Grumpasaurus.com

There’s a paper on SSRN entitled The iPhone Meets the Fourth Amendment

Abstract:

Imagine that police arrest an individual for a simple traffic infraction, such as running a stop sign. Under the search incident to arrest doctrine, officers are entitled to search the body of the person they are arresting to ensure that he does not have any weapons or will not destroy any evidence. The search incident to an arrest is automatic and allows officers to open containers on the person, even if there is no probable cause to believe there is anything illegal inside of those containers. What happens, however, when the arrestee is carrying an iPhone in his pocket? May the police search the iPhone’s call history, cell phone contacts, emails, pictures, movies, calendar entries and, perhaps most significantly, the browsing history from recent internet use? Under longstanding Supreme Court precedent decided well before handheld technology was even contemplated, the answer appears to be yes.

I’ve read the paper and I think that the abstract above is incorrect as to what the paper states, but also Gershowitz’ conclusion overreaches. I think it clear and inarguable that the iPhone or other devices¹ may be seized incident to arrest, but it is doubtful that they may be “searched” beyond data already stored on the phone.

A key difference between the cigarette pack search he refers to frequently and searching a technological device is that the officer may easily detect contraband or dangerous goods using one of their senses. This “closed container” doctrine has been upheld by courts already to allow officers to read text messages on phones on an arrested suspect and then use those text messages as evidence.

However with modern devices, much of the information that would be of interest to the police is stored on third party servers. A typical search that would yield indictment-worthy information is going to be email, IM messages, or similar which are under the control of third parties (such as email providers), not stored in the phone themselves.² If you allow immediate mining of third parties, such as Yahoo email, that under any and every theory and ruling in American law (FISA bill and Bush administration excepted), then you have destroyed the Fourth Amendment for all intents and purposes (in laymen’s terms: you need the court’s permission to ask these providers for information. If you access this information without permission, you’ve just done an end-run around the Constitution. You must subpoena teh googlez!). It is as plain as the Newspeak nature of doughy pantload’s book – if you access third party services that would otherwise require a warrant, you have violated the Fourth Amendment.

Gershowitz addresses this in part, but also hand waives it away, using the example of an officer who gets access to a device’s password by accessing the owner’s email, finding the password there, and then using that password to open the device. Gershowitz argues that this search is permissible, whereas I would argue that accessing the user’s email is a clear violation of the Fourth Amendment and any subsequent searches on the phone would be excluded as fruit of the poisonous tree. Gershowitz also ignores the time and technical savvy required for an officer holding a suspect to do this. If the officer has time to do this, they have time to do it back at the station, after obtaining a warrant.

The paper does a typical journal article scattershot attack after that of potential theories to apply to the “new” situation, none of which is very revealing or realistic. As with most everything in law, the answer’s going to be shoehorn the situation into existing justifications, shoehorn + minor twist to address the truly novel part (which sometimes has the result of turning the existing justification on its head), or in about 1 out of fifty thousand cases “something new.”

Short response: somewhat interesting theory, but I remain unconvinced that the conclusion that such searches are “likely” to be upheld is the correct one. Much of this, of course, relies on which judge hears which case. Traditional jurisprudence would, I feel quite strongly, uphold the prohibition on accessing any off-device services to search the device. Given the radical authoritarian nature of the justices the Bush administration has placed on the bench, I am uncertain as to the actual outcome when this potential issue becomes a reality.

Law, Technology

Peter Gutmann does a cost analysis of Vista’s DRM and comes away… unimpressed.

Executive Summary

Windows Vista includes an extensive reworking of core OS elements in order to provide content protection for so-called “premium content”, typically HD data from Blu-Ray and HD-DVD sources. Providing this protection incurs considerable costs in terms of system performance, system stability, technical support overhead, and hardware and software cost. These issues affect not only users of Vista but the entire PC industry, since the effects of the protection measures extend to cover all hardware and software that will ever come into contact with Vista, even if it’s not used directly with Vista (for example hardware in a Macintosh computer or on a Linux server). This document analyses the cost involved in Vista’s content protection, and the collateral damage that this incurs throughout the computer industry.

Executive Executive Summary

The Vista Content Protection specification could very well constitute the longest suicide note in history.

…

Disabling of Functionality

Vista’s content protection mechanism only allows protected content to be sent over interfaces that also have content-protection facilities built in. Currently the most common high-end audio output interface is S/PDIF (Sony/Philips Digital Interface Format). Most newer audio cards, for example, feature TOSlink digital optical output for high-quality sound reproduction, and even the latest crop of motherboards with integrated audio provide at least coax (and often optical) digital output. Since S/PDIF doesn’t provide any content protection, Vista requires that it be disabled when playing protected content. In other words if you’ve invested a pile of money into a high-end audio setup fed from a digital output, you won’t be able to use it with protected content. Similarly, component (YPbPr) video will be disabled by Vista’s content protection, so the same applies to a high-end video setup fed from component video.

…

Denial-of-Service via Driver Revocation

Once a weakness is found in a particular driver or device, that driver will have its signature revoked by Microsoft, which means that it will cease to function (details on this are a bit vague here, presumably some minimum functionality like generic 640×480 VGA support will still be available in order for the system to boot). This means that a report of a compromise of a particular driver or device will cause all support for that device worldwide to be turned off until a fix can be found. Again, details are sketchy, but if it’s a device problem then presumably the device turns into a paperweight once it’s revoked. If it’s an older device for which the vendor isn’t interested in rewriting their drivers (and in the fast-moving hardware market most devices enter “legacy” status within a year of two of their replacement models becoming available), all devices of that type worldwide become permanently unusable.

Not that Apple’s any better with their horrendous DRM schemas. FOSS, people, it’s all about the FOSS. Right down to the hardware.

The DRM is all about the money. Money for gigantic corporations that try to limit the when, where, and what you can see, read, or listen to. If they could patent eyeball glue and tie it to your corporate-logo’d monitor with criminal penalties if you looked away or blinked… they would.

Crippleware doesn’t have a history of success, and I’m confident that the community will find ways around this… but Vista is exhibit #50113 of how MSFT cares not a whit for the consumer… but immensely for the cash streams content providers.

Freedom, Technology

Why mixing poor security design with a new technology the bureaucrats don’t understand and combining them with highly important, personally-identifying, required travel documents is a really, really bad combination

Six months ago, with the help of a rather scary computer expert, I deconstructed the life of an airline passenger simply by using information garnered from a boarding-pass stub he had thrown into a dustbin on the Heathrow Express. By using his British Airways frequent-flyer number and buying a ticket in his name on the airline’s website, we were able to access his personal data, passport number, date of birth and nationality. Based on this information, using publicly available databases, we found out where he lived, his profession, all his academic qualifications and even how much his house was worth.

It would have been only a short hop to stealing his identity, committing fraud in his name and generally ruining his life.

Great news then, we thought, that the UK had just begun to issue new, ultra-secure passports, incorporating tiny microchips to store the holder’s details and a digital description of their physical features (known in the jargon as biometrics). These, the argument went, would make identity theft much more difficult and pave the way for the government’s proposed ID cards in 2008 or 2009.

Today, some three million such passports have been issued, and they don’t look so secure. I am sitting with my scary computer man and we have just sucked out all the supposedly secure data and biometric information from three new passports and displayed it all on a laptop computer.

I have, of course, mentioned how the US is switching to RFID passports in the near future. Also, how to make a RFID jammer wallet… for what good it will do you.

Freedom, Grr, Privacy, Technology

Get yer early live.com email addresses now!

You have to create a new account, press “sign up”, then copy the location of this link and paste it in the address bar of the window where you loaded the page from live.com. Now youll have live.com and a list of other localized domains for you to choose from.

By copying “this link” above, they mean copying the code snippet there at the signup page and pressing enter. More domains besides hotmail.com will be added to the dropdown, including live.com (where MS is going) and there are lots of early names left. I got my name and Ms. Grumpy got a sweet 4-letter shorthand name.

Mmm… early adoption!

Internet, Technology

and he rides in tooooobs

HOST: I’m curious, have you ever googled anybody? Do you use Google?

BUSH: Occasionally. One of the things I’ve used on the Google is to pull up maps. It’s very interesting to see — I’ve forgot the name of the program — but you get the satellite, and you can — like, I kinda like to look at the ranch. It remind me of where I wanna be sometimes.

America, Idiots, Technology

Old media worldwide fights tooth and nail against new, enabling technology that they don’t control. See how Nine net takes on IceTV in court over their time shifting technology.

Free-to-air web the Nine Network goes to court Monday in a bid to stop startup media company IceTV from using its TiVo-style technology to block ads on free-to-air television.

IceTV uses a set-top box and weekly TV sked to allow users to record their fave skeins and skip ads for just A$3 ($2.25) a week.

Nine will argue in court that providing its schedule is a breach of copyright, although the schedule is made available to feevee customers and even to printed TV guides.

This is just an inevitable delay in the technology’s widespread availability, like it is everywhere else. Granted, in America the big media companies have been able to push back our Fair Use rights with odious technology initiatives such as DRM/”Trusted computing,” and hardware interfaces such as HDMI and non-modifiable, non-skippable DVD menus, and legal efforts such as the DMCA… but in Australia they’re apparently still a bit behind the times.

What will happen is that eventually every show will run inline advertisements (like soccer has to, with the stadium ringed with ads and small placements by the clocks) and egregious product placements (more egregious, I should say). It’s the only way for advertisers to ensure that they’re getting the eyeballs their consumerist drives require of them. Eventually, the 22 minute show in a 30 minute slot is going to go the way of the dodo.

Freedom, Pop Culture, Technology, Television

YouTube purchased for $1.65 billion in stock…

hellooooo PornoTube [fn1]

[fn1] It’s actually only new-to-me. Looks like there are plenty of people that have known about this site. Hey, I got it from Hutton.

Sex, Technology

JFC, I had this you have to pedal to power your computer-idea years ago (though it was monitor-only for me).

Well, shit, there’s another patent I won’t be getting.

Awesome, Technology

iKaraoke – Karaoke for your iPod

iKaraoke sends the music from your iPod to your stereo minus the lead vocals, so you can step up to the mic and sing the lead in your favorite tunes.

iKaraoke makes it easy to pause the music, scan forward or backward, or temporarily add the vocals back in to help you find your place. It even includes reverb effects to enhance your performance.

iKaraoke hooks up to your stereo via line-in cable, or wirelessly through your FM receiver.

That I don’t actually own an iPod shall not deter me. I need something to replace the small, boring selection available in my Karaoke Revolution discs for my PS2. They’ve been fun, but there’s only so many times you can slaughter New York, New York and Under Pressure before you’re longing for 4Gb of portable mp3 player goodness.

Now make it work with the iAudio X5, dammit!

Cool, Music, Technology, Toys

China Attempted To Blind U.S. Satellites With Laser

China has fired high-power lasers at U.S. spy satellites flying over its territory in what experts see as a test of Chinese ability to blind the spacecraft, according to sources.

It remains unclear how many times the ground-based laser was tested against U.S. spacecraft or whether it was successful.

But the combination of China’s efforts and advances in Russian satellite jamming capabilities illustrate vulnerabilities to the U.S. space network are at the core of U.S. Air Force plans to develop new space architectures and highly classified systems, according to sources.

(you’ll have to excuse the formatting, I’m working on a way to get screenplay formatting to merge well with WP. And for those that don’t know, or those that are about to shell out hundreds of bucks on screenwriting software, Celtx is both Open Source (free as in speech) and free (as in costs-no-money); using much of the Mozilla code (including the new calendar/Sunbird stuff). It does export some ugly HTML, though, so you’ll want to be careful before copy-pasting that shizzle into your blog. PRE tags with the text output is the quickest way, but not the prettiest.)

Misc, Open Source, Screenplay, Technology, War

Updating an update, Lonelygirl15 not a hoax, she’s just a made-up character telling fictitious stories to credulous audiences and who wrote back to other “teenagers” while in character and never revealing that “Bree” was a mythical creation.

The creators behind the Internet video mystery teen Lonelygirl15 want their fans to know they are not a front for a big Hollywood studio marketing some upcoming film.

Instead, the three friends began the adventures of the doe-eyed, 16-year-old home-schooled Bree as an experiment in storytelling that they intend to continue on their own Web site that was launched Tuesday.
…
The three creators declined to identify the name of the actress Tuesday. But amateur Internet sleuths discovered she is Jessica Rose, a 19-year-old actress from New Zealand who recently moved to Los Angeles.

Nice try, people, but you went over the line from “interesting experiment” to “I fucking hate your lying ways” with the myspace responses as Bree.

Lesson: don’t fuck with people on the internet. We have ways of finding you.

Eye Rollers, Pop Culture, Technology

In addition to being a GOP operation with questionable ethics and a CEO who guaranteed Ohio for Bush in ‘04, their machines are security hole nightmares.

This paper presents a fully independent security study of a Diebold AccuVote-TS voting machine, including its hardware and software. We obtained the machine from a private party. Analysis of the machine, in light of real election procedures, shows that it is vulnerable to extremely serious attacks. For example, an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates. An attacker could also create malicious code that spreads automatically and silently from machine to machine during normal election activities — a voting-machine virus. We have constructed working demonstrations of these attacks in our lab. Mitigating these threats will require changes to the voting machine’s hardware and software and the adoption of more rigorous election procedures.

Open source + paper trail. Accept nothing less.

News, Politics, Technology

Bow before Google, bitches

Google Inc. said on Tuesday that the company has begun offering mobile phone users in more than 30 major U.S. cities the capacity to view highway maps with “live” traffic data.

Actually, I think Google’s been flailing for a few months now, but I thought this was a nifty idea. Except for the part where every cell phone provider charges you more for web browsing so why do it? My bus schedule is updated like that too, and it’s a great service… or would be if I accessed the internet from my freakin phone.

Where was I going with this? Oh yes, Google expanding, flailing, hitting the curse of large sizes and the laws of inertia. I fully expect them to buy YouTube shortly (who uses Google video, I mean really?). Come to think of it, I think that’s YouTube’s only path to profitability. Man, it’s like 1998 all over again.

Technology

We achieved a tie in the Commerce Committee. Art Brodsky explains why this is effectively a win.

The news stories following the Senate Commerce Committee vote on Net Neutrality pictured it as a defeat for the forces of good. Don’t believe it. Even though the Net Neutrality amendment failed on a tie vote, we got ourselves into a good position for the rest of the game.

Freedom, Technology

Bloglines seems to be working now, as grumpasaurus feeds just jumped massively. They appear to have simply excised all posts with the YouTube videos. From my site, anyway. Sites like corporate-casual are showing up just fine, they just don’t have the video in the feed. Me? They cut the whole post. Go figure.

Don’t know why Bloglines is having all this trouble since the other aggregators seem to be just fine with the object and embed tags.

Guess we’re getting what we pay for, eh?

Misc, Technology