Grey Matters

Written: 2006-01-13

There’s been some discussion lately about a new feature of Apple’s iTunes v 6.0.2. This update adds a feature whereby each time you click on a song in iTunes, information about that song is transmitted to a remote server which then populates a (new) MiniStore pane with purchase suggestions related the the item you clicked.

There’s discussion of this feature at: http://since1968.com/ and http://www.boingboing.net/2006/01/11/itunes_update_spies_.html

Most of the talk is of the “Apple didn’t tell us it was going to do this” variety. “If Apple had been ‘open’ about this, we wouldn’t have a problem.”

Well, I have a problem with it.

This feature is enabled by using a company named Omniture, Inc. Omniture uses the domain 2o7.net to receive the information transmitted by the MiniStore feature. Omniture’s site says:

2o7.net is an Internet domain used by Omniture, Inc. on behalf of our customers to improve Web site design and to generally improve the user experience on the Web. This domain is used by Omniture’s data collection systems, and is the domain under which Omniture places cookies. These cookies are NOT spyware – they are simple text files that help Omniture customers measure usage of their Web sites and performance of their marketing campaigns.

Note that “performance of their marketing campaigns” phrase. What they’re talking about here is web bugs. Web bugs can appear in html-encoded email. Basically, they permit the sender to know if, and even when, you open the marketing or other email that was sent to you. If you value your privacy, web bugs should be a concern.

Note: I’m not singling out 2o7.net. There are lots of different companies doing the same/similar things. It all amounts to spying on you.

The web bug below is pulled from an email and the html code even includes the notation that it is for “message detection.” The third line is the actual web bug.

Web bugs are image files that are requested by your email program in order to display within the email. Typically, they are minimum size — a one by one pixel image, as in the example below. It’s an image you’re not really intended to see at all. Actually, it’s probably not an image at all. It’s a call to a cgi script (masquerading as an embedded image) that logs the requested bug and I doubt that it actually sends a 1 x 1 image. Maybe it does. Doesn’t matter.

Anyhow, this is what they look like. It will always say <img src=”http:// and then there will be a URL that is encoded with information identifying the intended recipient of the email. Each web bug in a mailing is unique. Each represents a particular individual that was sent the mailing. Note that not all instances of ‘<img src=”http://’ are web bugs. Most are just images that the sender wants you to see. The ones that contain a unique identifier are the ones spying on you. Web bugs often contain a question mark and will often be from a different domain than all the other images in the email. Sometimes they even include your actual email address rather than containing a code they have to look up.

When the server listed in the URL of the web bug sees (in this case) 0jlGqqqZA3wp56TKzUH, it translates it into the recipient’s ID. The server notes the time that the web bug image file file was requested and saves this in a log file so they know exactly when you opened your email. 

By the way, I changed the domain and the letters and numbers in the web bug below. This is just a look at what a web bug might look like; it is not an actual web bug.

Here the (modified) code I pulled from a bugged email.

<!– The following image is included for message detection –>
<img src=”http://WebBugs.com/1×1.dyn” border=”0″ alt=”” width=”1″ height=”1″>
<img src=”http://WebBugs.com/1×1.dyn?0jlGqqqZA3wp56TKzUH” width=1 height=1>

In my case, I have my email program, Eudora, set up to note which incoming email is html-encoded and change the mailbox entry to a different color. So, just by looking at the unopened email in my e-mailboxes, I know which ones are html-encoded and potentially bugged. I also have Eudora set to not automatically download images from the web.

I never open these html emails without first checking for web bugs. I do this with an AppleScript (Yes, I’m a Mac user.) that does the equivalent, I think, of selecting “Properties” in programs like Outlook Express. Then I open the email in question and look over the html code looking for web bugs. If I find any, I either cut them out or, if I’m feeling frisky, edit the web bug to contain different letters and numbers. Once I’ve rendered the html-encoded email safe to view normally, I open it and read as one normally would. I never open html email without first checking. Not even email from my friends and family. Sometimes they forward html email to me from elsewhere.

Privacy Policies:

I should note too that for a long time, whenever I received a bugged email, I visited the offending company’s web site to review their privacy policy. Not a single privacy policy that I have seen mentions monitoring to see if/when you open their marketing emails.

Much of html-encoded email is spam. When you open it and trigger a web bug, you’ve just tipped them off that:

1. Your email address is active and
2. You open spam email

Boy, do spammers love it when you do that!

Sure, detecting and eliminating web bugs is a hassle. I consider web bugs and similar technologies to be little different from snooping on me by peeking in my window. These people have no right to know when or even if I read their email.

Neither 2o7.net or any of their customers has a right to peek in my window and watch to see if/when I open their email, do they? This is not a rhetorical question. Ask yourself: Does anyone have a right to watch you to determine if/when you read a particular email? Yes or no?

If not then ask yourself this: Does spying on you become any more acceptable just because it can be done remotely? Again, not a rhetorical question. If you said NO, then you agree with me. If you said YES, then would it be OK to place a video camera outside your window to see if/when you read a particular email? That way someone could monitor remotely and determine if and when you open that particular email. Acceptable? I didn’t think so.

“Hold on,” you say, “watching everything you do is quite different from monitoring to see if/when you do one particular thing.” To which I say: Baloney. You’re quibbling over the degree of spying which is acceptable. I’m saying that it is wrong, in principle, for people to spy on me! (And you.)

Historically, encroachments on privacy and liberty occur gradually. It is rare for a free country to become a police state overnight. Web bugs are (pick your metaphor) a foot in the door, the camel’s nose in the tent, the start down a slippery slope. If we don’t rail against this bit of spying now, then we can expect more such spying in the future. Technology is constantly improving.

At one time, it was not possible to determine if/when someone read your email. Now it is.

At one time, it was not possible to determine what music you play on your computer. Now it is.

Just because something is possible, does that make it acceptable? Of course not. Apple assures us that the MiniStore feature does not retain any personally-identifiable information. But, of course, it could. If the music industry had its way, it would probably require such information to be collected and transmitted to their servers.

We don’t know what the future holds. The one thing we know for sure is that spying on us will increase if we don’t stop it now.

Written 2006-01-04

Long-time readers of my blather know how very upset I was (and still am) over the Bureau of Alcohol, Tobacco and Firearms’ (BATF) armed-to-the-teeth raid on the Branch Davidian’s communal home near Waco, Texas on February 28, 1992 to serve two warrants.

BATF’s handling of this publicity stunt** has been pretty much white-washed and I have no intention of rehashing that now. But how the warrants came to be issued in the first place is an often overlooked aspect to the story. The government made numerous misstatements and misrepresentations to obtain the warrant.

<http://www.davekopel.com/Waco/LawRev/warrant.htm>

“A careful study of the Waco search warrant reveals numerous flaws, not just with the warrant application but with search and seizure law as it has developed in the 1990s.”

“Part one of this article sets forth the background to the BATF investigation of the Branch Davidian residence at the Mount Carmel Center, outside of Waco, Texas, and suggests that there is no good reason for the federal BATF to have jurisdiction over the tax offenses it was allegedly investigating. Part two studies the warrant application and reveals how the application was riddled with errors of law and fact, and offers reforms for how to reduce false or misleading statements in future warrant applications…”

Anyway, the article makes interesting reading and is heavily footnoted.

**
BATF’s budget was up for review and the agency had some recent bad press at the time. The Branch Davidian raid was intended to generate good publicity. The BATF public relations director was in Waco with a bank of fax machines ready to send out a press release about the successful raid. Numerous media contacts were alerted to the impending raid.

When 60 Minutes covered the story, host Mike Wallace opined that almost all the agents he talked to believed the raid was a publicity stunt — the main goal of which was to improve BATF’s tarnished image. The codeword for the beginning of the raid was “showtime.”

It was a publicity stunt gone wrong.

Written 2005-12-07

Listeners to Paul Harvey will have heard on November 16, 2005, the following:

“… And here comes tomorrow – an exciting tomorrow! Hundreds of semi-trailer trucks are at this moment zipping along American highways with hydrogen in the gas tank. These are 18-wheelers where they make the hydrogen as they go. One big rig can thus save $700 a month making fuel on the go. It uses electricity from the engine’s alternator to power the electrolysis of water to produce the hydrogen.”

Now, I’ve been a fan of hydrogen as a fuel since the 70’s, calling it ‘the fuel of the future’. I said, “… of the future” because of various economic and practical considerations.

Hydrogen (H2) has a very low energy density, that is, a given volume of H2 has much less energy than the same volume of gasoline. To compete with gasoline, energy density-wise, H2 needs to be compressed and liquefied, itself requiring heavy tanks and compressors and such to keep it supercooled. Gasses kept under pressure tend to leak and in the case of H2, this introduces safety concerns.

But Mr. Harvey said the H2 consumed by the ‘big rigs’ is produced on the go, so I was intrigued. Hydrogen is typically extracted as a byproduct of natural gas production or extracted from water via electrolysis.

The problem with electrolysis is that the amount of energy required to extract H2 from water is more than the amount of energy available from burning the extracted H2. For example, the energy required to produce enough H2 via electrolysis to generate 1000 BTUs of energy would itself exceed 1000 BTUs. It’s a net loss. 

Think about that. If it required less than 1000 BTUs of energy to extract 1000 BTUs worth of hydrogen by electrolysis, it would have been the fuel of today in the last century. We’d have had unlimited, cheap power years ago. The oceans are just brimming with H2O. All we need is an economical way to extract the H2 from the H2O. We have not, to my knowledge, achieved that goal yet.

So I was moved to investigate Mr. Harvey’s statements. I searched the web and found:
<http://www.wired.com/news/autotech/0,2554,69529,00.html>
This page has links to the company whose gizmo has been fitted to the trucks in question.

Points of note:
H2 is used only to supplement the fossil fuel being burned. H2 is injected into the incoming air going to the engine. It is said to reduce emissions and increase fuel economy by 10%. Energy-wise, production of the H2 is doubtless a net energy loss. Perhaps the H2 results in more thorough burning of the fossil fuel to achieve these effects. Or perhaps is just hype and snake oil.

Like much of what goes out as ‘news’, this item probably originated as a press release issued by the company manufacturing the H2 extracting gizmo. The reality did not live up to the images created by Mr. Harvey. Hydrogen is still just the fuel of the future.

Written 2005-12-02

A few notes regarding my earlier note about a woman’s refusal to show ID to federal ‘police’.

“It is curious that physical courage should be so common in the world, and moral courage so rare.” — Mark Twain

One of the related articles asked: “Why don’t the feds card visitors at the center buildings’ doors?” Indeed.

I wonder if they ‘card’ the bus driver on each such occasion. Not that seeing his ID is a substitute for bomb-sniffing dogs and such. It isn’t.

Though ostensibly done for ‘security’ purposes, the ID check does nothing to enhance security. Since the ID is not used to bar entry (not compared to some watch list), this ID check is really just a ‘compliance test’ to ensure that we sheeple will yield to the authority of someone in a uniform.

“A society of sheep must, in time, beget a government of wolves.” — Bertrand de Juvenal.

It sounds as though Deborah Davis did some homework before actually refusing to show her ID. I’d have done it somewhat differently by first asking for a citation of the law or regulation that required me to show my ID in that circumstance.

Of course, there will always be the folks who will say, “If you have nothing to hide, then what’s the problem?” The problem is the principle involved. Do you have to do everything a police officer says, just because it’s a police officer? No. Thank goodness Deborah Davis and a very small percentage of others understand this, and are willing to be inconvenienced to defend a principle. Of course there are things which an officer may request and which you MUST do. It’s not always easy knowing the difference.

There was a case some years ago where police routinely boarded inter-city busses before they left the terminal and sometimes asked to search passengers’ luggage. One fellow refused to give his permission, was hauled off the bus and a warrant was obtained to search. They found illegal drugs. The case went all the way to the Supreme Court where it was decided that refusing to voluntarily consent to a search was not grounds to obtain a warrant to search.

You have a right to exercise your rights. The Authorities don’t much like it when you know your rights and really get peeved when you actually exercise those rights. All the more reason to do so, if you ask me. We mustn’t let the police believe that we have to do everything they say, just because they are the police. You have a DUTY to exercise your rights.

“The strength and powers of despotism consist wholly in the fear of resisting it….” –Thomas Paine

Many of today’s ‘security’ checks do little to actually improve security; their main purpose is to give the impression — the illusion — of good security. Appearances are far more important than reality. Government officials know this all too well.

If a poll had asked, on 9/10/2001, whether government was doing a Good Job with airline security, I daresay most people would have answered in the affirmative. Heck, we had security checkpoints, metal detectors and other accoutrements of airline safety. Of course we were safe. Asking the same people the same question on 9/12/2001 would have resulted in a far different response from most people.

Actions since 9/11 have been primarily directed at restoring Americans’ faith in the safety of air travel. I remember going to the airport in Phoenix a couple of years ago to pick up someone. On the entry ramp to the parking garage was a uniformed fellow with a flashlight. He signaled me to stop and directed his light into the rear of the Ford Explorer I was driving. At the time, I had a couple of closed cardboard cartons in the back. He peered through the tinted glass and, apparently, saw the cartons. Finding nothing suspicious (presumably!), he signaled me to proceed.

He had no way of knowing what I was transporting. What was he looking for, a wooden crate with EXPLOSIVE stenciled on the side? What purpose did this man’s job serve? It gave the appearance of heightened security while getting us accustomed to minor privacy intrusions in the name of security.

One thing of which you can be sure, there will always be an incremental ‘ratchet’ effect. We have seen it time and again over the years. Each new incursion into your privacy and personal freedoms is just a small additional violation. We become accustomed to it and then later the ratchet clicks again as some new feature is added. Today Mr. Uniformed Guard is just shining his light in. Tomorrow he may ask that we open the vehicle for a closer look. Sometime later, they’ll be wanting to dig through our stuff.

“The true danger is when liberty is nibbled away, for expedience, and by parts.” — Edmund Burke

It is best to nip such things in the bud, before we all — us and the Authorities — come to accept them as normal. My hat’s off to Deborah Davis for resisting this ID check.

“Liberty has never come from the government…. The history of liberty is the history of resistance… a history of the limitation of governmental power, not the increase of it.” — Woodrow Wilson

[Followup: Charges dismissed against Deborah Davis. Fed center ID protest sidetracked.]

“Your rights will atrophy if you don’t exercise them.” — Mickey Michelsen

Written 2005-08-23

[The following was added as a footnote to a forwarded publication authored by someone else on the topic of “Diversity.”}

The problem is that the left is mistaken about the nature of ‘diversity’. They believe it is X% white, Y% Latino, Z% black, etc. That’s not diversity, that’s homogeneity.

Diversity is China Town and the East Village, Grosse Pointe and Watts, Little Havana and Little Italy, Korea Town and Little Saigon.

Left to ourselves, Diversity Happens. But diversity is not the true goal of leftists; they want homogeneity. As with milk, they don’t want the cream to rise to the top — that’s not ‘equal’ — not ‘fair’. True diversity is not acceptable to leftists as it means there will be differences.

As much as liberals say that differences don’t matter (we’re all the same, don’t you know), even while they insist that superficial differences be recognized, even exalted (skin color, for example), they really don’t tolerate differences well. Differences of opinion don’t sit well with them. Neither do differences in wealth, social standing, intelligence or political leanings. They are forever trying to eradicate these differences, to eliminate true diversity.

The truth is, liberals abhor diversity and want all of us to be just like them. They are unhappy that the Great Melting Pot becomes stratified and so they ‘stir the pot’ at every opportunity, agitating the populace, setting us one against the other in the name of ‘diversity’, all the while seeking homogeneity. What else would you expect from persons passing themselves off as ‘liberal’ while being some of the most illiberal people around?