Thursday, February 22, 2007

QotW5: I phish, you pharm, he loses money

Ocelot: What's your name?

Snake: Snake.

Ocelot: No. Not that name. You're not a Snake and I'm not an Ocelot. We're men with names.

-Major Ocelot and Naked Snake, Metal Gear Solid 3: Subsistence (2006)


What’s in a name, indeed. That question is at the very core of this week’s question. Since people seldom use their full, real names online, often a name, especially in an online community, is the only way to know if you’re talking to the same people week after week. In time, people tend to recognize people by name the same way they’d recognize people they meet everyday. Friendships, or even closer relationships are formed, on the basis that the person behind the name is the same person you’ve been talking to for weeks, perhaps months on end.

There are many areas in which such relationships and the names they’re based on can be found. Be it in online communities like forums, chat programs like IRC or MSN, or even the humble Email, there are many, many places were such exchanges, and therefore the potential for identity theft exist.

Email, for instance, has become a vehicle for one of the more insidious forms of identity theft. This would be phishing, defined as a criminal activity utilizing social engineering methods. (Phishing, n.d.) How does phishing work? By getting inside your head.















Above are two examples of phishing emails, both bank-related. Now, for the getting-inside-your-head bit. Granted the one above is just an example, but imagine that the logos have been replaced by DBS ones, and you’re already halfway there. The one below, shown during Mr. Ian Loe’s presentation, is significantly more realistic. How does it get inside your head? By pretending to be from an institution you know and trust to handle your money, it then asks you for the key to your bank account. And it’s apparently quite effective, too. According to one report, identity theft cost U.S. citizens US$52.6 billion in 2004. (Hooked on Phishing, 2005)

This works for a couple of reasons. Firstly, as mentioned above, the email appears to come from a trustworthy source, and secondly, it appears to be asking for sensitive information for a legitimate reason, such as an expired account or a database update. Thirdly, the email is done up very well, and often looks thoroughly authentic. Finally, the user may already have received emails from the company before (albeit for totally different reasons), and is used to simply complying. And so, passwords, ID numbers, credit card numbers, and all manner of personal data is stolen on an almost daily basis.

Another, similar form of such identity theft is pharming. However, pharming is an evolved version of phishing in that large groups of people can be affected, even when typing in the proper URL. This occurs when a company DNS server is compromised, redirecting traffic attempting to visit a legitimate website to the hackers’, thus serving sensitive personal data on a silver platter. (Pharming, n.d.) This is turns most conceptions of identity theft on its head, since when most people think of identity theft, they think of someone stealing their name or their social security number, and making transactions in their name or withdrawing their cash. As far as pharming is concerned, however, it actually works by diverting web traffic attempting to enter a legitimate company server to the hacker’s, thus allowing them to steal a large number of passwords or data in one fell swoop.

Of course, this does not mean we are all doomed to give our money to crooks who might be working out of their bedrooms in Russia or Czechoslovakia. By utilizing common sense and some equally common utilities available to us (e.g. online certificates), or some of the precautions listed here and here, online transactions can be as safe as face-to-face transactions, or perhaps even more so. After all, you don’t really know what that waiter’s doing with your Visa, do you?


___________________________________________________________

References:

Opening quote taken from Metal Gear Solid 3: Subsistence. Produced by Hideo Kojima, 2006, and published by Konami Corporation, for the Sony Playstation 2 console.

Phishing. (n.d.). Retrieved February 21st, 2007 from http://en.wikipedia.org/wiki/Phishing

Hooked on Phishing (2005). Retrieved February 21st, 2007, from http://www.forbes.com/business/2005/04/29/cz_0429oxan_identitytheft.html

Pharming. (n.d.) Retrieved February 21st, 2007, from http://en.wikipedia.org/wiki/pharming

Friday, February 9, 2007

QotW4: Of giving and receiving

"I don't think you're cut out for an automatic in the first place. You tend to twist your elbow sideways to absorb the recoil. That's more of a revolver technique."

"It's a nice gun, I'll give you that. But the engraving gives you no tactical advantage whatsoever, unless you were planning to auction it off as a collector's item. And you're forgetting one more very basic thing... you don't have what it takes to kill me."

- Naked Snake/Big Boss to Major Ocelot, Metal Gear Solid 3: Subsistence (2006)

Behold, the gift economy at work, even in a video game. The above quote comes from an American CIA (Central Intelligence Agency) operative giving advice to a GRU (Russian acronym, Glavnoe Razvedyvatel'noe Upravlenie, or Main Intelligence Directorate) major about the handguns he uses. And during the Cold War, no less.

The gift economy, whether it’s swapping information on cookie recipes or the advantages of a revolver over an automatic, can be defined as the free giving of anything from information, advice, tech support, or even physical gifts, without expecting immediate, direct reciprocation (Kollock, 1999).

It’s interesting that such an economy has evolved online for a few reasons. Firstly, to put things simply, there are lots of unpleasant people on the Internet. Spammers, flamers, 1337-speakers… It’s a wonder that people cooperate on anything at all, with such a large population of troublemakers out there. Secondly, some of the information and advice that you can find on the internet or in online communities can also be found offline… For a price. For instance, Prima Games, a video game guide publisher, sells books which include walkthroughs, cheats and hints for a myriad of video games. Practically any video game store carries them. And yet on GameFAQs (www.gamefaqs.com), a popular video game solutions page, you can find solutions, cheats and tips for practically any game that existed. Seriously. From the Amstrad CPC all the way up to the Playstation 3, any and almost all games are covered there. For free. You can download guides, look up cheats, and it’s all free and contributed by gamers.

Quick comparison. Prima Games’ official guide to God of War, a 2005 game, costs US$19.99, US$12.99 if you buy the online version from their store. It promises, among other things, the locations of every treasure chest and the stats of every enemy.




Now, compare this with GameFAQS.




First, notice the sheer number of FAQs available. There are 7 different walkthroughs, and 12 in-depth FAQs.




This is just one of the guides. It’s a little crude, with an ASCII logo and what looks like pillars decorating the table of contents. But how much does it cost? Nothing. Just whatever time you spend to download 228KB of data, and whatever electricity powers your PC. And there are countless other guides for countless other games.

The point is simply this. This is a classic example of the online gift economy, where information is freely given, without a request for recompense. Information that other people pay money for, and information that people make money from. Given. Just like that.

Of course, there’s a lot more to discuss concerning the gift economy. For starters, there’s motivation. What drives people like the ones on GameFAQs to write guides and put them on the internet for free when they could make a business out of it? One such motivation could be the need for recognition, or the need to enhance one’s own reputation (Kollack, 1999.). By coming up with effective strategies for solving a game, or devising killer combo attacks, an FAQ writer can effectively become a sought-after expert on whatever games he or she writes on. Of course, the notion of reciprocity also applies, as the writer might need help for another game he or she is playing.

Another example of the gift economy, though not so talked about these days, is the concept of twinking. Twinking occurs in MMORPGs, and is the process by which a high-level character outfits a new or low-level character with significantly more powerful gear than they could otherwise obtain. (Twinking, n.d.) So essentially, it’s a powerful character gifting a weak character, again without the need for instant or direct reciprocation. Many guilds do this, by kitting out new members with basic equipment, and providing them with a certain amount of cash. This enables new members to get into the game quicker, without having to surmount the usual starting difficulties that you might encounter when you try killing anything with a wooden sword.

However, twinking is unique among gift economies in that it has both its positive and negative aspects. As mentioned above, some guilds twink their new members, and this gives them a headstart where adventuring is concerned. On the other end of the spectrum, there are guilds that outfit members with excessively powerful equipment, then turn those members loose on other newbies who don’t have such benefits, effectively reducing those new players’ ability to survive, especially in PvP (player versus player) mode. (Twinking, n.d.) This ruins the game for a lot of people, especially the players who get mowed down. Excessive twinking also has the side-effect of inflating the game’s economy, as rare and powerful items are handed out to all and sundry, thus decreasing their rarity and value. Regardless, the players who give gear (called twinkers) often do so out of generosity, and don’t really expect much beyond thanks. You can read an exaggerated (and fictional) account of twinking here.


It should be noted that not everyone who participates in the gift economy is a contributor. It doesn’t matter what you’re giving out, be it information, advice, music, or MMORPG gear. There will always be people called leeches. Leeches are people, usually online, who deliberately profit from freely given information or effort without supplying anything in return. (Leech, n.d.) In the context of the gift economy, a leech is one who happily takes whatever is offered, without later reciprocating in any shape or form. This, needless to say, is detrimental to any economy, let alone one that works on what is effectively an honour system. Thankfully, leeches tend not to go very far, as gift economies thrive best when everyone contributes something in exchange for what they get.

In conclusion, the internet is a hotbed of gift economies… Where there’s a community, there’s likely to be a gift economy too. And always remember: ‘tis better to give than to receive.
___________________________________________________________


References:

Opening quote taken from Metal Gear Solid 3: Subsistence. Produced by Hideo Kojima, 2006, and published by Konami Corporation, for the Sony Playstation 2 console.

Kollock, Peter (1999). 'The Economies of Online Cooperation; Gifts and Public Goods in Cyberspace" Retrieved February 6, 2007 from http://www.sscnet.ucla.edu/soc/faculty/kollock/papers/economies.htm
Twinking, n.d. In Wikipedia, the Free Encyclopedia. Retrieved 01:20, February 9, 2007, from http://en.wikipedia.org/wiki/Twinking

Gamespy column taken from http://archive.gamespy.com/DailyVictim/index.asp?id=483

Leech (computing), n.d. In Wikipedia, the Free Encyclopedia. Retrieved 01:20, February 9, 2007, from http://en.wikipedia.org/wiki/Leech_%28computing%29

Friday, February 2, 2007

QotW3: RIAA, emulation, oh my!



Copyright is, and rightly so, an extremely touchy subject. In one corner, we have the public, and in the other, the various record/software companies and their tag-team partner, the Recording Industry Association of America (RIAA).

The RIAA’s battle with file-sharing networks dates all the way back to 1998, when then-president Hilary Rosen, an outspoken critic of peer-to-peer (P2P) networks, directed a legal campaign aimed at stamping out illegal file-sharing worldwide, with an eye towards stopping people from sharing copyrighted music. The RIAA claims that such sharing costs the music industry $4.2 billion worldwide. (Efforts against file sharing, RIAA, n.d.) How do they explain this claim? According to them,

“Internet distribution of music, without the consent of the owner of the copyright to that music, harms the careers of current and future artists, both because record companies would have fewer sales, and also because musicians, singers, songwriters and producers depend heavily on royalties and fees gained from their music.” (Efforts against file sharing, RIAA, n.d.)


This is correct, insofar that content owners’ permission should rightfully be obtained. However, as for it harming the careers of current and future artists? That’s a little off the mark. There are those who believe, with some justification, that far from hurting an artiste’s career, having songs shared actually stimulates demand. Let’s talk about the radio for a second here. Is it out of the realm of possibility that you could listen to a song on the radio and say to yourself, “Hey, this song is pretty cool… Think I’ll pick up the CD and listen to the other songs by this band.” Same thing with P2P sharing. You could download a song from the Internet, enjoy it, and decide to check out what else the band is offering. This actually happened to the UK band Radiohead in July 2000, when


“tracks from English rock band Radiohead's album Kid A found their way to Napster three months before the CD's release. Unlike Madonna, Dr. Dre or Metallica, Radiohead had never hit the top 20 in the US. Furthermore, Kid A was an experimental album without any singles, and received almost no radio airplay. By the time of the record's release, the album was estimated to have been downloaded for free by millions of people worldwide, yet in October 2000 Kid A captured the number one spot on the Billboard 200 sales chart in its debut week. According to Richard Menta of MP3 Newswire, the effect of Napster in this instance was isolated from other elements that could be credited for driving sales, and the album's unexpected success was proof that Napster was a good promotional tool for music.” (Promotional power, Napster, n.d.)

Granted that this doesn’t happen all the time, but it is evidence that the untold damage to Radiohead’s career that the RIAA was predicting didn’t happen. Nevertheless, we must acknowledge that music piracy is a growing problem, and fairly speaking, the artistes are entitled to recompense for their work.

However, lawsuits are not the way. The Digital Rights Management (DRM) that Bertelsmann (the record companies BMG, Arista and RCA) placed on a large number of their CDs is also not the way. Compounding the error was Sony BMG, whose rootkit was installed on a PC without the user’s knowledge. Both were supposedly put in to prevent people from copying the CD, but not only could they be bypassed by simply holding down the shift key, they also left a computer vulnerable to certain security exploits. In addition, certain CD players, like those in a car or certain PCs, were often unable to play the CDs at all. (DRM and Audio CDs, Digital Rights Management, n.d.)





This resulted in a massive backlash, especially for Sony, who were eventually forced to recall millions of CDs.

So how do we reconcile the music industry’s need for recompense and the public need for cheap, readily available music? The answer lies in the iTunes shop.



How so? On iTunes, songs go for US$0.99 per song, which at the current rate of 1.7 is about S$1.70. Now, if you were to break down the average CD by track, you would still come up to about $2 a track, but you’re also stuck with the songs you don’t really want or listen to. If, however, consumers were able to download only the songs they want, and pay a fair price for it, sales would take off rather quickly.

Of course, it’s not viable for the whole world to convert to iTunes. Aside from the fact that it’s not available in Singapore, not everybody will want to use iTunes. Hence, the solution would be for a local, or even a regional, online music store to cater to the local/regional market, offering the services iTunes is currently offering.

This would work for a number of reasons. Firstly, people are perfectly willing to pay for songs. This is evidenced by the fact that since opening on April 28, 2003, the iTunes store has sold over 2 billion songs worldwide (iTunes Store, n.d.). That’s in a little over three and a half years. Secondly, if security on such an online store is sufficiently tight, consumer confidence in it would take sales to an even higher level. In addition, on top of songs, the iTunes store also sells MTVs, movies, and TV shows (Video, iTunes, n.d.). A regional online store selling these products would be huge, as another big piracy issue, movies, would be addressed as well.

A similar issue was faced with console game emulators, which are readily available for download all over the Internet. Essentially, an emulator is a program which allows one to play console games on a PC, such as the old Super Nintendo Entertainment System (SNES), all the way up to the Playstation. Below you can see Sega Genesis, Nintendo 64, and SNES emulators, in that order.













At one time, console manfacturers attacked websites hosting such emulators, along with the ones hosting the ROMs or ISO images of the games, instead of the programmers of the emulators, as reverse engineering is protected by U.S. law (Legal Issues, Console Emulators, n.d.)

Interestingly enough, software companies have since begun to utilize emulators for themselves. The most recent example would be the Nintendo Wii, which comes packaged with a Virtual Console that allows users to download (for a fee) and play games from the NES, SNES, and Nintendo 64, along with titles from the Sega Genesis and Turbo-Grafx 16 systems. (Virtual Console, n.d.).

Thus, record companies should go the same route, and offer songs for download in the same manner, and for a reasonable price. People would buy it, the record companies make money, everybody wins.



___________________________________________________________


References:

Recording Industry Association of America, n.d. In Wikipedia, the Free Encyclopedia. Retrieved 23:20, February 1, 2007, from http://en.wikipedia.org/wiki/Riaa

Napster, n.d. In Wikipedia, the Free Encyclopedia. Retrieved 23:20, February 1, 2007, from http://en.wikipedia.org/wiki/Napster

Digital Rights Management. Retrieved 23:20, February 1, 2007, from http://en.wikipedia.org/wiki/

iTunes Store, n.d. In Wikipedia, the Free Encyclopedia. Retrieved 23:20, February 1, 2007, from http://en.wikipedia.org/wiki/ITunes_Store

iTunes, n.d. In Wikipedia, the Free Encyclopedia. Retrieved 23:20, February 1, 2007, from http://en.wikipedia.org/wiki/ITunes

Console Emulators, n.d. In Wikipedia, the Free Encyclopedia. Retrieved 23:20, February 1, 2007, from http://en.wikipedia.org/wiki/

Virtual Console, n.d. In Wikipedia, the Free Encyclopedia. Retrieved 23:20, February 1, 2007, from http://en.wikipedia.org/wiki/

PVP Comic Strip taken from http://www.pvponline.com

iTunes Image taken from Wikipedia, the Free Encyclopedia. Retrieved 23:20, February 1, 2007, from http://en.wikipedia.org/wiki/Image:ITunes_7_coverflow.png