Black History?

My daughter’s school class talked about “black history” last week. They spoke about Martin Luther King and Rosa Parks. Now, whilst these people both have historically significant stories, is this not more American history?

I am puzzled why there appears to have been no mention of Africa and the common heritage of all African-descended peoples, why there was no mention of other signficant figures; there are plenty to choose from. Nelson Mandela, Malcolm X, Marcus Garvery, the list could go on, The aniversary of Halie Selassie’s famous “war” speech to the UN was on the fourth of this month.

Now I know, it’s only middle-school level and I can’t expect too much. However, the apartehied regime in South Africa, for example, was within my lifetime. Nelson Mandella was mentioned a lot in the news when I was young and the links between the regime in South Africa and the UK are arguably stronger than those between the UK and the USA. The same is true with Jamaica, being a former British colony. We also have a connection to India and hence to the life of Gandhi. Should black history not encompass more than just the USA; the majority of black peoples worldwide live outside of the USA.

I can’t help think that the school have paid lip-service to this part of the curriculm by providing a small snapshot of Black people in American culture. Perhaps if I lived in a more culturally-diverse area this would not be the case. I wonder if schools in more culturally diverse areas are more likely to provide a broader view of this subject. Now I know, all of this is probably not deliberate, the teachers probably have little knowledge of the subject matter themselves and even less time to research it. The lesson plan probably originated from a Google search which turned up american websites. However, should a broader view of this huge chunk of international history be more integrated into the school curriculm and by so doing understanding be cultivated, even in areas of lower cultural diversity?

Why don’t banks use digital signatures to stamp out phishing?

Ever wondered why banks don’t offer optional digital signatures on all of their messages to you, or even full encryption of messages? My ISP does it, why not banks? This has the potential to stamp out Phishing scams for good. It’s backwards compatible too. The processing power required is not a huge issue nowadays.

But, it’s not in the bank’s best interest to stamp out these scams. Why you ask? The answer is simple. Contrary to popular belief, cases of external hacks getting to sensitive bank data are very, very, very, rare. So rare as to be almost impossible. What is more prevalent is compromise involving some human, internal element. The public’s perception that external Phising or hacking attempts are responsible for data being compromised, cards being cloned, accounts being accessed, is an extremely useful diversion for the banks because it makes the average person assume that the threat is external and the bank is hence still trustworthy and safe. This is, however, not the case. Bank staff are no more trustworthy or immune to coercion and blackmail than anyone else. If inteligence organisations can be compromised, private companies can be compromised easier. In my entire time working in the security field I have never seen an external attack on a secure system succeed.

So, back to our phising. If the bank can blame an issue on phishing, you continue to trust your bank with your money, which is very important to their continued profit.

The same goes for credit and debit card fraud. I was told by my bank that most fraud happens because armies of people in the third-world are paid to type in random credit card numbers all day. This is simply not true. Most credit card numbers are compromised either at the retailer or at the bank, full stop.

So, consider this. Does your bank really care about your security? Absolutely not, what they care about is profit. Security can be reduced down to a risk on paper. They can insure against a risk, quantify it, budget for it and continue to make profit. Properly securing against these threats is expensive, more so than accepting the risk, so they accept the risk and carry on, much as a supermarket factors the cost of theft into product prices. They continue to make profit, so the board is happy.

Remember: banks don’t care about you, they care about your money, end of story.

Is the government’s “Bums on seats” approach to education damaging our children?

I’ve been thinking about the government’s decision to impose fines for non-attendance on parents and the tightening up of the regulations around when a child can be absent from school and I can’t help but think that this approach cannot be productive. We seem to be seeing a gradual but relentless erosion of the rights of the parent and the child in favour of having our children’s “bums on seats” in the classroom.

The government fails to recognise that education and learning is much, much, more than just learning to a pre-determined academic standard in a classroom. If, as parents, we have a responsibility to ensure our children receive an education it follows that we also have a right to have our say in what that education involves. We need to reclaim that right.

The decision by the government to put a blanket ban on term-time holidays and other trips is a case in point. For many families a holiday is their time to re-connect as a cohesive unit. With many parents working full time and children in school every day, families become disjointed; disconnected from each other. Holidays have huge emotional and educational benefits, as the family experiences different environment and cultures as a joined-up unit. It is a time for parents to enjoy time with their children and a chance for children to see their parents relaxing and having fun. A connected, close, family unit will help the child cope with stressful situations not just now but potentialy for life. These children will require less support from the system and potentially be less likely to be involved with the police and other services. For this reason alone, it makes sense to encourage a cohesive family unit. For some it is simply impossible to take holidays during the official school holiday time because of the costs involved. Unscrupulous holliday companies have realised that they have a capitve audience and have inflated their prices so much as to make holidays at thise time unaffordable for many.

What about a family educational trip, for example a trip to one of the national museums in London? Many schools are so under pressure to deliver the national curriculm and so afraid of health and safety law that children simply do not go on trips such as this any more. Children should not have to miss out on the hugely rich, multisensory educational experiences avaliable on these type of trips because of this. What about reconnecting with our environment? Being out in “nature” is arguably one of the most important things our children can experience when they are young to develop a healthy respect for their environment when they are older.

If schools can’t offer these experiences, if they are not required to listen to our views as parents with regards to our children’s education, we as parents should be free to decide that these type of experiences are important to our children’s education and well-being. We should be able to choose to take our children out of school so that they can experience a richer, wider educational experience than our schools can offer.

It is often stated that some parents will not take attendance seriously if there is not a financial penalty for non-attendance. To proponents of this argument, I would ask, why does the child not want to attend school? Most children who do not want to attend school feel this way because there is a problem that needs adressing. Forcing parents to force children to attend school does not help their learning and it certainly does not help the relationship between parent and child. This approach can damage a child’s approach to learning for life and damage their relationship with their parents irreparably. Instead, we should ask, what is the school not doing to support and engage this child and make them want to attend school and interact with their peers? Perhaps we should be fining the school or the Local Education Authority for non-attendance as they have obviously failed in their duty to support, engage, nurture and encourage the growing minds that they are entrusted with.

What about periods of illness? I hear stories of schoools requiring ridiculous proof of children’s illness, sometimes so invasive that it could be considered as harassment. Schools should accept proof of ilness on the same basis as if you were off work. This implication that when children are off ill, the parent is lying and proof needs to be provided is simply unacceptable.

So, parents, let’s reclaim our rights and assert our moral responsiblity to do the best for our children. Our government needs to listen. We are not bad parents just because our children have time off of school. We as parents know what’s best for our children and we have a right to be listened to.

Thought for today

I’m not anti-system. I will support systems that work for the good of society and peacefully object to those that don’t.

I’m not anti-government. I will support a form of government that I broadly trust and believe in and respects my rights as an individual.

I’m not anti-state. I will support a state which enables me to be a free and independent individual and to live my life as I choose without fear of discrimination hate and violence from others. In return I will not show discrimination, hate and violence to others.

I’m not anti-business. I will support businesses that act ethically where they can, in the best interests of human kind. I will do my best to limit my contact with those that don’t.

I’m not anti police. I welcome a police force that protects my human right to live as I choose without fear of violence, discrimination or prejudice but does not intrude on my right of privacy or my right of choice.

So, there’s some themes here:

1) Respect for the individual

2) How does the above apply to the current state of affairs?

3) Tolerance. Are we moving in the right direction? If so, maybe some patience is required and trust in the belief that we will get there.

4) Responsibility. We have a responsibility to society to support that which is good within our society and object to that which is not. Of course, the debate starts when we all try to agree on what’s good.

5) Misinformation. Whether it’s deliberate or unintentional, it clouds the issue greatly. The Internet and the way it makes it so easy for everyone to publish compounds this issue. Before you make a judgment, question the validity of your sources.

Diaspora* – a new social media platform

Many of you use Facebook. However, with decreasing privacy and the fact that FB own your personal data, many are looking for a new social media platform where control can be retained over your data. Enter Diaspora*.

Diaspora* is a new social media platform based on a federated architecture. This means that you can host your data on any one of many public servers, or run your own. The network handles distribution of posts to your friends in much the same way as email; your posts are delivered to your friend’s server directly, there is no central system. This is great for resilience and it is also great for privacy as only the data you specifically allow to leave your server ever does.

There is no advertising on Diaspora*. It features a nice clean, simple web interface and also a mobile site, Android and iPhone apps, just like Facebook does.

I am currently testing a new community Diaspora* server (or Pod, as they are known) with the view of offering access to it to all my friends so we can all start the migration away from Facebook together. Don’t worry though, Diaspora* allows you to cross-post your status to Facebook, Twitter and Tumblr automatically, if you like. This makes the transition easy to manage as your friends who have not yet made the switch can still see your posts.

If course, you’re welcome to use another Pod. One such public Pod is joindiaspora.com, which is run by the founders of Diaspora*.

The first step towards avoiding internet censorship and control (alternative DNS Roots, opennic and why you should care)

As governments and corporations look to exert more control over the internet the issue of avoiding internet censorship and promoting freedom of speech has become a central issue in shaping our internet for the future. To ensure that information is both free and uncensored it is imperative that political and economical forces are not able to unfairly modify the internet architecture for their own purposes. At the centre of this is issue is the Domain Name Service (DNS).

DNS is a directory of computers and their associated names, much like a ‘phone book. When you type an address in to your browser (for example, www.google.co.uk) your computer asks the DNS service to find the IP address that is associated with this address so your computer knows where to connect to to get the page you have requested. The DNS is a hierachical structure, made up of a number of Top Level Domains (TLDs). These TLDs are the right-most part of the adrress, like the .com, .net, .co.uk etc that we all know.

Anyone can run a DNS server. However, to resolve the domains we all know, your server needs to talk to the top-level or root servers. These servers are run by corporations and are distributed around the world. The overall administration of the DNS and IP addressing falls to an organisation called Internet Corporation for Assigned Names and Numbers (ICANN). ICANN is a non-profit organisation which was set up by the US Federal Government to control DNS, which was previously within US Federal remit. The US federal government has retained influence over ICANN, not least because ICANN is operated within US jurisdiction. ICANN charges a large amount of money for the privilege of setting up a TLD or being a reseller for domains within a TLD, which used to be free when the internet was first created.

DNS can also be used to track your internet access. This is because every site you visit generates a DNS request, which can be logged, leaving a record of all of the hosts on the internet that you connect to. DNS can also be used to censor your access; if a domain is removed or blocked from DNS, you cannot resolve the domain name to the IP address on which it is hosted, thus stopping access to the domain. Censorship using DNS blocking has already been implemented in many countries.

However, there is a solution to this invasion of your privacy. Alternate DNS root systems can be used which do not have such censorship. This also provide an added bonus: free to register domains and TLDs, thus making DNS free, open and globally distributed, as it was always intended to be.

One such alternative root provider is opennic. Opennic allows you to resolve a host of new TLDs whilst still allowing access to the existing, ICANN administered domains. It’s easy to use, it just takes a simple configuration change on your PC to benefit. Click this link for more discussion on why this is a good idea and to find out how to make the simple change.

So there we are. Object to censorship, control and artificial costs. Join me in using opennic now and keep internet freedom alive.

IPv6 is here to stay but are vendors taking it seriously?

World IPv6 day has come and gone and many companies worldwide now have a permanent IPv6 presence. ISP’s are now rolling out IPv6 to customers and are restricting the number of IPv4 addresses offered. These moves are welcome to those ready to adopt IPv6 but are vendors stepping up to provide IPv6 enabled devices? My personal experience says that they are not.

I recently contacted Siemens to see if my Giagset VoIP DECT phone would recieve a firmware update enabling it for IPv6. The answer I got was a definite no. This is hardly surprising, the device is a couple of years old. However, the email which i received went on to say that Siemens currently have no DECT VoIP bases that provide IPv6 functionality at all.

In the consumer router market, the story is much the same. There are still only a small number of routers that can suppport IPv6 and those that do often suffer from buggy, incomplete or non-compliant implementations. This makes the IPv6 path a frustrating one for early adopters such as myself. I don’t get the feeling that vendors are seeing IPv6 as important at the moment. I really hope this changes soon.

Letter to my MP about the Communications Data Bill

Dear Mr ,

I write with reference to the government’s proposed Communications Data
Bill.

Firstly, a little about my background. I am a freelance computer
professional specialising in IT Architecture and IT Security. Over the
last fifteen years I have worked on systems and designs for many public
and private sector clients including <removed for personal privacy reasons>
. I have also been involved in the forensic analysis of data from computer systems.

I have serious concerns about the governments plans and it’s impact on
the individual’s freedoms and human rights. I also have concern about
the efficacy of this method of gathering information and the potential
for misuse of the data gathered, both legally and illegally.

People today have an intimate relationship with the Internet, in many
cases more intimate than relationships they have with other individuals.
For many the Internet is their first port of call if they have a
concern, for example, about a medical or personal problem. The internet
is used to communicate with like minded individuals, to access subject
matter of interest, even to persue someone’s deepest, most private
desires. An individual’s Internet usage therefore reflects their entire
life, even the most private of things like sexual preferences and other
private interests. Collecting data on Internet usage therefore has the
ability to expose an individuals private life in it’s entirety.

I believe data such as this should be private, safeguarded by the basic
human right to privacy that should be offered to every human being. It
is accepted that in society the Government, the Police and the Security
Services sometimes need to delve deeply into someone’s life for reasons
of crime prevention and national security. However, this intrusion must
be justified. Currently, the law provides this safeguard with the
requirement for a warrant to be obtained before this type of data can be
collected. In my view it is incredibly important that this safeguard to
our individual privacy is retained.

There is also a major security issue in collecting and retaining this
information. A leak of this information from an ISP could easily happen.
This could potentially put individuals, particularly those in the public
eye, in a situation where they could be blackmailed, threatened,
compromised or harmed. For ISPs to handle this sort of information,
there is also a wider issue here; should ISP staff be subject to
Security Clearance if they have the potential to access this sort of
sensitive information? Would it be appropriate for this information to
be officially classified as Confidential, Restricted, Secret or above?

Information that could be collected under the Communications Data Bill
will not be effective in fighting terrorism and organised crime as has
been stated by the government. I can think of many ways that an
individual could circumvent these measures. For an organised group the
possibilities to avoid detection are even greater. Instead, the data
generated will only really be useful for monitoring and profiling the
innocent. Fear of being caught for doing something that is completely
innocent could do the greatest harm, with individuals, particularly
young people, afraid of seeking information for fear of being
criminalised for it. Profiling in particular is also a major concern as
it effectively criminalises individuals or singles them out for special
attention based on probability. It is incredibly important to remember
that an individual is not a criminal unless they have actually broken
the law. It should also be noted that it would be easy for criminal
groups to resort to more traditional techniques of communication, thus
circumventing this proposed legislation entirely.

– From a technical perspective, the technical implementation of this
Bill runs the risk of harming the internet experience for many, causing
slowdown, breakages and difficulty in accessing sites, at least in the
beginning. The heavy technical requirements in terms of skill and
investment favours the very large ISPs and penalises smaller companies.
Some websites do not function correctly when used via an internet proxy
and some ISPs may not be able or willing to make the investment in
infrastructure required to provide a performant web proxy solution. I
worked on one of the UKs larger proxy deployments for the [removed for privacy reasons] and I can
assure you that the hardware and skill requirements to provide this type
of service are significant. Someone has to pay for this and this will
always be the public, either by increased internet costs, taxation or both.

This bill also preys on the public’s lack of understanding of the
technical issues surrounding this issue. Whilst saying these measures
will enable the Police and Security Services to catch more terrorists,
criminals and paedophiles is very emotive, in the real world I do not
expect a statistically significant increase in apprehension rates as a
direct result of this legislation. I therefore find it difficult to
accept the investment required as there is no real benefit to be gained
from it. I also find it impossible to justify this gross breach of
individual rights for so little gain. To me this Bill is little more
than policing by numbers; monitor enough people and eventually you’ll
find a criminal. This is not by any intelligent process but pure statistics.

I would therefore urge you to consider opposing the proposed
Communications Data Bill in its entirety.

Yours faithfully

Simon

Reply from Experian about their Web Monitoring Tool

Thank you for your email, which we received on 11/06/2012.

*Web Monitoring

The information we advise you about is only used to alert you to the details we have uncovered.

It is not passed to any other parties or will not be used in any other way, including in profiling issues.

The information is not used for credit scoring purposes.

Web monitoring can only be entered through your Credit Expert membership. Our systems are constantly under review to ensure that the retrieval and storage of your personal information is as secure as possible.

The data retrieved is subject to our normal rigorous storage controls, governed by the Data Protection Act and overseen by the Office of Fair Trading.

If you no longer need to monitor a piece of data you can delete it by visiting your web monitoring hub. Next to each piece of monitoring information you’ve entered in the personal, financial and other contact detail sections you’ll see a minus sign. Clicking on this will give you the option to delete that piece of data.

Please remember, if you need to update the details in your profile information section then you will need to update your details in the “My details” section of your Credit Expert account. Once you’ve updated your details here the changes will automatically be made to your Web monitoring details.

Alerts will remain available for one year after which they are destroyed.

If you’d rather not benefit from the Web Monitoring part of the service we can switch it off for you. You can opt out of web monitoring by clicking on your profile section within your membership.

Kind regards

Mr Joe Farrelley
Customer Service Representative

Customer Support Centre
Experian