Wednesday, December 02, 2009

Browsing as Googlebot to circumvent paywalls

Interesting technique from a Slashdot article and commenter darthflo:

Most 'papers like Google and the visitors Google sends them; so the Google Bot and hits with a google.com Referer tend to get a free pass. Use this to your advantage:

  • Google the Article's URI, click the link and off you go (with a real Google referer).
  • If it's not indexed yet and you're using Opera: Go to any Google page, press Ctrl + U, change any one link's href to the article's URI, click "Save Changes", click the link and off you go (with a fake Google referer. This works for any fake referer, by the way).
  • If they're picky, they mightn't let hits from Google through but still allow the Google bot to index their pages. Change your User-Agent accordingly. In Firefox, go to about:config and change general.useragent.extra.firefox to Googlebot 2.1 and off you go (as Googlebot).
  • As a last resort, there's quite a few ad-blocking personal proxies out there. Most of them allow you to fake Referers or change User-Agents, for any browser.

Sunday, October 25, 2009

Insidious C bugs

Here's a couple novel C bugs that I've encountered recently (using gcc). Man, it sucks when these happen.

1) No compiler warnings when not instantiating structs correctly

The following code will give no warning indicating that you have not, when declaring an array of structs using the curly bracket notation, instantiated all members of the struct:
#include <stdio.h>

int main()
{
struct a_struct {
int a;
int b;
} buggy[] = {
{ 1, 2, },
{ 3, /* oops! */ },
{ 5, 6, },
};

int i;
for(i = 0; i < sizeof(buggy) / sizeof(*buggy); i++)
{
printf("%i: %i %i\n", i, buggy[i].a, buggy[i].b);
}

return 0;
}
Here's the ouptut:
0: 1 2
1: 3 0
2: 5 6
Oops! It would have been nice for the compiler to tell us about this...

2) Forgetting to delete the semicolon when turning an assert into an if statement

Say you have
assert(cond);
But you want to make it an if statement to have a little more debugging output when it triggers. So you change it to:
if(!cond);  /* oops! */
{
dump_stats();
assert(0);
}
Whoops! Now the if statement has an empty body and the block between the curly braces will always execute!

3) Strange things you can't do within case statements

This isn't really insidious so much as annoying -- why are you allowed to do some things inside a case statement (that don't seem to make sense) but aren't allowed to do others (that seem to make much more sense)? For instance:

int main() {
int i = 0;

switch(i)
{
int j = 5; /* fine */
case 0:
char ch; /* error */
break;
case 1:
i = 1;
char ch2; /* fine */
break;
default:;
char ch3; /* fine */
break;
}

return i;
}
Note the semicolon following the 'default:' There's a good discussion of this problem here. Essentially, the first thing after a label cannot be a declaration. The error that the compiler gives here is usually pretty cryptic, too.

Similar links

Sunday, October 04, 2009

Youtube kung-fu on Linux

This is just a collection of commands that I have used in the past to edit video, especially for uploading to online video sites such as YouTube. This entry is small now, hopefully it grows as I figure out how to do more useful stuff.

# Cut a clip from a whole video file (-ss is base, -t is offset)
ffmpeg -sameq -i input.avi -ss 00:1:23 -t 00:02:35 output.avi

# Boost the volume of a video file
ffmpeg -sameq -vol 1000 -i input.avi output.avi
or, see Avidemux tutorial here: http://www.youtube.com/watch?v=w8K0D2t0ysE

# Dump audio of an flv video file to mp3
ffmpeg -i inputfile.flv -f mp3 -vn -acodec copy ouputfile.mp3

Wednesday, September 23, 2009

Mandating key-based logins with sshd

This page provides a pretty good summary of creating a public/private key pair on the client and adding the public key to the server's authorized_keys file.

On the server side, edit /etc/ssh/sshd_config and add the directive PasswordAuthentication no and then restart sshd with sudo /etc/init.d/ssh restart Anyone that tries to log in to your server without a public key in the server's authorized_keys file will now not even be given the chance to enter a password.

sshd_config manpage

Monday, September 21, 2009

xmonad

Xmonad is a sweet window manager. So sweet, in fact, that I've decided to use it. Here's a quick reference, basically the manpage rearranged (mod = alt by default) ... (also, remember to change the session login to "Run Xclient script" so that other things, like xmodmap, can be run in .xsession):

=== Launch ===
mod-shift-q -- Quit xmonad
mod-q -- Restart xmonad (and reload config file)
mod-shift-return -- Launch terminal
mod-shift-c -- Close the focused window
mod-p -- Launch dmenu

=== Layout ===
mod-space -- Rotate through the available layout algorithms
mod-shift-space -- Reset the layouts on the current workspace to default

=== Focus ===
mod-tab -- Move focus to the next window
mod-shift-tab -- Move focus to the previous window
mod-j -- Move focus to the next window
mod-k -- Move focus to the previous window
mod-m -- Move focus to the master window

=== Swap ===
mod-return -- Swap the focused window and the master window
mod-shift-j -- Swap the focused window with the next window
mod-shift-k -- Swap the focused window with the previous window

=== Resize ===
mod-h -- Shrink the master area
mod-l -- Expand the master area

=== Master Area (the area on the left) ===
mod-comma -- Increment the number of windows in the master area
mod-period -- Deincrement the number of windows in the master area

=== Workspace ===
mod-[1..9] -- Switch to workspace N
mod-shift-[1..9] -- Move client to workspace N

=== Multiple Screens ===
mod-{w,e,r} -- Switch to physical/Xinerama screens 1, 2, or 3
mod-shift-{w,e,r} -- Move client to screen 1, 2, or 3

=== Mouse ===
mod-button1 -- Set the window to floating mode and move by dragging
mod-button2 -- Raise the window to the top of the stack
mod-button3 -- Set the window to floating mode and resize by dragging
mod-t -- Push window back into tiling

=== Setup ===
sudo apt-get install xmonad dwm xlockmore xclock htop

=== ? ===
mod-shift-p -- Launch gmrun
mod-n -- Resize viewed windows to the correct size
mod-b -- Toggle the status bar gap

Here are some other useful utilities to replace functionality that is present in, say, GNOME on the command line:
How to install Xmobar

First, install the necessary packages:
sudo apt-get install libghc6-http-dev libghc6-zlib-dev libx11-dev libxft-dev

I hadn't installed any packages with cabal before, so I needed to set up that as well. I found it necessary to do the standard download, untar, runhaskell Setup configure && runhaskell Setup build && sudo runhaskell Setup install for the following packages:
  • http://hackage.haskell.org/packages/archive/HTTP/4000.0.8/HTTP-4000.0.8.tar.gz
  • http://haskell.org/cabal/release/cabal-1.6.0.2/Cabal-1.6.0.2.tar.gz
  • http://haskell.org/cabal/release/cabal-install-0.6.2/cabal-install-0.6.2.tar.gz
A cabal update initializes the package database and a cabal install xmobar grabs the package.

Put this in your xmonad.hs (changing the paths appropriately, of course):

import XMonad
import XMonad.Hooks.DynamicLog
import XMonad.Hooks.ManageDocks
import XMonad.Util.Run(spawnPipe)
import System.IO

main = do
xmproc <- spawnPipe "/home/dannyc/.cabal/bin/xmobar /home/dannyc/.xmonad/xmobarrc"
xmonad $ defaultConfig {
layoutHook = avoidStruts $ layoutHook defaultConfig
, logHook = dynamicLogWithPP $ xmobarPP
{ ppOutput = hPutStrLn xmproc
, ppTitle = xmobarColor "green" "" . shorten 50
}
}
And put this in your xmobarrc:
Config { font = "-*-Fixed-Bold-R-Normal-*-13-*-*-*-*-*-*-*"
, bgColor = "black"
, fgColor = "grey"
, position = TopW L 90
, commands = [ Run Weather "EGPF" ["-t"," <tempF>F","-L","64","-H","77",
"--normal","green","--high","red","--low","lightblue"] 36000
, Run Cpu ["-L","3","-H","50","--normal","green","--high","red"] 10
, Run Memory ["-t","Mem: <usedratio> 10
, Run Swap [] 10
, Run Date "%a %b %_d %l:%M" "date" 10
, Run StdinReader
]
, sepChar = "%"
, alignSep = "}{"
, template = "%StdinReader% }{ %cpu% | %memory% * %swap% <fc=#ee9a00>date%<fc> | %EGPF%"
}

There, you now have a bare-bones xmobar install. I figured this out by loosely following the instructions here. I don't know any haskell (yet) and this is my first time messing with the xmonad config, so I don't guarantee at all that I am doing things the Right Way. If your xmonad keeps locking up because of this configuration, see the big bold comment in the link above which points to here.

TODO
  • customize xmobar
  • some kind of screen-like titleing for workspaces
  • better fonts?
  • picture background on startup (/transparent windows?)

Monday, August 24, 2009

Video DownloadHelper Firefox extension + YouTube = Napster

Video DownloadHelper can download videos from YouTube (or other video sites) and convert the audio to mp3 (or other formats) using ffmpeg (the default). Pick the mp4 (high quality / high definition -- these are format 18 or 22) videos off of YouTube to get the highest quality audio (128 kbps).

Ah, this brings me back...

Update: Even better, now that Lala, et al are providing music streaming straight from a Google search, one need not even bother with YouTube -- faster download/conversion, and same (better?) quality.

Saturday, July 25, 2009

Photo metadata

# get exiftool
sudo apt-get install libimage-exiftool-perl

# get libexif CLI tool
sudo apt-get install exif

# erase all metadata
exiftool -all='' img.jpg

# see what metadata tags your photo has
exif -l img.jpg

# see the values of the included metadata tags
exif img.jpg

EXIF specifications: http://www.exif.org/specifications.html
For PNGs: http://pmt.sourceforge.net/pngmeta/index.html

Thursday, July 23, 2009

And now, a demonstration in how ridiculously easy it is to hack stuff with Google

Inspired by this reddit thread (look here for help deciphering the Google syntax).

phpMyAdmin -- inurl:SELECT inurl:FROM inurl:WHERE intitle:phpmyadmin

HP Laserjet printers -- "identify the document you want to print by using either option shown below, then select the apply button."

More printers
-- "Web Image Monitor" location comment "device name"

Web cams
-- inurl:"viewerframe mode="

And, let's not forget the Google Hacking Database or how to use Google to crack MD5-hashed passwords!

Sunday, July 12, 2009

batch: like at, but better

batch is a tool that is identical to at (same manpage even), except it runs a specified job when the load averages are low instead of at a certain time. Very handy if one needs a job to execute on a busy server and doesn't care when it happens, just that it happens.

Sunday, May 31, 2009

Stanford students 'better than other people'?

A telling quote from a Stanford student in today's San Jose Mercury News front-page story:

"When they welcome you to freshman orientation," Robbins says, "part of what they tell you is that you're better than other people."

Not smarter, not better at standardized test scores or kissing ass to get ahead, but unequivocally superior human beings than all those proles that attend state schools. I have to say, this quote typifies the holier-than-thou, aristocratic, snub-nosed attitude that runs through a lot of the student body (and faculty).

Saturday, May 30, 2009

My .pythonrc.py


#!/usr/bin/python

import sys
import os
import atexit

# color prompt
sys.ps1 = '\001\033[1;36m\002>>> \001\033[0m\002'

# tab completion
# from http://www.doughellmann.com/PyMOTW/rlcompleter/index.html
try:
import readline
except ImportError:
# Silently ignore missing readline module
pass
else:
import rlcompleter
readline.parse_and_bind("tab: complete")

# history
# from http://dotfiles.org/~remote/.pythonrc.py
histfile = os.path.join(os.environ["HOME"], ".python_history")
try:
readline.read_history_file(histfile)
except IOError:
pass

atexit.register(readline.write_history_file, histfile)
del os, histfile


If running 'python' on the command line does not run the file, you can always alias python to 'python -i ~/.pythonrc.py'

Tuesday, May 26, 2009

Critique of Laughlin's "The Crime of Reason"

When I saw Robert Laughlin speak at Stanford, I was terribly disturbed by some of his ideas and intrigued by others. As someone who drinks the free software/culture kool-aid, I was always of the opinion that the free flow of information helped humanity, not hurt it. As a follow up on his talk, I decided to pick up a copy of Laughlin's book, The Crime of Reason, to investigate his ideas further. The book, like is talk, contains some very interesting and important ideas but is poorly put together and rather meandering. Writing style aside, the book discusses the following topics, which I will comment on in turn:

The Intellectual Property system is necessary for economic progress

Laughlin states that "Universal access to knowledge is fundamentally incompatible with market economics." (p.45) By this he mostly means that the patent system in the United States is necessary for economic development. He doesn't provide any convincing evidence to back this up, but merely provides a false analogy equating the economy with a game of poker in which everyone has incentives to hide and steal from each other. Perhaps these dynamics apply in certain sectors of the economy (particularly looking through the lens of a physicist who has spent his entire life inside the bowels of the military-industrial complex), but in other cases they do not. The open-source software industry immediately springs to mind as an example in which companies have an interest in freely sharing knowledge with each other.

In any event, the idea of the necessity of a patent system has been completely eviscerated by Boldrin and Levine in their book Against Intellectual Monopoly. Looking at history, the acquisition of a patent in a particular field coincided with a stall of progress in an industry until the patent expired and, not coincidentally, substantially increased patent lawsuits within that industry as the patent holder sought to restrict anyone else from innovating. Patents are a type of monopoly and, as any econ 101 student will tell you, monopolies are a Bad Thing because they deprive both consumers of a low cost for products and also prevent other potential producers from making money by entering the market. Awarding patents is hardly "necessary for living" (p.49) as Laughlin claims.

How and why technical knowledge becomes illegal

The main thrust of the book has to do with the troubling tendency of modern societies to effectively outlaw knowledge. Laughlin compiles a list of fields today whose study has been criminalized in some form or another:

- cryptography
- circumvention (DMCA)
- physics (nukes)
- genetics
- bioengineering (engineered diseases)
- biology (cloning, chimeras)
- national security related processes
- chemistry
- etc.

He asserts that learning about these fields has been criminalized either in the law itself (which is rarely challenged in open court because of the potential government 'secrets' a trial could leak) or by de facto means such as withdrawal of research funds or public ostracism. This development, of course, is quite at odds with the way that learning is supposed to work in our society, as Laughlin recognizes: "Modern civilization rests on two mutually exclusive kinds of thinking -- one embodied in the free speech guarantees in the First Amendment of the U.S. constitution, the other in the Atomic Energy Act." (p.82) His most effective case in point is that of nuclear physics, in which the U.S. government has led a campaign of a quasi-legal nature to suppress the spreading of knowledge on the subject. He reasons that this censorship "set a precedent that has now led, by small steps, to a significant and growing threat to our freedom to reason and learn." (p.84) This is the most convincing, and consequential, argument of the book, and deserves serious thought by all members of our government and society. Are we really willing to sacrifice our freedoms to pursue intellectually interesting scientific facts for the sake of purported security, morality and order?

The consequences for a society which deems scientific knowledge illegal

In the final chapter, Laughlin conducts a thought experiment: what will smart people do if and when we achieve this nightmare society in which the pursuit of any and all interesting technical knowledge is illegal? Laughlin's suggestion that "The sensible course of action would probably be to give up" (p.144) is deeply unsatisfying. He then postulates that the talented technical folk (that is, everyone that didn't become a doctor or a lawyer or a businessman) will either seek employment in the service of rogue dictatorships that allow science, become 'guerrilla warriors' of a sort within their own country or go somewhere else (in the interplanetary sense) to establish a new society where there is no crime of reason. It's very romantic to think of the creation of a new order by a disgruntled segment of society (a la the emigration of persecuted religious groups to America). If it is necessary, however, is another matter entirely. It's certainly way too early, in my opinion, to 'give up' on our present society. A more enlightened public debate on this topic, if not reform, is not out of reach.

You can read other peoples' opinions on the book on Amazon

Thursday, May 21, 2009

Twitter: Good or Evil (or Irrelevant or Same ol')?

Everyone seems to be talking about and using Twitter these days (I'm not on it and have no plans to join in the immediate future). It seems as though Twitter is the newest wave of social media hype, for better or for worse. If you cut through the frenzied enthusiasm about Twitter, however, you get a picture of a service that is just another method of communication, with all the positives and negatives that that provides (albeit with a unique short-message twist).

Twitter has proven itself as one of a number of social media platforms that can be used to report breaking news events faster than traditional news reporters can arrive on the scene. The most important and striking example of this was the coverage of the Mumbai Terror Attacks. Other sites, notably Wikipedia and Flickr, also contained up-to-the-minute details of the attack that mainstream media sites such as CNN cribbed for their stories on the incident. Twitter has also been used by activists to organize and rapidly disseminate information. Consider reporters in Egypt that were able to alert colleagues to their arrest via Twitter. Others recently mounted a campaign to expose Amazon.com's system that placed gay and lesbian-related items lower in the site rankings.

But Twitter not only has the power to educate and organize, it also has the power to misinform. Consider the recent swine flu panic: Twitter users reacted to the global scare by essentially amplifying the pig paranoia rather than providing any useful information about the disease. The 'social' factor of Twitter exacerbates this phenomena: often users post not to communicate substance, but to fit in. The result is a hysterical echo chamber of misinformation. (In fact, the author of the linked Foreign Policy article speculates that Twitter would be a very good medium for someone who wanted to intentionally incite fear in the populace.) Valleywag nicely summarizes this point: "What Twitter actually does is inflate problems out of all proportion, as Twitterers noisily tweet about how with it, on it, and over it they all are, repeating each other's messages without adding anything of value. Any [person looking to inform themselves] would go mad long before he extracted useful information." The desire of many Twitter users to be on the cutting edge of news also enhances their gullibility, and the lack of context inherent in 140 character posts makes it much easier to pull the wool over a reader's eyes. Twitter users fell for the faux news items of Patrick Swaze's death and nefarious items snuck into Obama's stimulus package, to cite only two examples.

The fact that entries on Twitter are limited to 140 characters apiece makes it difficult to convey much useful insight in one post. Many use Twitter for precisely that reason -- they have little or nothing to say. Glenn Greenwald nails it: "About Twitter messages, John says 'they all read like cell phone text messages between 12 year olds,' and indeed, the only purpose I can discern is that it provides a format for expressing thoughts that are too inconsequential to merit a stand-alone article or post. For precisely that reason, it is unsurprising that Twitter has become a huge hit among our media stars, for whom triviality is a guiding principle." Appropriately, a vast cult of celebrity Twitter worship has emerged, with eager fans eating up every last tasteless morsel that is tossed to them by their gods. The fact that Twitter is often an outlet for the mundane is hammered home by spoof sites such as MyLifeIsAverage.

Quite possibly the most devastating critique of Twitter is not that it incites fear or inhabited by vapid users, but that there is simply nothing special about it -- that it is more of the same. Seth Finkelstein maintains that Twitter is just another sucker's game that only serves the needs of a tiny elite: 'After I saw Twitter in use, I realised the difference was that, while IRC had all participants equal, Twitter implements a distilled version of many problematic aspects of blogging. Namely, a one-to-many broadcasting system that serves the needs of high-attention individuals, combined with an appeal to low-attention individuals that the details of one's life matter to an audience... Twitter is low-level celebrity for the chattering class. And the pathologies of celebrity are all on display, including the exploitative industries that prey on the human desire to be heard and noticed. My answer to Twitter's slogan of "What are you doing?" is: 'Not playing a sucker's game.'" Twitter, in other words, is just another way for the powerful to broadcast their message and for advertisers to blast users with pitches for their newest products and peer into consumers' minds, all the while deluding the average user that it's an empowering service.

Clearly, Twitter is many things to many people. Perhaps that's the only conclusion that one can draw from such a myriad of uses. Twitter is a communication medium and, like any other one, can be used and abused for just about any purpose. Although Twitter encourages its own unique kind of communication from being a 140-character accepting social media service, many of these sites' quirks are simply a reflection of their users, and it's wrong to blame the tool for having too much influence in shaping what people do with it. As one responder to Greenwald put it, "Criticizing the form [of Twitter] is like criticizing haiku as a form."

UPDATE:
  • TechCrunch takes a pessimistic viewpoint, in the context of the Fort Hood Massacre.
  • Valleywag lays down the rules for the manipulate-the-gullible-public-into-believing-someone-is-dead-when-they're-not game
  • Joel Spolsky also has some unkind words for Twitter
  • Study: Men follow Men and Nobody Tweets
I finally caved. danny_colligan is my twitter handle.

Sunday, May 17, 2009

.gdbinit file

Personal settings for gdb -- nothing too elaborate

# color prompt
set prompt \001\033[1;36m\002(gdb) \001\033[0m\002

# history across invocations
set history save on
set history filename ~/.gdb_history

Saturday, April 25, 2009

How NOT to recruit software engineers

After going through Stanford's recruiting process for a summer internship for the first time (and having been contacted sporadically by headhunters for quite some time), I've been genuinely disappointed in a select few of my interactions with recruiters. A certain subset of recruiters commit some boneheaded errors that one might think would be precluded by an iota of common sense. These missteps waste my time and give the recruiters' respective companies a bad reputation with the students. Additionally, I have no reason to think my experience is unique amongst my fellow engineering student peers. Since my blog is actively read by thousands of recruiters worldwide (well, maybe not, but I'll pretend like it is anyway) I have resolved to better their recruiting process by providing them a few helpful tips on what NOT to do when trying to gather talent:

Schedule appointments unilaterally
Remember, the applicant's life already revolves around your company, so have no qualms about telling him when an interview will be. Never take his schedule or conflicts into account. Never ask if he can make an appointment, simply assume he can.

Don't keep appointments

If you schedule an appointment with a recruit, make sure you do not show up. Optionally, show up at a different time and/or place. The same goes for phone calls: try calling at a different time than which you promised.

Don't follow up after interviews
Feel free to cut off contact with the recruit at any time, for any reason or without reason. Resist closure for the applicant. Never tell him if or why he was or was not accepted for the position.

Strive for an inconsistent message

Make sure the recruit has multiple contacts at the company, and make sure each of them is sending him a different message. Give him the impression that working for your company will entail functioning within a hopelessly mismanaged bureaucracy.

Be annoying
Clog the recruit's inbox with as much irrelevant information as possible. Send multiple copies of the same email. Send the same message over several different mediums (phone, email, pager, carrier pigeon, etc.). Ensure that mandatory forms are filled out multiple times. Redouble your efforts after the recruit says he is not available or not interested.

Treat the applicant like a number, not a person
Make sure the recruit knows that he is just another anonymous cog in the corporate machine. Send out obviously templatized emails that start with things such as "Dear $applicantName." Never make exceptions for an individual's extenuating circumstances.

Never apologize
No matter how badly you screw up, never acknowledge that you did anything wrong. Refuse to apologise. Stand your ground, especially in the case of overwhelming evidence to the contrary.

On a related note, if you are a recruiter/interviewer and wondering what you should be doing, please read the authoritative documents on recruiting and interviewing from the Joel on Software blog.

Tuesday, February 17, 2009

Dispelling Google Latitude Privacy Hysteria

Google recently came out with a new service called Latitude which allows people to share their locations with each other via a Google Maps interface. [1] Almost immediately, talk about privacy concerns dominated the dialogue concerning Latitude. These fears, upon closer scrutiny, are largely baseless. Latitude does not present a significant danger to users' privacy; any suggestion otherwise is mere technophobia and headline-grabbing Google-bashing.

The most important point in this entire conversation is that your cell phone is already a tracking device in and of itself. Carrying around a cell phone surreptitiously exposes more personal information than Latitude could ever dream of doing. The GPS, wireless Internet, and cell phone signals that emanate from your phone can be used to locate you any time your phone is on. The cell phone companies, obviously, know your location because they need it to deliver you service; the government can get it via Triggerfish or by just asking the phone companies. But a phone can be used as more than just a locator -- it can also be used as an eavesdropper. Consider the well-known NSA surveillance program that slurps up cell phone conversations, or the ability of the government to listen to whatever noise a cell phone picks up even when it is powered off. If you are seriously worried about your privacy, you won't even be carrying around a phone in the first place.

Google Latitude can not honestly be called a privacy threat because it is opt-in at every level and gives one the opportunity to leave or disable the service at any time. For another person to have access to your location, you must 1) explicitly enable Latitude 2) request the other person to receive your location via Latitude or accept a similar request from him 3) not turn the service off. Disabling the service can come in the form of either opting out of Latitude entirely or hiding your location temporarily. You can even enable a 'city-level-only' location option, which only shares your location to the town level of granularity, or set a manuallocation that doesn't move. (Your mobile location can be exactly determined only if you install Latitude on your mobile phone as opposed to using the stationary option.) Again, no one besides the group of people you explicitly agree to share your location with can see your location.

The example scenarios that have been raised by Privacy International with regard to Latitude's purported privacy degradation that have captured headlines are pretty far-fetched. All of the scenarios involve a malicious user creating a Google account, enabling Latitude on a phone and giving the phone to someone else with the intention of tracking them (without, of course, informing them that Latitude is enabled on the phone). Any reasonably competent person would quickly discover that Latitude was enabled on the phone, if he had not inspected the phone in the first place when he initially received it. There are many other major invasions of privacy taking place elsewhere, and Privacy International would do well to raise a stink about those issues rather than chase windmills at the Googleplex.

There is a legitimate privacy concern that Google will store the history of a user's location, which could be used to construct a profile of where a user was at certain points in time. However, Google states in the Latitude FAQ that this is not the case: "Google Latitude only reports your last updated location and does not keep a history of previously reported locations." As long as Google keeps its word in this regard, and I believe that to be a reasonably safe assumption, there is no privacy danger here.

It is unfortunate that so much ado has been made about a service that is essentially a useful visualization of your friend group. [2] Google Latitude is a service that you should have no qualms about using, provided that carrying around a cell phone does not make you queasy.

============================
Footnotes:
[1] As several other commentators on Slashdot pointed out, Google is not the first company to offer this kind of service (Brightkite, Loopt, and Mologogo to name just a few).

[2] One could imagine other use cases: giving truckers cell phones to track their shipments, planning visits to friends based on their proximity to a certain destination, serendipitousmeetup opportunities with nearby friends, etc.