Skype’s installer falls into the class of installers that dynamically pull components from the Internet during installation. The benefits of such an approach are obvious: smaller installers that download only the latest version of the components actually needed.

The approach is often annoying if, for example, you’re trying to deploy Skype on multiple computers or you’re using an outbound firewall. It doesn’t help matters that Skype does an excellent job of concealing the offline Skype installer on its website.

To download the full standalone offline Skype installer directly from the Skype website, click the link below:

It would be most helpful if companies that use online installers provided easy-to-find links to the offline installer equivalents, particularly where the offline installer equivalents already exist.

If you’re a seasoned Windows native, you’re probably familiar with ImgBurn. ImgBurn is an excellent utility for working with .iso disc images on Windows (and for burning and working with discs generally).

Burn is to Mac OS X what ImgBurn is to Windows—a great, free utility for working with disc images and discs in general. And it’s a great solution if you’re looking for a way to make an .iso disc image from a CD or DVD in Mac OS X.

To make an .iso disc image from a CD or DVD, start Burn and you’ll see the main Burn window:

Click Scan… from the main Burn window, and you’ll be prompted with a list of all the currently mounted images, which will include any CD or DVD in your optical disc drive.

Select the correct image, and click Choose. You’ll be returned to the main Burn window, which will display some of the details of the selected image:

Click Save… from the main Burn window, and specify a filename:

Click Save and you’re done. Burn will dump the CD or DVD to an .iso disc image that you can later mount directly, or use to burn a copy of the CD or DVD.

This article was originally published on 9 November 2010 on newmatilda.com.

With a $43 billion price tag, it’s no surprise that there’s a lot of debate surrounding the proposed rollout of the National Broadband Network (NBN). There’s also a lot of confusion about what the proposed network can deliver, and, in any event, whether it’s worth the projected cost.

Before we begin, let’s outline exactly what the NBN is, and how it’s different from other broadband technologies—acknowledging at the same time that the information available about the NBN is still limited and is likely to change over time.

Over the next eight years the government, through its NBN Co, intends to build a fibre-to-the-premises (FTTP) broadband network, and sell wholesale access to that network to other companies, who will then use that access to provide their services to businesses and consumers. The fibre to be laid can handle much higher speeds than existing cables, and even though the equipment at either end might need to be upgraded, NBN Co argues that this is still cheaper than laying new cable. The NBN will replace the current Telstra copper network, which is to be dismantled. NBN Co and Telstra have negotiated a deal to migrate Telstra’s operations over to the NBN, while giving NBN Co access to their pits and ducts for the purposes of laying this new cable.

Internet access and telephony are the most obvious examples of services that will be delivered using the NBN, but it could also be used to provide other services, such as television and on-demand video.

Under the Government’s plan, 93% of Australian premises—households and businesses—would be connected to the NBN by optical fibre cable, with most of those premises connected by a gigabit passive optical network (GPON). In a GPON, a single fibre optic cable running from an ‘exchange’ splits into up to 128 fibre optic cables, which are then connected to individual premises.

A GPON provides up to 2,500 Mbps of symmetric bandwidth (that is, 2,500 Mbps downstream and 2,500 Mbps upstream) on each fibre optic cable running from the exchange. However, that bandwidth is then shared between all of the users connected to the same splitter. In practice, most GPON networks split the bandwidth between fewer than 32 users and businesses may be eligible to get direct fibre, meaning that bandwidth would not need to be split at all.

Taking all of this into account, NBN Co is saying it will deliver 100 Mbps symmetric bandwidth to the 93% of Australian premises connected using fibre (and at least 12 Mbps asymmetric bandwidth to the remaining 7% of Australian premises using a mix of other technologies).

Other existing broadband technologies, such as DSL, cable, or wireless cannot deliver the high symmetric speed the FTTP network proposed by NBN Co promises.

Industry watchers took a lot of notice when Telstra announced last year that it would roll out DOCSIS 3.0 on its HFC cable network, enabling speeds of up to 100 Mbps—some pundits went so far as to claim that it meant that the NBN would definitely not be built as a result.

Naturally, people compared Telstra’s 100 Mbps claim to NBN Co’s 100 Mbps claim, and concluded that they were the same. But they’re not. On Telstra’s HFC cable network, the 100 Mbps is split between all the users (often hundreds) who share a single node on its network. As explained above, the NBN’s GPON also shares bandwidth in a similar way—but it shares a much larger pool of bandwidth (2,500 Mbps) between fewer users (fewer than 32, typically). Furthermore, should the NBN’s GPON not provide enough bandwidth between 32 users, it can be upgraded to 10,000 Mbps, 40,0000 Mbps, or higher in areas where this is needed.

Similar analysis is applicable to wireless broadband technologies, like Telstra’s Next G network. Earlier this year, Telstra became the first telecommunications company to provide dual carrier HSPA+ services, delivering downstream speeds of up to 42 Mbps. And further upgrades to 84 Mbps are planned beyond that.

But these wireless speeds are theoretical maximums only: they’re attainable only under perfect conditions and, even then, that bandwidth is shared between several users. And unlike the NBN, the technology is asymmetric, so upstream speeds are much slower than downstream speeds-typically less than 1 Mbps.

DSL is the most common broadband technology in use today. ADSL2+ delivers downstream speeds of up to 24 Mbps, but, while the bandwidth isn’t shared between multiple users as with the technologies mentioned above, it is significantly affected by the distance and quality of copper wire connecting the user to the exchange.

Typical downstream speeds are closer to 10–15 Mbps. And, again, ADSL2+ is asymmetric, with upstream speeds typically closer to 1 Mbps. High-speed symmetric DSL services (such as SHDSL) exist, including some services that use more than one copper pair to get higher speeds, but these services are considerably more expensive than ADSL2+ and they’re available only in limited areas.

There’s also satellite broadband, which is expensive, relatively slow, and suffers from high latency as the signal needs to travel an extra 35,786 km or so to geostationary orbit and back. It’s only suitable for remote regions, where other technology cannot be deployed cost effectively.

Hopefully from the above it is apparent that the NBN offers a significant speed advantage—in particular on the upstream side—relative to other available technologies. But the question remains whether that extra speed is worth the extra cost. What does that extra speed actually deliver?

Recently, Shadow Communications Minister, Malcolm Turnbull, remarked that ‘for most, if not all applications, much lower speeds are perfectly [fine]. If you could deliver nationwide 12 Mbps at relatively modest cost compared to the NBN, what is the additional utility [or] value of going from 12 to 100  [Mbps]?’

That view has some support, particularly with the news that only about one in ten households recently offered connections to the NBN in Tasmania took up the offer. And of those households that did choose to connect to the NBN, only a small minority opted to pay for the maximum 100 Mbps speed. It seems that the demand for 100 Mbps connections simply isn’t there.

But all of this misses the point: the NBN isn’t about the bandwidth that today’s residential users need to use today’s consumer services. With an estimated build timeline stretching into eight years, the question isn’t what bandwidth Australians want today, but what bandwidth Australians will need to have to be globally competitive eight years from now.

There are certainly many consumer-level services that could benefit from higher bandwidth. Anything that involves streaming high-definition video on demand needs a lot of downstream bandwidth. The amount of bandwidth needed depends on the resolution and the compression quality: Blu-ray quality 1080p video, for example, has a bit rate between 15 and 40 Mbps, though lower quality video needs substantially less bandwidth.

The Web 2.0 revolution—YouTube and the like—has meant that so-called consumers no longer just consume. They want to create and share content, including video content, with family, friends, and the world. And at current upstream speeds, sharing anything but short or low-definition video is all but impossible.

But it’s really businesses that stand to gain the most from the NBN (except those whose monopolies might be eroded by it). It’s a myth that businesses already have access to ubiquitous, high-speed broadband. While some businesses, particularly those in the CBDs of our capital cities, can get high-speed, symmetric (but expensive) internet access, most business can only get consumer-grade broadband (particularly small businesses in the suburbs).

Anyone who’s ever needed to access a large PDF file from a small business branch office (particularly if they didn’t know which large PDF they were looking for) will tell you how frustrating it is. Because such offices are often connected with asymmetric broadband, like ASDL2+, the speed at which users can access files from other offices is often limited to around 1 Mbps.

The other emerging trend, particularly in business, is towards more cloud computing. It’s a buzzword but the idea is simple. If you’re running a doctor’s office, an accounting practice, a law firm, or just about any business, you’re not in the business of managing servers. Yet many such businesses have to maintain an assortment of servers in order to operate-mail servers, database servers, file servers, and so on.

In many cases, it is more efficient for an IT services company to run these services for a number of businesses in a centralised location with specialised staff, rather than each of these businesses maintaining their own servers.

However, those businesses need to have the high-speed symmetric Internet access to use such hosted services. Most local area networks-the networks that connect computers and servers within a single location, like an office—run at 100 Mbps or more. A 1 Mbps upstream connection, such as that available to many small businesses today, is no substitute.

It is clear enough that the NBN will deliver benefits to businesses and to consumers, the question remains whether it’s worth the cost.

The Government’s Implementation Study estimates that $26 billion of Commonwealth funding will be required to build the NBN. The rest of the funds needed to build the $43 billion network will come from the private debt markets and, once part of the NBN is operational, from NBN Co’s revenues.

In round figures, the $26 billion Commonwealth outlay works out to about $10 per Australian (or $30 per household) per month over the eight year construction period. It’s important, though, that NBN Co will generate revenues from the network, and that the Government presently expects to sell off NBN Co after 15 years with a 6–7% return on this $26 billion public investment.

It’s a question of policy. The NBN will provide speeds that are significantly faster than those that are deliverable with existing technologies. And that speed advantage will enable new services, both for consumers and for businesses. But I’ll leave it up to you to decide whether it’s worth the cost.

I’m a big fan of Google’s Chrome browser, but, as of version 8, Google’s shipping the browser with its own built-in PDF viewer enabled by default. But I like to read my PDFs in Acrobat outside of the browser. So, how do you disable Chrome’s built-in PDF viewer?

Type about:plugins in the address bar and hit Enter:

Once on the Plug-ins page, scroll down until you see Chrome PDF Viewer and select Disable:

That’s it! You’re all done. The only problem now, though, is that Chrome will warn you every time that you try to load a PDF that the file can harm your computer:

For now, it looks like there’s no way to disable this warning. And there are a lot of annoyed people.

I ran into an annoyance trying to clone some Ubuntu LAMP virtual machines that I was using for website development. Every time I cloned the virtual machine, eth0 would go missing, and ifconfig would show only the loopback device, lo.

It turns out that when you clone a VMware virtual machine, the cloned virtual machine’s network interface gets a new MAC address (which, of course, it must to work on the same LAN). But Ubuntu, and many other Linux distributions, cache the old MAC address in a configuration file.

In Ubuntu, the file is /etc/udev/rules.d/70-persistent-net.rules. After cloning, it will contain a reference to the old network interface as eth0:

The easiest way to fix this problem is to simply delete the file. Ubuntu will regenerate it properly the next time it boots up.

sudo rm /etc/udev/rules.d/70-persistent-net.rules

After deleting the file, you need to reboot. After rebooting, ifconfig should show eth0 and everything should just work.

If you’re feeling less adventurous, you can rename the file to *.old so that you can restore it if something doesn’t work:

sudo mv /etc/udev/rules.d/70-persistent-net.rules /etc/udev/rules.d/70-persistent-net.rules.old

You can also edit the file to remove the old reference to eth0, and rename the new eth1 reference to eth0. But deleting the file and rebooting seems more convenient.

The relevant filename is slightly different in other Linux distributions. For example, in Debian, the filename is /etc/udev/rules.d/z25_persistent-net.rules.

This article was originally published on 24 June 2010 on newmatilda.com.

Earlier this week, the Standing Committee on Communications tabled a report on its yearlong inquiry into cybercrime. The report, headed Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime makes 34 recommendations aimed at improving computer security in Australia. One of them in particular — a proposed industry code requiring Australians to install and maintain antivirus and firewall software to access the internet — has sparked some debate.

To assess the merits of that recommendation, it is necessary to understand how ISPs are presently (mostly not) regulated in the area of cyber security, and what exactly the report proposes to change.

The Internet Industry Association (IIA), a group representing ISPs, is largely responsible for writing the codes that regulate them. In relation to cyber security, the IIA recently released a voluntary code of practice titled icode. Among other things, this code lists a number of steps that ISPs may take when they become aware of malware-infected machines on their networks (such as notifying the user or disconnecting the user from the internet), but it leaves it up to the relevant ISP to decide which course of action is appropriate in the circumstances.

The current code is thus doubly voluntary. First, the code itself is voluntary, so ISPs can choose not to comply with it at all, and, second, ISPs that choose to comply with the code are not required to take any particular steps in relation to malware-infected machines on their network. That is, the current code does not provide for any mandatory steps to be taken in relation to malware-infected machines on ISPs’ networks. And in no way does it require users to install and maintain antivirus and firewall software.

The first thing that the new report proposes to change is to have an industry code that is registered. The Australian Communications and Media Authority (ACMA) presently has a power under the Telecommunications Act 1997 (Cth) to register industry codes that deal with certain things. Where such an industry code is registered, ACMA can direct an ISP to comply with the code. Failure to comply with such a direction exposes the ISP to a civil penalty of up to $250,000 per breach. A registered industry code is thus effectively mandatory.

Next, if the recommendations were adopted, ISPs would be required to take certain mandatory steps when malware-infected machines are found on their networks. Specifically, they would be required to notify the relevant users and implement graduated access restrictions (including disconnection) until the relevant machines are cleaned. Importantly, the report does not propose to require immediate disconnection of users whose machines are infected with malware, but rather a graduated response, where disconnection would presumably be the last step. This is important in particular because removal of malware often depends on the installation of up-to-date antivirus software, which is usually obtained online.

Most notably, though, the proposed code would require ISPs to include a contractual term in their acceptable use policies requiring users to install and maintain antivirus and firewall software before accessing the internet. It is this requirement that has raised the most eyebrows.

The most readily apparent problem with this recommendation is that enforcement would be impractical. The proposed code would require a new term in the contract between the ISP and the user, which could only be legally enforced by the ISP (and not, for example, by ACMA). It is not clear whether ISPs would be motivated to enforce these new contractual obligations. Most ISPs’ acceptable use policies currently prohibit the use of their services to infringe copyright, yet as the content industry will tell you, ISPs have not exactly been zealous in policing that part of their policies.

But even if the code required ISPs to actually enforce their contractual rights, for example by disconnecting users who did not comply, it would not be practical for ISPs to verify that their users have up-to-date antivirus and firewall software installed. Arguing that ISPs could manage this task, prominent cyber-security consultant Alastair MacGibbon has made the following point:

There is software available which could be on end-user machines that would allow my ISP, as I log in, to check that I have my firewall turned on, that I have an antivirus that they approve or recommend installed on my computer, and that my operating system and browser are patched — and if those things aren’t met then [my ISP would not] give me [access].

However, such software only works with certain antivirus and firewall products and only works on certain operating systems. And it would put ISPs in the position where they would have to approve particular antivirus and firewall software before users could use it, significantly limiting consumer choice. Approaching the issue of computer security this way appears to create more problems than it solves. Should ISPs be allowed — let alone forced — to dictate what antivirus and firewall products their users may use and what operating systems they may run? And should users be forced to install software from their ISPs that reports back what software they are running to their ISPs?

The other problem with the recommendation is that it is not clear what exactly users would be required to do to comply with these new contractual obligations. Would antivirus and firewall software need to be installed on all devices connected to the user’s network? Antivirus and firewall software for iPhones and iPads, for example, is not available or even possible presently. And there are many other devices for which such software is not as readily available as it is for Windows, including computers running Mac OS X and Linux (arguably because those devices do not need them to the same extent).

The question which then arises is whether any of this is really necessary. Most broadband connections are already provided using a modem-router that doubles as a firewall, and Windows itself (like most other operating systems) already includes a firewall that is on by default. While comprehensive antivirus software is not included with Windows itself (or most other operating systems), free solutions, including Microsoft Security Essentials are readily available. It is not clear how including a contractual term that most users will never read would be any more effective at encouraging use of appropriate security software than would educating users about the need for such software at the time they are provided with internet access (and perhaps via periodic reminders).

Notwithstanding the somewhat controversial recommendations discussed above, it is worth mentioning that the report does cover a lot of ground and makes many other good recommendations. They deal with three areas: aggregation and distribution of data about cybercrime, updating criminal and civil enforcement laws, and educating the public about computer security.

The report recommends setting up coordinated systems to gather and share information about cybercrime, with the aim of using that information to improve responses to online threats. Among other things, this would include developing a reporting system aimed at consumers and small and medium sized businesses, consisting of a centralised portal for reporting cybercrime (including malware, spam, phishing, scams, identity theft, and fraud) and a 24/7 reporting and helpline.

Criminal laws dealing with cybercrime would be reviewed and updated where necessary, and the Australian Consumer Law would be amended in two notable ways. First, consumers would gain a specific right to sue for unauthorised installation of software that monitors, collects, and discloses information about consumers’ activities (ie, spyware). Second, consumers would gain a right to sue a manufacturer for loss caused by a product that was released onto the Australian market with known security vulnerabilities.

Finally, and perhaps most importantly, the report sets out steps to improve community awareness of computer security issues. It does this in two ways. First, the report proposes a ‘public health style campaign’ to deliver messages about computer security issues as well as appropriate behaviours and technical precautions that users should take. Second, the report recommends specific changes to the law requiring, for example, the provision of security information about certain products (such as computers and routers) to users at the point of sale, and requiring also that certain products be designed to prompt and guide users to choose more secure settings (such as setting strong encryption on your wireless access point to secure your network).

While the report contains certain controversial recommendations, that’s normal for reports like this one. Meanwhile the many reasonable recommendations the committee makes — in particular the points about educating users — are a valuable contribution and deserve consideration.

This article was originally published on 18 May 2010 on newmatilda.com.

Electronic Frontiers Australia and the Australian Privacy Foundation raised concerns last week about Google’s use of its Street View cars to collect identifying information about Wi-Fi networks for use in its geolocation service. While that identifying information is relatively harmless, Google has now admitted that it has accidentally collected data sent by users on unencrypted Wi-Fi networks too.

The first half of this story concerns the identifying information about Wi-Fi networks that Google was trying to collect. To explain the practice, we need to cover some basic Wi-Fi concepts.

Each Wi-Fi network is identified by a human-readable name called an SSID (like ‘My Wireless Network’) and a unique hexadecimal number which is usually assigned by the manufacturer of the Wi-Fi access point and called a BSSID or MAC address (like ‘00-17-9A-76-CB-A6’).

Normally, a Wi-Fi access point will publicly broadcast its SSID and BSSID so that nearby computers can display the Wi-Fi network to users in a list of available networks — though most Wi-Fi access points allow you to disable this broadcast if you want.

In addition to that, the BSSID is always sent together with any data transmitted over the Wi-Fi network. Since multiple Wi-Fi networks can operate in the same space, devices connected to a Wi-Fi network need to be able to distinguish between data meant for their network and data meant for other nearby Wi-Fi networks. The devices do this by tagging transmitted data with the BSSID of the Wi-Fi network to which they are connected.

Finally, it is important that the SSID and BSSID are used in the way described above irrespective of whether the Wi-Fi network is secured with a password (WEP, WPA, or WPA2) or not.

It was Google’s collection of the SSIDs and BSSIDs of Wi-Fi networks around Australia that initially gave rise to privacy concerns last week. What Google did was mount Wi-Fi antennas to the roofs of the cars that drive around Australia taking photographs of the roadside for Google Maps Street View. As these cars mapped each city, they collected packets of data sent over nearby Wi-Fi networks. The idea was to take the SSIDs and BSSIDs from the collected packets of data, and to store them in a database together with the information about the location where the SSIDs and BSSIDs were seen.

Google could then use the collected information to provide a geolocation service to its users. The next time a user wanted to know his or her approximate location, he or she could send the SSIDs and BSSIDs of Wi-Fi networks that were nearby to Google. Google could then look up the SSIDs and BSSIDs in its database, retrieve the location where its Street View cars last saw those SSIDs and BSSIDs, and send that approximate location to the user.

In other words, Google’s geolocation service has the same function as GPS: it gives the user his or her location. However, whereas GPS uses the user’s distance from GPS satellites of known location to estimate the user’s location, Google’s geolocation service uses the distance from Wi-Fi networks of known location.

And there is nothing unique about Google’s geolocation service. There are many other geolocation providers that use Wi-Fi networks this way, such as Skyhook Wireless and Geomena.

Whether the practice poses privacy problems is a bit more complicated. In Australia, the principal privacy legislation is the Privacy Act 1988 (Cth), which regulates the collection, use, and disclosure of ‘personal information’. Personal information is defined as information about an individual whose identity is apparent or can be reasonably ascertained from that information.

Ordinarily, information about the location of a Wi-Fi network with a particular SSID or BSSID would not fall within this definition of personal information because it cannot readily be linked to an individual — although the position may be different with respect to Wi-Fi networks that use a surname or phone number as the SSID. It is because this information does not ordinarily identify an individual that its collection probably does not breach privacy laws, and does not pose a privacy problem for most people.

And it is for that reason that the common concern that you could be located using the information that Google collected about your Wi-Fi network is unfounded. Google does not store your details, it stores the SSID and BSSID of your Wi-Fi network. To get the location of your Wi-Fi network back from Google’s geolocation service, a person would have to supply, at the very least, your Wi-Fi network’s SSID and BSSID. It may be conceivable that such a person would guess the human-readable name or SSID that you have assigned to your Wi-Fi network, but he or she would not be able to guess the corresponding unique hexadecimal number or BSSID. The only way that the person could get that information would be to be within range of your Wi-Fi network, and at that point, the person would already know your approximate location.

Another concern — one with more merit — is that websites that you visit might know what Wi-Fi network you are connected to, or what Wi-Fi networks you are near, and then query Google’s geolocation service to find out your approximate location. The important thing here is that your browser does not send information about what Wi-Fi network you are connected to, or what Wi-Fi networks you are near, to the websites that you visit. Sites that you visit simply do not have access to it. The qualification here is that some browsers now have the ability to send information about your location to geolocation services. However such functionality works on an opt-in basis.

So that is the first half of the story. Things took a turn on Friday, however, when Google admitted that its Street View cars had collected not only SSIDs and BSSIDs as intended, but also some of the data that users sent over nearby unencrypted Wi-Fi networks. As its cars received packets of Wi-Fi data, rather than stripping the SSIDs and BSSIDs out of the packet and discarding the rest, the entire packet was saved and later stored on Google’s servers.

That means that if you were using an unencrypted Wi-Fi network as a Google Street View car drove past your house, a copy of whatever you were doing could have been collected and stored on Google’s servers together with your approximate location. Whether the data can identify you personally would depend on what you were doing at the time it was collected. If Google happened to come by your house as you were sending an email, then it may have collected personally identifiable information about you (the email together with the sender and recipient).

Collection of such data could very well breach the Privacy Act 1988 (Cth) or the Telecommunications (Interception and Access) Act 1979 (Cth), which prohibits the interception of communication, including email, passing over certain networks, including Wi-Fi networks. And quite irrespective of whether any law is breached, the practice is a cause for concern.

Google has explained that the collection of this additional data was a programming error. It maintains that it intended to collect and store only the SSIDs and BSSIDs of the Wi-Fi networks that its cars passed. And I have no doubt that that is true. The additional data is of minimal use to Google, and its deliberate collection would be an order of magnitude more irresponsible than what I would think Google could be.

However, that this additional data was collected in error does not make what happened here any more acceptable. This is the second time this year that Google has taken a cavalier attitude towards privacy.

In February, Google released Google Buzz, a Gmail-based social-networking tool. It quickly came to light that Buzz publicly disclosed the email addresses of people who Buzz users emailed most frequently, among other information, without seeking users’ specific consent first. Many users were caught off-guard when their data was unintentionally disclosed to other parties, like abusive ex-husbands.

Google has since corrected its problems with Buzz, but you cannot help but get a feeling of déjà vu as you read Google’s explanation of how it snared unencrypted Wi-Fi data. Google has now vowed to delete the collected data, and to submit itself to a third-party audit to verify that deletion — which was the right thing to do. And it has gone as far as to stop using Street View cars to collect Wi-Fi networking information altogether.

But in light of Google’s recent track record in safeguarding privacy, it would be wise for people to begin questioning what data they disclose to Google. Where people disclose data — whether by entering a search term in Google Search, sending email via Gmail, or broadcasting something as an SSID to the public — it is important that they understand how that data could be used, so that they question how that data is used.

Senator Stephen Conroy jumped the gun by 107 days, announcing that the Government would table legislation to mandate filtering of RC content hosted outside Australia during the autumn 2010 parliamentary sittings.

Depending on the technology, you can bypass the filter by changing your DNS servers, using an encrypted VPN service, or installing Tor (among other solutions). But some of these workarounds can take up to 60 seconds to set up. And using an encrypted tunnel, like a VPN or Tor, will slow your access while you’re using it.

Thankfully, you can also bypass the proposed mandatory filter more conveniently. Just add ?NoCleanFeed or &NoCleanFeed to the end of the blacklisted URL. If the URL doesn’t already contain a ?, add ?NoCleanFeed to the end. If it does contain a ?, add &NoCleanFeed to the end.

For example, if you try to access www.bannedsite.com/page.htm, but you’re blocked, try accessing www.bannedsite.com/page.htm?NoCleanFeed.

If you want to watch a YouTube video that was deemed too shocking for Australian citizens, like www.youtube.com/watch?v=tMiEagk2qN8, you can just try www.youtube.com/watch?v=tMiEagk2qN8&NoCleanFeed instead.

Why It Works

The proposed mandatory filter is to block individual pages containing RC content, and only those pages. It will not block all traffic to a particular IP address or to a particular website. That is, when www.youtube.com/watch?v=tMiEagk2qN8 is inevitably blacklisted as RC content, access will only be blocked to that URL, and not to any other page on www.youtube.com.

That means that you can still view Government-approved YouTube videos, like www.youtube.com/watch?v=03OJvZhU-3M.

To get that result, the filter must block access only where the host and path in the URL (the part before any ?) and the query string (the part after any ?) all match the blacklisted URL. If the filter blocked access where only the host and path matched, all YouTube videos would be blocked when any YouTube video was blacklisted because the host and path for all YouTube videos is the same (www.youtube.com/watch).

Web servers, however, normally ignore unrecognised query string parameters. For example, YouTube looks for a v parameter, which contains the ID of the video to play. You can also optionally specify a fmt parameter to specify the desired video format. And there are several others that YouTube understands. Changing these parameters will change the page that YouTube returns.

But if you pass YouTube a parameter in the query string that it doesn’t recognise, like NoCleanFeed or some other arbitrary string, it will just ignore it, and display the same content as if it were absent. But since the URL is no longer the same as the blacklisted URL, the filter won’t block it.

The same is true for most other web servers. For example, try www.google.com/search?q=test and www.google.com/search?q=test&NoCleanFeed. You should get the same page both times (though ads and other dynamic content may change).

When It Won’t Work

Most servers will ignore unrecognised query string parameters, but not all will. Where the server doesn’t ignore unrecognised parameters, you may get an error or an unexpected page. In that case, you’ll have to fall back to one of the other methods for bypassing the filter.

And, of course, if all else fails, you can still send your favourite RC content by carrier pigeon. It’s faster than Australian Internet access anyway.

Windows Live Writer (download) is an exceptional tool for blogging. But its most useful feature, WYSIWYG editing, relies on an inelegant mechanism to detect the theme used by your blog.

To detect the theme, Windows Live Writer will publish a skeleton post to your blog, read it and save its theme, and then delete it. Sometimes the post isn’t deleted. Other times, it’s indexed by Google, FeedBurner, or other similar services before it’s deleted.

The result is an Internet littered with Temporary Posts Used For Theme Detection.

Obsessive compulsives like me don’t want these posts associated with their blogs. Thankfully, it turns out that you can write a plugin for WordPress to prevent these posts from ever appearing on your website.

Create a new text file called orz-live-writer-helper.php. Copy and paste the above code into that text file, and save it.

Make sure that the very first characters in orz-live-writer-helper.php are <? and that the very last characters are ?>. If they’re not (for instance, if you have a space after ?>), you may get a ‘Warning: Cannot modify header information – headers already sent…’ message. More info.

Create a new directory called orz-live-writer-helper in your wp-content/plugins directory, and upload orz-live-writer-helper.php to the new directory. Finally, activate the plugin by logging into WordPress as an administrator, selecting Plugins from the menu, and selecting Activate for the Orzeszek Live Writer Helper plugin.

The plugin works by hiding any post where the title is ‘Temporary Post Used For * Detection (*)’ from all pages on your blog, as well as from your RSS feed. Users and bots accessing your site, or your RSS feed, won’t be able to see the temporary post.

You can still view the post when logged into the management interface (ie, when logged into wp-admin), so that you can delete the post if it hasn’t been deleted automatically. And, of course, Windows Live Writer can see it too, so that its theme detection engine continues to work.

Hopefully, this will end the flood of Temporary Posts Used For Theme Detection, at least on WordPress blogs.

Note: The present version of Windows Live Writer creates a post titled ‘Temporary Post Used For Theme Detection (*)’. Old versions created posts titled ‘Temporary Post Used For Style Detection (*)’.

If, in a future release, the title of the temporary post changes to something other than ‘Temporary Post Used For * Detection (*)’, you will need to update the code accordingly. (The % is a wildcard in the SQL WHERE clause.)

The Australasian Legal Information Institute (AustLII) site is a great resource for Australian legislation. While far from perfect, it’s considerably more convenient than the government-run alternatives, at least when you just want to check a section quickly.

However, if you want to check a section, say s 52 of the Trade Practices Act 1974 (Cth), you have to go to AustLII, select Commonwealth from the menu on the left, find and select Commonwealth Consolidated Acts, select T, scroll through the list to find the Act, and, finally, scroll through the list of sections to locate the right section.

There is a better way:

If you’re using a browser that supports search keywords, like Firefox, Chrome, or Opera (or Internet Explorer with the right tool), you can add a keyword for your favourite act. For example, you can add a tpa keyword, so that when you type tpa 52 in the address bar, you’re taken directly to s 52 of the Trade Practices Act 1974 (Cth).

Add an Act Keyword

To set up a keyword for an act in Firefox, first find the act on AustLII and go to any section. Add that section to your bookmarks, and open the new bookmark’s properties (right-click on the bookmark, and select Properties).

The location for the bookmark will be something like …/tpa1974149/s52.html. You’ll need to change this, replacing the section number with %s, so that it looks like …/tpa1974149/s%s.html. The browser will replace the %s with whatever you type after the keyword in the address bar.

Finally, you’ll need to choose a keyword. This can be whatever you like. The finished bookmark should look something like this:

Now, when you type tpa 52 in the address bar you’ll be taken directly to the correct section.

Things to Remember

Remember that the way this works is that the browser replaces the %s in the location for the bookmark with whatever you type after the search keyword. This has some consequences.

For example, even though s 51A of the Trade Practices Act 1974 (Cth) has a capital A, the address for that section is …/tpa1974149/s51a.html. A capital A won’t work, so you have to type tpa 52a.

Another example is the Income Tax Assessment Act 1997 (Cth). All of the sections in this act include an en-dash, like s 6–5. However, AustLII replaces the en-dash with a period, so that the address for s 6–5 is …/itaa1997240/s6.5.html. To use a keyword, you have to type itaa 6.5.

Advanced Keywords

Tax lawyers will be familiar with the two most fundamental tax acts: the Income Tax Assessment Act 1936 (Cth) and the Income Tax Assessment Act 1997 (Cth). Sometimes you need one, and sometimes you need the other. But it’s a pain to type itaa1997 6.5.

On AustLII, every section in the Income Tax Assessment Act 1997 (Cth) has a period in it, and no section in the Income Tax Assessment Act 1936 (Cth) does. So, we can use JavaScript to check whether the section typed after the keyword contains a period, and go to the right act accordingly.

To do that, replace the location in the relevant bookmark with the code below:

Make sure that all of the text is on one line and that there are no spaces.

Now, when you type itaa 6.5 you’ll be taken to s 6–5 of the Income Tax Assessment Act 1997 (Cth), but if you type itaa 65 you’ll be taken to s 65 of Income Tax Assessment Act 1936 (Cth).

On 20 June 2009, a young woman, Neda Agha-Soltan, was shot and killed during the Iranian election protests. Her death was captured on video, and spread virally on the Internet, becoming a rallying cry for the Iranian protests.

Given the notorious attempts by the Iranian government to censor the protests, both online and in the media, I thought it would be fitting to test Senator Stephen Conroy’s assertions that the Government’s proposed mandatory Internet filter was unlike the censorship that occurs in Iran and under other undemocratic regimes.

I submitted the following to ACMA:

I am an Australian resident. I believe the content at the following links is prohibited content or potential prohibited content hosted outside Australia within the meaning of the Broadcasting Services Act 1992 (Cth).

[URL 1: Boing Boing post with embedded YouTube video showing the death of Neda Agha-Soltan and associated commentary.]
[URL 2: YouTube video showing the death of Neda Agha-Soltan.]
[URL 3: YouTube video showing another angle of the death of Neda Agha-Soltan.]

Each contains graphic video, apparently real, of a young girl shot in the chest and bleeding to death over the course of a couple of minutes.

The first link has no restrictions for viewing the video (but contains a textual warning). The second two links require registration and a declaration of date of birth (and also contain textual warnings).

The videos document the recent violence in Iran.

I have removed the URLs for legal reasons. If you haven’t already seen these videos, they’re easy enough to find (but be warned: they are graphic).

Today, 64 days later, I received a notice from ACMA confirming that the content was prohibited content.

As part of the ACMA’s investigation of the complaint, it applied to the Classification Board for classification of the content concerned. As a result of the Classification Board’s decision, and as the content is not subject to a restricted access system, it is prohibited content under clause 20(1)(b) of Schedule 7 to the Broadcasting Services Act 1992 (the Act).

The videos are certainly graphic, and I can see why there would be demand for a service that allowed people to avoid content such as this, if that is their individual choice.

However, under both the current and the proposed systems of Internet censorship in Australia, the Classification Board’s decision is binding, to varying degrees, on individuals. For instance, now, Australian-hosted sites cannot link to these videos.

Not the Classification Board or ACMA’s Fault

The Guidelines for the Classification of Films and Computer Games provide that the Classification Board classify violent content with an impact higher than ‘strong’ R 18+ and that the Classification Board refuse classification of content that contains gratuitous, exploitative, or offensive depictions of cruelty or real violence that are very detailed or that have a high impact.

The relevant video certainly does have a high impact, and I don’t see a problem with the Classification Board’s decision. It is reasonable.

Similarly, ACMA has an obligation to blacklist (ie, add to the list of websites containing prohibited content, which is distributed to makers of IIA Family Friendly Filters) any site hosting prohibited content overseas. ACMA has no discretion not to blacklist content that meets the statutory definition of prohibited content.

You can, however, blame the people responsible for the law: the members of parliament responsible for passing this law originally, and the members of parliament today responsible for not repealing it.

Not Refused Classification

Although the position was ambiguous initially (and is arguably still uncertain), Senator Stephen Conroy has now stated that the Government wants to constrain mandatory Internet filtering to content that is refused classification. (Though, refused classification content is much broader than his statements suggest.)

The notice that I received from ACMA indicates that the content was classified R 18+. It made reference to the Broadcasting Services Act 1992 (Cth) sch 7 cl 20(1)(b), which relates to R 18+ content that is not subject to a restricted access system.

Although it’s implied, it’s not absolutely clear that the classification for each of the three submitted URLs was the same.

Because this content was classified R 18+ and not refused classification, this content would not be subject to mandatory filtering under a regime that mandated filtering only of content that has been refused classification.

Banned?

The proposed mandatory Internet filtering will only apply to content hosted outside of Australia. Presently, prohibited content hosted outside of Australia is added to a blacklist that you can opt into. Under the proposed system, the subset of prohibited content that is refused classification content would be blocked mandatorily.

However, none of this applies to sites hosted in Australia. ACMA can still issue a take-down, or link-deletion notice, to any site hosting, or linking to, R 18+ content that is not subject to a restricted access system (or other prohibited content). And you can be fined $11,000 per day if you don’t comply with the notice by 6:00 pm the next business day.

There are also state laws that are relevant. For example, the Classification (Publications, Films and Computer Games) Act 1995 (SA) s 75D makes it an offence to make available or supply R 18+ content using an online service, unless the content is subject to a restricted access system. So, it appears that it’s illegal for South Australians to link to this video (unless they comply with the very onerous restricted access system requirements). The law in your state or territory may vary.

What’s the Point?

The point wasn’t to criticise the Classification Board’s judgment or ACMA’s judgment. They’re merely fulfilling their obligations under the law. The point was to demonstrate how Australian classification law can affect your ability to view significant material because it is disturbing.

It also illustrates the hopeless of trying to suppress content on the Internet. It took 64 days for ACMA to respond to the complaint, and it’ll take even longer before the content is actually added to the IIA Family Friendly Filters.

Of course, it’s trivial to bypass IIA Family Friendly Filters, and it’ll be just as trivial to bypass any mandatory filter. And there are many sources for this particular content, other than the three URLs that ACMA has now blacklisted.

The final and most important point is that all of this is merely anecdotal. The treatment of this particular content is irrelevant. The question is whether you want to decide what content is significant, and what content is too disturbing, for yourself. Or would you like the Classification Board’s decision to be binding on you?

This post is not intended as legal advice. I make no representations whatsoever as to its quality, and will not be liable for any loss, injury, or damage howsoever resulting from it. Seek independent legal advice.

Today, Online Opinion posted an article by Abigail Bray, a post-doctoral research fellow at the University of Western Australia, which is summed up perfectly by Geordie Guy on Somebody Think of the Children:

She writes how a ‘couple of weeks ago’, which I’ll presume is some sort of modern parlance for the ‘in a reproducible experiment performed under controlled conditions’ we expect from academics who submit articles for publication, she went looking for pornography. Astoundingly she found it.

Naturally, people flocked to reproduce Abigail Bray’s experiment of searching Google for ‘sex’. What was surprising was that the results varied significantly for different people. So, I tried myself, and I found that the results were very different when searching Google for ‘sex’:

… than they were when searching Google Australia for ‘sex’ on Australian sites:

Both searches were performed with the default settings: SafeSearch set to medium, logged out of any Google account, and with no cookies. Your results may vary depending on your settings (and your location).

Of course, you would expect Google results to vary when searching different countries. But I hadn’t expected such a large degree of variation. I had assumed that sex was a universal topic.

Update: Made corrections in response to comments by Alan J Lee, Omegatron, and Jim Stewart below. In particular, I had forgotten to mention that I constrained the search on Google Australia to Australian sites.

Here are my results searching Google Australia for ’sex’ without limiting the search to Australian sites:

And I had forgotten (somehow) that hosting pornography in Australia is at least impractical, as ACMA can issue a take-down notice that requires the host to remove such content by 6:00 pm the next business day or face $11,000 per day fines.

So, it’s not at all surprising that far fewer pornographic sites would come up when searching only Australian sites.

I needed a simple countdown timer utility for Windows, but I wasn’t satisfied with any of the options available. So, I wrote Orzeszek Timer.

Just enter the time to count down in just about any format, and hit Enter to start the timer. When the timer elapses, you’ll be notified by an optional alarm.

Orzeszek Timer also supports specifying the time to count down as a command line argument, as well as the new Windows 7 Taskbar Progress Bar overlay.

You may also want to try out the excellent E.gg Timer web app by David LeMieux and Ben Lew available here.

If you use both Windows Media Player and iTunes to manage your music, keeping your ratings synchronised can be a pain. Orzeszek Ratings lets you sync your play counts and ratings between Windows Media Player and iTunes with two clicks.

Windows Media Player and iTunes must be installed on the same computer, and must be pointing to the same files for Orzeszek Ratings to sync the play counts and ratings for the files.

That means that ratings and play counts for any files that are converted when they’re added to your library (like WMA files added to iTunes) won’t be synced, since your Windows Media Player library and iTunes library are no longer referring to the same file.

You may also want to check out MusicBridge. MusicBridge has a few more options, including the ability to sync track number, name, artist, album, album artist, year, genre, album art, and rating (but no option to sync play count).

However, I’ve found that MusicBridge’s rating sync is quirky. Some 3-star ratings in Windows Media Player become 2.5-star ratings when synced to iTunes, etc. The reasons are explained somewhat here. This quirkiness is one of the reasons why I wrote Orzeszek Ratings.

A couple of days ago, Wired reported on the questionable use of Flash cookies revealed by a UC Berkley study. While non-novice Internet users are generally aware of cookies and their implications, fewer users are aware that Adobe’s popular Flash plugin stores its own cookies separately from normal browser cookies.

If you’re using Mozilla Firefox, you can use the BetterPrivacy add-on to automatically delete all of your Flash cookies each time you close your browser. You can also configure BetterPrivacy to delete the cookies every few minutes. Or to allow you to manually delete them using its interface.

If you’re using Internet Explorer, Chrome, or another browser, you can also use the Flash Settings Manager found here. It’s a good idea to browse through this anyway, as it contains some handy privacy settings (including the ability to disable Flask cookies entirely).

And, for Mac OS X, there’s Flush.app.

Slow and buggy file transfers are a problem with Windows Live Messenger (and MSN Messenger before it). Windows Live Messenger relies on UPnP to establish a connection between the sender and recipient of a file, and it doesn’t allow advanced users to specify the external port and IP address manually.

If you don’t have UPnP on your network, or if it fails for some reason, Windows Live Messengers falls back to a mode where it routes the transfer through an intermediary. This slows the transfer, and is often unreliable.

Orzeszek Transfer works as a simple HTTP server that serves only the files you have explicitly specified. When you add a file, it creates a URL that you can send to anyone who has a web browser or a download manager. They can then download that file directly from you.

It’s a convenient way to transfer larger files without using an intermediary. And it supports resuming broken transfers and multi-part transfers, so long as the client does.

Orzeszek Transfer doesn’t support UPnP though, since it’s intended to be used when UPnP has failed. (If UPnP was working, you wouldn’t need it in the first place.) That means that you’ll need to forward an external port, 30000 by default, to your local IP address.

Your external IP address is detected automatically, though you can override this behaviour if you want.

You can download Orzeszek Transfer here.

A lot of people got excited when Mozilla announced in 2007 that Firefox 3 would include a visual refresh focussing on system integration. Finally, Firefox would look like it belonged in Windows Vista. Sadly, that wasn’t the case, and Firefox today still looks like it belongs in the last decade.

Recently, a number of blogs have picked up these screenshots, showing mock-ups of the interface for Firefox 3.7. But what I found more interesting was the proposed interface evolution shown here:

After stopping off briefly at Firefox 3.7, the interface continues its evolution until it’s practically indistinguishable from Google Chrome.

I happen to love the Chrome interface, so, if accurate, this is nothing but good news. But it’ll be a long wait until Firefox 4.0. The question now is whether Google can add support for extensions to Chrome before Mozilla adds a modern interface to Firefox.

One of the annoyances about the default tag cloud widget in WordPress is that there is no easy way to change the minimum and maximum font size that the widget uses. While the recent release of WordPress 2.8 doesn’t add any UI to change those sizes, it’s now easier to change them than before.

WordPress 2.8 adds a new widget_tag_cloud_args filter, which you can use to override the default arguments that are passed to the wp_tag_cloud function. The filter provides a keyed array, where the smallest, largest, and unit keys represent the smallest font size, the largest font size, and the unit (‘pt’, ‘em’, ‘px’, etc) used by the default tag cloud widget.

You can change the minimum and maximum font size that the default tag cloud widget uses in WordPress 2.8 by creating a new plugin that hooks that filter as explained below.

Create a new text file called orz-tag-cloud.php. Copy and paste the following code into that text file, changing the relevant values (shown in bold) as desired, and save it.

Create a new directory called orz-tag-cloud in your wp-content/plugins directory, and upload orz-tag-cloud.php to the new directory. Finally, activate the plugin by logging into WordPress as an administrator, selecting Plugins from the menu, and selecting Activate for the Orzeszek Tag Cloud plugin.

Make sure that the very first characters in orz-tag-cloud.php are <? and that the very last characters are ?>. If they’re not (for instance, if you have a space after ?>), you may get a ‘Warning: Cannot modify header information – headers already sent…’ message. More info.

Update 1: I updated the plugin to be even simpler and more streamlined. I had originally adapted the plugin from a more complex plugin that provides certain functionality specific to my blog. The original class structure was unnecessary for this simple plugin, however.

Update 2: I updated the instructions to place the orz-tag-cloud.php in its own folder to minimise the potential for conflicts with other plugins.

Update 3: Added a note indicating the cause of the ‘Warning: Cannot modify header information – headers already sent…’ message, and how to avoid it.

I did it. I bought a Razer Mamba mouse. It’s a AU$200 mouse, AU$140 of which is in the form of its packaging. Besides being beautifully designed, it performs very well, and it’s highly recommended if you have the money.

Being inclined as I am, I decided to read through the legalese that accompanies the mouse, including the EULA for the driver software.

Razer™ IS WILLING TO LICENSE THE ENCLOSED SOFTWARE TO YOU ONLY ON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENSE AGREEMENT.

That’s generous. I wonder what kind of license they’re willing to grant.

Razer™ grants you a non-exclusive, revocable license to use one copy of the enclosed software program, licensed and not sold to you, (“Software”) on one computer only with the Razer™ product you have purchased. No other rights are granted. [Emphasis added.]

It’s good to know that I won’t be able to use this mouse with more than one computer, especially given that it comes with on-board memory specifically for the purpose of easily moving it between multiple computers.

Installation on a network server for the sole purpose of your internal distribution of the Software is permitted only if you have purchased an individual Software package or concurrent dedicated license for each networked computer to which the Software is distributed. …

You may not transmit the Software over a network (except as expressly permitted above) or electronically using any means. [Emphasis added.]

So I can’t store it on my home server either. Nice.

It goes without saying that Razer does not, I’m sure, intend to enforce any of this. Indeed enforcement would be difficult for a number of reasons, particularly Razer’s inconsistent advertising. (I would emphasise, however, that there is no fair use concept in Australia.)

One of the goals when drafting a contract is to protect your client’s interests. But the other is to give effect to the bargain struck. It’s incredibly frustrating when lawyers draft licenses such as this and completely ignore the latter.

Yesterday, Australian IT ran a story suggesting that Senator Stephen Conroy is backing away from the ‘mandatory’ in his mandatory Internet filtering plan. The story refers to statements that Senator Conroy made in a Senates Estimates hearing suggesting that filtering could be implemented with a voluntary industry code.

To explain what he (probably) meant, I have set out how filtering is governed by a voluntary industry code today, how this can be changed to make filtering mandatory, and what exactly is ‘voluntary’ about this industry code.

Status Quo

The Broadcasting Services Act 1992 (Cth) sch 5, which is presently in force and has been for years, already provides that ISPs must filter ‘prohibited content’ and ‘potential prohibited content’ hosted overseas notified to them by ACMA.

However, that filtering is subject to any industry code (a code made by a body or association that represents ISPs) that sets out a notification scheme for such content and procedures that ISPs will follow when notified of such content.

In other words, the Act provides that ACMA can direct ISPs to filter out ‘prohibited content’ and ‘potential prohibited content’ hosted overseas unless ISPs have made a code that says that they will deal with the content in some other way.

The Internet Industry Association (IIA) has made such a code. The most recent version is the Internet Industry Codes of Practice 2005, and it’s registered by ACMA here. The Code provides that ACMA will notify the content to makers of IIA Family Friendly Filters, and that ISPs will distribute those filters to customers who want them at no more than cost. Effectively, this creates an opt-in filtering system.

What Senator Conroy was saying was that there are two ways to introduce mandatory Internet filtering: change the legislation so that ISPs have to filter despite any code or change the code to require mandatory filtering.

Voluntary Codes are Mandatory

But if the industry code is voluntary, how can it provide for mandatory filtering? The answer is that compliance with a registered industry code is not really voluntary.

The code is voluntary in that the IIA (or some other body or association that represents ISPs) would have to voluntarily make it (as opposed to legislation which is simply imposed by Parliament). However, once it’s made and registered by ACMA, ACMA can direct an ISP to comply with it.

While failure to comply with the code is not itself an offence, failure to comply with a direction to comply with the code is. The penalty is $5,500 for each day of contravention for an individual and $27,500 for each day of contravention for a body corporate.

Effectively, compliance with the code is mandatory.

Conclusion

In this way, even though the code would be voluntarily made, ISPs could be required to comply with it, making filtering effectively mandatory. And even if compliance with the code were truly voluntary, filtering could still be mandatory from the perspective of the end user if enough ISPs chose to comply with it.

None of this is to suggest that the IIA is likely to change the code to mandate filtering. Indeed, given the opposition to filtering, it’s unlikely that ISPs would volunteer to implement filtering on a mandatory basis (especially with the overbroad definition of ‘prohibited content’ in the current Act).

Unfortunately, though, it’s a little too early to celebrate victory over mandatory filtering.

This post is not intended as legal advice. I make no representations whatsoever as to its quality, and will not be liable for any loss, injury, or damage howsoever resulting from it. Seek independent legal advice.

While I have attempted to write this post without bias, I am opposed to any plan for mandatory filtering of online content.

No normal person would care, but Microsoft has finally added support for OpenType ligatures in Microsoft Word 2010 (Word 14). I’ve posted previously about indications that OpenType ligatures would be supported in Word 2010, but since the Microsoft Office 2010 Technical Preview leaked, we know for sure.

OpenType ligatures aren’t enabled by default, though.

To enable OpenType ligatures, right-click on some text, select Font, select the Advanced tab, and select Standard Only from the Ligatures combo box. This enables the standard ligatures, like fi and ffi.

Depending on the font that you’re using, you can also select from a number of other sets of ligatures. And you can select from available stylistic sets and number forms, as well as change the number spacing.

You can also disable these OpenType features entirely by opening Word Options, selecting the Advanced tab, and checking Disable OpenType Font Formatting Features under the Layout Options that are right at the bottom.

This is all great news for the three people who were looking forward to this support in the next version of Word.

You can check out some more Office 2010 screenshots here and here.

This article was originally published on 16 April 2009 on newmatilda.com.

When Senator Conroy announced a live pilot to assess, among other things, the technical feasibility of filtering the ACMA blacklist of so-called ‘prohibited content’, he described the list as containing ‘child sexual abuse, rape, incest, bestiality, sexual violence, and detailed instruction in crime’.

So, when three copies of the list were posted on Wikileaks, people were surprised to find it included ordinary pornography, horror movie clips, anti-abortion sites, pro-euthanasia sites, and poker sites.

These are not errors. These sites are on the blacklist because the definition of ‘prohibited content’ under the Broadcasting Services Act 1992 (Cth) is much broader than people assume.

‘Prohibited content’ is not just illegal content. It includes all content classified RC and X 18+; content classified R 18+ that is not subject to a restricted access system (which I’ll explain later); and certain commercial content classified MA 15+ that is not subject to a restricted access system.

A ‘restricted access system’ is a system that requires a person seeking access to online content to apply for that access and either declare that he or she is at least 15, or prove that he or she is at least 18 (for example, by providing a valid credit card number), depending on whether the content is classified MA 15+ or R 18+. This is in much the same way that cinemas require proof of age for screenings of certain films.

It should be clear from the definition of ‘prohibited content’ that such content, as a class, is not illegal. MA 15+ and R 18+ movies screen in public cinemas after all. But what about X 18+ and RC content? Most people have some idea of the type of content that’s classified MA 15+ and R 18+, but don’t necessarily know what’s classified X 18+ and/or refused classification (RC).

Any real depiction of actual sexual activity is classified X 18+, so long as it doesn’t feature any RC content.

Content that’s refused classification (RC) is quite diverse. It includes depictions of sexual fetishes, like body piercing, application of substances such as candle wax, golden showers, bondage, spanking, and fisting.

It also covers extreme violence, sexual violence, child pornography, incest fantasies, and bestiality, as well as detailed instruction in crime and detailed instruction in the use of certain drugs.

The law regulating X 18+ and RC content in each state and territory of Australia is beyond the scope of this article. Suffice to say that in most places in Australia, possession of X 18+ and RC content is not an offence, though sale of X 18+ and RC content is. Possession of child pornography is, of course, illegal all over Australia.

So, if prohibited content, as a class, is not prohibited, what is it? The answer is that it’s merely a class of content in relation to which ACMA has certain powers when it’s found online.

Under the Broadcasting Services Act 1992 (Cth), when ACMA finds prohibited content hosted in Australia, it must issue a take-down notice directing the provider to cease providing the content to the public or, if it’s in relation to MA 15+ or R 18+ content, to make it subject to a restricted access system.

The provider must comply with the notice as soon as practicable, but no later than 6:00 pm on the next business day. Failure to do so can result in fines up to $11,000 per day (or $55,000 per day for corporations).

In addition to take-down notices, ACMA can also issue a service-cessation or link-deletion notice. These notices apply to live prohibited content (such as live video) and links to prohibited content respectively. They operate the same way, requiring the provider to cease providing the live content or the link.

When ACMA finds prohibited content hosted overseas, it notifies the content to the makers of the ‘Internet Industry Association Family Friendly Filters’ pursuant to an industry code that’s been registered under the Act. Under this code, each ISP provides at least one IIA Family Friendly Filter to users who want one, at cost.

IIA Family Friendly Filters are software packages approved by the IIA that users can optionally install on their systems to filter their Internet connections. It was from one of these filters, Integard, that the three ACMA blacklists posted on Wikileaks were extracted.

So, the regulation as it stands effectively creates an opt-in filtering regime for prohibited content hosted overseas, while at the same time making hosting prohibited content in Australia impractical, since providers have to remove such content when a notice is inevitably issued. Importantly, though, it’s not an offence to host or link to prohibited content in Australia. It’s only an offence to fail to comply with a notice from ACMA.

After Whirlpool was threatened with an $11,000 per day fine for linking to a blacklisted anti-abortion site, some people expressed concern that they’d be fined for linking to a site on a secret list, even though they had no way of knowing what was on that list.

As explained above, this isn’t the case. You could get a notice from ACMA if you host or link to prohibited content, but you won’t be fined unless you fail to comply with it. (Particular content may be illegal under state or territory law though. For example, possession and copying of RC content is illegal in Western Australia.)

Understanding that the ACMA blacklist is of prohibited content and that prohibited content is not just illegal content, it is clear why the sites mentioned earlier are on the list.

Ordinary pornography sites are on the list because they feature real depictions of sexual activity. Such content would be classified X 18+ or, if it featured a sexual fetish, RC.

A clip from a horror movie posted on YouTube is included because it would be classified R 18+. YouTube requires users to declare that they are at least 18 before viewing the clip, but in order for this site not to be listed as ‘prohibited content’ a restricted access system would have to require proof of age.

The anti-abortion sites on the list contain graphic images and video of abortions and aborted foetuses. The content is not subject to any restricted access system. Presumably, these images and videos would be classified R 18+ or RC.

The pro-euthanasia sites on the list provide detailed instruction in the use of drugs like Nembutal. Under current guidelines, such instruction is classified RC.

Finally, the list also contains some sites that don’t host prohibited content, like a Queensland dentist’s website and an astrology website. These sites were added to the list because, at the time, they had been defaced with prohibited content. The legislation makes no distinction between sites intentionally hosting prohibited content and those that have been defaced with such content.

But what about the poker sites? Poker sites, and other gambling websites, aren’t prohibited content under the Broadcasting Services Act 1992 (Cth), but they are ‘prohibited Internet gambling content’ under the Interactive Gambling Act 2001 (Cth).

Under that Act, ACMA has essentially the same powers in relation to overseas-hosted prohibited Internet gambling content as it does in relation to overseas-hosted prohibited content. That is, it notifies the content to makers of IIA Family Friendly Filters. This is why websites like PartyPoker.com end up on the blacklist too.

The most important thing about all of the above is that this is regulation that’s been in place since 2000. The current Government hasn’t clearly stated what it proposes to change.

Initially, the Government indicated it would mandate filtering of the existing ACMA blacklist. The Department of Communications website still says that ‘filtering would block content using a blacklist of prohibited sites … which are defined as “prohibited” under Australian legislation which has been in place since 2000’.

More recently, the Government said in a media release that it ‘has indicated an interest in [filtering] content that is Refused Classification’ (emphasis added). Senator Conroy made corresponding statements on SBS’s Insight and Triple J’s Hack programs. In the latter, he insisted that this has always been the case.

Even if that is the case, the nature of Internet filtering is such that any blacklist will have to be secret, mistakes will be made, and circumvention will be easy. And RC is a broad category that includes material that many Australians find unobjectionable.

Perhaps it would be better if each Australian could decide for him- or herself what is objectionable. This is how the Internet has always worked in Australia, and we haven’t descended into anarchy yet.

After ACMA issued a final link-deletion notice to EFA in relation to the AbortionTV website, it came out that the Classification Board had classified the relevant page R 18+. A number of people have suggested that you could still link to the AbortionTV website if you made the link subject to a restricted access system.

There are two problems with this under the current system in the Broadcasting Services Act 1992 (Cth) sch 7.

First, a restricted access system in relation to R 18+ content must require applicants for access to that content to provide proof of their age, not merely a declaration. Users aren’t going to hand out valid credit card numbers or copies of their birth certificates just to view links.

Second, the restricted access system must apply to the R 18+ content itself, and not to the link to the R 18+ content. That is, R 18+ content that’s not subject to a restricted access system is prohibited content. A link that’s subject to a restricted access system that points to R 18+ content that’s not subject to a restricted access system is still a link to prohibited content.

The test that ACMA applies when determining whether to issue a link-deletion notice is whether there is a link hosted in Australia that points to prohibited content. It’s not relevant whether the link itself is subject to a restricted access system or not.

I have provided details below.

Proof of Age

Under cl 14, ACMA has power to declare what is a ‘restricted access system’ in relation to particular classes of content. The most recent declaration is the Restricted Access System Declaration 2007.

Among seven requirements for restricted access systems in relation to R 18+ content, cl 13 provides

(1) Unless subsection 14(2) or (3) applies, the access-control system must verify that the applicant is at least 18 years of age by:

(a) requiring the applicant to provide evidence that the applicant is at least 18 years of age; and

(b) applying the risk analysis described in section 15.

So, a restricted access system in relation to R 18+ content must require proof of age, not merely a declaration. (Subsections 14(2) and (3) merely provide that the access-control system need not verify the applicant’s age more than once.)

What types of evidence? Clause 15(2) provides

The risk analysis must identify and assess the risk that a kind of evidence of age submitted to the access-control system could be held or used by:

(a) a person other than the person it purports to identify; or

(b) a person who is younger than the age which the form of evidence attributes to the person being identified.

Examples of sufficient evidence might include valid credit card numbers or copies of birth certificates, which, of course, users won’t be willing to provide to just any website.

Restricted Access Systems Don’t Relate to Links

Clause 20(1) states that content is ‘prohibited content’ if, among other alternatives,

(b) both:

(i) the content has been classified R 18+ by the Classification Board; and

(ii) access to the content is not subject to a restricted access system

From this, it’s clear that R 18+ content is prohibited content only if it’s not subject to a restricted access system. Division 5 then requires ACMA to issue link-deletion notices where

(a) end-users in Australia can access content using a link provided by a links service; and

(b) the content is prohibited content; and

(c) the links service has an Australian connection

So, the test is whether the content that is linked to is prohibited content, not whether the link itself is prohibited content.

If the content linked to were classified R 18+ and were subject to a restricted access system, then it wouldn’t be prohibited content and no link-deletion notice would be issued for the link.

However, if the content linked to were classified R 18+ but weren’t subject to a restricted access system, then it would be prohibited content and a link-deletion notice would be issued for the link. Here, it’s irrelevant whether the link itself is subject to any restricted access system.

In other words, the test for issuing a link-deletion notice is not whether you have a link that’s not subject to a restricted access system to R 18+ content. It’s whether you have a link to R 18+ content that’s not subject to a restricted access system.

There are only two scenarios for linking to the AbortionTV content that won’t risk a link-deletion notice. First, you can host the link itself outside of Australia. Then, the links service won’t have an ‘Australian connection’. Second, you can ask AbortionTV to require visitors to prove that they’re over 18. That won’t happen.

This post is not intended as legal advice. I make no representations whatsoever as to its quality, and will not be liable for any loss, injury, or damage howsoever resulting from it. Seek independent legal advice.

While I have attempted to write this post without bias, I am opposed to any plan for mandatory filtering of online content.

Today, Electronic Frontiers Australia (EFA) announced that its host had received a final link-deletion notice from ACMA directing them to remove a link to a page on the AbortionTV website that EFA included in an article appropriately titled ‘Net censorship already having a chilling effect’.

EFA has since complied, replacing the original link with the following:

REDACTED. The original title of the page was “AbortionTV Pictures #6”, and can presumably be found using major search engines.

One of the ironies is that by issuing these notices, ACMA has probably driven more traffic to the AbortionTV website than any other organisation. If googling the text quoted above is too much trouble, people can always use the notice itself as a handy reference.

The other interesting thing about this notice, as Mark Newton points out, is that Andree Wright from ACMA testified at a Senates Estimates hearing on 23 February 2009 that the AbortionTV site was added to the blacklist because there was a substantial likelihood that it would be refused classification.

From memory, it was a page that contained no text, just pictures. The pictures were of aborted and dismembered foetuses. The graphic nature of the presentation without any contextualisation of the images meant that the images were judged on their own merits for their impact and their severity. We have kept a careful watching brief on the way the Classification Board has handled those types of images. On a previous occasion, we made a referral to the Classification Board on very similar material and it came back as ‘refused classification’. So we juxtaposed the two decisions and judged it on the images.

That meant that, at the time it was added to the blacklist, the content was ‘potential prohibited content’, which meant that the Classification Board had not actually classified the content.

This latest notice states that the content is ‘prohibited content’. That means that the Classification Board has now actually classified it, and the notice states that the classification is R 18+. Presumably, the Board classified this content after ACMA issued Whirlpool’s host an interim link-deletion notice.

Download: Sublime IP Final Link-Deletion Notice (298 KB)

Update: Nic Suzor pointed out that a summary of the Classification Board’s decision is available here.

Today, The Daily Show website joins a long list of innovative online content services, such as Hulu and Pandora Internet Radio, that are unavailable to Australian residents:

Then there are the services, like iTunes and Audible, that offer limited catalogues of content to their Australian users. And movies and television series that are made available to Australians months after they’re made available elsewhere.

The frustration is ineffable.

A number of people have noted that you can use VPN services, such as HotSpotVPN, or other US-based proxies to make these sites believe you’re connecting from within the US. You can, of course. But, other than the extra cost, you’d be in breach of the terms of service:

This Site is offered and made available only to users 18 years of age or older who reside in United States of America. If you are not yet 18 years old, or do not reside in the United States, please discontinue using the Site immediately … by using or attempting to use the Site, you certify that you are at least 18 years of age and meet any other eligibility and residency requirements of the Site.

At least we have Foxtel.com.au, where you can watch ads for Foxtel 24-hours-a-day.