Category Archives: Life

Killing the Goose #NetNeutrality

Well, they did it. The FCC voted 3-2 on party lines to scrap Net Neutrality even though 83% of voters across the board want to keep it, even though scrapping it doesn’t help anyone except the giant cable & phone companies and those they decide to bless with their approval, even though it’s the only thing other than trust preventing those cable & phone companies from placing restrictions on how you use the internet and where you go…and you can surely use your imagination as to how that can be abused.

But you trust your cable company, right?

The fight moves to Congress now. They can still nullify the action through the Congressional Review Act – ironically, the same method they used earlier this year to wipe out privacy rules that the FCC put in place under the last administration.

Write Congress. Call your Senators. Call your Representative. Battle for the Net.

The Internet Needs Your Help

On Thursday, the FCC is planning to vote to allow your cable company to decide which news sites you get to access, which streaming sites you get to use, intercept your search queries, charge you extra for accessing specific sites (even if you already pay a subscription to the site in question), etc.

Oh, they’re not framing it that way of course. They’re framing it as removing an “unnecessary and burdensome” regulation.

But Title II Net Neutrality is the only legal framework in place that’s preventing, say, AT&T from blocking Skype, or Verizon from blocking tethering apps, or Comcast from slowing down Netflix until Netflix paid them extra — all things that happened in the decade leading up to the rule being adopted.

It’s also keeping ISPs from doing what they do in countries that don’t have net neutrality, like offering different internet packages based on which sites you use. Yeah, they look like cable TV packages. It would suck to be a startup company that’s not included in one of those packages, wouldn’t it? Tricky to make any headway against the entrenched giants.

And just think what might happen if a cable company decided to downgrade (or even paywall) access to news sites or organizations or discussion forums or activist groups that they don’t like, while making it easier to connect to those that they do approve of.

“Please, the Internet was fine before it, so why do we need it?” The Internet was built on the principle. It only became an official, legal requirement after ISPs started violating it, and even then it took several tries to build a requirement that held up in court. And phone companies are still trying to push the envelope with bundling and zero rating.

“But competition will solve it!” Really? How much competition is there when you only have two choices for your ISP, the local cable company or the local phone company, both of which are giant conglomerates — and both of which have violated net neutrality in the past?

“The FTC can regulate it!” Nope, we tried that. Verizon sued for the right to arbitrarily block websites and won, which is why the FCC reclassified internet providers under Title II a few years later.

“This is a matter for the states. Let them handle it.” Verizon and Comcast are lobbying for the FCC’s decision to ban states from creating their own net neutrality rules.

Net Neutrality solves a real problem, and while we may be able to find better solutions, that’s no reason to throw out the solution we have today. Congress can stop the FCC from voting tomorrow, but only if they hear from you today! Go to Battle For the Net and call your Representative and Senators before the FCC votes to sell us all out in favor of your cable company.

Groot, Guardian of the Internet

Groot reminds us that Net Neutrality is critical to internet freedom, and we should call Congress TODAY, before Thursday’s FCC vote to eliminate the only thing preventing your cable or phone company from blocking competition, burying news they don’t like, and shaking down startups.

Unless you trust your cable company to have your best interests at heart, head over to Battle for the Net and get Congress to remind the FCC that they work for you, not Verizon and Comcast.

Amazing what Groot can fit into just three words, isn’t it? 😉

Straight-Party Checkbox: Bad Design Pattern

Putting a straight-party checkbox on a ballot violates a key design principle: The polling place and ballot should strive to avoid steering people toward specific choices. This is also why some places randomize candidates’ names or stick with alphabetical order.

The human brain would rather work on auto-pilot than think carefully. Give it an excuse to stick with auto-pilot, and it’ll happily do so.

Even if that means outsourcing your vote to the people who chose the slate and designed the ballot.

You can choose to vote a straight-party ticket, but the ballot design shouldn’t influence you to do it.

It’s amazing more email accounts weren’t hacked back in the 2000s

At a tech training session, I wanted to get access to some of my class-related email on the training computer. But I didn’t want to log into my primary email on an open network, or on someone else’s computer at all. I have no idea what they’re logging, whether they’re doing SSL inspection, whether there’s a keylogger on it — probably not, but who knows?

Heck, I didn’t even want to use my own device on the hotel Wi-Fi without a VPN, and that was at least secured by WPA2! (then again…)

I ended up forwarding the extra class materials to a disposable email account and logging into that one. No risk to other accounts if it got sniffed, at any level.

But I remembered how we all used to get at email when traveling back in the early 2000s, before smartphones, and before every laptop and every Starbucks had Wi-Fi:

Internet Cafes.

We’d walk into a storefront and rent time on one of their computers. Then we’d go to our webmail site and type in our primary email login and password over plain, unsecured HTTP without TLS.

I’d never do that today. Admittedly, I wouldn’t need to in most cases — I can access my email wirelessly from a device I own that I carry in my pocket. (Whether that’s a good thing remains up for debate.)

But more importantly, we know how easy it is for someone to break into that sort of setup. Even if your own devices are clean, someone else’s computer might have malware or keyloggers or a bogus SSL cert authority on their browser to let them intercept HTTPS traffic. An HTTP website is wide open, no matter whose device you use. And an open network is easy to spoof.

So these days it’s defense in depth: If it needs a password, it had better be running on HTTPS. If I don’t trust the network, I use a VPN. And I really don’t want to enter my login info on somebody else’s device.