Tales of the Sausage Factory:
Free Internet Is NOT For Porn — And Isn’t Broadband Access

As some folks may have heard, New York City has begun a really awesome project in free broadband access with it’s LinkNYC program. NYC is replacing no longer used pay phone kiosks with free WiFi access points (and an available interface built into the kiosk for those who cannot afford a smart device).

 

In a surprise to no one but the bright eyed innocents who set up the program, homeless people followed the advice of Avenue Q and decided that the Internet was indeed really really great — for porn. On the plus side, this certainly silenced those critics of the program who alleged that LinkNYC would only serve rich tourists. On the downside, the sight of the unwashed whacking hordes gathering around WiFi access points like pigeons clustered around lonely people with breadcrumbs on Central Park benches was not exactly the “proof of concept” the City hoped to get. So, once again to no one’s surprise, LinkNYC decided to install filters to block porn sites.

 

 

As has been the case since we first started debating Internet blocking in 2008, some folks raise the argument that net neutrality will prevent people from blocking porn sites. I testified on this back in 2008 at the FCC’s open hearing at Stanford University when folks claimed that if Comcast couldn’t block file-swapping sites it couldn’t block porn. Naturally, it also got debated in the lead up to the 2010 Open Internet Order and the 2015 Open Internet Order. So it’s not like we never thought of this before and it’s not like we don’t know the answer: free access sites can block porn (or otherwise filter) no problem. Indeed, as others have observed in the past, free access sites (like coffee houses or libraries) do not count as broadband Internet access providers and free Internet access is not Title II broadband Internet access service (BIAS).

 

Why? See below . . .

 

UPDATE: LinkNYC made this reply to my post through their official twitter account.

 

Continue reading

Tales of the Sausage Factory:
Broadband Privacy Can Prevent Discrimination, The Case of Cable One and FICO Scores.

The FCC has an ongoing proceeding to apply Section 222 (47 U.S.C. 222) to broadband. For those unfamiliar with the statute, Section 222 prohibits a provider of a “telecommunications service” from either disclosing information collected from a customer without a customer’s consent, or from using the information for something other than providing the telecom service. While most of us think this generally means advertising, it means a heck of a lot more than that — as illustrated by this tidbit from Cable One.

 

Continue reading

Tales of the Sausage Factory:
How DSRC Makes Us Less Safe: Privacy and Cybersecurity (Part 1)

As I discussed previously, the auto industry and the Department of Transportation (DoT) via the National Highway Traffic Safety Administration (NHTSA) plan to mandate that every new car include a technology called “Dedicated Short Range Communication” (DSRC), a device that talks to every other car with a DSRC unit (something called “vehicle-2-vehicle” or “v2v” communication). The auto industry fully supports this mandate, which is surprising (since industries rarely like mandates) until you (a) read this report by Michael Calabrese showing how the the auto industry hopes to monetize this with new services and harvesting your personal information (while piously claiming the mantle of saving lives); and, (b) the mandate helps DoT and the auto industry avoid sharing the spectrum with potential unlicensed uses (which actually do contribute to saving lives, but I will save that for latter).

 

As it happens, in addition to being a full time spectrum nut, I spend a fair amount of time these days on privacy, with just a touch of cybersecurity. So I started to dig into the privacy and cybersecurity implications of mandating DSRC on every car. My conclusion, as I discuss below, is that the DSRC mandate as it now stands is a disaster for both cybersecurity in cars and for privacy.

 

Yes, NHTSA addresses both privacy and cybersecurity in its 2014 Research Report on DSRC in terms of evaluating potential risks and solicited comment on these issues in their “Advanced Notice of Proposed Rulemaking” (ANPRM). It is in no small part from reading these documents that I conclude that either:

(a) NHTSA does not know what it is talking about; or,

(b) NHTSA does not actually care about privacy and cybersecurity; or,

(c) NHTSA is much more interested in helping the auto industry spectrum squat and doesn’t care if doing so actually makes people less safe; or,

(d) Some combination of all of the above.

 

As for the auto industry and its commitment to privacy and cybersecurity, I will simply refer to this report from Senator Markey issued in February 2015 (and utterly unrelated to DSRC), find that the auto industry (a) remained extremely vulnerable to cyberattacks and infiltration by hackers; (b) the auto industry had no organized capability to deal with this threat; and, (c) the auto industry routinely collected all kinds of information from cars without following basic notice obligations, providing meaningful opt out, or adequately protecting the information collected. (You can read this article summing up the report rather nicely.) For those who think the auto industry has no doubt improved in the last year, I refer you to this PSA from the FBI issued in March 2016 on vulnerabilities of cars to hacking.

 

I note that these remain problems regardless of whether the FCC permits sharing in the band, although it does call into question why anyone would mandate DSRC rather than rely on the much more secure and privacy friendly technologies already on the market — like car radar and LIDAR systems. But if the auto industry and NHTSA insist on making us less safe by mandating DSRC, the FCC is going to need to impose some serious service rules on the spectrum to protect cybersecurity and privacy the way they did with location data for mobile 911.

 

And, just to make things even more exciting, as explained in last week’s letter from the auto industry, GM is rushing out a pre-standard DSRC unit in its 2017 model cars. Because which is more important? Creating facts on the ground to help the auto industry squat on the spectrum, or making sure that DSRC units installed in cars are actually secure? Based on past history of the auto industry in the cybersecurity space, this is not a hard decision. For GM, at least, spectrum squatting rules, cybersecurity drools.

 

On the plus side, if you ever wanted to live through a cool science fiction scenario where all the cars on the highway get turned into homicidal killing machines by some mad hacker baddy, the NHTSA mandate for DSRC makes that a much more likely reality. In fact, it’s kinda like this Doctor Who episode. And lets face it, who wouldn’t want to drive in a car controlled by Sontarans? So, trade offs.

 

I explain all this in detail below . . . .

Continue reading

Tales of the Sausage Factory:
Auto Industry Crosses The Line on 5.9 GHz By Using Dead Pedestrians To Justify Spectrum Squatting.

For the last 3 years, the auto industry and the Department of Transportation (DoT) have been at war with the open spectrum community of 75 MHz of spectrum up at 5.9 GHz. I will save the longer history for an upcoming “Insanely Long Field Guide To the 5.9 GHz Proceeding” post.  For now, it is enough to know that, as we enter the last few months of the Obama Administration, the auto industry and DoT have been doing everything they can to run out the clock and wait for this FCC to go away, hoping the next FCC will not be as interested in opening spectrum for sharing. You can read the history of 3 years of bad faith and bait and switch in this filing here. You can read the auto industries most recent insistence on testing that will take us well past the end of the Obama Administration here.

 

So far so normal. This is how spectrum politics works. Incumbents pay lip service to the idea of spectrum sharing, stress the awful terrible things that will happen if the FCC allows the new entrant to operate and cause interference, and insists on an endless series of tests while dragging their feet on anything that would make testing possible. The new entrant, meanwhile, complains bitterly about how the other side are stalling, the interference claims are baseless, and hundreds of billions of dollars in economic benefits are lost as the delay continues.  With the final months ticking down, both sides are now ratcheting up their efforts. Last week, PK, a number of our other spectrum public interest allies (OTI, PK, SHLB) and industry folks (Intel, MS, NCTA, WISPA) sent a letter to the President asking the White House to weigh in at DoT and tell them to stop helping the auto industry stall testing so we can open the spectrum to more unlicensed goodness. Yesterday, the auto industry sent its response.

 

And yesterday, the auto industry finally crossed a line on common decency that just pisses me off.

 

It is one thing to claim that your technology saves lives and that if the FCC doesn’t do what you want, people will die. It is another thing to knowingly and deliberately invoke actual, real dead pedestrians and dead cyclists you know damned well your proposed technology could not conceivably save  in an effort to support your own spectrum squatting. It is even worse when the technology you are pushing, “dedicated short-range communication” (DSRC), would replace the actual existing collision avoidance system you are deploying today that would save cyclists and pedestrians — car radar and sensing systems that use unlicensed spectrum and LIDAR.

 

 

Continue reading

Tales of the Sausage Factory:
Cable Set-Top Box Arguments: Nothing But Reruns

It is inevitable that right before a major filing on an issue that the cable guys HATE!!! with all the passion of an injured monopolist, the we see a flurry of distracting nonsense designed to fuzzle the FCC, generate bad trade press, stoke the wholly-owned subsidiaries in Congress, and provide more material for the chanting cheerleader chorus. You may remember this from 2014’s: “Net Neutrality — The FCC Is Totally Gonna Lose On Banning Paid Prioritization,” and its 2015 Sequel: “No Wait, We Were Totally Lying Last Time, Banning Paid Prioritization is Cool But The FCC Is Totally Gonna Lose on Title II.”

 

Meanwhile, Comcast steps up with some “deal” that supposedly totally solves the problem they say doesn’t exist anyway so now there is no reason to do anything. In net neutrality, that was “look, we cut a deal with Netflix so you don’t need that silly old net neutrality.”

 

So it is no surprise that in 2016 we see another rerun. With comments on the FCC’s wildly popular (outside the Beltway) #unlockthebox rulemaking going on, aka the “Expanding Consumer’s Video Navigation Choices” proceeding due tomorrow, the cable industry has run true to form. Yesterday, Comcast announced it would make an ap available to Roku to let consumers stream Comcast content (under Comcast’s licensing terms, subject to Comcast control, and only to those Comcast finds sufficiently non-threatening). The fact that Comcast was messing around with the HBO Go ap on Playstation just last year  has not stopped the usual chorus of useful idiots from chanting hosannah’s of praise and declaring the problem solved. (Hopefully I will get to deal with everything wrong with the ap approach in a future post. But the short version is: “swapping one thing Comcast controls for something else Comcast controls is not “solving the problem.”)

 

But perhaps more importantly, we now come to the inevitable second act of this  well worn cable rerun. The press call headed by NCTA CEO Michael Powell with a panel of high power corporate lawyers who will trot out the same arguments they always do on why the FCC is totally gonna lose. I am eternally mystified why anyone takes this seriously because Duh, what else do you expect the cable guys to say? “Oh yeah, we don’t have a legal leg to stand on and the FCC is totally going to win. Damn, I knew I shouldn’t have drunk that bottle labeled Veritaserum!”

Nevertheless, for some reason, pronouncements by lawyers paid to make such pronouncements seem to have some mind clouding effect which not only makes people forget all the previous times these people have made exactly the same prediction, but forget the actual FCC detailed refutation of these arguments in the notice of proposed rulemaking. So once again, we here at Tales of the Sausage Factory will play the part of the annoying little dog exposing the man behind the curtain while everyone else trembles at the Great and Powerful Oz — played here by NCTA CEO Michael Powell.

 

Curtain pulled back bellow . . .

Continue reading

Inventing the Future:
Ben’s Social VR Adventure

being-of-light

There are lots of old and new VR sites with prognostications. This guest blog from a VCpreneur has four “requirements” for social VR, and it sparked some discussion at our office.

It reads to me very much like this investor fellow might be talking with some startup that features his four points, and he just wants to sort out whether the concepts are sticky. I’m imagining a company that uses Facebook for login, uploads your 2D and 3D albums and videos into your 3D space (which is zero-install via WebVR), lets you and your friends like/share from in-world, and folks that click on those shared things in Facebook get brought into your 3D space at the corresponding item. (I pitched such a thing five years ago as “Beyond My Wall”, using the Unity browser plugin instead of WebVR.)

One of the blogger’s “requirements” was that participants use their real-world identity, and this was what interested our gang, both for and against. I think this is a red herring. Although I use my real name online alot, my gut is that an alwful lot of VR is going to be about sex, and folks won’t want to use their real name. But overall, I don’t think it’s killer one way or the other. I’m guessing that he’s trying to turn the limitation of Facebook-login into a feature called real-world identity, and I think it’s a stretch. There’s clearly a lot of things that went into making Facebook win over MySpace, and I’m not persuaded that that real-world identity is the magic ingredient. Indeed, both Twitter and his other example, Youtube, are both counterexamples. I think real-world identity can be a part of many potentially successful killer apps, but I don’t see it being required for all such killer apps. (I think verified identity, whether real-world or not, will be a great service for High Fidelity to offer, but it won’t be required for everything.)

I do think he’s on the right track, though, with his feature set including pre-established friend links and content-sharing. But I’m not sure the guy has really understood why those two things matter or what they are part of. They feed the virality of a lot of social media winners, but the magic is in the viral math, not specifically in the features. For example, “pre-established friends” is helpful, but not necessary for Twitter, Youtube, or EBay. I think that each one of a Facebook liked-story, Twitter hashtag, Ebay auction, and Youtube video/discussion page forms a micro-community of interest with a specific “address” that can iself be shared out-of-band. Each user can and does “belong” to many such micro-communities. I believe that’s the real driver for virtuous-circle virality. High Fidelity is going to be great for this, because anyone can easily create any number of separate, persistent, domains of interest, and each one can have the computation shared by the people who are interested in it. (Our upcoming Beta makes it easy to organize one domain per user’s computer, which I think is a good initial model.) Nothing else I’ve seen (not even Beyond My Wall) can scale like that. This is so very different from social VR startups that offer even a large number of hosted chat rooms.

Of course, none of this is to say what is interesting about any of these domains. That is a separate – and more important – question that remains. The blog (and this response) are about what qualities are necessary, given something interesting, for it to catch on.

Separately, the comment from DiGiCT was interesting, that the huge numbers of Chinese HMD sold are just a series of upgrades to very bad/cheap/unsatisfying units. I wonder if that’s true.

Tales of the Sausage Factory:
H.R. 2666: House Prepares to Give ISPs License To Price Gouge (Even More).

The House Rules Committee has scheduled a floor vote for Friday April 15 (today!) for an amended version of H.R. 2666 aka the “No Rate Regulation of Broadband Internet Access Act,” aka the “Twice The Evil of the Beast” Act. Ostensibly, the bill is supposed to codify the commitment made by President Obama, FCC Chair Tom Wheeler, and just about everyone else that the FCC would never use the classification of broadband as a Title II service to engage in “utility style rate regulation.”

 

Surprise! As I explain in a much shorter version over here, H.R. 2666 basically removes the authority of the FCC to take action on any complaints relating to overcharges, fees or other nasty practices that broadband providers may do to overcharge you — provided they disclose them honestly (and, since there is not exactly a lot of competition, disclosure doesn’t help much). It also effectively strips the FCC of its authority to address zero-rating — even in the worst anticompetitive cases where a provider zero-rates its own content while applying its broadband cap (however discriminatory) to rival services. Along the way, it renders various merger commitments involving offering low cost service to the poor unenforceable and has lots of other nasty impacts.

 

Needless to say, the collective trade associations of the broadband industry are thrilled.

 

That’s not just me talking. That’s from the President’s veto threat message. Additionally, this group of 50 public interest groups think H.R. 2666 is a very, very bad bill, and 30 groups signed on to this letter explaining how H.R. 2666 will screw up privacy protection by letting ISPs charge you for it (aka “pay for privacy” like this from AT&T).

 

I’m going to repeat a pitch here I will repeat often: If you think letting broadband providers price gouge and undermine net neutrality is a bad thing, please call your Representative in the House directly, or use this link to go to BattleForTheNet.com and call your Representative (they have a tool to help find your Rep and have a script — but use your own words, that is always more convincing.

 

Made your call? Good. See below for lots more details so you can explain to your friends why they should call. . . .

Continue reading

Inventing the Future:
How To Use High Fidelity

no-cow-tipping

tl;dr

1.Install the “Sandbox” app(We currently do not provide pre-built installers for Linux, but techies can build from open source for all platforms.) The “Sandbox” is the HighFidelity logo that appears in your system tray. (It is in the corner near where the wifi logo is on your screen, and may be behind the arrow if you have a lot of system tray apps. Sandbox starts automatically on Windows.)

2. Click on the Sandbox app and choose “Go Home” to visit your own personal domain. You can also visit another domain by clicking on a “hifi:” link that someone has given you on a Web page or email.

This is your user interface. While you use this, your actions are seen by others through your representation as an avatar.

3. Use the arrow keys to move, or the joysticks/touchpads on a hand controller. (You may need to turn on some controllers using the Avatar -> Input Devices menu.) Change between desktop display and Head Mounted Display (HMD) using the Display menu. (HMDs and controllers need to be plugged in and have their manufacturer’s software installed before starting the user interface.)

4. Most of the system behavior is defined by scripts that you can get from friends or from the Examples, or that are attached to the objects you find in the domains that you visit. Some initial behavior that you get “out of the box” includes:

  • The Go To button, giving you a directory of places.
  • The Examples button, giving you different avatars to choose from, or things to add to domains that allow it (like your own Home domain).
  • The Edit button, which lets you edit any object in in any domain that lets you.
  • Pressing the “return” key gives you an address bar to specify another place or user to visit.
  • The microphone is on! Use a headset.

If you’ve got 10 people sharing wifi, or have a Comcast connection that turns into molasses on a Friday night, things might be a bit slow when your network sucks. This is especially true when visiting a new domain for the first time. Also, some domains are faster than others. If things don’t feel right, try again later, or see “Stats”, below. Continue reading

My Thoughts Exactly:
St. Urhu & St. Patrick Together Call us to Our Great Heritage

Ah, Wetmachine, my child. How I have neglected you. You, who have been so much a part of my own renaissance, deserve a renaissance of your own. Perhaps you shall have it, but let’s not get ahead of ourselves. Let us rather do the least we can do to uphold our most sacred Wetmachine traditions, one of which being the observation of the annual elision of the name days of Saints Urhu and Patrick, a happy pairing that brings pride and joy to all of us Finno-Irish Americans. Whatever your heritage, dear reader, welcome. And take courage, because for the duration today and tomorrow, at least, we are all Finno-Irish!

And now, to save me the trouble of writing something new, here’s a recycled Wetmachine Urhu-Patrick piece from days gone by.

That great annual harbinger of spring, that mid-Lent quasi-Catholic dual name-day celebration for two saints (at least one of whom probably existed), that diphthong of drinking excuses, the elision of St. Urho’s Day and St. Patrick’s Day is again upon us. This, more than even the setting of the clocks ahead, gives us to know that we have survived another winter.

Now, it’s well known that Irish Americans can be very loud and unsubtle about celebrating their (our) heritage of leprechauns and bullshit artists and crooked politicians from South Boston and great singers like Ella Fitzgerald. And so of course everybody in America and around the world knows that tomorrow is Evacuation Day, I mean St. Patrick’s day, in honor of the great Romano-British Christian missionary who returned to the land of his captivity and bondage as an apostle of peace and went on to drive the serpents into the sea, (or maybe not), and so Guinness will be consumed, and cabbage, and yea, Harp Lager too, begorrah.

Alas throughout much of this country that is not the upper Midwest, the name day of St. Urhu, who drove the grasshoppers from Finland (today, March 16) is sadly neglected, to the point that we can  expect virtually no mention of it by color commentators in television broadcasts of today’s NCAA basketball games. But let it never be said that Wetmachine has forgotten the confabulated patron saint of the Finno-American diaspora (of which I am a proud member), the great St. Urhu, whose famous utterance Heinäsirkka, heinäsirkka, mene täältä hiiteen (grasshopper, grasshopper, buzz off why dontcha?) still stirs our hearts everywhere.

Statue of St. Urho in Minnesota

That saintly collusus!

It’s OK to mark this day without alcohol, but consumption of traditional all-starch foodstuffs is encouraged. So if you can find some Karjalanpiirakka, go for it.

Tales of the Sausage Factory:
If McConnell Trusted His Own Party, He’d Follow the “Bork Precedent” and Hold A Vote.

There are a lot of interesting questions about the possibility that the President will appoint Judge Sri Srinivasan to replace the late Justice Antonin Scalia on the Supreme Court. For example, what happens if the D.C. Circuit has not yet voted out the net neutrality case? If Srinivasan is nominated and confirmed, would he be able to participate in an appeal of the net neutrality case? I, however, do not propose to answer either of those questions here.

 

No, I’m going to take a moment to urge Republicans to do the right thing and follow the Bork precedent of which they make so much — have a vote and reject a nominee you don’t like. That’s what the Constitution says ought to happen, and it’s a perfectly legitimate thing to do.  The meaning of “with advice and consent of the Senate” has changed a bunch over the years, but it is clearly intended as a restraint and means of forcing cooperation between the Senate and Executive, as discussed by Hamilton in Federalist No. 76.  (Hamilton thought the power to reject appointments would be little used. Unfortunately, George Washington was right about the corrupting influence of party factionalism.)

 

So why have Senator Mitch McConnell (R-KY) and Senator Chuck Grassley (R-IA), the Chairman of the Judiciary Committee, refusing to hold even a hearing on the as-yet-unnamed Obama Appointee? Fear. They cannot trust their own party to toe the line, especially the 8 Republican Senators facing difficult re-election fights in swing states.

 

While the check on the President is the need for advice and consent of the Senate, the check on the Senate is that they do their work openly, with each member accountable to their state. If Republicans really believe that “the people deserve to decide,” they would vote to reject the nominee and let “the people decide” if they approve of how their Senator voted. But of course, that would mean letting the people actually talk to their Senators while considering the vote, and potentially voting against those Republican Senators who disappointed their independent and swing-Democratic voters.

 

So the GOP elite leadership have conspired once again to take matters out of the hands of the people. Not by following the Bork precedent, which got a floor vote. Not even by filibustering the nominee, as the combined Republican/Dixicrat alliance did for Abe Fortas. No, the GOP leadership have such little trust for their own party, and the voters, that they will not even let the matter come to the floor.

 

More below . . .

Continue reading