UK man jailed for possessing publicly available US Army field manual on terrorism charges.

I strongly suggest being aware of legal issues in your jurisdiction before attempting to obtain any of the publications mentioned in this blog post.

Someone once asked me why I’ve never read the Anarchist’s Cookbook.

I said:

  1. I’m not interested
  2. I can’t be bothered
  3. I don’t want to go to prison in the UK

Today it came to light that the Terrorism Act has been used in a particularly ironic way.

A local 25 year old man from Bolton, Greater Manchester area suffered a break in and handed some CCTV images to police on a memory stick. Whilst investigating they found some other information on the device which

contained details about the toxin ricin, assassination and torture techniques and instructions for making improvised explosive devices.

There is also some other evidence a letter, a photo of him holding a gun in Pakistan, an alleged “shopping list” which I accept may be deciding factors in the case, however a large amount of the press surrounding the case are focusing on the information he had.

Handily, the press has named the information as some documents known as “Improvised Munitions Handbook and Unconventional Warfare Devices and Techniques”.

So I dropped that into Google and guess what? Amazon stocks the book. And similar books and even encourages you to “look inside”.

I didn’t feel any need to “look inside” said book or buy it. I’m confident in Amazon enough to believe that both are possible and confident enough in the operational parts of the UK justice system that looking at it could cause me considerably more trouble than it’s worth.

Who in their right might would publish such books you might ask? It must be some anarchist terror group right?

Actually, it’s “Pentagon Publishing” – aka the US Army/The Department of Defence.

So let’s be clear here: a UK citizen has been jailed for two years for downloading a pirated version of a publicly available allied armed force’s US Army field manual.

Should people expect to get charged for reading the Wikileaks Afgan War Logs on the basis they may come across some descriptions that could be useful for nefarious purposes?

When I was a child my parents gave me a copy of “The SAS Survival Guide” (published by Collins GEM). This contains lots of animal trap designs and deadfalls that could easily take out humans I guess (and it states this in big warning letters).  Perhaps

Frankly, from a personal point of view, I’m not interested interested in reading or acquiring military manuals etc. In fact I’m largely pacifistic, however it’s not that I feel there should be a second amendment style right to bear firearms in the UK; quite the opposite. It’s ridiculously hypocritical to jail someone on the basis of publicly available information obtained from an allied military force.

Step outside analogue boy!

Bowfell summit, Lake District
Bowfell summit, Lake District

Who says that hiking has nothing to do with digital rights? Today I walked up Bowfell in the Lake District (from Dungeon Ghyll, Langdale) in the beautiful snow!

Any analogue or digital boys and girls are more than welcome to come hiking sometimes and chat about their thoughts and concerns. :) Hiking transcends usual boundaries. :)

I am very tired now thoug;  as my friend Zhelyo said,

“Being alive can be too much fun sometimes!”

Here’s a challenge…

On the 1st of March, I will start my fifth year of blogging. It’s had various incarnations over the years and I did have a website before that, but I thought this not-very-impressive birthday deserved a bit of a celebration.

“Well Tim”, you smugly point out, “shouldn’t your Happy-Birthday-To-Me post be on the first of March, not sometime in, what is this, January?!”

I thought, possibly, just possibly, I could be more interesting than a self-congratulatory post on a predictable date.

Therefore, I want to post a blog post, everyday, for the month of February. What’s more, I want to challenge my friends, my colleagues … neighbours … pets etc to join me.

Rules:

  • Your blog must be public
  • Virals/Images/Videos posts are allowed, but only if you comment somehow on the content.
  • 1 post per day, for 28 days of February, by the same person

Questions:

Q: Why?

A: Why not? Being able to write coherently, repeatedly is a valuable skill. Doing it on your own can be boring/lonely. Knowing other people are also having to rush for the 23:59 deadline is somewhat warming.

Q: Your blog posts are already boring? Why do you want to write more?

A: I’m glad you want to find out more. Click here.

Reddit for giving. Reddit for good.

(c) TheLake 2012
Omari. (c) TheLake 2012

Over the last couple of weeks we’ve heard again and again that the Internet is the scouge of our cultural industries, wrecking our economies and upsetting the neighbours.

Of course, none of this is true, but I thought it might be worthwhile if I highlighted what I feel is a growing trend in people’s behaviour resulting from the immersive worldwide communities that can be formed.

Reddit is as website. A social news website. Remember Digg.com with the the double gg? That thing you heard someone talk about before twitter. It’s like that but better, and bigger, much bigger. Digg has about 45m pageviews/day and is shrinking. Reddit has about 100m pageviews/day and is growing. There are serious numbers of humans, in real life, interacting via this site!

Yesterday, a reddit user, “TheLake” posted asking for help to raise £2,000 dollars to help a Kenyan orphanage build a fence. Omari, one of the orphanages staff had defended the compound four nights in a week from burglars:

After two previous invasions during the week, Omari was relatively certain another would occur. He woke up to the sound of footsteps outside his door, he figured it was his mother taking a few of the boys outside to go to the bathroom. He quickly realized that the footsteps were heavy, and that of more than one person; he then saw a flashlight shine beneath the crack of his door. Being the third time this happened that week, he had already stashed a hammer beside his bed. He grabbed it, and threw it at the first person who entered his room. He hit the person square in the head, and chased the rest out.

The following night, the three thugs returned, presumably to avenge their friend. Omari put up a fight but was outnumbered. The last thing he remembers was being struck in the face by the machete. He has been in and out of the hospital since, yet remains positive and confident that the suspects will one day see justice.

Redditors responded in their thousands to the appeal:

I’m a 20 year-old university student, but here have $2.

- athousandtimesmaybe

I’m kinda poor, the best I can do is $5 right now. Best of luck to them!

- matrinka

DEAR OMARI,

I AM PRINCE AL-JAHEEB, AND I WOULD LIKE TO OFFER YOU $10,000,000 USD IN SUPPORT OF YOUR CAUSE. IF YOU WOULD KINDLY SEND ME YOUR BANKING INFORMATION, I CAN ACT QUICKLY AND DEPOSIT THE MONEY. PLEASE INCLUDE A COPY OF YOUR PASSPORT AS WELL.

THANK YOU AND GOD BLESS.

EDIT: THANK YOU FOR YOUR QUICK RESPONSE OMARI, UNFORTUNATELY MY KING HAS STOLEN ALL MY FUNDS SO I AM ONLY ABLE TO GIVE YOU $20. BEST OF LUCK .

- zifiniti

Seems legit, sent $100. Now if you turn out to be stealing money I’ll spend another $100 on a machete of my own.

-notnotcitricsquid

and many many more

You can read the Original Poster, TheLake’s increasingly emotional posts here. Remember, he was looking for $2000.
His eighth update was:

Edit 8: Over $9,000 and I’m in a state of shock. I…… Just…………………Thank you.

His 10th update:

Edit 10: $44,000!!!!!!!!! REDDIT!!!!! I can hardly breathe

In less than 24 hours, Reddit raised $65,000 in total. To help an orphange. In a country most of the users will never visit.

(c) The Lake
Reddit, in less than 24 hours you have raised over $65,000 for the Faraja Orphanage. Thank you!

None of the users of Reddit (“redditors”) will have met to beforehand to agree to give money and most of them probably went back to voting up cute photos of animals and defending our internets.

Obviously, TheLake is very happy, as is Omari, as is the orphange. You can read the happy ending in full here and here.

The thing is, actually, this isn’t at all the first time reddit has showed it’s heart.

As one blogger said, clearly whoever said

“it can’t be done overnight”

clearly hadn’t met Reddit. :)

Does your mum now have my O2 phone number?

Today we found out that O2 had screwed up their mobile internet proxy settings quite epically and had sent customer phone numbers to millions of websites, worldwide, as a matter of process, presumably by accident.

We already know this from the fantastic investigative works of O2 customer and twitter user Lew Peckover, a 28 year old web systems administrator working in the field for 10 years.

Now let me explain what’s going on from a technical view. Mobile operators skimp on deploying proper internet infrastructure and frequently implement various nasty tricks for a variety of reasons. Things like downscaling images, inserting javascript into HTML pages with DPI, arbitrarily blocking websites and ports and NAT are frequently seen used by mobile internet providers, including O2.

To be able to downscale images, insert things into HTML pages etc. O2 must  route your web queries through a HTTP proxy. As well as the things mentioned above, the proxy is adding an extra HTTP Header to outgoing requests. This header contains your mobile number.

Lew created a website to let people see this in action; let’s look at an example:

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us
Accept-Encoding: gzip, deflate
x-up-calling-line-id: 4479XXXXXXXX
Host: lew.io
X-Forwarded-For: 82.132.248.203

From the top line we can read information about the device and browser, from lines 2-4 we can read about how the phone is setup and what kind of content it likes to recieve and then, there it is, the header that contains your phone number.

As various MVNO‘s like Tesco and GiffGaff use O2’s technical backbone, they’re also affected, though it’s suspect that it’s not affecting all users.


So the big questions I can imagine people are asking now:

Who has my mobile number? Will I receive loads of nusiance calls? Does Facebook/Google/Microsoft/Your Mum have my mobile number?

Short answer: Theoretically any website one has visited recently on your O2 phone will have received it. They probably didn’t know they’d received it though and I suspect probably didn’t think to save it. I’d doubt that anyone will have acquired anyone’s phone number via this message, however, clearly it’s quite an epic security failure because the oppotunity for this happening is high.

Did this happen on purpose?

Short speculation: I highly doubt it. I suspect the issue occurred because O2 wants to track which customer is responsible for traffic as it goes into their land of HTTP proxies so I suspect they have a rule to use DPI to insert this header into each query – it’s an unique key that they can track to every customer. I suspect the way it’s supposed to work is that on the way out of their cluster of web proxies (doing censorship, image rescaling, etc) they should have a rule to remove the header and thus pass all the HTTP requests up to the internet unmodified. My suggestion is that someone probably misconfigured the rule to “look for this header and remove it”, probably by misspelling the rule they were looking for. It’s an easy sysadmin mistake to make.

Shouldn’t O2 have policies in place to deal prevent stuff like this?

Oh yes. I’m sure they do. I’m sure they have change control systems that I could write novels about. Stuff still slips through though. Was this preventable? Almost certainly, but only O2 knows for sure.

What are O2 saying about this?

Well, I’m sure we’re going to see a mediastorm, some big O2 apology and some PR theatre where someone apologies to 02 and twitter is awash with complaints.

However, currently, some numpty at O2 twitter support thought the following response would make sense:

Hi Lewis. The mobile number in the HTML is linked to how the site determines that your browsing from a mobile device #O2Guru

No, you are not a guru. Lines 1-4 of the header do that. Look at line 5. Yep – there’s the issue.

Currently they’re saying it’s their “top priority” and they are “looking into it as we speak” aka they’re frantically paging technical guys and working out how to write the press release; basically the first few scenes of the PR theatre.

Update 1: And their announcement and that they fixed itthanks MJ Ray.

What should O2 do?

Well, all they can do is fix it, try not to do it again and apologise profusely to their customers.

What’s the legal perspective?

I’m not a lawyer, however I think that the Information Commissioner’s Office should look into the incident with regards to compliance with the Data Protection Act 1998. The ICO should deal with the case as they see fit.

Is new legislation needed to prevent this from happening again?

No. This looks a lot like a technical mistake. In my opinion, the DPA covers this well enough and if anything should be given extra teeth, it should be the ICO in being able to investigate things like this.

How does this affect you, Tim?

Well, I’m not an O2 customer, but this could very well have been any mobile network carrier, anywhere in the world. I’m interested in how this will play out and obviously I’m concerned about the theoretical potential implications, even though personally, I think the actual risk, is relatively low. I’d be quite peed off if this had happened to me.

How can I check if it’s been fixed?

Visit this website on your phone. Do you see your mobile number at all? If yes, it’s still broken, if no, it’s fixed.

Well done Laura Dekker!

Some of you may remember Laura Dekker – the plucky young dutch girl who, as a 14 year old, was involved in a massive legal battle with the dutch child protection agencies to allow her to sail round the world single handed.

Laura,  who has been sailing from a young age and was born on a yacht, has had a bumpy ride. After she was told she wouldn’t be allowed to go for another two years, she ran away. She didn’t run away to the next town, the next county or even the next country; this badass ran away to the Caribbean!

Anyway, eventually she prevailed in her legal wrangling and on the 21 August 2010, aged 15, she began her voyage which was predicted to take two years. I blogged about it at the time in fact, she showed great persistence in the face of legal, logistical and natural challenges simply by getting to the start line.

Laura Dekker, speaking at the Hiswa Boatshow, Amsterdam, The Netherlands.
Laura Dekker speaking at the Hiswa Boatshow, Amsterdam last year - CC-BY-SA - From Wikipedia

Whatever her critics said about her, her ambitions, her parents; don’t matter now.

As her website says:

January 21: at 3.00 pm local time Laura will reach the Island of Sint Maarten to complete her circumnavigation after her departure from Sint Maarten on January 20 2011.

Laura will become the youngest sailor ever who sailed around the globe!

…and she’s done it. Well done to her!

It’s been a long trip, but she showed that persistence and tenacity, no matter your age, can literally, take you round the world.

The 5 best, anti-SOPA protest songs

So with the blackout of Wikipedia, Reddit and everything, Rick Falkvinge got me thinking.

If the iconic singer songwriters of the labour movements were Arlo Guthrie and Billy Bragg, who are the iconic singer songwriters of the Digital Rights movement?

I’m genuinely interested if you have a suggestion.

To help you consider the question, here are 5 of the best anti-SOPA protest songs:


Stonebreakers10’s Anti-SOPA ballad:

Stop the SOPA Song by Stonebreakers10


Funk Vigilante’s epic funk-rap-metal internet anthem:

INTERNET FIGHT SONG! by Funk Vigilante


Leah “ObamaGirlCreator” Kauffman’s catchy pop-piano song:

Firewall by Leah Kauffman


Cheezburger Network/The EFF fronted by Laugh Pong’s American Pie parody:

The Day the LOLcats died by Laugh Pong


Dan Bull’s dystopian, futuristic crowdsourced rap:

SOPA Cabana by Dan Bull


Contact your representative today:


Make your own song?
It’s not too late to have a bit of fun and sing about what SOPA would do. Need some inspiration?
Here’s some parodies of popular songs that haven’t been recorded yet.


Honourable mentions
Those that didn’t quite make the cut:


Hackers and Repetition

Sometimes reddit throws up some fantastic stuff about life and work.

Repetitive tasks
Repetitive tasks

This graph really highlights what’s frequently referred to as the first hacker virtue “Laziness”. Instead of being content to do a task manually, they want to sit around and do less of that, thus the second hacker virtue “Impatience” comes in to play. The hacker gets impatient with the repetitiveness of the task and thus automates it – a time vs tasks trade off. They should recieve less “tasks” in the long term but there is an upfront cost in terms of time and effort.

Of course, this is a big simplification, and I feel like I’m botching an explanation – you can read more about all that here.

Anyway, go away and automate something. If that’s not in your capabilities, consider learning.

Revealed: Infographic SEO linkbait

Occasionally, I get email from people who read this blog. Usually, it’s quite easy the reason for the email straight away, however, recently I received this email:

From:Jen Rhee
To:me
Subject: Right point of contact?

Hi Tim,

I was wondering if this is the correct contact regarding the content for blog.tdobson.net?

Thank you in advance!

Best,
Jen R.

I don’t know any Jen Rhee and it seemed a bit of a strange email to get – to have come up with it, one most have been to this page, reconstructed my email address by hand. Once you’ve jumped through a hoop like that, generally people are happy to send their email straight away – why bother to confirm if I’m in charge of the content of this blog?

I did some googling. and found some kind of comment on some nonsensical blog, and a mention in a Google+ conversation thread.

The Google+ conversation thread turned out to be very interesting.

To summarise, it seems SEOers are trying to raise the profile of sites by generating high profile incoming links and if they create pretty, informative infographics on topics people may be interested in, they can get high profile sites to embed their image and link to them as attribution.

I found Jen Rhee’s twitter account. 90% links to infographics related pages.

I’m touched that any SEO-er thinks my blog has enough pagerank to justify a personalised targeting, however I think the motives behind that strange email have been explained… and I’m justified moving it to my Spam folder…

Downfall: Tom Harris MP

In reference to Labour MP Tom Harris forced to resign as Twitter tsar

So we can wave good bye to MP Tom Harris as the “Government’s New Media advisor”. I’m not quite sure what that means, but I’m guessing it’s some kind of nominal position resignation to save face.

So for just a second, forget what you think of Labour, the SNP, Scottish Independance, whether you like Tom Harris etc and let’s just concentrate on what actually happened, because it’s actually quite interesting.

Tom Harris took the well know Downfall/”Hitler reacts to” meme which rose to prominence in 2009 (described here on KnowYourMeme) and did a version about Alex Salmond/Scottish Independence.

He is being criticised for subtitling the video so that Hitler is a parody of Alex Salmond. I think the key word here is parody - it’s not a actually footage of Hitler himself – it’s a clip from a film – with actors – that has been re-subtitled millions of times before. The Telegraph even did a whole article including links to 20 of the best parodies.

If The Telegraph – an organisation not well known for edgy or deliberately controversial reporting – can view it as a style of humour to share with their readers, is it really worth the storm in a teacup this has become?

The video:

Tom Harris’s clip is quite a dull and tedious version of a worn out internet meme and I think I’d agree with the SNP spokesperson who said it was “silly and negative” but I still dispute it’s reasonable grounds for a sacking or a public kicking. The key point is that actually it’s not the spoof of Alex Salmond as Hitler that makes the video negative but because of the content of the subtitles.

An interesting fact that no one seems to have drawn upon yet, is how the clip is quite clearly casual Copyright Infringement. Under the Digital Economy Act, Tom Harris would quite be eligible for disconnection if he persisted in uploading copyrighted content without a licence another two times so it’s good to know he doesn’t support the bill. Oh wait, actually he abstained, which is pretty much a green flag of approval.

The technology which allowed internet memes to become mainstream, also brought with it, it’s own set of laws. Perhaps if Tom Harris had known of Godwin’s Law, then then he’d have known that this wasn’t a wise move:

From Wikipedia

there is a tradition in many newsgroups and other Internet discussion forums that once such a comparison is made, the thread is finished and whoever mentioned the Nazis has automatically lost whatever debate was in progress

Footnote: Tom Harris & I have sparred in the past. I think he is doing a really good job at trying to unseat himself – which is a shame because The Internet seems to be one of the only things he “gets”.