Cory Doctorow: The coming war on general computation

[youtube http://www.youtube.com/watch?v=HUEvRyemKSg]

The copyright war was just the beginning

The last 20 years of Internet policy have been dominated by the copyright war, but the war turns out only to have been a skirmish. The coming century will be dominated by war against the general purpose computer, and the stakes are the freedom, fortune and privacy of the entire human race.

The problem is twofold: first, there is no known general-purpose computer that can execute all the programs we can think of except the naughty ones; second, general-purpose computers have replaced every other device in our world. There are no airplanes, only computers that fly. There are no cars, only computers we sit in. There are no hearing aids, only computers we put in our ears. There are no 3D printers, only computers that drive peripherals. There are no radios, only computers with fast ADCs and DACs and phased-array antennas. Consequently anything you do to “secure” anything with a computer in it ends up undermining the capabilities and security of every other corner of modern human society.

And general purpose computers can cause harm — whether it’s printing out AR15 components, causing mid-air collisions, or snarling traffic. So the number of parties with legitimate grievances against computers are going to continue to multiply, as will the cries to regulate PCs.

The primary regulatory impulse is to use combinations of code-signing and other “trust” mechanisms to create computers that run programs that users can’t inspect or terminate, that run without users’ consent or knowledge, and that run even when users don’t want them to.

The upshot: a world of ubiquitous malware, where everything we do to make things better only makes it worse, where the tools of liberation become tools of oppression.

Our duty and challenge is to devise systems for mitigating the harm of general purpose computing without recourse to spyware, first to keep ourselves safe, and second to keep computers safe from the regulatory impulse.

Merry Christmas everyone!

Some fun facts about Christmas traditions, brought to you by your friendly neighborhood atheist!

[youtube http://www.youtube.com/watch?v=7T8Y1-VLjGQ]

People would be amazed that 1) many non-Christians celebrate the holiday season and 2) many Christians unknowingly implement pagan traditions into their commemoration of the baby Jesus.

This video takes a quick glance at just a few beloved Christmas traditions and some of their origins.

Some other resources:
http://www.jesusneverexisted.com/nazareth.html
http://www.atheists.org/Did_Jesus_Exist%3F
http://www.history.com/topics/christmas

Praised be the Woody Allen Jesus (by Tim Minchin)

[youtube http://www.youtube.com/watch?v=_SFdUJLebzU]

This song was meant to air on the Jonathan Ross Show tomorrow night (23rd December 2011), but at the last minute ITV cut it. [… read the rest of the story …]

… which IMHO is way more offensive than his song is. But if you like it, make sure to check out the rest of his YouTube channel. Oh, and you get quite a bit more of his fun stuff at Amazon for very little money.

No more spilled coffee

Have you ever seen the magic a steadycam can do for your video footage? Now there’s the same kind of magic… for your coffee!

[youtube http://www.youtube.com/watch?v=8d-yOJ5cDtA]

You can get your own SpillNot Mug Holder at ThinkGeek for about $14. Thank you, gravity! :)

BBC cuteness overload

With Ooh’s and Ahh’s galore this video clip collection celebrates a world of adorable animal babies. Fluffy chicks, cute cubs and playful pups have the power to melt even the most hard-hearted human. Yet just because they are cute doesn’t mean they have life their own way. It takes a lot of determination, resourcefulness and even the odd helping hand to grow up in today’s world!

Pwn’ing the 99 percent

Quick summary: 99% of those 99 percent appear to be… just a tiny little bit… retarded.

[youtube http://www.youtube.com/watch?v=UGL-Ex1CD1c]

Last week, Reason.tv followed investment guru, radio show host, and unflappable defender of capitalism Peter Schiff as he spent three hours among the Occupy Wall Street protesters in Manhattan’s Zuccotti Park.

An unapologetic member of “the 1 Percent,” Schiff argued with all comers for the better part of an afternoon.

Schiff is no ordinary observer. As the prinicipal of the financial firm Euro Pacific Capital, he’s a full-fledged and unapologetic member of “the 1 Percent.” As an outspoken radio show host and commentator, he not only predicted the housing crash and financial crisis, he railed bank and auto-sector bailouts as they were happening. Schiff believes that capitalism offers is the only hope for young, frustrated people to have a vibrant and prosperous future. So he went to Occupy Wall Street to engage and debate the protesters.

Touring the Occupy Wall Street scene in New York with a sign that read “I Am the 1%, Let’s Talk,” Schiff spent more than three hours on the scene, explaining the difference between cronyism and capitalism, bailouts and balance sheets, and more.

“The regulation we want is the market,” said Schiff. “That’s what works.”

Schiff describes himself as “sympathetic” to the plight of the OWS protesters, but thinks their anger is misdirected at legitimate business interests and should be better at the White House, Congress, the Federal Reserve, and the crony capitalists they’ve bailed out.

PositiveSSL not working with Android?

Namecheap currently offers one of the most affordable ways to get a (not self-signed) SSL cert to use with your web-/mailserver – the only drawback being, that it isn’t signed by a CA Root, but through some subsidiaries, which means you’ll also have to install a supplied CA bundle on the server or else you’ll get a bunch of SSL errors.

With dovecot as POP/IMAP server, that’s actually quite easy – just put all the certs in single file, starting with your servers cert and followed by the three certs supplied by Namecheap/Comodo.

This should work fine with most mail clients, like Thunderbird or Evolution. The cert also worked with Apache for HTTPS. But for some reason, it didn’t work with my Android mail app.

Turns out, Android can be quite picky about the order of the cert chain…

#~$ echo|openssl s_client -connect yourserver.tld:993
CONNECTED(00000003)
depth=3 /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
Certificate chain
 0 s:/OU=Domain Control Validated/OU=PositiveSSL/CN=yourserver.tld
   i:/C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=PositiveSSL CA
 1 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
 2 s:/C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=PositiveSSL CA
   i:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
 3 s:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root

If the certs are in any other order, Android threw an error. So your cert file should contain (again: in that order):

Your Cert as supplied by Namecheap/Comodo/…
PositiveSSLCA.crt
UTNAddTrustServerCA.crt
AddTrustExternalCARoot.crt