If you don't know who Richard Stallman is, you probably haven't written much software. But that's okay, since the csclub does. They hosted a talk at the University of Waterloo on "Copyright and Community" June 6, 2007.

He first gave an introduction to the FSF, and free software in general. He then went over the four freedoms he uses to define if software is truly free. The supplied link definitely goes over it in more depth, but simply stated, they are:

• freedom 0: The freedom to run the program, for any purpose.
• freedom 1: The freedom to study how the program works, and adapt it to your needs. Access to the source code is a precondition for this.
• freedom 2: The freedom to redistribute copies so you can help your neighbor.
• freedom 3: The freedom to improve the program, and release your improvements to the public, so that the whole community benefits. Access to the source code is a precondition for this.

Stallman then went on to go through the history of copyright and copying technologies. His main emphasis was that we've gone full circle, with copying individually via pen and paper, to copying individually with a computer. The differences between these two periods is the expansion of copyright law. However, I will not summarize his summary of the history. If you want a good basis for this, I'd suggest a book that Jay just lent me Free Culture, which goes over this rather well. I'm sure the other usual sources would work well.

Stallman sees copyright law as a bargain between the public and the class of all potential authors, as negotiated by the government. Which, would work, if the large IP holders didn't have so much influence in the systems. It seems likely that, in the States, copyright terms are tending towards being infinitely long. No new works have entered American public domain since 1923 due to copyright expiration. Moreover, the Digital Millennium Copyright Act (DMCA), basically allows publishers to write their own copyright laws for each individual work, since it makes it illegal to break or bypass encrypted works. Thus, if something isn't allowed by the original software, then it broke the DMCA, and was illegal, even if it was "fair use".

He then continued on how he should see copyright re-negotiated. First, he outlined three categories of copyrightable works.

1. practical works, that is works that have a functional purpose and are used to do jobs (software, recipes, educational materials)
2. expressions of thought, such as memoirs, scientific journals and essays
3. arts and entertainment, for more typical copyrightable items, such as books, movies and music

So, for each category, there is a unique play between what the public needs and wants to do with the work, and protections the author should receive for making it.

For practical works, Stallman sees that all four freedoms must apply. In order to be in control of our own life actions, we need to be in control of the tools we use in our lives, thus all software should be open source, all recipes should be freely distributable, and educational materials should be redistributable to your neighbour. In general, I agree that having these freedoms are important, in the general sense. I'm less sold on the fact that the freedom to redistribute copies is necessary for my freedom of software use. But I think that would be debate for a whole other post.

For things where creating derivatives is less important, expressions of thought, (as direct derivatives of, say a journal gives only negative value), concessions to these freedoms must be made. So here, freedoms zero and two should apply.

Lastly, Stallman considered creative works. Books, movies and the like. Here a specific term of copyright, he argued, should be given. This term should be no more than 10 years. According to Stallman, this term should be as short as possible. He also argued that you should still have the freedom to redistribute unchanged copies to your neighbour. He depicted a gift economy for music in particular. Let individuals copy music (non-commercially) as much as they like from whomever they like, and if you could build a button into every media player that would give a dollar. His logic was that since the average person spends 20-40 dollars a year on buying music, and about 1 dollar of that 20 goes to the artist directly people would only need to press the donate button once or twice per year for as much music as they want to listen to. Since this system cuts out the middleman of distribution and promotion, it can also cut out the margins they receive. Then the monies could be redistributed to the artists from this pool of donations based on, say the cube root of their popularity, so that there's an effective cap that the popular artists hit.

I'm not entirely convinced that gift economies work, so I'm not sure how I feel on this. Likely, I'd see redistributions being handled much like our blank media royalties are here in Canada, with all the governmental efficiency we can muster. I also would see this as an almost impossible undertaking to become pervasive in the laws of large countries, making the system pretty much lip service. Assuming such a system for music compensation doesn't exist, however, was no point made upon. Otherwise, though, a shorter copyright term is a good thing to the public. Stallman noted that the average book is out of print in 2-3 years. So why does it need 120 years of copyright?

The talk was interesting. If you want to watch the whole thing, it will be available on the CSClub's media page. At the very least, I got to meet the man who wrote so many of the commands I use on a daily basis.

Because I couldn't have said it better if I tried, Bruce reminds myself why I wear a tinfoil hat sometimes. The risks of data reuse has two good cases of how easily your data can be used against you, even if that wasn't the original intent. If you leak data into the world (i.e. you've been somewhat alive in the last 10 years) you should give this a read to help you re-evaluate what data you're okay with telling the world about.

There was a disc error. I lost a hard drive. But, no worries, most things were salvaged.

I did, however take the time to redesign some a cleaner layout. Obviously, I have more fun with the code than posting, which really was the intent of this in the first place. All of my public data clutter moved away from this blog and towards it's own page. And, if you're reading via RSS subscription, the feed link has changed.

Also, thanks to grendelkhan, for providing gimp source material that wound up as part of my imprint.

Sometimes, the little things on the net pop out to astound me.

waxy.org gave me a good laugh tonight.del.icio.us users caught in a recursive loop

Firstly, to inflate the machine's ego: this post is entirely due to your pressure.

Wouldn't it be nice to be able to sit in the comfort of your own home and cast your ballot for the candidate of your choice? Maybe it might even get you out to vote in a municipal election, or those hated winter elections.

So when will you be able to vote sans pants? If you live in Peterborough, you can already. They have set up a flash site that identifies you by name and the number (of your voter registration card), and a CAPTCHA. (Though even with the use of CAPTCHA, they claim it's entirely accessible to those visually impaired. I don't know those details, however). Would I trust such a system? Not yet. What do we have to trust?

Communications: the channels of communications must be secure and untamperable.
This is a reasonable assumption. Man in the middle attacks are not common for SSL connections that are verified through SSL certification signing. This, however, could be vulnerable if one can exploit errors in browser certification handling. (IE 5.0 had problems with SSL certs and are succeptible to man-in-the-middle attacks)

If we assume that some sort of secure channel exists, then we have to trust the server software. We must trust the server operators. This is unavoidable, someone must be trusted with ballots, electronic or dead-tree ones. We must trust that the server was well programmed and won't have ballot-losing bugs. I seriously hope and assume that these servers are reasonable bug free. (Though that isn't always the case, there have been problems over Diebold machine programming in the United States)

Now we come to the main problem I have with electronic voting systems. What happens during tablulation, or re-tabulation? Traditonally in the Canadian system, when votes are counted, a party delegate from any party being represented has the option of being present. Now, there's less need for recounts once we have computers doing the counting for us. But if we don't have paper copies of the original ballots, we loose all ability to do a recount. We must trust the results the machine gives us. Delegates can't watch over web servers or electronic machines tallying votes, as most don't have the expertise to monitor that kind of security. Counting pieces of paper, however, is simple and robust.

So what does that mean for when I'd start saying electronic voting is good enough to use? Once the machines/servers are available for peer review before the election, so that a delegate from each party could review the system. And once the machines are simple enough and tamper proof enough, that our current delegate system in each riding works, and normal people can monitor for tampering of voting machines. And once we have machines that print out a paper ballot that can be recounted just like any other ballot, to ensure that the machines are working perfectly. (And that this is done in the beginning, as well as random spot-checking to make sure, that this is the case).

But, as LeVar Burton always said. "But you don't have to take my word for it". Read it for yourself. Elections Quebec did a review of the current state of evoting, and determined that it's not quite ready for their province. Michael Geist's column in the Toronto Star Vote against online Voting goes through some of the recent probems with evoting, and the Canada Elections Act says that electronic voting cannot be used for any official vote federally until it gets approval in the House of Commons and Senate.

I just started to create a claimID profile. So now you can check out my claimID.

I'm still debating the usefulness of this over the simple concept of just having a home page (like this one) that's properly laid out. However, data duplication issues aside, it is a well done site, simple to use and has a well-focused attention.

Why it's useful:

It's fully controlled by me so I can show off the person I think I am to the world. I determine the importance of the links, who I choose to link to and who I don't. It can be the things I write, participate in, have done, or have said about me. I could even throw my own crediblity out the window by claiming I wrote all of Slashdot.

It's also current; it properly uses MicroID to validate the sites I actually own. It creates a proper HCard page I could use for integration with and to other identity sources.

Why it's not:

It's not yet visible enough. If people don't know about the page, they won't be able to see what I want them to, they'll be back at the position of just googling Ryan Bianchi and coming up with data that I might have been a fullback for California State Polytechnic University (which I wasn't). But even that is always changing.

So I think it can be a useful "personal resume", a kind of addendum to the more formal resume. I think of it kind of like a resume for someone who just met me. An interested new co-worker or something like that.

I was going to post this earlier, but I keep forgetting to grab the images for it. So here it is without them.

Another Hillside Festival has come and gone. A bit of backround for those who don't know; Hillside is a music oriented festival in a GRCA park. It has four stages of varying sizes for music, as well as places for mostly environmental and spiritual workshops, though interesting workshops also exist. Probably the most interesting part of it all are the musical workshops they have, where artists that might not normally know each other get to play together for an hour.

What happened this year? I got to go with a much larger group of friends, which was a lot of fun, to play frisbee, dance with and generally relax in the proximity of good music.

Friday night's highlight was probably sitting down listening to Corb Lund, a pretty good Folk-Country band from Alberta. The 'No Escape From Reality' workshop was also a lot of fun. Final Fantasy made the workshop a lot of fun to watch. Of course we left early, so we could have time to hit up the Albion Hotel for drinks before we had to retire for bed and ready ourselves for another day -- it was Kelsie's birthday!

Saturday started with two more workshops, though nothing much really got happening until getting to see Final Fantasy and Torngat take the stage together. Since they already knew each other's music, it made it a pleasure to listen to, playing off each other's material. Some very relaxing music. Later on, the Hidden Camera's "reversal" was fun, but had frequent pauses as they tried to teach members of the audience to play along with them on stage on the tom drum, glockenspiel and tambourines. Luckily their main stage set the next day was a energetic good time. Cuff the Duke's set that day sounded really well. They played Hillside last year as well, and they sounded a lot heavier and less country. Though on reflecting about this now, I'm not sure if that is more in comparison to the amount of country listened to last year, of if that's how they were really playing. This year, however, they sounded more like the alt-country I like from them. They must have made a good enough impression, as the tent was packed and even Kevin decided to buy some of their wares. (A totally awesome belt-buckle). Right after them, Holy Fuck played an extremely energetic show with guest apperances ('because they weren't given any workshops') by Cadence Weapon and Final Fantasy.

The Final Fantasy set right after was a treat to listen to as well as watch, because you could see him forming each violin loop as the song built, not to mention the really fun cover of Mariah Carey's "Fantasy" with Gentlemen Reg (of Hidden Cameras). As the night progressed passed the really entertaining Final Fantasy set, while the Wintersleep set sounded really good, I was far to tired and had too much beer to really get into the spirit of things. Fortunately (?) the long bus wait and walk home helped things out for the next day.

The next day started off extremely well, with waffles, and later, the Gospel Hour. There was a workshop on the main stage with People's Republic and Cadence Weapon which sounded awesome, but I ended up going to the "Tenant's Rights" workshop to learn a little more of the ins and outs of not getting screwed over by landlords. The Austrian dub band Dubblestandart I had heard nothing about, but since Republic of Safety weren't terribly exciting, I'm really glad I ended up seeing them, as they were just awesome to see. As was the Tweleve Lane highway, which had a multitude of people (twelve, obviously) jamming in an incredibly fun session. Including the hilarious "Teeth solo", where all twelve on stage simply smiled. The rest of the day included bands I've mostly seen before, but were still fun to watch. Torngat, the previosly mentioned Hidden Cameras set and The Next Best Thing. though, in between that all, was the People's Republic, a band I should check out more, and a really fun time of throwing a frisbee around listening to Cadence Weapon.

All in all, a lot of good music, food and fun was had. Anyone around the Guelph/Kitchener/Waterloo/Cambridge area really should look into going if they ever get the chance!

Today my Gramma passed away. She was very close to me, and greatly loved.

I'm blogging about it because alongside how caring and nice she was towards the family, my earliest computer memories are of her teaching an 8 year old me DOS commands to play Space Invaders and Sopwith on a (now) age old Zenith PC.

She will be missed by many.

Phil Zimmerman once asked 'Why don't you send your paper mail on postcards?' Would you send a love letter or will on a postcard, in an unsealed envelope? It may seem rediculous, sure, but this is exactly what people are doing every day. In fact, with email, this is exactly what we're doing with our everyday communications.

Most people are sending around email on the web that is horribly insecure. You may, incorrectly assume that since you have to log in with a password to read your email, and I have to log in to read the email you sent me, that this is a secure channel. Would you care if someone started reading your email, without your knowledge or consent? This writeup, then, is for you. It is mostly an introduction to cryptographic concepts for non-mathematics enthusiasts.

What's wrong with sending an email from my system to yours if we both log in? The most obvious, people could sniff your password. Shoulder surfing, dictionary attacks or collecting all network traffic are common ways of figuring out someone's mail password. Even if your account was secure, however, that doesn't imply that your message was secure. When you send an email to me, it will traverse through anywhere between 5-30 routers/computers. Any one of these points along the way can read, and store if they wanted, the email in transit. If your traffic goes through a foreign router that logs data and invades your privacy, how would you properly protect your rights in that country, not being a citizen of it?

First, a bit of background. Public/Private keys are asymmetric, whatever is done with one can only be undone with the other. Therefore when you send information to me, you encrypt it with my public key. Only my private key can decrypt it. When I send you something, I do so with your public key. Also, I can sign something with my own private key. Since I am the only one that knows my private key, only I could have signed it, if you check and decrypt it with the public key (which anyone can do). The concept is simple.

So, if I have convinced you, what should you do? A good introduction to installing and setting up GPG on a windows machine is done rather well by Brendan Kidwell, with A Practical Introduction to GNU Privacy Guard. If you use Gmail, or your service provider's email, you can use Thunderbird, with the Enigmail extension. Setting up Thunderbird is the same as any other mail application, and here's help configuring enigmail.

Just more of a whats-going-on post in my world. It really has nothing of service.

So, recently, I've finished my term, got a job and moved in Waterloo. This will mark the first time I haven't gone back home after the terms, and I'm excited. I thank my parents for all of the continued support that they give me, but I also really appreciate trying things on my own.

Over the summer I'll be working at RIM putting hardware together. I expect it to be mildly more stimulating than cleaning beef grinders. At least hardware testing is vaugely almost related to things I want to do.

The server has officially moved to infornography.ca, though I'm looking at finding a more permanent solution to these hosting issues. Uptime may be spotty.

And my room rocks. It's literally a cave. I'm tucked away in the corner of an attic of a four-square home. There's about 3 feet of clearance for my bed. It's fun to live in for now, not permanently, and at least the cave remains fairly dark. I should paint wildebeests, penguins and daemons or something like that on the walls with fingerpaints.