages. To generate the English version of the background picture, I remove the Chinese part of the strings, feed it to the dot command of graphviz to generate the raw svg, and use a small perl script ds2tp to massage the output:

perl -pe 's/#[^"]*"/"/g' net-pheno-map.dot | dot -Tsvg > 1.svg
perl -pe 's#</g>#</g>\n#' 1.svg | perl ds2tp > net-pheno-map.en.svg

The "background" svg file net-pheno-map.en.svg is then converted into png by Inkscape and further into jpg by ImageMagick (to be used as a background). Finally, I open inkscape again and:

create a new file
"jessyink: install"
import the background jpg
create a few rectangles
"jessyink: view" to tag the order of the rectangles
save as net-pheno-jbm.en.svg, the "slides" linked to at the beginning of this post.

I did this on mepis 11 with inkscape 0.48. Note that the default jessyink does not work. I had to remove the /usr/share/inkscape/extensions/jessyInk* files and decompress the JessyInk-1.5.5.zip file downloaded from the official site. For details of using jessyink, please read Tim Teatro's tutorial.

The following are a few suggestions to the graphviz team and inkscape team. I apologize for not filing official and separate bug reports and/or feature requests due to my laziness. I hope this blog post proves to be useful to the FLOSS community nontheless. First comes some bug reports:

You can see that the relative positions between the background image and the rectangle "view" boxes are not exactly consistent between firefox and inkscape.
Somehow applying jessyink to the original svg file net-pheno-map.en.svg produces an svg file without special effect. That's why I resorted to producing the jpeg file as a background image to be imported again in a new jessyink-svg file.
Originally I used a slightly longer script to generate the background svg file net-pheno-nocr.en.svg. This file pack several "tspan" tags into a single textPath tag and is slightly more concise than the successful one (which has multiple textPath tags each containing tspan tags). However, in inkscape it displays in a staircase manner -- much like how text files with line feed (\n) but without carriage return (\r) displayes in DOS. Or windows. Whatever. It displays ok in firefox 4.0.1. I didn't study the svg spec, but it seems that the way firefox renders it makes more sense to an end user.

Here are a few feature requests that could make graphviz and jessyink to be an interesting alternative to prezi that appeal to people with the vim/regexp/grep/sed/awk/perl mindset (like me). It would be nice if

there is a gettext-like capability in graphviz so that a graphs in different langages can be created from the same .dot file (with language sections, or plus language files);
edge text can be specified to flow along the path in graphviz, with multi-line text support;
every svg object, or at least every group is automatically treated as a view;
the relationship among views is tree-like instead of linear;
additionally, the user can optionally assign one or more customized linear orderings of views each representing a series of slides for a separate talk;
the relationship among views and the linear order(s) can be defined in graphviz source file;
there is an overview mode displaying the tree of views within a slide just like what we already have now for the entire set of slides -- the "index slide" displaying the list of slides within a jessyink file;
change of views can be triggered by clicking on an object, a group, or a manually defined view;
ESC or some other key takes us to the "parent view" in the view hierarchy;
the gesture of defining a rectangle by drawing its diagonal dynamically creates a view and immediately takes us there;

With these features and whatever other more ingenious ones the FLOSS community come up with thru further discussions, I am sure few sane minds in the future would insist on using MS Powerpoint for presentation. For me, the only other attractive alternative to this combination would be the Anti PowerPoint Party's suggestions.

推出「資訊人權貴ㄓ疑」部落格映射頁面!

HUNG Chao-Kuei — Sunday, July 24 2011

貴政府或貴公司的網路封鎖 google blogspot 嗎? 我的部落格搬家之後, 您無法造訪了嗎? (因為我從 feedjit 的流量統計地圖服務看到: 特定地區的訪客驟減, 因此懷疑遭到池魚之殃...) 這個週末完成部落格新家的映射頁面, 我又有機會與您分享我的意見了! 可惜沒力安裝留言板。此外, 我也順便將我的噗浪打包存檔。當然, 兩者都不會太常更新, 可能會落後一兩個月。

對於被封鎖的朋友而言, 比較全面的解決方案還是用 ssh 打一條隧道, 從山洞鑽出來欣賞完整的自由世界。哦, 我那篇文章是給 linux 用戶看的。 Windows 用戶請搜尋「firefox ssh」或「firefox ssh tunnel」。不過如果你真的夠愛好自由, 應該也會希望早一點把暗藏盜版警察的 windows 丟掉。

搬家! 資訊人權貴的部落格搬到 Blogspot

HUNG Chao-Kuei — Saturday, May 14 2011

我的部落格搬家了哦! 新的部落格放在 google 的 blogspot: 資訊人權貴ㄓ疑。謝謝各位讀者支持; 請更新您的書籤吧!

為什麼要搬家?

OFSET 的流量被我衝太高 (我佔了 80% 左右), 有時不太穩。呃... 其實一天兩三百人次並不算太高啦。不過跟以前比起來, 因為現在有噗浪效應, 所以新文章貼出來的時候, 比以前更容易集中在短時間內爆量。有時會讓 dotclear 背後的 mysql 掛掉, 給 OFSET 站長製造麻煩。
我談的議題從自由軟體轉向自由文化, 再轉向網路現象, 有時甚至談臺灣的政治, 跟 OFSET 的初衷 (自由軟體應用於教育) 有點距離。
我的文章多為中文, 貼的頻率又特別高, 有點讓 OFSET planet (所有 OFSET 部落格的匯編) 偏了方向的感覺。
等我和 OFSET 的朋友都百年之後, 那一個站比較可能留下來呢? 我賭 google。 (呵呵, 就算離開地球, 都還是想要繼續影響她。這... 會不會太貪心了一點呀?)

至於圖片, 最後決定還是放在 OFSET 的靜態網頁好了。試過幾家免費相片空間, 不習慣用複雜的網頁界面管理檔案; 覺得還是用 scp 傳檔、用 ssh 整理最順手。因為是靜態網頁 (而不透過資料庫) 所以停擺的機率較低。萬一幾十年後 OFSET 把我的帳號砍掉了, 或是整個站都關門了, 「部落格上看不見圖片」並不是太大的問題。總是可以到 Wayback machine 翻出含有圖片的庫存頁面。

以下是搬家流程的計畫:

[已完成] 建立新的部落格。新的部落格要取新的名字, 比較不會搞混; 名字不要改太多, 才不會讓讀者覺得像是換了一個人。
[已完成] 在舊的部落格貼最後一篇公告文。因為有些友站會幫忙聯播, 會顯示我的最後一篇文章的標題, 所以最後一篇的標題一定要明顯談搬家。讓我順便藉這個機會感謝聯播小格的: Andes Core、打造自己的媒體、旅遊者、人在電工心在資工、弱格吉米言、 Richard的多元資訊站、馬小明的教學日誌、 Eternal Sunshine Of The Spotless Mind、 TCP Warehouse 以及經常轉貼或推噗的龜趣來嘻、 i420.cc、 Aiken Lin、 5680。 (以上是搜尋結果; 不好意思呵, 如果遺漏了您, 請告訴我)
[已完成] 新舊部落格互指。
調整舊部落格文章的刊出時間, 讓自選的文章浮到首頁。
能否整合新舊部落格的 tag? [blogspot 的 tag 已納入 ofset 的 tag; 另一個方向測試失敗]
是否需要把舊部落格的幾篇熱門文章搬到新家?

以後這個舊的部落格就只貼英文文章囉。新家見!

ps. 我真是太會選時間了... 正好遇到 google blogspot 首度大當機...

Chao-Kuei's Notes | 資訊.人.權.貴 隨便記