Saturday, November 19, 2011

UK Internet Blackhole

I have family in Motherwell (for those that don't know it's in scotland). After seeing this article about the town's lack of facebook users (the town has always been a bit delipidated) so I decided to keep my techno-eyes peeled for technology mishaps or goodies on my recent visit to the town. I stayed at two hotels, obviously not at the same time, the first hotel had no WiFi it wasn't a surprise. Second hotel had WiFi it was unsecured, I wasn't surprised. It seemed to take a seriously long time to obtain a DHCP lease from the network so I did a little digging. It seems that the hotel's network was being managed remotely, probably has part of a block with other hotels within the same ADSL ISP. This surprised me a little; I would have thought, given the setup, that the ISP obviously providing a service to business would have the knowledge and sense to secure the AP. I encrypted anything mildly sensitive through an SSH tunnel, SSL would probably cover my email login, but I was feeling paranoid.

Next stop, the local library. Unsurprisingly their access points were unsecured, very well you say as it's meant to be public. Yes, and, no. A public network should be accessible, but shouldn't each separate link (wifi-user) be encrypted from other users to avoid sniffing? Well I that's my take, it seems to be a question few people asking  when it comes to security of intentional-open public networks accessible to everyone (e.g. libraries, major transport hubs, etc., etc.). Whilst SSL, will in most cases, help a user protect credit card details, email logins etc., all other internet bound traffic can be sniffed easily. With the advent of 4G I'm expected the ISPs and Mobile telecoms to converge somewhat, and, hopefully develop viable solutions to this problem. The mobile telecoms already did this for GSM (and presumably 3G and HPSA are also encrypted but I don't know enough about them to say for sure), albeit weak encrytion by today's standards but they did achieve it. Now the same technology is required for WiFi points.

In summary, in the past we sent information via emails and MSN messenger that we perhaps might not wish others to get their ends on, and, we (or rather those of us who are tech-savvy) did this with the knowledge it was sent in clear-text. In those days, it was an acceptable risk (as long as you weren't given your credit card details to a mate) you could see the cable to your internet modem and you were happy that no one was siphoning your data from there. Then you were happy that no-one at your ISP was that interested in your data (they should be earning enough from the $£ you send them once a month). Once it was there, you were reasonably happy that fred-next-door doesn't know you called him a c**t  to your sister on MSN. The difference now-a-days is that the node closest to you is no longer secure, so those in your immediate area can snoop were they couldn't before wifi came along. Particularly because, attackers can now be yards away from you, there is an enhanced social-security issue. Vulnerable individuals, such as children, could be put at greater risk. For example given the library scenario, a child may message a friend using an IM such as MSN, if they have a photo of themselves and their IM alias is their real name, a wifi sniffer could easy intercept this through an unsecured wifi point. Once a stranger can put a name to a child's face, the child is at a much greater risk. This example is one of many, I'm sure this is one of the more convoluted examples but I hope it is understandable to most.

As for Motherwell, I know that most of my, or at least most of the younger, relatives are using Facebook. In fact, a 15yo relative posts at least three public fb messages a day, complete with scottish accent. So, I can't pass too much judgement on the town with regards to social media, but as wifi points go I think hotels should restrict wifi to patrons only, and, libraries should restrict theirs to members only. To be honest, I wouldn't be surprised if Motherwell was the UK's most gravitating internet blackhole.

Or you can ignore me completely and join the campaign beneath:
http://www.dansdata.com/gz080.htm




Posted by at No comments:

Wednesday, November 2, 2011

last.fm rewinds

I really like last.fm; like many others I was a little sceptical about giving £3 a month so I could listen to music, but I was pleasantly surprised by the recommendations and a-radio-station-per-artist on-demand playlists and, of course, your own playlist based on tracks you have "loved". So my horror began today when I was greeted with an error message which pointed at a grovelling explanation on this page


Starting November 17th, 2010, Last.fm is discontinuing a few subscriber-only radio stations.
...
Licensing music is a complex and labour intensive process.  By discontinuing a few stations, we're able to focus our energy on improving our most popular features, developing new and innovative stations, and offering the best music discovery service to our global audience.
and

The following subscriber-only radio stations will no longer be available:
Loved Tracks Radio: streaming your list of loved tracks
Playlists: streaming a list of tracks you've chosen for a playlist
Personal Tag Radio: streaming a list of artists, albums or tracks that you have tagged


Yes you got it, last.fm no longer allows users to listen to the tracks they've chosen in effect forcing user's to listen to recommendation playlists. Granted the recommendation playlists are good, but everyone is going to want to listen to "just their music" once in a while. Here's what won't change:

Access to your list of loved tracks
Access to your playlists and the list of tracks within them
Access to your personal tags and the list of tracks within each
Your ability to listen to global tag stations
So basically you can access the names of the tracks you like but you can't play them and only them on-demand. Already, last.fm orders the sequence in which specific tracks in the playlist are up next, but now we can't listen to a specific music, instead music will HAVE to be played from a "recommended" playlist entirely derived by some formula at last.fm HQ. This "formula" (for want of a better word) is now very likely to have a very heavily weighted function on the music tracks legal licencing, I don't know about you but I couldn't give a damn about the licencing if I'm listening to "recommended" tracks. The last.fm "forced-sequencing" was tolerable given that this is a service last.fm have to make money out of, but with the onset of the "forced-playlists" (recommended playlists or artists radios) I don't think the £3 a month fee is justified.

The reason they cite is due to the complexity of music licencing. Yes, that's right, apparently it is more complicated to provide on-demand music from a variety of artists (from recommendations) than it is to play *one* specific track on demand. That doesn't smell right to me. Is this because "the recommendations" will be easier to licence on-demand? Implying that last.fm will group tracks for recommendations by the legal mumbojumbo in the track's licencing agreement. Surely this is the last thing on a user's mind when subscribing to a "recommendation". Go figure.


I've not yet decided whether I'll leave last.fm because of this, but I'm seriously considering it. 
Posted by at No comments:

a first blog

This is my first blog. I am 27 years old and I work as a Software Engineer for the UK Government. I've started blogging for a number of reasons (1) To discuss stuff with like-minded people and maybe become friends :-D (2) So I have somewhere to go when I feel like I can rant freely/anonymously (3) To keep track/share my technical exploits. 


I think that's pretty much it. 
Posted by at No comments:
Subscribe to: Posts (Atom)