Advertisement
Advanced thin client solution for Linux, based on Open Source. Mix Windows and Linux, with hardware accelerated OpenGL!
Weekly Edition
Return to the Press page
| |||||||||||
|
| |||||||||||
Stallman attacks Oyster's 'unethical' use of Linux (ZDNet)
Richard Stallman is not known for pulling punches, as he demonstrates in an attack on the Oyster payment system for the London Underground railway. ZDNet has the coverage of his complaints, which are based on very real privacy concerns that have little or nothing to do with Linux. "Online payments cannot be made anonymously, so anyone paying online or linking their Oyster card to a credit card for automatic top-ups is handing their travel information to the government, Stallman argued. He also warned that the RFID chip on the card might be read at other times, allowing information to be gathered besides details of Tube and bus travel."
(Log in to post comments)
Stallman *doesn't* attack Oyster's 'unethical' use of Linux Posted Jun 9, 2008 13:59 UTC (Mon) by perlhead (guest, #52462) [Link] If you go and actually read the e-mail RMS wrote, instead of the journalist's interpretation of it, you will discover that he doesn't really complain about the use of free software in the Oyster system, but rather about the Oyster system's potential for abuse. He just regrets that free software would be used to implement a system that facilitates surveillance, and calls on people to avoid the system altogether, regardless of what software it is based upon. He's not saying that you shouldn't build this kind of system on top of free software, he's saying you shouldn't build this kind of system at all, and if anybody does, it's best for you not to use it, or to use it with extreme caution. A more appropriate headline would have been "Stallman attacks Oyster as a surveillance platform".
Stallman attacks Oyster's 'unethical' use of Linux (ZDNet) Posted Jun 9, 2008 14:08 UTC (Mon) by MisterIO (subscriber, #36192) [Link] "which are based on very real privacy concerns that have little or nothing to do with Linux" Yes, so why is this posted here?
Stallman attacks Oyster's 'unethical' use of Linux (ZDNet) Posted Jun 9, 2008 14:29 UTC (Mon) by jake (editor, #205) [Link] > Yes, so why is this posted here? Because I thought some of our readers would find it interesting? The ZDNet headline is bad, but the topic itself is important, at least in my view. YMMV, jake
Stallman attacks Oyster's 'unethical' use of Linux (ZDNet) Posted Jun 10, 2008 11:03 UTC (Tue) by zooko (subscriber, #2589) [Link] I'm a long-term paying subscriber to LWN.net, and I'm very interested in issues of freedom and openness. Wholesale, automated, centralized surveillance is an issue which is deeply technical and is also causing profound effects on our society. As far as I am concerned, please feel free to continue posting such articles on LWN.
Stallman attacks Oyster's 'unethical' use of Linux (ZDNet) Posted Jun 12, 2008 12:14 UTC (Thu) by Baylink (subscriber, #755) [Link] Concur. The rms connection was certainly enough of a hook to justify posting this to LWN (says I, a paying subscriber); I see less pertinent crap posted to Slashdot hourly. And it's worth noting that USAdian toll-pass systems have the same problem; it's generically referred to as Mission Creep, and being on the lookout for it is a generally useful thing to do. "First they came for the Jews, but I didn't speak up, because I wasn't a Jew..."
Stallman attacks Oyster Posted Jun 9, 2008 15:51 UTC (Mon) by alextingle (subscriber, #20593) [Link] He's quite right. I always pay for my Oyster in cash, and never use the same card twice. It's not much extra bother. Everyone should take the trouble.
Unfortunately it's for real Posted Jun 9, 2008 16:51 UTC (Mon) by BrucePerens (subscriber, #2510) [Link] The Fastrak RF automobile toll payment system used in California has repeatedly been subpoenaed by divorce lawyers, and has provided their data (indeed, had little choice but to do so). While Fastrak is a voluntary system, there is potential for license plate photo systems, etc., to be used in a similar way.While anonymous payment for Oyster would be a good step, there's lots of potential for the gates to be coupled to cameras. Unfortunately there's lots of potential for you to give up your identity involuntarily these days, it will take significant improvements in privacy law to protect you.
Unfortunately it's for real Posted Jun 9, 2008 17:20 UTC (Mon) by nix (subscriber, #2304) [Link] The UK *has* those protections, in theory (the Data Protection Act has teeth). Alas what it also has is an underfunded Information Commissioner and an onrushing database mania on the part of the rest of the government (it seems they didn't learn from the loss of critical info on every family in Britain, including a lot of MPs). I don't think coupling the gates to cameras is much of a threat, though: if the cameras are maintained the way the rest of the Underground is maintained they'll all be broken by the end of the week. :)
Unfortunately it's for real Posted Jun 9, 2008 17:31 UTC (Mon) by pr1268 (subscriber, #24648) [Link] Wow... I thought the most egregious violation of privacy was how the toll tag system in Texas is being used to monitor driving speed. Not that I condone reckless driving, but Big Brother is watching us on the toll roads. This method of using toll station data in divorce court takes data privacy to a new low. Some toll roads are eliminating manned toll stations (mandating the use of a toll tag affixed to one's vehicle). Thus, the toll authority will know (1) who the driver is, (2) his/her credit card information, (3) year/make/license plate of automobile, and now (4) That he/she drove through $TOLL_STATION in $DIRECTION on $DATE at $TIME. Scary, IMO.
Unfortunately it's for real Posted Jun 9, 2008 18:52 UTC (Mon) by lutchann (subscriber, #8872) [Link] OT: Texas will really ticket you based on your average toll-to-toll speed? I occasionally hear people complain that speed enforcement like this is "imminent" but I've never been ticketed that way in NY or PA, and it's not for lack of trying. My guess is that the state doesn't want to scare people away from using the tollway for shorter trips. At one point I did get my RFID tag suspended by an unmanned radar measuring my instantaneous speed at the toll plaza, but it's hard to argue about them doing that...
Toll tags in Texas (OT) Posted Jun 9, 2008 19:22 UTC (Mon) by pr1268 (subscriber, #24648) [Link] I don't know anyone personally who received a speeding citation from clocking time between toll stations, but I do know that it's been a real privacy threat for the ten (or so) years now that toll tags have been used. I'm thinking of the Sam Houston Tollway (encircling Houston) in particular. Ironically, the speed limit is 70 MPH (113 km/h) and many drive 80 as if it were no big deal. (Again, I do not condone or endorse excessively fast or reckless driving.) In central Texas, the new toll roads popping up plan to eliminate manned toll booths (as I mentioned earlier), and even if one doesn't have a toll tag, he/she can still drive through the toll station, get the vehicle's license plate photographed, and have a toll bill mailed to him/her (plus a "service charge" of like $5.00 USD for a $1.25 or so toll). I'm speculating on the particulars, but it's not unreasonable a scenario given how much the toll authorities want to make their toll roads as lucrative as possible. Back to Bruce's thoughts on privacy (or lack thereof), I do concede that vehicle, license plate, and driver data are essentially public data, but now there's all sorts of extra info, hard records, stored in a plethora of public databases, regarding my driving habits, where I was at a certain date/time, etc. George Orwell was indeed a visionary and a prophet.
Toll tags in Texas (OT) Posted Jun 9, 2008 20:20 UTC (Mon) by drag (subscriber, #31333) [Link] > Again, I do not condone or endorse excessively fast or reckless driving 80 or 100 or even a 150mph is not going to be reckless driving if the circumstances say it's safe. In other circumstances driving 35 or 40 can kill you dead in a heartbeat. It's not a attack on your comment or anything like that. It's just sad that people will happily substitute good judgement for some blanket rules setup by some authority. As if the people in government have some sort of special level of genius that regular people lack. (hint: they are just as stupid and have as much trouble managing their f-cked up lives as everybody else on this planet. They have zero access to any sort of enlightenment that the rest of us fools lack.) If you give people authority they _will_ use it and they _will_ abuse it. Nobody is that perfect that they will avoid this. For money, or morals. Fortunately the authority a government have is mostly due to us submitting to their games. So if you don't want to give them authority, don't submit and you can avoid a good portion of it. Not all of it, of course. It's mostly a delaying action, because most people (being people) are fundamentally lazy and will happily trade real liberty for the illusion of security, stability, and safety. Over time you'll lose wiggle room as governments grab more power due to this, but what can you do?
Toll tags in Texas (OT) Posted Jun 10, 2008 5:52 UTC (Tue) by ekj (subscriber, #1524) [Link] We do have -general- laws in society, despite the fact that individual circumstances are always different. You need to be (16|18|whatever) to be allowed to drive a car -- despite the fact that some 15-year-olds could and would do it perfectly safely, and some 20-year-olds cant or won't. There's an age-of-consent, despite the fact that people are different, some have a perfectly normal sexual relationship at 14 and suffer no damages from it, others aren't able to take responsibility for themselves at 20. I don't think it's a good cure to remove all speed-limits. On the very best roads it could be reasonable though. Germany has no speed-limits on their best roads, and accidents aren't infact any higher than comparable roads in other countries.
Toll tags in Texas (OT) Posted Jun 11, 2008 23:57 UTC (Wed) by lysse (subscriber, #3190) [Link] > We do have -general- laws in society, despite the fact that individual circumstances are always different. Yes, and the willingness of people to hide behind what the statute book says, rather than actually do their own thinking about whether it's just or not, has caused more evil in the world than any intentional act. There's a reason for preferring one's politicians cynical. People who have come to terms with their cynicism tend to at least minimise the harm they cause; no such self-inhibition guides the pure of motive, sometimes with appalling consequences.
Toll tags in Texas (OT) Posted Jun 13, 2008 11:58 UTC (Fri) by giraffedata (subscriber, #1954) [Link] the willingness of people to hide behind what the statute book says, rather than actually do their own thinking about whether it's just or not, has caused more evil in the world than any intentional act. Really? I'm not sure it even counts as "evil" if it wasn't the result of a person's intentional act. And I don't know what problem you're thinking of because the phrase "hide behind the statute" normally applies to a person who applies his own judgement, then finds a statute that backs up that judgement, and applies it. He hides behind the statute when he refuses to acquiesce to someone else's conflicting judgement, defend his judgement, etc. In speed limit terms, a cop sees a car go whizzing by at a speed he believes is antisocial, and also exceeds the posted limit. He tickets the driver and the driver argues that in this particular case there's nothing unsafe about that speed. Rather than debate him, the cop just points to the sign.
Toll tags in Texas (OT) Posted Jun 14, 2008 7:18 UTC (Sat) by lysse (subscriber, #3190) [Link] Does the phrase "I was only following orders" clarify my position at all?
Toll tags in Texas (OT) Posted Jun 14, 2008 11:07 UTC (Sat) by giraffedata (subscriber, #1954) [Link] Does the phrase "I was only following orders" clarify my position at all? Yes, it does. And we're all familiar with the arguments in favor of other people following orders. In the case of highway speed control, I'm much more comfortable having cops and judges following specific blanket orders from my legislator than using their own judgement.
Toll tags in Texas (OT) Posted Jun 12, 2008 0:29 UTC (Thu) by dvdeug (subscriber, #10998) [Link] Of course 150 mph is going to be fine ... until you round a curve and run into a car you didn't see in time. The engineers who built this stretch of road carefully measured it out and calculated it so that you would have enough time to see the cars ahead when going the speed-limit. Of course, going on gut feeling instead of careful measurement, you chose to second-guess them. An excellent example of this was Air Florida Flight 90. The pilots' opinion of deicing the jet was "Well, it satisfies the Feds", so they skipped it, rather than delay the flight. Because they knew better than the blanket government rules, their trip from Washington D.C. to Tampa ended in the Potomac River with 78 dead.
Toll tags in Texas (OT) Posted Jun 12, 2008 0:44 UTC (Thu) by jbailey (subscriber, #16890) [Link] A friend of mine explained to me that the posted speed limits on Germany's Autobahn are guidelines, but that if you're going faster than that and get into an accident you face triple damages. I have no idea if it's true, but it seems like a nice way of handling it.
Toll tags in Texas (OT) Posted Jun 21, 2008 9:46 UTC (Sat) by TRauMa (guest, #16483) [Link] No, speed limits are speed limits. There is a concept of a recommended max speed of 130km/h on every highway in the absence of a hard speed limit, though, and if you are having an accident at higher speed it becomes *your* responsibility in civil court to prove that the accident would have happened if you had stuck to the recommended speed. On top of that civil courts can raise damages if your speed just was beyond reason, either in relative terms (fog, rain, etc.) or absolute (300km/h being considered reckless).
Unfortunately it's for real Posted Jun 12, 2008 12:16 UTC (Thu) by Baylink (subscriber, #755) [Link] I have been on several turnpikes where such a policy was posted, including the Florida Turnpike, south from Yeehaw Junction (no, I am not making that name up) south to West Palm Beach. Whether they *do* it is another matter.
Unfortunately it's for real Posted Jun 9, 2008 19:24 UTC (Mon) by proski (subscriber, #104) [Link] That a very creative use of the Cauchy's mean value theorem! But I'm not sure the policeman who ticketed you can prove it in front of the judge :-)
Unfortunately it's for real Posted Jun 9, 2008 20:09 UTC (Mon) by pr1268 (subscriber, #24648) [Link] First, it wouldn't be a policeman ticketing the driver--instead the Second, even applying Cauchy's mean value theorem, it would be conceivable that a law enforcement officer could prove one was speeding: (1) the distance between two toll stations can be demonstrated to a judge and jury beyond a reasonable doubt, (2) the toll booth records Bruce mentions above could convince said judge and jury that a $YEAR $COLOR $MAKE $BODY_TYPE with tag number $LICENSE_PLATE (i.e., 2003 Blue Ford sedan with license plate "ABC-123") passed toll booth #1 at $TIME1 on $DATE and toll booth #2 at $TIME2 on (same) $DATE (with video camera footage to boot), and then (3) mathematically demonstrate that this vehicle's average speed was $DISTANCE divided by ($TIME2 - $TIME1), some value substantially greater than $SPEED_LIMIT, and thus the driver would be cited for driving at excessive speed. Granted, I am not a lawyer, but if I understand correctly, U.S. courts of law need human witnesses to verify that the primary registrant of the vehicle was indeed driving the car. (Correct me if I'm wrong, please!) I suppose that a viable defense might be, "well, your honor, I was not driving my car at that time on that date..." I don't mean to argue with you; perhaps the police officer would NOT want to go to that trouble. It's just that it's conceivable, that's all. It's still interesting to consider how much we're being watched and don't even realize it.
Unfortunately it's for real Posted Jun 10, 2008 9:09 UTC (Tue) by hannada (subscriber, #4633) [Link] In Colorado we've "solved" the problem of proving that any particular person is driving a given car. Automatically generated citations are now issued against the automobile instead of against the driver (much as has always been the case with parking tickets). The offense is that the car was moving too quickly through traffic, not that a particular person was guilty of driving too fast. The main consequence is that, in Colorado, you won't get points against your driver's license for these types of offenses, but the fine is still levied (against the registered owner of the vehicle).
Unfortunately it's for real Posted Jun 10, 2008 11:48 UTC (Tue) by oak (guest, #2786) [Link] Of course they also have to prove that the clocks at both toll stations are in sync...
Toll booth clocks Posted Jun 12, 2008 0:25 UTC (Thu) by man_ls (subscriber, #15091) [Link] I believe keeping the clocks in sync is the worst practical problem. Radar detectors have to be certified by an authority that they are in working order. Certifying that toll booth clocks are accurate to a certain extent (in the order of tens of seconds) could be quite expensive. Regular use of e.g. NTP would synchronize the clock, but it would not certify it.
Toll booth clocks Posted Jun 12, 2008 13:20 UTC (Thu) by aegl (subscriber, #37581) [Link] My son got a ticket from a traffic cop with a radar gun. Two days later he got a letter in the mail saying that the ticket had been canceled because the radar gun used had failed its end-of-day accuracy check.I think that it would be relatively simple to certify that the clocks are synced in a way that would satisfy a court. Just have a cop visit each machine at the beginning and end of each day, check each toll booth clock against a reference clock and then sign-off that the clocks showed the same time. If someone fights the ticket on the grounds that the clocks were not accurate, then the cop gets hauled into court to testify that (s)he personally witnessed that the clocks were working correctly on the date of the alleged offense.
Toll booth clocks Posted Jun 12, 2008 14:29 UTC (Thu) by man_ls (subscriber, #15091) [Link] A bit too labor-intensive, and subject to manipulation. An automatic mechanism would be more efficient... like an NTP log showing how automatic synchronizations did not drift more than a few milliseconds apart. But you probably don't want the defense to make you bring an expert witness every time someone fights a ticket -- hence some kind of certification process would be a good idea.Too much effort, maybe. This mechanism would only catch a percentage of speedy drivers anyway: those who only speed occasionally would come out clean. Radars (and their instant speed measurement) seem to be more immediate and practical, even if their inner workings are wonderfully complex.
Unfortunately it's for real Posted Jun 9, 2008 21:36 UTC (Mon) by AJWM (subscriber, #15888) [Link] > But I'm not sure the policeman who ticketed you can prove it in front of the judge :-) He just uses Rolle's theorem. Believe it or not, way back in college calculus class (mid-1970s, which dates me), we actually had a movie in class about this -- a state trooper ticketing a guy for speeding between toll stations because of the too-high average speed, and then the cop goes on to explain Rolle's theorum. Hokey, yeah, but I still remember it. (That and the one in biology class where a football-field full of students act out DNA transcription. Weird.)
Unfortunately it's for real Posted Jun 10, 2008 0:25 UTC (Tue) by nix (subscriber, #2304) [Link] I pity the poor sods who had to be helicase. Didn't they get dizzy?
Unfortunately it's for real Posted Jun 9, 2008 21:26 UTC (Mon) by AJWM (subscriber, #15888) [Link] > Thus, the toll authority will know (1) who the driver is, That's a good trick. How do they know that I'm driving my wife's (or a friend's) car?
Who needs toll tags? Posted Jun 11, 2008 20:50 UTC (Wed) by slef (subscriber, #14720) [Link] The UK has number-plate-reading cameras all over the non-toll motorway network. If you're in a car, you probably lose privacy in a number of ways, even without the car-bugging like http://news.bbc.co.uk/2/hi/uk_news/555715.stm
Oyster is just as anonymous as a ticket Posted Jun 12, 2008 9:13 UTC (Thu) by NRArnot (subscriber, #3033) [Link] How many of you guys are Londoners? We already have "anonymity" with Oyster. Go to a ticket office, proffer a £10 banknote, get an Oystercard loaded with £7 of travel (£3 deposit for the card). You are as anonymous as you are buying anything else for cash. You can recharge the card with more value as many or as few times as you wish to. Each time, using cash, at a machine. The system can track the card, but there is no mechanism to say who is using it. Indeed, the pay-as-you-go cards are explicitly legally transferrable. Certainly, you may, if you wish, later register the card in your personal name. That has the advantage that if you lose it, you can phone Oyster and reclaim all un-used credit loaded on the registered card. But that is voluntary. You may, if you prefer, leave it unregistered. Then it's like a bank-note: your loss is someone else's gain. Obviously if you are travelling with criminal intent or if your journey might cause you embarassment if traced, you'll want a paper ticket, or will use your new Oystercard for one journey only. You'll leave your everyday registered card at home with any other ID that might get yourself traced. If you're as thick as the murderer who used his victim's registered Oystercard to get home, you deserve what happens next! If the authorities ever stop selling anonymous Oystercards (and the more expensive one-journey paper tickets), we should worry. But for now, it's just a high-tech multi-hop ticket that allows you any future choice of route rather than having to pre-book it. As for its RFID aspect, the Oyster readers have a range of a few centimeters. I don't know if someone could read your "tag" from a greater distance, but if it bothers you, I'd suggest a tinfoil-lined wallet. There are a lot of big-brotherly things going on that we should oppose, but Oyster doesn't appear to me to be one of them.
Oyster is just as anonymous as a ticket Posted Jun 12, 2008 12:21 UTC (Thu) by Baylink (subscriber, #755) [Link] Ah, c'mon. You're not supposed to muddy up our perfectly enjoyable bit o' righteous indignation with *facts*? What're you on about?
Oyster is just as anonymous as a ticket Posted Jun 16, 2008 4:45 UTC (Mon) by etienne_lorrain@yahoo.fr (subscriber, #38022) [Link] Crosscheck the position of the Oystercard and the anonymous prepaid mobile phone (the user carry) location and you get the person (probably) within few days; crosscheck the mobile phone position and call/messages logs and you get the ID of the person.
Stallman attacks Oyster's 'unethical' use of Linux (ZDNet) Posted Jun 9, 2008 18:51 UTC (Mon) by Requiem (guest, #51519) [Link] Unlinking your identity from online payment is easy (at least in the US), I have a Visa gift card, which will cause any searches into my buying habits that I don't wan traced to reveal that my name is in fact, Gift Card, and that my billing address is a sex toy shop on the other side of town.
Stallman attacks Oyster's 'unethical' use of Linux (ZDNet) Posted Jun 10, 2008 16:19 UTC (Tue) by copsewood (subscriber, #199) [Link] It might help if RMS and others commenting on UK business data and privacy from a US perspective read the UK Data Protection Act before making assumptions. There has to be a pretty compelling reason for data collected for one purpose to be usable for another purpose in the UK - the only exception I can think of in connection with a payment system likely not to be prosecutable, would have to be warranted by a judge in connection with a criminal investigation. Not just anyone can go to a bank and obtain payment details for someone else's account.
Stallman attacks Oyster's 'unethical' use of Linux (ZDNet) Posted Jun 10, 2008 18:41 UTC (Tue) by dannyobrien (subscriber, #25583) [Link] I'm familiar with both the US and UK privacy regimes, and I'd say Stallman's concerns (which were specifically about "Big Brother"-style data collection, rather than individual data abuse) are valid. EU data protection leaves a great deal of governmental access to data unregulated (or poorly regulated), and the DPA's excemptions (http://www.opsi.gov.uk/Acts/Acts1998/ukpga_19980029_en_5#pt4) provides any number of loopholes for the misuse of personal data. That's always assuming that future misuse would be under (or even care about) current statutes.
Stallman attacks Oyster's 'unethical' use of Linux (ZDNet) Posted Jun 11, 2008 4:50 UTC (Wed) by tialaramex (subscriber, #21167) [Link] The usual fear is that the government itself will use this information (or, in this age of contractors, get someone else to use it on their behalf) and that since the government is capable of being incompetent and malicious (more the former than the latter but don't rule out either) this is not desirable. Personally I think it may well be undesirable but it's inevitable and instead of trying to protest it we should try to create safeguards that make it harder for government to abuse this information, easier for both elected and unelected officials to be held responsible when it is abused, and easier for us as citizens to know what's actually going on. Open Government and Freedom of Information are better for us here than the Data Protection Act. It's unrealistic to expect an organisation which specifically hires /spies/ to stop spying on us. But we can ensure that they can't abuse these powers with impunity. When we have a Home Secretary arrested for authorising illegal snooping then we're equal again.
RMS uses CC licence Posted Jun 11, 2008 4:48 UTC (Wed) by coriordan (guest, #7544) [Link] He's used the Creative Commons "noderivs" licence for his email instead of his usual one-line "verbatim only" licence. Interesting since this is the sort of decision he usually doesn't take lightly.
RMS uses CC licence Posted Jun 11, 2008 20:46 UTC (Wed) by slef (subscriber, #14720) [Link] I wonder if it was an attempt to avoid ZDNet making an article out of (mis?)interpreting the email... which is exactly what happened. I guess ZDNet would argue that they can ignore the copyright terms for the purpose of reporting current affairs. That, or maybe RMS hates ZDNet and wanted them to read the shedload of legalese that is CC, or something else entirely.
RMS uses CC licence Posted Jun 12, 2008 0:26 UTC (Thu) by lysse (subscriber, #3190) [Link] I suspect its aim was to prevent them from only quoting the email, without releasing it in full. In fact, under UK copyright law, it appears that s30(1) of the CDPA 1988 already provides such protection - quotation from a work is valid for the purposes of criticism or review, provided that the work is already available to the public - so whilst they had to release the email before they could quote from it in any case, they aren't prevented from doing a hackjob on it (although having read the article, I wonder how much of it is intentional distortion and how much is simply that the journalist was too lazy to read and understand the whole email and wrote his article after just skimming the first half - ever noticed how much easier it seems to be for people in general to travel an absurd distance to support their malformed first impressions than it is for them to admit their misjudgement? I've certainly done it at times).
|
|
||||||||||