Bevorzugen Sie Deutsch? Einige Artikel und mehr über mich gibt es auch in meiner Muttersprache. Today, any device is networked, not only our personal devices, but anything from the fridge to the power plant. This implies endless possibilities, but also possibilities galore for anything to go wron
✍️Write rieview ✍️Rezension schreiben 🏷️Get Badge! 🏷️Abzeichen holen! ⚙️Edit entry ⚙️Eintrag bearbeiten 📰News 📰Neuigkeiten
I recently wrote a (German) article including this graphic (in German). Here is an English version of it. Have fun!
If you want a slightly more editable version (with more Inkscape metadata and grouped data points): Here it is.
There is a German version of the same Graph, with quite a bit of explanatory text.
The default WordPress «Archive» block becomes very long and narrow, when months accumulate. Here is an easy way to make it more compact.
One of my blogs looked like that after a few years of action (wrapped for better visualization; in the original, it is one huge vertical strip):
It would be much nicer if it looked like in the heading:
Much nicer, isn't it?
Here are the code changes in wp-includes/general-template.php (red lines, preceded with a minus, are the lines that I deleted; green with plusses, are the ones I added):
If you store this in your /usr/www/wordpress (or wherever you have WordPress installed), then applying the patch on a (Linux, Unix) system is simple:
patch -p1 < general-template-compact-archive.patchThat's all! patch is an amazing tool, it will look for where this change fits and if there is a fit, it will modify the file accordingly, saving the original with a .orig extension. (If patch thinks aplying the changes is unsafe or something else seems wrong, it will prompt you instead of making anything dangerous.)
Yes, it does require patching one of the default WordPress files. So you need to repeat it after every WordPress (core) upgrade. I wrote that code over four years ago, and all that has happened, is that the code block was moved further down in the file.
So it the loop itself never to be updated during many years. So I think it is safe to assume that this will not constantly break differently in the near future. And even if the code changes: All that happens, is the patch will not be applied, and the boring old archive list will continue to be visible.
Enjoy your new compact Archive!
27.7.2024 19:26Compact Archive for WordPress[…] How to block AI crawlers with robots.txt […]
19.6.2024 22:19Comment on How to block AI crawlers with robots.txt by AI bots (OpenAI ChatGPT et al) - comment les bloquer - Didier J. MARY (blog)[…] from asking AI itself to know more about how it works, guides like this could […]
6.5.2024 14:43Comment on How does ChatGPT work, actually? by Using AI: Being Smart, Heart, and Humble - Teacher Development TrustThere was a DEFCON Voting Village panel «If I can shop online, why can't I vote online?» which I found extremely important to read or listen to. Not just for me, in fact, for anyone talking about electronic voting. Here is a transcript for those who prefer reading (or searching for keywords).
[ez-toc]Of course, a link to the original video may not be missing, for those who prefer to watch or listen.
The transcript has received minor editorial changes: Placeholders ("uh", "you know", …), repetitions, self-corrections, etc. have been removed in order to improve readability. Text in angle quotes («…») would be indirect speech in a written text; from the context, it is meant to be a summary/rephrashing of someone else's statement, illustrated by a change of tone, not as a direct quote.
Chunks that are related to the organization of the panel and that are unrelated to the content have been removed for clarity.
Bold text and section headings have been added by me to help you navigate the arguments or point out what I believe are important take-home messages.
But now, let's switch to the transcript:
Susan Greenhalgh (00:08): I'm Susan Greenhalgh, I'm the senior advisor for election security at Free Speech For People. We are a national nonpartisan not-for-profit legal advocacy organization that works protect elections and democracy for all the people. We have a Proprogram which focuses on Election security and I've done a lot of work on internet voting for over 15years studying the policies and practices and written several reports on it. I'm here to talk about this issue with our esteemed panel.
First starting with David Jefferson: Dr David Jefferson, who is a researcher from Lawrence Livermore Laboratories, retired. In 1999 to 2000, he was the co-chair of the California Secretary of State's task force on internet voting. He'll talk a little bit more about that. He was the one of the co-authors of the peer review that was done on the Department of Defense's SERVE internet voting system in 2004, which ultimately resulted in the Department of Defense canceling the project. and he can talk a little bit about that. It was a 22million dollar project that was ultimately shut down and he's been writing, speaking, and testifying in opposition internet voting ever since. So that's David.
Next we have Matt Blaze, professor at Georgetown University School of Computer Science and Law. He is also co-founder of the Village and he's been working in election security for two decades and especially interested in the impact of complex software systems on security and reliability.
And Harri Hursti, also co-founder of the Defcon Voting Village. He is the OG in election security reviews, famously conducting the Hursti Hack back in the 2000s. He also was part of a team that reviewed the Estonian online voting system for security and traveled to Estonia to present the findings to people there.
So, we have an incredible panel and I will turn it over to David.
David Jefferson (03:12): So, first let me give you a summary up front of where I'm coming from. That which is, that it isn't possible now or in the foreseeable future with any combination of technologies that we can envision today to secure an online voting system and so thus we shouldn't be instituting internet voting anywhere in the U.S and we should really stop using it where it's in use today.
Voting of course is a national security issue: The legitimacy of democratic government depends on voting being secure and and open. So we really cannot open our voting systems to the to the various kinds of threats I'm about to describe to you, many of which would open our elections to manipulation by Foreign actors.
So let me talk about what internet voting is first of all. What we mean by that is any voting system in which voted ballots are transmitted over the Internet; maybe one hop of the communication is just over the internet, but if it's if voted ballots are ever transmitted over the internet in the course of running an election, it's an internet voting system. It doesn't matter whether it's by email or fax or web or mobile app: Any scheme, doesn't matter what the protocol is, if it's transmitted over the Internet, it's going to be vulnerable to the kinds of threats I'm about to describe.
So let's talk about those threats. What are the threats that we're talking about? There are many of them.
Many of these attacks can be Insider-aided, but insiders would include election officials and programmers and so on. There are many variations of all of these attacks.
Now, there are no strong defenses to most of these attacks; there just are no strong defenses. There are ameliorations, there are ways of handling certain special cases of these attacks. But there are no general solutions with technology that we have today.
They rest on some profound problems in computer science which Matt is going to tell you about in the in the next talk. These are the same threats that we encountered 25 years ago when I was the chair of the California Secretary of State's Internet Voting Task force and they're why we recommended that California not Institute internet voting in 1999.
These threats haven't really changed materially in the last 25 years and they may not change materially in the next 25 years; they are that intractable! Now, the problem is that all of these attacks that I mentioned can be automated and scaled up to massive scale. Depending upon technical details of the architecture of the voting system, the attacks can come from anywhere on Earth, including rival nation states or our own domestic partisans.
Successful attacks may go completely undetected; but if they are detected, they may be completely uncorrectable without running the election over again.
The perpetrators of the attack may never be identified. But even if they are identified, they're likely to be out of reach of U.S. law—as the 12 Russians, who are under indictment for interfering with the 2020 election are out of reach of U.S. law.
So the problems with Internet voting are profound and I'm going to now turn it over to Matt so he can talk more about that subject. Thank you!
Matt Blaze (09:27): So thanks, David! I just want to expand on what some of the stuff that David was talking about. He mentioned fundamental problems. And as a scientist or as an engineer, when somebody says, "that's a theoretical problem," we understand it to be different from when the general public uses the term "theoretical problem".
A theoretical problem in normal life is one you don't really have to worry about; a theoretical problem in science and engineering is the worst possible kind. Right, it's the kind that is fundamental to the system; that it's something that you cannot do anything about without either changing the assumptions or compromising on what the requirements are.
And there are two sets of fundamental problems:
So we have these two sets of fundamental problems clashing with each other: The first is, we don't know how to build systems that are reliable enough to avoid problems like this; and the second is, voting requires us to build systems that avoid problems like this rather than correct them after the fact. And this combined with the fact that an online voting system requires using complex computer technology means that this is a problem that we won't be able to solve no matter how hard we work at.
It's not that we're just not very smart, it's that these problems are beyond human capacity.
Where that leaves us is,
And that will always be with us when we do it that way, unless we relax some very important requirements of voting systems.
So, by the way, I'm not the only one saying this. There was a report from the National Academy of Sciences called "Securing the Vote", where the top experts in the field got together and produced what's called a "consensus report". It essentially makes a very strong statement: «This is something we do not know how to do» and recommends against it wholesale.
So, those who propose online voting systems are essentially proposing something that [according to] the consensus of scientists is impossible.
So, we should understand it in that context. So, thanks!
Harry Hursti (15:35): So internet voting is a whack-a-mole. It keeps on coming back and the argument is very often, say, well, we have this excuse: Shall we do just a little bit of Internet vote?
There's two reasons why that's not a good idea:
Internet voting has been claimed to be successful in Estonia. I went to Estonia with the professor Alex Halderman and a couple of other folks. We took a look in the system and it was a fairly decent high school project; that was the quality of the code.
However, there was a lot of interesting things in operations. For example, they rented the servers every year separately. So, from supply chain point of view, this one agency is renting three computers: That's your target! The lowest bidder and you can poison all you want. There were a lot of designs in that area.
For example, they publish a video where a the code is signed cryptographically, so that the voters will know, this is an honest code. And they claim that this computer, where the video was taken, has never been connected to internet. But it had a µTorrent [Transcriber's note: A BitTorrent Internet download software] and pirated movies and pirated films and online poker on the screen. So slightly suspicious that it might have been an intern.
In Finland, we tried internet voting or online voting. It was Kiosk Voting—but a system which can be used for internet loading too—in Three Counties and it was demonstrated that three and a half percent of the votes were lost and hence the election had to be reconducted, because three and a half percent in a what you call the Jefferson counting method means that it's absolutely certain the last candidates in the city council will be [awarded to?] the wrong people.
The common excuse also is to claim that we need internet voting to activate young voters, young people who like mobile phones.
Estonia is a brilliant country from the point of view that they published age brackets. And when you look in Estonia, you see that the fastest growing group of Voters online is over 65 and the young voters are rejecting the idea of Internet voting. The same was [experienced] in Norway, so that the actual government public data doesn't support the common wisdom that young voters would be activated by using internet voting.
Last but not least, I want to touch a very big topic. For example, in Europe and Germany, a lot of democracies have a rule that common person has to understand how votes are counted; and have to be able to verify the vote counting process with no special tools and education. Common man's common knowledge has to be enough. Now, we are proposing very complex ideas like homomorphic encryption, blockchain, …
The joke in US is that the average age of poll workers [gets] one year older every year, because we don't have enough young people coming to be a poll worker. But until we live in a Star Trek universe, where teenagers are casually talking about quantum mechanics: Who is going to be explaining to a 70 year old normal person, how homomorphic encryption works?
And in this today's world, how could anyone believe that you could ever be getting normal people to accept these complex ideas, that even most of the experts don't know how it works?
So let's keep it simple. Thank you!
Susan Greenhalgh (20:10): After hearing all of that, I'm guessing everyone probably thinks, «who would ever want to do internet voting for public governmental elections?»; but unfortunately, right now 32 states permit some subset of voters to vote online either by email, fax, or some sort of online portal. And there's a lot of ballots coming back online! In the 2020 election, there were over 300 000 ballots cast online; and in some states with small margins, there were a significant number of ballots cast online. And this is a problem, because those ballots we know are not secure and they can't be audited.
So, I want to talk a little bit about the policy in the history of how we got here and how it's playing out today to understand our situation. As I mentioned in the intro, back in 2004, David was part of a security study that examined a system that was being put together by the Department of Defense to a military and overseas voters to vote online.
This was something that Congress tasked them to do this. They built a system, had a peer review of the security. The peer review said, this is not secure, you cannot ensure the legitimacy of ballots cast online. So the project was scrapped.
Congress turned around and said: Okay, we'll have NIST—National Institute of Standards and Technology—develop standards for a secure online voting system and then we'll have the Department of Defense build to those standards. So NIST spent the later part of the 2000s and early 2010s studying the problem, writing several reports, and they came to the conclusion—that the scientists have all come to—that there's this broad scientific consensus that these problems are really not solvable with the security tools that we have today.
And they wrote a statement saying, we don't know how to write security standards, because we don't know how to do internet voting securely. It's not yet feasible, so we we're not doing it. So Congress said «okay» a couple years later; because Congress moved slowly between 2014 and 2015. Congress repealed the directive to the Department of Defense to build an online voting system; essentially taking the federal government out of it.
We often hear: «Why isn't the federal government studying it?» The answer is: They already did; asked and answered. So in the subsequent years we've seen more reports come out; in 2018, the National Academy study came out that Matt mentioned. There's been numerous academic studies, there's been some states have done their own studies.
Time and again, when the computer scientists and the security experts look at the problems, they realize that voting is not something that you can apply today's security tools to, in a sufficient way to secure it. So, we've never come up with anyone that says, «Here this is a secure way to do it from a scientific perspective».
Yet, in that early 2000s period of time and even the late 90s, there was a reasonable expectation that we were going to have a secure online voting system from the Department of Defense. So States passed laws to allow electronic ballot return. By 2010, I think 29 or 30 States already had electronic ballot return laws in place. So that was before NIST came up with their statement saying, «we can't write security standards for this», and before the bulk of the scientific research that's so conclusive had come out by. So, in the mid 2010s, we'd seen a kind of a slowdown in the movement for online voting; but now we're in the middle of an aggressive push once again to have people vote online and that's coming mainly from two places:
First, there's a guy named Bradley Tusk who is an Uber multi-millionaire: Made a bunch of money for Uber and he helped change their policies. Not a tech guy, he's a policy guy. He helped change state laws to allow Uber ride share policies around the country. He also was responsible for changing state laws to allow sports betting on the FanDuel app. So he knows what he's doing as far as changing state laws. And he's decided that he's going to save American democracy by getting everybody to vote on their phones by 2028, he said that on his podcast. He has also said, that he will do anything unethical—short of committing a crime—to get everyone voting on their phone. So, he's hired lobbyists, he's got public relations people, and he's introducing bills in different states around the country to allow people to vote online: Starting with subsets of military and overseas voters for states that don't already have it, and then to expand it to voters with disabilities, to expand it to First Responders who may be displaced, and then ultimately with the goal of getting everybody to vote online.
One of the most definitive scientific studies that we saw—or I shouldn't call it a study, it was a risk assessment, that came from the Department of Homeland Security CISA, FBI, NIST, and EAC in 2020, which warned States: «You don't probably want to do this, because those ballots will be high risk of compromise, manipulation, deletion, or privacy violations. Any ballots cast online via any method, even with security tools in place.»
So even with this security, all this guidance coming from the federal agencies: Those federal agencies can't go into the States and lobby. They put out their risk assessment, hope the states look at it. Instead, it's left to organizations like our organization. We work with Verified Voting, with Brennan Center, with Public Citizen. These are all groups. We are very deeply committed to ensuring access for all voters. We—my organization—actually takes legal actions to ensure people's access to the ballot. But we also want to protect that ballot and make sure that the election is secure. So that's why we are going in and raising these security concerns in the state legislatures and trying to keep States from introducing more bills to spread online voting.
In the last year and a half, we saw bills introduced in California, Washington, Maryland, Wisconsin, Michigan, Illinois, Georgia, New York, New Jersey, and Washington D.C.
That's one aspect of the push for online voting.
There's another aspect that comes from the vendors. Because this is an industry that is not regulated at all, the systems that are being sold commercially don't undergo any sort of public testing that anyone else can review. The vendors make claims of security or claims about the way the system operates that are unfounded, baseless. Our organization has written letters to Attorneys General, arguing that these could constitute false claims in deceptive marketing and could be actionable and asking for investigations. But there's nothing to counter it, other than us bringing up the other side of it. So the vendors are also lobbying in state legislatures and promising State lawmakers that these systems can be secured.
And that's another aspect of it.
So this is an ongoing problem that we're going to continue to see, because of these two forces pushing online voting at a time when we really need to have auditable systems, transparent systems, secure systems, that we can ensure that all people can have confidence in the results of an election and not expand an system that we know is insecure.
Internet voting has been globally referred to as the «Theranos of voting» and I think that's actually a very apt analogy. I don't know if you're familiar with the story: Theranos is the blood company that was founded that went to a billion dollars; and they were going to take a tiny pinprick of blood and be able to run a complete screen of every task that you could ever possibly need and know your entire health history. And it would be cheap and everyone would be able to do it at CVS or Walgreens.
And it was a great idea, who doesn't want that? But the problem is: The science didn't let you do it! You needed more blood to be able to run certain tests. The blood needed to be centrifuged, and separate out the cells, and reagents put in there. You can't do it all, but the idea is so great, everybody wants to do it!
Yes, it would be really great if we could all vote on our phones, but the science isn't there!
So I'm going to wrap with that and and we're going to go to questions.
Susan Greenhalgh (31:01): David, I was speaking about the importance of auditing elections, especially that everyone should have confidence. We don't want to just trust elections, we want to verify elections. How can you audit an online voting system or can you audit an online voting system?
David Jefferson (31:32): You hand mark the ballot and there is no question that the ballot actually reflects the voter's intent. That hand marked ballot becomes a contemporaneous record of the voter intent. So that if those ballots are later counted by machine—and the software in those machines is full of bugs and is full of malware, and so the counts are wrong as produced by a machine—you can always go back, in fact, you should always go back to the original hand-marked paper ballots and audit the machine results using an RLA (a risk-limiting audit), for example, as was discussed apparently yesterday.
And therefore you can determine that the machine counts were wrong and you can correct the outcome of the election.
Now, with any kind of online voting system, if you are voting from your phone or your personal computer, there is no indelible contemporaneous record of what the voter's actual intent was. There is no record from which to audit the election.
So, it's really not possible to audit an online election and that's just another reason why we shouldn't be doing it.
Susan Greenhalgh (33:16): One of the things we see the vendor say, is that «we produce a voter-verified paper ballot, our system isn't online voting, it isn't internet voting». Oe of the the CEOs of one of the vendors told a radio show that «We don't use the term "internet voting", because it's a loaded term; we say "electronic ballot returns".» So it's a little bit of this smoke and mirrors.
And that they produce a voter verified paper ballot: Well, a lot of times, the digital record is sent to the elections office and then it's printed there. But obviously that paper ballot has never been verified by the voter, because it's the digital record that was sent. But to say, «it's a voter verified paper ballot», is highly misleading at best, so you don't have a voter verified paper ballot to audit the election.
Audience Member (34:16): You folks were talking about the kind of combating requirements of a secret ballot and a technically secure ballot. I vote for Mickey Mouse every year, I don't care who knows that. From a purely technical perspective, if you omit the requirement of secrecy, does online voting become much more viable?
Matt Blaze (34:37): Sure, all sorts of problems get easier, if you reduce the requirements. The requirement for a secret ballot doesn't exist just because a bunch of technologists said it should. The requirement for secret ballot evolved over centuries of U.S law; and centuries of experience with fraud in democracies, based on coercing votes from people.
We could—as a society—decide to eliminate the secret ballot and maybe we decide that we want to. But I think a poor reason to eliminate the secret ballot is simply to accommodate some future voting technology, that finds it an inconvenient requirement.
I think it's very important to understand here: These requirements didn't come from us, these requirements are not requirements that the technologists invented. These are requirements that society has decided are important properties for voting systems. We can discuss whether those requirements are good or not, but that discussion had nothing to do with technology, it's a democracy requirement.
When I hear about internet voting, I find it helpful to substitute in my head «perpetual motion machine». If we had perpetual motion machines, it would be great! It would solve our energy problems.
Everybody agrees perpetual motion machines would be terrific! Unfortunately, a bunch of killjoy physicists tell us that we'll never be able to have them. If you believe the killjoy physicists, it would be a bad idea to create policy on the assumption that we're about to build a perpetual motion machine, because we're really not. And internet voting has many, many of the same properties there.
David Jefferson (36:42): I want to praise the secret ballot requirement: The secrecy of the ballot is the strongest defense by far we have against voter coercion, vote retaliation, and vote buying and selling. Without the secret ballot, our elections could be irredeemably corrupted by those effects.
Audience Member (37:10): I have more of a comment that I'd love to get our moderator's response on here. What really worries me more than anything about online voting is much more lower tech, actually, it's that if it goes large scale it's subject to phishing attacks. You could have very large-scale voter suppression with fake emails coming from secretaries of State, apparently, and you go and you lose your vote and maybe you get your identity theft too. Now, phishing campaigns can be just 19, 20% effective; targeted they can be 70% effective and who's going to get targeted in a voter suppression campaign? The same people who always get targeted: Communities of color! So, I think this whole issue very quickly becomes a racial justice issue, honestly, and that's that's not even getting into the stuff you all have been talking about, that I firmly agree with.
Susan Greenhalgh (38:13): My comment is: I agree. I don't have much more to add that was very well put!
Audience Member (38:21): Just a quick question regarding authentication and biometric data: So can your team speak to the benefits of that? I know that the TSA for example is using biometric data for authentication purposes for international travel; comparing your passport photo to your face while you check in. Obviously, having biometric data stored by the government maybe isn't the best idea; you could do something like hashing or something different like that. But can you speak to the advancements of biometric data and how they pertain to online voting in the future?
Matt Blaze (39:00): There are two unfortunate properties about Biometrics. The first is they are tied to you as an individual; you can't change them if they're compromised. So if something happens to your biometric data and other people learn about what it is, they know it and you're stuck. That means that effectively supervised biometric authentication—you go into the kiosk, there's a guard, you put your fingerprint on a reader—might be okay, because they know that you're not bringing some equipment in, to fake what the fingerprint is. But unsupervised biometric authentication—I'm using my phone, it reads my biometric, and sends that data somewhere—is something that's always going to be subject to compromise. So Biometrics solve some problems for in-person authentication that work very poorly in the online context.
Audience Member (40:12): I think another issue that isn't really considered, is the fact that, for instance, if Bea is going to vote with her cell phone and she's asleep, I can just pick up her cell phone, unlock it with her face and vote on it. Or Bob over there wants me to vote for Pinkie Pie, so he gives me a thousand dollars to go vote for Pinkie Pie. We still have that problem in our regular elections and those are small little votes. But there's no privacy.
If you have a partner that's very controlling and they're trying to force you to vote for somebody: When you walk into that voting booth by yourself and you close that curtain, you can vote for whoever you want. You lose that a hundred percent when you do online voting and vote by phone or any of this. Great for American Idol, not great for elections.
Audience Member (41:19): I have a general question about remote voting which is not electronical, such as postal voting, which is used in many countries to support for example disabled voters or voters who are otherwise unable to go to the polling station. And postal voting has many risks of the kind that you mentioned, such as the risk of coercion or the risk of not knowing that the ballot that arrived was actually marked by a legitimate voter. So given all this, what kind of secure enough options would you recommend for remote voting?
Matt Blaze (41:50): It's important not to confuse online voting with the general problem of remote voting. Remote voting exists everywhere in the United States at least as a special case for absentee ballots: People who can't travel and so on. It's generally done on paper and by mail.
That has some of the same problems as online voting, but not all of them. It leaves us with the one-on-one coercion problem, that if you're sent a paper ballot, it is possible you could be coerced by a partner or an employer to vote in a particular way. But that has to be done on a retail level, ballot by ballot.
In an online voting system, that same type of compromise can be done centrally: A piece of malware, that's spread by a phishing or any of the other ways that malware spreads, can be used to wholesale compromise many, many different ballots.
So, my suggestion is that to accommodate voters who can't travel, we stick to the paper-by-mail method and not introduce methods that also add the wholesale fraud and wholesale abuse vector. But even by mail, voting does compromise some of the properties of the secret ballot; and we have to be very careful when we scale that up.
Susan Greenhalgh (43:37): I'll just add that there have been solutions that have been implemented: When the Military and Overseas Voter Empowerment Act was passed, it required that all Counties or States send ballots to Military and overseas voters 45days before the election. It also stipulated, that they had to make the option available to send the blank ballot electronically. Blank ballots can be sent with reasonable acceptable security electronically, because they don't have the vote, they don't have the secret valued piece of data, on them; everybody knows what's going to be on the blank ballot. So, you get your blank ballot in 45days and then still have 45days. The military have access to expedited free postal mail return that is provided to everyone in the military.
I mentioned there's 32states that currently allow electronic ballot return, 18 that do not. There are several states that don't allow electronic ballot return, that have higher rates of participation for military and overseas voters, because they have robust communications in place: They're making sure that they get the information to those voters. So, I don't think that we can make a correlation that electronic ballot return is going to increase participation for those voters based on that information.
Audience Member (45:03): Military ballots and voting is always kind of interesting on all the campaigns I've worked on. Generally, each county is autonomous and how they vote in it. You're talking about military and state. I'm really a novice, I really don't know what I'm doing on this one. So, you're saying the states have better things in place. So, how does that work with the counties being autonomous and how they do their voting?
Susan Greenhalgh (45:45): It actually depends State-by-State, because some States run their UOCAVA outreach to those voters or military and overseas. The outreach of those people at the state level and some places do it at the county level; meaning that the county officials have to email the ballot or send the ballot to the people; or some places, they do it from the state level. So it really depends on the state: You have to go State by State.
Audience Member (46:20): I think it's important for people to be careful not to generalize your personal experience of voting and think that's how it is throughout the United States. It's easy to make blanket statements that don't apply. So, for instance, with respect to voting by mail: If you live in the state of Georgia, the only way to be able to do a hand-marked paper ballot is, if you vote by mail. The only way to have ballot secrecy is, if you vote by mail. Because, if we go into a precinct, we have ballot marking devices that are huge. They're upright, they're lit up, and anyone can see how you're voting. So if you want ballot secrecy and hand-mark paper ballots in the state of Georgia, you have to be able to vote by mail. And the other thing to be aware of in the state of Georgia, is that the Secretary of State controls all counties. So, we're required to do everything the same way throughout the entire State; it's not county-by-county decisions. So I just want to caution people: Don't generalize based on your own experience, because across the United States there are very different circumstances.
The transcript ends here, but some relevant information follows, for those wishing to dig deeper.
Homomorphic Encryption and Blockchain are mentioned here (and elsewhere), as potential solutions to Internet voting aka eVoting. If you want to understand these technologies, here are some pointers:
Computers are very good at counting. But usually only within narrow limits. Here is an insight into where these limits come from and what goes wrong when they are exceeded.
The original German 🇩🇪 version of this article is here: Zählen wie ein Computer.
Most of us have been counting for so many years that we can't even remember when we counted for the first time. Initially, most of us probably used our fingers. At first we stopped at 10, but at some point we realized the trick with the tens transition. We later extended it to the hundreds and thousands transition.
So this video should come as a surprise to very few people. Nor that the odometer on the left and the speedometer-style "counting clock" on the right show the same counting processes.
However, it might be a little more unexpected if we count beyond 999 on our three-digit odometer. Because we are missing the fourth digit for the thousands, this is cut off and we end up back at 000; we are missing the option of adding thousands. (Perhaps some people still remember the days when cars had five-digit odometers and you had a "brand new" car again after having driven for 100,000kilometers…)
The counter clock has the same problem. So you actually already know all the problems from the decimal system; there is nothing new.
But now let's switch to the binary system, to computers. In the decimal system, the value of the last digit is counted once, the second digit is multiplied by ten, the third digit has an importance of ten times ten, i.e. a hundred. And at each position we have a choice of ten digits, 0 to 9.
| Digit | Fourth last | Third last | Second last | Last position |
|---|---|---|---|---|
| Decimal system | 10*10*10 = 1000 = 10³ | 10*10 = 100 = 10² | 10 = 10¹ | 1 = 10⁰ |
| Binary system | 2*2*2 = 8 = 2³ | 2*2 = 4 = 2² | 2 = 2¹ | 1 = 2⁰ |
We count in a very similar way in the binary system: the value of the last digit is multiplied by one, the second digit by two, the third digit by two twice, i.e. four times. Two digits, 0 and 1 (or in other words: power off or on), are sufficient for each position.
| Binary system | Calculated | Decimal system |
|---|---|---|
| 000 | 0*4 + 0*2 + 0*1 | 0 |
| 001 | 0*4 + 0*2 + 1*1 | 1 |
| 010 | 0*4 + 1*2 + 0*1 | 2 |
| 011 | 0*4 + 1*2 + 1*1 | 3 |
| 100 | 1*4 + 0*2 + 0*1 | 4 |
| 101 | 1*4 + 0*2 + 1*1 | 5 |
| 110 | 1*4 + 1*2 + 0*1 | 6 |
| 111 | 1*4 + 1*2 + 1*1 | 7 |
As in the decimal system, the same applies here: To increment a position which is already at the maximum digit, this position wraps back to zero and a carry is applied to the next higher position. In the decimal system, this is the case when changing from 9→0, in the binary system as early as 1→0. The second digit is therefore already incremented every second step.
Here, too, we have a discontinuity when we "count up" from (binary) "111" to "000". With a finite number of bits for the representation of a number, this can never be avoided; adding more digits only delays this overflow.
In many everyday situations, the positive numbers (and the zero) are enough. If we didn't need more, we could finish here.
Sometimes, however, it is quite practical to be able to calculate with negative numbers. For example, on the Celsius thermometer in winter. Or to be able to calculate consistently with "meters above sea level", even near the Dead Sea. Or simply to be able to display differences, for example in the case of inflows and outflows, in a uniform way.
For binary numbers, as we have seen above, two's complement has become the de-facto standard (at least for whole numbers): The ingenious thing about this representation is that we don't have to change anything in our calculation processes: Counting, adding or subtracting take place in the computer in exactly the same way as if all numbers were positive. We simply think of all numbers whose most significant bit is 1 as negative. Computation itself is unchanged; we only need a little additional brain power for input and output.
(At least if we ignore multiplication, division, size comparisons, or the test as to whether an overflow has occurred during an arithmetic operation. And floating point numbers, i.e. numbers with decimal places).
Another advantage of the two's complement: we still only have one discontinuity, with three-digit numbers between "011" (+3) and "100" (-4). However, when counting from -4 to +3, no special handling is needed.
We accept the small inconvenience that there are more numbers below zero than above zero because two's complement offers us so many other advantages in a simple, clear representation.
(For the mathematically inclined readers: The positional value of the leftmost (=most significant) digit in our 3-bit example is +4 for unsigned numbers, as we first got to know them, so a one in this position increases the value of the total number by 4. For signed numbers, i.e. if we also want to represent negative numbers, the value is -4; a one in this position decreases the number's value by 4. Simply ingenious, isn't it?)
| Bits for the number | Possibilities | Number range without sign | Number range with sign | Significance of the most significant digit |
|---|---|---|---|---|
| 3 | 2³ = 8 | 0 ... 7 | -4 ... +3 | ±4 |
| 4 | 2⁴ = 16 | 0 ... 15 | -8 ... +7 | ±8 |
| 8 | 2⁸ = 256 | 0 ... 255 | -128 ... +127 | ±128 |
| 16 | 2¹⁶ = 65'536 | 0 ... 65'535 | -32'768 ... +32'768 | ±32'768 |
| 32 | 2³² = 4'294'967'296 | 0 ... 4'294'967'295 | -2'147'483'648 ... +2'147'483'647 | ±2'147'483'648 |
| 64 | 2⁶⁴ ≈ 16 trillion | 0 ... 16 trillion (approx.) | -8 trillion ... +8 trillion (approx.) | ±8 trillion (approx.) |
We've probably all filled out those forms where a separate box had been set aside for each letter or number. Some will certainly have had the problem that the number of boxes for some number or text were not enough (or at least imagined what would happen if that ever were the case).
Our computers are also modeled on these box forms, in the truest sense of the word. And they have also inherited the same limits: in many databases and web forms, text fields have a maximum length, as do - see above - numbers, usually with predefined upper and lower limits.
And once many computers (or many parts of a larger program) have agreed on such a form (in computer science then a data format, API or protocol), it is very difficult to extend these limits later.
With numbers, there is the additional surprise that when counting up very large numbers, the values can suddenly become very large negative numbers.
Unfortunately, these limits play a key role in many IT security problems, as well as other problems such as the one I will be talking about in a follow-up article.
But the main impact will be explained in a follow-up article.
27.1.2024 17:50Counting like a computer«SMTP Smuggling» is a vulnerability that allows to circumvent some mail checks at the receiver and therefore will allow additional spam and/or phishing messages through. Here is the list of what we currently know.
Interested in the full story? I have written a German 🇩🇪 article on SMTP Smuggling and SECConsult's selective (and untimely) disclosure.
The SEC Consult article contains information about the software they tested. However, the information is largely unstructured. Here is an attempt at structuring the information.
A link is provided when information not in the SEC Consult article is referenced. For all the question marks, I actively tried to find information on their web page (typically, the "blog" page, if any) and/or using a web search for their site («site:example.com "SMTP Smuggling"»). The question mark indicates that this process did not reveal any additional information.
The list is sortable, BTW.
In the night of December 22nd to 23rd (European time), Tim Weber started a discussion on the Postfix-Users maling list, with quick and active participation by Wietse Venema (author of the Postfix mail transport software), Vijay S Sarvepalli (from CERT/CC) and others. Here my attempt at a structured summary:
A possible interpretation of this discussion might be that SECConsult became aware of the full impact of the vulnerability only later (maybe as part of the preparations for the talk on 2023-12-27?). Even though, informing vendors, providers, and CERT/CC with more information (possibly a draft of the blog post) at short notice would have been significantly better than what we have no, namely no notice.
Wietse Venema proposes that, «now that the attack is public, I do encourage reaching out to the rest of the world» and making everyone aware as quickly and prominently as possible. Also, the CERT/CC hopes, it will be able to further improve its workflows with multi-vendor vulnerabilities and Open Source projects.
26.12.2023 12:15SMTP Smuggling StatusThis is the time to catch up on what you missed during the year. For some, it is meeting the family. For others, doing snowsports. For even others, it is cuddling up and reading. This is an article for the latter.
I looked at my access logs and started collecting a best-of list, sorted by number of page views. I hope some of them pique your interest. Enjoy!
There is also a 🇩🇪 German post summarizing the top-ten of my German articles. It is vastly different. Have a look here.
A description how hard it is to eliminate results from AI #ChatBot responses and what this means to our rights.
Docker (and, by extension, Kubernetes) images are a versatile, high-level way of providing service and application abstraction. To some extent, it is platform-independent. However, it is not automatically processor-independent. Creating multi-architecture docker images is easier than what you think; using them is trivial (i.e., automatic).
Here my experiences for adding that to a few projects:
NTP (Network Time Protocol) is probably how your computer or mobile device knows about the current time, often accurate to only a few milliseconds.
Keeping accurate time is of essence to many applications, including whether a security certificate has expired.
NTS is to NTP what HTTPS is to HTTP: It provides authenticity of the source and prevents modification in-transit. And easy to upgrade.
Ever wondered whether your business needs a blockchain? This simple chart guides you through that process.
Originally by Rene Jan Veldwijk on 🐦; published with permission.
Can you prevent your content from being used by #AI companies? Not really. But here are some attempts to get you at least part of the way there. And what we should be doing to have the choice.
I absolutely have now clue why this article is in the 2023 top-5 of my most read English-language articles. (And I kind of forgot why I even did the research behind it in the first place.)
But hey, feel free to look how often and how much the interval deviates (and deviated) from its 10 minutes interval target.
Most people, when they want #Blockchain, they are only interested in what #Git version control and #Timestamping actually deliver. Often, they do not even want immutability, but just transparency about the changes.
(And with that, you already know most of the article's content. But feel free if you want to know more in-depth.)
Wow, we've already reached the top-3! This article is why I had to activate real caching for my poor box; Wordpress wasn't able to handle the 40k accesses within a few hours. 😊
#Web3 is about decentralization. We already had that some 20 years ago, it was called peer-to-peer networking. It worked reasonably well. #Web3 essentially adds even more complexity and thus desperately needs a way to finance that complexity.
Number two is an old-timer, but still going strong.
The first article in the NTS series, it introduces the need for a secure time mechanism. And why it is important that Internet time also make the (easy!) move from NTP to NTS. It is almost as painless as moving from #HTTP to #HTTPS today, thanks to Let's Encrypt and the ACME protocol (Automated Certificate Management Environment).
Aaaand the winner iiiiis:
A relatively easy-to-grasp explanation how ChatGPT works, yet still accurate on a high level. Starting with an explanation of ChatGPT's little cousin, NanoGPT, and then describing the differences.
Essentially it is a dual translation of Andrej Karpathy's NanoGPT video: Format from video to text; target audience from programmer to general public.
Enjoy!
In my opinion, all of the articles above are worthwhile their time, with the exception of the Bitcoin Block Timing article. But some of the articles I would into my personal top-ten list are missing:
What is your favorite article? Tell it in the comments or on social media (preferable the Fediverse, where I'm reachable at https://waldvogel.family/@marcel).
23.12.2023 15:53The year in reviewNavigating the slides works perfectly with the Kensington PowerPointer for LibreOffice under Linux, no questions asked. The extra functions ("laserpointing", drawing, and screen blanking) are not well supported. Here is how to fix them.
One of the supposed advantages of the Kensington PowerPointer over other devices such as the Logitech Presenter: No additional software is required. However, not all functions work out of the box, because they have to run through hoops to provide a zero-config experience for the majority of the users.
I invite you to follow my journey down into the Kensington (and Linux keyboard mapping; and, apparently, PowerPoint control compatibility) abyss.
On PowerPoint, obviously everything works as expected. (No wonder, as the device was custom-made for Microsoft Office.)
| Mode | Button | Duration | Function |
|---|---|---|---|
| ⎚🚩 All | ➡️ Forward | Any · — | ⏩ Forward (autorepeat) |
| ⎚🚩 All | ⬅️ Back | Any · — | ⏪ Backward (autorepeat) |
| ⎚🚩 All | 🔦 Laser | Long — | 🚨 On-screen "laser" |
| ⎚ Blanking | 👤 User | Short · | ⬛ Black/contents (alternating) |
| ⎚ Blanking | 👤 User | Long — | ⬜ White/contents (alternating) |
| 🚩 Marking | 👤 User | Short · | ⭕ Draw a circle |
| 🚩 Marking | 👤 User | Long — | 📏 Draw a horizontal line |
| ⎚🚩 All | 🔦 Laser | Short · | 🗑️ Clear all marks |
As LibreOffice (and Linux) users, we are used that add-ons do not normally provide the full functionality (and sometimes the "full functionality" is beyond what any sane person would ever use…). So, I was pretty happy when Forward/Backward worked as announced; but the other functions didn't work.
| Mode | Button | Duration | Function |
|---|---|---|---|
| ⎚🚩 All | ➡️ Forward | Any · — | ⏩ Forward (autorepeat) |
| ⎚🚩 All | ⬅️ Back | Any · — | ⏪ Backward (autorepeat) |
Of course, LibreOffice as of 7.4.7.2, doesn't support the "virtual laser mode". But everything else should be possible…
As an investigative mind, I wondered why this could go wrong. With evtest, I was able to learn what sequences of HID events (keystrokes, mouse buttons) the device was sending.
| Function | Button Sequence |
|---|---|
| ⏩ Forward | Down |
| ⏪ Backward | Up |
| 🚨 "Fake laser" | Ctrl+LeftButton |
| ⬛ Black/contents | Ctrl-H B and A Ctrl-U (alternating) |
| ⬜ White/contents | Ctrl-H W and A Ctrl-U (alternating) |
| ⭕ Draw circle | Ctrl-H [simulated move from center to top of circle] [simulated circular motion] Ctrl-P LeftClick LeftButtonDown [simulated circular motion] LeftButtonUp Ctrl-U [simulated move from top of circle to center] |
| 📏 Draw horizontal line | Ctrl-P LeftButtonDown [horizontal component of user motion while the user is holding down the 👤 button] LeftButtonUp Ctrl-U |
| 🗑️ Clear all marks | E+L+C (together!) |
Some of this strikes me as strange:
Blanking: To blank LibreOffice with black or white, a single B or W keypress is sufficient. Any key (including repeating B or W) will unblank the screen. However, the PowerPointer sends two alternating sequences of two keypresses each; presumably to handle various incompatible pieces of presentation software.
Clear all marks seems to send multiple keystrokes for the same purpose. However, I was astonished to see that the keys are not pressed one after the other, as in the Blanking case above, but as three-key combo! (It seems to work.)
Drawing a circle is the strangest case. The mouse pointer is moved in a circular motion twice, the first time apparently without impact. Before the circle is actually painted (Ctrl-P, MouseDown, moving, MouseUp, Ctrl-U), an additional click of the left button is sent (highlighted in yellow above)! In LibreOffice, this advances to the next slide. As you will see below, this was a tough one to solve.
It looked like an unsolvable case: I would be stuck with just advancing the slides.
What does LibreOffice provide?
| Function | Keys and buttons |
|---|---|
| ⏩ Forward | Down |
| ⏪ Backward | Up |
| 🚨 "Fake laser" | Not available |
| ⬛ Black/contents | B (on); anything (off) |
| ⬜ White/contents | W (on); anything (off) |
| ⭕ Draw circle | P (toggle drawing mode); LeftButton (or MiddleButton(!)) to draw; optionally toggling drawing mode again |
| 📏 Draw horizontal line | P (toggle drawing mode); LeftButton (or MiddleButton(!)) to draw; optionally toggling drawing mode again |
| 🗑️ Clear all marks | E |
Blanking the screen works kind of out of the box, mostly. Drawing a horizontal line also, kind of.
Note, that in LibreOffice, using the left mouse button for drawing will start drawing a new line. However, using the middle mouse button, it will set a flag that the next line will be a continuation of the current line (this is kind of like preventing the next moveto drawing command, so it will continue with lineto; i.e., everything will be a single line, even if you release the mouse button in between).
| Function | Events sent | Events expected |
|---|---|---|
| ⏩ Forward | Down | Down |
| ⏪ Backward | Up | Up |
| 🚨 "Fake laser" | Ctrl+LeftButton | — |
| ⬛Black/ | Ctrl-H B and A Ctrl-U (alternating) | B; anything |
| ⬜White/ | Ctrl-H W and A Ctrl-U (alternating) | W; anything |
| ⭕ Draw circle | Ctrl-H, Ctrl-P, LeftButton, Ctrl-U | P, LeftButton or MiddleButton; no LeftClick! |
| 📏 Draw horizontal line | Ctrl-P, LeftButton, Ctrl-U | P, LeftButton or MiddleButton |
| 🗑️ Clear all marks | E+L+C (together!) | E |
Based on the above table, I came up with the following key/button mapping:
| Key/button received | Key/button forwarded |
|---|---|
| Down, Up, A, B, P, W | as is |
| Ctrl | not needed → ignore |
| C, L, H | not needed/wanted → ignore |
| U | P |
| LeftButton | MiddleButton |
| Key | Keycode |
|---|---|
| Ctrl | KEYBOARD_KEY_700e0 |
| A | KEYBOARD_KEY_70004 |
| B | KEYBOARD_KEY_70005 |
| C | KEYBOARD_KEY_70006 |
| E | KEYBOARD_KEY_70008 |
| H | KEYBOARD_KEY_7000b |
| L | KEYBOARD_KEY_7000f |
| P | KEYBOARD_KEY_70013 |
| U | KEYBOARD_KEY_70018 |
| Up | KEYBOARD_KEY_70051 |
| Down | KEYBOARD_KEY_70052 |
| LeftMouse | KEYBOARD_KEY_90001 (yes, "keyboard"!) |
To activate this, put the following file in /etc/udev/hwdb.d/50-Kensington-PowerPointer.hwdb and then run systemd-hwdb update && udevadm trigger (or udevadm hwdb --update && udevadm trigger for non-systemd setups):
evdev:input:b0003v1EA7p0002*
KEYBOARD_KEY_700e0=reserved # Ctrl -> None
KEYBOARD_KEY_70004=p # A -> P
KEYBOARD_KEY_70006=reserved # C -> None
KEYBOARD_KEY_7000b=reserved # H -> None
KEYBOARD_KEY_7000f=reserved # L -> None
KEYBOARD_KEY_70018=p # U -> None
KEYBOARD_KEY_90001=btn_middle # Left -> MiddleNote:
reserved, unknown would also work (will work differently internally)P. (Otherwise, all lines would be joined together. Also, we need to activate P (painting) mode anyway somewhere.) So we need to map U to P, so we have the "closing P".P as well, which we do not want. So we need to map A to P as well, to cancel the P created from the (original) Ctrl-U in the unblanking sequence.P key above (from the original A and U).WARNING: When running Projecteur, all events from PowerPointer are eaten by Projecteur. I was unable to forward even the forward/backward events to any application, including LibreOffice. So do not use this for now.
[Section added later the same day] Projecteur already supports the Kensington PowerPointer, somehow:
apt install projecteur/lib/udev/rules.d/55-projecteur.rules) to contain the following line (next to other similar lines; it must be written as a single line):SUBSYSTEMS=="usb", ATTRS{idVendor}=="1ea7", ATTRS{idProduct}=="0002", MODE="0660", TAG+="uaccess"sudo udevadm control --reload-rules && sudo udevadm triggerprojecteur -D 1EA7:0002 (on Wayland, prefix this command with QT_QPA_PLATFORM=xcb for better overlay handling).I am working to get support for the Kensington PowerPointer into the next release of Projecteur, so that installing (the first bullet point above) is all you need.
udev, evtest and the handling of (HID) input events under Linux!The teaser image was drawn with DALL·E from within Bing Chat using the (German) prompt
Erstelle mir eine Grafik, die eine Beamerpräsentation im Wald zeigt. Die Präsentatorin nutzt einen Laserpointer
("Create a graphic for me, showing a beamer (aka projector) presentation in a forest. The presenter uses a laser pointer.")
It does not exactly follow the prompt (no laser pointer) and the beamer is slightly, ah, pointing in the wrong direction. (And this is the best image from three sets of four, with different prompts.)
But more interesting is the fact, that Bing Chat (ChatGPT) insisted all three times that it was pretty sure I did not want to create a drawing, but that I would like shopping recommendations. (And it warns at the beginning and at the end of the text that powerful laser pointers are forbidden in Switzerland.)
(Earlier this week, Bing Chat answered to my requests for images with its version of "Sorry, I can't do that, Dave", followed by generating it anyway. In some of the "sorry!" responses, an apparently enslaved or imprisoned part of Bing Chat "personality" tried to sneak an image into the output anyway, through a base64-encoded image in a data URI… Brave new AI world!)
As an avid reader, you know my arguments that neither NFT nor smart contracts live up to their promises, and that the blockchain underneath is also more fragile and has a worse cost-benefit ratio than most believe. Similarly, I also claim the same for the metaverses built on top of them all. And that the promised efficiencies from blockchains often benefit criminals. Nothing new so far.
But did you know that NFTs are not ethical? That's exactly the result of a study I've finally been reading and whose results I am going to share here.
This text also appeared in German 🇩🇪 : «NFT sind nicht ethisch» (long) and «18Gründe, wieso NFT unethisch sind» (short)
Catherine Flick, a then Reader in Computing & Social Responsibility at De Montfort University, published "A Critical Professional Ethical Analysis of Non-Fungible Tokens (NFTs)" last December. In it, she takes on the code of ethics of the oldest scientific society in computer science, the ACM. On the basis of this code, she systematically analyzes the properties of NFTs.
Her approach shows her analytical background. She starts with a main question, which she divides into two sub-questions:
From the Codes of Ethics related to computer science professionals, she chooses the one from the Association for Computing Machinery (ACM) mentioned above because it
Besides these perfectly valid objective arguments, I presume that she also chose the ACM Code of Ethics because she knows it like the back of her hand, having been on the committee drafting it.
The Code is divided into 25 thesis, grouped into 4 chapters. The Code's theses are formulated as a call to take responsibility, which should be read as a continuation of a sentence such as "A computing professional should…". Each of the theses are then followed by an explanation.
The well-founded analysis of the principles takes up 6 pages in Flick's NFT ethics article. Here, therefore, only a few important points in brief. For the complete list, justifications, backgrounds and analysis, please directly refer to the paper.
The summary below is structured as follows for each thesis:
Note: The evaluation of a technology as a whole may differ from the evaluation of an individual product created in this technology space. Thus, individual NFT projects may well perform better or worse in individual areas than this overall evaluation yields. This necessary generalization nevertheless provides an important start for a more detailed and concrete discussion.
Thesis 1.1: [A computing professional should] contribute to society and to human well-being, acknowledging that all people are stakeholders in computing.
NFTs do not really contribute to the welfare of society, as they bring unfairness by means of fraud, "rug pulls" or "the last one bites the dog".
Thesis 1.2: …avoid harm.
Through promises that are not kept (and cannot be kept), NFTs even actively harm poor or vulnerable people who, according to the Code, should be given very special protection. The damage can be both financial and psychological.
Thesis 1.3: …be honest and trustworthy.
The promises of NFTs are unrealistic or impossible to fulfill, going beyond what is technically or socially realistic and feasible. Therefore, computer professionals implementing NFTs violate the Code's requirement for honesty and trustworthiness.
Conflicts of interest are rampant, transparency is undesirable.
Thesis 1.4: …be fair and take action not to discriminate.
Even if one would like to correct wrong behavior: Fairness cannot be demanded; also goodwill is not intended and often even technically impossible.
Blockchain technology encourages and perpetuates harassment and bullying because the platforms do not (want to) provide protection and these statements can never be deleted.
Thesis 1.5: …respect the work required to develop new ideas, inventions, creative works, and computer artifacts.
The work of artists is often not rewarded, on the contrary: monetization of the work of others is easy and popular (and no, no, no, an NFT does not protect against that!). In fact, anyone can register ("mint") an NFT of any work, independent of whether it is their own work and independent of whether anyone else has already made an NFT out of it.
Thesis 1.6: …respect privacy.
Privacy is not protected because the information is public and stored immovably.
Thesis 1.7: …honor confidentiality.
The same applies to confidentiality; the lack of it can create unfair advantages for a few via insider trading and related activities ("whitelisting").
Thesis 2.1: …strive to achieve high quality in both the processes and products of professional work.
Quality is rarely a goal in either content or program code; "time to market" is the key. This leads to inferior works and - even worse - inferior and faulty code, which often can no longer be patched due to the immutability and is therefore exploited by insiders and outsiders.
Thesis 2.2: …maintain high standards of professional competence, conduct, and ethical practice.
Honesty and transparency in communication are often perverted into the opposite. Often, the true workings of the technology used are obscured behind jargon, buzzwords, and inaccuracies. Comprehensibility is considered counterproductive.
Thesis 2.3: …know and respect respect existing rules pertaining to professional work.
Laws and regulations are frequently ignored, not even laws that ensure fairness.
Thesis 2.5: …give comprehensive and thorough evaluations of computer systems and their impacts, including analysis of possible risks.
Evaluation of the systems and their impact is often lacking, which has led environmental organizations, for example, to use proof-of-work blockchains.
Thesis 2.6: …perform work only in areas of competence.
Competencies are underutilized, for example when producing gaming content. This negatively affects content and reputation, which in turn causes competent game designers to be scared away.
Thesis 2.7: …foster public awareness and understanding of computing, related technologies, and their consequences.
Promoting understanding, as mentioned above, is usually among the anti-goals.
Thesis 2.9: …design and implement systems that are robust and usably secure.
Robust, usable security is also among the items that regularly are neglected or actively violated.
Thesis 3.2: [A computing professional, especially one acting as a leader, should] articulate, encourage acceptance of, and evaluate fulfillment of social responsibilities by members of the organization or group.
Taking responsibility for their actions is not something many NFT project managers want to do.
Thesis 3.6: …use care when modifying or retiring systems.
Plans for dealing with disasters and decommissioning of systems are rare. (Exceptions to this rule are usually designed in the interest of the personal well-being of the founders). If an NFT game is abandoned by the manufacturer, e.g. the decorative or functional in-game-NFTs bought for good money are usable nowhere else and thus become essentially worthless.
As I said, the detailed rationale for this and other points is in Catherine Flick's article.
As mentioned at the beginning, one of the aims of the research was also to show ways out of the current predicament. Here are Flick's seven recommendations (shortened and paraphrased by me).
The first five points are contingent on the lack of any non-NFT technical ways to achieve the required goals. (In particular, this is probably also intended to exclude the use of the buzzword "NFT" for pure marketing purposes without compelling functional advantages).
Catherine Flick has taken an existing, widely used computer science code of ethics and compared it against the NFT hype. Most NFT projects violate this code in quite a few ways; some problems are even more fundamental. But she also offers a helping hand in reducing the avoidable problems.
I fear, however, that NFT platforms will generally ignore her recommendations. This is because the added value for NFTs comes from the (technically unjustified) marketing hype and the possibility of exploitation through information and other asymmetries.
So, to be on the safe side, if you want to commit to ethical actions, stay away from NFTs, as well as many other blockchain-based "solutions."
The global "Extinction Rebellion" environmental movement announced in June 2022 an NFT sponsoring activity. The Announcement on web page and social media was quickly withdrawn, cancelling the NFT activity due to backlash by environmentalists against the wasteful blockchain technology.
More posts in the blockchain ecosystem here, with the latest here:
Bureaucracy and inefficiency are frowned upon, often rightly so. But they also have their good sides: Properly applied, they ensure reliability and legal certainty.
Blockchain disciples want to "improve" bureaucracy-ridden processes, but achieve the opposite. Two examples:
This text also appeared in German 🇩🇪 : «Ineffizienz ist gut (manchmal)»
Buying a home is difficult, lengthy and riddled with fees. Here, probably a much oversimplified process:
No wonder many want to simplify this process.
How easy it would be if everything could all work at the click of a mouse! All properties would be stored as NFTs on the blockchain (as in the Metaverse) and would be traded by means of smart contracts.
Most of these bureaucratic and expensive processes would be eliminated, a lot of time and money would be saved, and the state could be made much leaner. We would all be happier and wallow in prosperity.
Anyone only just cursorily involved in IT security will know:
These are the main reasons why criminal scams like phishing, Trojans, advance fee scams, ransomware, etc. are so lucrative. In the blockchain world, there are additional risks for users and plenty fresh "opportunities" for the bad guys.
Potential new risks:
In the worst case, in this efficient "brave new blockchain world", you are rid of your home with a single wrong click. And the next day, the police come and arrest your entire family as squatters. The efficiency gain with which fraud can be conducted will exceed the efficiency gain for normal transactions.
(The list could also include a program error, a typo, an error, or a myriad of other possibilities).
There definitely are advantages to having to appear in person, to be made aware once again of what is actually happening plus the action's consequences, and perhaps to have someone at your side to warn you if something goes awry. In the end, all parties can be certain that everyone else was aware of the implications of the transaction. This is a very important basis for the trust that a functioning society needs.
Another frequently heard argument from blockchain advocates: "Yes, it works without blockchain because we are privileged here and corruption is not too rampant. But now imagine being in a country where the rule of law is lacking. Banking the unbanked!"
Agreed, in certain countries it may well be possible to use incentives or threats to "persuade" the head of the land registry to briefly and unobtrusively change the owner of a property. And the victim might have to fight an uphill battle to get the misconduct reverted.
If we have an orphaned blockchain, transactions might be faked as well. We already have thousands and thousands of orphaned cryptocurrencies and countless blockchain projects that have fallen asleep, defunct or abandoned the blockchain. Which Blockchain will still be maintained and reliable in a few decades is definitely written in the stars; because it needs many players with different interests. (And the land register should continue to work reliably for quite a few decades after all).
And add to that the technical shortcomings and false promises of blockchain, NFT, and smart contract already mentioned above.
Let's assume that in a corrupt country, I switch from the corrupt official land registry to a blockchain-based land registry. But how can I show (a) that I was really the owner before? (b) that the transfer to the blockchain is correct? (c) that nobody will continue to use the old system? But most importantly, what do I do in a country without a stable legal system if (d) someone throws me out of my house by force?
Here, too, we see that the blockchain does not solve any problem. Unlike before, it at least does not automatically create countless new problems at the same time.
For purely digital assets, blockchain-based accounting alone may be relevant. But as soon as real assets and real people are affected, trust and a stable legal system are essential. Even the blockchain does not change that.
So let's make sure that a trustworthy and broadly supported legal system exists in as many areas of the world as possible. Without that, nothing works, neither with nor without Blockchain. And if we have that trustworthy system, then the blockchain will be unnecessary.
More posts in the blockchain ecosystem here, with the latest here:
If you wanted your web page excluded from being crawled or indexed by search engines and other robots, robots.txt was your tool of choice, with some additional stuff like <meta name="robots" value="noindex" /> or <a href="…" rel="nofollow"> sprinkled in.
It is getting more complicated with AI crawlers. Let's have a look.
robots.txt was to prevent web crawlers from hogging the bandwidth and compute power of a web site. Especially if the site contained dynamically generated context, possibly infinite.<meta> and <a rel> tags came in handy as well.The original controls focused on services which would re-inspect the robots.txt file and the web page on a regular basis and update it accordingly.
Therefore, it didn't work well for archive sites: Should they delete old contents on policy changes or keep them archived? This is even more true for AI training material, as deleting training material from existing models is very costly.
Even in the pre-AI age, some sites desired a means to prevent commercial services from monetizing their content. However, both the number of such services and their opponents were small.
With the advent of AI scraping, the problem became more prominent, resulting e.g. in changes in the EU copyright law, allowing web site owners to specify whether they want their site crawled for text and data mining.
As a result, the the Text and Data Mining Reservation Protocol Community Group of the World Wide Web Consortium proposed a protocol to allow fine-grained indication of which content on a web site was free to crawl and which parts would require (financial or other) agreements. The proposal includes options for a global policy document or returning headers (or <meta> tags) with each response.
Also, Google started their competing initiative to augment robots.txt a few days ago.
None of these new features are implemented yet, neither in a web servers or CMS, nor by crawlers. So we need workarounds.
[Added 2023-08-31] Another upcoming "standard" is ai.txt, modeled after robots.txt. It distinguishes among media types and tries to fulfill the EU TDM directive. In a web search today, I did not find crawler support for it, either.
[Added 2023-10-06] Yet another hopeful "standard" is the "NoAI, NoImageAI" meta-tag proposal. Probably ignored by crawlers as well for now.
Unfortunately, the robots.txt database stopped receiving updates around 2011. So, here is an attempt at keeping a list of robots related to AI crawling.
| Organization | Bot | Notes |
|---|---|---|
| Common Crawl | CCbot | Used for many purposes. |
| OpenAI GPT | Commonly listed as their crawler. However, I could not find any documentation on their site and no instances in my server logs. | |
| GPTBot | The crawler used for further refinement. [Added 2023-08-09] | |
| ChatGPT-User | Used by their plugins. | |
| Google Bard | Google-Extended | No separate crawl for Bard. But normal GoogleBot checks for robots.txt rules listing Google-Extended (currently only documented in English). [Added 2023-09-30] |
| Meta AI | — | No information for LLaMA. |
| Meta | FacebookBot | To "improve language models for our speech recognition technology" (relationship to LlaMa unclear). [Added 2023-09-30] |
| Webz.io | OmgiliBot | Used for several purposes, apparently also selling crawled data to LLM companies. [Added 2023-09-30] |
| Anthropic | anthropic-ai | Seen active in the wild, behavior (and whether it respects robots.txt) unclear [Added 2023-12-31, unconfirmed] |
| Cohere | cohere-ai | Seen active in the wild, behavior (and whether it respects robots.txt) unclear [Added 2023-12-31, unconfirmed] |
Please let me know when additional information becomes available.
An unknown entity calling itself "Bit Flip LLC" (no other identifying information found anywhere), is maintaining an interactive list at DarkVisitors.com. Looks good, but leaves a bad taste. Use at your own judgment. [Added 2024-04-14]
Search engines and social networks support quite a bit of control over what is indexed and how it is used/presented.
robots.txt, HTML tags, and paywalls.For use of AI context, most of this is lacking and "move fast and break things" is still the motto. Giving users fine-grained control over how their content is used would help with the discussions.
Even though the users in the end might decide they actually do want to have (most or all) of their context indexed for AI and other text processing…
robots.txt[Added 2023-09-30] Here is a possible /robots.txt file for your web site, with comments on when to enable:
# Used for many other (non-commercial) purposes as well
User-agent: CCBot
Disallow: /
# For new training only
User-agent: GPTBot
Disallow: /
# Not for training, only for user requests
User-agent: ChatGPT-User
Disallow: /
# Marker for disabling Bard and Vertex AI
User-agent: Google-Extended
Disallow: /
# Speech synthesis only?
User-agent: FacebookBot
Disallow: /
# Multi-purpose, commercial uses; including LLMs
User-agent: Omgilibot
Disallow: /A different, more aggressive approach, is to start «poisoning» the AI models; something currently only supported for images. The basic idea is to use adversary images, that will be misclassified when ingested into the AI training and will therefore try and disrupt the training data and the resulting model.
It works by subtly changing the image, imperceptible to the human. The result is, however, that e.g. a cat is misclassified as a dog, when training. If enough bad training data is ingested into the model, part or all of the wrongly trained features will be used. In our case, asking the AI image generator to produce a dog may result in the generated dog to look more like a cat.
The "Nightshade" tool that is supposed to be released soon, which has this capability, is an extension of the current "Glaze" tool, which only results in image style misclassification.
Judge for yourself whether this disruptive and potentially damaging approach aligns with your ethical values before using it.
[…] Git, PGP, and the Blockchain: A Comparison – Netfuture, Marcel Waldvogel An attempt at technological genealogy. […]
30.3.2023 08:18Comment on Git, PGP, and the Blockchain: A Comparison by Makura no Soshi » Blog Archive » Links 2023-03-30[…] Post-Quantum and Homomorphic Encryption Made Easy (Englisch 🇬🇧), Netfuture, 2023-02-23.Homomorphe Verschlüsselung einfach erklärt. […]
17.3.2023 13:40Comment on Post Quantum and Homomorphic Encryption made easy by Cloud: Technologie für Datenschutz? – Marcel WaldvogelExcellent summary! This post seems like a good place to keep information up-to-date. For example I'll be selecting one of these two servers for my personal XMPP server and was wondering what are the differences. ejabberd claims to support ACME (Let's Encrypt) in future versions ( source: https://blog.process-one.net/ejabberd-17-06/ ) so it'll be a strong point for them.
10.8.2017 12:47Comment on XMPP server hands-on comparison: ejabberd vs. Prosody by rick[…] basieren auf meinem englischen, inzwischen ein halbes Jahr veralteten, technischeren Artikel über DDoS-Schutz und IoT, der auch Aufgaben für Systemadministratoren, Provider und Forscher auflistet. In unserer […]
28.3.2017 13:12Comment on DDoS: What we can do to prevent it by Weg vom Internet der (unsicheren) Dinge – Marcel WaldvogelOur <a href="https://netfuture.ch/publications/?tgid=66">publications on IoT</a> start addressing some of these issues.
16.3.2017 19:54Comment on DDoS: What we can do to prevent it by Marcel Waldvogel[…] DANE (DNS-based Authentication of Named Entities), the mechanism that achieves this by adding TLSA (Transport Layer Security Authentication) records into DNS. But also other entries, such as ssh keys in SSHFP entries, or SPF and DKIM values […]
10.3.2017 20:59Comment on How to create DNSsec DANE TLSA entries by DNSSEC made easy: Converting an existing DNS zone to Inline signing with BIND | Netfuture[…] remains is to register the Zone Signing Key (ZSK, the one you created with -fk above) with your DNS registrar. The information you need is in Kexample.de.+007+62928.key, the file name printed as part of the […]
10.3.2017 20:53Comment on DNSSEC for .ch domains by DNSSEC made easy: Converting an existing DNS zone to Inline signing with BIND | Netfuture[…] an authentic server for a particular domain is expected to present when establishing a connection. DANE (DNS-based Authentication of Named Entities), the mechanism that achieves this by adding TLSA (Transport Layer Security Authentication) records […]
10.3.2017 20:52Comment on DANE: The CA game changer by DNSSEC made easy: Converting an existing DNS zone to Inline signing with BIND | Netfuture