jducoeur: (Default)

Looking for recommendations, in case any of my cat-knowledgeable friends have suggestions. My mother lives in Woburn (shortly to move to Burlington). She has a longhair cat who is currently getting rather excessively fuzzy; she hasn't yet found a regular groomer since she moved to these parts from Amherst. PetSmart isn't looking like a great option (due to hours that don't suit her, I gather).

So: anybody have suggestions of a good cat groomer in the area of 128, between 90 and 93ish? Are there any who do housecalls? (I have no idea if that is a thing or not.) Any recommendations welcomed -- thanks...

jducoeur: (Default)

Those of you who know Niki know that her great passion is for historical medicine -- whether it's teaching SCA folks about bizarre period cures for the plague or her novella about life in the medical tents of the Revolutionary War, she's all about the topic, and has lots to say about it.

She's just begin a weekly blog, focused on Renaissance Medicine, Saltatio Medica. I've just set up a feed here on Dreamwidth for it, [syndicated profile] saltatiomedica_feed -- that should populate later today. Check it out!

jducoeur: (Default)

Sometimes you learn best from lessons of what not to do. In that spirit I forward on The Worst Volume Sliders Possible, a collective tour de force in Bad UX...

jducoeur: (Default)

Just came across an article on Ars Technica (yes, I'm behind): The intelligent intersection could banish traffic lights forever. It's neat stuff: basically, a researcher has designed a traffic-control system for autonomous vehicles, and demonstrated that by using such technology we could enormously reduce how often you have to stop at intersections -- not only speeding up travel times, but improving fuel efficiency quite a bit.

All of which is great, but my Security Architect senses are pinging here. This is postulating an external server that talks to the cars on the road and tells them what to do. That is absolutely terrifying if you understand the typical state of Internet-of-Things security.

But let's put a positive spin on this. This system is at least 1-2 decades from deployment as described (since it assumes only autonomous vehicles on the road). We might be able to head off disaster by figuring out the obvious hacks in advance, so they can be designed around.

So here's the challenge: name ways that a hacker could abuse this system, and/or ways to ameliorate those weaknesses.

I'll start with a few obvious ones:

  • Base story: I (the hacker) send out signals spoofing the controller for traffic intersection T, allowing me to cause nightmarish havoc. Possible solution: traffic controllers are listed in some well-known registry, signed with public keys, so that their signals can be authenticated to prevent spoofing.
  • Assuming the above hacking isn't prevented: I time the signals sent to the cars, telling them all to hit the intersection at the same moment. Crash! Solution: as a belt-and-suspenders thing, cars must not completely trust the signal controllers. Their autonomous checks have to override those signals, to prevent crashes.
  • Reverse of the previous: I send out signals telling all the cars, in all directions, that the intersection is currently blocked by opposing traffic. The entire city quickly devolves into gridlock. Solution: good question. I got nothing.

What else? I'm sure we can come up with more nightmarish scenarios, and possible solutions.

Yes, this may seem like overkill to think about now, but history says that, if you don't design the system around abuses, you will hurt forevermore. Security isn't something you add later: it should be baked into the designs from the get-go. (Which is why it accounts for a large fraction of Querki's architecture, despite the fact that we only have a couple hundred users yet...)

jducoeur: (querki)

TL;DR: info about Querki releases has moved to the new Querki News Space. There's cool new stuff there.

Some of you may have noticed that the Querki Development Journal has fallen silent. That mostly has to do with LiveJournal: under the circumstances, keeping Querki's news outlet on LJ seems less and less useful, so I've basically abandoned it.

That doesn't mean Querki has stopped moving forward, though -- far from it. I've picked up a dayjob with a small consultancy; this has the downside that I have somewhat less time to focus on Querki, but the upside that Kate is no longer stressed about my lack of salary. The boss and I have an agreement that he's paying somewhat less than my usual rate, in exchange for which I'm not taking as much of a leadership role as I usually do; that's specifically so that I can continue on Querki, which is getting disconcertingly close to the point I originally defined as "done enough".

There are a few major features left, and one of them was introduced a few weeks ago: Publications. This has been on the roadmap almost from the beginning, originally named "What's New" -- basically the notion that there should be a formal concept of declaring new stuff in the Space, and pushing that to RSS, a Recent Changes page, and so on. We're finally getting to one of the long-time dreams for Querki: the ability to create structured blog-like-entities in Querki, so that your Cookbook or Songbook or FAQ or whatever can be subscribed to, and folks can see what's new there automatically.

Anyway, what used to be the Querki Development Journal has now become the Querki News -- actually running in Querki, which makes me ever so happy. (Dogfooding is a way of life for Querki.) For the time being, I'll mention here when there are announcements there; before long, it will have its own feed on Dreamwidth. You can find the announcement of Publications there and even more info in the documentation.

Up next: Publication Spaces will gain real RSS feeds! And not long after that, we begin to open up Conversations and Comments to the public, so that Querki can be seriously used for blog-like-entities...

jducoeur: (Default)
For those who are interested in it: I'm experimenting with posting some of my technically-focused articles on Medium. The first one is up: Don't hand out masks of your own face.

Don't worry, I'm not abandoning Dreamwidth -- most stuff will remain here. But I'm going to play with using Medium as a professional/technical blog, for articles where I am spouting off on techie subjects, and don't care quite as much about promoting followup conversation (which works better here).

So if you're interested in the programmer-y stuff, I encourage you to follow me on Medium, and we'll see where that goes...
jducoeur: (Default)

Since my Google-fu is failing me, I'm curious whether any of my friends might know:

I have one high-number port open on our home network, gatewayed to HTTP on my development machine, which is sometimes running an in-development HTTP server. (Sometimes Querki, sometimes other things.) Unsurprisingly, this leads to port scanners trying to break in; if I happen to be running the application at the time, I see fun errors in the log.

(No, there's nothing secret or interesting in the exposed web server -- it's just test data, and the open port is so that I can show folks outside the firewall what I'm currently up to. And if somebody actually can break into it through that, I want to know about that now, on my Linux dev box, rather than in production.)

This morning's errors are a mystery to me, though -- it looks like somebody is attempting to issue a REMOTE command. It's splashing with a "501 Not Implemented", of course, but I have no clue what it is. I had originally been entirely puzzled, since I'm not aware of a REMOTE method in HTTP, but then it occurred to me that, since this isn't port 80 or 443, there's no reason to believe they're trying to attack me with HTTP.

Any ideas what protocol they're sniffing for? This is just idle curiosity, but I like to have some idea how someone is trying to attack me, and there seems to be an automated probe trying this one about once an hour...

jducoeur: (querki)

(Only interesting to programmers, and this time really only interesting to folks who actually build front end pages. But really interesting for those of us who do that.)

Okay, I'm probably late to the party here, and the serious front-end people already knew about it, but last week Otto Chrons (one of my fellow Scala.js geeks) happened to point to an article that mentioned Chrome's current Performance tab. So I took a look, and found it downright revelatory. That turned into the focus of this weekend's Querki release.

If you have Chrome, go check it out: Inspect a page, go to the Performance tab, and reload the page. Poof, you are presented with a wonderland of data. Here is a representative image from Querki, behind the cut tag. (Ignore the nonsensical function names -- that's because the code has all been optimized.)

Read more... )

At the top, it shows a summary of what the CPU was doing while you reloaded. This makes it starkly obvious when the page is just sitting there, waiting for stuff from the network. Below that is a sort of icicle view of exactly what happened when, with each task broken into sub-tasks, and sub-sub-tasks, and sub-sub-sub... you get the idea.

Honestly, it smacked me across the face: it turned out that one reason Querki's page load was so slow nowadays was that it was taking over two seconds to parse a bloody text file, because I hadn't optimized the parser properly. An hour or two of hacking on that, and I'd reduced it by over 80%. Check.

Then there is all that downtime: basically, it would completely lay out the basic page, then go fetch the big scripts, and only once those fed in did it start to process. This led to me reading into the new Preload tag. This is very new (as in, it's been around for about a year), and only supported on Chrome and Opera, so it's not a panacea -- but it does help a lot of the market. Basically, it lets you say "I am going to need this resource soon, so start loading it Right Now". If it's supported by the browser, and you have enough network connections, it starts fetching it in parallel, so the scripts can start to execute as soon as things are ready for them. That seems to shave another second or so off of load time.

Overall, it's a huge win, and the result is that Querki's initial page load is now down from averaging about 6-7 seconds on the desktop to sometimes getting as low as 2 seconds under optimal circumstances. (Among other things, this means that navigating to your index and then over to another Space is much faster than it had been.)

I haven't managed to fix everything yet: there turns out to be another fetch that is sometimes causing delays, which Preload doesn't seem to work on. (Basically, because it's an AJAX request.) That's going to need a serious rewrite, I think. But I hadn't even realized it was a concern until getting whapped upside the head by the Performance tab.

So to summarize: if you're building webpages, Chrome's Performance tab is your friend. It's dense, but chock-full of useful information to help you understand exactly what's taking how long at load time...

jducoeur: (Default)

Okay -- it isn't by any means perfect, but so far it's the best solution I've come up with.

The only thing I miss, in moving from LiveJournal to Dreamwidth, is the native support for cross-posting from here to FB. So for the past couple of months I've been exploring alternatives. The one I've been using was dlvr.it, as described here -- that's adequate, and makes it fairly easy to post links on FB that point to your posts here.

But the thing is, I don't love that, because not many people actually click through those links. And while I may not love FB, I do have a lot more friends there than on Dreamwidth, so I'd like to be able to actually cross-post, not just link.

For a while, I had thought that the answer was Zapier, and I put in a lot of work getting a true cross-post solution working there. But Zapier has one critical flaw: the approach I'm using for cross-posting requires a feature that only exists in their paid version, and Zapier is insanely expensive. (Like, $20/month.) It's just not worth that kind of money. (Yes, I talked to them about it; they brushed me off and refused to even contemplate a more reasonably-priced tier.) So I gave up and went back to dlvr.it.

But -- as of today IFTTT, the grand old man of the "plug-and-play applications" space, officially opened up their Applet program to all comers: you can build your own tools in it, and yes -- like Zapier, it allows you to insert some JavaScript in the middle.

(Why JavaScript? Because your DW feed is in HTML, and if you just post it directly the results look kind of crappy. I want something better.)

So I've spent a little time in the workday cracks today taking the solution I'd built for Zapier and adjusting it for IFTTT. The experience with IFTTT is a bit different from that of Zapier -- a bit less powerful (in particular, their RSS reader doesn't pick up your DW tags, which Zapier did), but with a much better built-in IDE.

I think that's now working adequately -- it's not The One True Solution, but it mostly works. I've published it as a public Applet on IFTTT; feel free to pick it up and use it. You give it the URL of your Dreamwidth RSS feed, and you need to connect Facebook to IFTTT; once you have that, it should, in theory, quietly check your RSS feed every 15 minutes or so, and cross-post new entries to your Facebook wall. It takes each DW post, translates it into something that looks okay on Facebook (basically, it back-translates the HTML to something vaguely like Markdown), and includes the link to the original DW post at the bottom.

Please pass word on to anybody who might care, and tell me about problems. (Hopefully, I can fix any problems -- once I published, IFTTT gave me dire warnings that I could no longer alter my triggers or actions; hopefully I can still edit the critical filter in the middle.)

jducoeur: (Default)

Making progress here, but the last test still wasn't quite right.

It turns out that the combination of IFTTT and Facebook is legendarily persickety when it comes to newlines -- you have to use a magic incantation involving:

  • br tags
  • nbsp tags

All this, despite Facebook not actually accepting HTML. Sigh, but I think it can be overcome.

jducoeur: (Default)

The Science Fictional Singularity is when Artificial Intelligence begins to create new ideas, and Science begins to advance faster than conventional biological humans can conceive.

The Political Singularity is when a Great Orange Artificial (lack of) Intelligence begins to create new scandals, faster than conventional media can conceive.

This commentary brought to you by both Amy Siskind and Jon Oliver remarking on a week incomprehensibly chock-full of scandals, any one of which would have undone a conventional President...

jducoeur: (Default)

Just got the announcement of a new TOS from Twitter today. Nothing dramatically surprising, although I'm mildly annoyed that they are apparently dropping support for Do Not Track.

On the bright side, they are exposing their profile of your "interests", based on whatever data mining and tracking they are doing, including your "interests from partners", "based on your profile and activity".

I'm looking at that now, and it's one of those comforting moments of realizing that at least some of these companies haven't yet gotten so good at the psych profiling. It's almost comically inaccurate, seemingly far worse than random chance -- not only are most of them uninteresting, many of them are active dislikes. (I mean, seriously: can you see me driving a RAM 1500?) Even some of the ones that seem like they should be easy to discern from conventional data are wrong -- I think "Proximity: Giant Eagle" being checked means that they literally have no idea where I am. (Which is a bit weird, because that is not hard to figure out.)

Nor are the "Interests from Twitter" much better. Okay, yes, "Open Source" is accurate, but how they get "NBA Basketball" as an interest of mine is a pure mystery.

There's a sneaking part of me that suspects that this page is not at all what it claims to be; that it's actually starting from "this is every category we can possibly imagine", and it's trying to get me to trim it down to the non-ridiculous stuff. I think I'll take a pass on that, and let myself continue to be apparently confusing to them...


May. 19th, 2017 08:12 am
jducoeur: (Default)

I am impressed by Rod Rosenstein, who is clearly managing to just do his freaking job, as honestly and transparently as possible, while the rest of Washington is collapsing in chaos. He has gone from Unknown to Important in a bit over a week.

And there's an amusing lesson here. While we have a long ways to go before this saga plays out, history may well decide that Trump's biggest mistake was his failure to deal with staffing. Everyone remarks on it -- the way that so few of the important seats in the federal government have been filled yet. It isn't at all clear whether this is due to a knee-jerk Bannon-esque dislike of the bureaucracy, or (more likely) simple incompetence, but the result is that Trump still has relatively few allies in the administration he notionally heads. As many have remarked, he could have fired Comey on Day 1 and only gotten a little grumbling -- this crisis is specifically because Trump waited to fire him only after it become publicly clear that Comey wasn't going to be a loyal yes-man.

That may (God willing) prove a fatal mistake. Because the thing is, if you want to set yourself up as a strongman dictator (and I no longer think it's controversial to say Trump does want that, given his outspoken admiration for people like Putin, Erdogan and Duterte), you need to fill the government with your own placemen. Fascism depends on everyone at the center following your orders. It's not easy to make that happen in the US, but Trump has barely even tried. And hopefully he's already spent so much political capital that it's just going to get harder from here.

We'll see where it goes. But it may well turn out that, in a year where it is hard to respect any of the elected politicians in Washington, it might yet be the civil servants who save the day...

jducoeur: (Default)

Saying that a show at the ART is a standout is no small thing. Last year's standout was The Great Comet, which is up for a big pile of Tonys this year, now that it's on Broadway. The previous year was Waitress, which likely would have won more Tonys if it weren't for, y'know, Hamilton.

So keep that in mind when I say that this year's standout for me is Arrabal, an innovative, affecting ballet of tango.

I had few expectations going into the show -- while Kate tells me that the article some months ago mentioned that there was little spoken word, I apparently had forgotten that, and certainly hadn't ever realized it was a true ballet. There is only a little bit of speech in it, and what little there is isn't English. (There is some video-over, providing translations of the important bits, and a couple of video clips in English that help provide historical context. But basically, it's a ballet.)

While there is a definite story here, a good deal of it is pretty impressionistic -- this is ballet in the American in Paris sense. It's more narrative than pure classical ballet, but you still need to be prepared to interpret the dance. That said, it proves beyond a doubt that tango is every bit as valid a narrative form as either classical or contemporary ballet -- it isn't hard to understand the story being told.

That story is set on a backdrop of the Argentine dictatorship. The first act is set in 1976, as young Rodolfo leaves his baby daughter with his mother so he can go out for a night of dancing and protest, and is then captured by the forces of the rising police state. Most of the rest takes place in 1994, as his now 18-year-old daughter Arrabal goes to the big city and learns about her father. It's very much a coming-of-age story for her, but also a tale of memory, loss and grief for Rodolfo's mother and friends.

And the dancing -- the dancing is breath-taking. This is ballet for the So You Think You Can Dance age: powerful, vibrant, and enormously creative dance. The performances are delightful, and choreography and direction brilliant.

(I was particularly struck by the way that Arrabal's movement idiom is subtly different from everyone else's: more legato and flowing, almost weightlessly emphasizing the youth of our ingenue protagonist. It was especially striking that, as soon as the show ended and the stage turned into an open dance party, she instantly gained about five years as she started dancing like herself rather than her character. That is great dance direction and performance.)

It is mostly tango, but freely mixes in other forms: Arrabal herself starts off with a little bit of classical ballet (which looks terribly innocent in the tango-centric environment), and there's a lot of contemporary and jazz flavor in here to help the storytelling. And one of the major characters, El Duende, has his own unique style that is a sort of fun, fluid hip-hoppy thing.

I'll caveat here that Kate wasn't as enthralled as I: she thought the music was too loud (it is pretty loud, although not rock-concert loud), and she found the constant tango rhythm repetitive. I didn't especially notice either point -- this may reflect the fact that she is more into musical theater, and I'm more into rock. The music is roughly latin rock: a mix of violin, accordion and electric guitar that comes out sounding like nothing quite so much in my experience as Cirque du Soleil.

Kate is still of the opinion that Fingersmith was this year's best show, and I agree that it was brilliant and fun (and would likely translate better to Broadway, so keep an eye open). But Arrabal is brilliant and well worth seeing, especially if you like dance. It runs through June 18th -- check it out...

jducoeur: (querki)
There's been a lot of discussion recently about the asymmetry implicit in "free speech" online. Many services naively subscribe to the principle that More Speech is Better, and that the way to defend yourself against harassment is through more speech. In practice, that's largely bullshit. (See this article from Yonaton Zunger for one good exploration of the topic; it's what got me thinking about the problem more concretely today, on top of [personal profile] siderea's related article a little while ago.)

At the moment, none of this is really a concern for Querki: I initially started with the hyper-safe approach that *only* members of a Space can comment in that Space. This is precisely the opposite of most websites: it means that you at least aren't going to get harassment from outside the community, and you can always boot somebody out of the Space if they turn into a problem.

But in the medium term, that's too limiting: many Querki Spaces are public, and their use cases are going to *want* to allow public commentary. (Part of the inspiration here is that Querki is about to become a viable blogging platform, and public comments are, I believe, necessary for many blogging use cases.) The plan has always been to put moderation front-and-center in such cases, but as I get closer to actually implementing this (it's only a couple of steps down the Roadmap now), I'm starting to chew on this asymmetry, and its implications.

Oh, and keep in mind: while I'm framing everything below in terms of comments, the same policies are likely going to apply to *contributing* to this Space. That is, we're eventually going to provide ways for non-members to suggest new Things in this Space. I *think* the considerations are the same as for comments, since "Things" tend to be text-heavy, so the potential for abuse is the same.

Here are some thoughts and plans, but I welcome your ideas and comments -- this is *not* easy stuff, and I want to get it right, at least in the long run. The following is a combination of long-planned features and thinking out loud about how to make them better.

(NB: Yes, I'm probably overthinking this, and not all of the below will be implemented immediately. But I think it's best to take the problem seriously from the outset.)
Assumptions and Theories )Designs and Features )
What Else? Ideas? Comments? This is a challenging and important topic, and one I care particularly passionately about doing well. I'm open to any brainstorming folks might be interested in here...
jducoeur: (Default)

The Guardian is continuing to impress the heck out of me with their investigative journalism. Here is their followup story, this one considerably shorter and more comprehensible. It continues to point to evidence that Brexit happened because of a literal conspiracy -- and that it may well have been a deliberate dry run for the election of Trump.

I'm immensely curious about how this plays out. I hope that this starts a real drumbeat for proper investigations into the Brexit vote, and the apparently illegal financing behind it. And the really interesting question is, if it turns out that the Leave campaign did break the law, allowing an American billionaire to illegally spend a lot of money to subvert British democracy -- what then? Everyone's been assuming that the referendum happened, and that the results must be adhered to, but if illegal means were used, that reasoning becomes a tad shaky.

As an entertaining counterpoint to all that, I'll add this delicious article-cum-memoir about Brexit from Dominic Cummings, one of the leaders of the Leave campaign. (Thanks to [personal profile] mindways for pointing me at it.) It's immensely long (I'm only halfway through), but a fun read if you enjoy politics. It's a (presumably enormously biased) account of what things were like inside the Leave campaign, redolent of the richest sour grapes -- this is the winner of the campaign describing in gory detail just what a fuckup the whole thing was, and how close they came to losing, not least because of just what a jackass Nigel Farage is.

But beyond that, it's a very readable treatise on practical politics, with a general thesis that anybody who says that anything in politics is certain is either lying or deluded. He repeatedly talks about "branching histories", to show just how essential both luck and a few key mistakes by David Cameron were to the victory of the Leave campaign.

Well worth reading, even if you just take it as a sort of primer in how on-the-ground campaigning really works. Regardless of the Guardian's reportage, and whether Cummings was in on this apparent conspiracy, he gives a good sense of what it takes to win in politics. It's not pretty, but it's kind of fascinating, and rather educational...

jducoeur: (Default)

Signal boost: the Republicans are once again trying to destroy Net Neutrality, with the new FCC Chair making the usual disingenuous BS arguments about it. And this time, they've made it ridiculously difficult to actually comment on it.

Fortunately, Jon Oliver and Last Week Tonight have jumped in to make life easier. If you go to GoFCCYourself.com, it cuts through most of the hoops -- just look for the "+ Express" link on the right-hand side, click on that, and you can enter your commentary.

This is important stuff: the big ISPs have shown themselves to be pretty untrustworthy, and willing to take undue advantage of their position. We need to stand up for Net Neutrality in force, immediately, if we're to have any hope of keeping it...

jducoeur: (Default)

Thanks to [personal profile] cvirtue for pointing me at this impressive piece of reportage from The Guardian, published a few days ago.

I won't kid you: this is long, dense, and hard to quite absorb. But it's one of the most important articles I've seen this year. In it, they dug into the details of why Britain voted to leave the EU, when all the polling had indicated a narrow win for the Remain side.

Slightly to my surprise, this story is not primarily about Russia, although there are hints of their involvement. Rather, this is the story of a couple of rather shadowy military-tied companies named Cambridge Analytica and Aggregate IQ, and an American billionaire named Robert Mercer, doing what appear to be some pragmatic experiments in just how far you can sway a populace simply by crunching the data and manipulating them directly. And yes, Steve Bannon is right at the heart of the whole thing, as the sometime VP of Cambridge Analytica.

This is a story about Brexit rather than Trump, but they don't shy away from drawing the connections there: indeed, this is one of the first times I've seen direct connections between those stories, rather than claims that they reflected some sort of zeitgeist.

I can't say I've digested all of it yet, but the general takeaway seems to be that this is an example of weaponized propaganda, being driven by the American corporate world as much as anywhere. And the evidence of last year is that, yes, it can tilt the playing field at least a few critical percent.

Of course, last week also had the comforting news of the French election, where these tactics (deployed late in the game) seem to have entirely failed. That suggests that this stuff can't entirely swing the game -- Le Pen was losing badly, and she still lost badly. But in a close election (which describes damned near everything at the national level in the US nowadays), it can be solidly effective.

Bookmark it, read it, and stick it in the back of your mind. We can't let it distract too much from the Russiagate scandal, but this is a strong indication that the Kremlin are by no means the only bad guys here. If we're going to be effective in fixing things, we need to understand the full scope of the battlefield...

jducoeur: (Default)

A quick question for the web developers out there. I'm currently doing some consulting work (dayjob to bring in a proper income while Querki keep improving in the background), building a new website from scratch. As always, it needs to be modern and responsive. I'm used to using Bootstrap for this -- it's what I used for Querki -- but it's been a few years since I last took a serious look at the landscape.

So: any opinions between the available frameworks? I know Bootstrap pretty well, but I also hear about Foundation fairly often, and I'm finding another one called Skeleton that I know nothing about. Anybody have any pros/cons to express between these? Do you know any others that are particularly excellent? I'm looking less for just-the-facts (there are comparisons available online), and more for war stories, subjective opinions, and stuff that doesn't show up in the bullet lists...

jducoeur: (Default)

Just came across this sobering article from a few weeks ago. Summary: LiveJournal has been sued, possibly successfully, over their ONTD group -- apparently somebody posted copyright-infringing material there, and because ONTD is vaguely official and (volunteer-)moderated, there's a strong suggestion that the traditional "safe harbor" provisions may not apply.

Suffice it to say, this is not good news. The precise details of how this falls out will determine how much (if at all) it damages the assumptions of zillions of websites, but a broad interpretation of it could be hugely damaging. One to keep an eye on...

ETA: Okay, it's worth reading the actual appellate decision, at least the summary at the top. (Much of this decision is nicely readable.) This clarifies several things:

  • First and most important, this wasn't a decision against LJ per se. Rather, it was the reversal of a summary judgement in favor of LJ. That is, the district court had simply dismissed the case on the grounds that LJ was clearly protected by the DMCA. The appellate court is essentially saying, "No, this one is kind of complicated -- let it go to trial".

  • Second, the key reason why this is muddy is that the moderation team of ONTD is apparently led by an LJ employee. ("Although users submitted Mavrix’s photographs to LiveJournal, LiveJournal posted the photographs after a team of volunteer moderators led by a LiveJournal employee reviewed and approved them.") So it's not just "the users" involved: LJ has a quasi-official presence in the group, so they might be legally liable. That's not actually surprising -- I could have told LJ that that's a legally dumb policy.

    (This is why Querki is designed to be strictly self-policing by the users, and why it's intentionally difficult (at the technical level) for company employees to mess with user Spaces: the line between "official" and "user-directed" needs to be crisp and sharp in order to enjoy solid DMCA protections.)

  • Third, ONTD isn't a normal LJ group. "In 2010, LiveJournal sought to exercise more control over ONTD so that it could generate advertising revenue from the popular community. LiveJournal hired a then active moderator, Brendan Delzer, to serve as the community’s full time “primary leader.” By hiring Delzer, LiveJournal intended to “take over” ONTD, grow the site, and run ads on it." So claiming that this group is run by "users", and therefore is protected by DMCA, is a bit disingenuous.

Overall, I'm somewhat less worried about it, having skimmed the decision. My read of this is that LJ got way too casual about DMCA, and did something strikingly stupid; Mavrix' claim that ONTD is not sufficiently independent to enjoy DMCA protection seems at least somewhat plausible on its face. The court is simply saying that, in this case, it is not obvious that LJ is covered by the DMCA.

While I do think Mavrix are kinda being assholes about it, by the spirit of the DMCA they may well have reasonable grounds for the suit. I'm not sure they're right, and I don't know how this will play out in court, but IMO the appeals court was probably correct in rejecting the summary judgement -- this one is messy, and does need to be properly litigated...


jducoeur: (Default)

October 2017

123 4567
8910 1112 1314


RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags