Google announce Web History

Google have announced their new Web History service.

Today, we’re pleased to announce the launch of Web History, a new feature for Google Account users that makes it easy to view and search across the pages you’ve visited. If you remember seeing something online, you’ll be able to find it faster and from any computer with Web History. Web History lets you look back in time, revisit the sites you’ve browsed, and search over the full text of pages you’ve seen. It’s your slice of the web, at your fingertips.

The service allows you to look back over time, revisit the sites you’ve browsed, and search through the full text of pages you’ve seen. In order to work though it requires you to install Google Toolbar and have PageRank enabled.


Image:Lifehacker.com

I feel a bit divided on this service. I recognise that it can and will be useful to many people, but it does mean that we all as users have to accept that Google is tracking every site we visit (if we choose to enable this service). It does feel like an invasion of privacy – bit like the CCTV camera on every corner, you just accept it’s there – like Big Brother is watching … ok perhaps that’s a bit unfair :p

I guess to Google’s credit though Yahoo and MSN also track which sites we’ve visited and of the three only Google refused to hand over their user’s data to the US Government – whether that decision was based on moral/ethical grounds or purely based on an unwillingness to hand the data over without a fee is debatable – but nonetheless they have shown some kind of willingness to protect the privacy of their user’s data.

The reality though is that if you don’t want people tracking what you do online then the only solution is to disconnect yourself from the internet – in the past we’ve been happy(?) to accept that this was something our ISP’s did as the provisioner’s of our connection to the internet. Search engines have always tracked what we collectively are searching for, the tailoring of adverts is a reflection of the fact that they already use this information to provide directed contextual ads to us.

So why is this bothering me so much? It’s not as though it’s anything new. So why is it troubling me? I’m not sure if I can answer these questions right now. Do I trust Google? based on their history and track record to date the answer is probably – yes. They have always been forthcoming in admitting what they track and how they use that data.

I think trust is something that is very important to Google, as they move more and more into getting users and organisations to adopt their online services as opposed to desktop based services. Keeping users data safe, secure and private is the measuring stick by which many of us will judge them. Interestingly I think that’s the biggest problem facing any software as a service, it’s convincing users that they can trust you and your service with their data. Any failure will cause possibly irreparable damage to that relationship between you and your users.

Cracking weak passwords

A really interesting read over at One Mans entitled “How I’d crack your weak passwords“. The article outlines how he’d go about cracking weak passwords, which involves making some educated guesses which in 20% of cases actually succeed. If they don’t he resorts to brute force attacks.The attacks can vary in the amount of time they take to crack a password, with the time increasing depending on the strength of the password. Here’s a table that demonstrates this, and should illustrate why its a good idea to use strong passwords:

People are generally very bad at selecting strong passwords, the OneMan provides a some tips on how you can go about selecting a strong password. One tool that he recommends and that I have used in the past is Microsofts Password Strength Tester. Another tool is Google’s password checker, which is driven by a URL request that returns an integer in the range 1 – 4, where 4 means Strong and 1 means very weak, for example, the password “123456” returns 1 denoting its very weak:

https://www.google.com/accounts/RatePassword?Passwd=123456

It’s relatively simple to integrate Google’s solution into your own web applications, however I should point out that the company does not provide any official branding or user interface, and im not sure how long they will continue to provide it.

Islamabad Airport – Harassment, Bribery and Corruption

As you’ve read in my previous post I had a hell of a time getting flights into and back out of Pakistan thanks to the antics of their national airline. However I want to talk about what happened to me at Islamabad Airport as I was trying to leave the country.

I arrived at the airport just before 8am. On entering the airport I went through the first security check which was a single police officer standing at the main entrance checking your passport and ticket. No problems there. Once I got through there I had to proceed to a security check performed by the Pakistan Anti Narcotics Force. I was told to place my suitcase on a table.

The ANF Officer asked me where I had travelled from, but didn’t wait for the answer he proceeded to take a knife and start stabbing my suitcase. Which at this point was still locked. I’ve been to many airports around the world and this was the first time I’d ever had anyone stabbing my suitcase, I’m not entirely sure what this was meant to prove or check for. Before I had a chance to protest though his knifed broke in half as the idiot tried to stab the front plate of my suitcase which is metal. He then told me to open the suitcase up and proceeded to rifle through all my belongings throwing things onto the floor as he did so.

My suitcase contained a load of clothes, several cricket balls which I had purchased in Kashmir as gifts for some of the kids at Local Leagues, several books and a couple of small souvenirs which were packed in a small plastic bag which also contained one of my watches. When he discovered the cricket balls he proceeded to start sniffing each of them. I wasn’t aware human beings were actually able to smell narcotics in this manner, security forces normally use sniffer dogs. Anyway he kept tossing my belongings on the floor and the table until he was satisfied at which point I had to hurriedly pack everything back into my suitcase, I took care to make sure that all the items that were on the floor/table ended up back in my suitcase. It was only when I returned to the UK and opened up my suitcase that I realised the bastard had taken the small bag containing the watch and the souvenirs I’m positive he stole it because I packed away all the items that I could see he had tossed onto the floor/table.

Anyway after he had finished with me I proceeded to the next security check. This simply involved me placing my luggage through the x-ray machine and walking through a metal detector and being frisked by a police office. No problem there. After this I proceeded to get my luggage checked in and get my boarding pass. No real problems there.

I then had to proceed to Immigration. Where there were a load of Police Officers with the letters FIA ( Federal Investigation Agency ) emblazoned on their Uniforms. When I reached the immigration desk the officer asked me for my passport and boarding pass which I duly handed over. He then asked me where I had been staying during my visit. He then stared at me and asked me if I was the individual in the picture in my passport, and I said yes! He asked me for my date of birth. Which I provided. He then told me he thought my passport was fake because it wasn’t scanning. However he hadn’t yet tried to scan it! So I just looked at him. He then asked me a question “kuch aur deso?” which in my mind I translated as “do you have any other identification you want to show me?” to which I said no that’s my passport, and it should be fine since I’ve travelled all over the world on it. He kept repeating the question, and I kept replying as I had done.

Eventually after keeping me standing there for almost 40 minutes some of the other passengers in the queue behind me got rather rowdy. Someone shouted out “just give the bastard some money, that’s what he’s asking you for!” others in the queue started hurling abuse at the officer as well as the police in general. The ruckus caused a number of other FIA officers to walk over to see what was going on. They asked their colleague what the problem was and he told them my passport was fake and wasn’t scanning. To which I responded he hasn’t tried to scan it yet. Another officer, wondered over and took the passport from his colleague and scanned it through the machine first time, handed it to me, and told me to proceed. As I walked past the officer who had held me there the best part of an hour I told him in no uncertain terms what I thought of him, which I wont repeat here.

Once I got through immigration I had to go through another frisking, and then another metal detector and being frisked once more. Once I got through all that I was able to proceed to the waiting lounge. At this point I felt really drained and quite angry. But I figured I’m through the worst of it, and looked back at the queue of people having to go through all the same security checks and actually felt sorry for them.

My visit to Kashmir left me with a very low opinion of Pakistani Police Officers – they’re all corrupt. It seems it’s impossible to travel anywhere without having to go through impromptu checkpoints set up by small groups of Pakistani police officers who aren’t checking anything just asking drivers to hand over money. They seem to target vehicles that have Kashmiri license plates (which being with letters AJK), in fact I can’t recall making a trip where our driver didn’t have to pay some police officer a bribe to let us travel around our own country which is quite depressing.

There have been wars fought by India and Pakistan over possession of Kashmir and as it stands the country is divided in two. The Indian controlled half of Kashmir is often referred to as “Indian Occupied” Kashmir, whereas the Pakistani side of Kashmir is referred to as “Azaad Kashmir” which means “Free Kashmir”, but the sad truth is that Kashmir is not a free state – not in any true sense of the word. It’s occupied by two nations, Indian and Pakistan, and both nations have committed atrocities against our people, and continue to do so. Growing up I used to fill in application forms that asked for ethnicity as “Pakistani” since it was always one of the check boxes and we were always taught that Kashmiri’s were Pakistani’s. If I learnt anything about myself on this trip its that I am of Kashmiri decent, and I’m definitely not Pakistani – its taken 29 years for me to learn the difference and that hurts.
Anyway I’m digressing, back to the airport.

I was sitting in the departure lounge waiting for the air plane to arrive. As usual it was delayed which meant sitting there for 4 hours! Whilst I was sitting there a gentleman in suit came and sat down next to me. I didn’t think anything of it until several armed police officers walked over to where I was sitting. My first reaction was “shit am I in trouble for calling that FIA guy a C…”, but it wasn’t me they were interested in. The officers walked straight up to the gentleman sitting next to me and proceeded to apologise to him for not meeting him at the entrance of the airport.

I listened to the conversation rather intently, I figured this guy must be someone really important. What I overheard, and then confirmed by talking to the gentleman at great length (i had four hours to kill) actually terrified me to the point where I wasn’t actually sure I wanted to get onto the plane. Here’s why…

The police officers had been sent by their senior officer to escort his friend “the gentleman” through airport security to the waiting lounge, and to ensure he wasn’t harassed by anyone. During the course of our conversation this gentleman went to great detail to explain what “not being harassed” meant.

When he normally travelled from Islamabad it meant he’s met out front by several officers. They take his passport and his ticket. One of the officers escorts the gentleman pass all the security checks to the waiting lounge. The others take all his luggage directly through the luggage check-in without it ever being opened or x-rayed. It’s checked in. They then take his passport and ticket and have it stamped at immigration and then take his documents up to him in the waiting lounge – he doesn’t normally go through immigration himself.

He went to great length boasting at how he doesn’t have a weight limit regardless of who he fly’s with, how on his last trip he was able to take close to 100 KG of luggage with him. I told him that must have been expensive, and he laughed and said “they don’t charge me anything … the police just load it onto the plane”. He was holding his boarding pass in his hand and I clearly see it was marked “Economy” just like mine. This meant was only entitled to 30 KG.

Why did this frighten me so much? Since 9/11 Airports around the world have been implementing more and more rigorous and some feel more draconian security measures to ensure that bombs and weapons cant be smuggled onto aircraft. As passengers we sometimes feel harassed by this or frustrated but we all like to think that hey everyone has to go through the same process and in the end it’s for our own safety – so we accept it.

At Islamabad airport though if your friends with a senior police officer none of the security checks or rules need apply to you. Your luggage isn’t even put through an x-ray machine. That scares me. It scares me a lot.

Many airlines British Airways, Emirates, US, Singapore etc. fly to and from airports in Pakistan. The pilots and cabin crew don’t work on check-in desks they rely on the local authorities to have conducted all the necessary security and safety checks to ensure no one gets a weapon or a bomb onto a plane, either in hand luggage or in the cargo hold. But if those security checks are routinely circumvented by certain people, either because its so easy to bribe officials, or because officials are happy to do favours for friends – then that puts us all in danger.

I believe that any airline that has assets travelling to and from airports in Pakistan needs to demand that something is done about this. I can tell you this – if a plane ever blows up or is hijacked after leaving an airport in Pakistan you don’t need to waste millions on exhaustive investigations to figure out how the “terrorists” got weapons or a bomb onto the plane; corruption amongst security personal at airports in Pakistan is culturally ingrained, I fear it isn’t a question of “if” it will happen. It’s a question of “when”. Unless the international community and airlines around the world do something about it. Ironically the FIA was created to combat this type of corruption and that’s the authority that handles such complaints or issues – yet I’ve seen with my own eyes how corrupt FIA officials are.

As for the important gentleman in the blue suit? I told him I thought he must be someone really important to get that kind of treatment. Turns out he’s unemployed living off benefits – he’s not a dignatory, not an official – just a nobody who happens to be the relative of a good friend of the head of police at the airport.

P2P has no effect on legal music sales

Rob recently talked about Steve Jobs views on how the music industry’s insistence on DRM simply doesnt work, which I agree with. Along similar lines I was very interested to read about a new study published in the Journal of Political Economy. I think the study refers to this paper, or perhaps a more recent version of it entitled The effect of file sharing on Record Sales, an Empirical analysis. that asserts that illegal music downloads have no noticeable effect on the sale of music – which is completely contrary to the claims made by the record industry.

The brain scan that read people’s intentions

Came across this article on the Guardian online.

A team of world-leading neuroscientists has developed a powerful technique that allows them to look deep inside a person’s brain and read their intentions before they act

When I read the headline the first thought that sprung to mind was 1984 closely followed by Minority Report. It reveals how far neuroscience is progressing but an urgent debate is needed on the ethical issues surrounding such technologies.

The idea of being able to control a computer with your mind, or a wheelchair on the face of it sounds quite appealing and advocates of this technology argue that it could have many such benefits.

Detractors maintain that such technology could be used to create an Orwellian style society. This kind of technology has the potential to change society, and we need to understand and encourage debate around its ethical use:

“Do we want to become a ‘Minority Report’ society where we’re preventing crimes that might not happen? For some of these techniques, it’s just a matter of time. It is just another new technology that society has to come to terms with and use for the good, but we should discuss and debate it now because what we don’t want is for it to leak into use in court willy nilly without people having thought about the consequences” Barbara Sahakian,Professor Neuro-Psychology at Cambridge

“These techniques are emerging and we need an ethical debate about the implications, so that one day we’re not surprised and overwhelmed and caught on the wrong foot by what they can do. These things are going to come to us in the next few years and we should really be prepared,” Professor John Dylan-Haynes

John Reid: Raising stupidity to an art form …

I was alarmed to read that after three men were jailed for this plot to assault two young sisters, the home office announced it’s plan to get paedophiles to register their web names. Just how out of touch with reality is the home office under John Reid? Not only this totally impractical its smacks of yet another misguided knee-jerk reaction designed more to garner headlines than do anything to protect anyone.

According to a home office spokesman this idea would mean that sex offenders would have to register their online identity with the police, the notion that “online identities would be treated in exactly the same was their real name” is ridiculous given that it takes about five seconds to register a new email address, and even ip addresses can be faked – i cant see how this could be enforced and it seems to me to be a monumental waste of money.

After reading Bruce Schneier’s piece on the Psychology of Security I can’t help but feel this is a move to make people feel more secure when the reality is that they are far from it.

The wider issue of everyone having a single Internet Identity that uniquely identifies them (like a National Insurance number), is interesting. I need to give it a bit more thought before I comment on it.

Prosecution based on thought crimes

Found this by Amy Waldman on Bruce Schneier’s latest blog posting. The article center’s around how the Unites States is now prosecuting suspected Islamic terrorists on the basis of intentions and not just their actions. It makes for a fascinating read, because it reveals how the prosecution builds its cases on different interpretations of Islam, Islamic scripture and Islamic belief – in effect, as Bruce rightly points out, they are placing the religion on trial. What’s worse, prosecuting people based on a belief or an interpretation of a belief, or because they have expressed a belief then they are a threat ( a throught-crime ) sets a dangerous precedent – one that the current administration has sidestepped:

The Bush administration did not seek legislation to authorize its new pre-emptive approach, instead relying on existing, if previously little used, laws. Key among these were two statutes—passed in 1994 and 1996 respectively—barring “material support” of terrorism, which can mean anything from personnel to funds. The laws, which were expanded under post-9/11 legislation, allow the government to bring terrorism- related charges even when no terrorism has occurred.

The article does raise some excellent points around the whole issue of the rhetoric found in Islamic Extremism:

The rhetoric of Islamic extremism may present the toughest challenge for that standard since its establishment. The question lapping at the trials’ edges—and sometimes at their core—is how the law should deal with language that does not incite but, through a long slow process, indoctrinates. On the continuum between word and deed, belief and action, where do we draw the legal lines?

I’ll concede that this is an incredibly divisive topic and I can understand why its so difficult for the judiciary to deal with this. Equally though it alarms me that a Muslim who, perhaps professes sympathy to the plight of the Palestinians in Gaza, might under this interpretation of the law find him/herself branded a terrorist.

The interpretation of Islamic texts is fraught with difficulties and extremists have been very good at using this to their advantage but that isn’t something that is at all unique to Islam. At the moment though it’s only Islam that seems to be linked so inextricably with terrorism. As Amy points out:

The question of how to interpret a text may be as old as writing, and it applies equally to determining where the power of religious speech inheres. In authorial intent? A reader’s interpretation? Historical or modern context? Over the centuries, and even today, the Bible and Christian theology have helped justify the Crusades, slavery, violence against gays, and the murder of doctors who perform abortions. The words themselves are latent, inert, harmless—until they aren’t.

What worries me the most though are the comments made one of the Jurors at a trial that Amy describes in her article:

We’re not being asked, “Did the defendant commit the crime?”—whether it’s larceny, murder, whatever. Now you’re being asked, “Is the defendant capable of doing a crime?” And I don’t think that that is in the … level of understanding of the juror.

SAS troops are stationed in london

I was alarmed to learn that an SAS unit is now stationed in London1 in the hopes that with their military training the SAS can help combat the threat of terrorists, perhaps better than specially equipped Police units.

It’s no secret that the Met completely got it wrong with reference to the tragic shooting of Jean Charles de Menezes2. They killed the wrong man and then attempted to cover it up with series of lies. However as badly as the situation was handled and as disturbing as the subsequent cover up was, I’m not at all convinced that turning to a military unit is the right answer. Military units are trained for combat not law enforcement, so I find myself questioning whether, in the case of the Menezes shooting, they would have been more or less restrained.

Interestingly, as far as I know here in the UK we do not have the equivalent of the Posse Comitatus Act3, which in the United States is a law that forbids the military from acting in a law enforcement capacity within the US (unless expressly authorised by Congress). It’s debatable as to whether we need it, however in the US it serves as a deterrent to prevent the deployment of military troops at the local level to deal with what should be purely a law enforcement matter – it should be noted that since 9/11 this law has been somewhat eroded4.

  1. The Times – SAS Unit moves to London in terror fight, http://www.timesonline.co.uk/article/0,,2-2559186,00.html[back]
  2. Jean Charles de Menezes, http://en.wikipedia.org/wiki/Jean_Charles_De_Menezes [back]
  3. Posse Comitatus Act, http://en.wikipedia.org/wiki/Posse_Comitatus_Act[back]
  4. The Myth of Posse Comitatus, Major Craig Trebilcock – http://www.homelandsecurity.org/journal/articles/Trebilcock.htm[back]