• The Refrigerator Unexpectedly Showed Dick Doodles and Streaming Porn to a Visitor

    In the Internet of Shit, Grosseries Department, a colleague and friend of this reporter who requested anonymity for themselves and their client relayed a story of a Samsung fridge that had a distinct odor about it — not of rotten food, but of a subverted Internet-connected Family Hub.

    Samsung envisioned this $3,200 refrigerator as a kind of dashboard for families — even though every individual might have their own devices — that could share information, calendars, notes, and drawings, and surf the Web. This is part of the practice of turning a family into a kind of little corporation.

    What Samsung may not have thought of is how to advise people setting up the Family Hub in a shared area. In which many unrelated people pass through. At different times of the day. Without anyone else being there.

    My friend, who dealt with the clean-up, says that it might have been construction workers or other folks who were responsible, but somebody — somebody! — drew dicks all over virtual sticky notes across all the swipe-through screens. This was discovered when the organization's head toured a visitor through the office, and wanted to show off a streaming feature on the Samsung fridge. My friend writes:

    dicks
    swipes
    dicks.
    swipes
    dicks

    The head finally gets past the dicks, brings up the browser, and it starts streaming high-definition porn from a Web site.

    My colleague didn't see the dicks, which were deleted by the time they arrived, but they did see the porn history. Their solution, after looking into proxies, content-filtering, and other options was to enable parental controls.

    Innocent Screen or Invitation to Dick Doodles?

    This isn't the first case of fridge porn, though that term usually refers to excessively overfeatured expensive hulking stainless-steel fronted masterpieces of modern consumerism. Last October, a visitor to Home Depot posted a photo of visiting PornHub on a Samsung Family Hub browser, though you'd think the store would have parentally controlled that fridge to avoid just such a possibility.

    In a normal household setting, it might be easier to track down whether little Tommy drew the sticky-note penises and was surfing the Web while fondling cucumbers and radishes in the crisper drawer; less so in these uncontrolled environments.

    Previously: Pornhub on a refrigerator in Home Depot

  • The twisted history of the Happy Birthday song—and the copyright shenanigans that keep it profitable

    Mildred and Patty Hill rank among the most interesting progressive thinkers in the 19th century, and yet they are popularly remembered only for a copyright debate. Why is a song they didn't precisely write still a corporate moneyspinner, at least 122 years after they published a similar ditty?

    The Hills wrote and published "Good Morning To All," which morphed into a more popular rendition: "Happy Birthday To You." A lawsuit filed in 2013 by a documentary filmmaker, Jennifer Nelson, who was working on a movie about the song's history, sought to get a court to determine that the copyright to the song asserted by its current owners, Warner/Chappell, expired in the 1920s, if it ever properly existed.

    This suit was nearing its conclusion when a thrilling last-minute piece of evidence emerged from Warner/Chappell: an excerpt of a 1927 title called The Everyday Song Book produced by the piano-making firm, The Cable Company. The song, numbered 16, is called "Good Morning and Birthday Song" with the main lyrics under the score, and "optional" words below for "Happy Birthday." The ostensible copyright notice was blurred in the version supplied by the music company.

    songbookNelson's lawyer noted it was not the first edition, and were able to get a library to dig up the 1922 version. The same version appears there without a legally required statement of copyright. I have obtained a copy of this 1922 edition from an online bookseller. It's a fascinating thing to see in print what has been in dispute for so long.

    This would seem to be the end of the line for "Happy Birthday." The filmmaker should prevail; fees collected starting in 2009, within the statute of limitations at the time the suit was filed, should be refunded; and a clear future would be established for public-domain use.

    But copyright is a crooked path.

    The remarkable Hill sisters

    The intricacies of copyright related to "Happy Birthday" need to take a momentary back seat to the song's two creators, who haven't been fully forgotten, but who deserve some space of their own.

    Patty and Mildred were two of the six children of Rev. William Wallace Hill and Martha Jane Smith, raised in Anchorage, Kentucky. Unusual for his day, he insisted his four daughters have a profession and encouraged their advanced education. "My father believed that every girl should grow up with a profession. This was a radical philosophy everywhere fifty or sixty years ago, particularly in the South," Patty Hill recalled in an 1925 interview.

    Patty became one of the leading lights in the development of American early-childhood education, a continuation and expansion of work done in Germany by kindergarten inventor Friedrich Froebel. Her development of what were known reasonably as the Hill Floor Blocks led a student, Caroline Pratt, to develop "unit blocks," which recently celebrated their 100th anniversary and are widely used in childcare today.

    Mildred was an ethnomusicologist who was an expert in African-American music, as well as a musician and composer. She's considered the likely author of a remarkable essay published under the name Johann Tonsor in 1893 that predicted that African-American music would essentially become the music of America. (The work is of its time, titled "Negro Music," and is patronizing but admiring.)

    When our American musical Messiah sees fit to be born he will then find ready to his hand a mass of lyrical and dramatic themes with which to construct a distinctively American music.

    In 1887, the 19-year-old Patty joined the Louisville Training School for Kindergartners, a new enterprise in Kentucky that aimed to establish demonstration kindergartens and spread the practice of pre-school education for the poor. "The special desire was to reach little children who attended [an industrial school attached to a mission] although too young to sew," according to a 1907–1908 issue of The Kindergarten-Primary Magazine. Older children were taught the sewing and carpet-making trade.

    Patty Hill graduated in 1889 and became principal of one of the kindergartens, and then in 1893, the head of the entire Louisville Free Kindergarten Association. In a measure of how progressive Hill's organization was, in addition to serving what would otherwise have been child laborers, in 1899 it began training "colored" teachers, who would teach black children. Only a handful of such kindergartens existed at that time.

    As part of her work at the school, Patty enlisted her sister Mildred—who wasn't otherwise associated with the school—to compose songs that could be used to guide children through different tasks and phases of the days. Any parent is familiar with such songs today from daycare, and the Hills are a good part of their American origin. (Patty and her sister Mary, who was a teacher at the school, also worked together to develop "Typical Lessons for Mothers and Kindergartners," serialized in The Kindergarten for Teachers and Parents, such as "Rain—Part II" in an 1890 issue.)

    Starting in 1889, Mildred and Patty essentially workshopped songs with kids. Mildred wrote the music and Patty the lyrics. (Some researchers maintain Mildred adapted an African spiritual for the music, but there's no trace of the syncopation or the unique scale.) They experimented with finding songs that children could memorize and sing easily at this young age; Mary also helped out. Patty said in a deposition in 1934:

    [A draft of the song] would be written and I would take it into the school the next morning and test it with the little children. If the register was beyond the children we went back home at night and altered it and I would go back the next morning and try it again and again until we secured a song that even the youngest children could learn with perfect ease.

    "Good Morning to All" was one of their first efforts, and it appeared as part of Song Stories for the Kindergarten published in 1893. In the deposition noted above, Patty said that they used many variants to the lyrics, including "Happy Birthday To You," but never wrote these out or published these. Patty was savvy about copyrights: she and her sisters told trainees to never write down the music or lyrics to the songs before the 1893 book appeared.

    In 2015, unit blocks remain in wide use and "Happy Birthday To All" is a tune that perhaps billions of people know. Patty, who died in 1946, helped create and foster a change in thinking about teaching young children that benefitted hundreds of millions worldwide.

    The Hill sisters had an impact. But the fact that an 1893 melody coupled with words sung but not put into print has remained in copyright without an effective challenge may finally be on the verge of changing.

    A smoking gun in ostensibly overlooked files

    When I was a young man studying graphic design at college, one of my professors, Alvin Eisenman, then the dean of the American approach to design, would mix art and practice with anecdotes about his career. One story stuck with me: Never sign off on a client's proof, he told us. Those who have seen Elf know what that means. Before a book or other item is printed, a pre-production version is created—a "proof"—that shows any flaws or problems.

    When I had an offset printed book last year, I received a laser-printed copy produced by the same rendered output that would be used to create printing plates for the book. I signed each page and express shipped the bundle back. In Alvin's youth, it would have almost certainly been a proof pulled from a letterpress or similar plate using a "proofing press." Graphic designers typically examine these proofs, but it's also typical to put the onus on the client (or one's boss) to sign the sheets—whoever signs has responsibility, and the printer bears no expense for errors found that aren't marked.

    Alvin told us he had once signed off on a book in the 1940s, and it was printed, and only then was it discovered that the copyright notice had been left off. Since March 1, 1989, any original work of creative expression in America receives the benefit of copyright protection as part of the act of creation. But before then, there's a long and complicated history as to what was needed. Until 1977 (and with some exceptions until 1989), "If the work did not include the word 'Copyright' or a © (a 'c' in a circle) and the name of the copyright owner, the work would enter the public domain," according to the Stanford University Libraries Copyright & Fair Use guide.

    As a result, Alvin and a colleague spent a memorable number of hours with rubber stamps and a "boxcar full of books," ensuring that each received a manually applied notice before they were shipped to booksellers. This was a cautionary tale, and one that might play into the current state of the "Happy Birthday" lawsuit.

    I won't recapitulate all the details, as they were discussed at length in 2013 across the media and again recently. The lawsuit is quite comprehensible for laypeople, and describes dozens of ways in which the copyright should be considered either invalidly claimed or lapsed besides the newly discovered work.

    The brief recap is that although the music and lyrics to "Good Morning" have a clear copyrightable moment in 1893, the same music coupled with the "Happy Birthday" words does not. The lawsuit notes the appearance in print in the early 1900s in various sources of alternate words, but without being authorized specifically by the Hills—who ostensibly retained copyright to "Good Morning," not the Song Stories publisher—that doesn't necessarily diminish their claim.

    In 1934, Jessica Hill sued over the performance of "Happy Birthday" as part of a 1933 Irving Berlin stage musical, but without referencing the lyrics—only earlier copyrights to "Good Morning." (Jessica inherited part of the rights from Mildred, who died in 1916.) In 1934 and 1935, Jessica sold rights to certain piano arrangements of "Good Morning" to the publisher of Song Stories, the Clayton F. Summy Company. Summy in turn filed a series of "republished musical composition" copyright registrations for "Happy Birthday," although only the last of which included the lyrics, and the lyrics weren't cited as part of the revisions that would justify a new registration.

    The Warner/Chappell defense of the copyright that remains is that somehow, the 1893 music combined with lyrics that were already in wide use and published extensively, once put together in 1935 represent a new work. That idea may be indefensible enough, but there are many other flaws in how the song traveled from 1893 to 1935. (The original 1893 work and a revised 1896 version should have remained under copyright until 1921 and 1924; the lawsuit says a proper renewal wasn't filed. Even if it were, the last possible date of protection would have been 1924 plus 28 years: 1952.)

    Warner/Chappell, part of Warner Music Group, has owned the rights (if any exist) since acquiring the previous owner in 1985. It has reaped on the order of $2 million per year since, and if it were to maintain that 1935 registration date, its ownership wouldn't expire until 2030—137 years after the first publication of the song's melody.

    There's much, much more in the lawsuit, but the last-minute discovery may allow all of the other arguments to be ignored. Late in the process Warner/Chappell produced new documents from a variety of sources after receiving some new material from other parties and re-evaluating what it had already turned over. One of the pages was from the aforementioned The Everyday Song Book's 1927 edition.

    Nelson's lawyers didn't immediately identify this as an issue because of a conveniently blurred bit of text where the copyright notice should have been. Warner/Chappell sputters about this in a recent filing: "And, to be clear, we did not notice the blurred text on the sheet music printed." Hey, nobody's accusing you!

    The attorneys found a university library with a 1922 edition of the book—the same edition I now have a surprisingly crisp copy of sitting beside me—and the credit line was readable. Instead of including as it did on other copyrighted songs throughout the book a notice like, "Copyright, 1899, by A. Flanagan, Publisher," it says merely, "Special permission through courtesy of The Clayton F. Summy Co." It contains both the "Good Morning To All" and "Happy Birthday To You" lyrics.

    Mark Rifkin of Wolf Haldenstein Adler Freeman & Herz, one of Nelson's lawyers, says, "The publication in 1922 without a copyright notice forfeits the copyright; it's just that simple."

    Even if it had had a copyright notice, because it was published in 1922, the work would fall before the 1923 cutoff point at which a variety of absurd revisions and extensions were added to copyright duration. Works published in the U.S. before 1923 are all in the public domain; works published in 1923, if they had a proper notice and were renewed after an initial 28-year term, don't expire until 2019.

    Warner/Chappell's filing says that Summy lacked permission in 1922 to grant such copyright, only obtaining it until 1935. However, Rifkin tells me that this is "not the only instance we found where the song was reprinted with permission from Summy"; they found many instances from 1901 through 1924.

    If Summy lacked the right, even if it had granted it to The Cable Company, then the song's appearance in the book wouldn't harm the Hills' ownership. And yet lacking the right, it's difficult to imagine this and other books were distributed without complaint, as Patty Hill was likely to see them or be told of them as they were used in her field. And she and Jessica were ready to sue the moment the song was performed in a musical.

    It all seems rather tendentious when you read the current lawsuit and source documents, including a lengthy deposition in the 1935 suit. The Hills regularly sang "Happy Birthday" to Mildred's music, the lyrics were widely reproduced in print, and Sammy had and exercised various rights on behalf of the Hills at various times.

    The entire case rests on the notion that Patty and Mildred never allowed the "Happy Birthday" lyrics to be combined with Mildred's music in any published form until 1935, and that those lyrics were original to them.

    The song may have feet, but the game's up

    "Happy Birthday" is fortunately an outlier in the copyright world. There isn't another popular song like it with as long and murky a history, nor any other work. The closest situation are the persistent efforts by a group called the Conan Doyle Estate to extract licensing fees for use of the Sherlock Holmes characters in new fiction. (The estate represents Conan Doyles who didn't descend from Arthur directly—his children were without issue—and who repurchased the rights from a charity to which his last child donated them.)

    All but 10 later Holmes stories were published in America before 1923, but the estate aggressively pursued fees for any representation of Holmes or other characters under the notion that even if specific facts or character traits exhibited in the final 10 works aren't present, Holmes as a literary figure depends on the full corpus. (The Holmes' stories are in the public domain in the UK and many other countries under a different copyright regime that counted 50 years from Conan Doyle's death.)

    The "estate" lost at trial, lost in appeal (with a wonderful opinion by Judge Richard Posner), and the Supreme Court opted to not hear further arguments. And yet it persists.

    The final determination about when "Happy Birthday" lost its copyright protection will be made by the judge in the case, who, after some back and forth filings and possibly an in-court hearing in the next week, will probably issue his opinion between the end of August and the end of September, says Rifkin.

    It would be nice to close the book on "Happy Birthday," but it doesn't close the book on copyright absurdity. An abundance of material from 1923 is poised to enter the public domain in 2019 unless a further taking of the public interest occurs, as the Sonny Bono Copyright Term Extension Act did in 1998, adding an unnecessary 20 years to the existing 50 years' protection past an authors' death.

    Rather than sing "Happy Birthday" on January 1, 2019, we should sing another variation of the song: "Good-bye to you."

    Sources

    Google Books and university libraries are wonderful sources of contemporary information on this topic, because so much material related to education was published in the time periods affected and nearly all of the pre-1923 material (and some beyond) that's been scanned is freely available for viewing and download. Many are linked in the article above.

    Robert Brauneis wrote a magisterial account of the Hill family and the song's history, as well as tracing the roots and winding path of its copyright in "Copyright and the World's Most Popular Song" (October 2010). I relied on some of his primary research (particularly for the 1925 quotation from an unpublished interview), although much of it can also be confirmed through contemporary accounts in journals, newspapers, and books. Some of his work has since been further elaborated on in the "Happy Birthday" lawsuit filing.

  • Twitter adds the most awkward version of blocklist sharing you could imagine

    Twitter yesterday added a new feature to let users share each other's lists of people they have blocked. On Twitter, a blocked user cannot follow the blocking account, nor can they favorite tweets or retweet that account's messages. For public accounts, it doesn't prevent a blocked party from searching for or reading tweets, although some activities require being logged out of an offending account.

    Having written here at Boing Boing about collaborative block lists almost a year ago, and being a user of Block Together myself, I was excited to see what Twitter would bring to the party as a supported feature.

    They brought text files, the equivalent of coming to a dessert party with stale celery sticks.

    The blocklist "sharing" involves exporting a file, which is produced in comma-separated value (CSV) format, sending that to a fellow human, who then imports the list. You can choose which accounts are included in the export or use a text editor to modify the list. (The feature is rolling out in the coming weeks, and will appear on Twitter's site under Settings in the Blocked Accounts section under Advanced Options.)

    It's too bad Twitter doesn't have an API. Hashtag-irony.

    The post announcing the offering also occurs in a vacuum, an all-too-typical situation with companies that feel they have to message everything. It would have been nice for it to have the modesty and generosity to acknowledge the work done by various uncompensated developers, and put this first step in context of their time and effort.

    As noted in my blocklist article, several different solutions —a ll within Twitter's application guidelines — allow users to opt into dynamically updated collaborative lists. I use Block Together and subscribe to the Good Game Auto Blocker list, which blocks those who follow two or more of a short list of egregious accounts related to GamerGate.

    I can unblock manually and permanently, and have many times. Block Together also has options to prevent two other kinds of places abuses arises from: young accounts (those registered in the last week) and accounts with almost no followers (under 15).

    Block Together's developer, Jacob Hoffman-Andrews, wrote a supportive post about Twitter's blocklist export/import with a short list of what it doesn't yet provide. One of the most important elements is forgiveness: because the text lists are static, rather than dynamically linked, if you unblock someone, that change doesn't propagate forgiveness to anyone who has imported your list.

    Let's give Twitter credit: it's less toxic as a whole today than it was a few months ago and certainly more so than last summer. It hasn't become a land of rainbows and unicorns, but it has gradually both improved reporting tools and its response to abuse reports so that things on average are less awful. Some people I know who have been regular targets are seeing vastly less nonsense.

    A few of the worst trolls have been banned forever. One has just had his eighth account permanently suspended, as he tries to regain access that's lost to him forever.

    I'm a very, very tiny target and I see almost none these days. That may have to do with a tool Twitter has released to verified accounts (I was verified as a journalist) that, when enabled, using machine-learning algorithms to block low-quality tweets:

    Quality filtering aims to remove all Tweets from your notifications timeline that contain threats, offensive or abusive language, duplicate content, or are sent from suspicious accounts.

    Twitter is testing a quality filter, currently available only to verified users.
    Twitter is testing a quality filter, currently available only to verified users.

    This has probably helped, and it's clear this feature isn't permanently intended only for a tier of users.

    And Twitter won't stop here. This text-only shared blocklist feature is a sketch of what's to come. As I've written about several times, Twitter cannot and shouldn't remove speech we don't want to hear, such as opposing political viewpoints and dad jokes. But it can reduce and discourage clearly threatening, harassing, and fully unwanted speech. This is another step in the right direction after years of inaction.

    Image: Shutterstock

  • Twitter's got a new troll stick

    "We suck at dealing with abuse and trolls on the platform and we've sucked at it for years," wrote Twitter's CEO, Dick Costolo, in an internal memo in February. And he was right. From death threats to members of the Parliament of the United Kingdom to an unending campaign of harassment against Anita Sarkeesian to GamerGate to high-profile celebrities and their families receiving floods of abuse and threats, Twitter had became an increasingly toxic environment.

    It seemed as though Twitter has been standing idly by while trolls spread their hate, and Costolo's memo made it clear that not enough was being done. Since late 2013, Twitter has been tweaking how it responds, and quietly testing new methods of flagging harassing messages and acting against user accounts who posted them. The changes announced April 21 codify some of what people had observed was happening in tests. The proof is in what happens next, but the conditions that Twitter has set up could lead to a substantially improved experience for many on Twitter after a long period of little visible progress.

    The asymmetric power relationship

    The problem with Twitter's previous approach, as I outlined in an article here at Boing Boing last August on third-party collaborative blocking tools, is that it's far easier for an individual or a group of people—whether formally associated or a mob organized around a hashtag call to action—to harass targets than it is for targets to mitigate the harassment. It remains easy to register mass numbers of Twitter accounts or buy such accounts from others, and assemble fake followers. GamerGate demonstrated how "brigading" or "dog piling" could be used to have thousands of real and fake accounts relentlessly flood the mentions of a user, rendering that account almost unusable.

    This can be especially awful when someone who is relatively well known retweets or mentions a person within a tweet who isn't, regardless of whether the reference is supportive or intended to encourage a negative response. For someone who has never encountered a large amount of excessive targeted negativity, it can be a surprise kick in the teeth. (This happens to regular people all the time, such as "Alex from Target," who was singled out for his looks, then received enormous backlash as well.)

    The collaborative blocking tools, like Block Together, allow some automation. Randi Harper's Good Game Auto Blocker, which analyzes a few key GamerGate figureheads' followers, and creates a regularly updated filter list used by Block Together of accounts that intersect, allowed me and others to suppress the bulk of bad actors.

    Twitter has gone through a few waves of improving how accounts are reported for abuse, making it a matter a few months ago of a few clicks, rather than requiring copying tweet URLs, pasting, and so forth.

    Yet Twitter's fundamental problems remained:

    • It's too easy to create new accounts without any validation except an email address. While few people would suggest Twitter switch to Facebook's terribly implemented "real name" policy, the company interest in acquiring users outstrips its ability to throttle fake or disposable account creation. (Block Together options include blocking any account that is under seven days old that mentions your account, as well as any account that has fewer than 15 followers.)

    • Users have no tools available within the Twitter infrastructure that act at scale against an incoming barrage. Block and mute (as well as third-party client mute) are one-at-a-time actions.

    • Third-party clients weren't prepared for large-scale blocklists. With Twitter's Streaming API, in which one's timeline is fed in real time to Twitter's and third-party clients, blocking occurs in the client. Most clients weren't set up for this. I use Tweetbot, which like other apps retrieves just the most recent 5,000 blocked accounts, while I have over 12,000. A near-term Tweetbot update will raise the limit to at least 10fold, says the developer.

    • Twitter's enforcement seemed underwhelming. Accounts that released personal information or made specific and credible threats of harm would sometimes be suspended for hours or days and then return. Returning users often bragged that they had to do nothing to get their account back; many are recidivists, engaging in the same behavior repeatedly, and being suspended and resumed repeatedly.

    The new policies could partially or largely solve aspects of all of these problems.

    Timeouts and an invisibility ray

    We've all assumed Twitter mines its data as well as third parties can, which would mean it should be very well placed to characterize accurately patterns of use that should let it identify abusers and act upon that information before reports are filed. And so they are. While this feature remains in testing, it could prove one of the most beneficial as it will act silently. Some users who receive regular abuse say they're already seeing a difference.

    Twitter will automatically suppress tweets that mention a user from appearing in that user's timeline if they match patterns and content of abuse previously seen. Those who are continuously harassed often see abusive messages from people with accounts that are obvious giveaways: the biography includes abusive hashtags or imagery; the account is either new or has a low tweet count, and was put into use for this purpose; the abusive party isn't following the account it's talking at. This will help tweeters who are suddenly the subject of scorn as well as frequent targets.

    People you follow won't have their tweets filtered, but others you don't who meet this criteria just won't have their messages show up in your stream. They can still post their messages, but the intended victim won't get them. This is effectively what collaborative blocking offers by creating a joint list of accounts that one person doesn't have to manually or continuously update. (This is also how per-user mute works in Twitter: the muted party can still follow, favorite, and retweet the muting account, and is unaware their behavior is invisible to them.)

    On the enforcement side, Twitter is stepping up some behavior that it's definitely tried before, and codifying and extending it. Accepting reports and evaluating whether someone's message or series of actions constitute a violation of its rules is one thing. (Even there, Twitter has broadened one measure of abuse to read, "Users may not make threats of violence or promote violence, including threatening or promoting terrorism." It previously stated threats had to be "direct" and "specific.")

    The new enforcement methods can include up to three elements: a specific amount of time a user is put in the corner before the account can be reactivated; the requirement to enter a phone and verify receiving a message at it; and the necessity of deleting one or more identified tweets. In the reactivation process, a user also sees a screen that reinforces the policy guidelines with links to more information.

    The specific duration of a suspension is, I believe, new. In the past accounts were locked out for arbitrary periods of time, which weren't specified, or which required someone to contact Twitter to request reinstatement. (A much smaller number of accounts are banned, and those Twitter names are typically also permanently retired.)

    Having to validate an account by providing a phone number reduces a user's anonymity. There's a lot to be said about the positive side of Twitter's current account registration policy for allowing freedom to speak (not freedom of speech) anonymously.

    However, when Twitter evaluates reports or finds analytically recognized bad behavior, requiring an SMS code sent to a number could result in one of two outcomes: the person is chastened and realizes they can be identified should Twitter be subpoenaed; the user walks away from the account, which if it's one they've built up for a purpose, is a significant penalty. While it's possible to get disposable phone numbers for SMS and engage in other workarounds, the phone system is more limited than email, Twitter can identify re-used numbers and ranges used for the purpose, and only a subset of people will try to circumvent the system.

    The final step is rather clever. If Twitter identifies tweets it wants deleted because they violate policy, it doesn't remove them itself. Rather, it requires the user to click Delete before getting an account reinstated, again setting up a choice to abandon an account or not. A suspended account's tweets are entirely unavailable, thus if they won't delete some, the user is effectively deleting all.

    Its bat and ball

    Forcing a user to delete tweets is, to be sure, rubbing users' noses in their behavior who are deemed to have crossed a line. But it's Twitter's world; we're just living in it. By tightening their definition of acceptable speech in their commercial realm, where free-speech rights are always constrained, this may make some uncomfortable.

    Free-speech absolutists want all speech, no matter how offensive, to be legitimate. But this isn't true in the real world, even in a country like America that allegedly has among the broadest, if not the broadest, protections for speech. One should consider that police and executive powers, often with courts' cooperation, have restricted our rights to free speech in public places and free assembly for dissent.

    Yet Twitter is a commercial space, not a government-controlled forum. And Twitter's rules typically relate to interpersonal interaction, not the kind of speech. One may say all sorts of things that others find offensive, but as long as they aren't targeted to an individual or specifically defined group and include statements designed to cow or coerce—or, worse, a preview of an actual plan of violence—Twitter won't remove those.

    There are many things I may not want to hear, and I absolutely support the right of people to say them. Directed threats and other abuse are not in that set of ideas. In the physical world, such words could result in arrest, restraining orders, and convictions.

    Now, it's time to watch and see how these policies play out. The best part about them is how invisible they will be to the vast majority of users who clearly use the medium sparingly, and a smaller group that simply wants to talk without the threat of violence, whether stating popular opinions or niche views that should be heard.

    Image: From the 1923 edition of Grimm's Fairy Tales illustrated by Gustaf Tenggren

  • Think you have the right to demand police identify themselves? Look closer.

    Many of us believe that we can ask any police officer for their name or badge number, and that a refusal to provide it is a violation of the law. We are often outraged when officers conceal their identities, especially when they are suspected of wrongdoing. But even when policy or legislation mandates that they disclose, officers rarely receive punishment if they fail to do so.

    Depending on your jurisdiction, which could be city, college, county, or state, officers may have no obligation to wear identification at all, let alone disclose it on request. Moreover, departmental policies that do require identification often allow broad discretion for an officer, or commanders, to suspend the rule if they experience a threat, be it a present danger or existential, such as someone later using that information to harass.

    Troy Payne, an assistant professor of justice at the University of Alaska at Anchorage, notes that there are about 18,000 local law-enforcement agencies in the US, all of which operate independently.

    (more…)

  • "Stranger Danger" to children vastly overstated

    As a parent of two young children, it's my job to keep them healthy, safe, and happy. But I'm not at all worried they're going to be snatched off the street. Why? Because oft-spread claims that that 800,000 children are reported missing each year—with 300,000 children estimated to be sexually trafficked—are outdated or simply wrong.

    Abduction Rates Overstated and Outdated

    The commonly cited "800,000" number is from a 2002 study of 1999 data. This information is widely misstated, and the data hasn't been updated in the era of ubiquitous mobile access and Amber Alerts. The National Incidence Studies of Missing, Abducted, Runaway, and Thrownaway Children (NISMART) surveyed about 16,000 adults, examined a subset of law-enforcement agencies (roughly 25% of the total), and a sampling of juvenile facilities, including detention and treatment centers. No comprehensive study or survey of this scope has since been conducted in America.

    (more…)

  • Marriott plans to block personal wifi hotspots

    Marriott is fighting for its right to block personal or mobile Wi-Fi hotspots—and claims that it's for our own good.

    The hotel chain and some others have a petition before the FCC to amend or clarify the rules that cover interference for unlicensed spectrum bands. They hope to gain the right to use network-management tools to quash Wi-Fi networks on their premises that they don't approve of. In its view, this is necessary to ensure customer security and to protect children.

    The petition, filed in August and strewn with technical mistakes, has received a number of formally filed comments from large organizations in recent weeks. If Marriott's petition were to succeed, we'd likely see hotels that charge guests and convention centers that charge exhibitors flipping switches to shut down any Wi-Fi not operated by the venue. The American hotel industry's trade group is a co-filer of the petition, and Hilton submitted a comment in support: this isn't just Marriott talking.

    But there are big guns in opposition, including Google, Microsoft, and the cell industry's trade group, the CTIA. Even Cisco's "support" of the Marriott petition seeks to minimize the extent to which a rule clarification would affect most users.

    Earlier in 2014, the FCC fined Marriott for jamming the Wi-Fi networks of guests, exhibitors, and others at the Gaylord Opryland resort in Nashville. The hotel chain agreed to pay the FCC $600,000 in fines and create a compliance plan, with regularly filed updates, for all its properties.

    (more…)

  • Busting Sex Workers' Clients Increases Demand

    A relief work in Amsterdam's Oudekerksplein. Photo: J.M. Luijt (cc)

    Economics isn't about money. It's about understanding how people make decisions about what they do. This is as true in the movie Trading Places, an apparently very accurate depiction of commodity trading, as it is in sex work, an industry that has at various times and in various cultures been treated as a sin to be stamped out—or a service.

    Charles Hill, a business school professor at the University of Washington in Seattle, penned a recent blog entry looking at a change in local police tactics intended to reduce the demand for the service of sex workers. The stated change is to reduce demand for sex work by 20 percent by targeting johns who hire such services. But Dr. Hill starts from the increasingly validated position that most sex workers have personal agency, and haven't been coerced to pursue their trade.

    (more…)

  • Amazon mails conveyor belt roller instead of gift

    Lisa Seger, the co-owner of Blue Heron Farms in Field Store, Texas, hadn't expected anything from Amazon when a heavy, poorly sealed box arrived. She opened it to find a mysterious, smooth, green cylinder. It weighed 9 lbs.

    Blue Heron arrival of green roller

    She soon discovered four things:

    1. It was supposed to be a gift.

    2. It should have been a book about chickens.

    3. It's a component of Amazon's conveyor-belt system.

    4. And Amazon said it would charge her gift-giving friend $19 if Lisa didn't pack it up and send it back.

    Her chickens were neither informed nor amused by the roller.

    Blue Heron poorly wrappedEven the packaging was below Amazon's usual standards. Lisa tweeted, "I've sent a lot of crappily packaged things in the mail, but never a 9 lb @amazon factory roller with just a tape window to hold it in."

    Seger made great hay on her farm's Twitter feed, where she and her husband normally post about the life and times of running a humane goat dairy.

    "Wondering if the shipping of a 9 lb conveyor roller was just a cry for help from an @amazon warehouse employee."

    "Hey, now – If @amazon sends us just eight more conveyor belt rollers, we can bodge together a fine menorah."

    (more…)

  • Twitter takes aim at trolls—and promises more

    Twitter is home to all kinds of speech, some unpopular and some unpleasant, and it's often been faulted for an apparent indifference to harassment campaigns. Today, that changed: the company streamlined its abuse-reporting process and promised more to come.

    Today's changes relate to blocking, which in Twitter limits another user's ability to interact with you. A blocked user's @-mentions disappear from your timeline, and your tweets cannot be favorited nor retweeted by people you block. The blockee is also automatically unfollowed if they were following your account. (The secret Twitter hip-check move is tapping Block and Unblock, which knocks someone off your stream without notifying them.)

    (more…)

  • Serial offenders plague Twitter

    Twitter has an abuse problem, and it's not the one that you think. While there are endless complaints about the service's inability to respond rapidly to reports of harassment—especially sustained campaigns—its power is limited even when it does act. It can suspend an account, temporarily or forever, but not prevent abusers from creating new ones.

    The recent GamerGate saga, in particular, highlighted sequential account creation as the weapon of choice for maintaining a relentless stream of online abuse. To foster account creation—and its business model, stock-market valuation, and advertising rates—Twitter requires only an email address to start an account.

    (more…)

  • iOS's first major malware challenge

    Researchers at FireEye have discovered a pathway for malware makers and data snoopers to install iOS software that replaces well-known apps while retaining any data associated with those apps. This allows an attacker to access locally cached mail in Gmail, impersonate your bank's app, and more. Installation still requires the active participation of naive users, but the outcome is substantially worse than previously thought.

    It's a two-part method for ne'er-do-wells to carry out this attack, which has a lot of self-limiting aspects, as serious as it could be. First, they need to obtain either an ad hoc or enterprise provisioning profile through Apple, which means they need a developer account — inexpensive, but it does require one-at-a-time setup and verification, and carries some measure of identity and trackability. I expect that some developers will have their accounts hacked in order to make use of this vector. Apple didn't respond to a request for comment. (Apple still doesn't have two-factor authentication enabled for Apple IDs in its developer center, though it uses other methods of tracking and notification of changes.)

    These provisioning profiles contain digital certificates that bypass Apple's normal app installation limit that all apps must come from the App Store. The ad hoc profile lets a developer distribute testing versions of software to a very small number of people (up to 100 devices using their unique hardware ID). The enterprise (company) version is for firms that want to develop and distribute in-house software to employees. The yearly fee is $99 for a regular developer license and $299 for the enterprise version. (Apple purchased TestFlight, a beta distribution service, and now allows sending out in-progress builds to up to 1,000 accounts and unlimited devices, but the distribution workflow is quite different.)

    (more…)

  • FCC fines Marriott $600,000 for jamming hotel Wi-Fi

    The Marriott-run Gaylord Opryland resort in Nashville was faced with a dilemma. Like all hotels and exhibition centers, it charges exhibitors and conference organizers exorbitant amounts for Internet access on trade-show floors, as well as nightly fees for guests. Nearly all conference centers charge thousands of dollars for a few days of access, per exhibitor, and all they get is a couple of megabits per second at their booth. Google for the price sheets: you'll need an emesis bag handy.

    Thanks to fast cellular networks and portable WiFi hotspots, though, these halls are losing their extortionate edge. A carryover from the days of a captive audience who had no other choice, the wheeze was always factored in as a cost of participating in trade shows and other events. Now, however, the 4G LTE standard–whose frequency range penetrates buildings far better than most older cellular technologies–offers data rates in the tens of Mbps.

    (more…)

  • Ello, what's all this then? An ad-free social network

    Social networks, I've known a few, and Ello — in an ever-expanding public beta — is the latest entrant into a market both dominated and crowded, and littered with corpses. We may see Facebook and Twitter in much of the world, Sina Weibo, Tecent QQ, and Qzone in China, and Vkonkate in Russia as the biggest players. But there are so many others that serve niches small and large: Path and Instagram; Tinder, Grindr, and OkCupid; Google Plus, though we mostly pretend to ignore it because of how they opted people in; LinkedIn; and many language or country/region specific ones.

    (more…)

  • Security cruft means every exploit lives forever

    The notion of built-in obsolescence has been an axiom for decades. Manufacturers sell stuff, whether appliances or electronics, that are intentionally designed to have a lifespan shorter than the component parts require. As the owner of a 13-year-old major brand dishwasher that suddenly developed multiple component failures for which the cost of repair would only buy time and run more than the original purchase price, I'm well aware that value-priced items come with a ticking time bomb.

    But we also face unplanned, eternal obsolescence with modern embedded hardware, computers, and other devices. Operating systems, firmware, and add-on software can continue to run indefinitely and without any path to upgrade when flaws in operation or exploits for local or remote access appear. There is no comprehensive philosophy to cope with this across industries and scales, whether at power plants that handle millions of customers or the embedded code that runs set-top boxes or home routers. Many products reach an effective end-of-life without any upgrade path, or without the people or group that uses them knowing that a problem even exists — until there's a major exploit.

    The SCADA (supervisory control and data acquisition) systems exploited in the Stuxnet worm, the tens of millions (or potentially more) older Android mobile devices for which security updates will never be released or installed, the hundreds of millions of generic Linux embedded devices the owners of which mostly don't know they are running an operating system and the hardware doesn't have an upgrade path or are never upgraded when such fixes exist — these devices may run for years or decades longer despite the risks to users, companies, and the public. Just this week, a massive hole in bash, a common shell for Linux and Unix, was discovered, and will surely affect uncounted millions of devices exposed via Web interfaces. "Protocols don't come with sell-by dates," says Chris Soghoian, principal technologist at the ACLU's Speech, Privacy, and Technology Project.

    (more…)

  • The narrative lottery at XOXO

    Photo: Sam Beebe (cc)

    At the end of XOXO 2014, an arts-meets-tech festival in Portland that just completed its third iteration, each attendee sitting in the swelter of an unexpectedly warm September day wrote a name on a piece of paper and handed it to one of the many friendly volunteers, all of whom were indistinguishable in pursuits and motivations from the 1,000-odd paying participants. The results were tallied absurdly fast, and shortly the name was announced.

    We all rose from our seats when the name was called, applauding madly, whooping and hollering, as the lucky vote winner ascended to the stage and lay down. We filed past the front of the dais, pulling all of the money out of our pockets and bags and flinging it at the winner, balling up dollars into wads and hurling coins. The pile grew until that fortunate party was buried in money — until not even the head showed.

    It's a terrible fate and somewhat arbitrary, but they deserved it, and all of us had been dreaming of suffocating in that pile for the previous year, sometimes waking in a cold sweat, sometimes imagining its sweet, overpowering weight pressing us down, drowning us in our desire for attention and success.

    Then we walked out of the converted machine-parts building lost in our thoughts, consigning our sacrificial pick to browser history, and resumed our lives of creation and curation sure in the knowledge that we, too, will one day die.

    (more…)