P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 23-12-15, 08:52 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - December 26th, '15

Since 2002































"In an astounding display of cultural and commercial domination on a global scale — one with little precedent in the 100-year history of Hollywood — the Walt Disney Company’s 'Star Wars: The Force Awakens' earned roughly $517 million in ticket sales worldwide, smashing multiple box office records, even after accounting for inflation. It was the largest opening weekend in North America." – Brooks Barnes


"I've never seen this DVD. It's never touched my hands." – Andrew Kosove


"If you don’t want your words copied and shared, don’t post them in public on the Internet." – Chris Meadows


"The ability to exploit Juniper servers and firewalls will pay many dividends over the years." – UK Government Communications Headquarters


"It would take one line of code to fix this." – Ralf-Philipp Weinmann


"This is my weirdest Xmas ever." – Kim Dotcom






































December 26th, 2015




'Hateful Eight' Pirated Screener Traced Back to Top Hollywood Executive
Matthew Belloni

A copy of the new Quentin Tarantino movie The Hateful Eight that leaked online earlier this week has been linked to a top Hollywood film executive, sources tell The Hollywood Reporter.

Andrew Kosove, co-CEO of production-finance company Alcon Entertainment, was sent the “screener” copy of Hateful Eight for year-end awards consideration. That copy was signed for by an office assistant and later shared online, where it is now circulating on multiple file-sharing sites. Sources say officials with the FBI, working in conjunction with distributor The Weinstein Co., have been able to pinpoint Kosove's copy of the film as the source of the leak from a watermark on the DVD sent to him. FBI agents are visiting Alcon’s Century City headquarters Tuesday to determine the chain of custody of the DVD and who is responsible for its uploading. Alcon is cooperating fully in the investigation.

"I've never seen this DVD," Kosove tells THR in an interview. "It's never touched my hands. We're going to do more than cooperate with the FBI. We're going to conduct our own investigation to find out what happened."

Indeed, it is likely that Kosove is a victim in this leak rather than the perpetrator. Another employee at Alcon could have obtained and uploaded the DVD, or someone who either was given the screener or stole it could be responsible. Regardless, between 200,000 and 600,000 downloads of the film, depending on various reports, occurred the first day it was available online. Physical copies of Hateful Eight have been seen for sale on street corners in China and other markets.

According to a “Web Watch” report produced in response to the leak and shared with THR, an office assistant named "Tom" signed for the DVD at Alcon's offices. Later, a hacker or hackers identifying themselves as Hive-CM8 uploaded the Hateful Eight file after attempting to remove watermark technology from the DVD, which was manufactured by Deluxe. A message posted in a file-sharing chat room stated Hateful Eight was “one of 40” current movies that would be uploaded by Hive-CM8. “Will do all of them one after another … started with the hottest title of the year. Others will follow.”

Movie screeners are a Hollywood tradition during the annual awards season. It’s generally accepted that a distributor is all but required to send screeners to the voting members of the Academy, Screen Actors Guild and other awards bodies if a film hopes to garner nominations for Oscars, SAG Awards and other accolades.

But over the past decade, as file-sharing services have proliferated, screeners have leaked online with greater frequency. In 2003, the MPAA briefly banned studios from sending out screeners in response to the problem. That policy didn’t last, but in 2004, the Academy voted to expel member Carmine Caridi, a 70-year-old actor who appeared in The Godfather, after he admitted sending copies of movies in the awards race to a friend in Chicago. (Films that popped up online were traced back to Caridi's screeners.) Later, an Illinois man was arrested for allegedly duping Caridi into turning over his screeners; the man eventually pleaded guilty to copyright infringement.

In more recent years, screeners of several top movies have leaked online. The most damage can be caused to films that are not in general release when screeners are shared. Hateful Eight — a highly-anticipated $70 million Western starring Samuel L. Jackson and Kurt Russell, which opens in limited release Friday and goes wide Dec. 31 — falls into that category. So does The Revenant, another big-budget film whose screener leaked online earlier this week. That film, starring Leonardo DiCaprio and directed by Alejandro G. Inarritu, opens in limited release Friday and expands nationwide Jan. 8. It’s unclear if Kosove’s screener is the source of that leak as well.

Alcon, the film financier and production company backed by FedEx founder Fred Smith, is perhaps best known for the 2009 smash The Blind Side. The company, which has distribution deal at Warner Bros, is run by Kosove (who was nominated for a best picture Oscar for producing Blind Side) and co-CEO Broderick Johnson.

Alcon’s latest movie, a $100 million remake of the 1991 Kathryn Bigelow action-thriller Point Break, is set to hit U.S. theaters on Friday. Kosove says he is "furious" at the leak of his DVD, which he says is a symbol of widespread online "theft" of films. "It's not an issue of just one movie," he says. "This is a threat to an entire industry."
https://www.hollywoodreporter.com/ne...-traced-850899





‘Revenant,’ ‘Hateful Eight’ Screeners Leak to Huge Piracy Before Theatrical Release
Maane Khatchatourian

“The Hateful Eight” and “The Revenant” have leaked to piracy sites after screeners were sent to voters for awards consideration, according to data issued Monday by Excipio.

Both films were slated for a Christmas Day release.

Leonardo DiCaprio’s “Revenant” is being plundered by pirates at the fastest rate; having attracted over 739,580 unique IP addresses downloading the film in the last 24 hours. Quentin Tarantino’s “Hateful Eight” drew 569,153 IP addresses, while “Creed,” which is already in theaters, rounded out the top three most popular torrents of the last day with 499,082.

This is yet another roadblock for Tarantino, whose “Hateful Eight” script leaked online last year, almost killing the bloody Western entirely.

Fox, Weinstein Co. and Warner Bros. did not immediately respond to a request for comment.

Other Oscar contenders made available online illegally in the past few days include Jennifer Lawrence’s “Joy,” Michael Fassbender’s “Steve Jobs,” Cate Blanchett’s “Carol,” Brie Larson’s “Room,” Tom Hardy’s “Legend,” Chris Hemsworth’s “In the Heart of the Sea” and Saoirse Ronan’s “Brooklyn.”

Hive-CM8 is one of the piracy groups taking credit for the leaks.

“DVDScreener 1 of 40. Will do them all one after each other, started with the hottest title of this year, the rest will follow,” Hive-CM8 said after posting “Hateful Eight” online. According to TorrentFreak, the illegal copy of the film is “extremely clean and free from timestamps.”

This has become common in piracy circles in recent years during “Oscar screener season.” Ellen DeGeneres, last year’s Academy Awards host, was linked to a leaked screener of “The Secret Life of Walter Mitty.” The pirated copy of the Ben Stiller dramedy that surfaced on file-sharing pirate networks in January 2014 included a watermark with “Ellen DeGeneres.”

More recently, “The Expendables 3” — a Sylvester Stallone-starrer — leaked online three weeks ahead of the U.S. premiere, hurting its box office potential.

After the “Game of Thrones” season five premiere wound up online this summer from an advance DVD screener, HBO shifted to a streaming-only policy for advance reviews following years of mailing out DVDs to critics and journalists.
https://variety.com/2015/digital/new...ne-1201666010/





‘Star Wars: The Force Awakens’ Shatters Box Office Records
Brooks Barnes

Conventional wisdom holds that mass moviegoing is the pastime of another era. The cultural heat emanates from television now. Hollywood only churns out banal sequels and forgettable action films. Netflix is the new multiplex.

Well, the movies just struck back.

In an astounding display of cultural and commercial domination on a global scale — one with little precedent in the history of Hollywood — the Walt Disney Company’s “Star Wars: The Force Awakens” earned roughly $517 million in worldwide ticket sales, smashing multiple box office records, even after accounting for inflation.

It was the largest opening weekend in North America, with $238 million in ticket sales. To put that figure into perspective, consider that “Avatar” (2009), which analysts consider to be the highest-grossing film in history, with $3.1 billion in global ticket sales, took in $85 million over its first three days in domestic release; the previous record-holder for a December opening was “The Hobbit: An Unexpected Journey” (2012) with $87.5 million.

“Star Wars” has long been in a league of its own. But “The Force Awakens” also represents the way that Hollywood hopes to battle back after years of soft domestic ticket sales, piracy and competition from video games and television. Focusing on nostalgic film properties with familiar, often cherished characters, studios are assembling Death Star-sized movies that can capture the public’s imagination in ways reminiscent of the earliest years of blockbusterdom, before the hyper-fragmentation of pop culture.

Consumers are just beginning to see this strategy — “Jurassic World,” which took in $208.8 million over its first three days in June, was an early example — but studios have been engaging in a behind-the-scenes arms race for several years. The results are just now coming to market.

Disney is working on four more “Star Wars”-related movies and plans to restart the “Indiana Jones” series. Three more “Avatar” films are on the way from 20th Century Fox. Universal has a “Jurassic World” sequel planned for 2018 and is working to combine its classic monster properties (Dracula, the Mummy, Frankenstein) into one huge film series. Warner Bros. will release “Batman v. Superman: Dawn of Justice” in March; together with Legendary Pictures, Warner has a King Kong versus Godzilla film in the works.

Hollywood has repeatedly missed the mark with mindless remakes and sequels, but “Star Wars: The Force Awakens,” which cost an estimated $350 million to make and market, also represents an effort to improve the quality of mass-audience films. Lucasfilm, the Disney unit that controls the “Star Wars” franchise, hired an experienced director, J. J. Abrams, who veered sharply back toward old-fashioned filmmaking, relying less on computer-generated imagery and more on constructed sets.

Reviews for “The Force Awakens” were 95 percent positive, according to the Rotten Tomatoes website, which aggregates critical response. “The Force Awakens,” the seventh “Star Wars” movie, focuses on a young woman, Rey, as she becomes entwined with efforts — led by General Leia, no longer a princess — to locate a vanished Luke Skywalker and generally save the galaxy from evil combatants called the First Order.

“The studios finally seem to be remembering, after years of over-reliance on visual effects, that moviegoers like a story,” Jeanine Basinger, a film studies professor at Wesleyan University and the author of books including “The Star Machine,” said on Sunday. “It can be a story we are familiar with. It can be a serialized story. But give us, please, we’re begging you, a story of some kind.”

“The Force Awakens” arrives at a time when Hollywood has finally started to better understand how to use social media to turn consumer interest into a frenzy. The film also benefited from improved technology in theatrical distribution; the rise of digital projection and advance online presales allowed theater owners to quickly add extra screenings to meet opening-weekend demand.

“Theaters in some cases took what we originally planned and expanded it in real time to three or four times the capacity,” said Dave Hollis, Disney’s executive vice president for distribution.

The box office and critical results represent a personal triumph for Robert A. Iger, the chief executive of Disney, who engineered the $4 billion purchase of Lucasfilm in 2012, faced down skeptics on Wall Street who believed the price was too high and essentially ghost-produced the film. (He watched dailies, oversaw elements of the marketing and flew to Harrison Ford’s side when the actor injured himself on the set.)

Mr. Iger declined a request for an interview on Sunday.

Executives at rival studios spent the weekend marveling at the way Disney managed the film’s release, in particular praising the entertainment company’s use of its vast empire — theme parks, television networks, an online video studio, consumer products, video games, cruise ships — to promote the movie. “Not one misstep,” the marketing chief at a rival studio said begrudgingly, speaking on the condition of anonymity because of a reluctance to publicly praise a competitor.

Disney also pulled off one of the hardest tricks in event film marketing, which was timing the surge of advance hoopla to crest just as “The Force Awakens” arrived in theaters.

The studio may also have fixed a gender imbalance in “Star Wars,” which has traditionally been much more of a male property. “The characters created for this film, in particular the female character at the center, Rey, made this franchise feel modern and much more appealing to women,” said Greg Foster, the chief executive of Imax Entertainment.

On Sunday, Disney said that 47 percent of the gross receipts for “The Force Awakens” came from 3-D screenings, tickets that sell for a $3 to $5 premium. About 58 percent of the audience was male. About 63 percent of the audience was 26 or older.

The movie managed the staggering ticket sales even in the face of worries about terrorism (theaters were evacuated in New Jersey and California over the weekend in what turned out to be false alarms).

But the otherworldly success of “The Force Awakens” may not be enough for Disney to allay investor concerns about a slowing ESPN, the cable sports network that for years has delivered about 45 percent of Disney’s annual operating profits. Disney’s stock price declined 4 percent on Friday — even as reports of record-breaking box office returns poured in — after a downgrade to “sell” by a widely followed analyst, citing concerns about ESPN’s ability to sustain itself as some consumers forgo cable subscriptions. Disney is also facing worries about theme park security.

But dealing with those worries would have to wait for another day. For Disney, it was celebration time on Sunday.

“We’re setting records in real time,” a jubilant-sounding Mr. Hollis said. Asked if Disney’s distribution and publicity teams were ready to collapse after the hard push, Mr. Hollis noted that the film had not yet opened in China, where release is set for Jan. 9.

“Collapsing is what February is for,” he said.
http://www.nytimes.com/2015/12/21/mo...e-records.html





As Downloads Take Over, a Turning Point for the Video Game Industry
Nick Wingfield

This holiday season could be remembered as a digital watershed for the games business, the moment when the old way of selling video games — on discs in boxes — finally gave way to downloads.

The industry has been pointed in this direction for years. But the signs of a sharp turning point have piled up in the last month, as new data points have painted conflicting pictures of the game industry.

On one hand, recent market research shows that physical game sales declined in November, and GameStop, a leading retailer, reported disappointing earnings that made its stock tumble.

On the other, game companies swear that things are going great. Big titles are setting sales records, and Sony, the leading maker of game consoles, says the latest PlayStation has been selling at a faster clip than any previous generation of the hardware.
Why the disparity?

A number of factors are at play, but none as significant as the industry’s march toward a future of games downloaded over the Internet rather than bought in stores, analysts said. All mobile games are delivered over the Internet, as are nearly all PC games. But the transition for console games — the biggest segment of the business — has been far slower. Large game files could take hours to download and quickly fill a console’s hard drive.

Now, faster broadband speeds and the bigger hard drives in the latest generation of consoles are reducing those obstructions.

“It finally feels like the inevitable is becoming the inevitable,” said Evan Wilson, an analyst who follows the game industry for Pacific Crest Securities. “It feels like this is the holiday season where it’s finally having a big impact.”

Electronic Arts, the big games publisher behind Madden and Need for Speed, says about 20 percent of its new console games are now downloaded, compared with around 10 to 15 percent last year. For other publishers, the number may be 25 percent or more.

As a result, it is becoming harder to judge the health of the industry based on sales of physical game discs. NPD Group, a research firm that tracks retail sales in the United States, showed a 7 percent decline in November game sales from the same month a year ago.

Mr. Wilson of Pacific Crest characterized the figures in the title of a research report: “Shockingly Bad NPD Data Shows Big Physical Challenges.”

A couple of weeks earlier, there was similarly grim news from GameStop, the big specialty retailer, which blamed a disappointing earnings report for the period ending Oct. 31 on weak new game software and hardware sales.

Executives at GameStop caused a further stir when they said one of the most anticipated games of the season, Star Wars: Battlefront, had missed their internal sales forecasts during the quarter. The stock of Electronic Arts, the game’s publisher, fell 5 percent the day of the remarks.

The numbers were particularly striking because if game sales are ever going to grow, the time is now. The biggest games of the year have just landed on store shelves — including Fallout 4, Call of Duty: Black Ops 3, and Star Wars: Battlefront — and demand for them is running high among holiday gift buyers.

What is more, the industry is in the sweet spot of the hardware cycle, when the latest consoles from Sony and Microsoft are in plentiful supply and their prices have come down, and game publishers are cranking out titles that better exploit their capabilities.

Sony, for one, says its console sales have never been better. The company reported that it sold 30.2 million PlayStation 4s worldwide as of late November, just days after the second anniversary of the product. By comparison, it took around two years and two months for Sony to ship about 30 million PlayStation 2s — the previous high-water mark for Sony in the game business.

One factor in NPD’s declining game sales is that the research firm does not include games that are bundled with consoles — an increasingly popular option for buying the machines — in its software sales data. But a much bigger reason is that it does not include digital downloads of games in its monthly tallies of the industry.

Liam Callahan, an analyst at NPD, said the firm includes digital sales in a game report that comes out every quarter. For the first nine months of the year, game spending on physical formats was flat compared with the same period in 2014. When digital sales were included, there was an 8 percent increase, he said.

“It’s clear digital downloading is becoming a bigger deal,” said Michael Pachter, an analyst at Wedbush Securities.

After GameStop’s comments about Star Wars: Battlefront rattled investors, a senior executive at Electronic Arts, Peter Moore, said at a conference that there was “no weakness that is perceptible yet in the title.” He reiterated the company’s previous projection that it would sell 13 million copies of the game during its fiscal year.

The bigger threat appears to be for retailers that fail to adjust to the changing market. The list of retailers that have been vaporized by the Internet is long, including Blockbuster in movies, Tower Records in music and Virgin Megastores in both.

GameStop has increased its own presence in Internet-delivered games, but those changes have not moved the needle much. The company’s digital revenue in its last quarter amounted to less than 2 percent of its total revenue. There are limits to how much the company can sell digitally, though, since Microsoft, Sony and Nintendo operate the online portals from which the games are downloaded.

GameStop has tried to diversify beyond video games by acquiring one retail chain that offers wireless products and another that sells and repairs Apple devices. Joey Mooring, a spokesman for GameStop, said the company’s in-store staff members provide guidance for customers. And through its trade-in program for used games, customers can get credits toward the purchase of new games.

“Customers cannot access that expertise downloading a game, nor can they trade in a digital game for currency that can be applied to the purchase of their next game,” Mr. Mooring said in an email.

Eric Lempel, senior vice president for marketing at Sony’s American games division, agreed with the idea that many gamers want to talk to store staff members before making a purchase. The convenience of downloading a game directly to a console is appealing too, though.

“A lot of people are finding it easier to buy online,” Mr. Lempel said. “It’s open 24 hours a day.”
http://www.nytimes.com/2015/12/21/te...-industry.html





UK Police Busts Karaoke “Gang” for Sharing Songs that aren’t Commercially Available

Three old guys giving away karaoke tunes is now a "commercial-scale gang."
Glyn Moody

The City of London Police's Intellectual Property Crime Unit (PIPCU) claims to have "dismantled a gang suspected of uploading and distributing tens of thousands of karaoke tracks online." However, it turns out that this "gang" is actually three blokes, aged 60, 53, and 50: one man is from Barnstaple, Devon and two men live in Bury, Lancashire.

PIPCU's press release says "hundreds of albums have had their copyright uploaded by the men, leading to thousands and thousands of tracks being accessed illegally and depriving legitimate music companies of a significant amount of money." That sounds dramatic, but once again the reality is rather different.

An online list of the karaoke titles provided by the "gang," which calls itself KaraokeRG, says "they were created primarily because they are not available from any professional karaoke manufacturers." This means that far from losing "a significant amount of money," music companies were actually deprived of little or nothing, since there were no legal copies that people could pay for.

As Ars has previously reported, when legal offerings become available piracy is reduced, and the converse is also true. When legal offerings are unavailable people turn to unauthorised versions.

The KaraokeRG website emphasises this is not about money: "These tracks are NOT FOR SALE by KaraokeRG... The tracks are made available for private use only and not intended for commercial use." Despite that fact, the PIPCU press release quotes John Hodge, the British Phonographic Industry's (BPI) Internet investigations chief, as saying, "Instances of commercial-scale copyright infringement are not exempt from investigation and anyone found to be facilitating such illegal activity is not immune from prosecution."

The details of the current case make it clear that this is in no way a "commercial-scale" operation—it was run by three people not for personal gain, but to serve the needs of fellow karaoke enthusiasts that were not being met by music publishers. So why is Hodge calling what seems to be an extremely low-level operation "commercial-scale?" It's probably because "commercial scale" is a key legal concept that the recording industry has been trying to redefine to include activities that don't involve financial gain.

The phrase cropped up in the Anti-Counterfeiting Trade Agreement (ACTA), which was thrown out by the European Parliament in 2012 and in the recently-completed Trans-Pacific Partnership (TPP) agreement. According to the TPP rules, "any act of willful copyright infringement on a commercial scale renders the infringer liable to criminal penalties, even if they were not carried out for financial gain, provided that they have a substantial prejudicial impact on the rightsholder." That is, you can be sent to prison for sharing files online even if no money was involved—exactly the kind of disproportionate punishment that the copyright industries have been calling for.

Fortunately, this approach is unlikely to be included in the Transatlantic Trade and Investment Partnership (TTIP), currently being negotiated between the EU and US. That's because the TTIP negotiating mandate drawn up by the European Commission explicitly excludes "criminal sanctions" in this area. However, the KaraokeRG lads might want to think twice before visiting the US.
http://arstechnica.com/tech-policy/2...lly-available/





Megaupload Founder Can Be Sent to U.S., Judge Says
AP

A New Zealand judge ruled on Wednesday that the colorful Internet entrepreneur Kim Dotcom and three of his colleagues could be extradited to the United States to face copyright infringement charges.

Judge Nevin Dawson’s ruling came nearly four years after the United States authorities shut down Mr. Dotcom’s file-sharing website, Megaupload, which was once one of the Internet’s most popular sites. Prosecutors said the site raked in at least $175 million, mainly from people using it to illegally download movies.

The United States has charged the men with conspiracy to commit copyright infringement, racketeering and money laundering. If found guilty, they could face decades in jail.

Judge Dawson presided over a nine-week extradition hearing in which lawyers outlined the case against the four men. In his ruling, Judge Dawson wrote that the evidence “establishes a prima facie case to answer for all respondents on each of the counts.”

The judge was required only to decide whether the United States had a valid case and not on whether he thought they were guilty or innocent.

Mr. Dotcom’s lawyers said they would appeal the decision. The case could have broader implications for Internet copyright rules. One of Mr. Dotcom’s lawyers, Ron Mansfield, has said that if the United States prevails, websites from YouTube to Facebook would need to more carefully police their content.

The case also raises questions about how far American jurisdiction extends in an age when the Internet has erased many traditional borders. Mr. Dotcom says he has never set foot in the United States.

“Justice was not served today,” said Ira Rothken, another of Mr. Dotcom’s lawyers, on Twitter. He said he looked forward to having the decision reviewed in court.

Justice Minister Amy Adams of New Zealand is required to sign off on extraditions. In a news release on Wednesday, Ms. Adams said she would wait for the conclusion of any appeals before making a decision.

Along with Mr. Dotcom, who founded Megaupload and was its majority shareholder, the United States is seeking to extradite the former Megaupload officers Mathias Ortmann, Bram van der Kolk and Finn Batato. The men remained free on bail after Wednesday’s ruling pending their appeals.

Before the ruling, Mr. Dotcom said on Twitter: “This is my weirdest Xmas ever.”
http://www.nytimes.com/2015/12/24/te...udge-says.html





Comcast Customer Discovers Huge Mistake in Company’s Data Cap Meter

The ISP said he used 120GB of data... while on a multi-week vacation.
Jon Brodkin

You probably know that Comcast is hitting subscribers with overage charges of $10 (£7) when they exceed their 300GB monthly data caps. But can customers trust Comcast to measure Internet usage accurately? The nation’s largest cable company points to research it commissioned showing that its data metering is usually accurate, but one customer who contacted Ars was able to prove that he was being incorrectly accused of using excessive data.

Oleg, a programmer from Tennessee who prefers that we not publish his last name, said he got repeated warnings from Comcast that he was using too much data. But the traffic logs from his router showed that “I was not even close to Comcast’s cap,” he wrote. Oleg described his saga in a Pastebin posting, a YouTube video, and in e-mails to Ars.

Oleg received warnings in September and another in October, the latter while he was overseas for a multiple-week vacation with his wife. When they returned home on November 9th, Comcast’s data meter was “showing I used 120 gigs of data, like, while I was gone,” he wrote. Customers can check their usage on Comcast’s website.

Calls with Comcast customer service agents didn’t clear up the problem. "I called Comcast... and was patronizingly informed that 'it must be somebody stealing your Wi-Fi,'" he wrote. "Possible, but highly unlikely. I’m a software developer, Linux kernel contributor, and I take my home security very seriously."

Comcast allows customers to exceed the cap in three months before they are charged overage fees. But Comcast's incorrect metering caused Oleg's courtesy months to be used up in September, October, and November, he said. The waived charges would have totaled $60 (£40) across the three months, and he was on the verge of being charged for real. Oleg got to work trying to prove that Comcast’s metering was inaccurate, and hesays he disconnected his cable modem from his home network for six and a half days, relying on an unlimited cellular data plan and tethering for Internet access during that time. During that week, Comcast’s meter claims he used 66GB of data, he wrote.

Comcast admits: We screwed up

Oleg provided us his full name and address so we could check into his situation with Comcast. The company investigated the problem after being contacted by Ars and confirmed that its meter readings were inaccurate. “We have reached out and resolved this,” a Comcast spokesperson told Ars. “There was a technical error associated with his account, which we have since corrected.”

During the week he relied on cellular Internet, Oleg said says he used 8GB of mobile data. “That’s the ‘real’ number, as I tried not to vary the normal about of data I normally consume,” he wrote. “I am not a gamer, and I do not stream anything beyond the occasional YouTube video. In short, I’m not a high-bandwidth user.”

Comcast told Oleg that its system had him confused with another customer, he said. “It turns out their system had my modem MAC address entered incorrectly, there was an off-by-one typo that was hard to see so they were counting data from some modem who knows where,” Oleg told Ars.

Before discovering that mistake, a Comcast customer service rep had told Oleg that the company's meter is "94.6 percent accurate." After the truth was revealed, Comcast restored his three courtesy months. Oleg says he would switch broadband providers but Comcast is the only viable option where he lives.

No guarantee that Comcast accurately measures data use

Comcast pays an analysis company called NetForecast to report annually on the accuracy of its Internet usage meters. The latest report released in June of this year said Comcast meters had an average error rate of +0.4 percent to -4.0 percent, meaning that the meters are more likely to undercount data than overcount.

NetForecast tested at 55 homes from January 2014 to April 2015, comparing its own measurements to Comcast's. The report says that Cable Modem Termination Systems (CMTS) in Comcast facilities count the downstream and upstream traffic for each subscriber's cable modem, with each modem being identified by its MAC address.

But there’s no guarantee that Comcast is accurately measuring every customer’s data usage, as Oleg discovered. Customers with less technical expertise than Oleg may not know how to challenge erroneous measurements or even suspect that they’re incorrect. The routers customers typically connect to their cable modems don’t automatically monitor data usage, so customers have to trust that their ISP is accurately recording Internet usage unless they do some extra legwork. “The good news is that you can install a third-party router firmware like DD-WRT or OpenWRT and use bandwidth-monitoring software on it, getting a complete picture of your bandwidth usage,” a How-To Geek article explains.

Comcast has been steadily introducing data caps into parts of its territory, testing customers' responses before a potential nationwide rollout. The caps differ by city and town but generally provide 300GB per month, with customers being charged another £7 for every additional 50GB used. Customers can pay £20 to £23 extra per month for unlimited data in some areas. Comcast CEO Brian Roberts has compared the caps and overage charges to buying gas or electricity, saying that the more you use, the more you pay. But customers aren’t charged less when they use less data, unless they sign up for a “Flexible Data Option” that limits them to 5GB per month and has far more punitive overage charges than the standard plan.

Oleg said he filed a complaint with the Federal Communications Commission, but there’s no rule that would specifically limit or prevent Comcast’s data caps. The FCC could evaluate whether the caps discourage competition from online video services that offer alternatives to Comcast’s cable TV, but it hasn’t made any move to do so.

Oleg suspects he isn’t the only Comcast customer victimised by a MAC address error. His problem appears to be resolved for now, but not without a lot of aggravation. One customer service representative suggested to Oleg that he “just pay 35 dollars a month extra [for unlimited data] and the cap would be gone,” he wrote.

Now that Comcast’s data caps are expanding to more cities and towns, Oleg predicts that “the inaccuracy of their measurements will start to have real material effect on people."
http://arstechnica.co.uk/business/20...r-for-overage/





Comcast's CEO Wants the End of Unlimited Data

It's not so much that he thinks it, but that he said it.
Daniel Kline

In business there are some things better left unsaid.

The CEO of a candy company may hope that people choose to be less healthy and the leader of a factory which makes ammunition may wish for war, but most people in those positions are smart enough to not verbalize those thoughts.

It's similar to how I used to feel back in my days as the editor of small-town daily newspapers. A horrible death, major scandal, or any sort of traumatic event made for a better front page, which sold more papers. I wanted those things in the abstract -- they made my job easier -- but I was smart enough to not publicly wish for horrible things to happen.

What Comcast (NASDAQ:CMCSA) CEO Brian Roberts said during an on-stage interview at Business Insider's Ignition conference falls into that category. In fact, what he did say may be more acceptable than what my fictional CEOs did not say and it's certainly more palatable than my unspoken wishes. Still. Roberts said something out loud that while it might be true, it could further poison the public against his company.

What did Roberts say?

The CEO defended data caps and indirectly made it clear that he does not believe in unlimited Internet access.

"Just as with every other thing in your life, if you drive 100,000 miles or 1,000 miles you buy more gasoline. If you turn on the air conditioning to 60 vs. 72 you consume more electricity," Roberts said. "The same is true for [broadband] usage." Cellular data is already billed this way, "the more bits you use, the more you pay. So why not cable Internet, too?"

That's the same argument AT&T (NYSE:T) and Verizon (NYSE:VZ) used to mostly eliminate unlimited plans for their wireless customers. Essentially, as Comcast has done, the two wireless providers let people pay for unlimited data right up until the point that having it meant something. In the cable world as it already happened in the wireless one, people are using more data which makes caps and overages very attractive to companies like Comcast.

It's about semantics

Roberts also argued against the idea that Comcast has a data cap even though his company caps usage at 300GB per month, charging $10 for each 50GB used after.

"They're not a cap," Roberts said. "We don't want anybody to ever not want to stay connected on our network."

So, essentially the CEO is saying that it's not a cap because the overage charges are automatic meaning users won't lose access, they will just pay more.

It's not about today

About 8% of Comcast customers go over the 300GB allotment in markets where it's testing its caps which it prefers not be called caps according to ARS Technica. The point of the limit, which is an arbitrary one picked for business reasons, not technical ones, according to the technology news website, isn't so much to make money today, but to keep people from cutting the cord.

DISH Network's Sling TV CEO Roger Lynch called Comcast out for using caps and exemptions to those caps as a way to keep people from cutting the cord in an interview with CordCutting.com.

"If you look at cable companies like Comcast now instituting data caps that just happen to be at a level at or below what someone would use if they're watching TV on the Internet -- and at the same time launching their own streaming service that they say doesn't count against the data cap," he said.

300GB is plenty of data for people using streaming media as an add-on to traditional cable. For cord cutters it's a low number which adds to the cost of leaving Comcast's cable behind. The 300GB cap is about protecting revenue. Comcast will either keep people as cable subscribers or make them pay more for Internet. It's a smart strategy, but it's not one to crow about to the public.

Comcast is taking a risk

While AT&T and Verizon are still the dominant wireless carriers both face legitimate threats to their business from T-Mobile, which does not charge overages, and Sprint, which still offers low-priced unlimited plans. Comcast could face similar problems especially given the fact that major players including Alphabet's Google are rolling out ultra-high-speed Internet service without data caps.

Essentially Roberts is trying to put a system in place where customers have to either keep the status quo or pay more for Internet. That smacks a bit of evil genius, but there's nothing wrong with what he's doing. The mistake he's making is trying to publicly defend something that's inherently indefensible.

Comcast is not imposing caps because it has finite capacity or because increased data consumption is causing it to lose money. It's doing so in order to force people to keep cable or pay for the privilege of cutting the cord.

That's a strategy which could backfire in markets where people have a choice in Internet providers. Roberts should have learned a lesson that Batman villians taught us in the 1960s: If you feel the need to tell the hero your wicked plans before they get enacted, something will always happen to foil them.
http://www.fool.com/investing/genera...ited-data.aspx





Comcast Now Offering 1Gbps Speeds Across DOCSIS 3.1

Comcast has connected the first commercial DOCSIS 3.1 service to a customer in Philadelphia, providing speeds of up to 1Gbps.
Corinne Reichert

Making good on its promise in January to offer 1Gbps speeds across its hybrid fibre-coaxial (HFC) network in 2015, Comcast has announced that it has installed the world's first commercial Data Over Cable Service Interface Specification (DOCSIS) 3.1 modem for a customer in Philadelphia.

DOCSIS 3.1 supersedes the current DOCSIS 3.0 technology, allowing far faster speeds by freeing up around 50 percent capacity on the cable through more efficient transmission of data over the available spectrum.

"At a home in the Philadelphia area, we took the next important step forward in delivering gigabit-speed broadband over our hybrid fiber-coaxial network," Comcast executive vice president and CTO Tony Werner said in a blog post.

"The test used the standard cable connections that we have in homes across the country. All we needed was a new modem, a software upgrade to the device that serves that neighborhood, and a few good engineers."

Comcast added that it will continue undertaking real-world tests of the technology by activating several more "test homes" in Pennsylvania, Northern California, and Atlanta, Georgia, over the next few months. It will begin delivering DOCSIS 3.1 services offering 1Gbps speeds to customers across the United States before the end of 2016.

"The beauty of DOCSIS 3.1 is that it is backwards compatible, so no digging up streets or backyards," Werner added.

"This technology, when combined with the extensive upgrades we have already completed on our advanced hybrid fiber-coaxial network, will provide more gigabit choices for our customers."

A Q&A on DOCSIS 3.1, published on the website of Australian Communications Minister cum Prime Minister Malcolm Turnbull nine months ago, said the technology would be coming to the National Broadband Network (NBN) HFC network by 2017.

"We plan to run DOCSIS 3.1 trials in 2016 and we plan to have DOCSIS 3.1 services commercially available in 2017," Turnbull wrote.

"Bringing DOCSIS 3.1 on board is the cherry on the cake that will give us even more capacity and really make sure that there is plenty of bandwidth for everyone on the network to have a great experience."

The wide-scale rollout of NBN HFC was approved by the Australian Competition and Consumer Commission (ACCC) in June, with a revised AU$11 billion deal allowing NBN to take ownership of Telstra's HFC and copper assets and Optus' HFC network.

The new deal came about as a result of NBN moving away from Labor's full fibre-to-the-premises (FttP) rollout following the Coalition's election at the end of 2013 to the present so-called multi-technology mix (MTM), which proposes to cover 20 percent of the population with FttP; 38 percent with fibre-to-the-node (FttN) and fibre-to-the-basement (FttB); 34 percent with HFC; 5 percent with fixed wireless; and 3 percent with satellite services.

On Monday, Telstra and NBN announced they had entered a memorandum of understanding for a "significant contract" to manage the design, engineering, procuring, and construction of NBN's HFC network, which will include Telstra updating HFC to DOCSIS 3.1 technology in order to deliver end users speeds of up to 1Gbps.

Telstra is also set to prepare exchange locations and planning and design prior to and during the contract's negotiation. Telstra has already been continually building out its HFC network despite its impending transfer of ownership to NBN.

Last month, however, a leaked draft from NBN revealed that Optus' HFC network is "not fully fit for purpose", with 470,000 premises in the footprint needing to be overbuilt by either Telstra HFC or fibre services.

The leaked document, called HFC Plan B: Overbuilding Optus, dated November 2015, states that the necessary work of overbuilding Optus' HFC network with FttN, FttB, or fibre to the distribution point (FttdP) will lead to a peak funding increase of between AU$150 million and AU$375 million, with NBN to miss its FY17 ready-for-service target by 300,000 premises, and its FY18 target by 333,000.

"Overbuilding the Optus HFC network with either Telstra HFC or FttX could deliver higher probability of success given the current state of the network [and] significant operational simplicity," the document says.

"Optus network is not fully fit for purpose. Optus nodes are oversubscribed compared with Telstra, and will require node splits. Existing Optus CMTS don't have sufficient capacity to support NBN services. Noise (ingress) [is] causing interference and degrading end users speeds."

HFC will connect 4 million Australian premises in total, with 3.6 million of these coming from the old Telstra HFC network. The network will also be extended and infilled, with the Optus network likely to be infilled and overbuilt in the remaining 400,000 premises.

NBN is currently conducting a 4,500-premises HFC trial in Redcliffe, Queensland, and said it has not found any "unexpected" technical issues with the Optus network.

The HFC network will be launched by June 2016, and completed along with the rest of the NBN by 2020.
http://www.zdnet.com/article/comcast...ss-docsis-3-1/





Towns Start to Realize AT&T's Gigabit Fiber Promises Are Hollow
Karl Bode

Last week we noted how AT&T has effectively conned the press into believing the telecom giant is engaged in a massive gigabit fiber to the home build, despite the fact that the company's CAPEX and fixed-line network investment budget continues to drop. In reality, AT&T's singling out high-end developments and universities (where fiber is already in the ground) for highly selective gigabit service, then declaring an entire market "launched."

The resulting, gushing press lets the company appear to be keeping pace with operations like Google Fiber and municipal broadband options. But when customers in these "launched" markets actually try to sign up for service, they'll often find themselves disappointed.

Case in point is Gaston County, North Carolina, where AT&T loudly announced it had launched gigabit service back in August. As we've seen in so many markets however, locals there are increasingly confused as to why they don't qualify for service, a question AT&T (for obvious reasons) doesn't want to clearly answer:

So exactly where is it available now? And why at this house, but not that one? And how long might it take to extend elsewhere?

AT&T isn’t providing those types of answers. "Our network is a complex organism,” AT&T spokesman Josh Gelinas said.

...Gelinas said there’s no quick and easy explanation for why the fiber-optic connection is already in place in some specific addresses, but not others. AT&T doesn’t want to get into discussions about where it has existing fiber-optic corridors, he said.

“Part of what drives the expansion is where we already have our existing network in place and where it makes good business sense to expand,” he said.


And, when you're actually trimming your fixed-line broadband investment budget year after year, the places "where it makes good business sense to expand" are the places it costs virtually no money to connect. AT&T insiders familiar with AT&T's Gigapower deployment plans tell me that for many Gigapower markets, "launched" can quite literally mean just a few homes in a development community on a hill.

Privately, AT&T techs often candidly tell customers the same thing: their chances of ever getting gigabit fiber are slim to none.

That's not to say AT&T's not working hard in a handful of areas where competition has forced their hand. There's certainly select pockets -- like Austin and the North Carolina triangle -- where AT&T can quite visibly be seen working hard to keep pace with Google Fiber and municipal broadband deployments. But by and large Gigapower remains a hollow show pony in the majority of less competitive AT&T broadband markets, propped up by AT&T math (TM) and an easily duped press.

And cherry picking the most lucrative locations for fiber all makes sense from a business perspective, though it's important to remember AT&T and Verizon alone have received enough federal and state subsidies over the last few decades to wire the entire country with fiber to the home several times over (sadly nobody's done an audit, and with the two companies' collective political power, nobody ever will).

Again, the company's dropping CAPEX and investment budget numbers (already dominated by wireless) are the tell tale sign that AT&T's gigabit deployment is a tiny fraction of the size it's being portrayed as in marketing materials. You'll know AT&T is serious about gigabit fiber for "up to 100" markets when earnings reports and filings show it's actually paying for it.
https://www.dslreports.com/shownews/...-Hollow-135888





42 Percent of Cord-Cutters Don’t Even Subscribe to Home Broadband
Brian Fung

Fed up with your cable TV? Tired of paying for an expensive satellite package you barely use? You're not alone: Up to 15 percent of Americans have cut the cord, joining the 9 percent who have never had a cable or satellite TV subscription.

Altogether, that's roughly a quarter of the country that can be called "cord-cutters" or "cord-nevers," according to the Pew Research Center, which published a fresh survey of consumer patterns Monday.

Buried in those results, however, is one statistic that sheds some important new light on the future of television: A huge share of cord-cutters don't even have home broadband.

Let's pull back for a second. Overall, Pew's study on cord-cutting tracks closely with reports by business analysts. From telecom companies to cable firms to satellite providers, the pay-TV industry as a whole is seeing an exodus of TV customers.

My quarterly update on cord-cutting, which is real and accelerating: https://t.co/0T0hNwUv0H pic.twitter.com/a654xU6PVa

— Jan Dawson (@jandawson) November 10, 2015

Where are all these people going? They're turning to streaming services like Hulu, Netflix and Amazon.

Critics of cord-cutting say that the tactic may not save you much money in the end. And they could have a point. In order to watch those streaming TV services, you still have to pay for a broadband subscription. You can't get to Hulu without Internet, after all. So even if you've told Verizon you no longer want a TV+Internet bundle, you're still paying for standalone broadband, which can be priced even higher than your original bundle. Then on top of that, you have to pay individual subscription fees to services like HBO Now, CBS All Access and others on an a la carte basis so that you can get the channels you want. Considering many of these apps cost upwards of $10 a month, that all adds up pretty quickly.

But hang on — what if you could eliminate that home Internet subscription entirely and still watch your shows online? All of a sudden you get rid of a bill of, say, $100 or more per month (this amount is fairly close to what my household pays for standalone Internet service here in Washington). Would you do it?

It appears that some already are. Only 6 in 10 cord-cutters still subscribe to home broadband service — such as DSL, cable Internet or fiber — at all, the Pew survey shows. The rest rely primarily on their cellular devices to stream shows and movies.

"Those without pay TV — and cord-cutters especially — rely on a different mix… a mix that emphasizes smartphones over a home broadband subscription," the report reads.

This finding holds potential strategic significance for companies that offer A) pay-TV and B) home Internet, but not C) cellular data.

Take Comcast, for example. It offers subscription TV and home broadband — but if you want to surf Comcast Internet outside the home, you're limited to its network of WiFi hotspots. Compare that to, say, AT&T, which operates a national cellular data network that lets you surf from the middle of the freeway, on a boat or various other random places.

The fact that some Americans are forgoing home broadband entirely as part of the cord-cutting process poses a big problem for Comcast and others in its position. It's not just that some customers could move from Comcast's TV bundle to Comcast's standalone Internet plan. It's that they could abandon Comcast entirely.

Sure, a consumer who streams "Orphan Black" all day on their smartphone might wind up paying for that usage in terms of a bigger mobile data package or pricey overage fees. But with new offerings such as T-Mobile's Binge On — which lets you stream as much Netflix, Hulu, or HBO Now as you want without drawing from your monthly data plan — cellular carriers are poised to take advantage of the trend toward mobile cord-cutting in a tremendous way.
https://www.washingtonpost.com/news/...ome-broadband/





YouTube Says T-Mobile Is Throttling Its Video Traffic

New T-Mobile program delivers video in lower quality in exchange for users waiving some fees
John D. McKinnon and Thomas Gryta

YouTube said T-Mobile US Inc. is interfering with its video traffic, raising a new issue as federal regulators examine the wireless carrier’s streaming-video strategy.

T-Mobile recently began offering a program that delivers video at lower quality in exchange for waiving related data fees. YouTube and its allies say T-Mobile also is lowering the quality of video that isn’t part of the program, including YouTube clips.

YouTube, which is owned by Alphabet Inc., said T-Mobile is effectively throttling, or degrading, its traffic. “Reducing data charges can be good for users, but it doesn’t justify throttling all video services, especially without explicit user consent,” a YouTube spokesman said.

The Federal Communications Commission’s net-neutrality rules, adopted in February, are designed to ensure that Internet providers don’t discriminate against traffic from particular sources, including throttling a class of applications.

Binge On, T-Mobile’s free streaming program, already has worried some consumer advocates, who warn the service could be the beginning of attempts to circumvent the net-neutrality rules. T-Mobile argues the program is in line with the regulations, can be turned off by consumers and is open to all video providers that meet its basic technical requirements.

T-Mobile declined to address YouTube’s complaints. In a statement, the No. 3 U.S. carrier by subscribers said its customers “love having free streaming video that never hits their data bucket” and like “both the quality of their video experience and the complete control they have.”

The Internet Association, an advocacy group of which Alphabet’s Google unit is a member, also said Tuesday that T-Mobile’s new practice “appears to involve throttling of all video traffic, across all data plans, regardless of network congestion.”

T-Mobile said last month that 24 providers, including Netflix Inc. and Time Warner Inc. ’s HBO, are part of Binge On. But the service doesn’t yet include YouTube, which accounts for almost a fifth of all cellular traffic in North America, according to data provider Sandvine.

Last week, FCC Chairman Tom Wheeler said the agency sent letters to T-Mobile, Comcast Corp. and AT&T Inc. to get more information about new services they are offering. He said the inquiries weren’t a formal investigation but the letters cite critics’ concerns over the practices.

Mr. Wheeler said a month ago that T-Mobile’s new Binge On service was “highly innovative and highly competitive.” An FCC spokesperson declined to comment on Tuesday.

T-Mobile has said the exclusion of YouTube from Binge On is a technical problem. The software that detects streaming video to exclude it from data limits can’t always identify incoming YouTube videos. T-Mobile has said the companies have talked but may need more collaboration to work out the problem.
http://www.wsj.com/article_email/you...OTI5MjUyMDI5Wj





Internet Freedom Is Actively Dissolving in America
Jason Koebler

It’s the end of 2015, and one fact about the internet is quickly becoming clear this year: Americans’ freedom to access the open internet is rapidly dissolving.

Broadband access is declining, data caps are becoming commonplace, surveillance is increasing, and encryption is under attack.

This is not merely my opinion. The evidence is everywhere; the walls are closing in from all sides. The net neutrality victory of early this year has rapidly been tempered by the fact that net neutrality doesn’t matter if you don’t have solid access to said ‘net.

A Pew Research Center survey released earlier this week showed that at-home broadband adoption has actually decreased over the last two years, from 70 percent of people to 67 percent of people. Among black Americans, that number has dropped from 62 percent to 54 percent; among rural residents, the number has dropped from 60 percent to 55 percent.

There’s a relatively simple explanation for these stats: The percentage of people who have only a smartphone plan instead of broadband internet at home has increased from 8 percent in 2013 to 13 percent in 2015; among black Americans it has nearly doubled from 10 percent to 19 percent; among rural residents it has gone from 9 to 15 percent.

It doesn’t take an economist to suss out why this is happening: Broadband is expensive, smartphone data is expensive, and at some point you’ve got to make some tough choices. Pew notes that people who go smartphone-only are likely to be poorer and often have to "cancel or suspend service due to financial constraints" and that the most common reason people don't have broadband internet is its high cost.

The problem is that smartphone internet is not equivalent to home internet. Pew didn’t collect this information, but an unlimited mobile data plan in the United States is increasingly endangered and exceedingly rare. The 3 percent of Americans who have cut their broadband cord in the last two years replaced it with a mobile connection that limits how much they access the internet.

Those who still have home internet connections aren’t immune, of course. A loophole, oversight, or by-design flaw in the net neutrality rules (depending on who you ask) has created a system where both data caps and “zero rating” of data (meaning accessing certain sites and services doesn’t count against the data cap) are increasingly common and legal until the FCC rules otherwise.

In 2015 America, there’s a good chance that if you have the opportunity to buy at-home broadband at all, you can only buy it from one provider. It is likely expensive and potentially restrictive. If you opt for a mobile plan, your data cap is likely extremely low and potentially comes with the inherent traffic funneling that zero rating creates.

And then there’s the steps the federal government has taken to make the internet less free. Last week, Congress and President Obama made the Cybersecurity Information Sharing Act a law by including it in a massive budget bill (as an extra gift, Congress stripped away some of the few privacy provisions in what many civil liberties groups are calling a “surveillance bill”). CISA incentivizes private companies to share data with the federal government should such data contain any “cyber threats,” a term so broadly defined that it can apply to any criminal activity and can also apply to people who have had their accounts coopted by hackers to send spam messages. The true effects of the law likely won’t be known for many years.

Finally, the FBI and NSA have taken strong stands against encryption, one of the few ways that activists, journalists, regular citizens, and yes, criminals and terrorists can communicate with each other without the government spying. Opposition to citizen access to encryption has become so pervasive within the government that Hillary Clinton actively campaigned at Saturday’s debate for a “Manhattan-like project” to break encryption.

And so many, many Americans may soon be left with an insecure, surveilled, and capped internet connection dominated by broadband and cellular providers that funnel traffic to the companies they’ve made deals with. How do you feel about that?
https://motherboard.vice.com/read/in...ing-in-america





Javascript User Prohibitions are Content DRM in Microcosm—and Even Less Effective
Chris Meadows

Update: See the comments for the blogger’s explanation. Her site had been recently hacked; her webmaster had asked her server host for increased security but got considerably more than they had bargained for. The offending Javascript has since been removed from this site, but I’m leaving this article up as a general screed against all the sites out there that do this, as there are still plenty of them.

Today I happened to notice a really amusing blog post by way of The Passive Voice, called “10 Reasons Why Being a Writer is Like Being Santa Claus.” The blog post itself is pretty funny, though probably not entirely topical for TeleRead in and of itself. (I could probably stretch a point and say something about writers who self-publish, but even that would feel like reaching.)

But my inspiration for this post comes in when I wanted to copy and paste list item number 7 into a Google Hangouts session where I chat with a couple of fellow writers on my Internet fiction project. The bit about grasping at carrots seemed appropriate to one of my co-writers in particular, for more than one reason. But the site was set up to prevent copying and pasting, and a little Javascript window popped up to tell me so.

What’s more, when I hit Ctrl+U to try to view the source (as you can often get around copy-paste blocks by doing that), another little Javascript window popped up to tell me that was forbidden, too.

That made me a little angry. So I took about thirty seconds to look up how to do it, then I went into my Chrome settings and turned off Javascript. I still couldn’t copy and paste directly from the page, but viewing source worked just fine. A quick copy-and-paste of the relevant portion of the page source into Notepad, a little bit of clicking around and backspacing to get rid of the HTML formatting, and I could copy and paste it into the Hangouts window with no problem.

What on earth moves someone to try to lock their words down to the point where you can’t copy and paste them out of an ordinary web page? It’s counterproductive. For starters, I’d never have found the blog post if I hadn’t found it excerpted on The Passive Voice. (Apparently Passive Guy also knows the trick of disabling Javascript.) If you want to get your content shared, you have to accept that sometimes people are going to excerpt it. I frequently excerpt stories here, as fair use permits me to do for the purpose of criticism and commentary.

Furthermore, it’s ineffective. This isn’t a form of DRM where you need to crack encryption. All you need to do is tell your web browser, “Okay, stop doing what that web site tells you and do what I tell you instead.” Is trying to lock down content like that really doing to do anything more than annoy someone who knows their way around web browsers?

And what kind of contempt does that show for your readers? Copying and pasting a relevant paragraph here and there is one of the primary ways people relate to content now. It’s how we share it with our friends who might lack the time or inclination to go visit the URL unless we prompt them with a tempting tidbit. Everybody does that.

If you don’t want your words copied and shared, don’t post them in public on the Internet. If someone is going to copy your entire post and try to pass it off as their own, most of them will be savvy enough to do that whether you use Javascript or not. (Maybe you’ll stop a few people, but as easy as it is to do, I doubt you’ll deter pretty much anyone who knows enough about web design to host their own site.) If they do rip off the whole thing, you file a DMCA request to have it taken down—which you could do whether or not you tried to prevent them from being able to copy it in the first place. It’s just not worth the goodwill you’ll lose from coming off as some kind of control freak by comparison to the 99.99% of the rest of the web who doesn’t bother.

And when you get right down to it, this is effectively a parable for digital rights management in general. Yes, stripping the DRM from e-books is a little more complicated and involved, and it relies on someone out there being willing to do the grunt work for you of coding up a way to crack the digital lock. But once that code is out there, anyone willing to Google it and download it can do it, so any e-book you buy from Amazon or Barnes & Noble or even check out of your local library can be freed of its fetters just by dragging and dropping it into Calibre.

The same holds true for movies. The DRM on DVDs was defeated long ago by DVDJon. Even the DRM on Blu-rays, which changes every so often, is re-cracked just as soon as it changes; the only practical effects of changing Blu-ray DRM are to make Blu-ray players that can no longer update their firmware to deal with the new DRM obsolete, and allow the manufacturers of the DRM-cracking tools to sell expensive lifetime subscriptions for updates to their tool. Small wonder that Steve Jobs prompted music labels to drop DRM on digital music sales!

That doesn’t make it legal, and it certainly doesn’t make it morally right to redistribute those cracked copies via peer-to-peer. But illegal isn’t the same as infeasible—and prohibiting a user operation such as copying and pasting or viewing source doesn’t make it infeasible either.

Incidentally, it’s against the law in the US and a number of other places to tell people how to bypass DRM. In theory, it could be illegal to tell people how to turn Javascript off, too—except that the US law only applies to effective protection measures. And while I’m not a lawyer myself, and there’s some debate over how effective DRM is in general, it seems unlikely that anyone could see a “protection measure” you bypass by simply turning Javascript off as being “effective” enough to come in for that kind of legal protection. Some people keep Javascript turned off in their browsers as a matter of course, and they wouldn’t even encounter the pop-ups or the lock out of viewing the source.

In conclusion, enjoy the funny blog post that I linked above. Enjoy it however you like—because if the user prohibitions get in the way, getting rid of them is just a Javascript-disable away.
http://www.teleread.com/chris-meadow...ess-effective/





Drug Case in Ireland has Fingerprints of Carnegie Mellon's Attack on Tor
Joseph Cox

Two Irish men arrested for drug charges may be the latest known case of law enforcement using Carnegie Mellon University’s sophisticated research to crack the Tor anonymity network.

At least two criminal cases rely on data that researchers at CMU’s Software Engineering Institute provided to the FBI: that of a suspected staffer to the online black market Silk Road 2.0, and an alleged pedophile.

That list may have just expanded.

Newly released evidence shows that Irish detectives who worked the case of two convicted drug dealers may have also used data obtained through SEI’s methods.

On Monday, Neil Mannion, 34, and Richard O'Connor, 24, were jailed for possession of LSD, amphetamine, and cannabis resin with intent to supply. They were arrested back in October 2014 after a raid on a property in Dublin.

Mannion, whom presiding Judge Martin Nolan deemed the “brains of the operation,” received six-and-half years in prison, while O'Connor received three years.

Little information is available on how these two men were caught. But according to the Irish Times, a detective working on the case told the court that Mannion was placed under surveillance “after receiving confidential information about a computer IP address.”

Interestingly, that is the same sort of information that led to the arrests of other Dark Net crime suspects. In November, legal documents revealed that a “university-based research institute” had provided IP addresses to the FBI. Experts already suspected CMU of being involved in attacks on the Tor network during January and June 2014. Shortly after the news of a research institute's involvement broke, the Tor Project, the nonprofit that maintains the Tor software, claimed that the FBI paid researchers CMU's SEI $1 million for the information.

Previously, the Tor browser had been widely praised as a relatively safe way for anyone to hide their Internet presence and activities. Former National Security Agency contractor Edward Snowden, who in 2013 leaked a cache of classified NSA documents to journalists while on the run from the U.S., had touted its use.

The mere presence of IP address evidence alone is not enough to link the case of Mannion with the attack on Tor over a year earlier. But other details point to the bust of the Irishmen being dependent on information obtained by CMU's SEI.

Firstly, Mannion and O'Connor were arrested on Nov. 5, 2014, according to a database of Dark Net arrests created by independent researcher Gwern Branwen. That’s the same day that the owner of Silk Road 2.0, the replacement for the infamous drug marketplace Silk Road, was arrested. The IP addresses of Silk Road 2.0 were provided to the FBI by a “source of information,” according to a search warrant in another case impacted by the attack on Tor, which court documents later confirmed was a university-based research institute.

The shuttering of Silk Road 2.0 was part of Operation Onymous, a multi-agency effort that also seized a number of other Dark Net sites.

Brendan English, a spokesperson for the Irish police, confirmed to the Daily Dot that the arrests of Mannion and O'Connor were also part of Operation Onymous. But he said “we are not in a position to comment” when asked about where the IP addresses provided to Irish authorities came from. The FBI declined to comment.

Regardless, the FBI's source of information also provided the agency with 78 individual IP addresses that accessed the vendor section of Silk Road 2.0, according to the same search warrant. The vendor section of the site was, naturally, only supposed to be known to, and accessed by, those selling products on the marketplace. Thus, Mannion was, presumably, a regular visitor to this section of the site, as he is a confessed Dark Net drug dealer.

Although the evidence is largely circumstantial, the most likely way Irish investigators obtained the IP address of Mannion was via the work of CMU's SEI. But only as more information about current cases becomes available, and charges are brought forward to other individuals, can the full extent of the attack on Tor be realized.
http://www.dailydot.com/politics/tor...h-drug-dealer/





Apple Hits Out at British Plans to Extend Online Surveillance
Paul Sandle

A customer enters the new Apple store, which is the world's largest, on its opening day at Covent Garden in London in this August 7, 2010 file photo.
Reuters/Suzanne Plunkett/Files

Apple (AAPL.O) has warned that a British plan to give intelligence agencies extra online surveillance powers could weaken the security of personal data for millions of people and paralyze the tech sector.

Britain unveiled proposals for new online powers last month that it said were needed to keep the country safe from criminals, fraudsters and militants, including the right to find out which websites people visit.

Critics however say the Investigatory Powers Bill gives British spies authority beyond those available in other Western countries, including the United States, and that it constitutes an assault on personal freedom.

"We believe it is wrong to weaken security for hundreds of millions of law-abiding customers so that it will also be weaker for the very few who pose a threat," the iPhone maker said.

Apple submitted its response to a British parliamentary committee that is scrutinizing the new bill in the latest clash between Western governments seeking to monitor the threat from Islamist militants and online companies working to maintain security.

Apple said the draft laws could weaken data encryption, sanction interference with its products, force non-UK companies to break the laws of their home countries, and spark similar legislation in other countries that could paralyze firms under the weight of dozens of contradictory laws.

Lending support to Apple's view, Microsoft (MSFT.O) also said an international approach would keep people more secure than competing measures from different countries.

"The legislation must avoid conflicts with the laws of other nations and contribute to a system where likeminded governments work together, not in competition, to keep people more secure," a spokeswoman said.

Apple said in its submission an attempt to force non-UK companies to take action that violated the laws of their own countries "would immobilize substantial portions of the tech sector and spark international conflicts".

The British government, which failed with a previous attempt to increase online surveillance dubbed the "snoopers' charter", has said the proposals will not ban encryption or do anything to undermine the security of people's data.

But Apple said proposals in the new bill would weaken encryption, such as the explicit obligation on service providers to help intercept data and hack suspects' devices.

The California-based company, which uses end-to-end encryption on its FaceTime and iMessage services, said the best way to protect against increasingly sophisticated hacking schemes and cyber attacks was by putting into place increasingly stronger -- not weaker -- encryption.

"In this rapidly evolving cyber-threat environment, companies should remain free to implement strong encryption to protect customers," it said.

As well as being able to carry out bulk interception of communications data, the bill would also allow the security services to perform "equipment interference", whereby spies take over computers or smartphones to access their data.

In its submission to the draft bill, Apple criticized any such requirement to create "backdoors" that could weaken the protections built into Apple products.

"A key left under the doormat would not just be there for the good guys," it said. "The bad guys would find it too."

(Editing by Guy Faulconbridge and Dominic Evans)
http://uk.reuters.com/article/us-bri...0U50Z220151222





InterApp: The Gadget That Can Spy on Any Smartphone

Israeli company provides an easy-to-use smartphone hacking gadget, complete with an administration panel
Catalin Cimpanu

Tel Aviv-based Rayzone Group is selling a nifty little gadget called InterApp that can leverage outdated mobile devices and intercept and extract information from nearby smartphones.

As Razyone describes its product, "InterApp is a game-changing tactical intelligence system, developed for intelligence and law enforcement agencies, enabling them to stealthily collect information from the cloud using smartphone application vulnerabilities."

InterApp can allow its operators to break into nearby smartphones that have their WiFi connection open, and then, employing a diverse arsenal of security vulnerabilities, gain root permission on devices and exfiltrate information to a tactical server.

InterApp can steal passwords and data from targeted smartphones

According to Rayzone, InterApp can steal a user's email address password and content, passwords for social networking apps, Dropbox passwords and files, the user's phone contact list, and his photo gallery.

Additionally, the gadget can also acquire the phone's previous geographical locations and plot them on a map, IMEI details, MSISDN data, MAC address, device model, OS info, and personal information on the target, such as gender, age, address, education, and more.

InterApp works on a variety of platforms, operates very fast, handles hundreds of devices at the same time, and requires no technical skills to operate, coming equipped with an idiot-proof administration panel.

InterApp leaves no tracks behind

Even better, InterApp's hacking operations leave no forensics traces on a target's smartphone, or so Rayzone claims.

The company claims that its device was intentionally created for law enforcement, recommending its usage in tactical police centers, airports, or with intervention teams, being quite small and portable.

Rayzone's other products include TA9 - a big data analysis platform; Piranha - a 2G, 3G, and 4G IMSI catcher; ArrowCell - a device for detecting, locating, and neutralizing other IMSI catchers; and GeoMatrix - an advanced geo-location intelligence system. Basically, the company is the hardware-side counterpart of the infamous Hacking Team, an offensive-security vendor from Italy.
http://news.softpedia.com/news/inter...e-497864.shtml





A Secret Catalogue of Government Gear for Spying on Your Cellphone
Scahill, Margot Williams

THE INTERCEPT HAS OBTAINED a secret, internal U.S. government catalogue of dozens of cellphone surveillance devices used by the military and by intelligence agencies. The document, thick with previously undisclosed information, also offers rare insight into the spying capabilities of federal law enforcement and local police inside the United States.

The catalogue includes details on the Stingray, a well-known brand of surveillance gear, as well as Boeing “dirt boxes” and dozens of more obscure devices that can be mounted on vehicles, drones, and piloted aircraft. Some are designed to be used at static locations, while others can be discreetly carried by an individual. They have names like Cyberhawk, Yellowstone, Blackfin, Maximus, Cyclone, and Spartacus. Within the catalogue, the NSA is listed as the vendor of one device, while another was developed for use by the CIA, and another was developed for a special forces requirement. Nearly a third of the entries focus on equipment that seems to have never been described in public before.

The Intercept obtained the catalogue from a source within the intelligence community concerned about the militarization of domestic law enforcement. (The original is here.)

A few of the devices can house a “target list” of as many as 10,000 unique phone identifiers. Most can be used to geolocate people, but the documents indicate that some have more advanced capabilities, like eavesdropping on calls and spying on SMS messages. Two systems, apparently designed for use on captured phones, are touted as having the ability to extract media files, address books, and notes, and one can retrieve deleted text messages.

Above all, the catalogue represents a trove of details on surveillance devices developed for military and intelligence purposes but increasingly used by law enforcement agencies to spy on people and convict them of crimes. The mass shooting earlier this month in San Bernardino, California, which President Barack Obama has called “an act of terrorism,” prompted calls for state and local police forces to beef up their counterterrorism capabilities, a process that has historically involved adapting military technologies to civilian use. Meanwhile, civil liberties advocates and others are increasingly alarmed about how cellphone surveillance devices are used domestically and have called for a more open and informed debate about the trade-off between security and privacy — despite a virtual blackout by the federal government on any information about the specific capabilities of the gear.

“We’ve seen a trend in the years since 9/11 to bring sophisticated surveillance technologies that were originally designed for military use — like Stingrays or drones or biometrics — back home to the United States,” said Jennifer Lynch, a senior staff attorney at the Electronic Frontier Foundation, which has waged a legal battle challenging the use of cellphone surveillance devices domestically. “But using these technologies for domestic law enforcement purposes raises a host of issues that are different from a military context.”

MANY OF THE DEVICES in the catalogue, including the Stingrays and dirt boxes, are cell-site simulators, which operate by mimicking the towers of major telecom companies like Verizon, AT&T, and T-Mobile. When someone’s phone connects to the spoofed network, it transmits a unique identification code and, through the characteristics of its radio signals when they reach the receiver, information about the phone’s location. There are also indications that cell-site simulators may be able to monitor calls and text messages.

In the catalogue, each device is listed with guidelines about how its use must be approved; the answer is usually via the “Ground Force Commander” or under one of two titles in the U.S. code governing military and intelligence operations, including covert action.

But domestically the devices have been used in a way that violates the constitutional rights of citizens, including the Fourth Amendment prohibition on illegal search and seizure, critics like Lynch say. They have regularly been used without warrants, or with warrants that critics call overly broad. Judges and civil liberties groups alike have complained that the devices are used without full disclosure of how they work, even within court proceedings.

“Every time police drive the streets with a Stingray, these dragnet devices can identify and locate dozens or hundreds of innocent bystanders’ phones,” said Nathan Wessler, a staff attorney with the Speech, Privacy, and Technology Project of the American Civil Liberties Union.

The controversy around cellphone surveillance illustrates the friction that comes with redeploying military combat gear into civilian life. The U.S. government has been using cell-site simulators for at least 20 years, but their use by local law enforcement is a more recent development.

The archetypical cell-site simulator, the Stingray, was trademarked by Harris Corp. in 2003 and initially used by the military, intelligence agencies, and federal law enforcement. Another company, Digital Receiver Technology, now owned by Boeing, developed dirt boxes — more powerful cell-site simulators — which gained favor among the NSA, CIA, and U.S. military as good tools for hunting down suspected terrorists. The devices can reportedly track more than 200 phones over a wider range than the Stingray.

Amid the war on terror, companies selling cell-site simulators to the federal government thrived. In addition to large corporations like Boeing and Harris, which clocked more than $2.6 billion in federal contracts last year, the catalogue obtained by The Intercept includes products from little-known outfits like Nevada-based Ventis, which appears to have been dissolved, and SR Technologies of Davie, Florida, which has a website that warns: “Due to the sensitive nature of this business, we require that all visitors be registered before accessing further information.” (The catalogue obtained by The Intercept is not dated, but includes information about an event that occurred in 2012.)

The U.S. government eventually used cell-site simulators to target people for assassination in drone strikes, The Intercept has reported. But the CIA helped use the technology at home, too. For more than a decade, the agency worked with the U.S. Marshals Service to deploy planes with dirt boxes attached to track mobile phones across the U.S., the Wall Street Journal revealed.

After being used by federal agencies for years, cellular surveillance devices began to make their way into the arsenals of a small number of local police agencies. By 2007, Harris sought a license from the Federal Communications Commission to widely sell its devices to local law enforcement, and police flooded the FCC with letters of support. “The text of every letter was the same. The only difference was the law enforcement logo at the top,” said Chris Soghoian, the principal technologist at the ACLU, who obtained copies of the letters from the FCC through a Freedom of Information Act request.

The lobbying campaign was a success. Today nearly 60 law enforcement agencies in 23 states are known to possess a Stingray or some form of cell-site simulator, though experts believe that number likely underrepresents the real total. In some jurisdictions, police use cell-site simulators regularly. The Baltimore Police Department, for example, has used Stingrays more than 4,300 times since 2007.

Police often cite the war on terror in acquiring such systems. Michigan State Police claimed their Stingrays would “allow the State to track the physical location of a suspected terrorist,” although the ACLU later found that in 128 uses of the devices last year, none were related to terrorism. In Tacoma, Washington, police claimed Stingrays could prevent attacks using improvised explosive devices — the roadside bombs that plagued soldiers in Iraq. “I am not aware of any case in which a police agency has used a cell-site simulator to find a terrorist,” said Lynch. Instead, “law enforcement agencies have been using cell-site simulators to solve even the most minor domestic crimes.”

The Intercept is not publishing information on devices in the catalogue where the disclosure is not relevant to the debate over the extent of domestic surveillance.

The Office of the Director of National Intelligence declined to comment for this article. The FBI, NSA, and U.S. military did not offer any comment after acknowledging The Intercept’s written requests. The Department of Justice “uses technology in a manner that is consistent with the requirements and protections of the Constitution, including the Fourth Amendment, and applicable statutory authorities,” said Marc Raimondi, a Justice Department spokesperson who, for six years prior to working for the DOJ, worked for Harris Corp., the manufacturer of the Stingray.

WHILE INTEREST FROM local cops helped fuel the spread of cell-site simulators, funding from the federal government also played a role, incentivizing municipalities to buy more of the technology. In the years since 9/11, the U.S. has expanded its funding to provide military hardware to state and local law enforcement agencies via grants awarded by the Department of Homeland Security and the Justice Department. There’s been a similar pattern with Stingray-like devices.

“The same grant programs that paid for local law enforcement agencies across the country to buy armored personnel carriers and drones have paid for Stingrays,” said Soghoian. “Like drones, license plate readers, and biometric scanners, the Stingrays are yet another surveillance technology created by defense contractors for the military, and after years of use in war zones, it eventually trickles down to local and state agencies, paid for with DOJ and DHS money.”

In 2013, the Florida Department of Law Enforcement reported the purchase of two HEATR long-range surveillance devices as well as $3 million worth of Stingray devices since 2008. In California, Alameda County and police departments in Oakland and Fremont are using $180,000 in Homeland Security grant money to buy Harris’ Hailstorm cell-site simulator and the hand-held Thoracic surveillance device, made by Maryland security and intelligence company Keyw. As part of Project Archangel, which is described in government contract documents as a “border radio intercept program,” the Drug Enforcement Administration has contracted with Digital Receiver Technology for over $1 million in DRT surveillance box equipment. The Department of the Interior contracted with Keyw for more than half a million dollars of “reduced signature cellular precision geolocation.”

Information on such purchases, like so much about cell-site simulators, has trickled out through freedom of information requests and public records. The capabilities of the devices are kept under lock and key — a secrecy that hearkens back to their military origins. When state or local police purchase the cell-site simulators, they are routinely required to sign non-disclosure agreements with the FBI that they may not reveal the “existence of and the capabilities provided by” the surveillance devices, or share “any information” about the equipment with the public.

Indeed, while several of the devices in the military catalogue obtained by The Intercept are actively deployed by federal and local law enforcement agencies, according to public records, judges have struggled to obtain details of how they work. Other products in the secret catalogue have never been publicly acknowledged and any use by state, local, and federal agencies inside the U.S. is, therefore, difficult to challenge.

“It can take decades for the public to learn what our police departments are doing, by which point constitutional violations may be widespread,” Wessler said. “By showing what new surveillance capabilities are coming down the pike, these documents will help lawmakers, judges, and the public know what to look out for as police departments seek ever-more powerful electronic surveillance tools.”

Sometimes it’s not even clear how much police are spending on Stingray-like devices because they are bought with proceeds from assets seized under federal civil forfeiture law, in drug busts and other operations. Illinois, Michigan, and Maryland police forces have all used asset forfeiture funds to pay for Stingray-type equipment.

“The full extent of the secrecy surrounding cell-site simulators is completely unjustified and unlawful,” said EFF’s Lynch. “No police officer or detective should be allowed to withhold information from a court or criminal defendant about how the officer conducted an investigation.”

JUDGES HAVE BEEN among the foremost advocates for ending the secrecy around cell-site simulators, including by pushing back on warrant requests. At times, police have attempted to hide their use of Stingrays in criminal cases, prompting at least one judge to throw out evidence obtained by the device. In 2012, a U.S. magistrate judge in Texas rejected an application by the Drug Enforcement Administration to use a cell-site simulator in an operation, saying that the agency had failed to explain “what the government would do with” the data collected from innocent people.

Law enforcement has responded with some limited forms of transparency. In September, the Justice Department issued new guidelines for the use of Stingrays and similar devices, including that federal law enforcement agencies using them must obtain a warrant based on probable cause and must delete any data intercepted from individuals not under investigation.

Contained within the guidelines, however, is a clause stipulating vague “exceptional circumstances” under which agents could be exempt from the requirement to get a probable cause warrant.

“Cell-site simulator technology has been instrumental in aiding law enforcement in a broad array of investigations, including kidnappings, fugitive investigations, and complicated narcotics cases,” said Deputy Attorney General Sally Quillian Yates.

Meanwhile, parallel guidelines issued by the Department of Homeland Security in October do not require warrants for operations on the U.S. border, nor do the warrant requirements apply to state and local officials who purchased their Stingrays through grants from the federal government, such as those in Wisconsin, Maryland, and Florida.

The ACLU, EFF, and several prominent members of Congress have said the federal government’s exceptions are too broad and leave the door open for abuses.

“Because cell-site simulators can collect so much information from innocent people, a simple warrant for their use is not enough,” said Lynch, the EFF attorney. “Police officers should be required to limit their use of the device to a short and defined period of time. Officers also need to be clear in the probable cause affidavit supporting the warrant about the device’s capabilities.”

In November, a federal judge in Illinois published a legal memorandum about the government’s application to use a cell-tower spoofing technology in a drug-trafficking investigation. In his memo, Judge Iain Johnston sharply criticized the secrecy surrounding Stingrays and other surveillance devices, suggesting that it made weighing the constitutional implications of their use extremely difficult. “A cell-site simulator is simply too powerful of a device to be used and the information captured by it too vast to allow its use without specific authorization from a fully informed court,” he wrote.

He added that Harris Corp. “is extremely protective about information regarding its device. In fact, Harris is so protective that it has been widely reported that prosecutors are negotiating plea deals far below what they could obtain so as to not disclose cell-site simulator information. … So where is one, including a federal judge, able to learn about cell-site simulators? A judge can ask a requesting Assistant United States Attorney or a federal agent, but they are tight-lipped about the device, too.”

The ACLU and EFF believe that the public has a right to review the types of devices being used to encourage an informed debate on the potentially far-reaching implications of the technology. The catalogue obtained by The Intercept, said Wessler, “fills an important gap in our knowledge, but it is incumbent on law enforcement agencies to proactively disclose information about what surveillance equipment they use and what steps they take to protect Fourth Amendment privacy rights.”
https://theintercept.com/2015/12/17/...our-cellphone/





X-Ray Vision? New Technology Making it a Reality for $300
Scott Eisen

X-ray vision, a comic book fantasy for decades, is becoming a reality in a lab at MIT.

A group of researchers led by Massachusetts Institute of Technology professor Dina Katabi has developed software that uses variations in radio signals to recognize human silhouettes through walls and track their movements.

Researchers say the technology will be able to help health care providers and families keep closer tabs on toddlers and the elderly, and it could be a new strategic tool for law enforcement and the military.

"Think of it just like cameras, except that it's not a camera," said Fadel Adib, a researcher on the MIT team developing the device.

"It's a sensor that can monitor people and allow you to control devices just by pointing at them," he said.

Work began in 2012 to determine how wireless signals could be used to "see" what's happening in another room, said Katabi, who directs the MIT Wireless Center.

"At first we were just interested ... can you at all use wireless signals to detect what's happening in occluded spaces, behind a wall, couch, something like that," Katabi said.

"It turned out that we were able to detect that. And when we figured out we could detect that, we started asking more advanced questions: Could we use it to detect exactly how people are moving in a space if they are behind a wall?"

The device displays the signal on a screen, where the person's movements can be tracked in real time. It depicts the target as a red dot moving around the room, occupying a chair and speeding up or slowing down.

The wireless signals used to track a person's motions also can measure the individual's breathing and heart rate — and potentially identify the person based on the shape of his or her skeleton, said researcher Zach Kabelac.

"The person won't be wearing anything on them, and the person it's tracking doesn't even need to know the device is there," Kabelac said.

"If something unfortunate happens to them, like a fall, the device will contact the caregiver that they chose to alert" by generating a text message or an email, he added.

That makes health care applications especially interesting, Katabi said. But she also sees military and law enforcement possibilities — particularly in hostage situations.

"You don't want to send the police inside without knowing where the people are standing or where the hostages are," she said. "If there is someone with a gun, where they are standing?"

A company set up to market the technology, now dubbed Emerald, will spin out of the MIT lab next year, with a goal of marketing the device early in 2017, and it's expected to sell for $250-$300, Adib said. The team is working to make the device smaller and to develop an interface that will let users configure it through a smartphone app, Katabi added.

The technology raises questions about privacy rights and intrusion, and Adib said the team gave serious thought to those implications.

"The user interface will be friendly for setting it up and using it at home, but it will be very hard to use it to track someone just by pointing it at their wall," he said.

"Think of it this way: Your cellphone already has wireless signals that can traverse walls, but how many people can use these signals to actually see through walls? The reason people can't do that is that the user interface does not expose this information."

___

Associated Press writer William J. Kole in Boston contributed to this report.
http://www.newstimes.com/business/te...ty-6714390.php





Researchers Solve Juniper Backdoor Mystery; Signs Point to NSA
Kim Zetter

Security researchers believe they have finally solved the mystery around how a sophisticated backdoor embedded in Juniper firewalls works. Juniper Networks, a tech giant that produces networking equipment used by an array of corporate and government systems, announced on Thursday that it had discovered two unauthorized backdoors in its firewalls, including one that allows the attackers to decrypt protected traffic passing through Juniper’s devices.

The researchers’ findings suggest that the NSA may be responsible for that backdoor, at least indirectly. Even if the NSA did not plant the backdoor in the company’s source code, the spy agency may in fact be indirectly responsible for it by having created weaknesses the attackers exploited.

Evidence uncovered by Ralf-Philipp Weinmann, founder and CEO of Comsecuris, a security consultancy in Germany, suggests that the Juniper culprits repurposed an encryption backdoor previously believed to have been engineered by the NSA, and tweaked it to use for their own spying purposes. Weinmann reported his findings in an extensive post published late Monday.

Security experts say the attack on Juniper firewalls underscores precisely why they have been saying for a long time that government backdoors in systems are a bad idea—because they can be hijacked and repurposed by other parties.

They did this by exploiting weaknesses the NSA allegedly placed in a government-approved encryption algorithm known as Dual_EC, a pseudo-random number generator that Juniper uses to encrypt traffic passing through the VPN in its NetScreen firewalls. But in addition to these inherent weaknesses, the attackers also relied on a mistake Juniper apparently made in configuring the VPN encryption scheme in its NetScreen devices, according to Weinmann and other cryptographers who examined the issue. This made it possible for the culprits to pull off their attack.

Weinmann says the Juniper backdoor is a textbook example of how someone can exploit the existing weaknesses in the Dual_EC algorithm, noting that the method they used matches exactly a method the security community warned about back in 2007.

The new information about how the backdoor works also suggests that a patch Juniper sent to customers last week doesn’t entirely fix the backdoor problem, since the major configuration error Juniper made still exists.

“One [more] line of code could fix this,” Weinmann says. He’s not sure why Juniper didn’t add this fix to the patch it sent to customers last week.

Although the party behind the Juniper backdoor could be the NSA or an NSA spying partner like the UK or Israel, news reports last week quoted unnamed US officials saying they don’t believe the US intelligence community is behind it, and that the FBI is investigating the issue. Other possible culprits behind the sophisticated attack, of course, could be Russia or China.

If someone other than the US did plant the backdoor, security experts say the attack on Juniper firewalls underscores precisely why they have been saying for a long time that government backdoors in systems are a bad idea—because they can be hijacked and repurposed by other parties.

How the Backdoor Works

According to Weinmann, to make their scheme work, the attackers behind the Juniper backdoor altered Juniper’s source code to change a so-called constant or point that the Dual_EC algorithm uses to randomly generate a key for encrypting data. It’s assumed the attackers also possess a second secret key that only they know. This secret key, combined with the point they changed in Juniper’s software, the inherent weaknesses in Dual_EC, and the configuration error Juniper made, would allow them to decrypt Juniper’s VPN traffic.

The weaknesses in Dual_EC have been known for at least eight years. In 2007, a Microsoft employee named Dan Shumow gave a five-minute talk at a cryptography conference in California discussing discoveries that he and a Microsoft colleague named Niels Ferguson had made in the algorithm. The algorithm had recently been approved by the National Institute of Standards and Technology, along with three other random number generators, for inclusion in a standard that could be used to encrypt government classified communication. Each of the four approved generators are based on a different cryptographic design. The Dual_EC is based on elliptic curves. The NSA had long championed elliptic curve cryptography in general and publicly championed the inclusion of Dual_EC specifically for inclusion in the standard.

Random number generators play a crucial role in creating cryptographic keys. But Shumow and Ferguson found that problems with the Dual_EC made it possible to predict what the random number generator would generate, making the encryption produced with it susceptible to cracking. But this wasn’t the only problem.

The NIST standard also included guidelines for implementing the algorithm and recommended using specific constants or points—static numbers—for the elliptic curve that the random number generator relies on to work. These constants serve as a kind of public key for the algorithm. Dual_EC needs two parameters or two points on the elliptic curve; Shumow and Ferguson referred to them as P and Q.

They showed that if Q is not a true randomly generated point, and the party responsible for generating Q also generates a secret key, what they referred to as “e”, then whoever has the secret key can effectively break the generator. They determined that anyone who possessed this secret key could predict the output of the random number generator with only a very small sample of data produced by the generator—just 32 bytes of output from it. With that small amount, the party in possession of the secret key could crack the entire encryption system.

No one knew who had produced the constants, but people in the security community assumed the NSA had produced them because the spy agency had been so instrumental in having the Dual_EC algorithm included in the standard. If the NSA did produce the constants, there was concern that the spy agency might have also generated a secret key.

Cryptographer Bruce Schneier called it “scary stuff” in a piece he wrote for WIRED in 2007, but he said the flaws must have been accidental because they were too obvious—therefore developers of web sites and software applications wouldn’t use it to secure their products and systems.

The only problem with this is that major companies, like Cisco, RSA, and Juniper did use Dual_EC. The companies believed this was okay because for years no one in the security community could agree if the weakness in Dual_EC was actually an intentional backdoor. But in September 2013, the New York Times seemed to confirm this when it asserted that Top Secret memos leaked by Edward Snowden showed that the weaknesses in Dual_EC were intentional and had been created by the NSA as part of a $250-million, decade-long covert operation to weaken and undermine the integrity of encryption systems in general.

Despite questions about the accuracy of the Times story, it raised enough concerns about the security of the algorithm that NIST subsequently withdrew support for it. Security and crypto companies around the world scrambled to examine their systems to determine if the compromised algorithm played a role in any of their products.

In an announcement posted to its web site after the Times story, Juniper acknowledged that the ScreenOS software running on its NetScreen firewalls does use the Dual_EC_DRBG algorithm. But the company apparently believed it had designed its system securely so that the inherent weakness in Dual_EC was not a problem.

Juniper wrote that its encryption scheme does not use Dual_EC as its primary random number generator and that it had also implemented the generator in a secure way so that its inherent vulnerabilities didn’t matter. It did this by generating its own constant, or Q point, to use with the generator instead of the questionable one that had been attributed to the NSA. Juniper also used a second random number generator known as ANSI X.9.31. The Dual_EC generated initial output that was supposed to then be run through the ANSI generator. The output from the second random generator would theoretically cancel out any vulnerabilities that were inherent in the Dual_EC output.

Except Juniper’s system contained a bug, according to Willem Pinckaers, an independent security researcher in the San Francisco area who examined the system with Weinmann. Instead of using the second generator, it ignored this one and used only the output from the bad Dual_EC generator.

“What’s happening is they managed to screw it up in all the firmware, such that the ANSI code is there but it’s never used,” Weinmann told WIRED. “That’s a catastrophic fail.”

This put the output at risk of being compromised if an attacker also possessed a secret key that could be used with the Q point to unlock the encryption.

Weinmann and others discovered that the attackers altered Juniper’s Q and changed it to a Q they had generated. The attackers appear to have made that change in August 2012—at least that’s when Juniper started shipping a version of its ScreenOS firmware with a Q point that was different than previous versions used.

So essentially, although Juniper used its own Q point instead of using the one allegedly generated by the NSA, in an effort to make the Dual_EC more secure, the company hadn’t anticipated that attackers might break into Juniper’s network, gain access to critical systems used to build its source code, and change the Q again to something of their own choosing. And presumably, they also possess the secret key that works with the Q to unlock the encryption, otherwise they would not have gone to the trouble of changing Q. “It stands to reason that whoever managed to slip in their own Q [into the software] will also know the corresponding e,” Weinmann says.

This would not have been enough to make the backdoor work, however, if Juniper had indeed configured its system the way it said it did—using two random number generators and relying only on the second one, the ANSI generator, for the final output. But we now know it failed to do that. The backdoor remained undetected for at least three years, until Juniper recently discovered it during a code review.

Matthew Green, a cryptographer and professor at Johns Hopkins University, says that the ANSI failure raises additional questions about Juniper. “I don’t want to say that Juniper did this on purpose. But if you wanted to create a deliberate backdoor based on Dual_EC and make it look safe, while also having it be vulnerable, this is the way you’d do it. The best backdoor is a backdoor that looks like a bug, where you look at the thing and say, ‘Whoops, someone forgot a line of code or got a symbol wrong.’ … It makes it deniable. But this bug happens to be sitting there right next to this incredibly dangerous NSA-designed random number generator, and it makes that generator actually dangerous where it might not have been otherwise.”

The evidence that someone intentionally changed the Q parameter in Juniper’s software confirms what Shumow and Ferguson had warned: The inherent weaknesses in Dual_EC provide the perfect backdoor to the algorithm. Even if the algorithm was not intended to create a backdoor for the NSA, it made it possible for someone to piggyback on its weaknesses to turn it into a backdoor for themselves.

Even more worrisome is that Juniper systems are still essentially insecure. Juniper didn’t patch the problem by removing Dual_EC altogether or by altering the configuration so that the VPN encryption scheme relies on output from the ANSI generator; instead Juniper patched it simply by changing the Q point back to what the company originally had in the system. This leaves the firewalls susceptible to attack again if attackers can change the points a second time without Juniper detecting it.

The company, Weinmann says, should at least issue a new patch that makes the system use the ANSI generator and not the Dual_EC one.

“It would take one line of code to fix this,” he says.

And there’s another problem, he notes.

Juniper admitted that it had generated its own Q for Dual_EC, but it has not revealed how it generated Q—so others can’t verify that Juniper did it in a truly random way that would ensure its security. And in generating its own Q, it raises questions about whether Juniper also generated its own secret key, or “e” for the generator, which would essentially give Juniper a backdoor to the encrypted VPN traffic. This should worry customers just as much as the NSA holding a key to the backdoor, Weinmann says.

“It now depends on whether you trust them to have generated this point randomly or not. I would probably not do that at this point,” he says, given the other mistakes the company made.

Green says because of the weakness inherent in Dual_EC, Juniper should have removed it back in 2013 after the Times story published and should do so now to protect customers. “There’s no legitimate reason to put Dual_EC in a product,” he says. “There never was. This is an incredibly powerful and dangerous code and you put it in your system and it creates a capability that would not have been there otherwise. There’s no way to use it safely.”
http://www.wired.com/2015/12/researc...he-nsas-fault/





NSA Helped British Spies Find Security Holes In Juniper Firewalls
Ryan Gallagher, Glenn Greenwald

A TOP-SECRET document dated February 2011 reveals that British spy agency GCHQ, with the knowledge and apparent cooperation of the NSA, acquired the capability to covertly exploit security vulnerabilities in 13 different models of firewalls made by Juniper Networks, a leading provider of networking and Internet security gear.

The six-page document, titled “Assessment of Intelligence Opportunity – Juniper,” raises questions about whether the intelligence agencies were responsible for or culpable in the creation of security holes disclosed by Juniper last week. While it does not establish a certain link between GCHQ, NSA, and the Juniper hacks, it does make clear that, like the unidentified parties behind those hacks, the agencies found ways to penetrate the “NetScreen” line of security products, which help companies create online firewalls and virtual private networks, or VPNs. It further indicates that, also like the hackers, GCHQ’s capabilities clustered around an operating system called “ScreenOS,” which powers only a subset of products sold by Juniper, including the NetScreen line. Juniper’s other products, which include high-volume Internet routers, run a different operating system called JUNOS.

The possibility of links between the security holes and the intelligence agencies is particularly important given an ongoing debate in the U.S. and the U.K. over whether governments should have backdoors allowing access to encrypted data. Cryptographers and security researchers have raised the possibility that one of the newly discovered Juniper vulnerabilities stemmed from an encryption backdoor engineered by the NSA and co-opted by someone else. Meanwhile, U.S. officials are reviewing how the Juniper hacks could affect their own networks, putting them in the awkward position of scrambling to shore up their own encryption even as they criticize the growing use of encryption by others.

The author of the 2011 GCHQ document, an NSA employee who was working with GCHQ as part of an “Access Strategy Team,” takes a similarly adversarial view of encryption, referring to Juniper as a “threat” and a “target” because it provides technology to protect data from eavesdropping. Far from suggesting that security agencies should help U.S. and U.K. companies mend their digital defenses, the document says the agencies must “keep up with Juniper technology” in the pursuit of SIGINT, or signals intelligence.

“The threat comes from Juniper’s investment and emphasis on being a security leader,” the document says. “If the SIGINT community falls behind, it might take years to regain a Juniper firewall or router access capability if Juniper continues to rapidly increase their security.”

The document, provided by NSA whistleblower Edward Snowden, shines light on the agencies’ secret efforts to ensure they could monitor information as it flowed through Juniper’s products, which are used by Internet providers, banks, universities, and government agencies. It notes that while Juniper trails its competitors, it is a “technology leader” with gear “at the core of the Internet in many countries,” including several deemed to be high priority from a spying perspective: Pakistan, Yemen, and China.

Asked about the document, GCHQ issued a boilerplate response asserting that the agency does not comment on intelligence matters and complies with “a strict legal and policy framework.” The NSA could not immediately respond Tuesday. Juniper sent a written statement saying the company “operates with the highest of ethical standards, and is committed to maintaining the integrity, security, and quality of our products. As we’ve stated previously … it is against established Juniper policy to intentionally include ‘backdoors’ that would potentially compromise our products or put our customers at risk. Moreover, it is Juniper policy not to work with others to introduce vulnerabilities into our products.”

Juniper’s prominence and ubiquity similarly helped draw attention to the more recent hacks against the company, which first came to light Thursday, when the California firm revealed it had discovered “unauthorized code” in ScreenOS enabling two major vulnerabilities. One, first present in an August 2012 release of ScreenOS, could allow access to encrypted data transmitted over VPNs. The other, first surfacing in a December 2014 ScreenOS release, allows an attacker to remotely administer a firewall, thus leading to “complete compromise of the affected device,” according to Juniper. The vulnerabilities remained in versions of ScreenOS released through at least October of this year.

It is the earlier vulnerability, potentially allowing eavesdropping on VPNs, that has generated vigorous online discussion among computer security experts. Some, like Johns Hopkins professor Matthew Green and security researcher Ralf-Philipp Weinmann, have said that an attacker appears to have subverted a backdoor shown, in previously disclosed documents from Snowden, to have originated with the NSA. Specifically, the attacker seems to have tampered with a 32-byte value used to seed the generation of random numbers, numbers that are in turn used in the process of encrypting data in ScreenOS. ScreenOS uses the value as a parameter to a standard system for random number generation known as Dual Elliptic Curve Deterministic Random Bit Generator. The default 32-byte value in this standard is believed to have been generated by the NSA. Juniper said, in the wake of the Snowden revelations about the standard, that it had replaced this 32-byte value with its own “self-generated basis points.” So the attacker would have replaced Juniper’s replacement of the NSA 32-byte value.

Matt Blaze, a cryptographic researcher and director of the Distributed Systems Lab at the University of Pennsylvania, said the document contains clues that indicate the 2011 capabilities against Juniper are not connected to the recently discovered vulnerabilities. The 2011 assessment notes that “some reverse engineering may be required depending on firmware revisions” affecting targeted NetScreen firewall models. Blaze said this points away from the sort of ScreenOS compromise behind the more recent Juniper vulnerabilities.

“With the [recently discovered] backdoor, a firmware revision would either have the backdoor or it wouldn’t, and if it was removed, they’d have to do a lot more than ‘some reverse engineering’ to recover the capability,” Blaze said. “My guess from reading this is that the capabilities discussed here involved exploiting bugs and maybe supply chain attacks, rather than this [recently discovered] backdoor.”

Blaze said the exploit capabilities in the 2011 document seem consistent with a program called “FEEDTROUGH,” first revealed in a 2007 document published alongside an article in German newsweekly Der Spiegel.

Even if it outlines capabilities unconnected to the recently discovered Juniper hacks, the 2011 GCHQ assessment makes clear that the author was interested in expanding the agencies’ capabilities against Juniper. “The vast majority of current Juniper exploits are against firewalls running the ScreenOS operating system,” the author wrote. “An effort to ensure exploitation capability” against Juniper’s primary operating system, JUNOS, “should bear fruit against a wide range of Juniper products.”

The document suggests that the intelligence agencies successfully used the security holes they identified in Juniper’s devices to repeatedly penetrate them for surveillance, stating that “Juniper technology sharing with NSA improved dramatically during [calendar year] 2010 to exploit several target networks where GCHQ had access primacy.”

The assessment also notes that, because Juniper is a U.S.-based company, there is both “opportunity and complication” in targeting its technology. “There is potential to leverage a corporate relationship should one exist with NSA,” it says, adding: “Any GCHQ efforts to exploit Juniper must begin with close coordination with NSA.”

It further states that GCHQ has a “current exploit capability” against 13 Juniper models, all of which run ScreenOS: NS5gt, N25, NS50, NS500, NS204, NS208, NS5200, NS5000, SSG5, SSG20, SSG140, ISG 1000, ISG 2000. It reveals that the agency was developing an additional surveillance capability to hack into high-capacity Juniper M320 routers, which were designed to be used by Internet service providers.

“The ability to exploit Juniper servers and firewalls,” the document says, “will pay many dividends over the years.”
https://theintercept.com/2015/12/23/...-nsa-and-gchq/





Cisco Systems Will be Auditing Their Code for Backdoors
Zeljka Zorz

In the wake of the discovery of two backdoors on Juniper's NetScreen firewall devices, Cisco Systems has announced that they will be reviewing the software running on their devices, just in case.

Anthony Grieco, a Senior Director of the Security and Trust Organization at Cisco, made sure to first point out that the popular networking equipment manufacturer has a “no backdoor” policy.

"Our development practices specifically prohibit any intentional behaviors or product features designed to allow unauthorized device or network access, exposure of sensitive device information, or a bypass of security features or restrictions," Anthony Grieco, a Senior Director of the Security and Trust Organization at Cisco, noted.

"Although our normal practices should detect unauthorized software, we recognize that no process can eliminate all risk. Our additional review includes penetration testing and code reviews by engineers with deep networking and cryptography experience."

The reviewers will be looking for backdoors, hardcoded or undocumented account credentials, covert communication channels and undocumented traffic diversions.

Grieco also invited customers and security researchers to report any vulnerabilities they might find to the Cisco PSIRT.

Today, SANS ISC raised its infocon status from green to yellow due to the critical impact the public revelation of Juniper's backdoors and the publication of the password for exploiting of one of them might have on the security of the Internet infrastructure, as well as that of organizations using Juniper's devices.
http://www.net-security.org/secworld.php?id=19266





China Just Launched the Most Frightening Game Ever — and Soon It Will Be Mandatory
Claire Bernish

As if further proof were needed Orwell’s dystopia is now upon us, China has now gamified obedience to the State. Though that is every bit as creepily terrifying as it sounds, citizens may still choose whether or not they wish to opt-in — that is, until the program becomes compulsory in 2020. “Going under the innocuous name of ‘Sesame Credit,’ China has created a score for how good a citizen you are,” explains Extra Credits’ video about the program. “The owners of China’s largest social networks have partnered with the government to create something akin to the U.S. credit score — but, instead of measuring how regularly you pay your bills, it measures how obediently you follow the party line.”

In the works for years, China’s ‘social credit system’ aims to create a docile, compliant citizenry who are fiscally and morally responsible by employing a game-like format to create self-imposed, group social control. In other words, China gamified peer pressure to control its citizenry; and, though the scheme hasn’t been fully implemented yet, it’s already working — insidiously well.

Zheping Huang, a reporter for Quartz, chronicled his own experience with the social control tool in October, saying that “in the past few weeks I began to notice a mysterious new trend. Numbers were popping up on my social media feeds as my friends and strangers on Weibo [the Chinese equivalent to Twitter] and WeChat began to share their ‘Sesame Credit scores.’ The score is created by Ant Financial, an Alibaba-affiliated company that also runs Alipay, China’s popular third-party payment app with over 350 million users. Ant Financial claims that it evaluates one’s purchasing and spending habits in order to derive a figure that shows how creditworthy someone is.”

However, according to a translation of the “Planning Outline for the Construction of a Social Credit System,” posted online by Oxford University’s China expert, Rogier Creemers, it’s nightmarishly clear the program is far more than just a credit-tracking method. As he described it, “The government wants to build a platform that leverages things like big data, mobile internet, and cloud computing to measure and evaluate different levels of people’s lives in order to create a gamified nudging for people to behave better.”

While Sesame Credit’s roll-out in January has been downplayed by many, the American Civil Liberties Union, among others, urges caution, saying:

“The system is run by two companies, Alibaba and Tencent, which run all the social networks in China and therefore have access to a vast amount of data about people’s social ties and activities and what they say. In addition to measuring your ability to pay, as in the United States, the scores serve as a measure of political compliance. Among the things that will hurt a citizen’s score are posting political opinions without prior permission, or posting information that the regime does not like, such as about the Tiananmen Square massacre that the government carried out to hold on to power, or the Shanghai stock market collapse. It will hurt your score not only if you do these things, but if any of your friends do them.” And, in what appears likely the goal of the entire program, added, “Imagine the social pressure against disobedience or dissent that this will create.”

Social pressure, of course, can be highly effective given the right circumstances. China seems to have found exactly that in the intricate linking of people’s scores to their contacts, which can be seen publicly by anyone — and then upping the ante through score-based incentives and rewards. Rick Falkvinge pointed out a startling comparison:

“The KGB and the Stasi’s method of preventing dissent from taking hold was to plant so-called agents provocateurs in the general population, people who tried to make people agree with dissent, but who actually were arresting them as soon as they agreed with such dissent. As a result, nobody would dare agree that the government did anything bad, and this was very effective in preventing any large-scale resistance from taking hold. The Chinese way here is much more subtle, but probably more effective still.”
As Creemers described to Dutch news outlet, de Volkskrant, “With the help of the latest internet technologies, the government wants to exercise individual surveillance. The Chinese aim […] is clearly an attempt to create a new citizen.”

Chinese internet specialist at the Swedish Institute of International Affairs, Johan Lagerkvist, said the system is“very ambitious in scope, including scrutinizing individual behavior and what books people read. It’s Amazon’s consumer tracking with an Orwellian political twist.”

James Corbett has been tracking the implementation of Sesame Credit for some time. Introducing the ubiquitous tracking system for a recent episode of the Corbett Report, he mused:

“Coming soon to a New World Order near you: social credit! Earn points by behaving like the government wants you to behave! Get penalized if you don’t act like a doubleplusgood citizen! What could be more fun?”

Indeed, because mandatory enrollment in Sesame Credit is still a few years away, its true effectiveness won’t be measurable for some time. But even a reporter’s usual wariness appears knocked off-kilter, as Zheping Huang summarized his personal experience, “Even if my crappy credit score doesn’t mean much now, it’s in my best interest I suppose to make sure it doesn’t go too low.”

And that, of course, is precisely why gamifying State obedience is so terrifying.
http://theantimedia.org/china-just-l...-be-mandatory/

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

December 19th, December 12th, December 5th, November 28th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 10:14 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)