Nonsequittal Rumblings

http://unix.rulez.org/~calver/pictures/internet_poster.jpg

Any questions? (If yes…)

Japanese Society for Rights of Authors, Composers, and Publishers (JASRAC) just won a case against 7 dance schools around city of Nagoya on the case of copyright infringement for the use of unauthorized copy of music during the lesson. JASRAC was asking the schools to retro-pay for the 10 year usage fee of 51,300,000 yen (US$460,000).

According to JASRAC, there are approx. 1000 out of 2400 dance schools using illegal copy of music in their lessons. This decision will empower them with the justification to stop the organization from doing so. ( http://headlines.yahoo.co.jp/hl?a=20040928-00000513-yom-soci )

I completely cease to understand how these copyright enforcement organization act. JASRAC’s objective is the protection of the artist’s right for their own artistic creations, and the enrichment of the culture through these artistic mediums. Or so I thought.

Now these people are going after these educational institutions (although they are not part of the core educational curriculum… but still…) to get them more money through these outrageous fines. So, if the dance schools are unable to pay these due fees, and are forced to shut down, isn’t that actually killing the artistic culture? Killing the environment in which kids can have alternative education?

Besides, what is this outrageous fee, even if you’re willing to pay the annual due? That’s 46,000 dollars per year, just so you can use music in your lessons?! Wow, I don’t know how these usage fees are being set…

I’m utterly, completely shocked, I really don’t know what to say.

When more and more data are exchanged between the different parties in digital format, especially over some networks such as the Internet, data security becomes a big concern. My entry about phishing is one of those concerns. And to better protect the confidential information, some systems implement a system that lets password expire every so often, unless you change it to the new password before that expiration data.

Such is the case at where I work, and this includes all the passwords used within business applications embedded in them. And we had a fiasco because of it this morning – 1 password expired, and that broke one of the main pages on our extranet site, as well as a part of the intranet. It took about 2 hours to fix it all. Since it is relatively low profile web site (we only got under 30 inquiries while it was down *sigh*), the impact is somewhat small. I can’t imagine such thing happening to a major sites that we ALL might be using, such as CNN or BBC…

So, a question : would it be better to take the security as top priority, or take the smooth running of business application?
For example, from my view point, Microsoft took better application was picked over the security. I saw this in their Office application – they put more ways to automate tasks, and to integrate different systems together. Including their Visual Basic macro system, integration of HTML in the e-mail system, better coupling of Internet Explorer with Windows operating system as a whole, etc… This just opened up a whole bunch of security holes. (The lack of security awareness on the end users also is a concern, but we won’t talk about it here.) In the beginning, it all makes sense – you can automate things better, things run faster, and you get to be more productive. And more productive you are, you’re doing more good to the entity you are working for.

At the same time, if all those things you’ve worked for also leads to security compromise, that’s a problem. If the lack of the security system loses the trust of your business partners, what would happen? Lost business opportunities, lost revenue, all those bad things. So, the answer is simple – the security must come first, no exceptions.

That’s why the expiring password, in this case, is actually a good thing.

Still, having one of the major communication device also hurts our business. We can’t just say we just have a good security system. There must be a well-established business practice to support such scheme to prevent any system outages – better communication, better documentation, better process streamlining, etc. Yup… that’s what I’ll be working on today…

Aaaah, yes, I finally got first phishing e-mail in one of the inboxes I use. Yup, it was very deceptive at first glance. It had CitiBank logo. The e-mail said it was sent from CitiBank. It says “Recently there have been a large number of identity theft attempts targeting CitiBank customers.” (And now that I typed it up, I notice a few grammatical errors, that should have given away that it’s not official…)

Then, I read on to the sentense that said “In order to safeguard your account, we require that you confirm your banking details. This process is mandatory…” Wait a sec! Mandatory? Hm. We don’t have CitiBank account using this inbox. That raised my suspicion. Then I saw the e-mail title – “CitiBank – 0fficial Information”. Did anyone catch that? Yes, that “0” is not “O”. Then the whole thing broke loose. The message I was reading was not written. It was all an image with the text on it. Clicking on what it looks like a legit CitiBank website URL won’t take me to CitiBank site, it will go to some phishing server. Blah.

Well, I’m glad I caught myself.

And I’m not talking about free mp3 here. Free sheet music! mfiles has put out a few pieces that I can download and print out. Yay! More fresh music! A lot of these are well known, major works. For some reason, I don’t have majority of these. Hey, cool… The only bad thing is, there are quite a few typos in these scores…

I just noticed that http://www.athens2004.com has gone through the complete makeover since the completion of the Olympics, and it’s now a Paralympics site. I get happy when I see stuff like that. Compare that against http://www.nbcolympics.com – there’s no sign of coverage of paralympics there. Seeing stuff like this still reminds me of the low awareness of these special events behind the scenes of the parallel major events… It’s not that I’m very knowledgeable about it. I just want to see that people care more than now.