Full Disclosure
In pseudo-intellectual circles, drawing comparisons between “the world” and Orwell's 1984 is considered highbrow, but among us real intellectuals, it's trite (I'm quoting my college English professor here, so please direct all criticism to him). However, with the latest revelations of bedrock operating system software from both Microsoft and Apple revealed as “phoning home” to the Mother Ship, the analogy to that Draconian society where “someone” was always watching is moving out of literary criticism class and onto the front pages (or at least the business section).
Cliché or not, the Internet has created a world where “a Party member had no spare time and was never alone except in bed,” as Orwell described 1984 society - unless said member has a laptop and likes to do late night surfing from his or her bed, in which case “they” will keep up their surveillance even as our hero gradually drifts into never-never land.
You might have already gotten wind of Microsoft's latest foot-in-mouth backtrack; it seems that this month's automated Windows Update for the XP operating system, which the vast majority of users will think is a security related update and will most likely click on for remote installation, has nothing to do with viruses or Windows exploits. Instead, it will install onto your PC a program called Windows Genuine Advantage Notifications (WGA) tool, which, when you boot up your PC, contacts a Microsoft server, which conducts a validation check to see if your copy of Windows is “genuine,” ie that you haven't copied your Windows' registration serial number from someone else (the checks are to be scaled back to once every couple of weeks, according to http://tinyurl.com/k2tpp).
Not that there's anything wrong with this, Microsoft says. “Every year millions of consumers and businesses are hurt by counterfeit software that they have purchased unwittingly,” the company says, adding that “many companies that sell legitimate software have difficulty competing with low 'too good to be true. prices offered by software counterfeiters. Through WGA, Microsoft is working to help customers and resellers of Microsoft products reduce the threats posed by counterfeit software,” it says (http://tinyurl.com/zyfry).
Not to be outdone, Apple, too, seems to be jumping on the “phone home” bandwagon. According to http://www.red-sweater.com/blog/153, Apple's Dashboard widget service (widgets being those cute little functional programs that you call up with the stroke of a mouse) that will check with an Apple server to ensure that the widgets you are running are “genuine,” ie have not been somehow compromised and turned into a virus or some such thing. Apparently there is no way to stop this check, and Apple does not inform users that it takes place when installing its widgets engine.
Are these bad things? Doesn't Microsoft have a right to defend itself against thieves who are doing nothing less than stealing from it? Isn't Apple doing us a favor by ensuring that our software isn't compromised? In the case of WGA, the program has been required for some time now to install/upgrade MS software like Internet Explorer and Outlook Express – but since last April or so, WGA has prompted a remote server to do a check every time you start up your computer, as well. This was too much for one fellow in Los Angeles, who is bringing a lawsuit against Microsoft for failing to tell consumers about the phone-home feature of WGA (http://tinyurl.com/zuh26). Microsoft, of course, is shocked by the suit, claiming that the company's only concern is for its customers, to ensure that they don't get fake software. But even if the company were simply trying to enforce their copyrights – wouldn't that be enough to justify WGA, regardless of “disclosure?” After all, this is an issue that theoretically only affects crooks; honest people have nothing to worry about (or maybe they do, according to http://tinyurl.com/nwxex). Ditto for Apple, if they were to use callback technology to check on the authenticity of products they supposedly manufacture.
Considering that all users are legally bound by the usage agreements they must automatically accept before installing any software update from either Microsoft or Apple – even if they do not read the small print – the companies are on solid legal ground. You don't have to install WGA in order to keep using Windows XP either – you just won't be able to install certain software updates (there are several methods of removing WGA, one of which is documented at http://tinyurl.com/n9m78). And, as mentioned, the company is scaling back use of the daily check anyway. No harm, no foul, right?
No, except for one irksome issue; in my opinion, MS “owes” us, the computing community, and should be a bit more appreciative to user sensitivities. There is almost nobody in the world who has not at one time or another used a hacked MS product or worked with software that had a hijacked or otherwise questionably obtained serial number of license. We've all done it (yes, even you!), justifying it on one level or another. And of course, although MS has always publicly pursued copyright infringement on its products, insiders have often said that the company was rather lenient on Windows 3.1 and 95 pirates – thus enabling the fledgling operating systems to become the “standard” OS in corporate computing. It just doesn't seem right that having won the war, Microsoft would take excessive steps to “punish” the “soldiers” it relied on in the early days. There's no justification for stealing, but certainly the company owes its loyal users something – such as full disclosure - even with the OS wars won.
War Games
War is not healthy for children and other living things, they used to say in the 60s, and it almost seems trivial to think about computers while soldiers and civilians are dying, and half the country is on the move to get out of range of Katyushas and Kassems. But war in Israel means not just loss of life and property – there's a lot of “collateral damage” involved, such as damage to the overall economy, the total wrecking of the tourist season up north, or the long-term effects of the war on Aliyah.
And then there's the damage to Israel's computer infrastructure. Not from missiles, but from Arab hackers who have taken aim at Israeli Web sites as part of the “electronic intifada” targeting the Jewish state. It's hard to imagine what banks, furniture stores, or rent-a-car companies have to do with what is supposed to be a political quarrel, but as far as Team Evil, a group of Moroccan hackers is concerned, anything with a .il suffix is a legitimate target. The group took credit last week for defacing more than 700 Israeli web sites, replacing their contents with an anti-Israel screed not suitable for publication in a family newspaper.
There's a lot to say about the ongoing Internet war in the Middle East, which heats up in conjunction with major political and military developments. In the past, Israeli hacker teams have given as good as the country's Web sites have absorbed, but so far this time it looks like the Arabs are winning the site defacing war. A good site to keep abreast of Web developments is the Internet attacks archive at http://www.zone-h.org, where hackers who want to show off submit their defacements, and the most active hackers compete for the top slot.
While most sites fix themselves up within a few hours, Zone-h keeps an archive of the defaced page for future reference. Israel is one of thousands – and a small one at that - of targets worldwide by hackers who zero in on sites, countries, or organizations they don't like. China vs. Taiwan, India vs. Pakistan, pro and anti abortion sites – every major political or social conflict is reflected in the daily logs at this site. Of course, lots of hackers slash and burn sites for the fun of it, but if it's any comfort, there are lots of people out there who don't like lots of other people; Israel is definitely not alone in being hated or attacked.
Tuesday, July 18, 2006