Press Release: Cloud computing consultancy condemns controversial censorship conspiracy

SYDNEY, 24 December 2009: Sydney-based Australian Online Solutions today condemned the government’s plans to introduce draconian Internet censorship laws in Australia.

Senator Stephen Conroy (Minister for Broadband, Communications and the Digital Economy) recently announced the introduction of mandatory Internet Service Provider (ISP) level filtering of Refused Classification (RC)-rated content as well as grants to encourage ISPs to filter wider categories of content. This would require the implementation of complicated, expensive and unreliable, yet trivially circumvented filtering technology at the cost of the taxpayer and Internet user, despite a strong message having been sent that this is both unwanted and unwarranted. Reader polls conducted by the Sydney Morning Herald and The Age newspaper showed a staggering 95% of some 25,000 readers reject the federal government’s plans to censor the Internet in Australia, on the basis that it impinges on their freedom. “There are better and safer ways to tackle the problem, such as educating parents, teachers and children, offering customisable filtering as a value-added option and improving law enforcement (including cooperation with other countries)” said Sam Johnston, Australian Online Solutions’ Founder & CTO.

The full frontal assault on civil liberties aside, Australian Online Solutions has also raised some serious technical concerns about the program. “At a time when individuals and businesses are looking to shed expensive legacy systems in favour of cheap, scalable Internet based services, any action which can only impair performance and reliability while threatening to strangle Australia’s connectivity with the outside world calls for extensive justification”, said Johnston. “Cloud computing, which delivers computing services over the Internet on a utility basis – like electricity – gives its’ users a significant advantage over competitors. However web-based applications such as Facebook, Gmail, Hotmail and Twitter are extremely sensitive to bandwidth and latency constraints introduced by censorship technology”, added Johnston. “The proposed law threatens to exclude Australia from this large and growing industry altogether, both as provider and consumer, at a time when it could emerge as a market leader. Would you buy an Internet-based service from China or Iran, or even use one if you were based there?”. Analysts Merrill Lynch and Gartner estimate the cloud computing market to reach $175 billion in the coming years.

Trials commissioned by Senator Conroy and conducted by “highly reputable and independent testing company” Enex Testlab were also called into question, on both technical and conflict of interest bases. Enex Testlab, a supplier of “independent” evaluation, purchasing advice and product review services, boasts a corporate client list with over a dozen vendors of filtering technology including Content Keeper Technologies, Content Watch and Internet Sheriff Technology (accounting for around one quarter of all clients listed) and offers formal certification for content filters. As such it is believed they have strong motivation to avoid releasing a report directly or indirectly critical of their clients’ offerings.

Furthermore, the scope of the testing was artificially constrained, criticial controls (such as connection consistency) were missing and success criteria were poorly defined or non- existent from the outset, in a trial that appears to be a manufactured success. Nonetheless unflattering results which highlighted serious deficiencies in the proposal were disingenuously touted by Senator Conroy as showing “100 percent accuracy” with “negligible impact on internet speed”.

Other problems with the fatally flawed and heavily criticised report include include:

  • Proof that “a technically competent user could circumvent the filtering technology” while “circumvention prevention measures can result in greater degradation of internet performance”.
  • Admission that all filters were “not effective in the case of non-web based protocols such as instant messaging, peer-to-peer or chat rooms”.
  • False positive rates (over-blocking of legitimate/innocuous content) of up to 3.4% (over 5.1 billion pages per Internet Archive estimates) with failure rates as high as 2% (3 billion pages) considered “low”.
  • False negative rates (passing of inappropriate content) exceeding 20% (over 30 billion pages) with failure rates as high as 30% considered “reasonable by industry standards” (45 billion pages).
  • Admission that 100% accuracy is “unlikely to be achieved” and that the false positive rate increases with sensitivity, with no attempt to scientifically determine acceptable failure rates.
  • Faults being perceptible to end users, with some customers reporting “over-blocking and/or under-blocking of content during the pilot” while considering “mechanisms for self-management” and “improved visibility of the filter in action” to be “important”.
  • Unjustified assumptions including that “performance impact is minimal if between 10 and 20 percent”, while at least one system “displayed a noticeable performance impact”. Some customers “believe they experienced some speed degradation”.
  • Admission of “uncontrollable variables”, including ones that could result in “40 percent performance degradation over theoretical maximum line-rate, or more in some cases”, even at speeds less than 1/12 that of the proposed National Broadband Network (NBN).
  • Admission that reliable recognition of IP addresses to be filtered is unreliable (indeed often impossible), particularly for large-scale websites that use load balancing (e.g. most cloud computing solutions).
  • Results that were “irregular/incorrect” and “highly anomalous with reasonable expectations” (such as physically impossible improvements in performance when transferring encrypted, random payloads).
  • Complete absence of quantitative cost analysis (e.g. what financial load will be borne by both the taxpayer and Internet subscriber, both up front and on an ongoing basis), as well as any secondary costs such as decreased efficiency.
  • Overall results indicating that 1 in 5 customers’ needs were not met, with 1 in 3 opting out of continued use of the filtered service.

In addition to contacting local representatives, Australian Online Solutions encourages concerned individuals and businesses to join and support organisations including Electronic Frontiers Australia (EFA), GetUp and The Pirate Party Australia. The immediate availability of a limited number of sponsorships for founding members of The Pirate Party Australia is also announced for those who want to get involved but, for whatever reason, cannot afford the membership fees in this difficult economic environment. To take advantage of this opportunity please contact membership@pirateparty.org.au with a brief explanation of your situation.

“Anyone who cares about their future and that of their children and grandchildren should take action now”, said Johnston, who applied to both The Pirate Party Australia and Electronic Frontiers Australia (EFA) in response to Senator Conroy’s announcement. “The government’s gift to us this Christmas was draconian censorship, so let’s return the favour in helping The Pirate Party Australia attain official status by acquiring 500 exclusive members”.

###

About Australian Online Solutions Pty Ltd
Australian Online Solutions is a boutique consultancy that specialises in cloud computing solutions for large enterprise, government and education clients throughout Australia, Europe and the USA. Founded in 1998, Australian Online Solutions has over a decade of experience delivering next generation Internet-based systems and is a pioneer in the cloud computing space, whereby technology previously delivered as hardware and software products are delivered as services over the Internet. Cloud computing is Internet (‘cloud’) based development and use of computer technology (‘computing’). For more information refer to http://www.aos.net.au/

About The Pirate Party Australia
The Pirate Party Australia (http://www.pirateparty.org.au/) is a political party with a serious platform of intellectual property law reform and protection of privacy rights and freedom of speech. The Pirate Party Australia aims to protect civil liberties and promote culture and innovation, primarily through:

  • Decriminalisation of non-commercial copyright infringement
  • Protection of freedom of speech rights
  • Protection of privacy rights
  • Opposition to internet censorship
  • Support for an R18+ rating for games
  • Reforming the life + 70 years copyright length
  • Providing parents with the tools to run their own families.

About Electronic Fronteirs Australia (EFA)
Electronic Frontiers Australia (EFA) is a non-profit national organisation representing Internet users concerned with on-line freedoms and rights. The EFA is the organisation responsible for the “No Clean Feed” (http://nocleanfeed.com/) grassroots movement to stop Internet censorship in Australia. They are also dealing with related issues such as the Anti- Counterfeiting Trade Agreement (ACTA) and censorship of computer games. Individual memberships start at $27.50 and organisational memberships are available. For more information refer to http://www.efa.org.au/

About GetUp
GetUp is an independent, grass-roots community advocacy organisation that is actively tackling this and other pertinent issues including climate change. For more information about how to get involved refer to http://www.getup.org.au

About Sam Johnston
Sam Johnston, Australian Online Solutions’ Founder and CTO, is a prominent blogger on cloud computing, security and open source topics. He maintains a blog at https://samj.net/

Press Contact:
Sam Johnston
+61 2 8898 9090
Australian Online Solutions Pty Ltd

For the latest version of this release please refer to http://tinyurl.com/cloudcensor

A word on the Australian Internet censorship scandal


I’ve had a quick scan over Senator Stephen Conroy‘s infamous, long-awaited report on the efficacy of current Internet filtering technology and find it to be nothing short of scandalous. Without getting into the nitty gritty details (for example, how a filtering solution can achieve the impossible by improving rather than degrading the performance of encrypted, random transfers), it reads like it’s a whitepaper for one of the various purveyors of censorship technology.

The cynic in me insisted I take a quick look at who these Enex Pty Ltd jabbers are anyway – who knows, they could be an industry lobby group for all we know. Sure enough, a quick look at their corporate client list reveals (based on some quick Google searching) over a dozen companies who make a living selling commercial censorship technology:

  • Anthology Solutions
  • Content Keeper Technologies
  • Content Watch
  • F-Secure Corporation
  • Internet Sheriff Technology
  • Manaccom
  • MessageLabs
  • NetBox Blue
  • Netgear
  • Netsweeper
  • PC Tools Software
  • Raritan (?)
  • Secure Computing Corporation (McAfee)
  • Symantec
  • Trend Micro

To put things in perspective, this represents around a quarter of their published client list, and that’s not including half a dozen or so service providers that could arguably be thrown in with this bunch. Who in their right mind would risk upsetting one in four of their paying customers by writing a report critical of their products? And does anyone really believe that these vendors resisted the urge to apply pressure? Or that there were not personal relationships involved? I don’t, not for a second. In my opinion this report was rigged from the outset to succeed, and in doing so deprive Australians of essential civil liberties.

The report itself is fatally flawed; the error margins are significant (e.g. “a conservative +/-10 percent”), critical controls were missing (e.g. “as much as 40 percent of an internet service performance could be lost [due to factors outside of our control]”), outrageous assumptions were used (e.g. “performance impact is considered minimal if between 10 and 20 percent”) and perhaps most importantly of all, it’s creator has an obvious conflict of interest. I don’t consider it to be worth the paper it’s [not] printed on.

Another deeply concerning development is government grants that would encourage ISPs to go beyond the mandatory filters, despite all censorship systems tested reporting 2.5-3.5% false positive rates (that is, where innocuous/legitimate content is filtered). To put that in perspective, the best part of a billion legitimate pages would be improperly filtered (according to Wikipedia stats), or around 1 page in 30.

Speaking of Wikipedia, many of the systems are hybrid which means that hosts known to be clean would be ignored by IP (which is much more efficient). If, however, even a single page were problematic then the entire site (and all others sharing its’ IPs) would be forced through a filtering proxy. This would affect some of the most popular sites on the Internet (such as Wikipedia and YouTube), not to mention other increasingly useful services like WikiLeaks (no doubt silencing such services is seen as a fringe benefit to our self-appointed censors). Need I remind you that similar filters in Britain caused severe problems for Wikipedia over a single CD cover only last year.

Another consideration that has not been covered anywhere near enough is the performance impact on cloud computing services. Web interfaces like Facebook, Twitter and Gmail are extremely sensitive to latency introduced by proxies and raw computing services like Amazon’s S3 are sensitive to bandwidth limitations. Then you have the problem of platforms like Google App Engine, Google Sites & Microsoft Web Office which are both difficult to identify (they have many IPs which are not disclosed and difficult if not impossible to enumerate) and which host content for a massive number of customers. If even one person shares a document deemed obnoxious to their sensibilities then the performance will be reduced to unacceptable levels for everyone until it is removed (and then some).

It is my contention that censorship is completely incompatible with cloud computing, and that this alone is reason enough to scuttle it. In the mean time Electronic Frontiers Australia (EFA) has just landed themselves a new life member and I encourage anyone who cares about their future and that of their children to join as well (my friends in the USA may want to take a look at the EFF and Europeans the FFII).

Thanks to Gizmodo Australia for the image above, used without permission but with thanks. No thanks to Gizmodo for breaking the link.

HOWTO: Fix OS X by uninstalling Adobe Flash

Adobe Flash just ruined my day for the last time… I’ve just arrived in Paris and needed to do some work before a meeting this afternoon. As it’s noisy here I didn’t hear the MacBook’s fans running at full speed trying to compensate for a single rogue Flash ad in a tab in Google Chrome. The result was that my full 4 hour battery was reduced to less than 40 minutes and I now have no chance of getting everything I wanted to do done. Instead I’m going to use the remaining 20 minutes to tell you how to rid yourself of Flash once and for all, and in doing so enjoy the following benefits:

  • Significantly improved security (Snow Leopard even shipped with a vulnerable Flash player!)
  • Significantly improved performance (Flash regularly consumes most of the resources of even the most powerful machines)
  • Significantly longer battery life (the CPU consumes a lot more energy when it is busy)
  • Significantly less noise (MacBooks crank up the fans to deal with the extra heat)
  • No more annoying and invasive advertisements (virtually all of the most annoying ads are Flash)
  • Less distractions (while sites like YouTube have legitimate uses, the overwhelming majority of time spent there is procrastination)
  • A better Internet (Adobe’s penetration figures are already complete bullshit but by voting NO to Flash you’re sending developers a strong message)
  • An open Internet (Adobe Flash is a proprietary plugin that hampers the adoption of open standards like HTML 5)
  • A level playing field with one less monopoly (Adobe was the first company to achieve near-ubiquitous penetration rate with a proprietary plug-in, and it will hopefully be the last. Late entrants like Silverlight don’t stand a chance because there is just no incentive.)

Without further ado (as I’m running out of juice):

PS: You might be surprised to find that (provided you’re using a recent browser like Safari 4, Chrome, Firefox 3.5, etc.) videos such as those at Apple.com (including the Get a Mac ads) as well as sites like DailyMotion’s OpenVideo will “just work”, natively, in the browser, without Flash. That’s the future right there…

PPS: For the fanbois on whom the message that I’m not interested is lost, feel free to flame away below. The demise of Flash is going to happen, probably sooner than you would like, so why endure another day?

Update: After 2 weeks without Flash I’ve had far fewer problems, can open many more tabs and have not had to restart my browser at all. Even YouTube has its own HTML5 video demo pages up now so it’s only a matter of time before Flash will be relegated to the wonderful world of Internet advertising. For those who are stuck with Flash for whatever reason I recommend ClickToFlash which at least prevents it from being loaded without user interaction.

An open letter to the NoSQL community

Following some discussion on Twitter today I posted this thread to the nosql-discussion group. You can see the outcome for yourself (essentially, and unsurprisingly I might add, “please feel free to take your software and call it whatever you want“).

While I don’t want to mess with their momentum (it’s a good cause, if branded with an unfortunate name) this isn’t the first time the issue’s been raised and I doubt it will be the last. I do however think that “no SQL” is completely missing the point and that the core concern is trading consistency for scalability. At the end of the day developers and users will deploy what is most appropriate for the task at hand.

There’a already been a question about alternatives to SQL, and knowing how Structured Query Language (SQL) came to be (consider the interfaces before it existed and compare that to what we have today) I figure it’s only a matter of time before history repeats itself and we end up creating something like Cloud Query Language (CQL) (a deliberate play on words). The closer this is to ANSI SQL the better it will be, both in terms of technology reuse and of the bags of bones that need to understand how it works… for the same reason the Open Cloud Computing Interface (OCCI) tries very hard to be as close as possible to HyperText Transfer Protocol (HTTP).

———- Forwarded message ———-
From: Sam Johnston
Date: Tue, Oct 27, 2009 at 3:33 PM
Subject: An open letter to the NoSQL community
To: NoSQL

Afternoon NoSQLers,

I write to you as a huge fan of next generation databases, but also as someone who doesn’t associate in any way with the “NoSQL” moniker. I don’t particularly care for SQL and appreciate the contrived contention it creates, but I think it misses the point somewhat and alienates people like myself who might otherwise have been drawn to the project.

I assume that by “NoSQL” we’re referring to the next generation of [generally cloud-based] databases such as Google’s BigTable, Amazon’s SimpleDB, Facebook’s Cassandra, etc., in which case the issue is more the underlying model (e.g. ACID vs BASE), where we are ultimately trading consistency for scalability.

To me this has nothing to do with the query language (which would still arguably be useful for many applications and which may as well be [something like] SQL, albeit adapted), nor the relational (as opposed to navigational) nature of the data (which is still the case today – it’s just represented as pointers rather than separate “relation” tables), and to focus on either attribute is missing the point. This is particularly true with today’s announcement of Amazon RDS.

Perhaps it’s too late already, but I’d like to think we can come up with a more representative name to which everyone can associate (and which isn’t so scary for fickle enterprise customers). There’s already been a couple of decent suggestions, including alt.db, db-ng, NRDB[MS], etc.

Sam
https://samj.net/

Twitter’s down for the count. What are we going to do about it?

What’s wrong with this picture?

  • There’s not a single provider for telephony (AT&T, T-Mobile, etc.)
  • There’s not a single provider for text messaging (AT&T, T-Mobile, etc.)
  • There’s not a single provider for instant messaging (GTalk, MSN, AIM, etc.)
  • There’s not a single provider for e-mail (GMail, Hotmail, Yahoo!, etc.)
  • There’s not a single provider for blogging (Blogger, WordPress, etc.)
  • There’s not a single provider for “mini” blogging (Tumblr, Posterous, etc.)
  • There IS a single provider for micro blogging (Twitter)
  • And it’s down for the count (everything from the main site to the API is inaccessible)
  • And it’s been down for an Internet eternity (the best part of an hour and counting)

What are we going to do about it?

How lobbyists are denying you a voice and destroying democracy

I came across an unsurprising but nonetheless disconcerting revelation today that is gives a very good example of what most of us knew all along: that “public comment” process are routinely subverted by commercial interests, generally at the public’s expense. It comes in the form of a smoking gun courtesy DSL Reports: Who Knew Senior Citizens Hated Net Neutrality?

There is currently an extremely important battle underway over securing Net Neutrality regulations and another where big media are actively attacking (by way of three-strikes policies like HADOPI in France) what is fast becoming a legal right: broadband access (thanks to Finland for getting the ball rolling: Fast Internet access becomes a legal right in Finland).

Us (US?) consumers recently had a big win with the FCC getting on board the Open Internet bandwagon but not afraid to flog a dead horse, industry lobbyists have rolled out an army of puppets parroting their position; that Net Neutrality is somehow opposed to broadband adoption (which could not be further from the truth). In this case it’s the Arkansas Retired Seniors Coalition, purporting to represent (surprise, surprise) retired seniors in Arkansas, ignoring the fact that your average senior quite probably doesn’t know what net neutrality is, let alone care about it!

They do care about Internet access though and as the slowest state in the south all it would take would be a seemingly suitable scapegoat and you’d have pitchforks in the streets. My guess is they don’t even know the position taken by their representatives which makes this letter sent on their behalf at least deceitful:

The problem which such astroturfing is that it makes public opinion both harder to reliably collect and easier to dismiss. Such shenanigans appear far more prevalent in the US than other countries I’ve lived in, but regulations there (e.g. DMCA) tend to flow on to the rest of us eventually so it’s in everyone’s interest to have their say.

There really should be something done about the issue, however most solutions are relatively difficult to enforce. Examples include requiring a statutory declaration component such that egregious abuses can be punished (and to make people think twice about misrepresenting others), or requiring the individuals represented to make an overt act such as signing a petition. Rejecting messages that are too similar, and therefore obviously templates, raises the bar somewhat but does not stop determined attackers.

The long term solution likely comes in the form of digital identity, whereby each individual can be reliably authenticated and the cost of involving them in decisions trends towards zero. As referendums are extremely expensive and inefficient (despite the availability of technology that could put them within reach for routine decision-making) we appoint representatives who we hope will accurately reflect our views on each of the topics. Obviously this is rare – for example your representative might share your views on fiscal policy but reject gay marriage in which case you have to choose what is more important to you.

An arguably better solution is where individuals can take part in all decisions they care about, which is called a direct democracy (or pure democracy), and the use of technology to achieve better representation is a separate but related concept known as e-democracy. We should be paying more attention to both as it’s like we only got half way there by establishing representative democracies in most of the western world.