Categories
e-democ / e-gov

Comprehensive NYC post-‘open source’ campaign analysis

Micah Sifry, eCampaign Director has posted an excellent analysis of the Rasiej for Public Advocate campaign. Rasiej was running to be the Public Advocate (sort of deputy mayor) for New York City. His campaign was full of great new ideas including free wifi across the city. He had blogs, a Google Maps based pot-hole tracker to show what can be done with the Internet and encourage small online donations instead of currying big name support.

Unfortunately he only polled 5.17% coming in 4th out of 6 candidates for the Democratic primary – and that was that.

There's loads of good e-democracy stuff in the article which I won't bother repeating but of note for all, not just e-democracy folk, is their bitter disappointment with how little online advertising delivered for them.

I come away from reading the analysis feeling there's lots of positive things to take from more open, online campaigns but you can't forget the meat and potatoes of politics – people and particularly big name support (such as ex-presidents, mayors etc).

Go read!

Categories
technology

The Spam that goes beep in the night: Stopping SMS Spam

The other night my wife's mobile beeped and vibrated as two SMS text messages barged into her phone at 4am. We were both delighted seeing as the phone was on the bedside table, waking us both. The next morning she checked and saw two lovely spam messages.

Hence the past hour or so spent trying to stop it from happening again. We're both with T-Mobile and they're call centre staff are usually quite helpful so I gave them ring. After faffing through the menus (joy) I got through to a human who told me one thing several times “There's nothing we can do about spam.” Right, thanks buddy.

Phone Scream

He was nice and friendly as he said it. But still he could have said “Have you tried registering with x” or “If the spam persists report it to our unsolicited messages team” or “Your phone has a feature to block certain numbers” or even “If you pay us we can block it.” But no, nothing, zip, nada. Not interested.

So, as always, I went online and started by searching all of the barely usable T-Mobile UK site for 'spam' or 'unsolicited' which resulted in… nothing. With lots of fiddling, opening the site in Firefox and Safari eventually I found “Unfortunately, it's not yet possible to bar incoming text messages.” Great.

So after lots of Googling the best I can do, it would seem, is register our numbers with the Telephone Preference Service which may do the job. Let's face it, the network operators profit from every SMS message sent, so why stop the little money makers?

The information I've found has been sketchy and contradictory but I believe there is EU legislation pending to try and cut down on SMS spam. It's dependent on how each country implements it though… I think we're yet to see the UK version. I hope in the future phones will offer filters for this kinds of thing while the spammers themselves get thwacked by the authorities. Hopefully, maybe?

I'll let you know if we get less SMS spam too…

The Others

In the interests of completeness I then had to go and check out the other phone networks. So in descending order of patheticness here's my findings:

Vodafone have a VSPAM service which seems fairly pro-active. Any message sent to the VSPAM service is going to be blocked, they imply. If an 090 number is in the spam they also pass the spam to the appropriate regulator.
http://online.vodafone.co.uk/dispatch/Portal/appmanager/vodafone/wrp?_nfpb=true&_pageLabel=Page_BOS_MainContent&pageID=AV_0054

Orange aren't exactly spectacular in their help but they do offer useful tips and advice online. They also implicity do something about spam as they encourage users to forward spam messages to a special short code number. Still they don't do Blackberries so not much good for me.
http://www.orange.co.uk/about/contact/spam/

I finally cracked O2's dreadful site with an advanced Google search which showed one page just telling people to report messages to the premium number regulator ICSTIS. Not helpful or proactive at all. http://www.o2.co.uk/help/spam_advice/0,,500,00.html

I could find nothing at all about spam from 3.

SMS Spam Links

43% of text messages in the US are now spam according to Wireless Services Corporation.
http://www.informationweek.com/story/showArticle.jhtml?articleID=60404039

Text spam complaints skyrocket in South Korea.
http://www.engadget.com/entry/1234000520024878/

Children burned by SMS Spam on the CBBC Newsround site.
http://news.bbc.co.uk/cbbcnews/hi/chat/your_comments/newsid_2450000/2450311.stm

Legal moves to stop SMS spam around the world…
http://www.wired.com/news/business/0,1367,61226,00.html

Excellent overall guide to SMS Spam.
http://www.wiredsafety.org/gb/law/spam/sms_spam.html

Categories
e-democ / e-gov

A Cabinet Office Minister Blogs

A big up to William Heath, Chairman of Kable for getting Cabinet Office Minister Jim Murphy blogging on the excellent Ideal Government blog.

The first ministerial post is online here.

While the post is about e-government strategy, I see this as an important step in e-democracy. Ideal Government is a blog of people who care about e-government, they're an interested party. The minister has seen it to be worth his while to engage with the group online… a further validation of using online tools in the grey consultative areas of policy development.

Categories
notes from JK

LinuxUser columns online, here are some best bits…

I’ve been writing a column for the excellent LinuxUser Magazine for much of this year, I’ve been a contributor since 2003. For reasons I don’t quite understand they’ve had an on-off policy on archiving their content online. Personally I think if magazines like Wired and FastCompany can do it for free, there’s no reason why all magazines shouldn’t. Anyway with some arm twisting I’m happy to say all my columns will be archived online on my site here.

Here are some of my favourite bits from previous columns…

On Linux in Poland

In a country with high unemployment and low wages relative to the rest of the EU I was expecting FLOSS to play a major part in Polish digital life. I was very wrong… more

On Transport Direct

40 million quid well spent then. Once again we’ve seen the Government spend piles of good cash on not just average or bad but terrible ‘solutions’. Transport Direct is a slow, unusable, non-standards compliant site with unreliable data if you can figure out how to get to it. When such wonderful easy to use systems as Google Maps, WriteToThem.com and BaseCamp exist how can we keep pumping out such plain awful government sites? It’s time for it to stop… more

On FLOSS license incompatibilities

I get that sense that the multitude of different FLOSS licenses are blocking up the positive use of different open projects in other open works. The good intentions that go into building any freely available lump of software are based partly on the idea that others will benefit. If license incompatibilities prevent that then we are losing the key benefit of going for FLOSS in the first place… more

On Technology’s impacts

We’re all alone, floating isolated in bubbles of our technology. We’ve built ourselves cocoons of entertainment which make it easier for us to avoid meaningful relationships with other people and the world at large… more

Categories
notes from JK

Web Awards a go go! Please vote…

I'm rather surprised and extremely honoured to have been chosen as a finalist in the “Best Personal Site and Web Blog category” for the Brighton & Hove Web Awards 2005. Neat!

In the spirit of these things: Please do vote for me!

The finalists are: * Sketchy Animation * Yummy Wakame * j-dom * Assistant Blog * Zender Bender

Good luck to them and all the other participants in the awards, which you can see here

Categories
voting

e-voting’s next stop, Poland?

That e-voting train keeps steaming on… Press reports in Poland are discussing the possible introduction of e-voting there.

Their basic argument is that e-voting would boost turnout, which is rather odd considering that it hasn't done so anywhere else. Also what with high unemployment (20% officially) and a largely agricultural population Internet access isn't exactly rampant. Certainly Internet voting would be attractive to the large expat population, but how many of them would be eligible to vote I wonder?

Pressure is being applied for Poland to jump on the e-voting bandwagon because “the UK, Belgium, Switzerland, US and Estonia all vote via the Internet”. Not true.. They've had trials but no general elections have taken place with Internet voting. In the UK e-voting is currently dead. In the US remote e-voting is a long way off after the SERVE project was killed. Belgium uses polling place computers, not remote voting. Switzerland and Estonia have both been involved in limited testing with low usage figures.

It's bad enough having to counter false hopes over what e-voting can deliver, but when untrue claims are made about remote e-voting's prevalence one has to worry.

Press report on Onet.pl [Polish]
if you understand Polish the discussion at the bottom of the article is entertaining

Categories
technology

Changing email address like changing hair styles

Across the communities we run at Swing Digital we've started tracking how often each field is changed in our members' profiles. It's proven to be an interesting exercise…

Across all our sites one field is the top or near the top of the most changed fields: email address.

Now I'm clearly not usual as I've had the same personal email address for around 10-11 years. I've got some other addresses in addition to that as time has passed, from my universities and work, but for most things I've registered with this one address. It's been a continuous thread for my online identity, but it would seem that this isn't the case for the membership of our clients' organisations.

People log on to the sites with their email address which perhaps helps them to be aware of when they need to change their address. Still members are actively changing their email addresses really often.

I wonder, is this due to the disposability of Hotmail and Yahoo addresses or just that people move jobs so often? Share your comments and experiences.

Comments from the previous version of this blog:

Spam
Need I say more?
15:42:18 GMT 28-10-2005 lee

Tinned Meat
Does spam *really* force people to change their email addresses so often? I always saw changing address as a short term fix only, seeing as so many spams just seem to try any and all addresses at every domain name they can lay their hands on.
Perhaps not. Before SpamSieve and SpamAssassin (yes it takes both) I was struggling with spam too…
19:16:09 GMT 28-10-2005 Jason Kitcat

not everyone is aware
My experience is that the average, who seem to compromise the majority, of internet users still don’t really know that much about spam and it’s prevention. I too have had the same personal (ISP provided) email for a several years, I haven’t changed it since I last changed ISPs and wont change it unless I change ISP again. I also have a ‘trash’ email which I do use if ever I need to enter details anywyhere that I think may be a bit risky (and yes I have ‘fun’ email addresses for when I feel like using them)- but it’s only ever needed to be changed once. So many internet users I come across though go around entering their email address willy nilly in any box that asks for it, posting it on public forums and handing it out to all and sundry – then they wonder why they need to change it.
00:33:54 GMT 01-11-2005 manny

Categories
technology

Linksys WAG54GX2 SRX Modem Router Review

It wasn't my intention but I ended up being an early adopter of the new Linksys Modem Router. So I thought perhaps a review would be of benefit to others.

In the past few years I've been through ADSL modems from BT, Binatone, D-Link, Hermstedt and Netgear. The BT one was like a rock, but I couldn't reconfigure it when I moved. The Netgear one was okay but I asked a lot of it and I ran into some firmware issues which wouldn't bother most, same for the D-Link but it was a little less user-friendly than the Netgear. The others aren't worth discussing.

Through this modem orgy I stuck by my Apple Airport Extreme basestation (sans modem or aerial port) and it coped fairly well. The administration software is lovely, the USB printer sharing is fabulous and of course it looks nice. But range and performance is pretty uninspiring, especially if you allow for 802.11b and 802.11g clients.

With my recent move the Airport was just not reaching all corners of the house and garden, modest as they are. I also was tired of the occasional game of reset the routers when one began to diagree with the other, or something, I couldn't be bothered to diagnose the issue hence my fiendish use of an unbent paperclip on the reset buttons.

So I warmed up Google and set about finding an all-in-one ADSL modem and Wireless router which was going to be stable, fast, secure and easy to configure for my occassionally demanding needs. It was harder than I thought it might be – really high-end stuff like the Proxim ORiNOCO AP-700 (for Xmas please!) assumes a big corporate network so have no ADSL functionality. At the other end loads of no-name boxes have minimal reliability thanks to their absurdly low pricing.

To cut a long story short I found out about the WAG54GX2 which wasn't actually showing on the UK Linksys site but I tracked it down on the oddly named NickKnows.com for an excellent price and had the box in my hands in no time.

Let's manage expectations here – it's not like taking an iPod out of its box, but nevertheless the out-of-box experience was pretty darn good. I was up and running in no time, once I read the help to understand the different terminology Linksys use compared to other vendors. The configuration interface is sensible and filled with piles of useful and intelligent options. The two aerials for MIMO (basically more speed, more range) are not precisely attractive, but who cares – I've been using this baby a week or two and it's been rock-solid reliable and fierce fast.

Here's my signal-strength test data collected using a 15″ PowerBook with an built-in Airport Extreme card with iStumbler's signal readout…

Apple Airport Linksys WAG54GX2
Study 19-33 37-49
Lounge 39-42 46-55
Garden steps 21-28 19-27
Hammock
at end of garden		 0 8-23

Quite a difference… I can actually surf from the hammock – bliss.

The only problem I can report is that the router's DMZ option doesn't seem to be honoured, so that if you set an IP address to be in the DMZ it should be fully accessible to the outside world but it isn't. I got around this using the port-forwarding options, more fiddly but good enough. I really couldn't recommend this box enough, it's the best I've found anywhere

Categories
notes from JK

Workshop venue confirmed

The Amadeus Centre

Little Venice, here we come!

My workshop “Managing Web Projects” will be in the wonderful Amadeus Centre, we're going to have the whole place to ourselves and free wifi too. I'm already looking forward to the yummy lunch, their kitchen smelt incredible when I visited. The learning will take place in upper hall with breaks in the lower hall and dining room which are downstairs.

We had to bump the date by one day to fit in, so the workshop will be Thursday 26th January now. Looking forward to seeing you there!

http://www.kitcat-workshops.com

Categories
voting

Estonia e-votes

Estonia has just completed a nationally available legally binding online election and the media are causing a fuss. My head’s in a twist because I just wrote a great post on this topic before BBEdit crashed losting the post – BBEdit never crashes.

 

Anyway let’s try and get this back from memory… The BBC did a pre-election article and Associate Press did a post election article where they quoted me fairly accurately.

 

This sums it up:

 

He acknowledged that Estonia’s system was the most secure to date, but said no system was “good enough for a politically binding election.”

 

Yep, it’s a pretty good system, as far as I can tell. The Estonian National Election Committee has published the rather good General content:encoded of the E-Voting System. With a small population of 1.4 million and PKI based smartcards authentication is not the problem it is in many other countries, so I can skip that. (Though if anyone has any info on copied Estonian ID cards being found, that would be interesting).

 

Essentially voters cast their vote online through a Java or ActiveX applet which encryptes the chosen candidate with the vote-counters public key. The voter then signs the vote with the private key off their smart ID card. The votes need to be traceable, via the voter’s signature, as citizens are allowed to vote multiple times online and offline. Once the election closes and invalid ballots are removed, the voter’s signatures are removed from the votes and the encrypted votes are physically passed to a counting machine off all networks. On this machine the private key of the vote counter is used to decrypt the votes before counting.

 

Of course once the digital signatures are off the votes their uniqueness and authenticity cannot be verified. Potentially un-signed votes could be swapped, added to or removed. I hope they add in some unique number (like a timestamp) with the vote (which is otherwise purely a candidate number) as their logging works on the basis of hash(vote) but of course two hash(candidate 198) would be identical. The terminology in the document is a little unclear, perhaps the logs use the hash of the signed & encrypted vote, or perhaps not.

 

The logging system is one of the best I’ve ever seen in an e-voting system (I’m still pretty proud of GNU.FREE’s logging and there may be better logging designs cloaked in corporate secrecy). However there is no mention of what protects the logs themselves from tampering. They all use hash(vote) as a unique identifier so without protection of the log files one could remove votes successfully and perhaps replace them if one had the right keys. The public key for the vote-counter is embedded in the voting applet so that could be extracted.

 

There is no voter verifiability, though potentially the system would allow for a basic level of post-count checking, but it doesn’t currently. Once the voter has clicked to send their vote and received an acknowledgement back, that’s it. There’s no way to check the vote was stored as intended and no way to be sure it was counted. That’s disappointing but perhaps not surprising in a country which culturally less cynical of government’s motivations.

 

The following requirement ensures that the privacy of e-voters is maintained: at no point should any party of the system be in possession of both the digitally signed e-vote and the private key of the system.

 

There are many ‘coulds’ and ‘woulds’ in the general content:encoded document I’m using to explore the Estonian system. So for example they suggest splitting the private vote-counter key to reduce the possibility of compromise, but it reads more as a suggestion than what actually happens. Without knowing Estonian I can’t get more detail to find out what really happens. Certainly the above quote shows that they recognise a primary vulnerability in their system and whilst splitting the key could help, they also suggest having multiple keys because if they lose or corrupt the only one they can’t count the votes. Uh-oh.

 

Conclusion

 

Kudos to the Estonians for publishing accessible and detailed documents in English. They totally get this whole open government thing. For the size of country, it’s technological outlook and the low likelihood that anybody major (e.g. a superpower) would want to mess with their elections, the system is ok.

 

Considering how much time I spend talking to journalists, I often wonder which bit they’re going to choose to print (if anything!) so I’m glad my best argument was included:

 

“The benefits [of e-voting] don’t come anywhere near the risks,” said Jason Kitcat (…) “It’s a waste of money and a waste of government energy.”

 

With AP reporting less than 1% of registered voters using the e-voting system I think that once the publicity dies down, reality will set in. The system doesn’t offer the turnout boost hoped for and with such small numbers using it there aren’t cost savings to be had. In fact with voters still allowed to go for a paper ballot after e-voting, as protection against vote buying and coercion, new levels of election complexity are going to be more costly. These facts will be hard to avoid and, like most other places, e-voting will quietly die away.