Hubert Chathi

A Toronto judge has ordered that a Christmas tree, which used to be displayed at the Ontario Court of Justice be removed, and relocated to a back hallway. Judge Marion Cohen wrote that she didn't think it appropriate that when people enter the courthouse, the “first thing they see is a Christian symbol.”

Sorry, try again. The tree is not a Christian symbol; it actually has various cultural origins, and somehow got incorporated into the Christian celebration of Christmas.

So remove the tree if you must, but don't blame the tree on the Christians. We weren't responsible for it.

Or just incorporate the tree into your own cultural celebration. After all, that's what the Christians did.

It’s summer, so more people are flying. And after the terrorism-related arrests a few weeks ago, more people are paranoid. And so, I suppose, it’s inevitable that we have more people overreacting to normal incidents.

Here’s one man’s story of what happened when his [iPod accidentally fell in the airplane toilet http://forums.worldofwarcraft.com/thread.html;jsessionid=32DA4C09BEB07855088A6F20EBB8C4DE?topicId=11211166&sid=1]. (Schneier, /., Ottawa Citizen) While the details of his story aren’t independently verified, it has at least been confirmed that someone’s iPod did in fact fall in the toilet, causing security to evacuate the plane and question all the passengers.

12 passengers, all Indian men, were removed from a flight after the crew noticed some passengers fiddling with cell phones. The 12 were later cleared and released without charges.

And when they’re not overreacting, they’re giving strange advice. The “[TSA] [encourages] everyone to pack gel-filled bras in their checked baggage.” (Schneier) So if you’re flying, and don’t have a gel-filled bra, make sure you go out and buy one, and pack it in your checked baggage. Because the TSA says so.

Here’s a Bob the Angry Flower comic on security. Which sounds a lot like the Department of Homeland Security’s list of top terrorist targets. (Schneier)

This is camping season as well, Schneier has a short posting on security tradeoffs in bear-proof garbage bins.

An old post: Schneier announced the movie-plot threat contest winner.

Moving on to computer security, 123456 is the most common password. (Schneier) That’s the kind of thing an idiot would have on his luggage.

And Stephen Colbert gives his computer security tips (part 1, part 2) (Schneier)

A new attack against SHA-1 has been developed. (/.) This is a collision attack (not a preimage attack), and allows part of the text to be chosen. It’s still not practical, but it’s still a further weakness in SHA-1.

And finally, here are some facts about Bruce Schneier (Schneier)

Last week, a Winnipeg doctor and two colleagues were kicked off a plane for saying their evening prayers. The prayers were interpreted by another passenger as suspicious behaviour, and the passenger alerted the flight crew, the three people were taken off their flight. A United Airlines spokesperson said that they have an obligation to take allegations of threatening situations seriously, especially after the recent arrests in Britain.

“Whenever these types of claims are made we have a duty to investigate,” Borrman said. “Our flight crews are trained to make safety the No. 1 priority.”

Yeah, you have a duty to investigate, and the flight crew obviously didn’t do that. Otherwise, they would have realized that the accusation was unfounded. Security doesn’t mean that you start kicking people off whenever someone points a finger and says, “terrorist!”

In my opinion, if anyone should have been kicked off the flight, it should have been the passenger who made the false accusation.

Amnesty International (UK) has started a campaign called irrepressible.info to protest censorship of websites and the increasing use of the Internet by governments to repress its citizens. (/., CBC) They feature an online petition that will be presented to a UN conference in November. And for those who have websites, you can also add a box to your website that features excerpts from censored webpages, which I’ve added to the bar on the right (the ugly green box). (The box comes in various sizes.)

Canadians gave the Conservatives a minority government yesterday — the second straight minority government for Canada. While you can get better analysis elsewhere, here are some of my thoughts.

Despite a poor Liberal campaign, and the various scandals, the Liberals still managed to get a third of the seats, and just under a third of the popular vote. Is this a sign of the strength of the Liberal party? Probably a sign that Canadians don’t feel comfortable giving the Conservatives a majority yet. Canadians wanted to punish the Liberals, but did not want to give the Conservatives too much power. If the Conservatives are to survive, Harper must use the next couple of years to show Canadians that the Conservatives are not as right-wing as they are perceived to be. Since they now have representation from every part of the country, they must show that they are a national party, and that they are not just the old Reform party.

Since we have a minority, the Conservatives will need the support of at least one other party to pass any bill. The Liberals and BQ each have enough seats to hold the government together on their own. The NDP is just short again (assuming all MPs show up to vote). However, that also depends on how the independent leans, as well as who becomes speaker of the house. This means that an independent might have a big influence on how the house runs (much like in last March’s budget vote). (This also depends on how the recounts go, too.)

With a minority, the Conservatives won’t be able to deliver on some parts of their platform. We won’t be seeing a 5% GST any time soon — none of the other parties want to cut the GST (ironic since the Conservatives were the ones who had introduced the GST, and the Liberals had promised to scrap it). My guess is that Harper might be able to cut the GST slightly, if he implements some income tax cuts. He’ll probably have a tough time next time if he doesn’t manage to do anything about the GST (though the Liberals managed to get reelected after breaking their original promise).

And it seems like finance is where the Conservatives are going to have the most trouble. All the other parties are more left-leaning. Harper is going to have to work hard and make a lot of compromises to gain consensus with the other parties, in order to prevent another election. None of the parties want to have another election soon, so everyone will be trying to work to hold the government together — at least for a while. But this doesn’t give Harper a blank cheque. If he governs as though he had a minority, he’ll lose support of the house.

Some things, though, will be much easier for the Conservatives. The Bloc and the NDP will both support a federal accountability act, which Harper said is the first thing that he will be proposing. And with NDP support, they will probably launch a study on electoral reforms. (I’ll talk more about electoral reforms in a future post.)

Not too unexpectedly, Alberta is completely Conservative. The results in my riding were the closest in Alberta (and the last to be decided). Despite Anne McLellan’s personal popularity, she was done in by her party. If not for the fact that she was a Liberal, she could have been reelected.

Thanks to my brother for pointing this out. FaithToday asked the party leaders about their view on faith and politics. Martin’s god is the Charter and he said a whole lot of nothing. Duceppe avoided the question. Harper and Layton said more interesting stuff.

Last Wednesday, in a truly unfortunate turn of events, an innocent civilian was killed by a U.S. federal air marshal (CBC followup) in Miami. The passenger, Rogberto Alpizar, was running around erratically, and allegedly claimed to have a bomb in his carry-on. He was shot as he reached into his bag. No bomb was found. According to Alpizar’s wife, he was bipolar and hadn’t taken his medication.

It’s hard to criticise the air marshal for his decision to shoot. Given the situation, he had to make a split-second decision, based on insufficient information. And we don’t really no exactly what happened, so we can’t really judge whether or not he made the right decision. (Schneier has, as usual, excellent commentary.)

Mistakes like these are indicative of flaws in the system. Salon’s pilot-in-residence comments on this. (Schneier’ summary) One question that I have is whether the air marshal had access to non-lethal options. It seems like the debate is whether or not the air marshal was right in trying to stop Alpizar by shooting him. It is a binary question — shoot, or don’t shoot. I think that we should be thinking about what other tools or options the air marshal had, or should have had, available to him.

As a followup to my last post, the CBC’s Fifth Estate sent a reporter to the Pearson International Airport to check out airport security, and found some major holes. In response, the Canadian Air Transport Security Authority’s chief operating officer gave the following proof that they’re delivering on their mandate: 90% of the people that they surveyed were satisfied with the security process. That’s right, CATSA measures their effectiveness by how secure the public feels, and not how secure they actually are. An airport passenger screener says, “It’s what I call the illusion of security. That’s what I call it.”

It’s that time of year again. Yes, with the busiest travel season coming up quickly (I’m flying home on December 25), it’s time to talk about airline security again, one of my favourite topics. An Australian minister, Amanda Vanstone, in a speech points out that most security measures are just designed to make people feel safer, and don’t actually increase security. (Schneier) She’s absolutely right about that, and it’s something that I’ve been saying for a long time. They won’t let me take my mini Swiss Army knife on the plane, but they have no problems with glass bottles. I think that a big glass shard is a lot more effective for hijacking a plane than a tiny semi-sharp 1 inch blade.

Perhaps too predictably, some people didn’t like her speech, and are calling for her resignation. It kind of makes me glad that I’m not famous. I can say anything I want and make fun of security at the Parliament and, in this small corner of the Internet, nobody will notice and make a big fuss about it. Well, except for maybe CSIS, who are adding me to their watch list.

A new surveillance bill has been introduced in parliament, which would make it easier for CSIS and police to monitor cell phones and Internet connections. (Michael Geist, CBC, /.) The bill seems to reduce the oversight in the process of obtaining information. While I’m not against allowing police to obtain information required in an investigation, I am very much opposed to allowing them to do this without a warrant. A warrant ensures that police do not abuse their powers, and ensures that they have good reason to suspect wrongdoing before they are allowed to investigate.

Pretty much anyone who’s been paying any attention knows that the big record labels are trying to prevent people from copying CDs (and anyone who really cares already knows that the methods used by the labels are easy to get around). Most recent ones install software on your computer (usually only on Windows) and only allows you to play the music through their software (denying Americans of their “fair use” rights). The software installed by Sony actually compromises your computer’s security. (Washington Post, Schneier, Schneier followup, The Register, Freedom to Tinker, /., /. followup, The Inquirer, PC Pro, Wikipedia, Muzzy).

Mark Russinovich discovered a rootkit on his system; further analysis revealed that it was installed by a CD published by Sony. The rootkit, among other things, hides files whose names start with $sys$, and apparently, trying to remove the rootkit, or other parts of the software that they install, kills Windows. In response, Sony releases a service pack that claims to remove the software, and claims that the rootkit does not pose any security threat. (But any software that is able to hide files from the system is an open door to malicious use.) However, despite claiming that the service pack removes the software, it simply installs a newer version that has the $sys$-masking disabled. (The Inquirer, Freedom to Tinker, /.)

The whole thing has resulted in lawsuits from California (/.) and Italy, and an investigation from the Italian police.

And despite Sony’s claims that the software poses no threat, a trojan has been discovered that uses Sony’s rootkit to hide itself. (/.)

And their service pack for uninstalling the rootkit opens up another security hole. First of all, in order to obtain the service pack (which Sony seems to intentionally make it hard for customers to do), you must install an ActiveX control, which gathers information about your hardware, which has serious privacy implications. Next, it turns out that the ActiveX control actually allows any webpage that you visit to install and run any code it wants. (Washington Post, Schneier, /.) It sounds like the cure is worse than the disease. Fortunately, some people have written a tool that secures your computer against the software.

Finally, Sony decided to stop production of CDs with the rootkit, ( /.) and pulled it from store shelves and offer exchanges to anyone who bought a CD with the rootkit on it. ( /.) This happened two weeks after the rootkit was initially discovered. And Sony has still offered no way to properly remove the rootkit if you already have it installed.

Sony has been criticized by the Department of Homeland Security, and Microsoft, who have said that they will remove the rootkit.

It has also appears that Sony’s software may also infringe on other people’s copyright. (/., /.) Oh, the irony of infringing on other peoples’ copyright in an effort to protect your own.

Freedom to Tinker has instructions on how to remove Sony’s software. But to play it safe, it’s probably a good idea to stop buying CDs from Sony, because you never know what they’re going to try to pull in the future. In fact, it’s probably best to stop buying Sony products at all.

Schneier has a more detailed column in Wired.

And remember, the next time you put an audio CD in your Windows machine, hold down the Shift button. That will prevent software from being automatically run on your computer. Then you can use a program like CDex to copy the music onto your computer and listen to it at will.

This Sunday, we will be setting our clocks back an hour. In two years, Québec and Ontario (and maybe other provinces as well) will be doing it a week later, as both provinces have decided to follow the U.S. lead in extending Daylight Saving Time (assumably for business reasons). (/.) This means that "standard" time will now be observed for less of the year than daylight time. Surely there must be better ways of dealing with energy consumption that making these ridiculous changes to timekeeping.

A group, organized by Britain’s Royal Society, has released the Adelphi Charter on creativity, innovation, and intellectual property, which outlines principles for how patents, trademarks, and copyrights should be handled. (Royal Society press release, Economist, Guardian, /.) The charter calls for a return to balance between ensuring that ideas are publicly available, and rewarding authors and inventors.

It appears the USPTO has dropped the requirement that patents be under “technological arts” in a 3-2 decision by the Board of Patent Appeals. (/.) This greatly widens the scope of patents in the U.S. It looks like patent law in the U.S. will just get worse, before it gets better. Hopefully, the patent situation will become completely ridiculous, so the government will be forced to reform the system.

Here’s an interesting piece on hand writing.

Switchfoot’s latest CD recently hit the shelves. Unfortunately, Sony got their hands on it and slapped their copy control software on it, which prompted Switchfoot to apologize and offer instructions for circumventing the copy control. (/.) The workaround is simple: for Windows, just disable autorun, which can be done temporarily by holding Shift when you pop in the disc. Or you can disable autorun permanently (which is probably a good idea to do anyways, because you never know what copy-controlled CDs you’ll have in the future). For Mac or Linux users, nothing special needs to be done; you can copy from those operating systems without problems.

The purpose of record labels is so that artists do not have to worry about the nitty gritty of distributing music. The labels should be working for the artists; the artists shouldn’t have to be fighting the labels. Otherwise, what’s the point of having a label?

Unfortunately, it may be too late for Switchfoot, at least for this album, unless they can get out of whatever contract they signed with Sony. Most of the other major labels also have a policy of putting copy control on their major CD releases. Fortunately, there are some labels that aren’t evil, but they are much smaller, and can’t offer the same exposure as the big guys.

This situation also puts American Switchfoot fans in a questionable legal position. By circumventing the copy control scheme, fans are violating section 1201(a) of the Digital Millennium Copyright Act (DMCA).

Recently, the FCC gave the FBI a backdoor to the network. Now, it looks like the Canadian government is trying to catch up to our neighbours to the south, and are planning on introducing a bill this fall to give police more surveillance powers. (Globe and Mail, CanWest, /.) The bill, or at least a version that was circulated for review earlier this year, requires ISPs to retain traffic logs for a significant amount of time, and provide police with information 24/7 within 30 minutes of receiving a phone call without a court order. I’m not so much concerned about the types of data that police may be able to get under the new legislation. I’m much more concerned about the lack of due process — police should not be able to access information without a search warrant.

Justice Minister Cotler says that the bill will “protect the civil libertarian concerns that are involved such as privacy and information surveillance.” I hope that it’s true, and we’ll see when the bill is introduced next month.

The Canadian Medical Association has voted two-to-one to support a parallel private health care system. (Edm. Journal, Edm. Journal, Edm. Journal) Citing the public health system’s failure to provide timely health care, as well as the recent Supreme Court decision, doctors said that patients need an opportunity to get proper health care. The proposal is very similar to Ralph Klein’s “third choice” plan, and you know that health care is in big trouble when the doctors are agreeing with Ralph. The doctors also want to increase the number of spots in medical schools, and to open up more residencies for foreign-trained doctors. Because it’s stupid when a doctor has to work at a convenience store because he can’t get licensed here.

It seems to me, though, that private insurance isn’t going to solve the problem. The problem isn’t with the insurance, but with the facilities, resources, and manpower. I don’t mind the private sector providing facilities, but there must be quality control and must be paid for entirely by the public health system.

Stallman was right. Several publishers are now introducing textbooks that are restricted using DRM. (/.) For a mere 33% discount off the print-copy price, students will be able to download an electronic version that expires after 150 days (or a little under 5 months). That means that students won’t be able to refer to their textbook later on, or to resell the books (which can be better than a 33% discount). The publishers are essentially saying that their books are useless for anything outside the scope of the course. (Of course, I have some textbooks that I will never refer to again — and several textbooks that I have never looked at, even when I was taking the course.)

This is beautiful. (Schneier)

Parents are increasingly using technology to monitor their children. (Schneier) As Schneier says, “This is security based on fear, not reason. And I think people who act this way make their families less safe.” Society has become much more insular and fearful. Instead of raising our kids to be able to fend for themselves, and to be able to make good decisions, we may be raising a generation of hermits, who are afraid to talk to anyone for fear of what may happen to them.