Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Publishers call online library willful digital piracy on an industrial scale.
Timothy B. Lee, Ars Technica, 1 Jun 2020
Four of the nation's leading book publishers have sued the Internet Archive, the online library best known for maintaining the Internet Wayback Machine. The Internet Archive makes scanned copies of books—both public domain and under copyright—available to the public on a site called the Open Library.
“Despite the Open Library moniker, IA's actions grossly exceed legitimate library services, do violence to the Copyright Act, and constitute willful digital piracy on an industrial scale,” write publishers Hachette, HarperCollins, Wiley, and Penguin Random House in their complaint. The lawsuit was filed in New York federal court on Monday.
For almost a decade, the Open Library has offered users the ability to “borrow“ scans of in-copyright books via the Internet. Until recently, the service was based on a concept called “controlled digital lending” that mimicked the constraints of a conventional library. The library would only “lend” as many digital copies of a book as it had physical copies in its warehouse. If all copies of a book were “checked out” by other patrons, you'd have to join a waiting list.
In March, as the coronavirus pandemic was gaining steam, the Internet Archive announced it was dispensing with this waiting-list system. Under a program it called the National Emergency Library, IA began allowing an unlimited number of people to check out the same book at the same time — even if IA only owned one physical copy.
Before this change, publishers largely looked the other way as IA and a few other libraries experimented with the digital lending concept. Some publishers' groups condemned the practice, but no one filed a lawsuit over it. Perhaps the publishers feared setting an adverse precedent if the courts ruled that CDL was legal.
But the IA's emergency lending program was harder for publishers to ignore. So this week, as a number of states have been lifting quarantine restrictions, the publishers sued the Internet Archive.
In an email to Ars Technica, IA founder Brewster Kahle described the lawsuit as “disappointing.”
“As a library, the Internet Archive acquires books and lends them, as libraries have always done,” he wrote. “Publishers suing libraries for lending books, in this case, protected digitized versions, and while schools and libraries are closed, is not in anyone's interest.”
The publishers have a pretty strong case.
The publishers' legal argument is straightforward: the Internet Archive is making and distributing copies of books without permission from copyright holders. That's generally illegal unless a defendant can show it is authorized by one of copyright law's various exceptions.
Legal experts tell Ars that the Internet's Archive's best response is to argue that its program is fair use. That's a flexible legal doctrine that has been used to justify a wide range of copying over the decades—from recording television broadcasts for personal use to quoting a few sentences of a book in a review. Most relevant for our purposes, the courts have held that it is a fair use to scan books for limited purposes such as building a book search engine.
When considering a fair use claim, courts consider several factors, including the impact of the use on the market for the original work. A book search engine, for example, is not a substitute for reading books but, rather, helps readers find new books they might want to buy. This is one of the reasons the courts found that book scanning for a search engine was legal under fair use.
But it's harder to come up with compelling arguments that the Internet Archive's open-ended lending program is fair use.
James Grimmelmann, a copyright scholar at Cornell University, told Ars that he is withholding judgment until he sees the Internet Archive's response. However, he said, “it seems like the publishers have a pretty strong case.”
“I think there are arguments for fair use, but they're not terribly strong arguments,” he said in a Monday phone interview.
A pandemic exception?
The Internet Archive would have had a stronger argument if it had continued to limit the number of copies that could be lent out. In that scenario, IA could argue that the program's impact on the market was little different from a conventional library.
Obviously, a patron who checks out a book from a library is less likely to purchase a copy, undermining the market for the book. On the other hand, libraries themselves buy many books—and the more popular a book is, the more copies libraries must buy. So the overall impact of libraries on demand for books is not clear.
But once the IA stopped buying a copy of a book for every copy it lent out, this argument became a lot weaker. An institution like IA can buy a single copy of a book and then “lend” it to dozens, hundreds, or thousands of people at the same time. There's little doubt that this has a negative impact on the market for new books.
Instead, the Internet Archive will likely need to make a more novel argument — that the unique circumstances of a pandemic justifies allowing types of infringement that would be clearly illegal at other times. Grimmelmann wasn't able to identify any other cases where courts have made that kind of leap.
Srividya Kalyanaraman, American Inno, 4 Jun 2020, via ACM TechNews, 5 Jun 2020
Researchers at the Massachusetts Institute of Technology (MIT) suggest the approaching limits of chip miniaturization require future increases in computing power to come from software, algorithms, and specialized hardware. MIT's Neil Thompson said shrinking processors has been the standard approach to growing computer performance for decades, “but the nature of computer processing is changing.” Performance extension has long relied on generic hardware and specialized software, but Thompson suggested it may prove more economical to design hardware for executing particular tasks, even if speed and other factors must be compromised. He added that such an approach initially will be applicable to specific areas like supercomputing and quantum computing. https://orange.hosting.lsoft.com/trk/click?ref=3Dznwrbbrs9_6-25778x222bb6x066701&
Liam Tung, ZDNet, 2 Jun 2020 via ACM TechNews, 5 Jun 2020
The Rust programming language has cracked the top 20 rankings of the Tiobe popularity index for the first time, amid growing interest in using it for systems programming to build major platforms. Microsoft is considering Rust for Windows and Azure, aiming to eliminate memory bugs in code authored in C and C++; Amazon Web Services is using Rust for performance-sensitive elements in Lambda, EC2, and S3. Tiobe ranked Rust in 20th place this year versus 38th last year, and although this does not mean more people are using Rust, it demonstrates that more developers are searching for information about the language. Tiobe software CEO Paul Jansen credited Rust's ascension with being a systems programming language that is “done right.” He said, “All the verbose programming and sharp edges of other languages are solved by Rust while being statically strongly typed,” which “prevents run-time null pointer exceptions, and memory management is calculated compile-time.” https://orange.hosting.lsoft.com/trk/click?ref=3Dznwrbbrs9_6-25778x222bb7x066701&
Zoom is facing more pressure to expand its use of end-to-end encryption to free accounts, which it has said need to be accessible to law enforcement. On Thursday, Consumer Reports called on Zoom to change course. “Privacy is a right, not a luxury. If Zoom has the technical capacity to safeguard conversations with end-to-end encryption, it should offer the same protections for all its users,” Justin Brookman, Consumer Reports' director of privacy and technology policy, said in a statement. Other popular conferencing platforms like Verizon's BlueJeans, Google's Meet and Cisco's Webex offer varying levels of encryption—features that have drawn more attention since the pandemic forced millions of Americans online for work, school, socializing and medical care.
In the weeks since Zoom announced its encryption plans,<https://blog.zoom.us/wordpress/2020/05/07/zoom-acquires-keybase-and-announces-goal-of-developing-the-most-broadly-used-enterprise-end-to-end-encryption-offering/> security experts and consumer advocates have urged <https://twitter.com/Riana_Crypto/status/1268624308852543488> the videoconferencing giant to extend the new, more robust protections to free accounts, not just paid ones. Instead, the company has stood by its plan, citing the need to monitor meetings that are used to share child sexual abuse material and engage in other illegal behavior. “Zoom is dealing with some serious safety issues,” said Alex Stamos, a former Facebook chief information security officer who is now advising Zoom on security. Zoom faces “a difficult balancing act,” Stamos added , by “trying to both improve the privacy guarantees it can provide while reducing the human impact of the abuse of its product.”
Four principles for managing cyber-risk, European Leadership Network [1], 4 Jun 2020 Andrew Futter [2] - Associate Professor in International Politics at the University of Leicester European Leadership Network [3]
I don't quite know whether it is especially computer science or its subdiscipline Artificial Intelligence that has such an enormous affection for euphemism. We speak so spectacularly and so readily of computer systems that understand, that see, decide, make judgments, and so on, without ourselves recognizing our own superficiality and immeasurable naivete with respect to these concepts. And, in the process of so speaking, we anesthetise our ability to evaluate the quality of our work and, what is more important, to identify and become conscious of its end use. […] One can't escape this state without asking, again and again: “What do I actually do? What is the final application and use of the products of my work?” and ultimately, “am I content or ashamed to have contributed to this use?” — Prof. Joseph Weizenbaum [“Not without us”, ACM SIGCAS 16(2-3) 2—7, Aug1986]
[1] https://www.europeanleadershipnetwork.org/policy-brief/what-does-cyber-arms-control-look-like-four-principles-for-managing-cyber-risk/?mc_cid=4afb27a93d&mc_eid=3429fd5ce8
[2] https://www.europeanleadershipnetwork.org/person/dr-andrew-futter/
[3] https://www.europeanleadershipnetwork.org/
[4] http://www.isti.cnr.it
I received one of those evil emails:
“Your Email Account was just signed in on a new Windows device from this IP 114.058.33.178.”
Hey wait, wouldn't that be
114.058.033.178 or 114.58.33.178 ?
Sounds kinda hand crafted.
Fight back!
In the current climate of disrespect of decency and reason, it seems that too many people take an attitude of “Who cares if global warming / vaccination / moon landing is the result of hard work by tens of thousands of people over decades—we know better because we have read an Internet post!”
Things like the Flat Earth society have been viewed as harmless weirdness, but no more; such ideas had already spilled into the real world and are causing real damage and even loss of lives. It's time to fight back.
Fighting back does not require overt actions like Buzz Aldrin's punching the face of a moon landing denier; it's as simple as clicking “reply”. I have taken to replying to any conspiracy-related post sent to me on social media and mail, specifically those forwarded by friends and colleagues. It's rather easy to find the correct information, either from sites like Snopes, or more often, by just clicking the links included in the message itself — almost always, the article's contents contradict the post's headline.
I always urge posters to read the articles, not the headlines. “Don't send me such posts, I actually click the links!”… A link to a scientific article posted as “Scientists Show Global Warming is a Hoax” leads to a research which definitely supports the global warming idea; and an article labeled “Soros is out to Destroy America“ reveals that his greatest crime is “using his money to support candidates he favors”.
I might be considered a nuisance, but this method greatly reduces the volume of nonsense on my feeds, and hopefully contributes just a bit to reduce the trend.
<rodney.parkin@spitbrook.net>
To add some context for non-Australian readers, the scheme made 2 fundamental errors.
Firstly, it tried to automatically match income tax returns (which are assessed on an annual basis), with social security payments (which are assessed on a fortnightly basis). It was assumed that the recipient's fortnightly income was 1/26 of their annual income. But take, for example, a low income worker with casual work from time to time. In slow 2-week periods they might be entitled to social security payments, but in better 2-week periods little or no support. By assuming their fortnightly income was 1/26 of their annual income, the conclusion was often (but incorrectly) made that their social security had been overpaid in the slow times.
Secondly, it sent letters of demand putting the onus of proof onto the recipient, where the recipient had little or no ability to provide such proof. For example, the claims often related to payments made years before - long after the recipient would have retained any records. Further, the letters offered no detail on how the “overpayment” was determined - the recipient was given almost no information about which payments were in dispute nor how the “overpayment” amounts had been calculated. The receipts often didn't even know what data was in dispute, let alone have access to the records that would allow them to prove their position.
The government embarked on a massive bluff against members of the community least able to defend themselves. It was clear at the time that it was unreasonable, and it is no surprise that it was eventually reversed.
This is fascinating. Effectively these guys are packaging up bad debt and selling it. It just happens that the collateral against that debt is data rather than a house, car, or boat. I wonder if the auction is a fraction of the extortion demanded. Will we have a GDC (Global Data Crisis)? What next? Data futures contracts? :)
Paul (with tongue slightly in cheek)
Surgisphere, whose employees appear to include a sci-fi writer and adult content model, provided database behind Lancet and New England Journal of Medicine hydroxychloroquine studies
The World Health Organization and a number of national governments have changed their Covid-19 policies and treatments on the basis of flawed data from a little-known U.S. healthcare analytics company, also calling into question the integrity of key studies published in some of the world’s most prestigious medical journals.
A Guardian investigation can reveal the U.S.-based company Surgisphere, whose handful of employees appear to include a science fiction writer and an adult-content model, has provided data for multiple studies on Covid-19 co-authored by its chief executive, but has so far failed to adequately explain its data or methodology.
Data it claims to have legitimately obtained from more than a thousand hospitals worldwide formed the basis of scientific articles that have led to changes in Covid-19 treatment policies in Latin American countries. It was also behind a decision by the WHO and research institutes around the world to halt trials of the controversial drug hydroxychloroquine. On Wednesday, the WHO announced those trials would now resume.
Two of the world's leading medical journals—the Lancet and the New England Journal of Medicine—published studies based on Surgisphere data. The studies were co-authored by the firm's chief executive, Sapan Desai.
Late on Tuesday, after being approached by the Guardian, the Lancet released an ‘expression of concern’ about its published study. The New England Journal of Medicine has also issued a similar notice.
An independent audit of the provenance and validity of the data has now been commissioned by the authors not affiliated with Surgisphere because of “concerns that have been raised about the reliability of the database.”
U.K. FACING COMPLAINT OVER LACK OF DATA PROTECTION SAFEGUARDS—Privacy advocates have filed a complaint with the U.K. data protection authority for failing to conduct a data protection impact assessment for its coronavirus track-and-trace program. “The Government is moving too fast, and breaking things as a result,” James Killock of the Open Rights Group said. Ravi Naik, the lawyer assisting Killock with the complaint, said that deploying the tracing program without implementing the proper safeguards is a disaster.
<https://www.politico.eu/article/uk-test-trace-privacy-data-impact-assessement/>
In Risks 31-94, Henry Baker says that “The NYTimes article below attributes the bulk of COVID19 spread to “superspreaders” and “superspreading events”. —
Indeed so, but better to cite the source. This info is three months old already, from the London School of Hygiene and Tropical Medicine Centre for Mathematical Modelling of Infectious Diseases (LSHTM CMMID). It has recently been confirmed in two preprints from late May.
The technical expression is that the disease has an overdispersion parameter value of about 0.1, according to the CMMID estimate. (The parameter is usually denoted as “k”.)
Baker drew attention in Risks 31.84 to a mathematical situation with significant overdispersion even with a low basic reproduction number. He seemed to want to turn that exercise into a critique of the concept of R0 in particular and SIR models in general, which puzzled me. As far as I know, the CMMID result was obtained with an SIR model.
The published source is Endo et al., https://wellcomeopenresearch.org/articles/5-67 . This article was available in preprint first on March 11, 2020 at https://cmmid.github.io/topics/covid19/
The k value has been recently confirmed by an Israeli preprint about a different group of cases, Miller et al, 2020-05-22 https://www.medrxiv.org/content/10.1101/2020.05.21.20104521v1 and by a preprint from Hong Kong, Adam et al https://www.researchsquare.com/article/rs-29548/v1 from 2020-05-21 (Baker extensively quotes an NYT opinion article from Adam and co-author Cowling).
The result, that most of the infection comes from superspreading, deriving directly from the k value of around 0.1, seems now to be generally accepted. German government advisor, virologist Christian Drosten, mentioned it in his podcast last week https://www.ndr.de/nachrichten/info/podcast4684.html (in German), and Oxford epidemiologist David Hunter in a Guardian opinion piece https://www.theguardian.com/commentisfree/2020/may/28/coronavirus-infection-rate-too-high-second-wave
Prof. Peter Bernard Ladkin, Bielefeld, Germany Styelfy Bleibgsnd www.rvs-bi.de
Once again, Peter Ladkin is misinterpreting my criticism of “R0”-based models.
The problem is a fundamental logical problem: if one uses an English term “THE R0”, it presumes that there is such a more-or-less well-defined “number” which is named “R0”. But as I have argued, and continue to argue, there is NO such individual “number” in the case of superspreaders, since the variance associated with this “number” is so large.
Perhaps the best analogy comes from quantum physics. Classical physics presumed the independent existence of “position” and “momentum” of a particle, but quantum physics showed that any such notions quickly lead to contradictions with actual experiments, so any attempt to utilize terms like “THE position” or “THE momentum” demonstrates conclusively the lack of understanding by the speaker of the true nature of the situation in our actual quantum world.
For example, the phrase “THE position” of an electron surrounding the proton in a hydrogen atom demonstrates conclusively the ignorance of the speaker of the concepts of quantum mechanics. Ditto with “THE orbit”, “THE momentum”, etc.
Similarly, any use of the phrase “THE reproduction number” demonstrates conclusively the ignorance of the speaker of the concept of “superspreaders”.
For fifty years after Heisenberg, logicians, reporters and popular science writers destroyed entire forests trying to describe quantum physics using classical physical terminology; they failed miserably and only produced more confusion. Even Einstein himself—whose paper on the quantum nature of the photoelectric effect won him his Nobel Prize—was never able to become comfortable with the ‘spooky action at a distance’ nature of quantum mechanics. Einstein couldn't force the reality of quantum mechanics onto the Procrustean bed of existing naive concepts and words.
Similarly the COVID19 pandemic is causing the destruction of entire virtual forests by talking fat(uous) heads, reporters and popular science writers trying to explain what “THE” reproduction number is, when the demonstrated existence of superspreaders—e.g., the Boston hotel event, a NY bat mitzvah, or a choir practise—proves that there is NO single reproduction number which can provide any intuition for clear thinking about what is going on with this pandemic.
If the confusion were restricted to non-scientists, such logical errors might be excused. Unfortunately, some “scientists” were successful at convincing many politicians to panic due to fatally flawed “models” whose outputs had confidence intervals that wouldn't fit into their conference room, much less onto their slides (apologies to XKCD: https://m.xkcd.com/2311/).
U.S. President Lincoln was well aware of how improper usage of words can lead to logical errors. When Lincoln was asked “how many legs does a dog have if you call his tail a leg?”, Lincoln quickly replied, “Four; saying that a tail is a leg doesn't make it a leg.”
Please report problems with the web pages to the maintainer