Making Light: Archive #3
Monday, September 10, 2001 - Monday, October 1, 2001
TNH & PNH home

Making Book

PNH's weblog

Making Light

Making Light archive #1

Making Light archive #2

Check here if
you want links
to spawn new
browser windows.

Monday, October 01, 2001


Within the last few days I've finally started to believe it. We dodged the bullet. No one whom we know personally was killed in the WTC disaster, though we've had some close calls. And only now, as that fact sinks in, have I realized that ever since the towers went down I've been in a state of 24-hour-a-day, seven-days-a-week continuous flinch, expecting at any moment to hear the bad news I took to be inevitable.

This does not diminish the deaths of six or seven thousand people I don't know. It's just a matter of my own coming to terms with it. All those deaths are still there, starting at the edge of my social circle. One friend knew, through completely unrelated contexts, two different people on two different hijacked planes. Another friend -- late to work, and so not at his desk on the 96th floor when the plane plowed into that part of the tower -- lost fourteen co-workers. One of the regulars at Patrick's gigs who worked very near the WTC ran one way when things came down, and hasn't heard since then from a co-worker who ran the other way. Another regular used to work in financial services; and as Adam Gopnik said in the 24 September New Yorker, "For the financial community, this was the Somme."

It's like standing on the sidewalk and hearing, just around the corner in an alley, the sound of someone being murdered. You're all right; which is to say, you're not being murdered. And at the same time, you're a universe away from all right.

Sunday, September 30, 2001


Friday, September 28, 2001

Dangerous nonsense

My friend Beth Friedman has a new quote in her .sig: Vs lbh pna ernq guvf, lbh'er va ivbyngvba bs gur Qvtvgny Zvyyraavhz Pbclevtug Npg. It means, "If you can read this, you're in violation of the Digital Millennium Copyright Act." I dropped her a note saying "What do you do if you can read that without a ROT13 translator?" and she said, "Turn yourself in as a dangerous munition, I guess." I'm now using Gb rpl rtu pudi dkdv, rpr'qm gm xmbudagym pb dkl Ggtgadu Omnsmnytmtle Opyroadfa Dyd. as a quote in my .sig. (Straightforward Playfair. The big fat clue's in the second-to-last word.)

Right now, the Digital Millennium Copyright Act is being used to prosecute people for the circumvention of copy protection and/or the distribution of devices that can be used to circumvent copy protection (see my September 10th weblog post on Encryption and e-books), even if no actual violation of copyright has occurred -- that is, even if no crime has been committed. Russian programmer Dimitry Sklyarov is facing federal prosecution in the wake of a speech in which he described the astonishing weakness of some pricey e-text security systems -- one of which used nothing better than plain old ROT13 encoding.

Since I can usually puzzle out ROT13 text without a decoder, I believe this makes me a prohibited article. If they decide to crack down on figurative and allusive language, I'm doomed.

No expectation of privacy; no protection from self-incrimination

As reported in Wired News and elsewhere, Congress is about to consider a new Anti-Terrorism Act of 2001 which will greatly expand their power to conduct electronic surveillance. One section lets prosecutors authorize online surveillance (i.e., turning Carnivore loose on a someone's e-mail) for 48 hours without a judge's approval. It would also allow Britain's GCHQ to conduct random surveillance of American citizens' communications and pass on the interesting bits to the NSA. Totting up the Bill of Rights violations is left as an exercise for the readers.

But the really exciting new provision is the one that lets government snoopers intercept your e-mail headers and the addresses of the websites you visit. I am grieved to report that my very own congresscritter, Chuck Schumer, has teamed up with Orrin Hatch to promote this notion. Quoting here from the article in Wired:

On the other side is another bipartisan team: Orrin Hatch, a Utah Republican and former chairman, and New York Democrat Chuck Schumer. Both said that Americans have no reasonable expectation of privacy in the identities of their e-mail correspondents, or the addresses of Web pages they visit.

"No reasonable expectation of privacy exists," said Hatch, who has previously sponsored a related measure. "Your legislation would make it clear what the court has already held."

In the hallway after the hearing, Schumer told reporters there should be no "expectation of privacy" -- which would trigger additional legal requirements for prosecutors to follow -- in e-mail header and Web address information.

(I want someone to write a piece of software, something like the old Berkeley Systems After Dark screensaver, that kicks in whenever your computer's sitting idle. It will randomly surf the web, moving from one link to another, sometimes backtracking, spending random amounts of time on each page. I imagine it lifting subject headers from pages, running them through search engines, and following the links that turn up; is that possible? And like After Dark, it should accommodate add-on modules written by third-party developers, only these modules would be different clever search patterns. One algorithm must eventually fall into a pattern that can be distinguished from the user's own web browsing, if you apply enough power to the analysis. Many algorithms make things much more interesting.)

The current wave of perfectly understandable anti-terrorist sentiment is also being used as an argument in favor of banning strong cryptography. I have three problems with this. First, in the days following the WTC disaster the government committed several major crypto-related blunders. (Hiya, Orrin Hatch!) This doesn't make me enthusiastic about the prospect of their messing with the citizenry's cryptological data. Second, roughly the same bunch of guys were calling for a ban on strong cryptography long before the World Trade Center went blooie. They merely retreated from their position for a while. This makes me doubt their motivations. Third, as the Guardian points out, the terrorists in question didn't use encryption:

FBI investigators had been able to locate hundreds of email communications, sent 30 to 45 days before the attack. Records had been obtained from internet service providers and from public libraries. The messages, in both English and Arabic, were sent within the US and internationally. They had been sent from personal computers or from public sites such as libraries. They used a variety of ISPs, including accounts on Hotmail. According to the FBI, the conspirators had not used encryption or concealment methods. Once found, the emails could be openly read.

That wasn't stupid of them. An encrypted message screams that it's been encrypted. IMO, steganography -- hiding the fact that something's carrying a message at all -- has real virtues in a universe of computer-driven codebreaking. And that's just what USA Today reported they were doing, in a lurid and (to my ears) dubious story this past June:

Hidden in the X-rated pictures on several pornographic Web sites and the posted comments on sports chat rooms may lie the encrypted blueprints of the next terrorist attack against the United States or its allies. It sounds farfetched, but U.S. officials and experts say it's the latest method of communication being used by Osama bin Laden and his associates to outfox law enforcement. Bin Laden, indicted in the bombing in 1998 of two U.S. embassies in East Africa, and others are hiding maps and photographs of terrorist targets and posting instructions for terrorist activities on sports chat rooms, pornographic bulletin boards and other Web sites, U.S. and foreign officials say.

"Uncrackable encryption is allowing terrorists--Hamas, Hezbollah, al-Qaida and others--to communicate about their criminal intentions without fear of outside intrusion," FBI Director Louis Freeh said last March during closed-door testimony on terrorism before a Senate panel. "They're thwarting the efforts of law enforcement to detect, prevent and investigate illegal activities."

A terrorist's tool

Once the exclusive domain of the National Security Agency, the super-secret U.S. agency responsible for developing and cracking electronic codes, encryption has become the everyday tool of Muslim extremists in Afghanistan, Albania, Britain, Kashmir, Kosovo, the Philippines, Syria, the USA, the West Bank and Gaza and Yemen, U.S. officials say.

It's become so fundamental to the operations of these groups that bin Laden and other Muslim extremists are teaching it at their camps in Afghanistan and Sudan, they add.

Well, darn that uncrackable encryption! It sure would be interesting to find out where that story originally came from -- since, as the Guardian says, there's no evidence the terrorists were doing any such thing:

The allegation that plans have been hidden inside internet porn has, so far, proven unsupported. A few days before the attack, a team from the University of Michigan reported they had searched for images that might contain terror plans, using a network of computers to look for the "signature" of steganography. According to researchers at the Centre for Information Technology Integration, they "analysed two million images_ but have not been able to find a single hidden message."

If you don't mind looking at .pdf files, the U.Mich report can be found here.

I have more thoughts about this, and not enough time to write them. I've been kicking around ideas about weak encryption. Sure, it's breakable -- but it plays hell with automated data collection. In the meantime, if you want to play with steganography yourself, here's a lovely site: Spam Mimic. If you feed it a short message, it'll transform it into a letter entirely made of typical spam tropes, which you can send to a friend. If your feed the letter back through the Spam Mimic site, the original message reappears. Secure encryption? No. But I love the idea of making the spooks look at every piece of spam on the net to see whether it's carrying a message.

Thursday, September 27, 2001

City notes

According to Newsday, some New Yorkers are seeing the ghosts of the Twin Towers. Nobody's spooked; they're just glad to see them.

When I heard the towers had collapsed, one of the things I found myself thinking was how reassuring it had been to see the lights come back on in them after the 1993 bombing. It was nice, then, when I was bicycling home over the Manhattan bridge evening before last, to look back and see that the lights were on again in the World Financial Center.

More happy news: The photograph on the contents page of this week's Sunday supplement of the New York Times (which, alas, seems to be the only photo they don't reproduce in their online version) was shows the interior of the damaged but surviving Winter Garden, palm trees and all. It isn't gone! What had looked like a blank bulldozed space in the satellite photo must have been its roof covered with a camouflaging layer of ashes, dust, and paper.

In lieu of the Winter Garden photo, here's another favorite I worried about. Go here and click where it says "Windows on the World". The first picture that'll pop up is of a bronze statue that sits in a park near the WTC. The trees have taken a beating but -- yes! -- the statue's still there. It's a lawyer, eating lunch as he looks over some papers, except his papers got stolen some years back. Sometimes you can see passers-by do a doubletake when they realize he's not moving. He must have looked even stranger on the 11th, when everyone was coated with thick gray dust.

If you can stand one more account of the day, this one was written by a fireman for other firemen. He got to Ground Zero right after the towers went down.

The happy days of Hironori Akutagawa and his rabbit

I don't know what the site is actually called.

The rabbit, Oolong, is a seven-year-old bunny from Hokkaido that has a knack for balancing objects on its head and likes hanging out in meadows. Hironori Akutagawa mostly stays behind the camera. Ninety percent of the site is in Japanese, and it doesn't matter. Just keep clicking on the list of pictures. There are more of them elsewhere on the site. Some are of Oolong (I quite liked this one); others are on other subjects: here, here, here, and here. I don't think I can explain why it cheers me up as much as it does.

Monday, September 24, 2001


Dubya and the national media have continued to harp on their latest song: America, America, America! I dearly love my country -- I had an American flag hanging in my front window long before the Big Awful came down on the 11th -- but this is getting embarrassing. Have they not noticed how many of the missing (go ahead and say it: the dead) are from other countries?

(The chart on the London Times' website is a week old, and I already linked to it once before, but it still makes its point: people from all over the world died that day, in some cases hundreds of them from a single country. A more recent Washington Post article makes the same point. A piece from the website suggests that the WTC Non-US Death Toll Outnumbers American. I'm not sure they're right -- their numbers look pretty speculative to me -- but it's still interesting.)

We started receiving messages of support and consolation and sympathy from all points of the globe the minute the news went out. They've kept coming in, and we're truly grateful for them. But there's something we owe the world. I've been waiting for Mr. Bush or Mayor Giuliani to say it, but since they still haven't done so:

On behalf of the people of the United States, and especially the City of New York, we wish to convey our deepest sympathy to all those in other countries whose friends and family members died here in the terrible disaster at the World Trade Center. We mourn with you. Their deaths were a loss to us all.

Many of us know the pain of waiting to hear from loved ones who never came home on that terrible day, and whom we must now reluctantly admit will never be coming home again. We know that you, like us, have waited in hope and in dread. You've seen the terrifying news of the general catastrophe replayed over and over again, and listened for the one piece of personal news you've most wanted to hear.

We are a nation of immigrants, and a city of immigrants. People come here hazarding the hope that this is a place where new things happen; where anything might happen. We have liked to believe that it is a place where good things happen. But your friends and family who came here were killed in a swift and terrible disaster. That disaster was not our doing but it happened in our city, and we are more sorry than we can say. We promise you, your dead are not forgotten, nor ever shall be. We are all bereaved together.

We pray for justice, and for mercy. May God comfort all our losses.

Good mental hygiene

The Rumors of War website has been collecting, investigating, and sometimes debunking wild stories that have sprung up in the wake of the Big Awful. No, Nostradamus didn't predict it. Yes, Jews died in the attacks just like everyone else. No, CNN didn't fake their footage of rejoicing Palestinians. Yes, Falwell and Robertson really did say that -- and have been trying to weasel out of it ever since. A truly useful website.

Friday, September 21, 2001

Operation Infinite Justice

1. How is it that an administration that's made such an ostentatious parade of its religious affiliations didn't remember Who owns the trademark on the phrase "infinite justice"?

(If they're not familiar with it, they can ask the Jesuits, Unitarians, Theosophists, Puritans, Muslims, some other Muslims, the Salvation Army, and the Society for the Renewal of the Sacred Liturgy, not to mention John Bunyan, John Wesley, St. Irenaeus, and Roget's Thesaurus.)

2. John M. Ford lists his Top five alternates for "Operation Infinite Justice:"

Operation Nonlinear Feedback
Operation Hyperbolic Reformation
Operation Albigensian Catharsis
Operation I'm Rubber, You're Glue
Operation Russian Firedrill

3. On the other hand, I'm sort of sorry the govt is backing down on the name (blaming "objections by some Muslims" as they retreat), since it means we won't see what would otherwise be an inevitable headline: Crisis on Infinite Justice!

Thursday, September 20, 2001

Grieving all over

Everyone's hurting. It's not just us. I hear it in their voices when I read the messages coming in from around the world. It's visible in all those photos of people leaving flowers and candles and messages. They're not just being nice. It hit them too, and they're hurting.

That emotional connection can't just be a matter of familiarity, or of having something personal at stake. The WTC always got a lot of visitors, and the London Times pegs the number of native countries of the dead or missing at forty-two, but even those substantial numbers don't account for the size of the reaction.

I think it meant something more to us. There was a certain kind of hope and striving embodied in those oversized towers. They were meant to be part of the world's future. All of us threw our hearts up into the air alongside them like we did with the space program's rocket launches, and felt it as a personal loss when they came tumbling down.

I think that what also touched everyone was the strangely simple, compact, well-documented horror of over five thousand people dying together so quickly, in such a little space, in circumstances of such unimaginable violence.

City life is an intensely cooperative activity. So is our world-civilization's joint project of building a better future: one that's more just, equitable, diverse, convenient, mobile, communicative, healthy, knowledgeable, creative, and altogether richer and more interesting. It's a good dream, and not just for an elite. It's also something we can only do together.

The horror of barbarism is Give me what I want or I'll wreck what you have. Or maybe I'll wreck what you have because I don't yet have it, or because I don't want it. It doesn't value cooperation for its own sake. Barbarism has no objection to the primordial calculation of individual power without commensurate responsibility, which is that it is more amusing to be a very rich man in a poorer country than a moderately wealthy man in a richer one.

We don't have a share in barbarism. We have a share in the things that make cities and futures. That's why the sight of the towers collapsing a week and two days ago struck us all to the heart. All of us: not just New Yorkers, not just Americans, but everyone in the world who looked at the unimaginable horror unfolding on their TV screen and said Ich bin ein New Yorker.

Well, and so they are. I don't got a problem with that.

(Naturally, our gormless national news media have once again missed the real story, and are playing the aftermath of the disaster in terms like "America Rising". Idiots! ... Film at eleven.)


There's a recurrent story -- maybe true, maybe an urban legend -- that Ich bin ein Berliner actually translates as "I am a jelly doughnut." Shortly after I first heard someone on the news say Ich bin ein New Yorker, the story went round that that phrase actually translates as "I am a thin-crust pizza."

Velma Bowen says

I saw Paul Taylor's company in the Winter Garden, and walked through and saw -- I think it's Streb -- the dance company that works with trampolines and hanging bars. I always wanted to walk down those steps in a long gown, singing, with voices joining in from all sides.

She's right! Finally, I know the exact purpose for which those stairs must have been designed. I hope they get rebuilt. I hope Velma gets to use them.

National Mental Health Association reports identity theft

Someone was bound to try to take advantage of the situation here. Turns out it's the Scientologists, who've managed to send in 759! "volunteer ministers" under the guise of providing mental health counseling to stressed-out New Yorkers. This would be more believable if Scientology didn't have a long history of being explicitly at war with standard psychiatric practice. Short but accurate cartoon version: Their idea of help and therapy consists of becoming a Scientologist, learning about clams and volcanos, and giving them all your money forever.

Their good faith would also be more believable if they hadn't set themselves up as the NMHA, National Mental Health Assistance, which bears rather too much resemblance to the respectable old NMHA, National Mental Health Association.

According to the Sacramento Bee, this scam was spotted after the ever-vigilant Fox News aired the fake NMHA's toll-free phone number for about two hours last week, listing it as a number to call for people seeking mental health counseling.

The real NMHA is naturally upset about this, and worried about people who fall into the Scientologists' hands during a period of temporary vulnerability.

Wednesday, September 19, 2001


There's so much to grieve for that your heart doesn't know where to start. All over the city you see flyers put up by the friends and relatives of the missing, with snapshots and descriptions and a number to call if you have any information. Poor souls. If they're still hoping, it's only because they can't bear to stop. Nobody's come alive out of the rubble since Wednesday last. Yesterday the hospitals announced that all the patients in their care have been identified and accounted for. The people who haven't come home yet aren't coming home ever, and there are five or six thousand of them.

Where the flyers are especially thick, at places like Bellevue Hospital and Union Square, people have been leaving votive candles burning, acknowledging that the flyers have become memorials. The faces of the dead are everywhere you look.

If you can stand to look at it, here's an amazingly detailed image of the bottom end of Manhattan Island as seen from space.

I keep having these moments of grief for the little things. A week ago the gardens of Battery Park City were green and elegant, spilling over with late flowers and foliage plants. All that will be gone now -- buried under rubble or a dense mulch of paper and pulverized concrete, or trodden into bare ground again by the rescue workers and their machinery. It's such a little thing, only plants after all; but they were beautiful. I also wonder about all the public art along the BPC esplanade -- charming, witty stuff, a happy addition to the city. Nobody's reporting on its condition -- and why should they, with so many other important stories to report? -- but I hate to think of it being lost.

The World Trade Center was not especially lovable on a day-to-day basis. It was grand, no denying that; but so abstract. I was always much fonder of the World Financial Center and Battery Park City. I have yet to find a picture of my favorite view of Ground Zero Before, looking south as you drove down the West Side Highway late in the day. The massed WTC/WFC/BPC buildings were a complex shimmering mass, looking for all the world like an updated Frank R. Paul illustration of The City of the Future.

Another thing I can't find a picture of is the WFC's indoor signage. Some of it will still be there in the buildings that are still standing, but many pieces will have been lost when the gerbil tubes collapsed. These were the identification signs for the different parts of the complex, and they weren't small. They were made of multicolored true enamel on brushed brass. The enamelling consisted of elaborate abstract square designs like quilt blocks on acid. I think there was a different design for every building in the complex. The signs were like big hunks of jewelry, and I coveted them.

You may already have seen pictures of the wreckage of the Winter Garden, but if you don't know what it was, you don't know what was lost. I've put together some pictures: one page of the way it was before [300K] [100K], and one page of pictures from the last week [356K] [132K ].

The Winter Garden was one of my favorite, favorite places. It was a marvellous piece of public space, a rounded glassed-in atrium with the best set of stairs in the New World. They were made out of some kind of highly polished red stone, and curved in a half-circle to match the curved front and back of the building. They made a long shallow descent to a circular polished stone area, as though they were the seats in an amphitheatre. The rest of the Winter Garden was a high-ceilinged atrium, all paned glass like a fancy Victorian conservatory, and the west wall overlooking the Hudson was windows from top to bottom. In the central area were two rows of tall palm trees in square planters.

I'm not conveying what a pleasant, friendly space it was. I first wandered into it some years ago when we were giving an out-of-town friend a tour of the south end of the island. We hadn't really gotten a good look at Battery Park City (then only about half-built) and the new WFC, so the Winter Garden came as a complete surprise: quiet, pleasant, with places to sit down, and decent public restrooms. There was a Brian Eno sound installation running, and a free concert that night.

That's one of the things about New York City. Sometimes it's impossible, intractable, insanely frustrating, running counter to the grain of anything you try to do. Other times it's full of light and grace, magical coincidences happen, and marvels pop up unexpectedly all over the place. The Winter Garden was the city wearing one of its happiest faces.

From the photos I've seen, it looks like the east end of it was smashed by falling debris. I saw once and couldn't find again a photo of firemen bringing water up from the river in hoses that ran between the palm trees. I can't tell from the satellite photo what's happened to the rest of it. For a while I thought it had been bulldozed. I don't know.

It hurts to look at pictures of rubble and remember coming into it from the gerbil tube around sunset, with the light coming through the glass-paned wall along the river and the sky visible through the arched glass ceiling. For a long time they had an elaborate full-size model of da Vinci's flying machine hanging where it was a bit above eye level as you came in, and rose higher and higher above you as you passed under it on your way down the stairs. It was beautiful. It was why we have civilization.

Park Slope on the day. And an artifact.

As the crow flies, we're not terribly far from lower Manhattan. All that long Tuesday, people were standing out on the sidewalks, talking to each other and staring at the plume of smoke. Nobody wanted to be alone. I asked some of the geezers on our block if this was what it was like when Pearl Harbor got bombed. They said no, this was worse.

The light was flat and strange, filtered through the plume of smoke. All day you could hear emergency vehicles coming and going in all directions, and overhead the swooshing of fighter jets on patrol. Other than that it was oddly quiet.

(The first fighter jet I saw terrified me. When I saw it make a tight turn and circle round toward the south end of Manhattan I was sure it was another kamikaze, and my knees buckled. Then it came circling back out of the smoke plume with a tremendous whoosh and I knew it was one of ours. A little while later I realized I was listening to them for reassurance: guardian angels. At night they're lit up like Christmas trees: Hi! Nothing stealthy about us!)

As the day ran down people started turning up at my apartment, so around sunset I went out to pick up refreshments. Overhead the smoke plume was turning pinkish-gold. You could see papers fluttering down through it as they rained out of the cooling smoke. All those collapsed buildings were full of office files. The disaster area is covered with a thick slush of documents. (I note in passing the loss of those files. Huge amounts of information lost.)

When I reached the corner of my block I looked down. Lying on the sidewalk was a single page from a paperback book, burned black around its edges. I picked it up. The running head said A SEASON IN HELL.


I am bemused to discover that the story of my finding the book page, which Patrick posted to rec.arts.sf.fandom, has been picked up and published in translation in Il Corriere della Fantascienza, along with posts by Vicki Rosenzweig and Michael Weholt.

Wednesday, September 12, 2001

Hold on tight. Don't let go.

I'd have kept describing yesterday, but my connectivity was too wonky. I lost my email around 10:30.

During the hour I still had it, I got a letter from Bill Shunn, sent to a long list of people, saying that he and Laura Chavoen were okay. Great relief! I sent Bill a list of our friends whom I knew to be okay -- Patrick, Claire Eddy, Ellie Lang, Soren DeSelby, Velma Bowen -- and said "Tabulate lists of names of people heard from and circulate them." That was something I'd learned during the Loma Prieta earthquake, when we'd kept and circulated lists of our friends who'd reported in from the Bay Area.

Bill did more than that. He put up a web page where people could check in, add a short message, and see who else had checked in. I didn't find out about it until mid-afternoon, when my connectivity came limping home; but when I did, reading that list was pure heart's ease, the thing I needed most. I told other friends about it, and a couple of mailing lists that have lots of local members. Everyone agreed that Bill Shunn is a good, kind, smart, helpful guy. Which he is. It's just that yesterday it was made very visible.

Around 4:30 I dropped him a note saying "You have no idea how much relief and reassurance you spread today." He replied, "Glad it did something good. Right now I'm trying to cleanse it of a lot of ugly filth people are posting."

That was startling. I went and looked. Sure enough, there were some nasty gloating messages, mostly in Portuguese, scattered amongst the check-ins. There wasn't much to them, really; just the textual equivalent of junior-high-school graffiti, all caps with lots of exclamation points.

What was striking was what was in between them: name after name after name. Some I knew. Many I didn't. People were leaving word there for their relatives all over the country, all over the world. It's an eloquent document. Bill had to take the check-in page down -- way too many hits -- but you can still see the list here.

Whole families were reporting in. Whole schools: "All kids got out of Stuyvesant." Whole companies: "We're okay here at Vindigo. We've accounted for just about everybody." "Thor Technologies - all accounted for accept Alex Yevseyevich." "The Flatiron Building was evacuated a bit after 10 AM. Tor people are OK at last report." "Everyone at DAW Books is okay."

People were leaving contact info: Baseline employees, please send email to the following address. Empire Blue Cross employees, please phone this number. Alberto Magana Sanchez (NYC): si se encuentra ah este noombre favor de comunicarnos al 36 15 15 52 ex 01 Tnks. Please let your cousin Myna Mukherjee know if you are OK. brad call home or your cousin at 360 352 4587 or 360 943 8843. gari mogel (NYC) his wokring at doun taun call to israel 046378293. Aos Brasileiros: Se houver Brasileiros que queiram se comunicar com parentes entrem en contato com a TV Bandeirantes no telefone 55+11+3745-7879. ("If there are any Brazilians who want to communicate with their relatives, they should contact TV Bandeirantes at 55+11+3745-7879.")

Others pleaded for information: Please phone. Please call. Is she alive she is my 18 yr. old daughter. Mande noticias. Has anyone heard from. Does anyone know. Worked on 100th floor West Building. Waiting for word. Does anyone know anything.

The people checking in were stories told in short: alive and ok. got out of building in time. honey its micky i'm trying to get home. get the wine ready. physically i'm ok, mentally i'm not and never will be. Thank god for missing the train. Cuts, scrapes, broken arm. Was in the first floor mall of the WTC. Now safely in Staten Island. Estava próximo ao local do acidente, mas estou salvo. I hope who ever put me through this is caught. Late for work today and missed it by minutes. MY ENGLISH BAD. I OK. minor wounds, will be staying in the city with a severly wounded friend. I'm safe. dazed....and angry, but safe. baby, I love you, I am okay.

Tuesday, September 11, 2001

Oh my god lookitthat...

I just climbed back down from my Brooklyn rooftop. An airplane has flown into the World Trade Towers. There's thick black smoke billowing out of several floors of both towers.

Let me pause for a moment to say with all the lucidity I can muster that it is the strangest sight I have ever seen in my life.

I can hear the sirens of multiple emergency vehicles, 360 degrees around. There were people on other rooftops in my neighborhood, some of them talking on their cellphones. Down in the street below me a workman was shouting in some language other than English for the rest of his work crew to come out of the house they're renovating and see what's happening. I couldn't make out a word of it, but there was no mistaking the sense.

Patrick called from the office. He says from where I'm standing I can't see the big hole in the side of one tower.

While I was typing that, Claire called from the street outside the Flatiron building. She was on the street when it happened. You can see the World Trade Center from there. Claire says it was two planes, one for each tower. She says it's a big hole. She can't see the tops of the towers for the smoke. I told her that when I last looked, only a few floors of each tower had smoke coming out.

I phoned Jim Macdonald, who's up near White Plains taking care of his mother. He hadn't heard. When I rang off he was looking up the NYC disaster plan, I think in order to find out whether as an EMT (albeit nonlocal) he should go in to help.

I'll post this now.
010911 0936 EST

Monday, September 10, 2001

The damnable news of the day...

...Is that Emma Bull took a bad fall at a RenFest and has broken both her elbows (the right one more severely than the left) and her left hand, and sprained a knee and a toe. Which sucks.

She's said to be in good spirits, but I don't know whether that's relative or absolute.

What Microsoft really means to say

Richard Forno says his Microsoft-English Dictionary 1.0 is intended as a public service, a helpful list of translations of the terms used by Microsoft spinmeisters -- who, as he puts it, "...attempt to morph the reality of their company's business, legal, and product information into innocuous-sounding, politically correct, calm-inducing statements when released to the public. Naturally, this has a confusing effect on the general public, which is unfamiliar with this particular form of language."

Some examples:

Product-Related Terms

Minimum System Requirements (1)(n, pl) : What Microsoft markets as the absolute minimum that a given product can operate on to claim a larger target market for a product. Such specifications correctly states that a product will be functional on such minimal requirements - but implies that a customer will be as productive as someone with much more computing power. (See "Windows Ready PC") A heartbeat may be a "minimum system requirement" for a human, but an infant can't run a marathon. (See "Recommended System Requirements")

Recommended System Requirements (1)(n, pl) : In reality, the minimum system configuration necessary for average performance of a given Microsoft product. Doubling this should yield adequate performance by the product. (See "Minimum System Requirements")

Security-Oriented Terms

Issue (1)(n) : A feel-good euphemism used by Microsoft referring to a security problem. (e.g., "Microsoft has discovered an issue with......") (2)(n) Microsoft's implied denial that a problem exists, calling it an "issue" instead of a "problem", "bug", "vulnerability" or "exploit."

Known Issue (1)(n) : A feel-good euphemism used by Microsoft referring to a previously-reported problem. (See "Issue")

Secure Microsoft Product (1)(n) : Any unopened, uninstalled Microsoft product, preferably still inside its shrink-wrap. (2)(n)A PC running Microsoft operating systems or software that is not connected to a network or has not had removable media (e.g., disk drives) installed...that's how Windows NT received its C2 endorsement from the NSA in the mid-1990s!


As the American Hyperlexia Association describes the condition:

Hyperlexia is a syndrome observed in children who have the following characteristics:

A precocious ability to read words, far above what would be expected at their chronological age, or an intense fascination with letters or numbers.

Significant difficulty in understanding verbal language

Abnormal social skills, difficulty in socializing and interacting appropriately with people

I don't exactly have a problem with that, but if you specify "for certain values of 'difficulty in understanding verbal language,'" it describes the childhoods of almost all my friends and about half of my professional colleagues. Someone should tell Karen about this.

How many scillings in a shekel?

I don't know how often it comes up in your line of work, but I've lost track of how many times I've wanted to know the the Current Value of Old Money. That's not as in the current prices collectors are paying for old coins and notes; it's as in how much twelve pounds a year in 1601 would be worth in modern wages. There are also links to other sites that will tell you useful things like the guilder-to-dinar exchange rate in May 1911.

Turning pro

People in the SF community who remember Karawynn Long may want to check out Miss Genevieve.

Encryption and e-books

Dmitry Sklyarov is facing federal prosecution for legitimately pointing out weaknesses in e-book encryption schemes. In the wake of this, a programmer has prudently announced anonymously that he's cracked the encryption on Microsoft Reader.

Well, no kidding. Apparently one system Sklyarov discussed stored the password in plaintext inside the executable. Another based its encryption on ROT13. Another's "encryption" consisted of adding a constant value to the digitized text. If anyone in this imbroglio should be subject to investigation, it's the firms that claimed these methods constituted professional-quality security systems, and charged pots of money for implementing them, when a pig-latin filter would have been very nearly as effective.

But in general I don't see why it's supposed to come as such a surprise that ebook encryption has been broken. If I'm wrong, will someone please tell me what I'm missing? Because it seems obvious to me that all ebook encryption schemes are by their nature breakable.

Here's how I see it: Assume that you have a book-length chunk of encrypted text. You know what book it is and who published it. Meanwhile, out there on a bookstore or library shelf is the hardcopy version of this very same book. That means you have a crib -- a piece of plaintext known to occur in the text that's been encrypted -- that is the full length of the encrypted message. There may be some slight differences in the versions, but over a document of that size, those differences won't make much difference.

But there's more. Other books will have used that same encryption system, which means you have dozens or even hundreds of this sort of encrypted text/plaintext pairings to work with. Under those conditions, it seems to me that that the encryption key(s) must be recoverable. If you bent all your efforts toward making the encryption system hard to break, you might make breaking it a more interesting problem, but you couldn't make it an insoluble one.

(Digression alert: If you have the encrypted text plus the key, you can derive the plaintext. As a rule of thumb, if you have the encrypted text plus the plaintext, you can derive the key. That's why a basic principle of field cryptography is that if you don't have time to fully encrypt a message, you should send it in clear. That way, the enemy can at most intercept the information in that message. If you send it partially encrypted, they may be able to infer what codes you're using, and will then be able to read every message you send.

There's a related error that's been made more than once. Say that one side has been using Code A for some time, and not unreasonably suspects that the other side has cracked it and is reading their transmissions. Time to change codes. Accordingly, all the code clerks get sent a fresh new copy of Code B. On the day they're supposed to switch over to the new version, George sends Fred the latest orders in Code B. Fred hastily radios back in Code A, telling George there's been a cock-up, he hasn't received his copy of Code B yet, and could he please re-send that last message in Code A? George does so. Whereupon the cryptanalysts on the other side (who have indeed cracked Code A) shed tears of gratitude and offer up prayers for George and Fred's continued well-being, because they now have the same message in Code A and Code B, and all those new codebooks might as well be Little Orphan Annie Secret Decoder Rings.

These plus many other amusing stories and principles can be found in David Kahn's The Codebreakers: The Story of Secret Writing. (Macmillan, 1967; rev. ed. published by Scribner in 1996 as The Codebreakers: The History of Secret Communications from Ancient Times to the Internet) It's a book that has warped any number of impressionable young minds since it was first published. If you don't fancy reading it yourself, it's just the thing to give to troublesome younger relatives who're turning out to be smarter than you are. If they like the book well enough to feel kindly disposed toward you, they may be merciful when they discover you've been using your birth date as a password and hack into your e-mail account.)

But back to ebooks. I understand there are some sophisticated modern codes that aren't necessarily going to yield to a mere crib. And yet ... I have a stubborn suspicion that if the message and its crib run to half a million characters apiece, and you have scores of these enormous encrypted text/plaintext pairs to play with, analyzable patterns are bound to emerge.

So there's the first point. Onward to the second. Assume an initially encrypted ebook. You buy a copy of it. At what point in this commercial transaction is the book going to be decoded? If it's downloaded to your machine in encrypted form, then the means for decrypting it -- the rules for how to decode it -- have to be present on your machine. That can't be secure. The decoding system may be cleverly hidden in the software, but if it's there at all it can be winkled out.

But suppose that the entire encryption and decoding system is on the publisher's website, where you can't get at it. Instead of decrypting the text on your machine, the publisher's site decrypts the text when you pay for the download. But if that's the case, then what's being downloaded to your machine is plaintext, and there's still a security problem.

The strongest locked box you can create in software is still built out of ones and zeros, and they can all be read just like any other ones and zeros. For an especially good statement on this issue, see The Futility of Digital Copy Prevention in the May 15th issue of Bruce Schneier's Crypto-Gram. Immediately following it he quotes Cicero: Nihil tam munitum quod non expugnari pecuna possit. ("No place is so strongly fortified that money could not capture it.") This is both true and charming.

Onward. Point the third. Another obvious factor (I think it's obvious) that's being ignored in all this kerfluffle is the increasing availability and sophistication of OCR (optical character recognition) technology. If you've got a good OCR scanner, you don't need to break an ebook's encryption. You can work from a plain old hardcopy book you check out of your local library. It's fast, it's easy, and I know it's happening out there because I keep having to explain to the enthusiastic fans of one of Tor's authors that they may not post the complete text of his books to their websites; and I'm darn sure they haven't been retyping all those cinderblock-sized fantasy novels.

Which brings us to the fourth point, the one anticipated by Marcus Tullius Cicero. Just for fun, let's assume that someone's come up with a seriously unbreakable way to encrypt ebooks. In an even bigger stretch, let's assume that ebooks have become wildly popular, a major revenue source for their publishers. (I know, I know. Just play along with the idea for a minute, okay?) Let's further assume that the use of OCR scanners to circumvent copy protection laws has been made a capital offense, which I devoutly hope is a stretch. And finally, let's assume that there's a major new Stephen King novel that's just come out.

This is epublishing heaven, right? It's successful. It's secure. And in that world, a piratical etext copy of the latest Stephen King novel would be worth heaps of money. What do you do if you're a pirate? Simple. The minute you get your hands on a legit paper copy, you break the book into sections and pay poor downtrodden third-world typists (in Sheffield, say) to re-keyboard them on the double.

No technology can stop that from happening.

Texts aren't secure. Texts never have been secure. That's why we have copyright laws in the first place. And yet we're seeing this extraordinary wave of repression -- prosecutions where no crime has been committed; attempts to intimidate researchers into not presenting their data; prior restraint and crude threats -- in the name of making ebooks secure.

This is absurd. I cannot believe the prosecutors who are going after Dmitry Sklyarov and threatening Edward Felten think there's any real merit in their prosecutions. I don't know what they think they're doing. There isn't even any real money at stake -- in spite of huge amounts of hype and hot air, ebooks don't sell for toffee. (Seriously. It's a noteworthy occasion when an ebook's sales break the three-digit barrier.)

Maybe it's another one of those murky undeclared turf wars. We seem to be seeing a lot of those. It makes me wonder what happened to the idea that when you use the public courts to pursue such fights, you're damned well supposed to let the rest of the citizenry know what's going on.

(Archive #1, May 27, 2001 - July 22, 2001)

(Archive #2, July 23, 2001 - August 15, 2001)

(back to Making Light)

Copyright 2001 by Teresa Nielsen Hayden. All rights reserved.
Don't mess with me; I'm an editor.