Truly, it's my intention to bring you TBTF more often than once in each calendar month. I've continued posting regularly to the TBTF Log. The collected Log items are mailed weekly to subscribers on a new list, tbtf-log@tbtf.com (send the message "subscribe" to tbtf-log-request@tbtf.com; lose the quotes). I'll work on getting TBTF out henceforth at least every other week.

Again let's note a couple of the recent developments you would have read about in a hypothetical timely TBTF.

Domain name policy See also TBTF for 2000-04-19, 03-31, 1999-12-16, 10-05, 08-30, 08-16, 07-26, 07-19, 07-08, 06-14, 05-22, more...

ICANN in Cairo

Harvard hosts a complete summary [2] of the naming group's recent quarterly meeting. with video and audio from many of the sessions. ICANN had planned to hold arms-length elections for its nine remaining board members, but reversed field [3] under near-unanimous pressure from attendees. ICANN conceded to direct elections for the first five board slots, after which they will examine how the process has gone before filling the remaining four. The election date was put back by a month to November 1. The Center for Democracy and Technology and Common Cause applauded [4] the decision; the groups had submitted a report [5] critical of ICANN's election plan.

[2] http://cyber.law.harvard.edu/icann/cairo/
[3] http://www.washingtonpost.com/wp-srv/business/feed/a54151-2000mar10.htm
[4] http://cbs.marketwatch.com/archive/20000311/news/current/web.htx
[5] http://www.cdt.org/dns/icann/study/

Software patents See also TBTF for 2000-03-31, 1999-08-30, 06-14, 02-15, 01-26, 01-13, 1998-12-15, 08-31, 05-18, 05-11, 04-27, more...

Amazon.com poisons the well

Since 1995 TBTF has been tracking the stormclouds gathering over the issue of patenting software and business methods [6]. Now the storm has broken. The precipitating event was the issuance [7] to Amazon of its second big "method of doing business" patent [8]. (Patent geeks have been overheard slinging the jargon bizmeth.) The patent was for the idea of affiliate programs. Read these TBTF Log items [9], [10], [11] for the play-by-play.

The Amazon news pushed me over the edge, along with a good number of other former Amazon customers [12]. I've removed all the Amazon Associate links from the TBTF site and joined the affiliates' program for Powell's Books [13]. I've also signed up as a public supporter of the Amazon.com boycott at NoWebPatents.org [14]. (Note that Richard Stallman was the first to call publicly [15] for a boycott of Amazon.com. I didn't cover his campaign last fall, but I'm on board now.)

Here's an action Amazon could take to get my business back. One of Jeff Bezos's proposals for reforming the patent system was to expire software and bizmeth patents in 3 or 4 years, instead of the 17 years that was appropriate when oxen plowed our fields. What if Bezos announced that Amazon would sign over each of its patents to the public domain on the fourth anniversary of its granting?

Perhaps goaded by the flood of media attention following the Amazon affiliate patent, the Patent and Trademark Office this week announced [16] tougher review requirements for software and bizmeth patents.

[6] http://tbtf.com/threads.html#Tspx
[7] http://news.cnet.com/news/0-1007-200-1558650.html
[8] http://www.patents.ibm.com/details?pn=US06029141__
[9] http://tbtf.com/blog/2000-02-27.html#1
[10] http://tbtf.com/blog/2000-03-05.html#3
[11] http://tbtf.com/blog/2000-03-12.html#7
[12] http://www.noamazon.com/
[13] http://www.powells.com/
[14] http://www.nowebpatents.com/
[15] http://www.gnu.org/philosophy/amazon.html
[16] http://www.thestandard.com/article/display/0,1151,13500,00.html

The tale of "cphack" is long, but it is very, very ugly

On March 11 two young programmers, Matthew Skala (a Canadian) and Eddy Jansson (a Swede), released on the Net a package [17] of programs and a technical paper titled "The Breaking of Cyber Patrol 4." The package came to be called cphack. The paper described how the programmers had reversed the protections surrounding Cyber Patrol, a Web content filtering program widely deployed in schools and libraries. Using the software in this package, anyone with a copy of Cyber Patrol could generate its entire list of 100,000+ blocked sites.

Skala and Jansson's act set in motion a tornado of legal action involving Cyber Patrol's maker Microsystems Software, its parent company Mattel, the ACLU, Peacefire, Wired reporter Declan McCullagh, and countless others. Two and a half weeks later the affair abruptly ended, leaving weighty legal questions swirling unresolved in its wake.

This history [18] graphically summarizes the main events in the cphack story and supplies some more narrative detail and links.

In the end Skala and Jansson settled with Mattel and turned over all rights to their Cyber Patrol work. The cphack package has been mirrored around the Web. The mirror sites still mirror; no court order stands against them. Microsystems Software has updated Cyber Patrol and the new version is unaffected by cphack. Because of the settlement, none of the sticky issues this case raised was adjudicated -- neither the jurisdictional reach of US courts, nor the first-amendment rights of mirror sites, nor the validity of emailing unauthenticated and insecure subpoenas, nor the enforceability of the GNU Public License.

For the comfort of a human voice in all this legal wasteland, read the journal of Waldo Jaquith [19], a Peacefire activist who was caught up in the madness.

[17] http://pub.anonymizer.com/~johndoe2/cyberpatrol/CP.html
[18] http://tbtf.com/resource/cphack-history.html
[19] http://cp.waldo.net/

Well, duh

Over the last few years, watching the worlds of commerce and law run up against the Internet, I've been reminded of what happens when continental drift brings land masses together. Eventually one will ride up over the other, and the lower will dive deep into the magma. In the meantime you get mountain ranges and earthquakes.

I've seen people who grew up with the Web, on first becoming acquainted with the lawsuits over "deep linking" [20], [21], stare in amazement. A Web site trying to forbid another from linking to it? Hel-lo. This is the Web. Linking is what we do.

Once upon a time, alleged Ticketmaster Online-CitySearch, another outfit called Tickets.com used to hijack Ticketmaster's Web pages where tickets could be ordered online. Tickets did this by means of framing the interior Ticketmaster pages with Tickets' logos and look-and-feel, thus confusing the user as to who was in fact selling the tickets.

All clear? Ticketmaster sued, and the deep linking (and framing) case wended its way through the courts. Tickets long ago stopped framing Ticketmaster's pages. Now it simply links them; from the Tickets site the user is transported, by the magic of HTTP, deep into the Ticketmaster site to buy the tickets of interest. The page offering the tickets for sale sports the look-and-feel of Ticketmaster. That's because it is a Ticketmaster page.

Ticketmaster objected even to this blameless form of linking. It put up a fine-print "terms and conditions" statement on its top pages: by using this site you agree not to link into it. A clickwrap licence without the click.

This week a federal judge proclaimed [22] that it's OK for one company to link to another company's pages, even deep within the site. Well, duh. The ruling [23] calls out the clickless clickwrap license as unenforceable.

[20] http://www.tbtf.com/archive/1998-12-15.html#s05
[21] http://www.tbtf.com/archive/1999-01-04.html#s07
[22] http://news.cnet.com/category/0-1005-200-1597146.html
[23] http://www.gigalaw.com/library/ticketmaster-tickets-2000-03-27.html
[23a] http://www.digitalmass.com/columns/internet/0412.html

It's not a thorny issue, it's a Constitutional right

Inspired by Robyn Blumner's wake-up call in the St. Petersburg Times [24], I wrote a column for DigitalMASS called "Life, liberty, and Net anonymity" [25]. The lede:

If anonymity is under fire in the US, in France its position has been overrun. The French government intends to get tough on illegal Web sites and cybercriminals by requiring anyone posting content on the Net to provide identification details to his/her ISP [26].

[Note added 2000-04-01] Andrew Odlyzko <amo at research dot att dot com> writes to note that the French animus to anonymity is not new. The following quotes come from his paper "The history of communications and its implications for the Internet" [26a] (PDF, 631 KB), p. 46. "Initially the electric telegraph in France was limited to government use. This was finally changed in 1850, but with the restriction that official messages would have priority over commercial ones." Further, anonymity was forbidden:

-- p. 46 of P. Flichy, "Dynamics of Modern Communication: The Shaping and Impact of New Communication Technologies," Sage Publication, 1995. Original French version published in 1991.

Like distributed.net, only it pays you

Lots of worthwhile projects will happily soak up your computer's unused processing cycles: SETI @ home [27], The Great Internet Mersenne Prime Search [28], various distributed crypto-cracking projects [29], [30]. Process Tree Network is the first to offer to pay you for idle CPU time. Their site is open for signup [31] but is not running paying jobs yet; beta is slated for early May. At this writing they've assembled about 13,000 people and 23,000 computers [32]. (The champion, SETI @ Home, has enrolled 1.75 million.) Process Tree intends to broker the power of this network, selling time to those in need of quick turnaround on massive jobs in applications such as weather forecasting, rendering, and crypto research.

The site currently contains no details of the people behind Process Tree. I hunted down the founder, Jim Albea, and talked to him at his home near Huntsville, Alabama. The company now consists of a loose band of founders all working midnight hours on Process Tree. They are just now incorporating and bringing in funding. The site has been up since mid-January.

Process Tree's privacy policy [33] is the only one I have seen that offers both of the extreme privacy-friendly clauses that I proposed last December [34], the Poison Pill and the Divorce. The Poison Pill binds any acquiring entity to the same privacy terms, and the Divorce guarantees that if you resign as a processing "partner" the company will destroy all data about you in its possession. Process Tree wasn't aware of the TBTF site and came up with these user-friendly policies on its own.

One feature of Process Tree is likely to arouse controversy: the use of multilevel marketing to spur rapid growth of the tree. Now, while multilevel marketing is legal, and pyramid (Ponzi) schemes are illegal, many people don't know the difference. In a Ponzi scheme no actual product or service is ever delivered; the only money flowing in the network comes from signing up new members. And it's indisputable that many companies employing legal MLM to sell (for example) home cleaning or herbal products constantly probe the outer limits of law, regulation, honesty, and good taste [35], [36]. So Process Tree will have to work hard to avoid the whiff of sleaziness that clings to MLM. In my opinion their use of the technique is straightforward and nondeceptive. There are no signup bonuses; money only flows after delivery of tangible value (CPU cycles). Process Tree is not misrepresenting what partners can expect.

MLM proponents on the Net have developed a reputation for spamming. Process Tree will have none of it [33]. One spam, by email or Usenet, and you're out of the tree. Jim Albea wrote to me:

Assuming Process Tree succeeds in selling cycles to customers, I'll get a tiny fraction of the income of anyone who signs up from my referral [31]. The partner under whose referral I signed up gets a tinier fraction. These percentages haven't been set yet. They will be determined by market forces -- i.e., by Process Tree's desire to hang onto its computing partners in what will quickly become a competitive market.

The payment options suggested on the site are various and flexible: credits with an online retailer, credits with your ISP, E-Gold electronic cash [37], or a check. Other payment options are possible, and may be needed especially for non-US partners. For example the company could easily add PayPal/X payments [38] to leverage the credit-card networks.

You're looking at the very beginning of what could become a large market very fast. Go, sign up [31], tell your friends. Don't spam.

Thanks to Greg Weiss for alerting me to the Process Tree Network. He also gets credit for the title of this piece. "Monetarized distributed computing." And since Weiss works in a technology analyst firm, he may get to name this not-yet-even-nascent market, once it explodes into being. Perhaps he already has.

[27] http://tbtf.com/archive/1999-07-08.html#s07
[28] http://tbtf.com/archive/1999-07-19.html#s09
[29] http://tbtf.com/archive/1999-01-26.html#s05
[30] http://tbtf.com/resource/certicom6.html
[31] http://www.processtree.com/?sponsor=11597
[32] http://www.processtree.com/stats.php3?sponsor=11597
[33] http://www.processtree.com/policy.php3?sponsor=11597
[34] http://www.tbtf.com/archive/1999-12-16.html#s02
[35] http://www.mlmsurvivor.com/
[36] http://www.google.com/search?q=multilevel+marketing+vs.+Ponzi+scheme&sa=Search
[37] http://www.e-gold.com/
[38] http://www.paypal.com/

At Home in the Universe
  The search for the Laws of Self-Organization and Complexity
by Stuart Kauffman
Oxford University Press, 321 pages, illustrated, with index
  (trade paperback, $17.95 at [39])

Reviewed by Ted Anderson <ota at transarc dot com>

This is an engrossing book. It ambitiously summarizes the observations and conclusions of Kauffman's three decades of research into complex systems of all kinds. The result is a synthesis which weaves a wealth of specifics into a coherent collection of theories providing deep insight into complex systems. Unlike Kevin Kelly's "Out of Control" [40], which is an excellent synthesis of this topic from a journalistic perspective, this book has real substance and breaks new ground while remaining lucid and accessible.

Kauffman's successful strategy for communicating his insights is to judiciously design simple models and relate them to real systems. By extracting scaling behavior and other general properties from the models, some cautious conclusions can be drawn about the real systems. For example, using a model of chemical substrates, products and catalysts, he explains many aspects of auto-catalytic sets and why they may share interesting properties with cellular metabolism. Modeling gene regulation as a random boolean network shows how size and interconnectedness influence their behavior. This allows a quantitative analysis of genetic regulatory networks in surprisingly good agreement with what is known about real systems, such as the relationship between the number of cell types an organism has and the size of its genome. The basic result is that large, open, non-equilibrium systems, poised between chaos and rigidity, exhibit startlingly complex patterns. This self-organization, or emergent order, is a crucial, inevitable aspect of life at all levels.

With a toolkit of candidate laws of complexity, Kauffman examines the spectrum of life's systems. Starting with the origins of life, cell metabolism, and the development and differentiation of maturing organisms, he moves on to considering biological and technical evolution, ecosystems, the biosphere and even human institutions such as the economy and political systems. For example, he is forced to the heretical conclusion that the central dogma of post-Darwinian view of evolution, that natural selection is the only source of order, is false. It is clear that many complex systems are not amenable to evolution, for example, computer programs. What properties of real systems allow evolution to work so well? The answer must be that the self-organization apparent in these simplified models also exists in real systems. Further there is good evidence to suggest that the factors that influence evolvability itself are also favored by natural selection.

Kauffman explains some tentative and preliminary thoughts on post-biological systems like economics and politics. Is it possible that we may be able to understand the mechanism of Adam Smith's "invisible hand" given an idea of which properties of a complex system contribute to its ability to evolve and adapt? He even suggests, with proper humility, that a democratic system of government, composed of a patchwork of distinct jurisdictions, may be the best mechanism available to find good compromises between the conflicting requirements of a large and diverse society. The lessons learned from life's other systems suggest the size of the jurisdictions, and the number and character of their interconnections, will have an important impact on the ability of the whole system to find good solutions to its problems as well as to adapt to changing conditions.

Reading this book is an exciting adventure in finding deep connections between life's many complex systems; chock full of insights and suggestive relationships. But it is just a snapshot of our woefully inadequate knowledge of how these complex systems really work. Ultimately, Kauffman poses more questions than he answers about how these ideas can be applied to complex systems, living and non-living, that we are struggling to understand.

There are online lecture notes [41] for a course Kauffman gave in 1996. They tersely cover much of the material in the book, then extend the ideas to consider a possible fourth law of thermodynamics. He also finds considerable resonance with Lee Smolin's ideas [42] about evolvable universes and why the one we live in is so infused with complexity at all scales.

[39] http://www.powells.com/cgi-bin/biblio?inkey=1-0195111303-0
[40] http://staff.hotwired.com//kevin/oocontrolpress.html
[41] http://www.santafe.edu/sfi/People/kauffman/Investigations.html
[42] http://www.phys.psu.edu/SMOLIN/book

Don't let the spampoenas give you laganoia

Jargon Scout is an irregular TBTF feature that aims to give you advance warning -- preferably before Wired Magazine picks it up -- of jargon that is just about ready to hatch into the Net's language. Here are brief definitions for four recently harvested terms. Visit the Jargon Scout at home [43] for fuller treatments.

spampoena

A spampoena is an overbroad subpoena of dubious validity "served" by email to unnamed recipients throughout cyberspace. The first spampoena was deployed last January in the DeCSS / MPAA case [44]; the second was recently spammed in the matter of cphack / Cyber Patrol [45].

packet karma

TBTF Irregular Strata Rose Chalup <strata at virtual dot net> coined packet karma because she can't shake the nagging suspicion that the collective weight of the ill-will of Net users might, just might, affect the rate of packet loss at internetwork routers. It's the reason she won't use the Web payment forms at Network Solutions.

laganoia

Tom Whore <tomwhore at inetarena dot com> proposes the term laganoia for the fear, engendered by network lag, of being ignored, shunned, or left behind. The condition can be triggered by delayed email replies, long silences in IRC conversations, dead spots in internet telephony interactions, or even (for those not living on Internet time) out-of-order Usenet posts.

component service provider (also CSP)

Jim Flanagan <jimfl at tensegrity dot net> invented this term in a post on the Half Bakery [46]. While an application service provider supplies an entire app over the Web, a component service provider offers a service, through a defined interface, to applications running on the Web.

[43] http://tbtf.com/jargon-scout.html
[44] http://www.opendvd.org/summons.html
[45] http://tbtf.com/resource/cphack-history.html
[46] http://www.halfbakery.com/idea/Component_20Service_20Provider

A twisty maze of different little items

Edinburgh Financial Cryptography Engineering conference

The Financial Cryptography conference, FC00 [47], convened last month on Anguilla for its fourth year. Now that the academic and refereed conference is well established, some of the players in this game are starting up a more down-and-dirty confab. The title conference [48], cunningly and punningly abbreviated efce2k, runs June 23-24 in Edinburgh. (Note: The email edition incorrectly gave the dates as June 22-23.) Here are the signed-up participants so far [49], and here's who the organizers would like to go to Scotland at the equinox to present their work:

[47] http://fc00.ai/
[48] http://www.efce.net/
[49] http://www.efce.net/programme.html

Cryptome daily news

John Young cares for and feeds Cryptome [50], one of the deepest reservoirs of information on cryptography policy and politics anywhere on the Web. Now you can subscribe to an almost-daily email update of what's new on the site. It's required reading, and there will be a test. To subscribe send an empty message to list@cryptome.org.

[50] http://www.cryptome.org/

Mailexpire

This simple and elegant service [51] gives you a free email alias to use for 12 hours, a day, a week, or a month. Any mail sent to your Mailexpire address gets forwarded to your everyday address until the expiration time has elapsed, and then the account goes dead. Concerned about spam? Get a new one-week Mailexpire address before signing up for a suspect online service -- it takes about 10 seconds. Then you'll see exactly who the service sells your address to; and after a week your new sources of spam will fall blissfully silent.

Mailexpire is a free service of Combustion Productions [52], an Irish Web design and hosting firm. Thanks to TBTF Irregular [53] Karl Hakkarainen for the pointer.

[51] http://www.mailexpire.com/
[52] http://www.combustion.ie/
[53] http://tbtf.com/the-irregulars.html

Accompany becomes MobShop

Accompany recently announced [54] that a patent it had filed was about to issue. This patent would give the company a lock on the idea of buying in a group to negotiate lower prices. Positioning itself to ride the wave of its impending 17-year, government-granted monopoly on an idea that is as old as markets, Accompany last week changed its name to MobShop [55]. What were they thinking? Have they landed a commission from Tony Soprano?

[54] http://news.cnet.com/news/0-1007-200-1580419.html
[55] http://news.cnet.com/news/0-1007-200-1591013.html

Here are the spaces I've set up at Take It Offline [56], [57] for those who wish to comment on and discuss this issue's articles. I'll be monitoring and actively posting to these forums.

• Monetarized distributed computing:
  http://www.quicktopic.com/3/H/saS3mUkckmZEPSAyQp.html

• Other comments on this issue of TBTF:
  http://www.quicktopic.com/3/H/muNJP9EdDUJZeXoqH4.html

[56] http://www.quicktopic.com/
[57] http://tbtf.com/archive/1999-10-05.html#06

I'm now writing the weekly Internet column for DigitalMASS, the techie destination site of Boston.com. The columns appear on Wednesday mornings Eastern time; they are collected here [58].

[58] http://www.digitalmass.com/columns/internet/

This is now old news, but TBTF has been named to Forbes Magazine's Best of the Web. You'll probably be hard-pressed to find the Best of the Web issue on newsstands now. The review is here [59]. Quoth:

In the obligatory "best and worst" section, Forbes declares that the site's worst feature is its design. "It has none," they say. (Go on, tell me what you really think.)

Forbes set up a reader reviews section at deja.com (vote here [60]; results [61]). Since this note appeared in the TBTF Log, fifty-nine of you have ranked and commented on TBTF, and the repudiation of the "no design" comment is complete -- an overall reader rating of 4.4 out of 5 on that criterion, and 4.2 overall. Of the 20 other listed sites in the Technology News category, only eight have garnered a few reader rankings; the rest have none. Thanks, all.

[59] http://www.forbesbest.com/asp/tearsheet.asp?section=Investing&reviewNO=1069&category=Technology+News&ToUse=Investing
[60] http://www.deja.com/=forbes/rate/item.xp?CID=13279&PDID=48471
[61] http://www.deja.com/=forbes/rate/list_items.xp?CID=13279

An April Fool's Day suggestion came from Prasenjeet Dutta <pd at cse dot vec dot ac dot in>. He said I should produce a TBTF Sneak Preview: the shape of things to come. The new-look top page would feature:

• A new fluorescent color scheme.
• An animated pucker.
• Cookies -- lots of 'em! (Or at least cookies required messages.)
• The classic rifle-shot links now look like [62].
• Mandatory animated-GIF banner advertising from, if no one else, the Technology Front [63].
• The entire page one huge <TABLE>, like Slashdot.
• An interactive Java applet or two.
• No ALT tags.

Somehow I doubt whether the new-look TBTF would be considered for the 2001 Forbes Best of the Web.

Don't hold your breath for the sneak preview, by the way. On Saturday April 1, at 2:00 Eastern time more or less, I'll be addressing a large roomful of good people at the first annual Geek Pride Festival [64] in Boston. Listen in on the Web -- the audio stream will be linked from the top page [64].

[62] http://tbtf.com/cgi/redir.cgi?site=xmG6scvJ77872239823
[63] http://technologyfront.com/
[64] http://www.geekpride.org/

For a complete list of TBTF's email and Web sources, see http://tbtf.com/sources.html.

TBTF is free. If you get value from this publication, please visit the TBTF Benefactors page and consider contributing to its upkeep.

TBTF home and archive at http://tbtf.com/ . To (un)subscribe send
the message "(un)subscribe" to tbtf-request@tbtf.com. TBTF is Copy-
right 1994-1999 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Commercial
use prohibited. For non-commercial purposes please forward, post,
and link as you see fit.
_______________________________________________
Keith Dawson    dawson dot tbtf at gmail dot com
Layer of ash separates morning and evening milk.