FCC Declares DDoS, I declare Shenanigans
On Sunday, May 7, 2017 John Oliver told his audience about Net Neutrality. During his 20 minute segment he indicated that gofccyourself.com will redirect people to the FCC page to leave comments. You can viewthe video clip, approximately 20 minutes long and definitely R rated and NSFW, at https://www.youtube.com/watch?v=92vuuZt7wak
Help Secure Everyone’s Email by Encrypting
Previously I wrote about the protection I am adding to my mail by using PGP or GPG. You can find the article by clicking here. My involvement with the EFF and AVNation have also included comments about privacy: AVNation Privacy & EFF Mail Links.
Something I realized while thinking about this subject is that if one sends very few encrypted e-mails, the ones that are encrypted will stand out in the mail being sent. Now you might wonder what I am doing that requires encrypting. The previous blog post explains why I am encrypting my mail.
I have an additional reason now, confuse the government and anyone else monitoring traffic. This idea is discussed in Cory Doctorow’s book Little Brother http://craphound.com/littlebrother.The section below is used under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 license. This quote below came from line 1826 in the HTML version available on Mr. Doctorow’s website.
“So how come you weren’t on Xnet last night?”
I was grateful for the distraction. I explained it all to him, the Bayesian stuff and my fear that we couldn’t go on using Xnet the way we had been without getting nabbed. He listened thoughtfully.
“I see what you’re saying. The problem is that if there’s too much crypto in someone’s Internet connection, they’ll stand out as unusual. But if you don’t encrypt, you’ll make it easy for the bad guys to wiretap you.”
“Yeah,” I said. “I’ve been trying to figure it out all day. Maybe we could slow the connection down, spread it out over more peoples’ accounts –“
“Won’t work,” he said. “To get it slow enough to vanish into the noise, you’d have to basically shut down the network, which isn’t an option.”
“You’re right,” I said. “But what else can we do?”
“What if we changed the definition of normal?”
And that was why Jolu got hired to work at Pigspleen when he was 12. Give him a problem with two bad solutions and he’d figure out a third totally different solution based on throwing away all your assumptions. I nodded vigorously. “Go on, tell me.”
“What if the average San Francisco Internet user had a lot more crypto in his average day on the Internet? If we could change the split so it’s more like fifty-fifty cleartext to ciphertext, then the users that supply the Xnet would just look like normal.”
“But how do we do that? People just don’t care enough about their privacy to surf the net through an encrypted link. They don’t see why it matters if eavesdroppers know what they’re googling for.”
“Yeah, but web-pages are small amounts of traffic. If we got people to routinely download a few giant encrypted files every day, that would create as much ciphertext as thousands of web-pages.”
This action is a relatively small action and is rather simple to do. However, the fact that it will change the traffic view could be helpful for others. It will prevent other PGP/GPG encrypted traffic from being such an outlier as to be noticed. As EFF posted on Data Privacy Day, privacy is a team sport. There are additional directions for how to do this task at https://ssd.eff.org/, hover over the tutorials section. If you want to test if it worked, My public key identifier is C93A52C6. You can download my public key from https://www.bradfordbenn.com/BradfordBenn-C93A52C6.asc
I also will freely admit, I am not sure if it will make a difference, but it could not hurt.
January 31, 2017
No, you can’t look in my computer…
Some of you may already be aware that the Electronic Frontier Foundation (EFF) is one of the groups I support. Privacy, security, and freedom for the individual is one of my touchstones. I have written about these topics previously, both here and at AVNation.tv. (Yes, there will be overlap between this post and the one over there. My opinion hasn’t changed.)
There are proposed rule changes within the Federal Rules of Criminal Procedure that the EFF has made me aware of. I do not claim to be an expert on all the legalities and intricacies, however from the comments that the EFF have provided I immediately felt it was important to comment on. The proposed amendment to procedural Rule 41 would allow a judge to issue a warrant allowing law enforcement to remotely enter (hack) a computer when “the district where the media or information is located has been concealed through technological means,” or when the media are on protected computers that have been “damaged without authorization and are located in five or more districts.”
The first portion of this means that if one uses a means to hide their location, for any reason, a search warrant would be allowed. At AVNation I spoke about how this applies to business environments where Virtual Private Networks (VPN) are used to provide a secure connection between remote users and the office. A byproduct of that process is that one’s location is incorrect quite often, sometimes on purpose. When I travel to China I use VPN for personal use. I purposely set my VPN to connect me to a point of presence located in the US. This decision allows me to access my e-mail as well as other sites, such as news sites like New York Times or Los Angeles Times. I can continue on about the Great Firewall of China, but these couple of links should help provide background https://en.wikipedia.org/wiki/Great_Firewall or https://www.eff.org/search/site/china%20firewall.)
I also use a VPN connection, as well as other tools, when I am using a public hotspot. In fact I am using one right now as I sit in Starbucks using their WiFi. This approach prevents eavesdroppers to my communication. I will say that Google and Starbucks do a good job keeping things safe, however not everyplace is as secure. I want to keep my data encrypted as long as I can. Yes, there is Hyper Text Transfer Protocol Secure (HTTPS) that is secure and I use it as much as possible, but not every site supports it or for all traffic.
I can continue on as to why I use VPN, the important thing to take away is that there are legitimate legal reasons to use VPN. The fact that I use it should not change the way my data/privacy is viewed by the courts. To overly simplify it would be like saying, you locked the door to your car so you have given us a reason to issue a search warrant.
The second portion of the new procedure is also damaging in that it allows for innocent computers to be searched if they have been remotely hacked. If a computer is an unwitting member of a botnet that would meet a qualification for a search warrant. The infected or innocent computer could be searched even if the owner is not involved or suspected of wrong doing. Basically if someone has already broken into your computer, the government can break into it again as your computer might be doing bad things.
To me there is a third reason that this issue is important – this process is being done under the guise of procedural rules. There is no debate, no review by elected officials, just a procedural change to allow more access. Yes, Congress has to vote to approve the rules, but there was very little notice of the process. Luckily groups such as EFF and others are around to alert people to the changes. There is the comment of, “Well if you aren’t doing anything wrong, you have nothing to worry about.” I agree and understand that sentiment, but I also believe that once the first domino has fallen the erosion of privacy will continue. To quote James Madison, “There are more instances of the abridgement of freedom of the people by gradual and silent encroachments by those in power than by violent and sudden usurpations.” This procedural step is a gradual and silent move to most people.
Also if there is nothing to worry about, please send me your laptop or phone without clearing the history first. I will be more than happy to inspect it for you.
Much of this information was gathered from the webpage https://www.eff.org/deeplinks/2016/06/help-us-stop-updates-rule-41.
The lock pick image is public domain from Wikimedia. More information about it at https://commons.wikimedia.org/wiki/File%3ALockpicking_Pickset.jpg.
Steam Security Softness
As my faithful reader reader knows, I have opinions about security and privacy. One of the things that has been a challenge is when providers and software do not take security as seriously. A prime offender is Steam currently. This opinion was formed before the December 25, 2015 problems with displaying information improperly. My opinion started last year in December 2014. I was in the process of changing and updating many of my passwords. I sent the following question to Steam:
“I am in the process of changing passwords on accounts, and was unable to find the requirements or restrictions for passwords. Can you provide a list of the restrictions please? When I tried to generate a new password using my randomizer it was not accepted. “
The response I originally received showed that the question was not understood (screen shot of the conversation from Steam Support Site):
“Thank you for contacting Steam Support.
We apologize for the delay.
Please follow the link below for information:
Title: How do I change my Steam account password?
If you have any further questions, please let us know. “
I responded indicating:
“I know how to change the password, however when I try to change it, the password is not accepted. So what is the parameters of the passwords “
The Steam response was less than helpful:
Unfortunately, the full requirements are not currently available.
It must not be a previous password and must meet the password strength requirements.
Steam Support has provided you with all of the relevant information regarding this issue. “
Please allow me to highlight that exchange a little more. “The requirements of the password are not available, but your password must meet the requirements.” Steam basically said, we can’t tell you what the requirements are but you need to meet them. At the same time I was doing testing and submitting of passwords to try to find out what the requirements are.
To say that I find that they are lax is an understatement especially for a commerce site; a commerce site that allows and suggests storing of credit card information. I was not able to use certain special characters but I was not sure what they are, so I literally had to make my best assumptions by trial and error. The length of the password was also not clear so I once again did trial and error. I understand why some might think by not indicating password parameters provides a hurdle to people hacking it. Allow me to state that a brute force attack would not care, it would simply add more failures.
If one couples this with the recent breach of information and lack of contrition or concern from Valve/Steam it makes me more nervous. The most frustrating part of this problem is that for many game titles I do not really have another avenue to purchase from. I am still one of those people that wants to have a hard copy of the content I own and not just have it on the cloud. I am comfortable with the idea of a piece of technology having to verify that it is legal through contacting an online server, not ideal but understandable.
So if Steam/Valve is listening, which I doubt, I request and want a more secure system. I would ask the following and I think most people would as well:
- More information about password requirements
- More complex and longer passwords allowed
- Two Factor Authentication
- Proactive Communication when there is a problem, notice I didn’t say if but when as given the current track record it is only a matter of time
To my readers, I ask that you share these ideas with others and get Valve and Steam to pay attention and make improvements.
Creative Commons Share and Share Alike for my domain
As I was taking pictures this weekend I thought about how I want people to be able to use my content and thoughts. Part of this was sparked also by my recent appearance on AVNation’s AVWeek Podcast Episode 189: I Know Who To Call. Tim brought up some topics that I have both experience with and opinions about, so I shared them with everyone. I was pleasantly surprised when I was also quoted heavily in an article on Commercial Integrator as well. So it got me to thinking, what are the rights I want to reserve or share? I am currently listening to Cory Doctorow’s book Information Doesn’t Want to Be Free: Laws for the Internet Age (hardcopy). This link is to the self-published audiobook read by Wil Wheaton. One of the things I am learning from these thoughts is the question of how much do I want to share my created content.
I have already created some content obviously you are reading some now, I have have images available at photos.bradfordbenn.com that can be used. I have until now been keeping a tight leash on the images with watermarks and right click protection. I plan on keeping some protection in place, not quite sure how much yet or how it will be set up. However I want to share the information and experiences with more people. Yes, I would like to earn some money along the way, however at the moment that is not the key goal for me. I want to create things and put them out in the open for people to enjoy. I just want to know when things I create are being used.
So having said that you can see the description of the usage rights I have created at the page http://bradfordbenn.com/creative-commons/. The idea is that if you are using my content for personal use, you may do that with attribution. If you want to use my content for commercial use, there is still licensing issues to be discussed. I encourage you to consider how you want your content handled, keeping in mind that many of the tools we are open source and are being shared as well.
Can we stop passing around little dead tattooed trees?
As my loyal reader and twitter follower is aware, I just attended the InfoComm2014 convention. I found myself struggling what to do with all these business cards I had acquired. Not only the question of how long should I hang on to them, but how to get all the details into my electronic system. After looking at a few solutions, I have a request for all my readers – make the lock screen on your electronic device your QR business card.
As someone who has some nice Moo.com business cards, with 10 different pictures on the cards, I appreciate and enjoy the statement and symbolism of exchanging business cards. What I do not enjoy is trying to get all the data into my various electronic organization tools. It is time consuming. First was the problem of finding a good tool to scan and then read all the data. Then comes the problem of verifying all the data that just got imported and loaded into the computer. There are pieces of software that can do this for you, but even those are not perfect and require some tweaking. I have tried CamCard for iPhone but am not totally happy with it. The interface is pretty good, but there are short comings. I do like that one can review and edit them on the web. However one cannot easily export it from the corrected version on the web. One has to give CamCard access to your contacts to load it into your contact information. I probably sound paranoid and stereotypical but giving a Chinese company access to my contacts is not something I feel comfortable with. I do like the batch scanning option though.
I can continue talking about the various options I have used and tried. I am using Evernote Hello for my personal contact management. It does not do as good a job dealing with unique layouts on cards. It also does not include a way to include the address.
The thing I would like for more people to start using is a QR vCard. There is a protocol that allows for embedding contact information directly into a QR code. The protocol does not require actually being connected to the Internet to retrieve the information. It simply requires the receiver to have a QR code reader, many of which are free. The process is fairly simple and painless.
- Load a QR Code Reader onto your phone.
- Using the camera on your phone ingest the QR code you are interested in
- View the results
I have created a QR vCard that is the lock image on my iDevice. (A QR card size of 450 pixels by 450 pixels about 305 pixels from the top of the image for an iPhone 4S works.) I do not even have to unlock the phone to provide the QR code to someone. I also have a QR application (Qrafter Pro) that allows for reading QR codes from pictures. I can take a picture without unlocking my iDevice as well. If you really want to be sneaky smart, take a picture of the person also so you can remember what they look like.
To get you started, here is a sample QR code that I created online. There are also sorts of other tools available, Qrafter Pro also allows for creating the grids.
Trial QR code
Go ahead try out your reader.
Relatively easy? Simple?
Now if you will excuse me, I have to go back to reviewing scanned business cards. I think I will even update my personal cards to have a QR code.
Shout out to Linda Seid-Frembes who gave me this idea years ago – You can read more about it at her blog.
Yes, I now that this topic has been talked about before but I really think it is worth considering.
Technology Stills Needs Personal Touch
I was originally going to write a blog post about the conversation topic I alluded to in a few Tweets on the evening of June 29, 2011; however United Airlines changed the topic. This blog post is about the frustration when technology does not actually make things easier. It also gets more frustrating after asking for help when the technology fails.
I wanted to book an award fare to fly myself and the L&T Wife to California on United. So I went to the United website, logged in with my frequent flier number – you know the one that literally has almost half a million miles in the past 11 years. I went through and looked at all the options for flights before finally picking one. I signed myself and the Wife up for it, picked our seats, continued to the payment page and entered my credit card number. Clicked the Submit button, and nothing happened. Clicked button again, nothing happened.
I changed browser from Firefox to Safari and tried again all the way from the beginning I could not save or hold my work. Nothing happened under Safari as well. I then decided to call United Rewards Reservations, which is when the frustration started. This is a basic synopsis of the conversation
- "Hello, I am having trouble booking reward travel on the website."
- "When and where are you trying to travel to?"
- I respond with the information
- "No, there are no seats available for the dates you want."
- "But the website shows many open seats."
- "I am sorry sir the website is wrong."
- "Okay, so what are my options?"
- "There is a flight three days earlier for outbound and two days later for the return."
Whiskey Tango Foxtrot I thought – I did not say it. I was polite to the agent as they are just reporting what the screen is showing.
We go round and round and finally get the exact same itinerary, as I had created online. I did not care if it was a mileage saver fare or not, her system was defaulting to fares that take less miles. If I was asked I would have said, I had picked specific flights online.
Then came the time to make payment. Online it was 75,000 miles per person; via the phone it was 100,000 miles per person. I ask why the difference.
The agent had no good explanation, so I asked for a supervisor. During this time I was placed on hold, without music or other audio so I had no indication I was still connected. The supervisor could not assist me.
As we passed the thirty-minute mark the supervisor indicated I should be transferred to Web Support to assist. After a few minutes with the Web Support person I was able to book my flight.
It was extremely frustrating. I tried to do it via self-service on the web. It did not work. I tried to call for help and that did not work for the first 40 minutes. It took approximately 45 minutes on the phone and three agents to finish the transaction I already had details for. If the first person I communicated with listened to my original issue they might have thought to transfer me to the web team earlier. Instead I believe that they were just going off the script, not really helping the customer.
I tweeted out my frustration and decided to wait 24 hours to see if there was a response before posting. So far I have heard nothing.
Now some people may be thinking that it is only 50K miles, ~10% of your tally. To put the value of that in context, 50K miles is a round trip somewhere in the US with the right planning. Now that this trip is booked, I will get to call again to add my dietary needs as I can’t do that from the website. I think I will wait a day or two.
For those of you that have an impact on customer interaction, think about what happens when your website doesn’t work. How will you help that person? Have you provided them with enough information to know where to go for help? Is the first point of contact going to listen and respond or just follow a script? That one decision can change a customer interaction from a phone call to a frustration and wasting time for everyone involved.
Making the interface work for me
Often times the controls for a piece of software are not the friendliest locations for one-handed operation. By one-handed operation I mean one hand on the keyboard, one hand on the mouse. When working in graphic programs I find myself working that way quite often. It could be as basic as a drawing program where I need to use the Z key to initiate the zoom function and then using the mouse to decide where to zoom. Other times it is more complex, such as selecting an image, zooming into a one pixel to one pixel rendering, panning, and then marking the image as a keeper or a chucker. It could just as likely be a drawing program where I am documenting an idea. For my #AVTweeps, just think AutoCAD.
Recently I found myself being sore at the end of an image review session from unnatural movements. My data management workflow is outlined at previous blog post. However looking at the actual process I began to find lots of moving of the hands. My review process is based around the use of Adobe® Photoshop® Lightroom® (quite the mouthful so Lightroom for short). The program itself is very powerful and does help me manage my images, pictures, and photos. The program lacks some ergonomics for the one handed user.
The way I cull images is I go into the library mode and review the images at a resolution to fit onto the screen. I then quickly look at it and decided if it is a Pick, Unmarked, or a Reject. These selections are done using the P U and X keys. Notice how they are laid out on the keyboard.
Not very easy to navigate with one hand. Now let’s say I want to zoom into an area, one can either use the mouse to enter a 1:1 view or press shift and spacebar to enter the same mode, then use the mouse to zoom to areas. I do this to see how much aberration is viewable and if it is in focus, once again I decide if it is a pick, unfledged, or rejected. Lightroom has a setting to advance to the next image after assigning a value to the image.
That setting seems like it would save time, and it does quite often. However if I want to assign two things to an image, I have to back up to the image. If I find an image of the same subject later in the batch that is better than a pick I decided on, I go back to unmarked the previously picked image. So now I have a few options. I can expose the filmstrip at the bottom of the application window and click on it with the mouse and then press U. If this image was just the previous image I can use the arrow keys. If you notice both of these options require me to take my right hand off the mouse and place it on the right half of the keyboard. Now I could also just use my left hand on the right side of the keyboard however that still means changing positions.
Let’s say I want to see if a crop makes an image better. An example of a crop changing an image happened at the baseball game I took pictures at, since I was sitting in the stands some of the images have the back of people’s heads in them. Cropping the heads out made the pictures better, but some were still chuckers not keepers. In Lightroom I enter crop mode by pressing R, this would enter Develop module, where I would use the mouse to make the crop. I would then finish with the crop. I would then want to mark the image as a keeper or chucker. I cannot do that in the Develop mode, I have to be in Library mode. To return to Library mode I would either take my right hand off the mouse to do the keyboard contortions or move the mouse away from the work area. Neither solution is very ergonomic.
There are keyboards available that are designed to fix some of these issues by changing the keyboard layout and having labels on the keyboard. However some are more expensive than the program itself. Also they are dedicated to the program, so I would still need my regular keyboard for such things as entering text. Not really an idea I was looking for.
I started thinking about it more and more and came up with a more practical solution in my not so humble opinion. I purchased a customizable gamer keypad, a Logitech G13 Programmable Gameboard with LCD Display as it is Mac compatible – yes it is also Windows compatible. (If you decide to buy one after reading my blog, using this link will give me a little commission.) This would let me decide how the keystrokes would be used. I could lay them out to my satisfaction.
I then determined what keys I used most. They are both left and right handed, and some of them require multiple hands, such as entering Library Mode (Command + Option + 1).
These main keys were then assigned to the keypad as I found would work best for me. (Drop me a line if you would like to copy of the configuration file.)
I had 200 plus images from a business trip and figured that would be a great way to test it out. So I went through the images, did the rating, cropping, and keywording in about an hour including uploading to a SmugMug gallery. There was another benefit that occurred that was unexpected, I was able to hide all of the tool palettes in Lightroom so the images were bigger on the screen during the review, remember bigger is better. I do not have exact times for similar tasks using the “standard” keyboard commands but the important thing is I was not sore and it was not as tiring to me.
The keypad allowed the thing that I think all tools should do, get out of the way and let me work. It did just that. Other than when I had to type in keywords, I used just the keypad and the mouse. I did not have to move my hands around the keyboard and mouse.
I also learned a couple more tricks in the process. I can use the keypad in more than one program, but keep the key functions the same. By key function I mean that the same key that sends an R to enter Crop mode in Lightroom can be configured to send a K in Photoshop or Command + K in Preview to perform the crop functions. The same key press to me, sends different keystrokes to the application. Much easier than having to remember all the different commands, similar to Cut, Copy, and Paste being the same in almost every program. That is a fine example of what I was trying to accomplish; cut (Command + X) copy (Command + C) and paste (Command + V) are not great mnemonic devices at first blush but the arrangement of the keys makes it very easy to use.
Are you slowing down the Internet?
As my faithful Twitter reader knows, I have been having some issues with my computer attaching to the network at the office. It has been Outlook locking me out, Windows Domain Server locking me out, IT changing the network configuration, entire system going down… etc. Some of these issues were due to the configuration changes that IT is making, some were unforeseen, some were just plain dumb luck.
Something that surprises me though is that for how much we like to cast aspersion on IT; sometimes we are our own worst enemy. By we, I mean the users. Not just at my company but pretty much everywhere IT has a love hate relationship with the users, the users love to hate IT. I am not saying that IT is beyond reproach, but some of the decisions we make, often times it makes it worse for everyone.
One of the most common complaints I am hearing is about the speed of the Internet. The next common complaint is the fact that many IT departments limit the streaming or some of the social network options. These concerns and complaints are all interrelated and is a case of size.
Many offices are connected with a T1 connection, which sounds “fast” but in reality it is not so much. The standard is that a T1 is 1.544 Mbps (megabits per second). The typical upper limit on residential DSL is 3 Mbps. Cable is much faster with an upper limit of 30 Mbps. Based on that it is easy to see why people often say, “The Internet is much faster at home.” Of course the first comment is why not just bring in something other than a T1? Yes, it is possible but for most business they are looking at uptimes and guaranteed bandwidth. Most contracts with a T1 or similar service state you will have a level of uptime or availability as well as guaranteed minimum speeds.
Most residential broadband services rate the speed as “up to 22Mbps” or something similar. They also typically do not have a guarantee on your uptime or availability. The Comcast Guarantee does not have a guarantee for availability or speed; the Residential Agreement also does not have a speed or availability commitment, the only credits occur after a 24 hour continuous outage. The business agreement has the same issue of lacking performance commitments.
So if I were running a business would I rely on a connection that might be non functioning for a day with no speed minimum, or would I rather have a higher availability and slower speed? I would take the one with a real service level agreement of what bandwidth and connectivity will be delivered.
The next item that impacts the speed is the amount of people using that connection to the Internet. At your house where you might have speeds up to ten times faster, you will typically have no more than four people using the connection at the same time. Now compare that to a business environment, forty people sharing a connection would not be unheard of would it? Not only is it less bandwidth but more people are using it
So if there are 40 people sharing a 1.544 Mbps or 1,554 kbps connection, let’s divide it equally. It is now each person getting 38.6 kbps. Remember dial up modems at 33.6 kbps? Now one user decides to stream a video, the typical bandwidth options are 300 kbps, 500 kbps, or 700kbps. If the user decides to stream the video at 700kbps they have effectively used half of the entire T1, okay it is only 45% but don’t forget the rest of the content on the page. So now because of one person everyone is experiencing delivered speed that can be slower than a dial up modem. Remember the bandwidth is shared for everyone.
Yes, the same thing happens in hotels, coffee houses, airport lounges … etc. bandwidth is shared.
So if I was responsible for productivity and availability of the Internet at a business, what is the first thing I would do? Turn off streaming. Why? It is a bandwidth hog and there are typically more important things to use the bandwidth on that will directly impact staying in business.
Yes, I still think that many IT departments make decisions that are not helpful to the end-users. Yes, I think that the help desk often doesn’t. I just want to point out that we as the users are sometimes the problem. Please, before you decide to fire up Pandora or Slacker, or surf YouTube think about if you are slowing down others? Don’t be a bandwidth hog.
My solution? I take lunch after most people and stay later than most. Why? Since everyone has left for lunch or for home, I get better bandwidth. I also listen to music using my iPod.
Just because it is on the Internet doesn’t mean it is free
Recently I ran across this story http://thestolenscream.com/ about a picture that was taken from a photographer’s Flickr site and was being used around the world. He was not being compensated. It is both an amazing story of how something can go around the world from just being good and how at times people’s work is stolen. The video is 10 minutes long and is well done. The back story and video link is available here at http://fstoppers.com/fstoppers-original-the-stolen-scream/
Notice what I have done above, I clearly indicated where the information is located. I could have just as easily gone into YouTube and gotten an embed link to put into my blog. I also could have just as easily downloaded the video and edited out the credits. But that is an insult to the people who created it. I am basically stealing their time and effort.
I know that some of my readers are more familiar with audio video system integration than with photography. The same thing occurs there and other places as well. It might not be a picture it could be a grounding scheme or a user interface panel just for a sample. Perhaps it is finding information on a manufacturer’s website and including it in your information package. Often manufacturers are okay with that, if you are using the information to sell and use their products. However that does not always happen.
Last year I was very surprised when someone called me to complain about a training video I did that was on YouTube. I was not surprised that I got a complaint, rather I was surprised that it was on YouTube. I did not upload the video there. I uploaded it to my work website. Not a huge deal as it was information about our products, however it then started to sink in. This website had taken someone else’s work, made some edits, and were then presenting it as their own work. They even placed their company logo over the video as well.
Someone else was supplicating all of the time and effort placed into the video. I understand how anything on the Internet is capable of being copied. Basically that was what annoyed me the most was that the effort put forth to collect and present the information was not being recognized someone else was just taking it.
That seems small, no one harmed, right? That is somewhat correct. My company paid for me to make the video and the product was still being promoted. However what happened if it was not a sales tool but rather a picture of a landmark, a presentation about a topic, a system design, or a configuration file for a piece of equipment.
The information is being provided without compensation to the creator or even acknowledgment. Basically that person’s time, effort, and knowledge is being stolen. If it is licensed under Creative Commons terms the creator expects certain respect in the process. If it is not expressly stated that it is okay to use, it should not be used.
The best example is someone who is creating a presentation or proposal and need a picture of a movie theater. I found a nice theater image on Wikipedia taken by Fernando de Sousa from Melbourne, Australia and licensed under Creative Commons Attribution-Share Alike 2.0 Generic license. That license requires attribution. Mr. de Sousa is a professional photographer. He takes pictures for compensation. He shared his work, the results of his skill, equipment, experience, and knowledge. All that he asks for is credit. Will you provide it?
Think about it another way. You went through the process of creating a proposal for a project. You outlined the equipment and process you are going to use. You provided information about why you chose that approach. The person you made the proposal to decides not to hire you. Instead they take your proposal package and use it to create the project themselves. Would that annoy you? Would you expect compensation? How about if all you asked for was attribution?
So I ask everyone to please respect the Intellectual Property, time, effort, and knowledge that is provided on the Internet and provide attribution at least. Don’t take credit for other people’s work.
I am off to go place watermarks on my stuff, if you would like to use an image without it, just ask.