Sometimes, very rarely, I am happy that the spam filters in my personal mail server are so far from perfect.
Many of us were amazed, some days ago, news broke that Amelia Earhart's plane was found in the Southwestern Pacific. The news is amazing and worthy in itself. But today, I got this mail, proof that Amelia lived through all those years: (all addresses obscured, of course)
Date: Wed, 22 Aug 2012 23:38:59 -0700
From: Amelia Earhart <email@example.com>
To: undisclosed-recipients: ;
With due respect to humanity, i am compelled to write to you on a humanitarian ground, however, it has been my wish to execute in life.
Please, I am contacting you based on my desire to create a charitable fund in your country with this sum of EURO € 3.5 Million which I inherited from my late husband (Dr. Ahrens Earhart).
It is my desire to see that this money is invested in any organization of your choice in your country and distributed each year among the charity organizations, the house mother of the child, mosques, churches, schools, support for disadvantaged older men and women or in whatever way you intend helping the less privileged.
I took this decision because I was raised out of the house of mother and baby at the moment, i am admitted in a hospital in London were i am taking severe treatment to my cancer illness.
Please answer as soon as possible to confirm your agreement with this proposal, so I’ll give you all the necessary information that will enable you to have access to this funds my personal accountant will be aware of my arrangements with you.
Thank you for your attention and I hope to hear from you soon. Please contact me through my this email- firstname.lastname@example.org the nurse helping me will attend to you i have been restricted from touching the computer due to my illness i will direct you through her she is a nice person.
Ms. Amelia Earhart.
[ once again, I am translating somebody else's material – In this case, my good Costa Rican friend Carolina Flores. Please excuse my stylistic mistakes — My English is far from native as you well know. But this material is worth sharing, and worth investing some tens of minutes doing a quick translation. If you can read Spanish, go read Caro's original entry ]
Have you been to a music record store lately?
I did so last Saturday, as a mere excercise. I was not planning on buying anything but I wanted to monitor things and confirm my suspicions.
What was I suspicious of? First, that I would only find old records. And so it was: The only recent record I found was ...little broken hearts by Norah Jones. the second, that I would only find music for over 50 year old people. so it was: Were I there to look for a present for my father, I would have walked out with 10 good records. Third, that in the store nothing worth commenting would happen. About that last point, I should point out it was around 10 AM and the store had just opened its doors. Lets concede the benefit of doubt.
I don't think many of you will remember, but in Barrio La California (where there is now a beauty parlour, almost in front of AM.PM) there was Auco Disco. In Auco Disco there was a guy specialized in rock (Mauricio Alice) and another one specialized in jazz (I don't remember his name). In that record you could always find rare records, but if they were not there, at least you were sure to find somebody to say: "No, we don't have that, but that's an excellent record, it's the best that [insert group here] have ever recorded because just afterwards they switched their guitar player, they had gone a bit south but with that record they are flying. But no, we don't have it; I can recommend you this record by [insert another group] because it has a guitar solo in track six that is amazing".
It would happen more or less like that, which means, one would arrive to Auco Disco at 10 AM and leave around 5 PM with three new records, after having listened to a spectacular music selection. What happened to those stores? Were they killed by The Pirate Bay? That's the simplistic answer from the recording industry! The answer is that those stores never got anything from the industry but an invoice. The industry –specially in prescindible markets such as ours– was limited to hiring artists, taking care of them recording a sellable product, producing the object called record, and that's it. The more commercial radio stations were paid to program those songs —as it cannot be casual that "Mosa, mosa" is the summer hit in all of Latin America, can it?— but, record stores? Nothing.
Lets carry on with that idea: Radio stations are paid to program said music. This idea should not lead us to believe that recording companies are to blame for bad taste. I won't reveal my sources, but I know the success of the "Locura automática" song by La Secta was a real example. Nobody paid for it. That song got to the number one because of its own merits(?) (you don't know the effort it took to find that thing, I cannot recommend it to you). Same thing happens with other stations that don't program reggaetón, that try to save the species, and where they play what we do like. But the thing is, everything we like is not available in any record store in this country. Then, even if we wanted to buy a record or give it as a gift to somebody, it is plain impossible. And don't tell me it's the same to present as a gift a link or a CD full of downloaded MP3 as it is to give a record with cover and booklet, wrapped in gift paper.
I might be old-school, but the fetish object record still exists, not only because of its cover, but because of its sound. A 3MB MP3 is akin to drinking coffee dripping from a bag that has been used eight times with the same coffee beans. That format is the worst that has ever happened to music, and if we had any bit dignity we would never purchase digital files in Amazon or iTunes safe for MP3 with an acceptable compression level. That, if we could buy them, because not only that is allowed to us. As the musical industry has no interest in resolving ITS problem (that is not our problem, it is those companies') it has not even been resolved how to charge for a MP3 download that includes import fees (well, if downloading from here a MP3 from a USA-based file server can be considered importing goods into Costa Rica!!!) so we don't have to get dizzy entering into the nineties to Titi Online to discover there is nothing by Muse, Andrew Bird, The Killers, Death Cab for Cutie, Paramore, Björk... (believe me, I looked them all up, even Norah jones and La Secta. They also were not there).
This all leads me to the question, which I present with all due respect (NOT): What the fuck do they expect us to do??? It is outrageous; above all because in the best case they will sell us a watery coffee download that won't allow us to get all the details a vinyl or less compression would give us. In the worst case, post-MP3 groups will end up recording music with no harmonics or hidden sounds, because, what for? Nobody will hear it. They even admit it: "Some musicians and audio engineers say the MP3 format is changing the way studios mix their recordings. They say the MP3 format "flattens" dynamics –differences in tone and volume– in a song. As a result, a great deal of new music sounds very much alike, and there is nothing as focusing to create a dynamic listening experience. Why working so hard in creating complex sound if nobody can detect it?" (Rolling Stone, The Death of High fidelity, December 26 2007, taken from here).
That's why I am not surprised by Adrián's post regarding the sales of old records. The price has nothing to do with it. The causes are related to the fetish object record and what it means or does not mean for people that have never purchased one. Adrián also asks if somebody here keeps buying records. I answered that I would if the stores sold anything I like. I do it even after the nausea I feel while reading "This phonogram is an intellectual work protected in favor of its producer… COPYING IT IN WHOLE OR PARTIALLY IS FORBIDDEN…" (like that, uppercased, yelling to whoever is only guilty of having bought a record and defending the producer, not the artist). But I am sure that almost nobody buys records because doing so is no longer a gratifying experience; because if buying a record is clicking to wait 15 days for it to reach the mailbox, we prefer clicking on the download link.
But there is another reason for people not to buy records anymore. In one of my talks regarding the dictatorship of the all rights reserved, I asked the 30 twenty-something-year-old students if any of them had ever bought a record. One answered he had, because he is an author and performer (cantautor in Spanish) and understands the effort that producing a record entails. The rest of them had never done so. Is it possible that said young people have never listened to real music? Is it possible that, were it not for concerts, what they consider music is a set of washed-out MP3 that are about to fill up 1TB of their computer? Does people no longer buy records because they cannot differentiate one sound from the other?
It is not very clear for me where do I want to get to. The recording industry is despicable. An industry that instead of innovating sets its energy on suing adolescents for downloading songs, trying to pass laws restricting our freedoms in Internet, putting up DRMs making us hostages to our devices* and forcing us to listen just the aroma of music, deserves my whole contempt. If we add ot this that said industry won't allow us to legally download their breadcrumbs because it has not understood that Internet does not need a van crossing borders, besides my contempt they deserve my pity and my heartfelt condolence.
But the condolence is also for music, real music, that which is not compressed under the shoe using a terrible format. It is also for independent musicians that have not realized that begging for a bit of space to that industry they just add to themselves the "despicable" tag, given they deserve the fruits of their work to enter their bank account.
However, there are good things that have come out of this absurdity. Be it for those that have joined projects such as Autómata (even if it is in MP3) and for dreams come true such as Musopen (that have achieved that the music that's in theory Public Domain becomes so in practice as well). Good for the Electronic Frontier Foundation and the list of lawyers willing to defend people accused of ilegally downloading music in the USA. Good for the Creative Commons licenses that allow free sharing.
All those are growing solutions, although none of them allows me to buy the Panamanian Carlos Méndez's record. Thankfully, a friend of mine who knows I will never give a dime to Apple, bought the files for me in iTunes. I thank him deeply, although I would have prefered to go to Auco Disco and have Mauricio tell me that the 2007 EP I have from Carlos is better than the record he did on 2009.
* My devices don't have DRM because I use free software. I also use the ogg file format.
Image by verbeeldingskr8
At the beginning of this year, I blogged about a Mexican security-minded hacker conference scaring away its female audience by advertising in a sexist way.
I don't know if it is the need to be l33t or kewl, to show off that hackers are really socially inept, or what... but this seems to carry on. I know many are familiar with the red/yellow card project (and followup) by kdotcdot.
I am (rightfully? naively?) proud that at DebConf we have achieved a clean conference environment, without such problems... Yes, I know that, during the last ~year at DebConf11 we discussed an anti-harassment policy (look at the thread, it was quite interesting!), came up with standards of respect — And Debian as a whole voted on a GR that ratifies a diversity statement. The fact that we had those very positive discussions, documents and events shows we needed to have them. But, again, this shows that being a hacker does not necessarily mean being a jerk. And I'm very proud to be part of this community.
I recently stumbled across a very nice, insightful post by Valerie Aurora on The Ada Initiative: Supporting women in open technology and culture — DEFCON: Why conference harassment matters. Take a good read at it. I hope it helps shape other hacker groups in a less-aggressive, more welcoming way.
Oh! And before closing: Be sure to at least skim through both Valerie Aurora's and kdotcdot's comments. LOTS of insight in them.
Happy 19th birthday, Debian!
The Debian project is 19 years old now. Following Francesca's invitation (and Raphaël's lead, and using Leandro's image, collaboratively as it always happens here), I will tell a bit of my memories: How I got to Debian.
I am a Debian user since ~2000, and a Debian Developer since April 2003. But, just as Raphaël's, my history must go somewhat further back in time.
In 1992, I got my first 1200bps modem, and almost immediately became an avid BBS user (what's that? Javier Matuk talks [in Spanish] about BBSes in his newspaper column back in 1994). By mid 1993 I started operating my own BBS, CatarSYS. One of the key points that defined CatarSYS is that my focus was large-scale communication. I started connecting to several BBS networks, allowing messages to be relayed to distant people, mainly in the USA and Spain, and getting some feeds that could be seen as the poor man's Usenet.
At some point during the year I kept CatarSYS going, I got connected through a strange set of gateways to pure gold: A UUCP feed! This means, during some months, I operated the first (free, hobbyist) service that offered its users a free Internet mail address in Mexico. Yes, it was completely different to what we are used to today. I tried to connect to my provider at least three times a week, but this meant less than one week turnover time for messages sent to people anywhere in the world! But, back to Debian: Via this UUCP feed, I also got some real Usenet newsgroups — Including several on the comp.os category. I remember reading about Linux back then, and learning some commands, but didn't really get hooked into it.
I was in Israel from July 1994 to June 1995, doing completely non-computer-related tasks. Came back in 1995, and due to my father being an academic, got dialup internet access at home. WOW, *real* Internet!
It didn't take me long to start downloading Linux information and floppy images. One failed after another. But before the end of the year, I found in a bookshop a book (that included a CD-ROM) called "Build your own web server with Linux". WOW again — Remember this was still 1995! I bought it, and shortly afterwards, I had a Slackware system (Linux kernel 1.0.9) running. That meant many sleepless nights full of joy and frustration (as getting hardware to work was cloe to impossible).
By 1996, I got (within one week) my two first real jobs: A systems administrator at a small ISP and a highschool teacher. At the ISP, I got a spare computer to play with Linux, as –of course– the Big Server was running with Windows NT 3.51. Poor little machine... By then I was already a part of the Mexican Linux User Group. This group had just printed a batch of Linux CDs — RedHat 4.0. This was the first release that really made me happy and allowed me to do good work. Together with a friend I took to work with us, Juan Pablo Romero, we installed over a weekend a full replacement for our buggy NT machine, in much cheaper hardware. Of course, Linux was nowhere near corporate-recognition, and our project remained a project, not touching the Windows machine.
Anyway... Several years passed, and I was happy with my RedHat choice. I won't mention the milestones and job changes, as it would get boring and leave the point completely aside. By the year 2000, I was quite more involved with the LUG, as well as with the computer security group in DGSCA-UNAM. I became also an OpenBSD user, and had got so hooked up in free software that I felt the need to collaborate: To be a little part of one of those Big Projects that had given me so much. But which one?
I have never been much of a programmer — Yes, I can solve my everyday needs and have fun with it, and sometimes a bit beyond that. I enjoy programming. But all of my projects have begun little… and stayed little. I wanted to join OpenBSD, as it was a community I really believed in, but given my skillset (and given a flame-prone, aggressive developer community), I lost motivation to do so.
By 2000, I had also lost faith in RedHat. I don't have the exact dates, so I might be some months off — But after RedHat's IPO, I felt a sharp change. Version 7.0 was really demotivating — It tried to offer a polished desktop experience, but was really buggy, unstable, and full of bad decisions. In Mexico, Pepe Neif had taken up the job of making a derivative distribution of RedHat (called LinuxPPP), pressing hundreds of CDs and making a teaching program I was part of several times. Talking with Pepe (who continued to release based on RedHat 6), he told me he was interested in switching over to become a Debian-based distribution, but the job of migrating his installed base made the project stall — LinuxPPP reached only version 6.4.
But I installed Debian in early 2000, and loved it. I started getting familiar with its social philosophy and foundation documents at the same time I started migrating my servers from RedHat to Debian — This must have been by Spring 2000, as I installed Potato while it was frozen but not yet stable.
By January 2002 I applied for NM. My process took a long time, as my AM got MIA when he had already approved me (but before sending the AM report), so basically I had to go through AM twice — And by April 16, 2003, I got accepted as a DD. Contrary to what is acceptable today, I requested the full process to be done before starting to maintain any packages, as I didn't want to bother people with package sponsorship requests, so my whole process was done evaluating packages I would eventually upload.
Since becoming a DD, my main involvement in the project has been in packaging groups (I was a pkg-perl founder and member for many years, and am currently working in the pkg-ruby-extras group). But, as I said, my main strength is not programming — So my main involvement in Debian has been more social than technical: I have been a DebConf organizer since 2005, a very interesting, stressing, rewarding and (for some months) time-demanding role, and since 2009 I am part of the keyring maintainence team, which is much easier workload, although carries important ramifications.
So, after 19 years of Debian, and after nine years of me being part of it, Debian is clearly my strongest link to the Free Software community, a project I have grown to love and whose way of being I share and enjoy studying and explaining. And it is a technically excellent product, and a great place to start and keep learning both about how every aspect and layer of an operating system works, and how human-to-human interaction works in such a diverse, almost impossible environment happens.
This is one of the days where reading my everyday newspaper was worth more than just getting bitter at the news. I found this text in La Jornada, my usual newspaper. I liked it very much, and decided to translate it for a wider audience. Of course, if you can read Spanish, do yourself a favor and go to the original. It is not that the text is so easy to translate. And, after all, I'm not a native English writer.
I'm trying to do a literal translation, even when disagreeing with the author.
Ten theses in favor of free download of cultural goods on the Internet
Enrique G. Gallegos — Poet and philosopher. Currently a researcher in Universidad Autónoma Metropolitana-C
- Historical legacy. Criticists who promote the persecution of piracy and free downloads of cultural works from the Internet argue that the patrimonial rights have been wronged; they start off suposing that a cultural work is formed from a historical void, as if there was a "nothing" to begin with, and then a "something" appeared. Nothing more fallacious: All cultural products has its precedents, and thanks to these it generates part of its best forces.
- Opening towards the future. Human beings are projected into the future. As the main philosophies of the 20th century have explored, one of the singular characteristics of mankind is the ability to think and imagine the future. Products of culture are the best ways to think and project society, politics, love, hope, needs, failures… A song, a poem, an essay, can trigger imaginary worlds with a transformative potential. To deny this to humanity with "patrimonial damage" as an argument is to mutilate man's temporal nature.
- Recognition of the present. Cultural works generate moments of reflection, criticism and pleasure; they can trigger actions demanding commitment, solidarity and strong indignation against injustice. If every cultural work is adscribed in some way to a historic tradition, and if cultural products anre necessary to imagine other possible worlds and open our future, it's not less true that they also allow us to recognize our present by making us more sensitive to others' ideas, sensations and emotions. Without culture, there is no present nor others' presence.
- Divulgation of the cultural heritage. If culture is "heritage of mankind", it should be also spread by any possible way. But not just spread, but actively sought for the biggest number of people to be able to effectively have access to it. In a potentially interconnected world, Internet is the most adequate world for it (despite its limitations). Therefore, penalizing free downloads means avoiding spreading it and restricting access to those groups who don't have enough economic resources.
- Preserving cultural heritage. If we agree that cultural works are heritage of mankind, we need to take every action needed to preserve them. But preserving culture does not only mean keeping the products in museums, galleries or never-polluted drawers; it rather means to keep them in the collective memory and in the flow of constant interpretations and appropiations. Said in other words, the genuine way to preserve culture is to allow universal access to cultural goods. That's why, holding that free copies and downloads of books, music, videos, etc. over the Internet are harmful, is an incompatible argument with the obligation to preserve cultural heritage.
- They are not goods. Cultural works are material and spiritual manifestations of mankind, concretions of its historicity; they are, also, expressions of emotions, ideas and projections of other lives and other worlds. That's why they cannot be equated to goods or inserted in patrimonialist logic. The market might want to cheat by giving a certain price to a painting by Orozco or auctioning a Baudelaire manuscript, but it will never be able to aprehend their true meaning as cultural works. And it's not that culture is not faluable, but taht its estimation criteria do not follow the rules of market, but those of the imponderable and unlimited.
- Price disproportion. Assuming we accept the possibility that intermediaries charge for the services they perform, the value of a book, record or movie should never exceed the daily wage of a worker or employee. But this ellection would only be one more option within the effective possibility that people opt to download or freely copy the cultural work. The final decision as to which media to go to should be a sovereign resolution of the culture-interested person.
- The principle of the most benefit. Even when copies and free downloads over Internet could generate a patrimonial "wrong" to third parties, the cultural benefit obtained by it will always be greater in as much that it carries out intensely the principle to foster, spread and access the cultural heritage of mankind. To think otherwise is to privilege the few over the many.
- The real evil is elsewhere. Murder, women- and children-trade, poverty and misery are the real evils that ache mankind. According to the United Nations, in 2010 there were 468 thousand murders in the world; the estimation is that 3500 million people live in poverty; in their 2009 inform, the UN found over 2400 victims of "people trade", kidnapped as sex slaves; in some regions in Africa, close to 30% of children suffer acute malnutrition and six people (between children and adults) die every day from hunger. That's why pretending that free download of cultural works is an evil is clearly a tricky and deceptive speech
- Against the intermediary-salesman. Culture does not need intermedieries that reduce cultural works to goods. Culture is too important to leavie it in the hands of salespeople that simplistly equate cultural goods with cakes. An intermediary of this kind will never understand the difference between a work of art and a disposable razor blade. What the world needs is more support from the government from every country to artists, creators and poets, as well as ensuring the conditions for the absolute mobility freedom for cultural works.
One week. One long week. One beautiful week. One of the two major weeks of the year has passed since my previous post. Surely, we are in the middle of the two Major Weeks of the year, in the yearly schedule I have upheld for almost(!) ten years: DebConf+DebCamp.
Yesterday, DebConf officially started. For the first time ever, we had a DebConf track targetted at the local (for a wide definition of local: All of the Central American countries) communities, which I chaired.
We had the following talk lineup during this track:
- Empaquetando software para Debian (Gunnar Wolf)
- Introduction to Debian translation workflow and processes (Christian Perrier)
- OpenPGP discussion and skillshare (Daniel Kahn Gillmor)
- Empaquetando colaborativamente con git y collab-maint (Ulises Vitulli)
- Uso del sistema de manejo de errores de Debian (Hector Colina)
- Building free software communities (Leandro Gómez)
I believe it was a great success, and I hope the talks are useful in the future. They will be put online soon thanks to the tireless work of our work team.
Today we sadly lost the presence of our DPL due to very happy circumstances he will surely announce himself. But DebConf will continue nevertheless - And proof of that is our anual, great, fun and inviting Cheese and Wine Party!
After a series of organizational hiccups I hope nobody notices (oops, was I supposed not to say this?), today we had a beautiful, fun and most successful cheese and wine party, as we have had year after year since 2005.
As many other people, we did our humble contribution for this party to be the success it deserves.
There is lots of great cheeses, great wines, and much other great stuff we have to thank to each of the individuals who made this C&W party the success it was. Yes, it might be among the least-academic parts of our conference, but at the same time, it's one of its most cherished -and successful- traditions. And above all else, we have to thank our Great Leader^W^WCheeseMaster (who we still need to convince to play by our Great Leader's mandates - And no, I don't mean Zack here!)
Hugs and thanks to my good and dear friend Christian Perrier for giving form to one of DebConf's social traditions that makes it so unique, so different from every other academic or communitary conference I have ever been part of.
We still have most of the week to go. And if you are not in Managua (and are not coming soon), you can follow our activities following our video streams.
Remember, debian/rules, now more than ever! And even given the (perpetual) heat in Managua: Wheezy is frozen, whee!
[ all photos here taken by regina ]
Yesterday night, Regina and me arrived to Nicaragua. Ready to greet us, we found quite a good number of good friends. We had a nice pizza+beer dinner at Diana's house, and some of the foreigners among us were distributed among the houses of several locals.
This morning, we woke up –together with Víctor, Moray and Gaudenz– in Norman's brother's beautiful house. We had breakfast with the family, were picked up to go to the hotel that will have the ho(n|rr)or to host us all for the following two weeks, and walked to the Universidad Centroamericana (UCA) campus.
Contrary to our usual practices... It seems everything is working fine! I mean, I'm sure we will stumble with some unforseen details and what not... But coming on the very first day to the university, to find that food is all sorted out, that we have food tickets (and they are all printed!), that network works (and it's by a fiber connection that was laid out expressly for us), that we have all the hardware I was worried about, that people are arriving and getting accepted at the hotel. I mean, things work!
So, I'm quite optimistic this DebCamp will have everything ready to be a success — And the DebConf following it as well, of course!
If you have not yet arrived - See you soon!
I will sound monothematic, but I have been devoting quite a bit of work to this topic lately: Trying to stop the advance of e-voting in Mexico, Latin America and the world.
Why trying to stop it? Isn't technology supposed to help us, to get trustable processes? Yes, it's supposed to... but it just cannot achieve it, no matter how hard it is tried — I won't get into explanations in this blog post, but there is plenty of information. Feel free to ask me for further details.
Anyway — Yesterday (Sunday, 2012-06-17) was the fifth simulated voting that will lead to the first wide-scale deployment of electronic voting booths in my country: About 10% of the population of the state of Jalisco (that means, ~500,000 people) will cast their votes on July 1st electronically.
This particular case illustrates how simulated votings can be used to forge a lie: Pounce Consulting, the company that won the e-voting project for IEPC (Jalisco's voting authority), delivered their booths over 40 days late, just before the deadline for the project to be canceled. Oh, and by the way, it's the same company that just failed to deliver on time for another planned local authority (10% of the booths in the Federal District, where I live, where fortunately 100% of the votes will be cast on traditional, auditable and cheap paper).
After this delay, five voting simulations were programmed, to get the local population acquinted with them. The first ones just failed to get the population's interest and had close to 40% failure rates (mainly regarding transmission). Several other "minor details" were reported, including mechanical details that allowed subsequent voters to see the vote of who had just left.
Anyway, making long story short: The fifth and last simulation was held yesterday. Officially, it was finally successful (about time). As these booths include the "facilities" to communicate the results via the cellular network, but the populations where they are to be deployed do not yet have cellular coverage, 10% of the booths will have to be carried back to the Districtal Header (that can be a ~10hr trip) to be counted. Also, in all places, traditional paper stationery and paraphernalia will be printed just in case it is needed (and when will they now? When half of the votes are cast and lost?)
Anyway... e-voting is still in its first stage in Mexico. Right now, I'm sure, no attempts to rig the election will be made (centrally). But every effort will be made (as it has been made) to dismiss the obviously big and nontrivial ways it has failed and will fail, and any problems will be labeled as "minor". And probably by 2018 we will be facing many more states (even nationwide) deployments.
But propaganda fails to see the obvious: E-voting is more expensive, more complicated, leads to more possible failure states. E-voting should not be deployed in large-scale (i.e. more than a couple of hundred voters) elections. Electronic voting is insecure, violates secrecy, allows for fraud. No matter how many locks are put into it.
Note: All of the information linked to from this post is in Spanish and related to Mexico… Part of it will be translatable via automated means, some will not. Sorry, that's what I have, and it's too much text to invest the effort to hand-translate
I have been following the development of the different e-vote modalities in Mexico for several years already, although I have only managed to do so methodically in the last half year or so. If you are interested in my line of reasoning as to why I completely oppose e-voting, you can look at the short article I published in 2010 or the slightly longer and more updated version published in our book in 2011.
Currently, in Mexico there are two different venues of e-vote that are being pushed: Bad and worse. The bad one will be carried out for about 10% of the population of the state of Jalisco and somewhat less for the state of Coahuila (Distrito Federal was also to be in this list, but the contract was cancelled due to the provider company delivering booths with too many problems and unable to deliver in the due time). The worse one is, fortunately, likely to have the least impact. Why? Because it regards votes cast by Distrito Federal residents (the capital entity, where part of Mexico City is located) living abroad. And it will have less impact because of the amount of the population registered for it: We are about 9 million residents in DF, and in the last election (first time IIRC there was the right to vote from abroad) there were only about 10,000 people registered for casting a (enveloped and sent by post) vote. Even if this year we the campaign for this was better (and I'm not yet sure about it), the number of voters will not be enough to make a dent on the results.
I'm not going into details as to why it is bad in this post — I requested information from the DF Electoral Institute (IEDF) with academic interest, to try to find more information about it, and I want to share my results with you — and, of course, to request for your input on how to continue with this. On May 3rd, I sent the following request (this I am translating to English :) You can look at the receipt for the request for the original redaction) to the official contact address, email@example.com:
- What company was hired to develop the system that will be used to receive the votes from Distrito Federal citizens residing abroad that have decided to use the Electronic Voting over Internet procedure ("Vota chilango")?
- What is the technical information for said system? That is, which technological basis was it developed on? Which operating base (hardware) will it be deployed on?
- How many revisions or security audits has the developed system ben exposed to? Which are the entities in charge of doing them? What has been their evaluation?
Of course, I wasn't very optimistic when receiving this information. Still, I have to share my results: My information request was largely denied:
III. The divulgation of this information harms the interest it protects
Given that, were it to be divulged it would affect the informatic security of the refered system. Anyway, we have to point out that said systems have enough measures and security provisions, so that the citizen can emit his vote in a universal, free, secret and direct way.
IV. The damage that can be produced by making this information public is larger than the public interest to know it
This is so because making this information public puts at risk the correct development of the Internet-based voting, because were the technical, purpose-specific information be made public, it could be misused to carry out informatic attacks.
It is also important to mention that a confidentiality agreement was signed with the company that developed said systems.
VI. The time for the information to be reserved
It will be seven years starting at the present resolution, this information will be made public when the reserve period is over or when the target is reached, except for the confidemtial information that it could contain. (…)
In case some other person is interested in following this information, the other two points were answered, and I'll try to get some relevant information from it:
- The company that provided the Internet-based voting solution was SCYTL SECURE INTERNET VOTING, S.A.
- The only entity in charge of conducting a security revision/audit is Telefónica Ingeniería de Seguridad de México S.A. de C.V.. The audit is still in process, and thus it is not yet possible to give any results from it.
So, I don't have any real conclusions yet. I'm just reporting how work is unfolding.
Tomorrow evening (Wednesday May 23) I'll give a talk on the "e-voting in Mexico 2012" subject in Congreso Internacional de Software Libre in Zacatecas, Mexico. I'll talk on the situation on this and the other topics I have been able to work on.
As stated in the 2012-04-30 edition of the Debian Project News, this weekend I will be meeting Holger Levsen (who has been there for over a week now) in Managua, Nicaragua, as part of the Debian Tour 2012, a set of talks meant to raise awareness and interest on Debian between the Nicaraguan (+Central American) user groups, university students, companies and government.
Not all of the planned activities are present in the Debian Tour webpage. I know I will be giving my talk on Debian in the Free Software projects' universe, this Saturday at Universidad Centro Americana (UCA). Besides this, we will be meeting on Monday with the UCA staff to discuss some DebConf-specific issues. Sunday? Well, I hope^Wfully trust we will have interesting activities as well :)
Around two years ago, the OECD presented a study on residential bandwitdth available per country that triggered quite a bit of debate all over the world — I have seen at least criticism to it in Mexico, in the USA and in Australia. It's very easy to take a simplified view of a statistic and bitch on how sorry the state of our country is. In our case, the outcry was that Mexico was the lowest of all of the OECD countries, and I have seen this repeated on so many topics that it what surprises me is that people keep getting surprised at it! OECD does not represent the ≥200 countries in this world (only the top 30, and the meaning of "top" is not unambiguous).
I found this graph that helps me illustrate this point:
While that graphic is part of a report illustrating how sorry the USA should be for their low position, it shows the OECD member countries. And yes, the only country Mexico could be compared in general terms from those in the list is Turkey. Coherently, they are located at positions 28 and 30.
But what prompted me into writing this post? That some weeks ago I was reading a viewpoint article at the Communications of the ACM magazine: What gets measured gets done: Stop focusing on irrelevant broadband metrics, by Scott Wallsten (might be behind a paywall for you — If you are interested, I can share a copy with you, just ask me by email). Wallsten's article contains the following graph:
I found it pretty telling that, although Mexico sits at the extreme of the graph (and the height of our bar makes it very hard to get a real value out of this particular rendering), our ISPs join a very select group of countries (Sweden, Germany, Belgium, Luxembourg and Ireland, in my very subjective measure) by delivering what they promise.
In 2010, the dominant broadband offering was 1Mbps, although higher options have long existed. I always got basically the 100% of what my ISP (Telmex) has promised, even though I have always had the cheapest package available. Some months ago, I got a call announcing we were being pushed 5x into the future, and starting right then, I had a 5Mbps connection. And although I didn't really expect it to be true, I have had a clean 6Mbps (yes, 6 instead of 5) connection.
So, that's it. This post contains no hidden truths, but just what grabbed my attention from a series of data points :-)
I have just bought our plane tickets to Managua, so I can finally say this:
Yes, many of you will ask what happened, I was bragging everywhere I wanted to go by land, driving from Mexico City to Managua. I'd love to, and I'm sure it's completely doable... But we have family issues to attend on July 21, in Argentina. So we will have a beautiful flight schedule (and carbon footprint) for this July:
- June 30
- Mexico→San Salvador→Managua, 17:35-20:30. Yes, this means I will not be in Mexico to cast my vote on July 1st. Well, I had already accepted this would happen... And the price difference was quite sensible.
- July 15
- Managua→San José→Mexico, 16:25-22:20
- July 16
- Mexico→Santiago→Buenos Aires (AEP), 20:30-09:55
- July 23
- Buenos Aires (EZE)→Lima→Mexico, 08:35-19:00
Several people have asked me on the best airline options for this trip. In our case, to Managua, it was with TACA, US$518 total. You can get tickets for ~US$30 less, but the flight goes through Panama instead of San Salvador, for an extra 1000Km – And instead of ~3hr it makes slightly over 6. Yes, on our way back we will be routed a bit South to San José, but it's not as bad, and it's for a very short layover.
For Argentina? Well, we have always found LAN to be the cheapest and most convenient. This time, TACA/Avianca was a very close second, which lost due to almost doubling the flight+layover time
Why aren't we taking a Mexico→Managua→Buenos Aires flight instead? Because it's ~US$150 more expensive per person. Not *that* much, but still some money. And by returning to Mexico and having a night at home, we will save us the hassle of carrying Winter clothes to Nicaragua and Summer clothes to Argentina.
Oh, and if you are planning on dropping by home while we are away and robbing all of our stuff: There's not that much to take from there, and we have already arranged for somebody to be there while we are away. But thanks for thinking about us, anyway!
[update] And what about DebConf12 registration? When is the system opening for us all to register? Soon, dear friends, we are talking about some related issues, and you will have your registrationi open soon.
Ben mentions he left Google Reader and went back to Liferea, but mentions a series of bugs that keep him from being happy. After pondering it a bit, a couple of months ago I also left Google Reader, but I turned to a free webapp: rssLounge aggregator. Although it does not fully cover Ben's wishlist (I'll get to it now), I am happy using it as it covers my main need: Being able to read my stuff from just about everywhere, without installing even a ssh client (that would make public Windows machines a liability for me, as they could sniff my keystrokes while authenticating to my ssh server). So, for me, a webapp is basically a must.
Well, as for Ben's list:
- MAY be a desktop or web application.
Check. Well, I don't know what would fail this :)
- If it's a web application, it MUST be reasonably secure, e.g. it must not be written in PHP.
Fail. It's PHP. And that's my main reason for not uploading it to Debian — I use and enjoy this app every day, but it has some bugs I don't really feel like looking into. And yes, maintaining PHP code is ugly.
- If it's a web application, it MUST allow for multiple independent users on the same server.
Don't really remember, I set it up just for myself. But in any case, you could install a different instance per user?
- If it's a desktop application, it MUST embed a browser engine (presumably Gecko or WebKit) so I can follow links without having to switch windows.
- MUST support organisation of feeds by folders or tags, including combined item lists.
- MUST keep track of which items have been read.
- MUST support a global 'unread items' list. SHOULD only remove items from this list when I refresh it, not as soon as I move away from an item.
Pass. In fact, given that storage is cheap, I have set it to never expire old entries. I don't know if it will ever be useful, but as long as it does not hurt me...
- SHOULD support a three-pane (folder/list/item) view or something similar. Google Reader's list view with expanding items is perhaps even better, though it means links must be opened in a separate tab.
It's more like Google Reader's
- SHOULD support folder and item navigation by keyboard.
- SHOULD have some way to flag/bookmark items for later attention.
- If it's a desktop application, it SHOULD have some sort of download manager to support podcasts.
So, Ben, with only one (big) fail, it might be a good candidate for you.
PS- And hard as it might seem, I am leading an almost-Google-free life now! :) But don't let them hear this, as we want them to keep sponsoring Summer of Code and DebConf.
Some days ago, reading my local Couchsurfing groups, I stumbled across an announcement by Australian Peter Davies to go to each of the 148 stations in the Mexico City Metro system, take some photos of the environment, and document on his impressions.
I have followed and enjoyed the Mexico City Metro blog since I learnt of it, and have grown used to looking forward to the daily post-or-two. Peter writes each of his entries both in English and Spanish (you can tell it's not a native Spanish, but it's a good effort). He has been doing the stations in a very well distributed order (I cannot say it's completely random, but it's surely not lineal or methodical).
I connected wiht his project as I love discovering the city more or less the same way, but with a different system: I try to have at least one long bike ride every two weeks (being "long" something over 40Km). I usually go either to the North or to downtown and to the East by the good old route I always take, and on my way back, at some point I decide just to turn right or left and discover yet another village slurped by the city. I don't usually take pictures, as I'm too much into the cycling thrill, left-right-left-right... But cycling has led me to appropriate my city (I don't know if that's proper English), to make my city really mine, to get to know parts of it I'd never otherwise go to.
Anyway, Peter's is a great way to document urban life. I'm in love with my city, and with expressions of urban appropriation. I loved his project, and if you are interested by what I say, go take a look at his wanderings in the city. I have suggested him two bits to check, but the work is very much an artist's — He accepts my input, but quite probably he will do whatever he pleases ;-) In case any of you is interested in contacting him, I can tell you for a fact he replies :-)
[*] And what is CouchSurfing? Oh, a great community where you can offer a space to crash at your house for unknown people from all around the world. I have never requested a couch, as the Free Software community is much more tightly knit, but I have offered it to several interesting people.
You are scaring away much more than that.
I just came across an invitation for BugCon 2012.
BugCon is a Mexican conference devoted to computer security — I cannot comment on its level or value because, although it's a topic that has long interested me, I must recognize each day I feel less of an expert, nowadays finding myself at the level of a "sysadmin who tries not to be too dumb for his own job security". Oh, and also because it would be completely off-topic for this post.
If you look at Vendetta's (the main organizer) blog post, it will probably give you the impression that the conference is just an excuse for the afterparty: Lets go see some b00bs! Do you think your fellow female hackers will have any interest in joining a bunch of sex-starved, hormone-infested teenagers who only want to pwn a website and grab more pr0n? Do you think females will feel welcome (or even mildly safe) between you? I would not think so. And I also think you are alienating any professional who might have any interest in joining your community, be it as a member, as a mentor, or whatnot.
I cannot right now do a coherent post on this topic, but I can reference you to what I have seen (and read) over the last almost 10 years, when the issue was first brought up to our attention. I am very glad to see that, at least in the Free Software area, there has been a real change of mindset. I hope you are in time to think about it and rectify.
- Timeline of incidents in Geekfeminism. Note that while it seems we see more as time passes, I am almost sure it's because we are more aware of the problem, not because it occurs more often. I hope I'm not mistaken.
- Debconf ftp-masters talk. Myself a Debian person, my first contact with this problematic was being at the DebConf3 ftp-masters talk — And the discussion and action that followed. This led to the creation of the Debian Women group, one of the most (socially, not technically) influent parts of Debian. Great thanks and admiration to their members, as well as to the (male and female alike) people who have worked to form it and make it heard.
I think Debian Women sparked other similar projects such as GnomeWomen (and there is a list with further projects in there), but I cannot authoritatively say who was there first.
- Planet Fedora up-skirting photo (the original post is still available) showed the communit does no longer tolerate this behaviour. Good!
- The Open Source Boob Project. One of the most childlike attempts at humor that surely alienated many would-be female geeks.
- Another conference season, another dumb sexist, a post by Piers Cawley addressing this issue after attending the CouchDB + Ruby: Perform like a Pr0n star talk. Quoting him, Apparently, the difference between 80s truck salesmen and Matt’s audience is that at least 80s salesmen had the grace to look embarrassed.
- Liz Keogh: "I am not a pr0n star: Avoiding unavoidable associations", a hacker woman that clearly felt offense by the CouchDB Pr0n Star joke, and did a thorough and interesting analysis, extending the effects to your work environment.
- Just Say You're Sorry Already (regarding the same incident on CouchDB+Ruby)
- Richard Stallman's EMACS virgins joke incident. It's sad how it's impossible to get Stallman to acknowledge he can also make mistakes and make feel people insulted.
- [update] And of course, MadameZou mentions the very important 2002 HOWTO: HOWTO encourage women in Linux?
Oh, and not the description of an incident, but a very interesting and thoughtful take on this: [pdf] Interesting analysis by Hannah Wallach on the numbers and motivations of women in Free Software groups. I don't know if Hannah has published this in article form, but many interesting points can be understood by looking at the presentation.
My good friend Vendetta: I don't mean this post (longer than what I originally intended) as a way to say you and the conference you are organizing for the third year (IIRC) already is unprofessional or targetted to pimply teenagers. I know the work you have put in it. I hope you see the points I'm trying to drive — You are of course free to have whatever afterparty you have. But, if as the main organizer, you are giving the images of nice chicks at Hooters more weight and relevance than to the conference itself... you are doing yourself a disservice. I hope you can rectify it, and make BugCon attractive to hacker women as well.