technology

...for a few days. As will responding to peoples' comments.

A couple of months ago I bought myself a new great big server and shamefully I have not set it up yet. Since it is priced in dollars and the pound is falling I suppose I ought to get on with it so I can cancel the existing one before it next needs paying!

For anyone interested it will be Debian Etch, running Xen virtualization, to give me a Zimbra virtual server for email and collaboration, a web server for my various projects and then back end servers for databases and user data.

I really need to redesign the blog, and in the process move it to my new domain jockcoats.me and upgrade to Drupal 6.

Additionally, a number of projects have been languishing waiting for this shift to the new bigger server:

OX3Online - a project to produce a community portal for the Headington area of Oxford

LiberalALTERnative.org to accompany the book on economic liberalism I am co-editing with members of the Lib Dems ALTER executive

OxfordBloggers.net - an aggregator a little like LibDemBlogs to link together as many bloggers writing in or about Oxford

OSEF.org.uk - a new site for Oxfordshire Social Enterprise Forum which we intend to relaunch in November's enterprise week

...and my latest wheeze...

f5c.org - "Freedom's Fifth Column" to provide a space in which libertarians (especially those hiding within existing non-libertarian parties) can write, pseudonymously if necessary, to try and show how libertarian and anarchist ideology can work through most existing parties to achieve our freedoms.

Lots to do! But don't worry, the suspension of blogging is only in order to give me a few days while I am off work this week to get the server up and running - these other projects have to work alongside my own writing...:)

Following on the theme from my post this morning about how we could protect data about us held by agencies of the state by using a sort of a personal key and PIN like your bank's call centre has to validate with you before they can access your data, my mind wandered onto other uses for such a key.

It has been a recurring theme in this blog that the internet in particular and modern communications in general represent a great threat to the balance of power between states (and incidentally also global "intermediary" corporations) and their citizens. I say threat, but it's only a threat if you are in a position of power in a state or corporation seeking to continue to exert control over your citizens. Indeed, for the individual, it is the greatest potential opportunity, and the vehicle by which Richard Cobden's quote at the top of this blog's front page may become reality: "Peace will come to earth when the people have more to do with each other and governments less."

Many of our institutions - governments, trans-national corporations, even currency - evolved to deal with issues of trust between people who would likely never have personal contact with each other in ever more remote markets. When trading, you've got to be able to trust that you will be paid for example - one person's "IOU" is not as good a guarantee as piece of paper endorsed collectively by an entire state - a national currency.

But we have an ever increasing range of other innovations to help us trust each other; developments that are increasing quickly with the advance of the internet. We can access our credit files, we can buy digital certificates that help give others confidence to trade with us over the web because they guarantee we are who we say we are and so on. So why not shift these into the "real world".

Why do we actually need, say, a passport to travel across borders, issued by a nation state, when we could have just as secure a guarantee of who we are through some kind of personal digital certificate from an organization bearing the risk, with strong encryption embedded in it? The British government keeps trying to sweeten its totalitarian ID card scheme by telling us, amongst other things, that it will make proving our identity to others in all sorts of transactions much easier. But in fact the history of government involvement in protecting the source data of those identities is appalling, and, as the technology gets more pervasive it seems to be getting worse.

How much confidence can you have in a government issued identity mechanism when so much data has gone missing already? Those identities are, thanks to state incompetence, all but worthless. Of course that's why, partly at least, they want to take biometric data. But in computer security it is generally accepted that being able to produce "something you have" (say a credit card or internet digital certificate) and "something you know" - a password, PIN, or private digital encryption key is far better than ony one or other of these pieces of information on its own. So far as I can see the ID card system, or the passport, with or without a national identity register, does not fulfill both of these - only the former. It is inherently weaker than the commercially available alternatives.

So, why not replace the need for passports issued by a state with identity mechanisms authenticated by trusted corporate or social organizations for whom financial success or failure rests on people being able to trust the people they certify. So you could have a personal account with Thawte as the primary guarantor, for example, and that certificate could be counter-signed by a certificate from other organizations, such as governments, who want to "mark your card" as one of their citizens, granting you the protections normally written on a passport.

It's not easy to get some of these certification authorities to guarantee your bona fides. You need often as much verification as you do to get a passport with other trusted people verifying who you are and so on. But you would not need to give these data to the poroous security mechanisms of the state which has proved beyond any reasonable doubt that they cannot keep the information secure, nor does it offer the other benefit of a private contract - the ability to sue the ass off them if they damage your reputation or security by losing your data - or the corporate incentive of only being able to make a profit if you actually deliver on what people expect of you.

And you also get a choice of how strong you want the certification to be. If it's only guaranteeing small personal trades for example, you may only need to spend a few pounds and fill in a quick web form, validate your address and you're in business. If you want to travel overseas, or deal in bigger sums, or trade with distant counterparties, you may want stronger levels of guarantee and pay accordingly. It's a global standard pretty well too. So you'd have no problems using it to prove your identity in all sorts of applications - travel, trade, opening a bank account, starting a company, getting insurance, benefits, accessing what little data about you the state actually needs and so on - none of which would need to be on any single central database owned by a bunch of data-incontinents like the government is proving to be with the attendant dangers of losing all your data at once.

So, you see, we no longer even need governments to help us prove who we are. And in fact they appear to be singularly bad at doing so. The threat inherent in this is that the currently all powerful state needs to be able to do this, or it loses control of its citizens. And they are shit scared of that. If we are not mindful, in their lust to maintain that power they will get immensely more authoritarian and intrusive. The time is coming when we will no longer need them. We must do all we can to hasten that day before they get their claws in too deep into these emerging trust mechanisms.

Thales, the successor to Thomson CSF, has won the first contract to start the design process for the National Identity Register which will be the more sinister side of the whole ID card system. For those of us committed to opposing ID cards and the NIR at every opportunity and wanting a way to boycott suppliers this presents a challenge. Many of the possible suppliers of course are not ones with big "brand names" you can easily boycott. Thales itself is mostly a government contractor, making war machines. And they are nearly a quarter owned by the French state. Both of these in my opinion make their appointment even worse (not because it is French, per se, but because it is partly controlled by a foreign state, however currently friendly that state may be).

But they do make, through their Thomson media subsidiary, a few things we can target. They are, for example the largest or perhaps sole supplier of the BT Homehub kit (and its equivalent from Orange). They also do an awful lot of facilities stuff for film, advertising and television (they own the Thorn EMI filming facilities firm), but it will always be quite difficult to find out which programs, films or advertisers are using them.

So the main real consumer product they can be identified with is Homehub. So, if you happen to be a BT subscriber and use one of those sexy boxes, maybe it's time to switch your communications provider?

(They also make set-top digital TV boxes and DVD equipment if you want to do some more digging around).

Would someone give me a job developing ideas for the future. Here's another one I prepared earlier:

It seems that the transmission loss problem is a little less daunting using High Voltage Direct Current - I work out that southern Morocco to London would involve about a 7% transmission loss in a more or less straight line over land. Sounds like it has potential to me.

...well, perhaps not quite but this is interesting, if blindingly obvious in a sort of a "why didn't we think of that" way:

I've been writing for a while now about how the globalization of communication (and delivery) technology is set to make it ever harder for states to quantify and collect taxes based on trade and incomes and make it imperative, if they want to have any revenue stream into the future, to switch taxation to more fixed sources like ("economic") land - ground rents, airspace, electromagnetic spectrum and so on, or face the prospect of ever increasingly authoritarian measures to force people to repatriate income and assets for tax purposes.

I hadn't counted on VAT being amongst the first to be threatened, but here it is. It's not going to help buying cakes from Tesco yet because it will only work if it is actually imported, I suspect (no getting away with simply operating from a warehouse in every town that happens to be owned by a Channel Island company I would think).

But people, liberal minded political types especially, need to wake up to this double threat - to recognize that revenue collection will be more difficult in future if based on moveable assets, incomes and trade, and to recognize that addressing that means going one of two ways - the more equitable land tax, or the more authoritarian crackdown on trade and "cross-border" earnings.  The ability to move money and income and so on overseas is moving fast and getting ever easier for the ordinary person - you no longer need to be super-rich to go offshore.  We need to act fast to counteract its effects on future tax revenues.

...a great post on the Libertarian Party blog today should help get you over your myopia, with a smile at least:

Thanks to Liberal conspiracy for highlighting protectionist amendments being sneaked into the Telecoms directive which MEPs will decide on tomorrow:

The amendments basically set the scene for forcing ISPs to monitor all their customers' traffic to catch them sharing copyrighted material on the web and to cut customers off if they keep doing it.

Over in the comments on Matt Wardman's blog posting the other day I suggested that this whole surveillance obsession smacks of "we do it because we can". Why should one's electronic communications, voice or data, be any more permissible to be snooped on than any other communication - snail mail, face to face or similar. Just because we can. For a variety of reasons electronic communications leave traces, and traces can always be tracked, but why should they be?

It is true that we need to have a debate about intellectual property and how, or indeed whether, it should be enforced in an era of global instant communication. It appears that the artists tend to be ahead of their production companies in exploring how to use the massive marketing opportunity that is the internet, such as recent experiments in releasing music for free, or on honesty box terms, on the web. But of course it is the media corporations and production companies that are lobbying for this sort of protectionist measure. The debate needs to be held much more widely than that though, and not snuck through where these measures were explicitly removed from the directive last time the European Parliament discussed it.

I have written to Sharon Bowles and Emma Nicholson. I suggest everyone take a look at the details of these amendments and give some thought to writing also to any of their MEPs. It is being debated tomorrow, so act fast!

I very fundamentally believe that the internet in particular is seen as a threat by both governments and corporations who feel they are not able to control it. For me, it is the greatest advance in people communicating with people and eventually needing far less "government" to broker their international relationships or trans-national corporations to broker their trade. But for it to bring about the vast benefits of voluntary co-operation amongst individuals around the world it needs to find its own rules, not have them imposed by those very bodies that are scared of it!

I have two problems with the recent Lib Dem policy announcement about using road pricing to lower fuel duties and fund spending on infrastructure for more "environmentally friendly" forms of transport. The one, which I will return to in another post, is about the difficulty of solving two problems - paying for roads and trying to force people off them - with this one policy. But for now I want to suggest a solution to those many commenters on the Lib Dem Voice thread that any implementation of road pricing is going to be necessarily an intrusion on our privacy.

In fact, the technology has been around for five decades: the flight data recorder, or "black box". It even ought to cost less as it would mean no additional physical infrastructure such as ANPR gantries or roadside transceivers.

Take a regular GPS Sat-Nav system. Already the technology is being developed to deliver all sorts of content to such devices (see the "Sat-nav for people" section on this BBC Click report). It would be a small step to link this to a billing system in the vehicle that got data about the current price of the road you are travelling on, and on other alternatives to help you make up your mind about what route to use, and to calculate a total bill for a journey and initiate a payment transaction without even telling the billing authority where it has been.

Ah but, people say that's open to abuse or tampering to avoid bills on the one hand, and because there's no central information about how your bill is made up it would not be possible to dispute a bill on the other. Well, this is where the "flight data recorder" comes in. You do have the details of your journeys stored, but not centrally, rather in a box in the vehicle. A box say that has to be audited as part of your annual MOT perhaps. And that can only be accessed when security information is provided by both the person or authority wanting to read it and the owner. That way, if you think it is to your advantage to disclose where you have been, for example to dispute a bill, you are in control of when that data is disclosed.

Again, this technology is already around, and in applications much smaller than aircraft. My security guard in the hall of residence has a little device called a "Deister" which they use to "prove" that they have been doing patrols. There's no live link snooping on where they are going, but the Deister gun will be audited and has logged a patrol if there is any dispute.

Can anyone see any other objections to such a way of doing it non-intrusively?