Posts

Posted on

The Italian Internet Bill of Rights. The Trojan Horse Keeps Shaping

According to the Italian online newsmagazine Repubblica.it the Italian Bill of Rights endorsed by Boldrini, the leftist President of the Italian Low Chamber (Camera dei Deputati) is almost ready and will affirm principles such “net-neutrality”, “right to privacy”, “right to universal access” and so on.

If this is what is all this Internet Bill of Rights about, then much ado for practically nothing, since all the alleged “Internet Rights” are already broadly covered by existing laws and regulation but what we do lack is a fair enforcement. Copyright is one of the most blatant examples: the current law protects the author, gives him full control over his works and let him free to use whatever licensing model of choice. He has the right to be acknowledged as the creator of a work and to stop any detrimental use. But what happens in the real life is that these provisions are largely ignored because of the overwhelming power of those who make profit from authors’ work: the publishers. Thus, again, “rules” are the last needed thing in the world.

Of course (and hopefully) this Internet Bill of Rights will never be turned into a real, parliament-passed law. Nevertheless shall become a political platform to ease the shift of the legal liability from the single users who commits a crime or is lazy in protecting his rights to the Telco Industry.

This is not acceptable.

Posted on

Our Digital Health And Electronic Money. IT Security Gets Tough

Let’s say the truth: IT security is just a bubble that no “serious” manager cares of. There is no possible explanation for the fact that today we keep talking about the very same things I’ve heard back in the early nineties, sold by somebody who wants to re-invent the wheel. But the indirect Paypal attack against Apple targeted at the upcoming Applepay platform and the spin put on the health-related application ? might change the situation: a (very)personal computing device allowing to manage the two most critical things of a (Western) human kind: health and money.

Can a company really afford to market software pre-release as “final” just to meet a marketing-set deadline? Or lure people into trusting a payment platform, risking to become liable in case of problems caused by a poorly implemented security?

It is really (still) possible to discharge any liability with a “simple” contract and put the barrel on the users’ shoulder when serious issues are involved?

IT companies should carefully think about it before entering into a sector where people aren’t so keen in just waiting for the next fix or hardware upgrade. They might be dead or bankrupted, in the meantime.

Posted on

Apple’s New Security Policy: Just a PR Stunt?

Apple announced not to be able anymore to hack into IOS8-based devices because of its “privacy-by-design” development strategy. Thank to this choice, according to Tim Cook, quoted by The Washington Post,

it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.

Since the fantasy of both lawyers and judges knows no limit, I wouldn’t be surprised to hear, in the next future, about some claim for “contributory criminal activity” filed against Apple based on the deliberate choice of giving “unbreakable weapons” to terrorist, paedophiles and copyright infringers.

When this scenario will become real, it will be interesting to see whether Apple remains stuck into his “libertarian” position risking a trial for contempt of the court, or negotiates over its users with the powers-that-be.

Then, and only then, we will be able to check if this “privacy commitment” was a genuine attitude or just the next marketing trick.

Posted on

Does SHA-7 belong to the US NSA?

As everybody knows, the SHA-n is a series of cryptographic algorithm developed by the NSA and published by the US NIST. The current SHA-n lineup includes SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512.

On the contrary, SHA-7 (see this link – italian only, sorry), a “proprietary, patented encryption algorythm” developed by an Italian company doesn’t belong to the original “family”. And doesn’t have any endorsement by the scientific community.

I wonder why SHA-7 designers have choses this confusing name for their code.

 

 

Posted on

Google and Germany’s Ministry of Justice: A Wrong Idea of Dominant Position

The Germany’s Ministry of Justice asked Google to disclose its search algorithm because of the Mountain View company dominant position on the relevant market.

The request is not legitimate at least for two main reasons.

First: Google’s current “market position” is not based on a “users’ lock-in” as in the file-format case (for longtime, not being able to open a .doc file has been an effective method to have the users stuck to Microsoft Word). Everybody is free to use whatever search engine of choice. Yes, because Google is not the only kid in town: Yahoo!, Bing, DuckduckGo are in the same business, but steps behind Google. Sure, Google is THE search engine, as Altavista was a few years ago. But who but (some) historians still remember about the Google’s predecessor? And here comes the point: Google’s success is made by the people who use it: give them a better search engine (and additional features) and Google will fall on a fingers’ snap. This is the last iteration of a wrong concept of “dominant position” and “monopoly” when matched with a successful digital business model based on information as quid-pro-quo for providing (partially) free services.

Second: even if the “dominant position doctrine” were relevant to this case, the German solution would be possibly worst than the disease to be cured, because it would set the precedent that a company, for the sake of the “free market”, should be forced to disclose its industrial and trade secrets. Try to tell this to the pharmas or the automotive manufacturers and wait for the answers!

So the bottom line is: If you want to beat Google, instead of tying its hands, do create a better one.