People ask me about the EFF endorsing some of the network neutrality laws proposed in congress. I, and the EFF are big supporters of an open, neutral end-to-end network design. It's the right way to build the internet, and has given us much of what we have. So why haven't I endorsed coding it into law?

If you've followed closely, you've seen very different opinions from EFF board members. Dave Farber has been one of the biggest (non-business) opponents of the laws. Larry Lessig has been a major supporter. Both smart men with a good understanding of the issues.

I haven't supported the laws personally because I'm very wary of encoding rules of internet operation into law. Just about every other time we've seen this attempted, it's ended badly. And that's even without considering the telephone companies' tremendous experience and success in lobbying and manipulation of the law. They're much, much better at it than any of the other players involved, and their track record is to win. Not every time, but most of it. Remember the past neutrality rules that forced them to resell their copper to CLECs so their could be competition in the DSL space? That ended well, didn't it?

Read on...

No, not the sexual kind of personal vibrator. Today we regularly hear reminders to put phones on vibrate, and they are often ignored. The world is becoming rapidly swamped with loud, deliberately destracting cell phone ringtones. (The ringtones themselves are a business.)

I've blogged several times before about my desire for universal DC power -- ideally with smart power, but even standardized power supplies would be a start.

Today many services offer MRI scans for a fee. DNA testing services are getting better and better -- soon they will be able to predict how likely it is you will get all sorts of diseases. Many worry that this will alter the landscape of insurance, either because insurance companies will demand testing, or demand you tell them what you learn from testing.

I wrote an essay here a year ago on the internet cost contract and how it was the real invention (not packet switching) that made the internet. The internet cost contract is "I pay for my end, you pay for yours, and we don't sweat the packets." It is this approach, not any particular technology, that fostered the great things that came from the internet. (Though always-on also played a big role.)

A buzzword in the cable/ilec world is IPTV, a plan to deliver TV over IP. Microsoft and several other companies have built IPTV offerings, to give phone and cable companies what they like to call a "triple play" (voice, video and data) and be the one-stop communications company.

When I was in high school, I did a project on PRT -- Personal Rapid Transit. It was the "next big thing" in transit and of course, 30 years later it's still not here, in spite of efforts by various companies like Taxi 2000 to bring it about.

With PRT, you have small, lightweight cars that run on a network of tracks or monorail, typically elevated. "Stations" are all spurs off the line, so all trips are non-stop. You go to a station, often right in your building, and a private mini-car is waiting. You give it your destination and it zooms into the computer regulated network to take you there non-stop.

The wins from this are tremendous. Because the cars are small and light, the track is vastly cheaper to build, and can often be placed with just thin poles holding it above the street. It can go through buildings, or of course go underground or at-grade. (In theory it seems to me smart at-grade (ground-level) crossings would be possible though most people don't plan for this at present.)

The other big win is the speed. Almost no waiting for a car except at peak times, and the nonstop trips would be much faster than other transit or private cars on the congested, traffic-signal regulated roads.

Update: I have since concluded that self-driving vehicles are getting closer, and because they require no new track infrastructure and instead use regular roads, they will happen instead of PRT.

Yet there's no serious push for such systems...

Read on.

Looking at printed wedding gift ribbon some time ago, Kathryn thought it would be amusing to put the 4th amendment on the ribbon, and tie it around our suitcases.

That turned out to be hard to make, but I did make a design for shipping tape which you can see below. The printed shipping tape has the text slant so that as the pattern repeats, the 4th amendment appears as a long continuous string, as well as a block.

Google's decision to operate a search service in China, implementing Chinese censorship rules into the service, has been a controversial issue. Inside Google itself, it is reported there was much debate, with many staff supporting and many staff opposing the final decision, as as been the case in the public. So it's not a simple issue.

Nonetheless, in spite of being friends with many in the company, I have to say they made the wrong decision, for the wrong reason.

This is an idea from several years go I've never written up fully, but it's one of my favourites.

We've seen lots of pushes for online identity management -- Microsoft Passport, Liberty Alliance and more. But what I want is for the online world to help me manage my physical identity. That's much more valuable.

I propose a service I call "addrescrow" which holds and protects your physical address. It will give that address to any delivery company you specify when they have something to deliver, but has limits on how else it will give away info from you. It can also play a role in billing and online identity.

You would get one or more special ID names you could use in place of your address (and perhaps your name and everything else) when ordering stuff or otherwise giving an address. If my ID was "Brad Ideas" then somebody would be able to send a letter, fedex or UPS to me addressed simply to "Brad Ideas" and it would get to me, wherever I was.

(Read on...)

Washington, DC: The American Association for the Advancement of Science (AAAS) issued a stern warning today to Televangelist Pat Robertson. Robertson had recently condemned the citizens of Dover, PA to the wrath of God for not voting in a school board that would teach Intelligent Design in classes.

"We'd like to say to the good Reverend Robertson: if there is a disaster in your area, don't turn to Science, you just rejected it from your life," AAAS said on its daily television show broadcast from Washington, the 3.14159 Club.

"And don't wonder why it hasn't helped you when problems begin, if they begin. We're not saying they will, but if they do, just remember, you just pushed science out of your life. And if that's the case, don't ask for its help because it might not be there," they said. "In particular, you won't have a phone to call the ambulance, and it won't exist even if you could call it. And even if the doctor lived next door and you could call her, she would only bleed you and put smelly poultices on your forehead to balance your humours. And she would be a guy."

"Actually, we're just kidding," the AAAS later corrected. "Science works whether you believe in it or not. That's what's really cool about it," they said.

"What they said," indicated Venezuelan President Hugo Chavez, in an independent statement.

A mantra in the security community, at least among some, has been that crypto that isn't really strong is worse than having no crypto at all. The feeling is that a false sense of security can be worse than having no security as long as you know you have none. The bad examples include of course truly weak systems (like 40 bit SSL and even DES), systems that appear strong but have not been independently verified, and perhaps the greatest villian, "security through obscurity" where the details of the security are kept secret -- and thus unverified by 3rd parties -- in a hope that might make them safer from attack.

On the surface, all of these arguments are valid. From a cryptographer's standpoint, since we know how to design good cryptography, why would we use anything less?

However, the problem is more complex than that, for it is not simply a problem of cryptography, but of business models, user interface and deployment. I fear that the attitude of "do it perfectly or not at all" has left the public with "not at all" far more than it should have.

An interesting illustration of the conflict is Skype. Skype encrypts all its calls as a matter of course. The user is unaware it's even happening, and does nothing to turn it on. It just works. However, Skype is proprietary. They have not allowed independent parties to study the quality of their encryption. They advertise they use AES-256, which is a well trusted cypher, but they haven't let people see if they've made mistakes in how they set it up.

This has caused criticism from the security community. And again, there is nothing wrong with the criticism in an academic sense. It certainly would be better if Skype laid bare their protocol and let people verify it. You could trust it more. Read on...

Last year at Burning Man, I built a free phone booth out on the desert. Using VoIP, 802.11, batteries and a satellite uplink, it sat there on the playa floor and let you make free calls anywhere in the world. I blogged about that story, but there was an untold part of the story.

Update: A more active thread on how this relates to Goodmail and other attempts at sender-pays traffic

There is much talk these days of "who invented the internet?" Most of the talk is done wearing a network engineer's hat, defining the internet in terms of routing IP datatgrams, and TCP. Some relates to the end to end principle with a stupid network in the middle and smart endpoints. These two are valid and vital contributions, and recognition for those who built them is important.

But that's not what the public thinks of when it hears "the internet." They think of the collection of cool applications they use to interact with other people and distant computers. Web sites and mailing lists and newsgroups and filesharing and VoIP and downloading and chat and much more. Why did these spring into being in this way rather than on other networks?

I believe a large and necessary ingredient for "the internet" wasn't a technological invention at all, but a billing system. The internet is based on what I call the "internet cost contract." That contract says that each person pays for their own pipe to the center, and we don't account for the individual traffic.

"I pay for my half, you pay for yours."

While the end-to-end design allowed innovation and experimentation, the billing design really made it possible. In the early days of the internet, people dreamed up all sorts of bizarre applications, some serious, some entirely frivolous. They put them out there and people played with them and the most interesting thrived.

Many other networks had users paying not by the pipe, but based on traffic. In that world, had you decided to host a mailing list, or famously put a webcam up in front of your company fishtank, the next day the company beancounter would have called you into the office to ask why the company got a big bandwidth bill in order to show off the fishtank. The webcam -- or FTP site or mailing list -- would have been shut down immediately, and for perfectly valid reasons.

Pay-based-on-usage demands that applications be financially justifiable to live. Pay-per-pipe allowed mailing lists, ftp sites, usenet, archie, gopher and the web to explode.

On a recent roadtrip, I did some "wardriving" where you scan for 802.11 (wifi) access points. Today they are everywhere. The scanning program lists the network name (SSID) as well as other information like the model of access point and whether it has encryption on. Often the SSIDs are informative, with the names of families and companies. Mine is an web address that would let a neighbour contact me.

All this happens because most access points transmit a regular "beacon" packet which lists their SSID and other information needed to connect to them. Seeing that the SSIDs were sometimes interesting, I wondered if we might do much more with a special beacon.

This beacon would deliberately tell you a bit about the access or location. It would contain a mixed XML/HTML packet with a variety of useful fields and general text. These could range from simple descriptions ("This access point belongs to Joe Smith, I'm a programmer") to information ("On this site, Paul Revere stopped on his ride to consult with local minutemen") to street directions ("Turn right to get to highway 101, left for downtown") to, of course, advertising ("We sell fresh fruit and have a special on plums today.")

In other words, a replacement for signs and billboards and markers. And perhaps much more. Access points would also talk about themselves, declaring, for example, if the owner is offering open internet access for free or for fee, or has a local database of information, and what classes of information are in the main text. The local lattitude and longitude for those without a GPS could be useful, along with local map data in a compact form.

Users could quickly get a program for their laptop (such as Netstumbler) to read and display such virtual annotations to the world as they drive. Primarily for passengers to use, of course. Eventually dedicated boxes would become available, and onboard car computers and GPS units could understand the protocol. Mass market access points would include a set-up screen in their web interface to let the owner enter the information beacon text and enable it. (Today some APs have open source firmware and an energetic programmer could do this right away.)

All of this might be both useful and entertaining. Children might enjoy reading all the random bits of information that flow by and stop asking "are we there yet?" The journey can become the reward. (Of course remember to look out the window sometimes.)

I can imagine vendors making a cheap solar powered access point that, during the day at least, sends out information beacons as soon as enough power is stored in the capacitors to send one. These could operate on a small, cheap solar cell (the more power, the more frequent the beacon) and be placed anywhere. "I'm an oak tree!"

Below, I will get into some technical issues and discuss the unanswered question, which is how to avoid abuse by excessive advertisement, spam and falsehoods.

For the third year in a row, I held a "superbowl commercials" party. In this case, we used MythTV to record the game in HDTV for a while, then sat down to fast forward through the football and slow down to watch the commercials.

You may have run into the story of a fireman charged with burning down his own home. They charged him because his Safeway Club card records showed he had purchased the type of firestarter that was used in the arson on his house.

Sounds like a good case? Problem is somebody else confessed to the arson. He's now a free man.

We've seen the explosion in Voice over IP phone companies, using lower IP costs (and regulatory bypass) to offer very cheap long distance. Today, in the wholesale market, you can place VoIP calls to regular phone numbers in the major cities of the world for between 0.5 cents and 1 cent per minute. So cheap that companies are routinely offering people "unlimited" long distance plans for a flat monthly fee.

The rates are cheap, but they aren't yet free, so calls don't happen without contracts and plans and arrangements.

Here's something begging to be done: The cellular carriers in the USA and Canada should allow people calling in from the internet to call any cell phone for free.

This would cost them the tiny amount they get for terminating long distance calls to cell phones, but the end result would be their own customers billing more minutes. That's what they want (sort of.) They could release a free program for use on common PCs to call any cell phone. They could have a java applet or ActiveX control to make a web page to let you call any cell phone for free, just as they let you send an SMS from a web page for free. (If you have a headset with a mic, at least.)

But allowing free and open calling would encourage lots of innovating applications from the marketplaces. Smart PBXs would coordinate and connect with company cell phones over the internet. More advanced apps would link cell phones closer to PBX functions. People who use their cell as their home phone would have another reason to do it -- now all their friends can call free from VoIP phones or any PC. Companies like Vonage would offer free calls to cell phones even for people not on the unlimited plan.

I've written about a few plans to get rid of the headache (and travel killer) that airport security has become. One of the great curses is that because you can't predict how long security might take, most people end up arriving way, way ahead of their flight in case the line is long, but often they clear it in just a few minutes. (Ditto the immigration/customs line at Canadian airports going to the USA.)

I like fine camera lenses, but the best quality are very expensive. There are many things that are hard to do in a good lens -- you want a sharp image, of course, over the full flat plane. Over the whole image plane you want low flare, high contrast and low chromatic abberation (ie. red and blue focus in the same spot.) And you want low distortions.

Most camera lenses try to be "rectilinear." That means they try to make a straight line straight in the image. This isn't actually natural, due to perspective straight lines are not straight.

So I wonder if we might soon see a new lens where no effort is made to fix distortions or make the image rectilinear, and all effort goes into the other factors. You are thus expected, with every image, to do digital post-processing to get a non-distorted rectilinear image. That will mean some small loss of image quality at the edges of the image, but probably a less distorted image than ordinary lens physics can deliver -- and a lot less cost -- in exchange.

Of course, this would primarily be for digital cameras, but a film user could also use the lens if they planned to scan their film for digital processing, as most do these days.

Down the road, each lens might contain within it the specifics of its own particular distortions, and the camera might be able to fetch this and either process directly or store it with the image for post-processing. Indeed, the lens might be a cheaply made lens with distortions due to the poor quality elements, or it might be a fine lens with deliberate distortions. (I have wondered if some P&S digicams might be doing this already.)