Monthly Archives: February 2008

For the Checkpoint Lover in Every Child

200802-Security-Checkin.jpgCheck out the Security Check-in toy set from Playmobil. Here’s the description:

Every single smuggler is caught at the security check-in. With a modern X-ray machine every item not allowed on board is detected. At the same time, the passengers have to pass the passenger check-in under the watchful eyes of the security staff. Only then can they start in their hard-earned vacation.

The ad copy doesn’t say if the passenger’s shoes are removable.

(Hat tip: Scott Bludorn.)

RAV4 Blogging – 10 Days Behind the Wheel

We’ve had the new Toyota RAV4 for about 10 days, and I have a few observations:

  • There’s a little digital display in the middle of the dashboard with some numbers on it, but when I first saw it I couldn’t figure out where the odometer was. After a moment, I realized that the odometer must be that little “4” all by itself on one row. I guess I’m not used to seeing less than six digits…
  • The RAV4 is a complicated piece of machinery. It’s got a 5-speed automatic transmission with a switch to lock the differential. There’s anti-lock brakes, traction control, and stability control. It’s got daytime running lights, parking lights, regular headlights, high beams, and fog lights. It’s got front and rear window wipers, both with intermittent mode. The heating and air conditioning system has about 15 buttons. (I haven’t bought a new car in 10 years, so I don’t know how much of this stuff is standard on cars these days, how much is because it’s an SUV, and how much is because of the trim line we chose.)
  • jbl_logo.gifTo me, the JBL logo on all the sound system components looks more like UBL, and UBL means Usama bin Laden—the old official spelling of Osama bin Laden. It strikes an odd note every time I see it: I’ll probably always think of it as the Usama bin Laden audio system.
  • I wasn’t interested in getting heated seats, because I never really had a problem with my butt feeling cold while the rest of the car was warm. However, they came with the trimline we chose so we have them anyway, and I’ve learned something important: When I start the car cold, the heated seats will be the first thing to get warm.
  • The RAV4 is very easy to drive. From the first test drive at the dealer, it felt just like my Camry, but with a jacked-up suspension. Even that feeling has gone away by now. It has very quickly become just our car.
  • At night it’s easy to forget to turn on the headlights because the running lights come on as soon as I start the car and look just like the headlights. It’s only when I get to a dark area that I notice how much dimmer they are.
  • The tail lights are all LEDs, which should last forever. I don’t know if all cars have this option these days, but they should.
  • The rear window and the side windows behind the first row of seats are all tinted dark enough to keep people from looking in. I didn’t even notice that until the second or third day we had the car.

In roughly 10 days, we’ve put 804 miles on the car. 

The Difference Between a Website and Its Name

I’ve been reading about the Wikileaks issue on some legal blawgs, and corresponding with Scott Greenfield about it, and I think there’s a bit of confusion over a technical issue. I don’t think anyone within Judge White’s jurisdiction is disobeying his order. I’m going to have to delve into some history here, but I think I can explain it without getting too technical. The key is that the network service of hosting web content is different from the network service of associating that content with a domain name.

The networking protocol for the Internet is called IP, which stands for internet protocol. Every computer on the Internet is assigned an IP address within the network where it can be reached. When a human is going to see or type an IP address, it’s usually broken into four numbers ranging from 0 to 255, which are written down separated by dots. E.g. “”.

That’s an ugly thing to be typing, so since the earliest days of the the old ARPAnet, there has been a mechanism to allow us humans to use names for computers instead of numbers. Initially, every computer simply had a list of the names and addresses of every other computer. Each computer’s administrators would occasionally download a new list from a central location.

By the mid-1980’s, that system was no longer workable because the number of computers had grown into the thousands and it was hard to keep track of the changes across all the organizations on the network. To solve this problem, the architects of the internet invented the Domain Name System (DNS), in which the lists of names and addresses are stored on computers called name servers that the other computers query when they need to lookup a name.

For any given domain name—,,—there’s a nameserver somewhere that’s responsible for providing the associated IP addresses. It’s called the authoritative name server, and whoever controls this server controls the meaning of all the domain names for which it has authority.

How does the network of name servers find the authoritative name server? They send a query about the domain name to a group of top-level name servers, called registries, which respond by refering the query to the name server that has authority for that domain. When you buy a domain name from a registrar, you’re buying the right to tell one of the top-level registries which nameserver has the authority for that domain.

(I have simplified the domain resolution process quite a bit. There are a lot more options, and there is a lot of localized caching to improve performance.)

When it comes to accessing a web site, there are five roles we need to be concerned about:

  • The web server that actually serves the pages.
  • The authoritative nameserver, which points to the web server.
  • The registry, which points to the authoritative name server.
  • The registrar, which is the business entity that sold the domain name.
  • The registrant, which is the actual person or other entity that owns the domain name.

When you buy a domain name, you’re the registrant, and the registries are operated by the top internet authorities, but the other three roles are up for grabs. Many companies will sell you a package deal for registering a domain, operating the name server, and hosting your content, but it doesn’t have to be that way.

For example, the web server is operated by a company called DowntownHost, and the registrar is Tierranet. Currently, the name server is also operated by Tierranet, but I could switch it to DowntownHost or a third party if I wanted to.

Wikileaks used a similar arrangement. Their server is at IP address and is run by a web hosting company called PRQ in Sweden.  Their registrar is a company called Dynadot, located in California.

According to the court documents John Katz has posted, Judge White ordered the registrar, Dynadot, to remove all information about the domain from the registry. As far as I can tell, they’ve done so. That’s why we get an error if we try to browse to (That’s also why I can’t tell you anything about the nameserver or the registrant—Dynadot has deleted that information.)

None of that, however, affects the actual web server that hosts Wikileaks. If you happen to know that its address is, you just have to type this into your browser:

The Internet will just route traffic between your computer and the Wikileaks server, without ever having to do a query on the domain. It’s just between your browser and the Swedish server.

Maybe all these technical details are too low-level for the courts to take notice, but as far as I can tell, no one is disobeying the judge’s order. He ordered the name deleted, and it’s gone.

Trying to Stop Wikileaks

Yesterday, I mentioned that Federal Judge Jeffrey S. White issued an order shutting down the Wikileaks site. He did this by ordering the domain registrar to disable the domain. This only disables the name lookup feature, not the underlying website, which is still available via its IP address:

In a comment to my last post, Scott Greenfield asks,

[D]o you think it’s critical that the Judge White’s order was ineffective because of a technology error? If they figure out how to do it effectively next time, then what?

I’ve been giving this a little thought. I’m not an expert at Internet security, but I think I may have been unfair to Judge White. The IP address above traces to a server in Stockholm, Sweden, so he may very well have done all that it was in his power to do by ordering the American registrar to disable the name.

I suppose the aggrieved party could ask him to order the big American internet backbones to stop carrying traffic from that address. I think it would be analogous to ordering a phone company not to put through certain calls, or ordering the post office not to deliver certain mail. It would probably be a serious performance and administrative burden, and I wouldn’t be surprised if it’s not legally possible.

Besides, the Wikileaks site could get a new IP address in a few minutes. Within a day or two, all the usual web sites would be linked to it again.

In addition, Wikileaks has many other domain names, some of which are obvious—,,,,—and some of which aren’t, e.g. There are also independent mirror sites that serve all the same content to the web from locations in several different countries.

The folks who built Wikileaks make some pretty grandiose claims about it being “uncensorable.” Technically speaking, there’s no such thing, but as a practical matter, they can probably put up a pretty good fight. Wikileaks was originally designed to support dissident activities by people in repressive countries, and it makes use of some advanced security technologies.

It’s not as farfetched as it sounds. Consider that the Chinese government has been trying to censor Wikileaks without success. Here in the United States, our government has only been able to stop online poker sites by attacking the flow of money, not the web sites themselves.

Maybe some intelligence agencies have the resources to stop Wikileaks—especially if they’re willing to commit illegal and/or violent acts—but I don’t think a lawsuit or an overzealous judge is much of a threat.

Deserts, Predators, Domain Names, Musical Theater, Web Design, and Big Cats

Random shots around the web:

Choosing an SUV

After my trusty old Camry gave up the ghost, my wife and I decided to buy an SUV. It was a big deal for me, so I’m going to be blogging about it a bit, in case anyone is interested.

Buying an SUV is insanely complicated because the category covers a lot of vehicles designed for a lot of different purposes, and we had to make some choices. We settled on a few basic criteria.

  • Car-like. SUVs come in two basic types: truck-like and car-like. Truck-like SUVs are strong and heavy and tough, and they’re suitable for some fairly serious off-roading. Car-like SUV’s are basically cars with beefed-up suspensions and drivetrains. This will be our first SUV, so we don’t want anything too radical, and since we’re not planning on any serious off-roading, and we’d appreciate a smooth ride, we decided on a car-like SUV.
  • Small. There are only two of us, and we don’t have hobbies that require a lot of hauling, so we don’t need a huge vehicle.
  • 4-wheel drive. We want a car that will get us through the snow. Besides, if it doesn’t have 4-wheel drive, is it really an SUV?
  • 6-cylinder engine. I just don’t feel comfortable with a 4-banger in a heavy vehicle, and even the smallest SUV is pretty heavy. On the other hand, we’re not planning to do any towing, so an 8-cylinder engine seems like gas-guzzling overkill. A supercharged 4-cylinder engine would also have been okay.
  • Dad-compliant. My 88-year-old arthritic father has to be able to get in and out of the passenger seat, so it can’t be the kind of SUV you have to climb into.

That narrowed it down a lot. After a whole bunch of research and a couple of trips to nearby dealers, we decided to get a Toyota RAV4.

To be honest, we’d been leaning toward the RAV4 even before we did the research. It fit our criteria, and it was a Toyota. Our Camry had impressed the heck out of us for eleven years, and we felt comfortable with the strength of Toyota engineering.

Then it was time to choose the options we wanted:

  • V6 engine and 4WD. This is going to be our workhorse car for quite a while.
  • Moonroof.
  • Towing package. Not the towing gear, just the upgraded radiator and alternator to make it a more rugged vehicle.
  • Leather seats. We got them on the Camry as a luxury, but they proved to be far more durable than cloth seats.
  • JBL 6-CD Premium Audio. We didn’t really want it, but we let the salesman talk us into it. I’m sure we’ll feel real bad about that as we bomb down the road blasting our tunes.
  • Heated seats. Never had them, wanted to try them.

There were also a few things we didn’t want:

  • No third row of seating. We rarely even need the back seat, and the RAV4’s third row is only suitable for children or dwarves.
  • No satellite radio. We’ve had it, and we didn’t think it was worth it.
  • No navigation. We’ve got a portable GPS system.
  • No remote start, no upgraded alarm, no first-aid kit, no cargo tray, no hood protector, no headphones. All are available aftermarket.
  • No white paint. Too much like a rental car. Any other color would be okay.

The dealer didn’t have one like that in stock, so for the first time ever, we ordered a car.

We picked it up on Saturday. I’ll probably be RAV4-blogging for a while.

An Especially Tricky Case to Prosecute

A few months ago, I was a juror on a criminal case where a guy was accused of attacking a cop. The cop was the only witness to the attack, and the defendant said he didn’t do it. We the jury thought the defendant’s story had too many problems, so we disregarded it and then convicted him based on the cop’s more-credible testimony.

I bring this up again because Scott at Simple Justice points us to a situation that’s making me wonder if we rushed to convict, just because we had the credible statement of the victim. Maybe we should have insisted on video.

Here’s what we know from the media reports: A woman accused a Shreveport cop of beating her while she was under arrest for alleged drunk driving. He says he didn’t do it.

The twist is that there’s video: We see the cop and the woman are in a room of some kind. She’s being annoying, so the cop cuffs her hands behind her back and pushes her against the wall and then down to the floor. A little later, she’s screaming and resisting as he tries to hold her in a chair, so he stands her up and swings her around and out of the frame where we hear a thump.  Then we see her sitting in the chair again as the cop steps in front of the camera to turn it off.

When the camera’s turned back on, the woman is lying on the floor in a pool of her own blood. She had two black eyes, cuts to the face, and two broken teeth.

The cop has been fired, but he hasn’t been charged with any crime because, police say, the video doesn’t show what happened.

So, to review, we the jury actually convicted a guy of aggravated battery based on even less evidence than this, but no one in Shreveport even thinks it’s worth bringing charges?

I’ll tell you what. If anybody from the Caddo Parish District Attorney’s Office in Louisiana wants some advice, just get in touch with me, and I can give you the name of a Cook County ASA who knows how to win those tricky cases that don’t have complete video evidence of the crime.