I won't be getting into a discussion of my feelings on Wikileaks or the media circus surrounding them and Julian Assange. What I will put here is some simple but important information which several people have been looking for or wondering about this past week, namely how to get the insurance file and confirm that you got a legitimate copy.

First: getting the file. This is the tricky part because many of the wikileaks mirror sites don't have copies of the file or if they do it's a partial placeholder. Once the file has downloaded it should be 1.4 GiB (1,491,834,576 bytes). You should then confirm that the file is not only complete but untampered with, to help with this Wikileaks has helpfully posted sha1 hashes for almost every file they had made available for download. According to http://mirror.wikileaks.info/wiki/Afghan_War_Diary,_2004-2010/(the one of the only mirrors that had made this page available and confirmed by checking an archived copy of the same page on the original Wikileaks site) the hash for the file insurance.aes256 is cce54d3a8af370213d23fcbfe8cddc8619a0734c. On most Unix-like systems you should be able simply issue the command sha1sum insurance.aes256 in the directory you have stored the file in, users of other OSs will have to find and download a checksum utility.

Second: Once (or rather if) Wikileaks releases the password for the insurance file, they reccomend using 7zip (p7zip (available on sourceforge and many distro repositories) for Unix and Linux, 7-zip from 7-zip.org for Windows, and EZ7z (available from macupdate.com) for Mac OS) to decrypt and open the file.

I have heard a few people speculate about attempting to brute force the password(and I found at least one person running a googledocs listing of passwords people have tried). I have mixed feelings about attempting that though. It seems to me that this file is a bit like the envelope the hero in a conspiracy thriller leaves with a lawyer (or someone else they trust) before they go confront the villain; in that case someone opening it early and spilling the secret might just take away the primary bargaining chip Wikileaks has to stave off their more desperate and less cautious adversaries, revealing the secret might well cause whoever is targeted by the contents of that file might just feel that they have nothing left to loose while anyone who had felt threatened by the unknown contents of the file but aren't actually affected by it would likely feel that they have no barriers to retaliating against Wikileaks.
On the other hand, like many hackers, I don't like not knowing something, especially when someone has claimed that it is something important with significant impact on the world.

And please, don't mention the word "football" for a while.


Confusopolies or Why I cannot find a decent ISP

Before anything else, I wanted to encourage any readers I might have to visit Eric S Raymond's blog. It's located at http://esr.ibiblio.org/ and is both more frequently updated than my blog and (often) better written.

For those of you who don't read Dilbert, a short explanation regarding the title is probably in order, the easiest being this strip from 20101121:


When Scott Adams (the author of Dilbert) originally introduced this phrase he held "telephone service, insurance, mortgage loans, banking, and financial services" as examples of industries that had adopted this structure. I have come to think that the list has grown significantly since 1997 and has spread beyond the realm of products which are rarely purchased but are (at least seemingly) essential and extremely complex compared to more common economic decisions (ie 'which brand of has a better price per ounce?'). If I go grocery shopping I can decide between two competing brands with a fairly simple set of calculations (price/).

If I want to buy a mother board, a cell phone, a router, a laptop, a professional training course or certification, even something as theoretically homogeneous as a TV or monitor though I cannot simply compare based on a single quantitative calculation (what is the largest display area I can get for x dollars) I have to compare a significantly larger number of qualifiers almost none of which have a direct (or even an appearant indirect) relationship to the price of the item. Even more rare in most of the cases that I named above can any sort of direct price comparison be made. Different certifications and training programs don't always cover the same material, not all training programs or certifications hold the same value or reputation for potential recruiters or employers. In the US at least buying a given mobile phone or device doesn't just mean picking out the phone you like, you have to find a phone that has just the right combination of features (which is bewildering enough that product comparison charts now regularly extend to at least 3 printed pages for a 'featurephone') your purchase of a phone in the United States (and sometimes Canada) means you also have to choose which carrier you will be contracted to for the next couple of years and which of their pricing plans you will have (since in most cases any attempt to remove a feature from your service is considered to be an early termination of your contract, and thus subject to a penalty). There is no simple direct comparison of cellular carriers networks, services or pricing plans, all of them offer slightly different products at different prices which cannot be directly compared. I've even begun to suspect gas and motor oil companies are trying to get in on the act.

I would go on but I have begun to loose the overall point of this and I get the feeling that it is degenerating into a rant, so I'm going to end things here before it gets completely out of hand.


Falling behind

It continues to surprise me how much I fall behind on or simply don't get done despite being unemployed. Some of it is perfectly sensible financial decisions like putting off an equipment upgrade or putting off working on a project that requires expensive supplies; other things I can only chalk up to procrastination, laziness and distractions (why didn't I write any of the three planned blog posts I came up with after the last 2600 meeting? Playing Fallout 3 is a remarkable time sink.) Now at least there are a couple of things I rather have to get out.

The first is that somehow an inebriation prompted idea for a Hackers viewing party for those that couldn't afford the charity benefit anniversary party earlier this month, actually has come together. Alpha One Labs has very kindly agreed to host a viewing and hang out event at their facility in north Brooklyn this Saturday (the 16th of October if you are in the future) at a price that I think just about anyone can agree is very wallet friendly: FREE. Donations are suggested and appreciated but not required, this does mean that drinks are BYOB but free doesn't pay for much. Psytech over at A1L has set up registration at http://hackers.eventbrite.com/. Go there and sign up to guarantee a seat (or several), you can choose between completely free registration (good for the cash strapped AND for those who prefer cash donations) or you can donate online as part of the reservation process. I hope to see plenty of NYC 2600 people there and don't forget to tell your friends!

The second item is is probably deserving of a more complete posting of it's own but I have let this go unsaid for too long as it is. Hackers, like the ones who attend NYC's 2600 meetings are some of the best people in the world. from simply being cool people to helping me look for job openings or when money is a bit tight. I just wanted all of you to know that you are some of the greatest people I know.


Save HOtel PEnn

Monday is a meeting of the New York City Council Subcommittee on Zoning and Franchise. In addition to their normal duties of approving permits for sidewalk cafes and cell masts they are hearing Vornado Realty Trust's applications for zoning variances and other special planning exemptions for the building they plan to replace the Hotel Pennsylvania with. This hearing constitutes the last opportunity for 2600 and supporters of the Save Hotel Penn campaign to oppose Vornado's plans to demolish the hotel. Of course, if you follow either of those blogs then you quite likely are already aware of this.

For those who plan to attend I have a few suggestions (having attended a few similar hearings in the past and consulting with several planners and community advocates):
1. Dress like you belong or the role you are playing (for the social engineers this should be simple)
2. Follow the protocol. Speak when you are called, speak respectfully, keep your statements focused on the matters at hand and on the purpose of the committee, don't argue or make a fuss if you run out of time.
3. If for some reason you will attend but can't or don't want to speak you can submit written testimony. Be aware though written-only testimony will be given less weight when the committee makes it deliberations. Every bit helps though.
4. Passion for your issue is good, but don't over do it.

For those of you who won't be in attendance but would like to have their name noted as supporting my statement (or possibly the statements of another attendee supporting Save The Hotel) send an email with your name and boro of residence to me by 0900 Monday the 23rd. [I know, I'm not crazy about the real name thing but this is what they want and I won't be able to put your name down without that information. You can reach me at nite[dot]0wl[dot]2600[at]gmail. All of this information will be kept in the strictest confidence and will be removed and forgotten after the hearing.
No promises but I want to do everything I can to make sure we put on our best showing at the hearing.


Android 2.2 and the Motorola Droid

Because I've noticed quite a few of the NYC 2600 crowd have Droids now I thought I would write up a short piece on the changes you can expect with the new Android 2.2 update rolling out this week.

First: If you have rooted your phone or loaded a custom ROM, there will be some difficulty with the upgrade, depending on what you have done. Custom ROMs and bootloaders will outright block the installation of the official 2.2 update, if you had simply rooted the stock Android builds (as I had) any changes to files in the /system folder (and possibly other areas outside the /sdcard directory will usually cause the installation to fail (in my case replacing the original sh with a symlink to a 3rd party copy of bash caused validation failures during installation until I restored the original copy of sh to it's original place and name).
If you want to get root access back after the update Easy Root (from unstableapps.com) is the easiest way, although it will cost you a couple of dollars but works just fine and currently is the only means of gaining root on the stock 2.2 build that I am aware of. Not crazy about having to rely on a pay app that uses an obfuscated exploit to gain root written by a developer who won't share his method with the rest of the community but it seems to be the only game in town right now and I wanted BusyBox back.

The big changes. You loose the old style App Drawer but exchange it for dedicated soft buttons for phone, browser and an app listing (similar to the app drawer) and two additional home screens (total of 5 now). Delving into the settings menu you now have additional options for your lock screen (the old pattern lock, numeric pin and alphanumeric password are available); Wireless Settings now contains some new options including USB Tethering (more on that later) but lacks the hotspot capabilities of some newer handsets. I have yet to test it thoroughly but there still doesn't seem to be a fix for the WPA/WPA2 AES problem which is a disappointment as you will still be restricted to APs/networks running with TKIP Only encryption.

USB tethering won't be of much use to most of the people I expect will see this as it requires a special additional data package from Verizon to enable it, without it you just end up staring at a page listing pricing options for the tethering plan. Also it won't do you much good on Windows as currently there is no client software to enable the 3G connection (Ubuntu seems to detect it just. I find Azilink still works just fine and PDAnet and Proxoid should still work (assuming you had gotten them working properly in the first place).

Overall the change to Froyo is positive, it brings some useful features like the new locking options and software buttons for the phone functions on the home screens, but does do away with a few features you may have liked.


Polls and ISPs

First off, I thought people might be interested in a chance to vote on Linux Journal's 2010 Reader's Choice awards. They have categories covering hardware vendors, cellphones and gadgets, IDEs and CMS, distros and all manner of other selections where you can pick your favorite products, services and projects in the OSS/Linux world. If you are interested, click the image above. You will have to submit an e-mail address with your votes but they promise not to spam you with it and I trust them, besides, I'm sure you have at least one throw-away or spam magnet e-mail account to use if you really want to be sure.

Now on to another issue, ISPs and their services. After around a decade I have finally decided that Verizon's DSL offerings just don't cut it anymore (admittedly that might have something to do with the fact that I am now running a Tor relay and seeding torrents of linux distros and videos from The Next HOPE). For the last couple of years we have been trying to get Verizon's FIOS service but they refuse to offer it in my area and still only offering a 1.5Mb/256Kb DSL line as your top tier plan just doesn't cut it. Unfortunately I have been unable to find someone with better service at a reasonable price (probably because almost all the DSL providers in my area are just resellers for Verizon (yay! an extra layer of useless customer dis-service people on top of the already useless ones that actually have some ability to do something). The handful of other (ie non-DSL) broadband providers all want to gouge me and take over my TV and phone service. So, despite some misgivings, Time Warner now has my ISP business as well. I wonder how well their 'digital phone' offering will work with my Western Electric set.


Developments and delays

I know I had said I would be trying to post some of the ideas I had at The Next HOPE but The past week has seen me rather distracted from that goal. Aside from trying to recover physically (turns out a 3:1 ratio of Club Mate to water over the course of a weekend isn't such a good idea) trying to catch up on the news (particularly the 2600/HOPE/OTH related stuff I had missed in the runup to and during the conference) and then catching up on the new release of my primary Linux distro.

That last item has probably been the largest source of delays and distractions as they had made a few changes that seriously screwed with my graphics drivers (eliminating SaX2 and introducing the Neauvou drivers as the new default) which lead to a couple of days of madly trying to hand configure my xorg.conf and so on, prompting an additional change of desktop. The last chapter in that was the change from multiple independent NICs to bonded NICs, complicated by some odd configuration issues (gateway settings getting lost randomly) and one of the cards randomly dropping out and loosing it's kernel module declarations. I had thought that that card had finally crapped itself as it had become entirely non responsive after an attempt to move it to a different physical bus which lead to me purchasing a replacement this afternoon ($23 isn't bad for a gigabit NIC of known origins in New York). In the process of installing the new card I noticed that the previous card had been non responsive because it had been incorrectly seated (hard to do with a PCI connector). So bond0 now has three slaves eth0-2, all running at Gigabit speeds, which I think is about the appropriate level of overkill for my lousy DSL modem.

Then there was the idea of running a Tor node on the same workstation, not exactly well suited to NYC's anemic residential DSL connections (seriously, 300kbps upstream is the best you can do Verizon?) but having listened to a recording of the Wikileaks keynote from HOPE I figured I should try to contribute to the larger community more. It turns out that I always forget about the pseudo-firewall built into most SOHO routers, a fact that eluded me for a couple of hours. But I'm now providing a Tor relay, even if my available bandwidth is pretty lousy. Maybe I'll set one up on my station at work too, the T3 doesn't get much of a workout on weekends.

Now that things on those fronts have calmed down I might actually get myself to write something a bit more thought provoking.


I survived The Next HOPE!

I think I have now almost completely physically recovered from my experiences at The Next HOPE (my back still doesn't seem happy about sleeping on the mezanine floor Sunday). Even though I spent most of my time there hawking Club-Mate it was a great time and I want to thank a few people in particular: Flo and Ragnar for helping me at the Mate stand when I needed the breaks, Neo Amsterdam for including me in the cast of 26 o'clock (I will link when the Statler archives are available), Thurmon (not sure if that is spelled right) and Nick Farr for keeping an eye on me when the lack of sleep and the tainted water got to me, and Robert Steele for being a good neighbor in the Vendor Area.
I'm sure there are a few more people I should be thanking here but the names and reasons escape me at the moment.
I have a few ideas for posts that have come out of the experience an I will try to get those up as well soon.

For now though, thanks again to everyone who made The Next HOPE the experience it was.


Net Neutrality: A (hopefully) more reasoned look

Net Neutrality is news again this week with the passage of the UK's Digital Economy Bill (still scratching my head over how the ostensibly left/center "party of the working man" justifies that one, yet another reason I was quietly rooting for the Lib Dems), court judgments against P2P software companies, file sharers and private consumers.
A German court today issued a ruling in a civil case regarding a musician suing a private citizen over allegations that someone used his home internet connection to upload some of the musician's work. The court found the user partially liable and fined him. Here's the rub... the user was able to prove that he was in fact on vacation at the time, not at home. The court decided that his failure to take steps to secure his WiFi network made him partially responsible for the infringement. This is something of a double edged sword, much as the 'global linksys network' is; it might help encourage average people to take some actual interest in and responsibility for their technology but it also starts us on a path where IP holders feel justified in reaching ever further into people's homes and private lives iin the name of stopping 'piracy'. It also might be a bit of an inconvenience to lose some of that once omnipresent WiFi access, although hopefully the slack can be taken up by improvements in 'mobile broadband' (ie, dropping prices, improved speeds, greater compatibility).

LimeWire was also found to have been responsible for "encouraging, enabling and profiting from infringing activity". Well that much was pretty obvious to everyone but there is still that issue of the entertainment industry being ridiculously out of touch with the consumer. Although a sufficiently harsh judgment against LW Inc might finally shutdown that malware hose.

That last case leads all to directly to a bunch of points that have already been made all too often already and at least occasionally, been made better than I could. So, on the headlining question: "Just what the fuck is 'Net Neutrality'?"
Everyone seems to have their own divergent and slightly unique idea and definition, so here is mine.

Net Neutrality is (or at least in my view, should be) an outright requirement of basic truth and honesty in services offered(not exactly telco and entertainment industry strengths) and a ban on any form of censorship, monitoring or interference by any service provider (beyond the basic QoS/service prioritization required by the TCP/IP stack) and a requirement that if any service provider wants to offer a censored or 'cleaned up' access service (we know there is a market for it, look at some of the specialist DNS providers) they must offer the same service free of such limitations at the same or less cost to the customer. Essentially ISPs (be they traditional telcos, mobile service providers, cable companies, or anything else) should act as dumb pipes, completely blind to what flows through their pipes, just ensuring the fast and reliable delivery of each packet to it's destination. If they also want to offer content services, good for them put they cannot prioritize that traffic above any other traffic of the same type (ie, Time Warner couldn't prioritize their VoIP traffic over, say, Skype or Vonage). It should ultimately be up to the customer, the end user, what they see, what they do and who they communicate with.

Also, I want my ISP to bring back their NEWS server(s), and run them properly this time. Heck, I might even be tempted to run it myself if they could get me something better the the shitpile aDSL line they stuck me with.


Time marches on, so we must prepare

Wow, a bit over four and a half months since my last update (in my defense at least a quarter of that time was spent trying to stop procrastinating about it or trying to comeup with something at least slightly original to say). We have gotten closer to The Next HOPE (http://thenexthope.org/) and I have been wracking my mind trying to develop a decent talk after S1depocket seeded the idea at one of the NYC 2600 meetings, he's also suggested some even more outlandish ideas for projects and hacks for the conference (although our personal favorite will likely have to wait another two years as there just doesn't seem to be quite enough time to finish developing the presentation that would accompany it [a development of my earlier post "On Alternative Interfaces"] and put together the necessary gear).

Since that seems to put that idea in line for further development, particularly when included with some material on telepresence, I now have to figure out if I want to try that out this year or develop some of my other ideas for a talk; one about the history of copyright and DRM and another on the relationship and interfacing of people and machines (this is less about interface technologies and more about perception, emotion and psychology).

Now, while I doubt that I have many readers (if any), I would like to hear from them (assuming that they exist) as well as any web transients who stumble onto this. What do you think? Any particular preference on which topics I should pursue? Any ideas on things to include in one of these? Let me know in the comments.


Hello Y2K11

Today we say good bye to the first decade of the 21st Century and welcome the first year of the second. The past ten years have seen huge changes in the world, and the last year was no exception. So as we start the new year and the new decade let us hope that the changes we will see will be for the better. Maybe this time sanity, reason, logic, intelligence and common sense will win out.

Best wishes to everyone for the coming year, particularly all of my friends from 2600 and the hacker world in general.