P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 16-10-19, 07:14 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - October 19th, ’19

Since 2002































October 19th, 2019




Comcast Officially Becomes the First ISP to Join ACE’s Anti-Piracy Efforts
Bill Toulas

• Comcast becomes a member of the ACE, and will probably ramp up its piracy-fighting activities.
• Subscribers of Comcast Internet and Xfinity may get in trouble, even when casually pirating.
• This is a pivotal point in time, as more ISPs may decide to follow Comcast’s lead in the near future.

While many ISPs (Internet Service Providers) have taken the side of piracy-fighting organizations in the past, Comcast has just become the first one to join the ACE (Alliance for Creativity and Entertainment) anti-piracy coalition. The ACE has been intensifying its pirate-targeting operations lately, warning internet users that there is no place in the world where they can hide from them as they maintain an extensive network of collaborators. This latest development of adding Comcast under the ACE umbrella will impact mainly the U.S. piracy scene.

Comcast is an American telecommunication and TV company, which also happens to be the third-largest home telephone service provider in the U.S. They serve commercial customers in 41 states, who will now have to think twice before visiting a pirating platform. Simply put, Comcast will most likely provide no identity protection to its customers from now on, and anyone who indulges in piracy will probably have to face the legal consequences. As for platform owners and operators, Comcast and its subsidiaries (Comcast Cable, and Xfinity) should now be absolutely excluded from their service options. This, however, is not a change in direction for the telecommunications giant.

NBCUniversal, Sky, and Telemundo have been members of ACE since the formation of the coalition, and all three of them are owned by Comcast. That said, the company has always been against piracy and doing something to enforce copyright protection regulations. However, this is the first time that we see an ISP entering this stage, and that could signify the dawn of an age where “casual pirates” aren’t left alone. Since pirating IPTV operators have become so elusive and hard to bring to justice, maybe shifting some focus to casual users will yield the desired results in the market of illicit content provision.

Whatever the plan is, we have no official statements to lay down right now. The ACE isn’t the most press-friendly coalition, and Comcast hasn’t published any announcements about why exactly they have decided to join the ACE. If we see more ISPs hop on the piracy-fighting bandwagon, then the pressure to illicit content providers will take immense proportions. If not, we should expect market rearrangements, as Comcast subscribers will start looking elsewhere.
https://www.technadu.com/comcast-bec...alition/82625/





YouTube Gets Alleged Copyright Troll to Agree to Stop Trolling YouTubers

A lawsuit filed back in August has reached an agreement
Julia Alexander

Alleged copyright troll Christopher Brady will no longer be able to issue false DMCA takedowns to other YouTubers, according to a lawsuit settlement filed today.

Under the new agreement, Brady is banned from “submitting any notices of alleged copyright infringement to YouTube that misrepresent that material hosted on the YouTube service is infringing copyrights held or claimed to be held by Brady or anyone Brady claims to represent.” Brady agreed to pay $25,000 in damages as part of the settlement. He is also prohibited from “misrepresenting or masking their identities” when using Google products, including YouTube.

“This settlement highlights the very real consequences for those that misuse our copyright system. We’ll continue our work to prevent abuse of our systems,” a YouTube spokesperson told The Verge.

YouTube first sued Brady in August after learning that he targeted a couple of Minecraft and gaming creators — “Kenzo” and “ObbyRaidz” — by using false copyright claim takedowns. The company removed the videos, as the company is required to do when a claim is submitted. YouTube only pursued legal action after it was informed that Brady was allegedly using copyright strikes as a way to pressure creators into paying a lump sum of cash. Brady would allegedly strike two videos on a channel and then demand cash; three strikes on a channel result in it being terminated.

“I, Christopher L. Brady, admit that I sent dozens of notices to YouTube falsely claiming that material uploaded by YouTube users infringed my copyrights,” he said in an apology, shared by YouTube with The Verge. “I apologize to the YouTube users that I directly impacted by my actions, to the YouTube community, and to YouTube itself.”

YouTube claimed the investigation caused the company to “expend substantial sums on its investigation in an effort to detect and halt that behavior, and to ensure that its users do not suffer adverse consequences from it.” YouTube also said that the company may be “unable to detect and prevent similar misconduct in the future,” as a result of the various methods Brady took to cover up his identity.
https://www.theverge.com/2019/10/15/...istopher-brady





Court Refuses to Block Netflix Release of ‘The Laundromat’
Gene Maddaus

A judge has refused to block the release of “The Laundromat,” a Netflix film based on the Panama Papers scandal.

Jurgen Mossack and Ramon Fonseca — the attorneys at the center of the scandal — filed suit in federal court in Connecticut on Tuesday, claiming they were defamed by the film. The attorneys asked for an injunction that would bar Netflix from distributing the Steven Soderbergh film on its platform.

In a ruling on Thursday night, Judge Janet Bond Arterton refused to issue the injunction, and instead transferred the case to California. Arterton found that the Connecticut court has no jurisdiction over the issue.

“This lawsuit was a frivolous legal stunt designed to censor creative expression,” Netflix said in a statement. “Steven Soderbergh’s film tells an important story about the exploitation of innocent people and the misuse of the world’s financial system. Fortunately, you can now watch ‘The Laundromat’ — the film that Mossack and Fonesca tried to censor — on Netflix.”

The movie was given a limited theatrical release on Sept. 27, and began streaming at 12:01 a.m. on Friday.

The film is based on “Secrecy World,” a book about the Panama Papers. In 2015, an anonymous whistleblower leaked 11.5 million documents from the Mossack Fonseca law firm, which revealed a massive web of offshore tax havens.

Mossack Fonseca shuttered its operations last year, and is facing criminal inquiries around the globe. The attorneys allege that the additional publicity from the film will goad Panamanian prosecutors into action, and could taint a potential jury pool if charges are ever brought in the United States.
https://variety.com/2019/film/news/n...ed-1203375208/





MegaUpload’s Kim Dotcom Shows Off Blockchain File-Sharing Platform K.im

K.im makes it easier to monetize content
Robert Stevens

Kim Dotcom, aka Kim Schmitz, aka, the guy who’s battling extradition to the US over copyright infringement charges relating to file-sharing giant MegaUpload, today put out a new demo to show off the front-end of his file-sharing blockchain platform, called K.im.

K.im is a “content monetisation platform” whereby the internet’s movers and shakers, like artists, and content creators can upload content, then sell it to other users for a nominal fee and get paid in Bitcoin⁠—or a new native token, Kimcoin. Dotcom said, “It’s integrated with Bitcoin powered technologies that give all the security of Bitcoin, but faster and cheaper transactions using Lightning and Liquid.”

The demo shows three elements: the K.im Content Management Platform, which lets you manage and price up your content, and “Double Encrypted KED”—K.im Encrypted Data, the platform’s own encryption service that encrypts the file on third-party services, then again on its server—meaning that nobody can read it. Then there’s “K.im Payment”, the blockchain-based payment engine that makes the micropayment magic happen.

Dotcom himself is perhaps best known as the face of one of the internet’s biggest copyright infringement cases. As co-founder of MegaUpload, a file-hosting website with over 1 billion views, Dotcom was accused of involvement in a “Mega Conspiracy”, a global organization dedicated to copyright infringement and racketeering, by the New Zealand and American governments in the early 2010s. An armed police raid on Dotcom’s mansion saw the seizure of assets worth $17 million, including 18 luxury cars, artworks and giant screen TVs, while bank accounts holding $175m in assets were frozen.

According to its one-pager, the “K.im Platform will revolutionise the monetisation of the digital content distribution industry to create a fair market for content creators and consumers.” The idea is to shirk those crafty middlemen who deliver services like Spotify and Netflix, and once again return to a model of digital ownership: should Spotify, Netflix, Electronic Arts or any other streaming service choose to rescind its offering of a certain song, TV show, or videogame, consumers are left powerless. Of course, K.im itself functions as a middleman, taking a 4 percent cut of earnings on the platform.

K.im claims that its service has been designed in such a way that administrators have no visibility of user content, thanks to “enhanced privacy and confidentiality safeguards”. It also says that content stored on the platform is doubly encrypted, that the platform “does not know what content artists are selling,” and that it doesn’t know whether content is stored on decentralized or centralized servers. “Because of this safeguard it is not technically or factually possible for K.im to have any knowledge at all about file-sharing activities between users on the site, and whether or not these allegedly may infringe copyright claimed by some third party,” it adds.

K.im states that it, “will establish policies in its terms of use as to abuse of copyright, as K.im takes such matters seriously”. And K.im users have to comply with their chosen file-sharing platform’s terms of service.

If you’re uploading from Dropbox, for example, you have to comply with Dropbox’s storage policies, which request that users don’t copy, upload, download or share content unless they have the right to do so, that it may “review your conduct and content for compliance” with its terms, and that it isn’t responsible for the content people post and share.

But using K.im’s home-rolled encryption, “neither K.im nor any of the third-party storage providers where the file is uploaded can view its content or its metadata.” K.im users aren’t limited to conventional file-sharing services such as Dropbox, either; they can also upload content using peer-to-peer anonymous file-sharing services like Filecoin, or Bittorrent’s BTT.

K.im says that it will employ “systematic and heuristic measures to deter repetitive abuse,” and that the new platform will “allow people to report on the grounds of copyright infringement and malicious content,” a process that will be set out in the terms of use.

Dotcom is confident that, like his previous initiatives, K.im will go viral. “My previous products have attracted tens of millions of users and the support of Class A celebrities all over the world,” he told Decrypt. “K.im has an initial line up of influencers that have very large followings that are excited to use the product and Kim Dotcom has a track record of achieving viral marketing for previous products,” he added.
https://decrypt.co/10360/megauploads...-platform-k-im





SpaceX Says 12,000 Satellites Isn’t Enough, So it Might Launch Another 30,000

SpaceX makes preliminary filing with ITU as it considers big Starlink expansion.
Jon Brodkin

SpaceX is seeking permission to launch another 30,000 low-Earth orbit (LEO) satellites for its Starlink broadband network, which would be in addition to the nearly 12,000 satellites the company already has permission to launch. But it's too early in the process to determine whether SpaceX is likely to launch most or all of the additional 30,000 satellites.

The Federal Communications Commission made the requests on SpaceX's behalf, as is standard practice, in a series of filings with the International Telecommunication Union (ITU) last week. (Here's an example of one of the filings.) The 30,000 satellites would operate "at altitudes ranging from 328 kilometers to 580 kilometers," SpaceNews reported yesterday.

The filings are known as coordination requests. As SpaceNews noted, the ITU coordinates spectrum "to prevent signal interference and spectrum hogging." SpaceX's filing is an early step in the process and doesn't commit SpaceX to launching all 30,000 satellites.

SpaceNews wrote:

“Filings trigger a seven-year deadline whereby the satellite operator, in this case SpaceX, must launch at least one satellite with its requested frequencies and operate it for 90 days. Once spectrum rights have been assigned through this "bring into use" procedure, other ventures must design their systems to avoid interference with the newly minted incumbent operator.”

UPDATE: SpaceX contacted us to point out that the ITU recently clarified its rules to say that the coordination process does not give one provider an advantage over another in spectrum allocation. Instead, the ITU uses a two-way process in which ITU member nations "bilaterally discuss technical solutions to ensure that both systems can coexist without interfering to each other." SpaceX is referring to section 2.2 on pages 7 and 8 of this document.

Dramatic expansion in satellites orbiting Earth

SpaceX is facing competition in the nascent low-Earth satellite broadband market from OneWeb, Space Norway, Telesat, and Amazon. Broadband delivered by low-Earth satellites should provide faster speeds and lower latencies than traditional satellites, which orbit at much higher altitudes. SpaceX has said it intends to provide gigabit speeds and latency as low as 25ms, but the company hasn't revealed how much the service will cost.

SpaceX's constellation alone would dwarf the total number of satellites orbiting Earth today. As of January 2019, about 8,950 satellites had been placed into Earth orbit since 1957, and about 5,000 of those were still in space, according to the European Space Agency (ESA). Only about 1,950 of those are still functioning.

If SpaceX proceeds with the additional 30,000 satellites, it would have to seek FCC permission and provide more technical detail, including plans to minimize debris and prevent collisions. SpaceX is designing its satellites to burn up completely during atmospheric re-entry in order to prevent physical harm from falling objects.

The ESA recently had to perform a collision-avoidance maneuver to protect one of its satellites from a potential collision with a Starlink satellite. The ESA says it is investing in technology that can automate collision avoidance because of the massive number of satellites being deployed for broadband networks.

"As the number of satellites in space dramatically increases, close approaches between two operated spacecraft will occur more frequently," the ESA said.

SpaceX wants more capacity

In a statement about the new ITU filings, SpaceX told Ars and other media outlets yesterday that it "is taking steps to responsibly scale Starlink's total network capacity and data density to meet the growth in users' anticipated needs." SpaceX hasn't launched its first 12,000 satellites yet but said that demand is rising "for fast, reliable Internet around the world, especially for those where connectivity is non-existent, too expensive, or unreliable."

SpaceX launched 60 satellites in May this year to test the system before preparing for a wider deployment and says it plans to make two to six launches by the end of this year. The company has FCC permission to deploy up to 11,943 satellites.

SpaceX said yesterday that it plans to deploy satellite broadband in the Northern United States and Canada as soon as next year. SpaceX recently asked the FCC for permission to adjust the orbital spacing of its satellites, a change that would let the company also cover the Southern US by the end of next year.

Global coverage could follow shortly after that if SpaceX's predictions prove accurate. The company said yesterday that it can provide full coverage of the populated world after 24 launches and had previously said it could make 24 Starlink launches in 2020.
https://arstechnica.com/information-...r-42000-total/





The FCC has Voted to Approve the T-Mobile-Sprint Merger

But the deal won’t close just yet
Makena Kelly

On Wednesday, the Federal Communications Commission formally approved the merger between T-Mobile and Sprint, an FCC official told The Verge. The vote comes months after the Justice Department greenlit the deal.

In May, FCC Chairman Ajit Pai first signaled that he would vote to approve the merger after the commission and the companies struck a deal that Republicans believed would help foster a faster 5G rollout. The other Republican commissioners, Brendan Carr and Michael O’Rielly, also voiced support for the merger at the time. The merger was pushed through on a party-line vote with Democrats dissenting, an FCC official told The Verge.

Democratic Commissioner Jessica Rosenworcel announced her disapproval in an op-ed for The Atlantic Wednesday morning. In it, she argues that a merged T-Mobile-Sprint would only hurt consumers, driving up prices and staving off competition.

“These state officials understand something fundamental: With less competition, rates rise and innovation falls. All the evidence demonstrates that this holds true in the mobile-phone industry too,” Rosenworcel said. “If this merger succeeds, consumers will pay the price.”

The other Democrat, Geoffrey Starks, was the last to vote on the deal. In September, Starks put out a statement calling on the FCC to delay any votes on the merger until Sprint could be fully investigated for allegedly misappropriating Lifeline subsidy funds for around 885,000 ineligible accounts. “There is no credible way that the merger before us can proceed until this Lifeline investigation is resolved and responsible parties are held accountable,” Starks said at the time.

Now, the T-Mobile-Sprint merger faces one more battle before they plan to close the deal. The FCC and DOJ are the only two federal agencies required to approve telecom deals before they can close, and the DOJ already gave the companies the thumbs-up in July. However, a bipartisan coalition of state attorneys general are still trying to block the deal through a multistate lawsuit, and representatives from the two companies said that they won’t close the merger until that is resolved.
https://www.theverge.com/2019/10/16/...ica-rosenworel





UK Drops Plans for Online Pornography Age Verification System

Climbdown follows difficulties with implementing plan to ensure users are over 18
Jim Waterson

Plans to introduce a nationwide age verification system for online pornography have been abandoned by the government after years of technical troubles and concerns from privacy campaigners.

The climbdown follows countless difficulties with implementing the policy, which would have required all pornography websites to ensure users were over 18. Methods would have included checking credit cards or allowing people to buy a “porn pass” age verification document from a newsagent.

Websites that refused to comply with the policy – one of the first of its kind in the world – faced being blocked by internet service providers or having their access to payment services restricted.

The culture secretary, Nicky Morgan, told parliament the policy would be abandoned. Instead, the government would instead focus on measures to protect children in the much broader online harms white paper. This is expected to introduce a new internet regulator, which will impose a duty of care on all websites and social media outlets – not just pornography sites.

She said: “This course of action will give the regulator discretion on the most effective means for companies to meet their duty of care.”

Despite abandoning the proposals, Morgan said the government remained open to using age verification tools in future, saying: “The government’s commitment to protecting children online is unwavering. Adult content is too easily accessed online and more needs to be done to protect children from harm.”

The decision will disappoint a number of British businesses that had invested substantial time and money developing verification products. They had been hoping to capitalise on the large amount of Britons expected to verify their age in order to view legal pornography. One age verification provider estimated the potential market was as many as 25 million people.

Although the age verification policy was first proposed by the Conservatives during the 2015 general election, it took years to develop and make it into law. Its implementation date was then repeatedly delayed amid difficulties with implementing the policy.

The British Board of Film Classification was tasked with overseeing the system, which would be run and funded by private companies, despite the organisation’s lack of historical expertise in the world of technical internet regulation. Some of the age verification sites had close links to existing pornography providers.

Concerns over the system grew as the public became increasingly aware of the approaching implementation date.

Despite repeated reassurances from pornography websites and age verification sites that personal details would be kept separate from information about what users had watched, privacy campaigners continued to raise concerns about data security.

In addition, earlier this year the Guardian showed how one age verification system could be sidestepped in minutes. Proponents of the policy privately accepted it would not block a persistent teenager from accessing adult material but said it could stop younger children from stumbling across images they found deeply disturbing.

The policy had the backing of charities such as the NSPCC that were concerned about the impact of pornography on children.

The final blow to the porn block came from an unlikely source: the European Union. Just weeks before the policy was due to be finally implemented in July, the government realised it had failed to inform the EU of its plans.

This administrative error was initially announced as requiring a six-month delay – but Morgan’s announcement, made on a day when media attention was focused on the Brexit negotiations, means the age verification system has now been abandoned in its current form.
https://www.theguardian.com/culture/...ication-system





Apple Safari Browser Sends Some User IP Addresses to Chinese Conglomerate Tencent by Default
Tom Parker

During the last week, the reality that US companies often bend the knee to China has been thrown into the spotlight. Apple, one of the biggest US tech companies, has appeased China by hiding the Taiwan flag emoji and ignoring US lawmakers when choosing to ban a Hong Kong protest safety app. Now it’s been discovered that Apple, which often positions itself as a champion of privacy and human rights, is sending some IP addresses from users of its Safari browser on iOS to Chinese conglomerate Tencent – a company with close ties to the Chinese Communist Party.

Apple admits that it sends some user IP addresses to Tencent in the “About Safari & Privacy” section of its Safari settings which can be accessed on an iOS device by opening the Settings app and then selecting “Safari > About Privacy & Security.” Under the title “Fraudulent Website Warning,” Apple says:

“Before visiting a website, Safari may send information calculated from the website address to Google Safe Browsing and Tencent Safe Browsing to check if the website is fraudulent. These safe browsing providers may also log your IP address.”

How to navigate to Apple’s Safari & Privacy documentation in the iOS settings app.Apple’s Safari & Privacy documentation in the iOS settings app.

The “Fraudulent Website Warning” setting is toggled on by default which means that unless iPhone or iPad users dive two levels deep into their settings and toggle it off, their IP addresses may be logged by Tencent or Google when they use the Safari browser. However, doing this makes browsing sessions less secure and leaves users vulnerable to accessing fraudulent websites.

Apple’s “Fraudulent Website Warning” toggle which is enabled by default.

It’s unclear when Apple started allowing Tencent and Google to log some user IP addresses but one Twitter user reported seeing this change to Safari as early as the iOS 12.2 beta in February 2019.

In iOS 12.2 beta 2 Safari now uses Tencent Safe Browsing in addition to Google Safe Browsing. pic.twitter.com/92pZKBmwWs

— Stijn (@StijnDV) February 4, 2019

Safari is the default browser on iOS devices and according to recent statistics, it’s the most popular mobile internet browser in the US with a market share of over 50%.

Even if people install a third-party browser on their iOS device, viewing web pages inside apps still opens them in an integrated form of Safari called Safari View Controller instead of the third-party browser. Tapping links inside apps also opens them in Safari rather than a third-party browser. These behaviors that force people back into Safari make it difficult for people to avoid the Safari browser completely when using an iPhone or iPad.

Tencent works closely with the Chinese Communist Party. It facilitates government censorship in China through its multi-functional utility app WeChat. The company also released a game pro-Chinese Communist Party game called Clap for Xi Jinping: An Awesome Speech in 2017 which, as the title suggests, encourages users to virtually clap for the Chinese president Xi Jinping. In addition to this, Tencent is reportedly collaborating with the Chinese Communist Party to develop “patriotic” video games.

Given the recent examples of the US tech companies Blizzard and Apple taking punitive actions against apps and video game players, seemingly in an effort to appease China, the revelation that Apple may send user IP addresses to Chinese conglomerate Tencent is worrying.

When you add in the rising tensions in Hong Kong, where China is being blamed for the increasingly violent police tactics that are being used against Hong Kong’s pro-democracy protestors, this revelation is even more concerning.

IP addresses can reveal user locations and be used to profile users across devices. If Tencent logs the IP address of an iPhone or iPad user through its Safe Browsing service, this information could potentially be used to identify the owner of the device by searching for instances of the IP address across Tencent’s other services.

Apple claims at the top of its privacy page, “At Apple, we believe privacy is a fundamental human right.”

Last month, Apple ignored China’s involvement and human rights violations when responding to one of the largest reported iPhone hacks to date. And earlier this year, it censored Chinese language podcasts in China and removed a Chinese artist’s song from Apple Music at the request of the Chinese government.
https://reclaimthenet.org/apple-safa...esses-tencent/





Clash Over Surveillance Software Turns Personal in Germany
Ryan Gallagher

• FinFisher delivers cease-and-desist letter to news website
• Netzpolitik says legal threat an attempt to muzzle stories

Markus Beckedahl was visiting Detroit when a legal threat arrived in his email inbox from the other side of the Atlantic Ocean: a cease-and-desist letter from lawyers representing FinFisher, a German company that sells surveillance technology that it says helps law enforcement stamp out crime.

Beckedahl, the 42-year-old founder of Netzpolitik, a German website that combines technology news and digital rights advocacy, is one of FinFisher’s loudest critics for, he says, selling spyware to authoritarian governments. In September, his organization, along with several advocacy groups, filed a criminal complaint against the Munich-based surveillance company, alleging that it had supplied its technology to Turkey without obtaining the required license from Germany’s federal government.

The complaint was the latest effort from advocacy groups and journalists to confront companies for, they say, providing spyware or other technology to regimes that suppress freedom of speech and target opponents with prison or violence.

But this time, the company’s antagonists ramped up the pressure. Contained in the complaint were the names of FinFisher employees who the groups say are responsible.

“We feel like we have a certain responsibility to confront the source to make sure there is a regime of export control in place that protects basic human rights and journalistic freedoms worldwide,” said Julia Legner, policy adviser for Internet freedom at Reporters Without Borders Germany, which also took part in filing the lawsuit.

Investigation Started

The allegations prompted prosecutors in Munich to open an investigation into FinFisher, according to the Associated Press. Prosecutors are obliged to open an inquiry when criminal allegations are leveled, the AP said.

Neither FinFisher, which is privately owned, nor the Munich prosecutor’s office responded to requests for comment.

In a letter sent to Netzpolitik, which was delivered on Oct. 4 and seen by Bloomberg News, FinFisher denied providing its technology to Turkey or violating export laws, and it claimed that the news website’s reporting was “highly prejudicial” to the Munich prosecutor’s investigation. It hired Berlin-based law firm Schertz Bergmann, which demanded in the cease-and-desist letter that Netzpolitik remove an article it had published detailing the Turkey allegations.

“The press is obliged to refrain from any prejudgment of the persons concerned,” the letter said, referring to FinFisher and its employees.

Article Pulled

Beckedahl said he viewed the legal threat as an attempt to stop Netzpolitik from producing further reporting on FinFisher’s activities. He said he stood by the accuracy of the news site’s work on FinFisher, but removed the article about the Turkey case from its website, saying it feared a potential injunction and a costly legal fight.

Klaus Buchner, a member of the European Parliament representing Germany’s Ecological Democratic Party, accused FinFisher of “trying to silence journalism.”

“Companies like these like to pretend that they do not have a responsibility for what dictators do with their spyware,” said Buchner, who helped lead an effort in 2018 to tighten European Union controls on the export of surveillance technologies.

Netzpolitik filed the complaint against FinFisher in collaboration with Reporters Without Borders Germany, the Society for Civil Rights and the European Center for Constitutional and Human Rights. It alleges that covert operators of FinFisher’s technology set up a fake Turkish-language opposition website and Twitter accounts that were used to lure government critics into clicking on a malicious link. It isn’t clear who created the website and social media profiles. FinFisher says it “partners exclusively with Law Enforcement and Intelligence Agencies,” according to its website.

People who clicked the link -- sent through the fake Twitter accounts to supporters of the opposition Republican People’s Party -- were prompted to download an Android application that was in fact surveillance software, which would monitor their calls, text messages, photos, and location data, according to a technical report published by the digital rights group Access Now. Source code found on the website used to target the Turkish activists was “practically identical” to the source code of FinSpy, surveillance software developed by FinFisher, the complaint alleges.

Document Release

FinFisher and its spyware has been the subject of previous news articles, advocacy group reports and a WikiLeaks release of documents and files.

In 2012, for instance, Bloomberg News reported that a prominent human rights activist in Bahrain was targeted with spyware traced to FinFisher. In 2014, WikiLeaks used leaked documents to identify FinFisher sales worth €47 million ($52 million) to countries including Qatar, Bahrain, Pakistan, Vietnam, Nigeria, Singapore and Bangladesh. And earlier this month, FinFisher’s technology was linked to an effort by an intelligence agency in Uzbekistan to spy on activists and journalists, according to Reuters.

FinFisher didn’t respond to specific allegations, but it has said complies with export laws and helps governments hack the phones of serious criminals, enabling security agencies to read suspects’ private messages or listen in on their phone calls.

In its letter to Netzpolitik, FinFisher’s legal representatives said the company no longer maintains “active client relationships” with countries outside of the European Union, unless they are designated under European regulations as an “EU-001” country, such as Australia, Canada, Japan, New Zealand, Norway, Switzerland and the U.S.

Gustaf Björksten, chief technologist at Access Now, said other countries that purchased the FinFisher technology years ago may still be able to use it, but would have difficulty doing so without the company’s support due to licensing restrictions and necessary software updates.

“The question now is, are those nations outside of the EU-001 list getting support directly from FinFisher, or from third parties with endorsement from FinFisher?” he said.
https://www.bloomberg.com/news/artic...nal-in-germany





Victory! Berkeley City Council Unanimously Votes to Ban Face Recognition
Matthew Guariglia

Berkeley has become the third city in California and the fourth city in the United States to ban the use of face recognition technology by the government. After an outpouring of support from the community, the Berkeley City Council voted unanimously to adopt the ordinance introduced by Councilmember Kate Harrison earlier this year.

Berkeley joins other Bay Area cities, including San Francisco and Oakland, which also banned government use of face recognition. In July 2019, Somerville, Massachusetts became the first city on the East Coast to ban the government’s use of face recognition.

The passage of the ordinance also follows the signing of A.B. 1215, a California state law that places a three-year moratorium on police use of face recognition on body-worn cameras, beginning on January 1, 2020. As EFF’s Associate Director of Community Organizing Nathan Sheard told the California Assembly, using face recognition technology “in connection with police body cameras would force Californians to decide between actively avoiding interaction and cooperation with law enforcement, or having their images collected, analyzed, and stored as perpetual candidates for suspicion.”

Over the last several years, EFF has continually voiced concerns over the First and Fourth Amendment implications of government use of face surveillance. These concerns are exacerbated by research conducted by MIT’s Media Lab regarding the technology’s high error rates for women and people of color. However, even if manufacturers are successful in addressing the technology’s substantially higher error rates for already marginalized communities, government use of face recognition technology will still threaten safety and privacy, chill free speech, and amplify historical and ongoing discrimination in our criminal justice system.

Berkeley’s ban on face recognition is an important step toward curtailing the government’s use of biometric surveillance. Congratulations to the community that stood up in opposition to this invasive and flawed technology and to the city council members who listened.
https://www.eff.org/deeplinks/2019/1...ce-recognition





New Bill Promises an End to Our Privacy Nightmare, Jail Time to CEOs Who Lie

"Mark Zuckerberg won’t take Americans’ privacy seriously unless he feels personal consequences. Under my bill he’d face jail time for lying to the government," Sen. Ron Wyden said.
Karl Bode

Oregon Senator Ron Wyden has unveiled updated privacy legislation he says will finally bring accountability to corporations that play fast and loose with your private data.

Dubbed the Mind Your Own Business Act, the bill promises consumers the ability to opt out of data collection and sale with a single click. It also demands that corporations be transparent as to how consumer data is collected, used, and who it’s sold to, while imposing harsh fines and prison sentences upon corporations and executives that misuse consumer data and lie about it.

“I spent the past year listening to experts and strengthening the protections in my bill,” Wyden said in a statement provided to Motherboard, referring to an earlier draft of his privacy proposal unveiled late last year.

“It is based on three basic ideas: Consumers must be able to control their own private information, companies must provide vastly more transparency about how they use and share our data; and corporate executives need to be held personally responsible when they lie about protecting our personal information,” Wyden added.

If you hadn’t noticed, United States internet privacy oversight is akin to the wild west. Outside of the Children's Online Privacy Protection Act (COPPA) of 1998, there’s few real rules governing how corporations treat your private data, and even less accountability for corporations that repeatedly treat consumer privacy and security as a distant afterthought.

The result hasn’t been pretty. Wireless carriers have been caught selling your private location data to any nitwit with a nickel, companies routinely leave private consumer data accessible to the open internet, and an endless series of major hack attacks result in consumer data being exposed to criminals. The government’s response has been maligned as feckless and pathetic.

Wyden’s bill authorizes the FTC to impose fines of up to 4 percent of annual revenues on companies that fail to protect consumer data. The bill also proposes 10-20 year prison sentences for senior executives who knowingly lie to the FTC. Companies whose executives are convicted will pay a tax based on the salary they paid to the officials who lied, Wyden’s office told Motherboard.

“Mark Zuckerberg won’t take Americans’ privacy seriously unless he feels personal consequences,” Wyden said. “A slap on the wrist from the FTC won’t do the job, so under my bill he’d face jail time for lying to the government.”

The Mind Your Own Business Act also mandates the creation of a national Do Not Track system that gives consumers the ability to quickly and easily opt out of the collection and sale of their private data without having to dig through confusing corporate websites.

The bill also restricts companies looking to make privacy a luxury option. AT&T, for example, spent several years charging its broadband users an additional $500 more a year just to stop receiving targeted ads, a move AT&T somehow insisted was a "discount." Wyden’s bill would limit such fees to the amount of money the company would actually be giving up by not being able to sell a user’s data, his office said.

Wyden’s proposal would also require that corporations give consumers an easy way to review all of the data a company has about them and correct inaccuracies. Giants like Facebook would also be required to analyze any algorithms that process consumer data—to more closely examine their impact on accuracy, fairness, bias, discrimination, privacy, and security.

Wyden’s proposal comes as a coalition of industries work hand in hand to scuttle meaningful privacy reform. Given well-crafted rules could inform and empower consumers, companies fear losing billions of dollars generated from monetizing your daily behavior.

As a result, efforts to pass meaningful rules generally wind up in the scrap bin courtesy of our well-lobbied Congress. For example, a 2016 FCC attempt to impose fairly modest broadband privacy rules was dismantled in 2017 courtesy of a Senate intimately familiar with campaign contributions from the health care, telecom, technology, insurance, and marketing industries.

While companies like Facebook and AT&T insist they support privacy legislation, groups like the Electronic Frontier Foundation have argued their real goal is legislation written by their own lawyers so filled with loopholes as to be largely useless. Such show pony legislation would serve one real purpose: to invalidate or “preempt” tougher state-level protections.

As such, industry isn’t likely to enjoy Wyden’s bill, which not only doesn’t preempt state privacy law, it advocates the state by state creation of a “protection and advocacy” organization that can file additional civil suits against companies that violate privacy regulations.

Cumulatively, the goal is to finally create something vaguely resembling accountability for the laundry-list of American industries that have spent the better part of the last decade not only monetizing your every waking breath, but routinely failing to ensure that data remains secure.
https://www.vice.com/en_us/article/v...o-ceos-who-lie





Without Encryption, We Will Lose All Privacy. This is Our New Battleground

The US, UK and Australia are taking on Facebook in a bid to undermine the only method that protects our personal information
Edward Snowden

In every country of the world, the security of computers keeps the lights on, the shelves stocked, the dams closed, and transportation running. For more than half a decade, the vulnerability of our computers and computer networks has been ranked the number one risk in the US Intelligence Community’s Worldwide Threat Assessment – that’s higher than terrorism, higher than war. Your bank balance, the local hospital’s equipment, and the 2020 US presidential election, among many, many other things, all depend on computer safety.

And yet, in the midst of the greatest computer security crisis in history, the US government, along with the governments of the UK and Australia, is attempting to undermine the only method that currently exists for reliably protecting the world’s information: encryption. Should they succeed in their quest to undermine encryption, our public infrastructure and private lives will be rendered permanently unsafe.

In the simplest terms, encryption is a method of protecting information, the primary way to keep digital communications safe. Every email you write, every keyword you type into a search box – every embarrassing thing you do online – is transmitted across an increasingly hostile internet. Earlier this month the US, alongside the UK and Australia, called on Facebook to create a “backdoor”, or fatal flaw, into its encrypted messaging apps, which would allow anyone with the key to that backdoor unlimited access to private communications. So far, Facebook has resisted this.

If internet traffic is unencrypted, any government, company, or criminal that happens to notice it can – and, in fact, does – steal a copy of it, secretly recording your information for ever. If, however, you encrypt this traffic, your information cannot be read: only those who have a special decryption key can unlock it.

I know a little about this, because for a time I operated part of the US National Security Agency’s global system of mass surveillance. In June 2013 I worked with journalists to reveal that system to a scandalised world. Without encryption I could not have written the story of how it all happened – my book Permanent Record – and got the manuscript safely across borders that I myself can’t cross. More importantly, encryption helps everyone from reporters, dissidents, activists, NGO workers and whistleblowers, to doctors, lawyers and politicians, to do their work – not just in the world’s most dangerous and repressive countries, but in every single country.

When I came forward in 2013, the US government wasn’t just passively surveilling internet traffic as it crossed the network, but had also found ways to co-opt and, at times, infiltrate the internal networks of major American tech companies. At the time, only a small fraction of web traffic was encrypted: six years later, Facebook, Google and Apple have made encryption-by-default a central part of their products, with the result that today close to 80% of web traffic is encrypted. Even the former director of US national intelligence, James Clapper, credits the revelation of mass surveillance with significantly advancing the commercial adoption of encryption. The internet is more secure as a result. Too secure, in the opinion of some governments.

Donald Trump’s attorney general, William Barr, who authorised one of the earliest mass surveillance programmes without reviewing whether it was legal, is now signalling an intention to halt – or even roll back – the progress of the last six years. WhatsApp, the messaging service owned by Facebook, already uses end-to-end encryption (E2EE): in March the company announced its intention to incorporate E2EE into its other messaging apps – Facebook Messenger and Instagram – as well. Now Barr is launching a public campaign to prevent Facebook from climbing this next rung on the ladder of digital security. This began with an open letter co-signed by Barr, UK home secretary Priti Patel, Australia’s minister for home affairs and the US secretary of homeland security, demanding Facebook abandon its encryption proposals.

If Barr’s campaign is successful, the communications of billions will remain frozen in a state of permanent insecurity: users will be vulnerable by design. And those communications will be vulnerable not only to investigators in the US, UK and Australia, but also to the intelligence agencies of China, Russia and Saudi Arabia – not to mention hackers around the world.

End-to-end encrypted communication systems are designed so that messages can be read only by the sender and their intended recipients, even if the encrypted – meaning locked – messages themselves are stored by an untrusted third party, for example, a social media company such as Facebook.

The central improvement E2EE provides over older security systems is in ensuring the keys that unlock any given message are only ever stored on the specific devices at the end-points of a communication – for example the phones of the sender or receiver of the message – rather than the middlemen who own the various internet platforms enabling it. Since E2EE keys aren’t held by these intermediary service providers, they can no longer be stolen in the event of the massive corporate data breaches that are so common today, providing an essential security benefit. In short, E2EE enables companies such as Facebook, Google or Apple to protect their users from their scrutiny: by ensuring they no longer hold the keys to our most private conversations, these corporations become less of an all-seeing eye than a blindfolded courier.

It is striking that when a company as potentially dangerous as Facebook appears to be at least publicly willing to implement technology that makes users safer by limiting its own power, it is the US government that cries foul. This is because the government would suddenly become less able to treat Facebook as a convenient trove of private lives.

To justify its opposition to encryption, the US government has, as is traditional, invoked the spectre of the web’s darkest forces. Without total access to the complete history of every person’s activity on Facebook, the government claims it would be unable to investigate terrorists, drug dealers money launderers and the perpetrators of child abuse – bad actors who, in reality, prefer not to plan their crimes on public platforms, especially not on US-based ones that employ some of the most sophisticated automatic filters and reporting methods available.

The true explanation for why the US, UK and Australian governments want to do away with end-to-end encryption is less about public safety than it is about power: E2EE gives control to individuals and the devices they use to send, receive and encrypt communications, not to the companies and carriers that route them. This, then, would require government surveillance to become more targeted and methodical, rather than indiscriminate and universal.

What this shift jeopardises is strictly nations’ ability to spy on populations at mass scale, at least in a manner that requires little more than paperwork. By limiting the amount of personal records and intensely private communications held by companies, governments are returning to classic methods of investigation that are both effective and rights-respecting, in lieu of total surveillance. In this outcome we remain not only safe, but free.
https://www.theguardian.com/commenti...ralia-facebook

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

October 12th, October 5th, September 28th, September 21st

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
__________________
Thanks For Sharing
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 02:48 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)