Friday, November 30, 2012

What is a Privacy Policy, and Why Do I Need One?

Before the advent of cell phones and the beginning of the Era of Mobile, most people in the United States used landline telephones when making phone calls, with service provided by AT&T, otherwise known as Ma Bell, or its many parts, namely Southwestern Bell, Pacific Bell, or one of the other Baby Bells. Local calls on your landline were free, but for anyone who watches the television show Law & Order, you'd know that the police have access to information about you that even you don't have access to; very often you'd hear the homicide detective Lennie Briscoe mention to his Lieutenant during the beginning of a case how Local Usage Details, or LUDs, for a witness or suspect matched (or did not match) the initial statement made to the police concerning the witness or suspect's whereabouts and calls to the victim in the hours and minutes leading up to and around the time of the crime. During the course of an investigation, the police identify a person of interest, a request for Local Usage Details for a specific individual is communicated to that individual's phone company by an investigating officer, and in response, a phone company employee retrieves said records and hands them over to the police, whereupon a comparison can be made by an investigator as to the veracity of what the witness or suspect may have said. LUDs also give the police a general impression about the person's calling behavior, i.e., who he or she would try to contact.

LUDs are only available to the phone company or the police; if you ever wanted to see your own local usage details, you are simply out of luck. In preparation for this blog post, yesterday, on November 29, in the afternoon, I called my phone company and asked how I might go about obtaining a log of all the local calls I made from my phone. I told the agent that I was interested in switching from flat rate service, where all local calls are free, to measured rate service, where you are allowed 60 local calls per billing period (measured rate service is cheaper). The agent I spoke to said that I would need to keep track of the local calls I make. The agent said, "We don't keep a running record of local calls you make that is accessible in mid-billing period." If you are on the measured-rate plan, at the end of your billing period, the telephone company does provide a simple count of the local calls you made in the previous billing period. However, if you wanted a log of when local calls were made, and to what numbers, the phone company agent told me I would need to get an attorney and have my lawyer subpoena the phone company for the records. LUDs are not available to you or me, unless you are willing to obtain a court order, which involves either hiring an attorney, or spending a lot of time on research and at the courthouse trying to figure out how to do it on your own (if such a thing is even possible).

Something similar to the procedure we see on Law & Order occurred recently in the war between Paula Broadwell and Jill Kelley over CIA Director David Petraeus (all three of whom are married is scandal enough). As UC Hastings professor Dr. Elizabeth Hillman so eloquently put it:

You know girls, they get jealous, and sometimes they threaten each other on email.
As Dr. Hillman explains below:
When the US government decides it wants some information, and there is a law enforcement basis for getting that information, email is a very easy-to-get-into source of private data...the government just has to ask the Internet service provider, like Google, for instance, these were Gmail accounts in this case, that the information came from, they just have to ask, and the ISP generally complies, if they consider it a reasonable request...You only go in front of a judge if you have to get a warrant, and right now we have a dated scheme of privacy protections that are in the Electronic Communications Privacy Act, which is a 1986 law. Right now, the way it's being interpreted by the courts, if an email is older than 6 months, there's no need to get a warrant from a judge. In that case, the FBI agent has the authority to make the decision, subject to the support of supervisors, depending on the extent of the resources that would be devoted to that. Information, if it's older than 6 months, is deemed not protected in the same way that other communications would be.
In this Age of Technology, companies like Google, Facebook, Apple, Amazon and Microsoft have moved up right alongside Ma Bell and its many Baby Bells in terms of the amount of information they have about how you use their equipment to try and communicate with others. These companies, along with Internet Service Providers like AT&T, Comcast, Time Warner Cable Internet, Verizon and many others, make the landscape more complex as to who has personal information about you, whether you have access to that information or not, and which information can be unlocked by a government agency requesting records and all the data associated with you. In many ways, Ma Bell's physical telephone network has evolved and been elevated from land to sky, expanding into "the cloud", as it were, encompassing the Internet and cell phone networks. Your usage of corporate products like free email and mobile devices can reveal so much more about you than a log of when phone calls were made and to what numbers. With these corporations in possession of such intimate information about you, your activities and behavior are very important when you understand under certain circumstances that information may be shared with other people. A privacy policy covers what happens with the information you entrust others with, and to a lesser extent, what will you do with the information people entrust you with.

My privacy policy for all users of my blog is, I will never share unique, identifying information about you with anyone, unless law enforcement presents me with a subpoena. However, since my blog is hosted with Google, if the government wanted information about any of my visitors, I would imagine they'd skip me and go straight to the source, to Google. Which leads me to my final, unsettling point. All our privacy concerns and handwringing over privacy policies may be moot, because everything we do and say may already be in the hands of the government. After 9/11, according to Wikipedia:

A January 16, 2004 statement by [Mark Klein, a retired AT&T communications technician] includes additional technical details regarding the secret 2003 construction of an NSA-operated monitoring facility in Room 641A of 611 Folsom Street in San Francisco, the site of a large SBC phone building, three floors of which are occupied by AT&T.

According to Klein's affidavit, the NSA-equipped room uses equipment built by Narus Corporation to intercept and analyze communications traffic, as well as perform data-mining functions.

According to Frontline:

The Patriot Act took our proposals to update surveillance authorities, and then it doubled or tripled those, and it took our proposals to update privacy protections for e-mail and such and took those out. So many of the same issues we had discussed at great length during the Clinton administration, had proposed in many instances to Congress, but my concern was it was an unbalanced package. It was all surveillance and no updating to protect civil liberties.

And when you say it took your proposal, the guts of the Patriot Act, in terms of electronic surveillance and wiretapping and eavesdropping, what did it do?

The Patriot Act did various things. Some of it was updating from a telephone-era language to Internet language. So before the wiretaps affected devices, but maybe we couldn't do wiretaps with software. Well, that didn't make sense anymore in the Internet age -- hardware, software, they should be the same.
...
What was your reaction to the warrantless wiretapping program that the president conceded existed?

This was enormous news. When The New York Times told us about the NSA wiretap program, for people like me, it was as though there was this alternate universe. We had thought we had a legal system and we knew what the moves were, and it turns out that the NSA was doing something entirely outside of that.

And yet the president says, "I authorized that." As a lawyer, as somebody who specialized in information technology and the law for a quarter of a century, what's your bottom-line take on this?

I was outraged. I tend to be fairly level in the way I approach things, and I had a sense of outrage that they would just disregard the law. The law said the exclusive authority for wiretaps were these other statutes, and the president looked at exclusive authority and said, "Except when I feel like it." It was as though the lessons of Watergate had been forgotten. It was as though the lessons of centralized executive power and the problems that come with that had been forgotten. And now the president just said, "I think I can do it my way."

So you're saying the president violated the law?

My view is that the president violated the law, yes.

Wednesday, October 31, 2012

how to find out who's been watching you and how to start watching them

Countersurveillance: the attempt to avoid being watched. Last month, I briefly addressed how to avoid being detected when browsing online. This month, we will delve into spying on those who are spying on you. How do we ascertain when someone is investigating you and maybe doing research on you on the internet, and how do we turn the tables and start doing same to them?

Some time in the recent past, I got into a conflict with a party that spilled into the arena of the law. I've since settled the case out of court, and on the day of the settlement, I signed a confidentiality agreement, so I cannot reveal specifics about the case. What I can say is that a couple of months after my attorney agreed to represent me and to file suit against the other party, I was reviewing my Google Analytics (henceforth GA) report for my blog, which I do on a nightly basis, when I see the following:GA screenshot for my October 2012 blog post Someone, whose identity was unknown to me, had typed my name into a search engine, clicked on one of the search result links, loaded my blog on their computer, and had proceeded to go through the stuff I had written. In the interest of full disclosure, finding out who is watching you is much easier when your name is unique; I know of no one else on the internet who has the same first AND last name as I do. If your name is not unique, you cannot be certain that the person who typed the words into the search engine is looking for you; the search engine user may have happened upon your website while looking for someone else, and got interested in you or what you had to say. But once my mind came to grips with the fact that somebody had conducted an online search of me, I formed a theory that the person doing research on me was either the party I was suing, or connected with the lawsuit, or associated with the attorney for the party I was suing. A few days later, I happened to be at a local courthouse, at the registrar of voters, trying to find out how to get a mail-in ballot sent to me. Afterwards, it occurred to me that if I was curious to see the latest developments in a court case involving me and another party, and I wanted to search the database of lawsuits that had been filed in the very county that I happened to be in, to see how my lawsuit was progressing, the place that I'd want to be is at a courthouse in the county where the lawsuit was filed. I asked around, inquired at the information desk, and was directed to the courthouse Records department. There, I saw a few computers that members of the general public can sit in front of and type in keywords to look up court records. After I conducted my own search on the name of the party I was suing, I confirmed that on the day my name was used as a search term by an unknown person or persons, the party I was suing, i.e., the defendant, had gotten served with the papers containing the text of the lawsuit in which I was plaintiff. While I cannot be 100% certain, I think there's a high probability that said party, after having been served with court papers, had gone online to find out more about me. The next week, I was at my attorney's office and I confirmed that my attorney's process server had traveled to the city where the GA report had indicated the online search may have originated, and served the defendant. In the next few weeks, the GA report indicated that my name was used twice more as a search term, but in both cases, the searches originated from a city that court records told me the defendant's attorney had his office. This could all just be a coincidence, of course, but I also think there's a high probability that the lawyer for the defendant may have conducted an online search of me, wanting to look through what I had written, perhaps in an attempt to find out anything that could be used to hurt my legal case against the attorney's client.

While a trip downtown to the courthouse may be fun, if you have an interest in the proceedings of a legal case, you can just as easily get updates from the comfort of your own home. You simply locate the website for the county courthouse that your lawsuit was filed in, and as long as you have the case number, or you know the date the case was filed, you can use the courthouse website to see how your (or anyone else's) legal case is progressing. However, perhaps because of privacy concerns, you cannot go online and perform a keyword search through county court records; you still need to physically be present in front of a county courthouse computer in order to search by a party's name.

On November 1, 2011, Google put into place a new feature of their evolving privacy policy; if a person typing keywords into Google's search engine is using a browser that is already logged into a Google account, Google no longer discloses the keyword search terms on your GA report. Therefore, if you now perform a search for my name on Google while logged into your Google account, and say you visit my blog, if I were to use GA to generate my blog's traffic analysis report, my name as a keyword would no longer be visible to me. What I'd see, instead of my name, is Keyword (not provided):GA cut selection for my October 2012 blog post None of us like being watched, but knowing we are being watched by other people keeps us honest (if not a little paranoid). Because of Google's new privacy policy implementation, you have less information in your GA reports than before, and therefore you are far less certain than before that someone is actually investigating you. However, you can still use GA to develop profiles of online users who may be watching you:

  1. If your blog, like mine, is about many different topics, and the online user's keyword is (not provided) and the first page the user alights upon is your blog's landing page, instead of a specific blog post, that may be an indication that the user typed in your unique first and last name as the keyword, while using a browser that is logged into a Google account.
  2. If your blog URL is not easy to remember, such as tpc247.blogspot.com, but using the URL is how the user accesses your blog's landing page, then the source of traffic to your blog's landing page is direct; this is an indication that the user typed your blog URL (or at least the first few letters of the URL) into the browser's address bar and pressed 'Enter', or the user has your blog in his or her browser bookmarks. Another possibility is that the user may have searched for your unique name, copied and pasted the blog's URL from the search results into the browser address field, then pressed 'Enter', possibly in order to evade detection by GA.
The aforementioned profiles are, of course, just guidelines, and do not necessarily match someone who may be investigating you. The user may have entered one or more keywords that are not your name, and ended up on the landing page of your blog. The user who perhaps copied and pasted your blog's URL from the search results into his or her browser address bar may not have been motivated by evading detection, but may have performed this extra work out of habit, or maybe as a lark, i.e., he or she may have just felt like doing it at that time. However, the information from these profiles, in combination with all the other data that GA provides you, such as geography and technology information, can be used in totality to track your website visitors, and any possible return visitors, in order to help you paint a better picture of who may be watching you.

Out of all the visits that GA tracks, there are still many where a keyword is provided, and occasionally that keyword may be your unique name. Even if you are a celebrity, you may still want to know who is googling your name and landing on your website or blog. In GA, I have created a filter with the following condition: where a user's keyword contains my first name, or my last name, or the keyword exactly matches my first and last name, then I can isolate that segment of user, and find out more about his or her visit. I'd like GA, at some point in the future, to be able to let me create an email alert (GA calls them Intelligence Events), so that I am notified by email when certain conditions in a filter in my own GA instance are met, such as the aforementioned profile. However, as we go to press, it looks like the only email alerts that you can create in GA are for when your website traffic has significant statistical variation, i.e., website traffic goes up or down by a certain percentage.

Gentle reader, all of this is to say that, so yes, I've been watching you, and now I know that you know that I know that you've been watching me.

Sunday, September 30, 2012

How To Execute Javascript in Firefox 6 and Beyond

For anyone who maintains a website, blog, application or mobile app, one of the best tools for getting a sense of who your audience is, and how many people are visiting, consuming and using your work of art, is Google Analytics. When you first start using this free service, you soon may realize that one of the most frequent users of your creation is you. There are at least two main ways to prevent Google Analytics (henceforth GA) from tracking your own visits; one is IP-based, and the other is browser-based. The IP address-based way involves creating a GA filter, and works well if you happen to possess a static IP, or most of the IP address or addresses for your office, company or home is predictable and doesn't change often, i.e., you possess a range of IPs that you lease from your internet service provider and dole out to your employees or home computers. However, this scheme quickly falls apart if your ISP allocates dynamic IP addresses, or you visit your site from a cafe, school or library.

With the browser-based approach, since it is browser-specific, you have to remember to always use the same browser. A major downside is that, sometimes unpredictably, when your browser environment changes, such as during a major upgrade, or if something goes wrong when you are using your web browser to do something unrelated to GA or your website, such as during installation of a browser add-on, or if you were to erase all your cookies in an attempt to get past the LA Times paywall or in an attempt to reset your browser (this happened to me recently when I was using Amazon to purchase some music, and I inadvertently clicked on the option to download the music file using Amazon's downloading app, when I just wanted to download the mp3 file, so I had to delete my cookies to reset my browser so that I could be presented with the user interface to choose the correct option), or your operating system or browser crashes and reverts back to an earlier state, you may need to reapply or reinstall your browser-based solution again.

From what I gather, there are many ways to implement a browser-based approach. I have read that one way is to use the NoScript add-on and to not authorize GA to run scripts. Another way is to install the Google Analytics Opt-out Browser Add-on. The one I am most familiar with involves creating a GA filter, and then manually setting a cookie to exclude yourself from GA tracking. I used Brian Yang's instructions, but as an update, note that under his "Create the Cookie", Step 2:

Remove everything from the address bar and paste in the following and hit enter.
This may not apply to other browsers, but if you use Firefox, the information provided by Mr. Yang is no longer applicable, and Step 2 is obsolete. In the latest versions of Firefox (as we go to press, we are at Firefox 15.0.1), if you try to run the Javascript snippet in the address bar, nothing will happen, and you may see
pagetracker is not defined
According to Mozilla, the makers of Firefox, after Firefox 6, "javascript in the url-bar runs with a null security principal for security reasons". The workaround is to visit your website or application that already has the GA tracking code, then in your browser, click on Firefox / Web Developer / Web Console, and in the command line, execute or run your Javascript there. After Firefox 6, you can no longer run Javascript from the address bar.

If you don't have a creation or work that has the GA tracking code enabled, and you're here to find out how to avoid being tracked altogether, may I suggest that, instead of trying to avoid GA, you can retain some of your privacy, but still give us, the people who labor in the kitchen to make the food that you eat, a consolation prize, which is a bit of information about your visit; in a previous blog post, we show how you can use Tor to browse the web; once you close the Tor browser, you erase any evidence of previous visits and avoid being tracked between browsing sessions. Gentle reader, thank you for your continued patronage.

Friday, August 31, 2012

How to Make and Receive an Anonymous Donation

A couple of months ago, I came across the following letter to Dear Abby, seeking advice:
Dear Abby: Many years ago I shoplifted a $30 item from a department store. Now I'd like to clear my conscience and make amends, but how?

I want to remain anonymous, so I can't send a check. Sending cash by mail seems unwise, and even with Google I have been unable to find a corporate address for an appropriate division. Can you help?

Anonymous in the USA

~

Dear Anonymous: Because you have made an honest effort and haven't been able to come up with an address to send the money, try to find out if the department store sponsors an activity for charity and donate to that. Or, alternatively, give the money to a charity of your choice, which may salve your conscience and do a good deed at the same time.
Abby's answer seemed like a good faith effort to placate a restless soul wishing to right a past wrong, by suggesting that, if direct reparation was not possible, the guilty party could always settle a karmic debt through indirect reparation, by doing good works or giving to charity. As much as we'd all like to think we have been unfairly persecuted, picked-on, held to a higher standard than anybody else, or made to be the butt of jokes and the target of undeserved abuse or ridicule, few of us can say that we have never been nasty ourselves, bullied someone, screwed someone over in a way that makes you cringe even now, or teased someone mercilessly for a reason that society now very much frowns upon. Wherever you go, people are people, but we as human beings all know the value of a dollar, or at least are familiar with the concept of money and a unit of currency and what it can buy. If you have wronged a party in the past financially, you may think back with some shame about how you'd like to assuage your guilt, without fully owning up to the misdeed, or, better yet, express your sorrow and regret, without publicly identifying yourself. Perhaps you want to save yourself public embarrassment, or avoid having a target painted on your back, or you may want to prevent the people around you, who have stood by you in the past, from losing face. What to do? Make an anonymous donation with bitcoin ("btc" is the shortened form)!

If you have wronged me financially in the past, and would like to make an anonymous donation to me, you may send it to this address:
13TwEVYFgdDMsoXrwzbpDrV9ipXznpE8ZJ
This represents your new bank account number, and Wikipedia says your bitcoin address is a string of characters that will always start with a '1' or a '3', and will usually be around 33 characters (34 in my case). Here's how to get your own bitcoin address account number and start accepting donations: download and install the bitcoin client software on your computer. Once you're up and running, you now have something akin to a live, active bank account on your computer, in the form of a bitcoin digital wallet that keeps track of bitcoin coming in and going out. You are now part of the bitcoin network. You can get free bitcoin here.

There are of course many other reasons, besides crushing guilt, atonement and redemption, for why you'd want to conceal your identity when giving money to someone. An editorial in the Riverside Press-Enterprise says it best:
Federal Judge Morrison England Jr. ruled in Sacramento that contributors to the campaign for Prop. 8 in 2008 should not be exempt from campaign disclosure rules. Prop. 8 supporters filed suit in 2009, claiming that releasing donor names behind the $43 million campaign would subject contributors to retaliation and harassment, thus chilling free speech. Prop. 8 made same-sex marriage unconstitutional in California, and is the subject of a separate, ongoing legal battle.

Hot-button issues can generate angry disputes and bare-knuckle politics, certainly. And no one should face intimidation and threats for political views. But the First Amendment guarantees free speech, not freedom from the consequences of speaking out. People who want to express strong views on public issues — even by way of campaign donations — should not expect any shield from objections by those who disagree.
We live in a world where donating to the wrong political cause, which also happens to be deeply unpopular in your area, may result in serious consequences to your business, your livelihood, your income, family, and may be a possible detriment to your social state and emotional & physical health. To make things more interesting, the Supreme Court recently ruled, by a narrow majority in Citizens United vs Federal Election Commission, that limits on corporate speech (i.e., money spent by corporations in furtherance of some political cause or in support of a political figure) are unconstitutional. So we also now live in a world where, at least for the foreseeable future, corporations, just like you, are entitled to their opinions, and are allowed to say what they want, within reason (more on this later). We live in a nation where money is speech.

There's nothing wrong with a point of view, unless that point of view can get you in trouble. Whether it be reporting a crime to the police, but fearing retaliation, blowing the whistle on corporate financial fraud, or saying something contrary to what everyone else believes, there is the idea in this country of your basic right to freedom of speech, but just watch what you say. A recent article by James Temple makes the point that:
The Federalist Papers, which sought to encourage ratification of the Constitution, were written under a pseudonym. Unidentified sources were critical to the Washington Post's Watergate scoops, and the New York Times' publication of the Pentagon Papers.

And the promise of anonymous speech online allows people dealing with disease, depression, sexuality questions and countless other life challenges to seek out information and support, without necessarily revealing their situation to bosses, ministers or parents.

"The United States was founded on the presumption that anonymous or pseudonymous speech was a part of civic discourse," said Michael Froomkin, professor at the University of Miami School of Law, who has written several papers on this issue.
Of course, there are limits to what you can say anonymously. If you publicly defame someone, or even imply that somebody in an official capacity has committed a crime, that person can petition the court to force the forum wherein you posted your anonymous comment to reveal your identity, so that person can sue you for libel or slander, as was reported last month in the Los Angeles Times:
The commentator, Almostinnocentbystander, had wondered on the newspaper's popular Huckleberries Online blog if $10,000 missing from the Kootenai County Republican Party might be stuffed in local GOP chairwoman Tina Jacobson’s blouse, prompting Jacobson to file suit against "John Doe" for defamation.

U.S. District Judge John Patrick Luster in his ruling Tuesday rejected the idea that freewheeling Internet commentators necessarily have the right to hide behind the 1st Amendment — not even under the special privilege that often attaches to newspapers’ anonymous sources.

“While the individuals are entitled to the right of anonymous free speech, this right is clearly limited when abused,” the judge wrote in his order, released in Kootenai County District Court.
...
Dave Oliveria, who administers the Huckleberries Online blog, took the comment down a little more than two hours after it appeared.

Still, he and attorneys for the newspaper argued in court papers that the ability to comment anonymously draws in readers and points of view that would be lost if everyone had to ‘fess up to their identities.

“It’s based on a belief that we have freedom of speech in this country, even if it’s anonymous, and people ought to be able to say what they want in whatever fashion,” Spokesman-Review Editor Gary Graham said in a telephone interview.
Should you decide to take a stand and support anonymous (or pseudonymous) free speech by investing in bitcoin, you can buy them by visiting an exchange like http://mtgox.com, or, if you don't mind paying a higher fee, you can buy your bitcoin with much less of a paper trail, and, should the mood strike you, get btc possibly faster, by using a service like http://www.bitinstant.com (you deposit money at a physical bank branch, and you get your btc about an hour later).

Freedom of speech! Just watch what you say.

--

A satoshi (0.00000001 btc) is the smallest amount a bitcoin can be divided into, and this is the QR code of my own aforementioned personal bitcoin address:

Tuesday, July 31, 2012

Burger King Bacon Sundae Reportedly Causes Marital Discord in Muslim Couple, Fight at Restaurant

On April 17, a person identifying himself as Dave from Newark called the Len Tillem show, with a rather incredible story: he was in the employment of Burger King, promoting their new Bacon Sundae, when he was assaulted by a man. Dave then claimed he was subsequently fired by Burger King, and to add insult to injury, Dave was now being sued by the same man who assaulted him:
About 2 months later, June 14, Burger King formally introduced its new Bacon Sundae, and news of the introduction reminded me of this call. I tried to find out more about this purported incident, and discovered an apparently real Facebook user, by the name of Casey Foster, commenting on Dave from Newark with a degree of certainty and authority, indicating that the call was fake:
Casey Foster on Facebook
Now, Casey Foster's claim that the call was a joke could be false, and not necessarily because the man is a bad actor or acting maliciously; Casey's information could be incomplete or simply inaccurate, leading him to believe in a conclusion based on incorrect assumptions. Which brings us back full circle: is this story true? The jury is still out. Either scenario is plausible: someone who has a dietary restriction on pork for religious reasons might become very upset if this stricture of faith-based adherence has been violated, even unknowingly. People who like to play pranks sometimes successfully insert themselves into media events covered and broadcast by radio, television or newspaper, and the payoff is they become the topic of Internet chatter. Or the story could be fake, but the motivation may be more than the satisfaction of some joker, but that Dave from Newark could be part of a clever product placement or guerrilla marketing campaign, paid for by Burger King.

Whether the story comes from a credible witness or not, we have to be aware of the real possibility that a news story can be manufactured. A recent example of fake news making its way into the global consciousness came from the LA Times, published on May 10, 2012:
On May 1, The Times and a number of other media organizations followed the outrageous story reported in a British newspaper of a vengeful dentist in Poland who pulled out all of her ex-boyfriend’s teeth
...
Unfortunately, MSNBC.com reported Wednesday, the story was a hoax.

MSNBC did some digging into the story and found:
  • Police in Wroclaw, Poland, had no record of such an incident.
  • Poland’s Chamber of Physicians and Dentists also had no record of any such incident, nor of the dentist named in the article.
  • The Daily Mail could not recall where the story came from.
  • And the American Dental Assn. said [that] such a case was highly improbable.
MSNBC (now NBC News) reports that the source of the news story, the Daily Mail, provided the following non-explanation for how an unverified story became world news:
The article, which has been shared on Facebook more than 75,000 times since it was published on April 27, appears under the byline of staff reporter Simon Tomlinson.

But Tomlinson said he does not know where the story came from and distanced himself from it when questioned about its origins.
"I've drawn a bit of a blank," he said in an email. "The (Daily) Mail Foreign Service, which did the piece for the paper, is really just an umbrella term for copy put together from agencies. My news desk isn’t sure where exactly it came from."
Beware of fake news!

Saturday, June 30, 2012

How to Retain, Save, or Migrate Your Bookmarks When Upgrading Tor on Windows

As of Tor Browser version 4.02, I was able to upgrade to version 4.03 today (January 16, 2015) through an in-browser clickable notice, which also allowed me to restart Tor. Afterwards, all my bookmarks were automatically imported. However, below are the instructions in case you wanted to import bookmarks the way you did before.

So now that you can use Tor to bypass paywalls on websites that have metered content (though I encourage you to pay your fair share to media organizations like the LA Times that are doing a great deal of social good), we will discuss how, on Windows, you can retain, save, or migrate your bookmarks, when upgrading Tor on Windows. You can use Tor to browse the web anonymously, maintaining your privacy and keeping your online activity hidden from despotic governments and intrusive corporations. "I'm not doing anything wrong, so I have nothing to hide." True, although most of us would not welcome indoor cameras in our homes, because as your home is your castle, your own home computer should be your castle.

From participating in and reading online discussion, I've gathered that the method we're about to detail below cannot be applied to Tor installations on Mac and Linux operating systems. For now, the following process should work on Windows only.
  1. Soon as you see "HOWEVER, this browser is out of date" (or in previous versions, "there is a security update available for the Tor Browser Bundle"), download the new package. Henceforth, the Tor installation that you plan to replace will be the old, and the Tor installation that contains the latest fixes and security updates will be the new.
  2. In your old Tor folder, there is a folder containing your valuable bookmarks information. On Windows 7, if you're upgrading Tor version 3.6.6 to Tor version 4.0, the old Tor's places.sqlite file will be in:
    Tor Browser\Data\Browser\profile.default
    If you're upgrading Tor version 2.3.x (and earlier) to Tor version 3.5.x, the old Tor's places.sqlite will be in
    Tor Browser\FirefoxPortable\Data\profile
    Inside this folder, identify the file named places.sqlite and place it on your desktop by copying the file and pasting it onto your desktop.
  3. Navigate to the location containing your old Tor folder, and move the entire folder containing your old Tor into a temporary location, such as your recycle bin. Do not permanently erase the old folder just yet, until you've confirmed that the new Tor works. You may want to keep the old Tor around in case the new Tor doesn't work correctly on your computer (more on this later).
  4. Once you've moved the old Tor to a new location, download and uncompress the new Tor folder, and place it on your desktop
  5. Inside the new Tor folder, click to run Start Tor Browser.exe
  6. Once the new Vidalia is open, running, and has notified you that you are connected to Tor, wait for the new Tor browser to open up automatically. Once it has done so, immediately close and exit the browser and Tor.
  7. In step 6, what we did was run for the first time a brand new instance of new Tor. New Tor created a new default bookmarks file. By exiting new Tor, we are now able to replace the new Tor's newly created default bookmarks file with your old Tor's bookmarks file. Navigate to the location where your new Tor's default bookmarks file is stored. New Tor's places.sqlite file will be in:
    Tor Browser\Browser\TorBrowser\Data\Browser\profile.default
    Once you are in your new Tor's "profile.default" folder (in Tor 2.3.x and earlier, you will be in the "profile" folder), confirm that there is a file called places.sqlite. You are going to replace the new Tor's places.sqlite with the old Tor's places.sqlite.
  8. Locate the places.sqlite file that you had copied and previously set aside from your old Tor, which should be on your desktop. Copy the places.sqlite file from the old Tor into the "profile.default" folder. Confirm that you want to replace the new Tor file with the old Tor file.
  9. Navigate away from the "profile.default" folder window, to the "Tor Browser" window, and click to run Start Tor Browser.exe. Wait for the new Tor browser to open up, and you should now see your old bookmarks.
As an aside, I have been confronted with how buggy Tor on Windows can be. To this day, I still haven't been able to figure out the root of a problem I encountered when upgrading Tor, but I have devised a workaround.

I'm currently running tor-browser-2.2.35-13, I attempted to upgrade to tor-browser-2.2.37, and was met with the following:

Tor Browser_Vidalia  was unable to start the configured web browser
Vidalia was unable to start the configured web browser
Vidalia is the graphical controller and view of Tor's connections and settings. Startled and confused by this weird message, I get the sense that, for some unknown reason, tor-browser-2.2.37 just doesn't work for me. I decide to download and install the next level up, tor-browser-2.3.12-alpha-2. Everything seemed to be going ok, up to Vidalia starting and telling me I was connected to Tor. The next step was for the Tor browser to automatically pop open on my screen, but it never did. All that would happen was that Vidalia would run, but the Tor browser never appeared or opened up. I assumed this was because there was a bug with the alpha release, so I attempt to revert and go back to my last known working version of Tor Browser Bundle, 2.2.35-13. This time, when the Tor browser opens up, instead of the familiar message "Congratulations. Your browser is configured to use Tor.", I now have a new problem:

Tor Browser_proxy server is refusing connections
The proxy server is refusing connections

Firefox is configured to use a proxy server that is refusing connections.

Check the proxy settings to make sure that they are correct.
Contact your network administrator to make sure the proxy server is working.
Whiskey. Tango. Foxtrot. Maybe I should go into Windows Registry and remove all traces of Tor. In regedit, I deleted all registry keys I could find after searching for
Tor Browser, tor-browser, tbb, tor, vidalia
Presumably, I had wiped the slate clean, and could reinstall Tor like I was installing Tor for the first time. I again tried the last known working version of Tor. Darn, no go! I got the exact same "proxy server is refusing connections" messages as before. I then decided to abandon Tor Browser Bundle, and try to install Tor on Firefox. In an act of desperation, I tried installing TorButton for Firefox, even though this is no longer in active development. This was to no avail, because I got the same messages; in fact, what I ultimately did with Firefox was erase my Firefox tabs and wipe out all the cookies I had accumulated. I then tried to install Tor on Google Chrome, and again got the same "proxy server is refusing connections" messages. To my utter shock, I had run out of ideas and had no working Tor browser on my computer, and had no clue even what the problem could be or where to go next. At a definite low point, frustrated, preoccupied, I kept fiddling around, until I hit on a bit of luck. Recall that I had three different "Tor Browser" folders from the installation packages for 2.2.35-13, 2.2.37-1, and 2.3.12-alpha-2. Keeping them all straight was a hassle, so I simply relabeled my last known working version as "Tor Browser, last known working, now broken". This was 2.2.35-13. Out of habit, I clicked on Start Tor Browser.exe, and lo and behold, Tor was working again! As an experiment, I went to the "Tor Browser" folder for 2.2.37-1, and simply changed the name of that folder, from "Tor Browser", to "Tor Browser_a". That worked too!

In conclusion, your inability to connect to Tor, signified by the "proxy server is refusing connections" messages, can be overcome if you simply rename your "Tor Browser" folder to another name other than "Tor Browser". For me, I renamed it simply "Tor Browser 2.2.37-1" and now I've got working Tor with all the latest security updates.

So what is the root of the problem? Given that I had gone into my Windows registry, and tried to remove all traces of Tor, I am at a loss. Frankly, I don't have the patience or the motivation to delve into and figure out the problem. My best guess is that something happened with Tor, Windows, or the interplay between the two, that has Windows associating the folder C:\Program Files (x86)\Tor Browser\ with a defective version of the Tor protocol. Even going into Windows registry and trying to remove all traces of Tor seems to be of no effect.

Once I got Tor working again, and figured out the workaround, was the moment where the Pope gets off the airplane and bends down to kiss the ground.

Update: Since filing an official bug report, I have been in contact with a Tor developer, who told me that the problem of seeing the message "Vidalia was unable to start the configured web browser" can be avoided if you make it part of your routine to store your Tor folder on your desktop, instead of in C:\Program Files (x86):
Only installed applications go in C:\Program Files (x86). The Tor Browser Bundle is self-contained and does not actually install itself onto your computer, it just runs whenever you click the Start Tor Browser.exe icon. If you run Tor from the Desktop, then you should not have any problems with Vidalia not being able to start the browser - now or when you upgrade.

Thursday, May 31, 2012

how to get past the LA Times paywall, and why you shouldn't

About two months ago, the LA Weekly published a fairly comprehensive report on how to avoid the dreaded non-porous Los Angeles Times paywall. There was one glaring omission in the LA Weekly story, and I hope to correct the oversight here: anonymous browsing through the Tor web browser bundle. The Tor browser bundle (henceforth TBB) is based on Firefox 17, and once downloaded and installed, it will allow you to surf the LA Times, or the New York Times, or any other metered news media site. When you see the LA Times paywall, go to your Vidalia Control Panel, and click "Exit". Then restart your Tor browser. The steps you have to take to avoid the paywall are a bit of an annoyance, but I use Tor whenever I want to read the LA Times.

One caveat: for security reasons, the Adobe Flash Player plugin is not included in TBB. Adobe Flash is used to transmit much of the web video on the LA Times, and on many other news sites. Besides being resource hungry, and prone to crashes, Adobe Flash also has a hidden way of handling cookies that could pose a threat to your anonymity by storing and revealing your IP address. If and when I want to see a video when reading the LATimes, I copy the URL and switch over to a browser like Firefox, Google Chrome or Internet Explorer.

What is tor and why should you browse anonymously? Because you may not want the government, corporations or even the people around you, close to you in your life, to know what you've been doing online. I am far from a conspiracy theorist, but if your parents, siblings, teachers and legal guardians can snoop into your life as a juvenile, the government and corporations certainly can do the same to you as an adult, and with much more profound consequences, including jail or harsh media scrutiny. Tor stands for The Onion Router, and was originally created by the US Navy to help web browsers maintain their anonymity. According to Wikipedia, since 2002, a diverse base of organizations have financially contributed to the development of Tor, from the Electronic Frontier Foundation, the National Science Foundation, and the US State Department. Because TBB users can maintain their privacy, dissidents living under repressive governments in Iran, Egypt and China can be online and essentially invisible from the prying eyes of those who would want to arrest and jail them for simply voicing disagreement with government policy. But just as agents of the government can use their position to abuse their power, so can journalists, and recent investigations by the UK government into the dealings of Rupert Murdoch's News Corporation show that Mr. Murdoch's News of the World hired private investigators to follow newsmakers, such as politicians and celebrities but also everyday people caught up in the media glare, and News of the World journalists routinely hacked into the telephone voice mail boxes of people who appeared in popular news stories and listened to their voicemail messages. Full disclosure: you're obviously reading my blog, which makes me, in a sense, a member of the press, and I firmly believe that the news media serves as the fourth estate, and a vital check to the executive, legislative, and judicial branches of government. One recent LA Times exclusive that springs to mind is the case of Bruce Lisker; the Los Angeles Times was the last hope for this teenager who had spent 26 years in California state prison, and who was finally released in 2009, when he was 44. Mr. Lisker had been convicted of the murder of Dorka Lisker, his adoptive mother, but a private investigator hired by Mr. Lisker, in conjunction with a Los Angeles police detective, Sergeant Jim Gavin, in LAPD Internal Affairs, uncovered evidence of malfeasance and wrongdoing by the original investigating officer on the case, who may have manufactured evidence (and concealed exculpatory evidence) in order to obtain, and maintain, a guilty verdict. The paper trail that the P.I. and Internal Affairs officer uncovered could have granted Mr. Lisker at least a new trial, but Sergeant Gavin was told by his superiors to prematurely end his probe and inquiry, and all would have been lost for Mr. Lisker were it not for an idea that the two men had to go to the press, which resulted in an LA Times report.

If the price of being human is we have to live in human society, then we have to come to terms with the idea that the government and media can hurt you, as well as help you. That said, journalists are people too, prone to the same failings that all of us are, especially the temptation to abuse your position to carry out and maintain an injustice. As a defensive measure, we the news consumer must be very cautious of being the targets of overreach by government and media corporations trying to find out too much about us. Enter Tor. Tor obscures your IP address, and doesn't save cookies, or keep any trace of your history, or the links you visited, past you closing your current browser session. This can be wonderful when the LA Times has a very strict limit of 15 pageviews per month, or when visiting another news site like the nytimes with its porous paywall.

If death and taxes are something all of us have to face, then those of us who consume the products of the media might also want to give to the media. You should feel good about supporting an organization like the LA Times that not only pays its journalists to do the hard work of watching The Gangbang Girl 32, its reporters also uncovered the Bell, California story of the city manager who paid himself an annual salary of $787,637. Los Angeles Times journalists sometimes take great risks to give us profound stories that change our lives, but a journalist needs to eat. If you believe that a vibrant and free press serves as a check to government, then it's important that you give of yourself to an organization that's asking you for some change.

Saturday, April 28, 2012

Why Writing Tests is Fundamental to Computer Programming

A typical day in the life of a student of life involves trying to gather information about whether what a person says about himself, and our own ideas about that person, are accurate. One simplistic example involves getting a sense of a person's experience and background in the hard sciences by presenting the following word to him or her, without alerting the person that they are being put on the spot:
unionized
Most people might see the word union-ized, but a high school or college student who has spent some time with the periodic table, or someone in a laboratory, working with protons and electrons, would know about the tendency for some atomic elements to gain or lose electrons to other atomic elements, according to an atom's orbital shell; they might see the word as un-ion-ized. A person who works with her hands, or perhaps a labor law paralegal, who has experience in workplace discrimination or worker injury cases, or who served as a mediator in employment contract negotiation, may see union-ized. If a person says he is a chemist, and, in an unguarded moment, immediately sees and pronounces the word as union-ized, then you may be dealing with somebody who may be less than what he says. If a person says he is a community organizer, and pronounces the word as un-ion-ized, you may be dealing with someone who may be more than what he says.

Students of life that we are, you should already know much about studying for and taking tests and quizzes against a clock deadline, with observers making sure you have no unfair advantage, and the numerous assignments, problem sets, term papers, group projects, oral reports and other homework required of you at educational institutions, for which you then receive a score, grade or mark for your efforts. The American education system administers standardized PSAT and SAT or ACT tests in reading, writing, and math for students on the college track, which give you an idea of how well you performed answering verbal and quantitative questions in a controlled setting, in comparison with your peers. The people who paid for the test systems to be created and administered get an idea of what you know and whether you know how to use what you know to solve problems.

Whether you like it or not, you need to make space in your life for tests, either testing other people or being tested yourself, so that you're always subjecting your assumptions to scrutiny, making sure that the model of the world you have in your head corresponds to reality. In this way, you help decrease the probability of encountering unpleasant surprises in your daily work that could affect your life in a profoundly negative way. In 2002, Kent Beck introduced his book Test Driven Development, suggesting that the proper way to write computer programs was to begin not by writing code, but by writing a test for what you expect the code to do. Let's say you wanted to write a computer program that helped you pick lottery numbers, let's say for a large Mega Millions jackpot. Here are some expectations you demand must be met, or your code is no good:
  • There should be a total of six numbers
  • The first five numbers should include or be between 1 to 75 (formerly 1 to 56)
  • The sixth number should include or be between 1 to 15 (formerly 1 to 46)
  • Out of the group of five numbers, none of the numbers should be the same as another in the group
If your computer program code has failed any of the tests, then the code must be changed until it can pass the test. If all the requirements are met, then your code is passing all the tests, and you can move on to writing the next test, which might involve figuring out which sets of numbers are winners, or picking numbers for a different lottery game, perhaps the Fantasy 5, or Daily 3, and so forth.

In essence, writing a test involves first setting a minimum standard for your code that must be met, then writing your code and seeing it pass or fail. Writing the test first may seem silly (it certainly did to me for the longest time, and frankly, it sometimes still does), but the idea is that if you begin by writing code, you can spend hours and days optimizing and improving some piece that is not important; you should really be getting into the discipline of ensuring basic functionality is up and running (you can always make your code more terse, elegant and abstract when necessity demands). You want to prevent yourself from getting distracted from the main goal, which is to publish a basic, working prototype. Initially we wanted a way to generate numbers for a specific lottery game, but then we wanted numbers for different lottery games, and to figure out which number sets were wins. As your desires expand and grow, what was a simple computer program becomes more of an involved project, and quickly the program can become an application that is the foundation for a business or enterprise that might involve other programmers who want to look at and change your code. As your codebase grows, it becomes more complex and much harder to maintain, simply because what was once a simple computer program is now doing much more, and depends on more technology, written by other people, that is out of your control, and you may need to have people look over and touch your code. Writing tests first is based on the assumption that, in the long run, untested code requires much more time spent poring over and fixing puzzling bugs, than if you had done the hard work upfront. If your code is not supported by tests, you may have a greater probability of encountering a showstopper, i.e., some hard to find, unexpected problem in your system that prevents you from moving forward and releasing improved versions of your software in a timely manner.

One caveat: writing tests first is hard, perhaps more difficult than writing code first. There is the argument that if you start by writing tests, setting an expectation for what you want to see your code do, you can improve the design, and readily determine what are the essential pieces, and how you want to organize your code so that you can get a better idea when something goes wrong.

In closing, a recent PBS NEWSHOUR story really brought home to me the message of how important it is to create a system that is easy to maintain. A woman who has worked in Africa understands the problem of women dying in childbirth due to lack of light in maternity wards. Her husband, in response, designs a solar lighting apparatus that is portable:
Developing countries are a graveyard of well-intentioned technologies from the First World.

SPENCER MICHELS: Environmental engineer Ashok Gadgil has been consulting with WE CARE Solar. He developed the Darfur Stove that has revolutionized cooking in the developing world. And he's a senior scientist at the Lawrence Berkeley National Laboratory.

He says he's impressed with what he's seen so far, but he says if Stachel and Aronson are to succeed, they must address how the system will be maintained over the long term.

ASHOK GADGIL: No single technology, no single piece of machinery has infinite life. When one wants to introduce a technology into society, it needs social placement. The technology needs links and threads that connect it to a Web of experts or spare parts dealers or maintenance people or diagnostic technicians which will keep it going.

SPENCER MICHELS: How do you know that, after a year, this thing isn't going to get rusted or break or whatever?

Watch 'Solar Suitcase' Sheds Light on Darkened Delivery Rooms on PBS.
See more from PBS NewsHour.

Friday, March 16, 2012

Fight Your Red Light Camera Ticket, and Win!

Last Friday, my long battle against a red light camera ticket I received back in 2010 finally came to a positive conclusion. The ticket I received in the mail was a formal statement of the government's allegation that, on June 1, 2010, I made a rolling right on red, i.e., I didn't come to a complete stop before making a right turn in my vehicle. The problem is, no actual police officer was there to witness the incident, and the only purported evidence showing I had violated the law were photographs and video recorded by cameras operated by a for-profit corporation, Redflex Traffic Systems.

So, last Friday, when I showed up promptly for my 2pm hearing in Superior Court, and walked into the Department 1 courtroom, there was almost no one in the room, and you could have heard a pin drop. I saw two women in their 30s standing, huddled over a ledger, and I surmised they were courtroom staff. One of them asked me for my appellate court case number, and after she confirmed I was on the docket, I took a seat. Another male, about my same age, soon walked in, and apparently he was also there as a defendant for an appellate hearing. We four, the only ones in the court room, were soon joined by another woman, who also appeared to be courthouse staff, and who told me she would speak with the judge, as there was apparently a mix-up, as I was listed on the docket as not wanting to give an oral argument, even though I had expressly requested in writing that I wanted to speak at my hearing. This woman, who seemed to have the ear of the judges, left the room, then reappeared and confirmed that I would be on the docket for oral argument. Soon the appeals panel appeared, and we all stood for Justices Jon Tigar (presiding judge) and Gloria Rhynes. Normally, there are 3 judges on the panel, but one justice, Jacob Blea III, was absent that day. The entire proceeding lasted at most 15 minutes. Judge Tigar, who spoke on behalf of the appeals court panel, first called the other defendant's case, which I had overheard the women say was also a traffic matter, and Judge Tigar said that charges would be dismissed. He then called my name, and I walked up to the table and stood. Before I was able to utter a word of my prepared oral argument, the judge said that they had reviewed my case, and the charges against me would be dismissed, because hearsay was introduced as evidence. The judge asked me if that was alright, to which I replied, "Oh, very much alright, your honor." That was that, and I left right after.

Today, I received in the mail the following letter:
People of the State of California vs Thuon Chen

The judgment of the trial court is reversed 3-0. Similar to the affidavits held inadmissible in Melendez-Diaz v. Massachusetts (2009) 129 S.Ct. 2527, there was no live testimony by any person involved in the production of the Redflex Traffic Systems court Evidence Package (the "Redflex Packet"). Because the defense was not able to freely and adequately cross-examine the testifying witness on any of these issues, and because the absence of witness who could have testified as to the facts underlying the Redflex packet, Appellant's Sixth Amendment rights were violated, and the judgment of the trial court below must be reversed.

Remittitur to issue.
If you decide to fight your ticket, you will find that your experience in appeals court is a marked contrast to traffic court, which is much more crowded, especially at arraignment. Lots of people are there to tell their stories, when the judge (or more likely a commissioner, which Len Tillem likes to say is usually a lawyer who likes to wear a robe and hear people address him as "your honor") really only wants to hear how you plead. Your traffic court trial is where you can sit in on other people as they face the judge and the police officer. Most of the defendants at trial are not prepared and are hoping and betting on an officer not showing up to testify against them. The probability is high that a police officer will be present at your traffic court trial, because the police get paid to be there. What's funny (I'm sure it gets old for the presiding judge very quickly) is that when the police do show up, very often the defendant makes weak, anecdotal arguments, essentially pitting the defendant's testimony against the testimony of a sworn officer of the law. The judge is much more likely to believe what a police officer has to say. While doing research for my case, I got the sense that traffic court judges are like the hanging judges, that is, the police write the tickets and the judges collect. It's not until you, as the defendant, appeal your traffic case to Superior Court that you have a chance to make an argument before a receptive audience of jurists.

Here are the step by step instructions on how to fight your ticket and win. If a police officer actually saw you run a red light, you may be out of luck (unless s/he doesn't appear at your trial, which is unlikely). These steps apply to any traffic case where the only evidence used to charge you with a crime are recordings made by cameras operated by a for-profit corporation. Many municipalities, in addition to red light cameras, may also use traffic camera systems to collect evidence to charge people with exceeding the posted speed limit, or not coming to a complete stop at a stop sign:
  1. Ask yourself if you have the wherewithal, the time, and the motivation, to make numerous appearances in court. If you don't want to pay the ticket, you either have to hire a lawyer, or invest a lot of time learning how to do this on your own. You will need to set aside hours to do research, collect your arguments, and put together the documents you need to jump through the hoops in traffic court. This means going to your arraignment, and asking the judge to schedule a motion hearing; in the event your arraignment judge does schedule a motion hearing, you will need to attend that hearing, with a copy of your motion in your hand, as well as a prepared oral argument; and of course, you will need to attend and argue at your trial.
  2. Given that many towns, cities and states are in poor financial shape, the arraignment judge is not likely to honor your request and schedule a motion hearing. But if s/he does, you want to request that the municipality where you are alleged to have violated the law give you the best representation of the evidence that will be used against you, which are the full resolution photos and video. In a previous blog post, I detail my exploits in traffic court, how I asked the traffic court commissioner numerous times, in a total of three arraignment appearances, to schedule a motion hearing for me, to no avail; how the commissioner got so exasperated with my asking for a motion hearing at arraignment that he demanded I enter a plea, to which I replied "not guilty", and so the matter was set for trial.
  3. If you attend all of your scheduled appearances at arraignment, the judge may release you on your own recognizance, i.e., not require you to pay bail in the amount of the fine. To my surprise, at my traffic court trial, Redflex Traffic Systems even sent their co-custodian of records, Sarah Rutherford, as a witness to testify against me. However, you are allowed to cross-examine even surprise witnesses, and her answers, or lack of answers, to your prepared questions can be used in your appeal. These are the questions I asked of the two people who testified against me during my trial (The first witness was the police service technician, and the last two questions were directed by me only to the Redflex co-custodian of records, in an effort to show that she is not an agent of the government, and because she is an employee of a for-profit corporation, her testimony in your trial does not hold the same weight as the testimony of a police officer):
    • How many technicians at Redflex were assigned to process Emeryville cases?
    • Who were the technicians who created the system for Emeryville, and who installed it?
    • Who were the technicians who reviewed this particular violation?
    • With regard to my case, was the photographic and video evidence recorded by Redflex originally in digital or analog form?
    • If the evidence was recorded digitally, what are the typical sizes of the photos and video please, in bytes and in resolution?
    • Have you had any federal, state or local police training?
    • What is the physical location of the computers that store the high resolution photos and video that are being used as evidence against me in my trial?
  4. After you are found guilty, the judge will order you to pay your fine. In a previous blog post, I instruct you on how to ask for a stay of judgment after you've been found guilty, so that, while you appeal your conviction, you don't have to pay the fine.
  5. You will have to develop a thick skin, because the judge who was present during your arraignment may be present at your trial, and may very well be dismissive of your arguments. S/he may even not-so-secretly hate you for wasting her time, when she has the photos and video showing someone, who looks a lot like you, appearing to violate the law.
  6. In a previous blog post, I instruct you on how to appeal your red light camera case after you've been found guilty.
Thanks to Jim, editor of highwayrobbery.net, for his correspondence and help, and for supplying me with actual digital copies of:
  • the motion to compel a municipality to either provide me with the best evidence, or else preclude the evidence that would be used against me during trial
  • the motion to stay the judgment
I also got quite a bit of help from Fight Your Ticket & Win in California. Fight Your Red Light Camera Ticket, and Win!

Update: After you prevail in your lengthy court case fight, you may still notice an increase in your automobile insurance premiums when it's time to renew, based on the state DMV records your insurance company receives showing you were found guilty in traffic court because of traffic camera system evidence. This is despite the fact you fought long and hard to get the original traffic court conviction overturned on appeal. What your insurance company needs from you is proof from the DMV that the traffic court conviction was dismissed. This is a two step process:
  1. Bring the proof your conviction was overturned in appeals court to your local traffic court clerk, and ask that this information be sent to the state DMV headquarters (in California, DMV headquarters is in Sacramento). My local traffic court clerk then went into the back, presumably spoke to someone or perhaps she herself had access to the court computer that talks to the DMV computer, and she came back and told me the dismissal had been sent to the DMV and my record had been cleared.
  2. Your insurance company will want an updated copy of your driver record (some call it a "DMV abstract") faxed or mailed to them. In California, you can get a copy online for $2 by printing it out from your web browser at
    http://www.dmv.ca.gov/online/dr/welcome.htm
    Or, time permitting, you can schedule an in-person appointment to confirm with the DMV representative that the conviction has been removed, then ask to get a copy of your driver record as a DMV printout that comes with an official seal. This cost me $5.

Wednesday, February 29, 2012

Gay Sheriff? I care less! I could care less, but I couldn't care less.

A recent Associated Press story, reporting from Arizona, on the coming out of Pinal County Sheriff Paul Babeu at a news conference included an interesting phrase I had not heard before, coming from a supporter of the sheriff, who was trying to reconcile the sheriff's public statement of homosexuality with the supporter's own traditional conservative Republican hardline stance on God, guns, and, yes, gays:
Consider the comments of Bill Halpin, a 64-year-old ex-Air Force pilot who serves on the local tea party board: “I care less. I just care less. Don’t preach it on me. Don’t push it on me and, by golly, I respect your rights.”
I care less, full stop. An interesting standalone phrase, used to express a devil-may-care attitude, perhaps even a professed dismissive nonchalance, with the hint of a barbed defense, on the speaker's part. While this phrase was new to me, I have certainly heard of other phrases people use to express a similar sentiment: "I could care less", full stop. Or "I couldn't care less", period.

Is "I care less" related to the aforementioned two phrases? They all seem related, and it's even possible one came before the other before the other, rather than they all arose at about the same time; "I care less" could be a clipped or shortened form of "I could care less", which could be a clipped or shortened form of "I couldn't care less". Those who are into the origins of words or phrases know that the Oxford English Dictionary does the work of tracking down the first recorded instances of a word or phrase being investigated, but I have not performed the necessary etymological research to reach an informed conclusion. While it's possible that "I couldn't care less" came first, and after some time "I could care less" arose and became widely used, and now, we have "I care less", the focus of my piece will be on how "I couldn't care less" and "I could care less" are used to express the same sentiment. Upon first encounter, an audience of one would be right to reach the conclusion that a literal interpretation of the two gives one the sense that they seem to convey two entirely different, even polar opposite, meanings.

A common saying about the entertainment industry in Los Angeles, in Hollywood especially, is that no one ever says no: "In this town, they kill you with yes." The idea is, anyone you meet could become very popular, accomplished, esteemed, powerful, rich, and in an enviable position. On the road to success, particularly in movies, television and music, but also in the related creative fields of fashion, photography, design, culinary arts, writing, and performance, there are few, if any, rules, and many exceptions, to making it big; the person who you very pointedly say no to today, who you offend with your rejection, in whose face you shut your door, that person may become a star overnight, and tomorrow, is in a position to say no to you. So, because people are social animals, even if you mean "no", you always say "yes":

Judy Greer and David Duchovny_The TV Set (2006) from Thuon Chen on Vimeo.

A similar thing may be happening in the brain with "I couldn't care less" and "I could care less". My immediate reaction to your proposal may be, I do not like your idea or even think it will work. Since the spirit of the times is, people don't ever want to burn bridges, I want to take the potentially dangerous step of rejecting something that you seem invested in, without seeming to do so. While "I couldn't care less" may be technically correct, and how I really feel, the problem is, it's too harsh. So instead, I say, "I could care less"; the idea being communicated is "I care, enough that it's quantifiable, and in fact, the amount of concern I have is distant from not caring at all", advancing the idea first that I, as the speaker, care, and once you see and hear the train of "yes" roar through, the engine is followed by the caboose, that, perhaps, the speaker might not care at all, or at least, not as much as you, as the listener, do.

It's certainly an idea, but I'll admit it's a little far-fetched. Usually, a person's face and body are contorted a certain way, or, in the heat of the moment, the shaking of the head, the look of defiance, the surrounding words, the unspoken information, all reveal and reinforce the speaker's true thoughts when exclaiming "I could care less" on a topic, so the idea that omitting the "n't" sound at the end of "could" is a believable way to spare a person's feelings seems a bit of a stretch. So here's another way to understand why people would rather say "I could care less" than "I couldn't care less". They really could care less! When it comes to using contradictory phrases to mean the same thing, I maintain that this practice is closely related to how people interchange "I couldn't give two bits", or "I could give two bits", or in the comfort of your home, among familiars, sometimes you may use coarser language to express your relative unconcern: "I couldn't give two [censored]", or "I could give a [censored]".

Thus, a final try to understand this phenomena of hearing someone say, "I could care less," or even "I care less", when he or she means "I couldn't care less" is, because the speaker is really saying what he or she means, but in shorthand, and, crucially, with the listener in mind. "I could care less" means "I could care less than how much you apparently think I should, but I won't even make an effort to, because I don't care at all." "I care less" means "I care less than you think I should care." Verbal shorthand is when, to save time, you substitute a shorter word or phrase for a much longer and unwieldy one, or, getting back to the first point, in order to save someone's feelings from getting hurt, verbal shorthand can be when you substitute a fuzzier, less clear word or phrase for an unambiguous one. Sometimes, this verbal shorthand uses a substitute that is the exact opposite of what you mean to say. So, in essence, the speaker seems to literally say "I care", but the message of "I don't care" is understood by the listener and the speaker.

By this time, our overly long discussion on language minutiae perhaps has you caring even less than you thought you could've possibly cared. I can tell by you glancing at your watch and tapping your foot that you couldn't, or could, care less. In that case, let us end with the immortal words of Green Day's American Idiot, "I don't care if you don't care."

Monday, January 30, 2012

Occupy a Tea Party From the Cloud

Imagine you are going to a genteel scone and crumpets breakfast party in the English countryside. In another time and place, to be invited to such a gathering would have meant you had arrived, as they say, into the society pages. "Anything less would be uncivilized," you might utter, with your pinky finger sticking way out in the air, as you and your gentle friends titter over tea and biscuits and contemplate a jaunt to the opera. You are uninvited, but you still want to go, so you invite yourself to the gathering, knowing there are others like you in support of a planned assembly, a rally of sorts, even a demonstration of your numbers, and your attendance is part of a larger uprising and community movement. Before, during and after the event, you post and look at pictures and video, text, tweet, maybe facebook or google search, chat, email, all this in support of your common goal, to non-violently disrupt business-as-usual, and pleasure-as-usual, in the layers of society that seem to you unbearably hardened, even calcified. In preparation for the protest, you and your ever growing society hang out and chat in-person, then use your laptop and notebook computers, tablets, cellular phones, smart phones and PDAs, to form your own network of friends, to create a buzz and attract more people, and on the day of the event, you print out maps and directions, see what other people are doing and tag along, and before you know it, you've used the Internet and mobile phone network (collectively called the cloud) to plan, collaborate, share, publicize, attend, rally, demonstrate, and afterwards, document what happened, learn from others, and possibly prepare to organize and make the announcement to occupy another location.

About a year and a half ago, the author Clay Shirky gave a talk on cognitive surplus, "the shared, online work we do with our spare brain cycles. While we're busy editing Wikipedia, and making LOLcats," he argues, "we're building a better, more cooperative world." Clay states that people want to consume, but also we like to create, and sometimes we want to share. He relates the story of a woman in Kenya who found, in the midst of a disputed presidential election, that there was an outbreak of ethnic violence. In her blog, she solicited from her commenters more information about the dangers inherent in any succession of power in human society, and what areas to be mindful of, depending on who you were. She collated and posted the information flowing in, but there was so much data coming in, it became way more than one woman could manage. She asked if there was a way to automate the process. Two programmers saw her plea for help and, in 72 hours, launched ushahidi, which means witness or testimony in Swahili. This application very simply takes reports from the field, i.e., from the web, or mobile phones and sms, aggregates those reports, puts it on a map and makes it public. The app spawned a social push which became known as crisis mapping. Enough people found ushahidi valuable that the programmers decided to make it open source and turn it into a platform. The number of deployments of ushahidi went from a single idea and implementation in Kenya, to global reach, in less than 3 years. Cognitive surplus, then, can be the ability of the world population to volunteer, contribute, and collaborate on large, sometimes worldwide, projects.

In his talk (below), Clay Shirky states that civic value is when something is created by the participants, but enjoyed by society as a whole; when something is enjoyed just by the participants, that would have only communal value. When the Occupy Wall Street movement was getting started in New York, one of the first things the group did was put, at the top of their website, a link to the software platform that the participants used to consume, create and share. The idea was, should the movement catch fire (and how!), Occupy groups in other cities could download, install, deploy and begin their own geographic base of online operations. Github is where the occupy movement and ushahidi store their repositories, which contain the master copy of the project. Anyone in the world, on their own initiative, can download and install the software built from the master code, On a computer with a connection to the internet, you can soon host your own city chapter. You can contribute to the technological platform you downloaded by helping people get connected and stay more involved towards a common goal. For those who have spent enough time thinking about and using a tool, suggestions for improvement or features come to mind, such as adding the ability to show live video, or to display content in a specific language, or to give some users more or less responsibilities and privileges. If you make a change to your local copy, such as fixing a mistake, those improvements can be merged into the master code, and the communal becomes civic.

But that is all really big picture, so let's bring it back to the day to day life each one of us leads. How does this all apply to me? As we start in on 2012, what gets me out of bed in the morning is getting more users. I am here, and at your service. Last year, I had a goal of creating 2 blog posts for every month, which worked out well; now my new year's resolution is to make an app and host it on github, and to show you how to do it.

With the Tea Party, Occupy, the Arab Spring, and the demonstrations led by a Russian blogger Alexei Navalny against Vladimir Putin in Russia, it seems protest is in season.

Here's the link to the page with the video:
http://www.ted.com/talks/clay_shirky_how_cognitive_surplus_will_change_the_world.html

Hat tip to JJ Behrens for sharing the video.