HTTP Status 451 – The HTTP Status At Which Requests Burn

Tim Bray is proposing a new HTTP status, 451 for:

…when resource access is denied for legal reasons. This allows server operators to operate with greater transparency in circumstances where issues of law or public policy affect their operation. This transparency may be beneficial both to these operators and to end users.

This is awesome and I 100% support this idea. I’d even like to see governments mandate that 451’s be used. Of course North Korea, Iran, and China would never follow along, but hopefully most western countries would.

It’s also a very fitting tribute to Ray Bradbury, the author of Fahrenheit 451 who recently passed away.

Even DHS Blindly Accepts Invalid SSL Certificates

Via Forbes:

On page 37, DHS instructs analysts to accept invalid SSL certificates forever without verification. Although invalid SSL warnings often appear in benign situations, they can also signal a man-in-the-middle attack. Not a good practice for the security conscience.

I think that’s grounds for termination by incompetence for whomever was behind that. DHS Phishing attack anyone? I’d expect better practices from a local library branch.

That said, it’s yet more proof that SSL as a form of identity verification just doesn’t work.

$22K Routers

The Charleston Gazette reported:

CHARLESTON, W.Va. — Nobody told Hurricane librarian Rebecca Elliot that the $22,600 Internet router in the branch library’s storage closet was powerful enough to serve an entire college campus.

The high-end router serves four public computer terminals at the small library in Putnam County.

It goes on to define them as Cisco 3945’s. These are reasonably large (in terms of Cisco’s lineup) high capacity routers. Given 4 computer terminals in a library, a cheap Linksys box (also Cisco) would have likely done the job just as well, for under $100.

I don’t think that router provides CIPA compliant filtering either, so I’m guessing they are doing it via software on the computers connected, or they have a gateway appliance of some sort.

It gets even more amusing:

Gianato said the T1 cards have other uses — video conferencing, wireless Internet and “voice over Internet protocol.”

A T1 (DS1) line is 1.544 Mbit/s. Granted unlike most broadband services this is a direct private line and thus you get the full 1.544 Mbit/s, but still this is 2012. You’re unlikely to be using such low capacity for those services in any meaningful way. You’d likely get better performance with a residential cable modem these days.

Those T1 cards are also quite expensive.

This is why you need competent IT folks, even in government.

Innovator’s Patent Agreement

Twitter today announced the Innovator’s Patent Agreement, their attempt to help defuse the patent chaos currently going on in the tech world. The real meat of the post is this:

It is a commitment from Twitter to our employees that patents can only be used for defensive purposes. We will not use the patents from employees’ inventions in offensive litigation without their permission. What’s more, this control flows with the patents, so if we sold them to others, they could only use them as the inventor intended.

I do like the GPL like virility of this. The one thing that I questioned was the term “defensive purposes”. That sounded vague. The IPA itself defines this:

(a) against an Entity that has filed, maintained, threatened, or voluntarily participated in an intellectual property lawsuit against Assignee or any of Assignee’s users, affiliates, customers, suppliers, or distributors;

(b) against an Entity that has filed, maintained, or voluntarily participated in a patent infringement lawsuit against another in the past ten years, so long as the Entity has not instituted the patent infringement lawsuit defensively in response to a patent litigation threat against the Entity; or

(c) otherwise to deter a patent litigation threat against Assignee or Assignee’s users, affiliates, customers, suppliers, or distributors.

This sounds like a big improvement to me. I’d still like to see something more explicit that deters Assignees and Inventors from agreeing to claims other than defensive purposes. While it says Assignees must get written permission from Inventors “without additional consideration or threat”. I question if that’s practical given the Assignee is generally the employer and controls the Inventors paycheck, medical benefits, and possible bonus.

Still, it’s an improvement over the current state of things. Kudos to Twitter for innovating and getting some dialog going. This still doesn’t get rid the need for some patent reform.

The Cocaine in Coca-Cola

Interesting post by Good on the presence of Cocaine in Coca-Cola. Spoiler: there’s no cocaine, but it does involve the use of coca leaves and special exceptions by the US government.

In order for Coca-Cola to continue to exist in its current form, the company has a special arrangement with the Drug Enforcement Administration, allowing it to import dried coca leaves from Peru (and to a lesser degree, from Bolivia) in huge quantities. The dried coca leaves make their way to a processing plant in Maywood, New Jersey, operated by the Stepan Corporation, a publicly traded chemicals company. The Stepan factory imports roughly 100 metric tons of the leaves each year, stripping the active ingredient—the cocaine—from them. The cocaine-free leaves are then shipped off to Coke to turn into syrup, and, ultimately, soda.

Go read the article, it’s interesting.

US Authorities Seize Foreign Domain

Via easyDNS, The Domains reports on a foreign gambling domain being seized in the US:

The indictment focuses on the movement of funds from accounts outside the U.S., in Switzerland, England, Malta, and Canada, and the hiring of media resellers and advertisers to promote Internet gambling.

To make that clear: A federal warrant was issued and a foreign company dealing with a domain registrar in Canada was taken off the internet because the company violated the state law of Maryland.

DNS will eventually be succeeded. This is just pushing for it to happen sooner than later. The next system will not be so centralized, and certainly not be based in the US.

It’s also worth noting the Dept. of Justice yet again seems to violate federal law by ignoring Section 508 in this take-down. The blatant disregard for federal law by the Dept. of Justice is ironic. Sad considering the $0 cost to fix it. It’s safe to say it’s not an “oversight” as it’s got presence to the point of it’s own website.

F.B.I. Violating Section 508?

Section 508 is familiar to many in IT. For those who don’t know it, Wikipedia explains it best:

In 1998 the US Congress amended the Rehabilitation Act to require Federal agencies to make their electronic and information technology accessible to people with disabilities. Section 508 was enacted to eliminate barriers in information technology, to make available new opportunities for people with disabilities, and to encourage development of technologies that will help achieve these goals. The law applies to all Federal agencies when they develop, procure, maintain, or use electronic and information technology. Under Section 508 (29 U.S.C. § 794d), agencies must give disabled employees and members of the public access to information that is comparable to the access available to others.

The F.B.I however decided it’s above this law and decided to replace the shutdown pages for a bunch of gambling sites they shut down with the following HTML (example link):

<html>
  <title>WARNING</title>
<img src="banner7.jpg"/>
</html>

I’ve noticed this several times over the years, so this seems to be a chronic problem nobody is calling them out on.

The image (linked locally for posterity) contains the following text below the FBI and DOJ seal’s:

This domain name has been seized by the F.B.I pursuant to an Arrest Warrant in Rem obtained by the United States Attorney’s Office for the Southern District of New York and issued by the United States District Court for the Southern District of New York.

Conducting, financing, managing, supervising, directing, or owning all or part of an illegal gambling business is a federal crime (18 U.S.C § 1955)

For persons engaged in the business of betting or wagering, it is also a federal crime to knowingly accept, in connection with the participation of another person in unlawful Internet gambling, credit, electronic fund transfers, or checks. (31 U.S.C §§ 5363 & 5366)

Violation of these laws carry criminal penalties of up to five years’ imprisonment and a fine up to $250,000.

Properties, including domain names, used in violation of the provisions of 18 U.S.C 1955 or involved in money laundering transactions are subject to forfeiture to the United States.
(18 U.S.C. §§ 981 & 1955(d))

To my knowledge, this is a direct violation of Section 508. There are provisions for when Section 508 compliance creates an undue burden, however this could be remedied in under 5 minutes by using text rather than an image. It’s a clear violation. Any federal IT employee would know about this. Civilian IT professionals know about Section 508. The seals could have been one image with an alt tag containing the text “FBI/DOJ Seals” and the above text in HTML. This is trivial. I did half the work just transcribing it up above. I have no doubt the individual who put it together was familiar with Section 508.

In a world where we web developers make efforts to bring information to the disabled and make the internet easily accessible to those with disabilities, this is pretty sad and a real step backwards. The rest of the Internet has been moving forward to making things accessible via initiatives like WAI-ARIA. Target had to settle a lawsuit for $6 million for failing to make a much more complex site ADA compliant. Since financial settlement with the FBI would be very unlikely this gets ignored by NFB and others, but I don’t think it should be.

More On The Housing Market

Gary Shilling of A. Gary Shilling & Co believes that the housing market has another 20% to go before it will bottom out. BusinessInsider has a pretty extensive slide show explaining how he came to that conclusion.

I noted a few weeks ago that I don’t think the housing market has bottomed out. Despite what various talking heads may suggest, the numbers and historical trends suggest it still has more to drop. It still seems to expensive for there to be enough of a market to warrant the price. This is a cyclical problem. Unless housing becomes more affordable, or potential buyers become more affluent (unlikely) housing prices can’t be stable much less climb in any meaningful way. Eventually prices must drop.

I’m glad to see validation that my head scratching isn’t totally unwarranted. This has bugged me for several months. People claim it’s bottomed out, but there doesn’t seem to be any rational reason to think that other than wishful thinking, which I’d argue is optimistic, rather than rational.

The Kurt Gödel Constitutional Dictatorship Loophole

I had heard the story of Kurt Gödel discovering an inconsistency in the U.S. Constitution, one that would allow the U.S. to become a dictatorship. Towards the end of his life Oskar Morgenstern, who along with Albert Einstein went to the citizenship hearing for Gödel (all three were Institute for Advanced Study faculty at the time) recounted the events of that citizenship hearing. The exchange went something like this:

And then he turned to Gödel and said, Now, Mr. Gödel, where do you come from?
Gödel: Where I come from? Austria.
The examiner: What kind of government did you have in Austria?
Gödel: It was a republic, but the constitution was such that it finally was changed into a dictatorship.
The examiner: Oh! This is very bad. This could not happen in this country.
Gödel: Oh, yes, I can prove it.

As far as I’m aware, his discovery was never published and was either never revealed or lost through the years. I can’t imagine how three of the greatest minds to ever gather in one location (and they went as far as working in the same institution) could have avoided debating such a topic.

The memorandum from Morgenstern recounting the event (found here) is linked below and mirrored for posterity:
Morgenstern on Gödel citizenship [pdf] | original [pdf]