Chris Schoenfeld of StationStops has a post up about his battle to get the New York Metropolitan Transit Authority to let him use its schedule data in his iPhone app. Brooklyn’s Law Incubator and Policy Clinic (BLIP) played a big role in Chris’s successful battle, and I’m very proud of the work that the BLIP [...]
My former ONI colleague Rafal Rohozinski, now of Information Warfare Monitor, has a great interview where he discusses methodology and findings for both projects. Well worth a read!
Great news today on the open-access (OA) front with the federal government’s announcement that the Federal Register, the daily compilation of proposed and final regulations to be issued by federal agencies, will now be available in XML format. (Want to see a sample? Here is today’s issue as an XML document.) This is great [...]
Yesterday morning, while reading the New York Times online, I was confronted with an attempted security attack, apparently delivered through an advertisement. A window popped up, mimicking an antivirus scanner. After “scanning” my computer, it reported finding viruses and invited me to download a free antivirus scanner. The displays implied, without quite saying so, that the messages came from my antivirus vendor and that the download would come from there too. Knowing how these things work, I recognized it right away as an attack, probably carried by an ad. So I didn’t click on anything, and I’m fairly certain my computer wasn’t infected.
I wasn’t the only person who saw this attack. The Times posted a brief note on its site yesterday, and followed up today with a longer blog post.
What is interesting about the Times’s response is that it consists of security warnings, rather than journalism. Security warnings are good as far as they go; the Times owed that much to its users, at least. But it’s also newsworthy that a major, respected news site was facilitating cybercrime, even unintentionally. Somebody should report on this story — and who better than the Times itself?
It’s probably an interesting story, involving the ugly underside of the online ad business. Most likely, ad space in the Times was sold and, presumably, resold to an actual attacker; or a legitimate ad placement service was penetrated. Either way, other people are at risk of the same attack. Even better, the story opens issues such as the difficulties of securing the web, what vendors are doing to improve matters, what the bad buys are trying to achieve, and what happens to the victims.
An enterprising technology reporter might find a fascinating story here — and it’s right under the noses of the Times staff. Let’s hope they jump on it.
UPDATE (Sept. 15): As Barry points out in the comments below, the Times wrote a good article the day after this post appeared. It turns out that the booby-trapped ad was not sold through an ad network, as one might have expected. Instead, the ad space was sold directly by the Times, to a party who was pretending to be Vonage. The perpetrators ran Vonage ads for a while, then switched over to serving the malicious ads.
I still subscribe to my local newspaper, the St. Paul Pioneer Press, in dead-tree form. One evening in early August, just before my vacation, as I perused the ever-shrinking opinion page, my eye ran across this headline: “MEDIA, OLD AND NEW ‘FREE-RIDING’ AND COPYRIGHT.” The authors, Dan and David Marburger, argue that news [...]
The guns in RIAA v. Tenenbaum have gone temporarily silent; now, there’s post-game analysis and preparations for the next phase: challenging the jury’s award of $675,000 in damages ($22,500 per song, at 30 songs). Ben Sheffner’s Billboard column gives a great summary of the fight. Tenenbaum’s side will claim that the Copyright Act’s statutory damages [...]
As you know, Joel Tenenbaum lost against the RIAA and is now on the hook for $675,000, pending a hearing on the constitutionality of those damages. Several lawyers I’ve talked with have suggested that Judge Nancy Gertner, who presided over the trial, committed reversible error by issuing a directed verdict on the question of infringement. [...]
Update [31 July 6:50PM]: $22,500 per work; $675,000 total. More than I expected. Props to Wendy Seltzer and Mark Lemley for the update. Link is to Ben Sheffner’s write-up in Ars Technica…
The judge in the copyright infringement lawsuit against Joel Tenenbaum has issued a directed verdict on the issue of infringement liability. The only remaining [...]
In an astonishing overreaction, Horizon Realty Group, a large Chicago landlord, has filed a defamation lawsuit against a former tenant, Amanda Bonnen, over this tweet sent on her (now defunct) Twitter account:
@JessB123 You should just come anyway. Who said sleeping in a moldy apartment was bad for you? Horizon realty thinks it’s ok.
Assuming the [...]
Last week the Associated Press announced it would be developing some kind of online news registry to control use of news content. From AP’s press release:
The registry will employ a microformat for news developed by AP and which was endorsed two weeks ago by the Media Standards Trust, a London-based nonprofit research and development organization that has called on news organizations to adopt consistent news formats for online content. The microformat will essentially encapsulate AP and member content in an informational “wrapper” that includes a digital permissions framework that lets publishers specify how their content is to be used online and which also supplies the critical information needed to track and monitor its usage.
The registry also will enable content owners and publishers to more effectively manage and control digital use of their content, by providing detailed metrics on content consumption, payment services and enforcement support. It will support a variety of payment models, including pay walls.
It was hard to make sense of this, so I went looking for more information. AP posted a diagram of the system, which only adds to the confusion — your satisfaction with the diagram will be inversely proportional to your knowledge of the technology.
As far as I can tell, the underlying technology is based on hNews, a microformat for news, shown in the AP diagram, that was announced by AP and the Media Standards Trust two weeks before the recent AP announcement.
Unfortunately for AP, the hNews spec bears little resemblance to AP’s claims about it. hNews is a handy way of annotating news stories with information about the author, dateline, and so on. But it doesn’t “encapsulate” anything in a “wrapper”, nor does it do much of anything to facilitate metering, monitoring, or paywalls.
AP also says that hNews ” includes a digital permissions framework that lets publishers specify how their content is to be used online”. This may sound like a restrictive DRM scheme, aimed at clawing back the rights copyright grants to users. But read the fine print. hNews does include a “rights” field that can be attached to an article, but the rights field uses ccREL, the Creative Commons Rights Expression Language, whose definition states unequivocally that it does not limit users’ rights already granted by copyright and can only convey further rights to the user. Here’s the ccREL definition, page 9:
Here are the License properties defined as part of ccREL:
- cc:permits — permits a particular use of the Work above and beyond what default copyright law allows.
- cc:prohibits — prohibits a particular use of the Work, specifically affecting the scope of the permissions provided by cc:permits (but not reducing rights granted under copyright).
- …
It seems that there is much less to the AP’s announcement than meets the eye. If there’s a story here, it’s in the mismatch between the modest and reasonable underlying technology, and AP’s grandiose claims for it.
