P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 15-11-17, 03:36 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - November 18th, ’17

Since 2002



Volume XVI, Issue Number I






























"Safegraph tracks the location of more than 10 million Americans’ smartphones, and our core analysis focusses on the more than 17 trillion pings SafeGraph collected in the continental United States in November of 2016." – Safegraph






































November 18th, 2017




Piracy in Australia Drops 20 Per Cent Year-On-Year, Survey Claims

Australians have long worn the crown of the world's most enthusiastic pirates of film and television content. But is that beginning to change?
Karl Quinn

Australians have long worn the crown of the world's most enthusiastic pirates of film and television content. But is that beginning to change?

The number of Australians watching pirated film and television content has dropped almost 20 per cent in the past year, according to peak home entertainment industry body.

Though Australia remained one of the hot spots for torrenting of Game of Thrones – with Brisbane ranked No.2 in the world for downloads on a per capita basis – research commissioned by the Australian Home Entertainment Distributors Association has found that just 16 per cent of Australians watched pirated content in the past month, compared to 21 per cent the same time last year.

The figures are the first released since the government's site-blocking laws came into effect, and add to the perception that the tide may be turning in the campaign against piracy.

The latest result – from a survey conducted by Gfk ConsumerScope, using a sample of 3185 individuals – confirms the downward trend in the popularity of pirating in Australia, which has been steadily declining since the introduction of subscription video on demand services such as Netflix and Stan.

In 2014, 29 per cent of Australians admitted to watching pirated content in the past month. In 2015, that fell to 24 per cent, and in 2016 it fell again, to 21 per cent.

Simon Bush, chief executive of the association, said the most recent figures might be explained by a number of factors: the blocking of more than 40 overseas sites known to distribute pirated content to Australian internet users; a threat by Village Roadshow chairman Graham Burke to sue individual pirates; and a high-profile advertising campaign in which Bryan Brown makes pirating sound as potentially dangerous to your computer as having unprotected sex with someone with an STD.
http://www.smh.com.au/entertainment/...02-gzdqna.html





Hollywood Strikes Back Against Illegal Streaming Kodi Add-Ons

It could be the end for popular Kodi add-ons Covenant, urlresolver and metahandler.
Matt Brian

An anti-piracy alliance supported by many major US and UK movie studios, broadcasters and content providers has dealt a blow to the third-party Kodi add-on scene after it successfully forced a number of popular piracy-linked streaming tools offline. In what appears to be a coordinated crackdown, developers including jsergio123 and The_Alpha, who are responsible for the development and hosting of add-ons like urlresolver, metahandler, Bennu, DeathStreams and Sportie, confirmed that they will no longer maintain their Kodi creations and have immediately shut them down.

The action comes after The_Alpha reportedly received a hand delivered letter to their UK home: "This letter is addressed to you by companies of the six-major United States film studios represented by the Motion Picture Association (MPA), namely Columbia Pictures Industries, Inc., Disney Enterprises, Inc., Paramount Pictures Corporation, Twentieth Century Fox Film Corporation, Universal City Studios LLLP and Warner Bros. Entertainment Inc., Netflix, Inc. and Amazon Studios LLC (represented by MPA via the Alliance for Creativity and Entertainment (ACE)), Sky UK Limited, and The Football Association Premier League Limited," the opening paragraph reads.

The letter identifies the developer as the creator of third-party software that provides "unlawful access to protected copyright works, including works owned by, or exclusively licensed to, the Content Companies" and notes their additional involvement in the upkeep of the Colossus repository, an online collection of various streaming Kodi add-ons. With Colossus gone, a popular TV show and movie streaming tool called Covenant is also currently unavailable. It's scared a number of related add-on developers, with Ares Wizard, another popular host, reportedly deciding to throw in the towel.

The crackdown suggests the MPA/MPAA-led Alliance for Creativity and Entertainment has a thorough understanding of how owners of so-called "Kodi boxes" are able to stream TV shows and films illegally. While Colossus merely hosts the tools, urlresolver and metahandler did much of the heavy lifting for streamers. Their job was to scrape video hosting sites for relevant streaming links and serve them up for tools like Covenant inside Kodi. Streamers will find it very difficult to find working video streams of their favorite content without them, but they could reappear via a new host in the future.

Sorry to say but I am stopping all development of the urlresolver, metahandler, and my other addons. I am not responsible for covenant and bennu but colossus has agreed to delete the repo too.
— jsergio123 (@jsergio123) November 15, 2017

As pre-loaded Kodi boxes have surged in popularity in the past year, many of the most popular piracy-linked add-ons have targeted by rightsholders. In June, US satellite broadcaster Dish Network issued a lawsuit that targeted the TVAddons repository and forced streaming tools ZemTV and Phoenix offline.

The action will be bad news for Kodi, the the company behind the popular media center. Despite attempts to distance itself from piracy, it often finds itself implicated in news reports that focus on actions taken against infringing third-party add-ons.
https://www.engadget.com/2017/11/16/...-mpa-shutdown/





Neil Young to Open Up Entire Online Music Archive for Free
Jackie Dunham

Christmas is coming early for Neil Young fans who will be treated to the upcoming release of his latest album and given access to an online archive of his entire music catalogue at the beginning of December.

Young announced in a recent Facebook post that he would be opening up his entire music catalogue for online streaming on Dec. 1, the same day his new album “The Visitor” will be released. He described the archive as “a place you can visit and experience every song I have ever released in the highest quality your machine will allow.”

What’s more, the Canadian music legend revealed that the extensive Neil Young Archives (NYA) will be available to anyone free of charge, at least upon launch.

The interactive Timeline feature will allow fans to explore particular periods of Neil Young’s musical career in detail.

“It’s the way it’s supposed to be. In the beginning, everything is free,” he wrote in the post.

In a message posted to the archives’ website, Young explains why he decided to compile all of his music into one archive.

“I’m very interested in collecting and organization, as well as mechanical things and old school record keeping,” he writes.

Every single recorded track or album by the Canadian singer-songwriter from 1963 until present will be “represented” in the archive, Young wrote. Listeners will be able to enjoy his music using Xstream Music high resolution streaming by OneStream on the website.

An interactive Timeline will also be available for fans to explore particular periods of Young’s musical career in detail. For even more background, visitors will have the option to use the site’s Filing Cabinet, which stores each individual song’s info card that contains associated credits, memorabilia, films or videos, press and photographs.

The Neil Young Archive is hardly a finished project, either.

“Information is still being added. The NYA is a living document,” he wrote. “All released albums and songs are available for you to enjoy. Thanks for listening!”

Hi there, December 1st will be a big day for me. The Visitor will be coming to your town. I will be going to my town....
Posted by Neil Young on Saturday, November 11, 2017

http://www.ctvnews.ca/entertainment/...r&_gsc=6pctLeX





Verizon: No 4G-Level Data Caps for 5G Home Service

Verizon's upcoming wireless home internet won't suffer from the tight data caps that make it difficult to use 4G as your primary internet service, the company says.
Sascha Segan

Verizon's upcoming 5G home internet service won't have the kinds of data limits you expect from current wireless services, the company said today.

Verizon has been trying out its new 5G home internet service for months. In a tour of its New Jersey lab, we got a closer look at the 5G antenna setup we saw at Mobile World Congress in February. It's a silver device the size of a paperback book, which connects to a Wi-Fi router with a display. You're supposed to put in a window facing Verizon's 5G service tower.

In the test lab, engineer David Binczewski showed us how the company is still working through the challenges of high-frequency, short-distance, millimeter-wave 5G—most notably, how to penetrate various materials. In a chamber designed to test new 5G devices, he held up a piece of wood between a 5G emitter and a receiver, and we watched the signal fuzz out a bit on a nearby equipment screen.

Once the network is up and running, though, fixed 5G should be able to handle the average data load of a Fios customer, and it won't be throttled down to 4G gigabyte caps.

During a roundtable, VP of network support Mike Haberman, some other Verizon folks, and the assembled journalists agreed that an average data cap in the vicinity of 180GB/month would satisfy the average consumer. That's far more than Verizon's current 4G traffic management limit, where folks who use more than 22GB get sent to the back of the line if a tower is congested.

"That shouldn't be a problem with 5G. What does 4K video use? Think about how many 4K TVs you can put on a service that's a true 1 gigabit to your house," Haberman said.

The key to high capacity is the massive amounts of spectrum Verizon is able to use for 5G, which is also why the company isn't enthusiastic about putting 5G on the low frequencies T-Mobile intends to use. While T-Mobile has been touting the range of its upcoming low-band 5G, Verizon says it wants to use 400-800MHz of spectrum for its home internet service, huge bandwidth that's only available at very high frequencies.

Along with multiple 4K TV streams, the new 5G service will work for gaming thanks to 5G's very low latency, Haberman said. While you'll still be dealing with internet latency, the 5G network itself will be in the range of 1-5ms, he said.

There's still no real date for when the 5G home service will become available, and Haberman and his team still sounded like they were figuring a lot of things out. Placing base stations is a real challenge with 5G at the 28GHz frequencies Verizon is using; they have to be no more than 500 meters from each customer, and their range is affected by trees and other obstacles.

"You don't need line of sight for every single [home], but it will be more efficient if it's line of sight," Haberman said. "That's why we're trying to figure it out in the trial. We're learning about propagation, ray tracing models, and learning about the customers' homes."
https://www.pcmag.com/news/357374/ve...g-home-service





T-Mobile US to Propose Significant Share Buyback
Douglas Busvine

T-Mobile US will propose a “significant” share buyback that could start in December, CFO Braxton Carter said on Thursday, a sign that the third biggest carrier in the United States is confident in its outlook after the collapse of a merger with Sprint Corp.

T-Mobile’s shares have shed around 10 percent since the collapse of the Sprint merger, which promised estimated benefits of $40 billion. The buyback plan signals management’s strong conviction on the business outlook to investors.

Carter, speaking at a Morgan Stanley TMT conference in Barcelona, said the buyback proposal would be put to the board this month. He said Deutsche Telekom, which owns around 64 percent in T-Mobile, would not tender shares and may even buy stock itself.

The issue of control was one of several deal-breakers in the T-Mobile-Sprint talks. By participating in a buyback Deutsche Telekom would concentrate its T-Mobile holding, strengthening its hand in any future merger talks.

Carter said he was “excited about the potential in a rational way to start returning cash to shareholders”, citing T-Mobile’s strong free cash flow and manageable debt levels.

T-Mobile had briefed credit ratings agencies on the buyback, he said. Moody’s last week upgraded its rating on T-Mobile to Baa2 to reflect the company’s strong performance and improved financial leverage. Carter said he expected S&P to follow suit.

The shares would be held in treasury and deployed as acquisition currency for future M&A, Carter also said, highlighting interest in targets in the so-called Internet of Things or regional players.

T-Mobile expressed confidence in its ability to grow as a standalone company, having invested $8 billion in 600 MHz spectrum that will position it to launch countrywide fifth-generation coverage by the turn of the decade.

“We are committed to roll out 5G across the nation by 2020,” Chief Technology Officer Neville Ray also told the conference.

Editing by Ludwig Burger and Jane Merriman
https://uk.reuters.com/article/us-tm...-idUKKBN1DG1DV





Ignored By Big Telecom, Detroit's Marginalized Communities Are Building Their Own Internet

40 percent of Detroit residents don't have any access to internet at all.
Kaleigh Rogers

Being stuck without access to the internet is often thought of as a problem only for rural America. But even in some of America’s biggest cities, a significant portion of the population can’t get online.

Take Detroit, where 40 percent of the population has no access to the internet—of any kind, not only high speed—at home, according to the Federal Communications Commission. Seventy percent of school-aged children in the city are among those who have no internet access at home. Detroit has one of the most severe digital divides in the country, the FCC says.

“When you kind of think about all the ways the internet affects your life and how 40 percent of people in Detroit don’t have that access you can start to see how Detroit has been stuck in this economic disparity for such a long time,” Diana Nucera, director of the Detroit Community Technology Project, told me at her office.

Nucera is part of a growing cohort of Detroiters who have started a grassroots movement to close that gap, by building the internet themselves. It’s a coalition of community members and multiple Detroit nonprofits. They’re starting with three underserved neighborhoods, installing high speed internet that beams shared gigabit connections from an antenna on top of the tallest building on the street, and into the homes of people who have long gone without. They call it the Equitable Internet Initiative.

The issue isn’t only cost, though it is prohibitive for many Detroiters, but also infrastructure. Because of Detroit’s economic woes, many Big Telecom companies haven’t thought it worthwhile to invest in expanding their network to these communities, Nucera told me. The city is filled with dark fiber optic cable that’s not connected to any homes or businesses—relics from more optimistic days.

Residents who can’t afford internet, are on some kind of federal or city subsidy like food stamps, and students are prioritized for the Initiative, Nucera told me. The whole effort started last summer with enlisting digital stewards, locals from each neighborhood who were interested in working for the nonprofit coalition, doing everything from spreading the word, to teaching digital literacy, to installing routers and pulling fiber.

Many of these stewards started out with little or no tech expertise, but after a 20-week-long training period, they’ve become experts able to install, troubleshoot, and maintain a network from end to end. They’re also aiming to spread digital literacy, so people can truly own the network themselves.

“We want to make sure that we’re not just installing all the equipment, but also educating the community,” said Rita Ramirez, one of the stewards working on the project in Detroit’s Southwest neighborhood.

One component the groups are most eager to build out is the intranet that will result from connecting so many homes (about 50 in each neighborhood) to a shared wireless connection. They are encouraging local residents to take advantage of that intranet and build shared tools like a forum and emergency communication network that is completely localized and secure.

In a city that is rebuilding after a decade of economic turmoil, the internet can no longer be a luxury for the wealthy. Detroit’s renaissance won’t happen without each of the city’s diverse communities having access to the basic tools of modern work, education, healthcare, and communication. All of Detroit (or, certainly, more than 60 percent) needs access to the internet and the current structure established by Big Telecom hasn’t made this an easy goal.

“Communication is a fundamental human right,” Nucera said. “This is digital justice.”
https://motherboard.vice.com/en_us/a...t-mesh-network





A Mesh Network Spontaneously Erupts in the US and Helps Connect Puerto Rico
Devin Coldewey

When goTenna put out their Mesh device earlier this year, I thought the off-grid communication gadgets would be great for an emergency kit or back-country hike. But it turns out that both I and goTenna underestimated how hungry people were for a resilient, user-powered mesh network: thousands of dedicated nodes now populate cities across the country, and volunteers are using them to get Puerto Rico back online after a devastating hurricane season.

The Mesh works a lot like the original goTenna, which pairs to your phone using Bluetooth, then uses walkie-talkie radio frequencies to send text communications (no cell network necessary) to another device paired to someone else’s phone — perhaps a mile or two away.

What the Mesh added was the ability to relay those messages: a chain or group of the devices will hear the message (it’s encrypted, of course) and pass it on until it reaches its destination. You can even set up your Mesh as a stationary relay, which in concert with other devices might let entire neighborhoods or even cities communicate, even in cases of a power or telecommunications outage.

I’ve always found mesh networks compelling, but I just sort of assumed they would emerge out of the proliferation of wireless devices we already have: phones, routers, laptops. But so far no one has been able to unify the clans and produce some kind of universal relay protocol. The goTenna Mesh, of course, is built for it out of the box. (I have a couple of units they sent me to review, but have only had the chance to test the most basic features.)

When I talked to Daniela Perdomo, founder and CEO of goTenna, around the time of the Mesh launch, a handful of early users had registered their devices on a map and forum the company started, called IMeshYou. The volume of users creating permanent nodes took the company by surprise, and both the map and Mesh firmware were updated to accommodate them.

“What I didn’t expect is that the long-term potential would be so obvious to other people so early on, this power to create your own networks,” said Perdomo. And sure enough, the map has exploded with devices.

The exact number of nodes changes regularly, as only some are permanent “fixed relays” (indicated by a lightning bolt) and the others may come and go. But it’s clearly a popular use case for the people who have bought a Mesh device — numbering nearly 100,000 now, Perdomo revealed.

“The network layer we’re creating here is new,” she said. “Some people thought this was junk spectrum — but we can create an always available, bottom up, decentralized mesh network like this. If things go down, you can’t have Netflix, but you can say ‘hey, meet me here.’ ”

You could deploy it one time and forget about it; a solar-powered stationary relay will operate continuously or wait patiently until it’s needed.

It turns out that’s a particularly compelling use case when you live on, say, an island where the communications infrastructure has been devastated by a series of hurricanes. The company has embraced the opportunity to help the disconnected citizens of Puerto Rico, and to show the potential of a user-powered telecommunications network.

Meshing up San Juan

“After the hurricane, reports were that 93 percent of telecommunications were down, and I can tell you, it felt like 100%,” explained Javier Malavé, director of the PR Reconnects project. “I drove around and all the antennas were down, the satellite dishes were down, the transport and backbone layers were down.”

In other words, it wasn’t just about getting a generator to power up cell towers — generators and fuel were hard enough to come by anyway — even if you could, they wouldn’t be able to connect to the backbone. Especially in the inland communities where infrastructure was already tenuous, people were completely disconnected.

“If you don’t have backhaul, forget about Wi-Fi or internet,” he said. “After a little brainstorming, we thought the best solution would be something that can provide at least text communication in an area.”

He had heard of goTenna and decided to ask them for help; after a pilot campaign, goTenna and Malavé launched the PR Reconnects crowdfunding campaign on Razoo. Perdomo said that she was excited to be able to help out. (goTenna has also sent devices to Houston and the U.S. Virgin Islands.)

“Part of my reason for starting goTenna was Hurricane Sandy,” she said. “So it’s really personally fulfilling to see something that came out of a storm like this… you know, help people in a storm like this.”

They shipped down some devices to help Malavé and a couple of volunteers mesh up San Juan — no small task, he noted, owing to the way the city is constructed.

This looks like a good spot

“In Puerto Rico we basically live in basically RF bunkers,” he said. If you just have an RF device in the living room of your place in the city, “the signal won’t even make it out of your house.”

“We had to actually map things out,” he continued. “We talked with an agronomist who drove us around and found spots where you had line of sight to other places. We went house by house asking people to let us have access to their roof to put a solar charger and a goTenna.”

Getting people on the app was similarly challenging. With no internet, they couldn’t download it, and while sideloading was sometimes an option, people are unlikely to just hand over their phone and say “Sure, attach your weird flash drive and load up some software I’ve never heard of.”

So they ended up having to cut the Gordian Knot: “We just bought iPod touches.” Expensive, but the idea wasn’t to get every single citizen back online, just restore some basic conveniences.

Barranquitas is a small town located in the mountainous center of the island, where lacking telecommunications the people were getting information around the old-fashioned way: walking. “The parish has this organic network of communication,” said Malavé. But a handful of goTenna devices in strategic locations made it so that, for instance, instead of walking 40 minutes to the hospital to ask for medical aid, a person could walk 3 minutes to the church, where they could send a message to the hospital instantly.

So far the volunteer group has a bunch of devices around San Juan and is working with a few smaller communities to set up small networks like the one in Barranquitas. They’ve also set up endpoints at places where connectivity can be relied on — a working satellite connection that can send text messages (the Mesh can act as an SMS gateway, sending texts coming from locations where there’s no signal) or connect to web tool APIs like Twitter’s. Like Perdomo says, it’s not Netflix, but in the aftermath of a storm, Netflix is pretty low on the list of priorities.

If you’d like to help out, feel free to donate to PR Reconnects or send over a spare solar charger or Mesh device if you have one.

Getting up and running

A very different approach to reestablishing communication, Google’s Loon project claims to have connected 100,000 people via balloons launched after the storms; but the balloons really act as a bridge between phones and distant, working cell networks. Lacking those (the backhaul Malavé mentioned), the system wouldn’t be able to do much — although in this case it looks like they were able to. But judging from the Google blog post, it looks like it was fantastically expensive to do and took weeks to get into action.

A Loon balloon being launched in Nevada ahead of going online over Puerto Rico

A one-time setup cost, perhaps in the tens of thousands, for a mesh network (goTenna or not) could provide an entire city and much of the surrounding area with basic text communication, one of the most critical capabilities following a natural disaster.

But perhaps we won’t have to: considering the popularity of the goTenna Mesh and the tendency of its users to buy three or four and set one up as a relay, it might be that major cities will already be meshed up by motivated users before the next storm hits.

“When disasters like this are in the mainstream consciousness, it allows us to have interesting conversations about infrastructure,” said Perdomo. “These events feel extraordinary, but really, they happen every day — and we should be asking questions about the resilience of our infrastructure. A key part of that going forward is distributed systems, wind and solar and all that, but people aren’t having that conversation about communications. No particular network is the be-all, end-all, but I think the future of communications includes a peer to peer layer.”

And perhaps in the end, Perdomo suggested, goTenna will actually make its own hardware obsolete:

“Today our phones don’t allow us to do what goTenna does, but we’re going to prove that they should be able to.”
https://techcrunch.com/2017/11/14/a-...t-puerto-rico/





FCC Plans to Vote to Overturn U.S. Net Neutrality Rules in December: Sources
David Shepardson

The head of the Federal Communications Commission is set to unveil plans next week for a final vote to reverse a landmark 2015 net neutrality order barring the blocking or slowing of web content, two people briefed on the plans said.

In May, the FCC voted 2-1 to advance Republican FCC Chairman Ajit Pai’s plan to withdraw the former Obama administration’s order reclassifying internet service providers as if they were utilities. Pai now plans to hold a final vote on the proposal at the FCC’s Dec. 14 meeting, the people said, and roll out details of the plans next week.

Pai asked in May for public comment on whether the FCC has authority or should keep any regulations limiting internet providers’ ability to block, throttle or offer “fast lanes” to some websites, known as “paid prioritization.” Several industry officials told Reuters they expect Pai to drop those specific legal requirements but retain some transparency requirements under the order.

An FCC spokesman declined to comment.

Internet providers including AT&T Inc, Comcast Corp and Verizon Communications Inc say ending the rules could spark billions in additional broadband investment and eliminate the possibility a future administration could regulate internet pricing.

Critics say the move could harm consumers, small businesses and access to the internet.

In July, a group representing major technology firms including Alphabet Inc and Facebook Inc urged Pai to drop plans to rescind the rules.

Advocacy group Free Press said Wednesday “we’ll learn the gory details in the next few days, but we know that Pai intends to dismantle the basic protections that have fueled the internet’s growth.”

Pai, who argues the Obama order was unnecessary and harms jobs and investment, has not committed to retaining any rules, but said he favors an “open internet.” The proposal to reverse the Obama rules reclassifying internet service has drawn more than 22 million comments.

Pai is mounting an aggressive deregulatory agenda since being named by President Donald Trump to head the FCC.

On Thursday the FCC will vote on Pai’s proposal to eliminate the 42-year-old ban on cross-ownership of a newspaper and TV station in a major market. The proposal would make it easier for media companies to buy additional TV stations in the same market.

Pai is also expected to call for an initial vote in December to rescind rules that say one company may not own stations serving more than 39 percent of U.S. television households, two people briefed on the matter said.

Reporting by David Shepardson; Editing by Chris Reese
https://www.reuters.com/article/us-u...-idUSKBN1DG00H





FCC Votes to Loosen Media Ownership Rules

The U.S. Federal Communications Commission on Thursday voted to undo key roadblocks to increased consolidation among media companies, potentially unleashing new deals among TV, radio and newspaper owners as they seek to better compete with online media.

The Republican-led FCC voted 3-2 to eliminate the 42-year-old ban on cross-ownership of a newspaper and TV station in a major market and to make it easier for media companies to buy additional TV stations in the same market, and for local stations to jointly sell advertising time and for companies to buy additional radio stations in some markets. Big media companies including Tegna Inc, CBS Corp and Nexstar Media Group Inc have cited the rule change as motivating them to consider expansion opportunities.

Reporting by David Shepardson in Washington; Editing by Matthew Lewis
https://uk.reuters.com/article/us-us...-idUKKBN1DG2R9





House Democrats Call for Investigation of FCC Chairman Over Sinclair Merger
Ted Johnson

Two House Democrats are calling for the FCC’s inspector general to investigate Chairman Ajit Pai over the FCC’s moves to relax media ownership rules and whether they are timed to benefit Sinclair Broadcast Group’s proposed purchase of Tribune Media.

Rep. Frank Pallone, Jr. (D-N.J.), the ranking member of the House Energy and Commerce Committee, and Rep. Elijah E. Cummings (D-Md.), the ranking member of the House Oversight Committee, claim that Pai has refused to respond to queries about the timing of the actions, and whether he or his staff used personal email accounts or messaging services to communicate about Sinclair or with company officials.

The lawmakers cited a number of rules changes, including an FCC vote in April to reinstate the so-called UHF discount. That allows station groups to “discount” the reach of their UHF holdings, providing a way for some companies to comply with national ownership caps.

“All of these actions, when taken in context with reported meetings between the Trump Administration, Sinclair, and Chairman Pai’s office, have raised serious concerns about whether Chairman Pai’s actions comply with the FCC’s mandate to be independent,” Pallone and Cummings wrote in their letter to Inspector General David L. Hunt.

At a recent oversight hearing before the Energy and Commerce Committee, FCC Commissioner Jessica Rosenworcel, a Democrat, called for an investigation.

Pai has previously defended the FCC’s review of the Sinclair-Tribune deal, which is more than halfway through a 180-day timeframe for the agency to scrutinize the transaction. Pai wrote to Senate Democrats in September that his moves “have not been fueled by a desire to help any particular company.”

Pallone and Cummings want Hunt to investigate whether Pai’s moves show a “pattern and practice of preferential treatment for Sinclair,” and whether there was “inappropriate coordination” between Pai’s office, the Trump campaign, and Sinclair.

A spokeswoman for Pai said, “Unfortunately, this request appears to be part of many Democrats’ attempt to target one particular company because of its perceived political views, an effort that dates all the way back to 2004 when Ranking Member Pallone, Ranking Member Cummings, and other Democrats demanded that the FCC investigate Sinclair based solely on the content of a documentary they didn’t like and that hadn’t even aired. Any claim that Chairman Pai is modifying the rules now to benefit one particular company is completely baseless.”

In October, 2004, congressional Democrats called for an investigation of whether Sinclair’s plans to have all of its stations air an anti-John Kerry documentary, “Stolen Honor: Wounds That Never Heal,” two weeks before the election was a proper use of the airwaves and complied with equal time rules.

The FCC on Thursday will vote on a series of proposals to relax media ownership rules, including a provision that would allow broadcast groups to own two of the top four TV stations in a market subject to a “case-by-case” basis of review. Pallone and Cummings wrote that the action “will clear away virtually all remaining obstacles to Sinclair increasing its reach beyond the Tribune merger proposal.”

Pai’s spokeswoman said, “For many years, Chairman Pai has called on the FCC to update its media ownership regulations — one of which dates back to 1975. The Chairman is sticking to his long-held views, and given the strong case for modernizing these rules, it’s not surprising that those who disagree with him would prefer to do whatever they can to distract from the merits of his proposals.”
https://www.yahoo.com/news/house-dem...190101716.html





FCC’s Latest Gift to Telcos Could Leave Americans with Worse Internet Access

FCC will let carriers abandon copper lines without offering adequate replacements.
Jon Brodkin

The Federal Communications Commission will vote Thursday on a plan that, according to Chairman Ajit Pai, will strip away regulations that prevent telcos from upgrading their networks.

But in doing so, the Republican-controlled FCC plans to eliminate a requirement that telcos provide Americans with service at least as good as the old copper networks that provide phone service and DSL Internet. The requirement relates to phone service but has an impact on broadband because the two services use the same networks.

As carriers like AT&T and Verizon turn off copper networks throughout much of the country, many people fear that the networks won't be replaced with fiber or something of similar quality. That's why the FCC in 2014 created a "functional test" for carriers that seek permission to abandon copper networks. In short, carriers have to prove that the replacement service is just as good and provides the same capabilities as what's being discontinued.

Ditching consumer protections

Pai's proposal, titled "Accelerating Wireline Broadband Deployment," would eliminate the functional test, claiming that it "deterred and delayed carriers from upgrading their networks."

But without the functional test, carriers could declare that an area is served with technology that's good enough as long as mobile service is available, consumer advocates say. Carriers wouldn't have to provide fiber, and they wouldn't even have to provide fixed wireless services, which beam signals to antennas on people's houses and provide a more stable connection than mobile service.

Especially in rural areas, where carriers don't make as much money, they might just decide not to provide either a wireline or fixed wireless connection to replace the copper. That could leave residents scrambling to find a better replacement for copper-based service. DSL Internet access over copper lines is, unfortunately, the best available service in some parts of the country.

A letter to the FCC by the Communications Workers of America, the consumer advocacy group Public Knowledge, the NAACP, and others, explains the concerns:

Under current rules, an incumbent carrier cannot discontinue, reduce, or impair service unless there is a replacement service that is as good as the discontinued service. This is called the Functional Test. The FCC's order will now interpret "service" to include a carrier's tariff. A tariff is a very basic description of what a carrier offers and at what rate. This means the Commission's remaining notice requirements will only apply to basic services, but will not include 911 services, ensure network reliability, or interconnection with devices consumers use such as medical monitors, alarm systems, fax and credit card machines, and equipment for people who are hearing impaired. In some cases, the sound of a dial tone may constitute service under the tariff test and therefore not even trigger a public comment and review.

Today, 16 US senators wrote to the FCC, urging the commission to reverse course and leave the consumer protections in place.

FCC plays “word games”

When contacted by Ars, a spokesperson for Pai countered the advocacy groups' statements but did not answer all of our questions.

"The allegations you cite are absolutely false," Pai's office told Ars. "Nothing in the declaratory ruling changes the Commission's rules requiring 911 service, or our rules governing the connection of consumer-premise equipment (such as medical monitors) to the network, or our requirement that providers of fixed voice service not discontinue that service without going through a process that requires public notice and comment and FCC review."

But the advocacy groups did not claim those exact rules are being eliminated. What's being eliminated, they say, is the requirement that carriers demonstrate that the replacement service meets 911 reliability standards and other standards.

"It is appalling that the chairman would stoop to playing word games when people's lives literally depend on the outcome of this proceeding," Harold Feld, a longtime FCC observer and senior VP of Public Knowledge, told Ars.

The FCC's proposal isn't entirely clear on all points. While it specifically proposes eliminating the "functional test" detailed in two previous orders passed in 2014 and 2015, it does not mention a related "adequate replacement test" detailed in a 2016 order.

The adequate replacement test goes into more detail on how carriers seeking permission to discontinue network services have to prove that replacement services offer equivalent network performance, service availability, and geographic coverage.

Pai's office told us that the adequate replacement test is not addressed in the new proposal. It is "neither discussed nor eliminated. It is still in the rules," a spokesperson said.

But by eliminating the functional test, the proposal makes it easier for carriers to avoid the review process in which the adequate replacement test is applied.

"That functional test was intended to determine when a carrier has to go through the discontinuance process," an FCC spokesperson told Ars.

With the functional test being eliminated, Pai's proposal says that "a carrier's description in its tariff—or customer service agreement in the absence of a tariff" will be considered "dispositive." Because the simple listing of services available will be enough to let carriers avoid the full review process, carriers won't have to pass that "adequate replacement test" when retiring copper networks.

"It's like, 'we're not going to repeal it, we're just going to make it so you never have to do it,'" Feld said.

Letting networks decay through neglect

We asked Pai's office if this means that carriers will be allowed to replace landline phone and Internet services with mobile service. Ars did not receive an answer. Pai's office did say that when carriers discontinue service, they are "obligated to provide access to 911 and access to people with disabilities."

The draft order is "extremely dodgy about what it is actually requiring, under what circumstances carriers will have to file, and what precisely they now have to show if they're terminating" copper service in any particular geographic area, Feld said.

Pai's proposal could also make it easier for carriers to let copper networks decay without making repairs or upgrades. The FCC in 2015 defined "retirement" of copper networks to include cases in which carriers simply let the networks deteriorate via neglect. The new FCC proposal eliminates this de facto copper retirement concept, freeing carriers of obligations in cases when they let networks deteriorate.

Carriers will be "free to let the copper rot," Feld said. "That is unrelated to the functional test/adequate replacement test but is simply one more way people are going to be screwed by this."

Pai's proposal would also result in customers being given less time to prepare for copper service discontinuations by reducing a waiting period from 180 days to 90 days. The proposal would also eliminate the requirement that carriers provide direct notice to retail customers before shutting off copper networks; instead, carriers would only have to provide direct notice to "telephone exchange service providers that directly interconnect" with the incumbent's network.

What happened on Fire Island

When Hurricane Sandy wiped out the communications infrastructure on New York's Fire Island in 2012, Verizon's solution was to end wireline telephone service altogether. Verizon intended to replace the landlines with Voice Link, a phone service that used Verizon's cellular network.

People complained that Voice Link wouldn't replace DSL Internet and wouldn't work with fax machines, heart monitors, or payment systems used by small businesses. Verizon only relented when faced with protests from residents and government officials, finally agreeing to replace the copper landlines with fiber.

The Fire Island incident played a role in the FCC's subsequent rulemakings that created the functional test and other requirements. In its 2014 rulemaking, the FCC said that Verizon's attempt to abandon wireline networks on Fire Island "foreshadowed issues with which the commission will have to contend as carriers reach a point at which they will rationally seek to retire network facilities and discontinue TDM [time-division multiplexing] services on a wide-scale basis across the nation."

But now that the FCC is controlled by Republicans, the majority wants to eliminate post-Fire Island consumer protections imposed by the previous Democratic majority.

Existing rules are just “impracticable”

Pai's proposal argues that the functional test is "impermissibly vague" and created "unnecessary confusion." Rejecting the functional test "will provide greater clarity to carriers and customers alike and will facilitate greater investment in next-generation services and infrastructure," the proposal says.

Pai's proposal relies on filings made by carriers to bolster his argument that the functional test "resulted in unnecessary and costly filings" and "can also delay network upgrades." The proposal dismissed the Communications Workers of America argument that the functional test doesn't create uncertainty, saying the union's argument is "directly contradicted by the comments of many carriers."

Because "carriers cannot know all of the myriad ways in which their services are used by customers," it would be "impracticable" to require that a replacement network offer all the same functionality, Pai's proposal said.

While carriers pushed the FCC to make the discontinuation process easier, the Pennsylvania Public Utility Commission objected to changing or eliminating the functional test. The Pennsylvania commission said:

Replacing copper with fiber or wireless potentially alters the capabilities of circuits. For instance, copper lines—unlike fiber—can deliver power, so voice service works during power outages as long as the customer has a telephone that will work without commercial power and the link with the central office is maintained and can supply direct current. Home-security alarms, fax machines, credit-card readers, medical-alert monitors, and similar devices that may depend on the TDM communications protocol may not optimally function with IP-only networks in the absence of appropriate network control software. Thus, TDM-to-IP transitions can impact functionality.

The National Association of Regulatory Utility Commissioners told the FCC that it should not eliminate requirements that carriers inform state utility commissions about impending copper retirements. The FCC's planned actions could "handicap" the ability of state governments to address problems caused by natural disasters or transitions to new technologies, potentially "impact[ing] the health and safety of consumers," the group said.

The FCC is, at least for now, not repealing a requirement that carriers offer backup batteries to customers in case of power outages that take out non-copper phone lines.

But Feld is frustrated that the other requirements are being repealed after five years of "painstaking negotiations" that led to their adoption under former FCC Chairman Tom Wheeler. After most FCC leadership changes, Feld said, "the incoming FCC has been sensitive to the fact that people need some sort of reasonable and settled expectations, and doing a complete reversal like this gives everybody whiplash and is terribly disruptive."
https://arstechnica.com/tech-policy/...ternet-access/





Big Cable's Pillow Talk with FCC to Forbid US States from Writing Own Net Neutrality Rules

You've got the authority, big boy, CTIA tells Pai... And such strong arms
Kieren McCarthy

The stomach-churning love-fest between the American cable industry and FCC Ajit Pai continues apace with Big Cable now pillow talking the federal regulator into how to prevent individual US states forming their own net neutrality protections.

Pai is expecting to call for a vote on dismantling net neutrality rules on December 14 – despite widespread opposition to the idea – but cable companies are worried that state legislators will simply write their own laws to effectively reintroduce them.

And so, joining a determined campaign by cable giants Verizon and Comcast to lobby against such actions, the wireless comms trade association CTIA has joined the fray, sending a letter to the FCC informing it how it can usurp such state efforts.

"Broadband internet access is an interstate offering properly classified as an information service," the association, which represents wireless giants from Sprint to AT&T, stated, reflecting the ongoing dispute about how internet access should be regulated in law.

It went on: "Interstate services are, of course, within the sole jurisdiction of the FCC, and Congress has advanced a national policy of non-regulation for information services. These two well-established principles represent two inter-related but distinct bases for preemption, which the courts have upheld and the Office of General Counsel recently reaffirmed in a brief to the United States Court of Appeals for the Eighth Circuit."

What does that mean? It's basically policy wonk foreplay; the equivalent of telling your insecure lover how strong and powerful they are. So much sexier than those other regulators.

"During the meeting, CTIA explained that, in addition to other legal rationales favoring preemption, the Commission is empowered to interpret the Communications Act of 1934, as amended as preempting state and local broadband-specific regulation," cooes the CTIA into Pai's ears, "just as it has previously interpreted the Act to bar communications-specific state and local regulation in connection with voice over Internet protocol."

Dance of the Ninth Circuit veils

The CTIA slowly undresses while reciting the legal precedents and court decisions – even the Supreme Court, baby - that it says means that the FCC can overrule states' efforts to maintain the current status quo. Thirteen pages of pornographic policy posturing.

"The prospect of broadband reclassification here raises serious concerns that state governments will move to adopt new broadband-specific regulations of their own," the org warns. "Indeed, some state and local policymakers have signaled their intentions to consider upending the framework proposed by the Notice by enacting new regulatory mandates of their own."

Scandalous. Surely Pai wants to protect lil' ole CTIA?

"The Commission therefore should pre-empt any state or local broadband-specific regulation, irrespective of whether the state or locality claims that its regulation promotes or supplements federal goals."

They looked at us funny, Ajit. What are you going to do about it?

"Congress has accorded the Commission authority to interpret the Communications Act – including with respect to that Act's preemptive effects… An agency need not issue affirmative rules at all in order to regulate – it need only act within its lawful authority to interpret its implementing statutes."

And so on.

In effect, the CTIA is egging the FCC on in an effort to get it to preemptively challenge the states' ability to come up with their own rules – and hands it a legal game plan to do just that. It is pure, naked flattery with a distinct goal.

It is also highly questionable, heading straight into the age-old issue of states' rights versus federal rights. Can the FCC prevent other states from passing net neutrality legislation? No. Can it challenge their ability to impose them? Possibly – but only if the FCC is willing to push the issue.

Crime passionnel

The federal regulator would have to be willing to move from reversing its current rules – which it claims to be doing in order to lift regulatory barriers – to actively enforcing that approach and preventing others from doing so.

It would be a giant hypocritical leap, but then today's administration has shown itself even more willing than previous administrations to say one thing and do another.

The CTIA even has its own simple anecdote to explain why it makes sense for the FCC to set the rules across the entire US: a train journey.

"A passenger riding on Amtrak between Washington D.C. and New York City travels through five different jurisdictions during the course of a 3.5-hour trip," the letter argued. "If each of these jurisdictions were permitted to enforce its own rules regarding (for example) traffic prioritization, the rider’s mobile broadband usage during the trip would be subject to five different legal regimes, even if the rider spent the entire trip watching a single movie. This would be impracticable, and only underscores the risks inherent in a patchwork quilt of broadband regulation."

The argument is, of course, gibberish: internet users pull content from all over the world every second of every day with it passing through hundreds of jurisdictions. And yet somehow the internet continues to function. How? Because internet traffic is not road or rail traffic.

Whether Pai and the other FCC commissioners are able to see through such obvious, false manipulation or get seduced by the appeal to their own importance, we will have to see. Or perhaps the bigger question: how far is Pai willing to go to please the cable industry? And is he prepared to make a fool of himself doing so? Infatuation is a difficult thing to judge
https://www.theregister.co.uk/2017/1...et_neutrality/





FCC Approves TV Technology that Gives Better Pictures But Less Privacy
David Shepardson

The U.S. Federal Communications Commission voted 3-2 on Thursday to allow broadcasters to voluntarily use a new technology to improve picture quality and allow better reception on mobile phones and give advertisers dramatically more data about viewing habits.

The new standard, dubbed ATSC 3.0, would allow for more precise geolocating of television signals, ultra-high definition picture quality and more interactive programming.

Current televisions cannot carry the new signal and the FCC only requires broadcasting both signals for five years after deploying the next-generation technology.

“That means every one of us will need to replace our television sets or buy new equipment,” said Democratic Commissioner Jessica Rosenworcel. “The FCC calls this approach market driven. That’s right — because we will all be forced into the market for new television sets or devices.”

FCC Chairman Ajit Pai defended the proposal, calling concerns about buying new devices “hypothetical.” He added five years is “a long time. We’ll have to see how the standard develops.”

Sinclair Broadcast Group Inc (SBGI.O) last month called the new standard “the Holy Grail” for the advertiser because it tells them who is watching and where.

Last month, Democratic U.S. Representative Debbie Dingell raised privacy concerns about the data the new TVs could collect about viewers.

The standard uses precision broadcasting and targets emergency or weather alerts on a street-by-street basis. The system could allow broadcasters to wake up a receiver to broadcast emergency alerts. The alerts could include maps, storm tracks and evacuation routes.

The new standard would also let broadcasters activate a TV set that is turned off to send emergency alerts.

One issue is whether broadcasters will be able to pass on the costs of advanced broadcast signals through higher retransmissions fees and demand providers carry the signals.

The National Association of Broadcasters, which represents Tegna Inc (TGNA.N), Comcast Corp (CMCSA.O), CBS Corp (CBS.N), Walt Disney Co (DIS.N), Twenty-First Century Fox Inc (FOXA.O) and others, petitioned the FCC in April 2016 to approve the new standard. “This is game-changing technology for broadcasting and our viewers,” the group said Thursday.

Many companies have raised concerns about costs, including AT&T Inc (T.N) and Verizon Communications Inc (VZ.N). Cable, satellite and other pay TV providers “would incur significant costs to receive, transmit, and deliver ATSC 3.0 signals to subscribers, including for network and subscriber equipment,” Verizon said.

Many nations are considering the new standard. South Korea adopted the ATSC 3.0 standard in 2016.

Reporting by David Shepardson; Editing by Lisa Shumaker
https://uk.reuters.com/article/us-te...-idUKKBN1DG1LW





21st Century Fox Shares Soar on Reports of Comcast Acquisition Overture, Verizon Interest
Cynthia Littleton

Comcast has approached 21st Century Fox about acquiring key assets including its movie and TV studio and selected cable networks.

The move, first reported Thursday evening by the Wall Street Journal, comes a week after the media world was jolted by reports that Disney held preliminary talks with Fox about acquiring the same collection of assets in recent weeks. Those talks were said to have broken down quickly over price, but the fact that the Murdochs would entertain such an offer at all had the effect of turning Fox into an acquisition target. Indeed, Dow Jones reported Thursday that telco giant Verizon is also eyeing a possible Fox bid.

The chase for some of Fox’s most prominent assets also comes as the AT&T-Time Warner merger hangs in the balance with the Justice Department expected to take steps that would force AT&T to radically alter the deal or block it outright, which would put Time Warner back in play.

Fox shares shot up more than 8% in after-hours trading after the CNBC report landed just before 5 p.m. ET. Any deal involving Fox would have to secure the blessing of Rupert Murdoch and the family trust that tightly controls nearly 40% of the voting shares in the company. As of Thursday evening, 21st Century Fox has a market cap of $53.8 billion. Fox’s stock price spiked 10% earlier this month on the news of the stealth talks with Disney.

A rep for Comcast declined to comment. Fox reps could not immediately be reached for comment.

Comcast’s overture is surprising given the Justice Department’s tough stance on AT&T-Time Warner. Comcast’s size and scope — the combination of its cable distribution heft and its content holdings in NBCUniversal — has made it a frequent target for critics of media consolidation.

The union of 20th Century Fox’s film and TV production assets with NBCU’s Universal Pictures and Universal Television operations would greatly expand NBCU’s share of the content market. The cable programming assets in the mix are believed to be Fox’s FX Networks and National Geographic channel group, as well as Fox’s collection of more than 300 international channels. Comcast still has a tiny footprint overseas, but domestically it already ranks as one of the biggest cable programmers with USA Network, Bravo, Syfy, Oxygen, CNBC, MSNBC, E! and NBC Sports in the fold.

Like Disney, Comcast’s view of the deal reportedly does not include the Fox broadcast network, the local Fox TV stations or the Fox News and Fox Sports operations. Combining those with NBCUniversal’s existing sports and news assets would probably be an insurmountable regulatory hurdle. Nor could Comcast reasonably expect to sidestep the existing FCC regulation that bars a single entity from owning more than one of the Big Four broadcast networks. NBCUniversal is already home to NBC.

Details of Verizon’s interest in Fox are unclear. The telco would not face the same issues of overlapping content and distribution operations as Comcast or Disney, or another one of Fox’s film- and TV-centric rivals, so Verizon might well make a run at the entire company.

Verizon declined to comment.

The heightened level of acquisition chatter around Fox comes just a day after leaders told shareholders at the company’s annual meeting that the conglomerate built up since the 1980s by Rupert Murdoch was not in the category of “sub-scale” players facing pressure to sell as the media business undergoes massive shifts spurred in part by the rise of digital behemoths like Netflix, Facebook, and Amazon.

“There’s a lot of talk about the growing importance of scale in the media industry,” 21st Century Fox executive chairman Lachlan Murdoch said Wednesday. “Sub-scale players are finding it difficult to leverage their positions in new and emerging video platforms. Let me be very clear: We are not in that category. We have the required scale to continue to both execute on our aggressive growth strategy and deliver significant increased returns to shareholders.”

During Fox’s quarterly earnings call last week, Lachlan Murdoch and CEO James Murdoch would not comment on the Disney rumors but emphasized that the company is not in duress.

“We are singularly and intently focused on delivering on our strategic plan,” Lachlan Murdoch said. “Our businesses and brands are stronger than ever.”

Fox is in the thick of trying to add to its international profile by acquiring the remaining 61% of European satcaster Sky that it does not already own. That $15 billion deal has been mired in a regulatory review in the U.K. fueled by concerns about the Murdochs’ collective muscle in the market, including the influence of the publishing assets controlled by the Murdochs through the News Corp. side of the family empire. Last week Fox reiterated its confidence that the Sky transaction will close by mid-2018. Even if that deal does not come to fruition, the 39% interest in the MVPD serving the U.K., Ireland, Germany and Italy is said to be an attractive asset for Disney and Comcast.
http://variety.com/2017/biz/news/com...on-1202617008/





Sony Pictures Joins 21st Century Fox Hunt as Deal Talk Spreads Across Biz
Cynthia Littleton

The swirl of takeover talk around 21st Century Fox is only gaining steam as sources confirm Sony Pictures Entertainment has joined the list of companies making overtures to the Murdoch empire.

21st Century Fox surprisingly became a takeover target earlier this month when word first surfaced that Disney recently held talks with Fox about buying key assets including the film and TV production studios, international TV platforms including Sky and Star India and the FX and National Geographic cable groups.

In just the past few days, Comcast made an approach to Fox to discuss a similarly configured sale. Sony is believed to be looking at a select group of assets rather than the entire company. Verizon, according to a report Thursday night by Dow Jones, has also signaled its interest.

Reps for Fox and Sony declined to comment. The hive of activity around Fox is fueling a new round of M&A speculation for other media assets, including Viacom’s Paramount Pictures and its cable networks. Viacom shares were up 10.3% at the close of trading Friday, after getting socked Thursday on the heels of the company’s fiscal fourth quarter earnings report showing weakness in the domestic cable operations. Lionsgate was up 5%. Fox shares were up 6.5%, after spiking Thursday night in after-hours trading following the report of Comcast’s interest.

Sources caution that the sale discussion process within Fox is in the very preliminary stages. Sony’s query came as an informal overture expressing interest in talking if Fox should move into a more formal auction process. Sources said that Fox has yet to formally engage bankers to prepare sale-related materials and field offers. Fox on Wednesday held its annual shareholders meeting on the 20th Century Fox lot in Century City but it’s still not clear if Fox has convened a board meeting to discuss the incoming queries.

What is clear from all the activity and Fox’s lack of comment is that the Murdochs, who have firm control of 21st Century Fox, are at least willing to listen to potential sale options that would have been unthinkable just a year ago.

There is speculation that the Murdochs would move to combine the Fox broadcast network and TV stations, Fox News and Fox Sports operations, which are not believed to be part of any sale scenario, and reunite them with the publishing assets held by News Corp. 21st Century Fox was carved out as a separate entity from News Corp. in 2013 amid a scandal involving the U.K. newspaper division and concerns that the financial challenges of the publishing businesses were dragging down the value of Fox media and entertainment assets. There is also speculation that the Murdochs might use the proceeds from selling off big pieces of 21st Century Fox to take an enlarged News Corp. private.

A source close to the situation say the willingness to entertain sale offers also reflects the internal pessimism that 21st Century Fox’s pending deal to takeover the remaining 61% of European satcaster Sky will win approval from British regulators. The $15 billion deal set last December has been held up in a U.K. regulatory review for months. The assumption is that the sale talk is a sign that Rupert Murdoch and his sons — 21st Century Fox executive chairman Lachlan Murdoch and CEO James Murdoch — are taking a hard look at growth prospects of Fox under its current structure if the Sky deal does not transpire.

“We think the news further highlights an increased quest for economies of scale in a fast-changing media and telecom landscape,” CFRA analyst Tuna Amobi wrote on Friday. “Some of (Fox’s) key assets seem poised to spark a potentially robust auction, perhaps further underscoring a shifting paradigm of the overall media landscape.”
http://variety.com/2017/biz/news/21s...ey-1202617500/





Would Rupert Murdoch Break up his Empire?
BBC

Speculation is swirling that the Murdoch family is open to breaking up its entertainment business.

Shares in 21st Century Fox gained more than 6% on Friday, after several sources reported interest from Comcast, Sony and Verizon.

Last week the company, which is led by the family of Rupert Murdoch, was said to have held talks with Disney.

The talk is that the Murdochs might be prepared to part with the movie studios along with some other parts of the business - an abrupt shift in strategy after years of empire building.

21st Century Fox has not directly addressed the speculation and a spokesman did not respond to a request for comment.

And analysts said it isn't clear how seriously to take the idea of a sale.

But the talk seems to have whetted rivals' appetites for a piece of Fox if it really is available.

"It's not a surprise why anyone would want the assets," "said Brian Wieser, senior analyst at Pivotal Research. "It's a surprise Fox would be listening."

He added: "Nobody would ever have thought that the Murdochs were interested in downsizing."

What would 21st Century Fox sell?

From his start as a newspaper owner in Australia, Mr Murdoch, 86, has built a media empire that spans Africa, Asia, Europe and the Americas.

His 21st Century Fox business is known for its flagship Fox News channel, as well as National Geographic, Asia-based Star TV, and a range of sports channels and local news stations.

It's also known for expanding not shrinking.

Rupert Murdoch has always "been the predator. He's never been the prey so to speak," said Steven Barnett, professor of communications at the University of Westminster in London.

The Wall Street Journal - in which the Murdoch family also has a large voting stake - reported that Fox is discussing its movie studio, cable networks and international businesses, including Europe-based broadcaster Sky.

That would leave the firm more narrowly focused on sports and news.

Those areas have been sources of growth in recent years, unlike its film entertainment unit, where revenue has declined.

"It is conceivable that [Rupert Murdoch] is thinking about retrenching into the areas that he feels most comfortable with, which have been most profitable for him, which are news and sport," Mr Barnett said.

Why would he sell?

Last year, Fox announced a deal to take full control of Sky, in which it already has a 39% stake. But the merger has been delayed, pending approval by UK authorities.

It's a sign of broader political headwinds for the firm, which has also been buffeted by a sexual harassment scandal in the US.

The Murdochs had to abandon a previous bid for Sky after the phone-hacking scandal in the UK.

Media analyst Claire Enders, founder of Enders Analysis, said the current speculation suggests that Fox wants to explore other possibilities should that deal fall through again.

"I think this is really Plan B," she said.

It could also signal discord within the family over the direction of the business, she added.

Are there broader market reasons?

The reports come amid upheaval in the media industry, as viewers turn increasingly towards online video, and away from subscriptions for pay-TV.

Analysts say changing consumer habits have prompted media and entertainment executives to explore more consolidation of content creation and distribution functions.

"The big success stories of the future are going to be those that can read across content and distribution," said Mr Barnett.

On a conference call with analysts earlier this month, James and Lachlan Murdoch dismissed the idea that the firm, which brought in nearly $29bn (Ł21.5bn) in revenue in its most recent financial year, is not big enough to compete.

But they also pointed out that the company has streamlined operations in recent years. Among other changes, the family has sold some companies and separated its newspapers into a different company.

The comments suggested the family is "not ruling out" a potential split, said Mr Wieser.

Or is this not about a sale at all?

It could all be part of a longer game plan, said Ian Whittaker, at London based investment analysts Liberum.

Three years ago, Fox tried to acquire Time Warner but was rebuffed.

Now that deal could be in the firm's sights again, as a pending merger between AT&T and Time Warner faces questions from US competition authorities.

If the Time Warner-AT&T tie-up falls apart, Fox could use sale of some assets to fund a bid for Time Warner, Mr Whittaker said. If it goes through, then he won't need the money, he added.

But any Fox deal - for Time Warner or with the other potential suitors - would face close regulatory scrutiny.

"It's quite a challenge," said Ms Enders. "It's not something that's going to happen in a tearing hurry."
http://www.bbc.com/news/business-42030637





AT&T Reports Some U.S. Customers Unable to Make Wireless Calls

AT&T Inc on Wednesday said that some U.S. customers were not able to make wireless calls but that restarting their cellphones would fix the issue.

DownDetector.com, which monitors outages, said customers across the country reported outages, including in Houston, New York and San Francisco.

AT&T, which also owns satellite television service DirecTV, told customers on Twitter that it had no estimate when service would be restored and technicians were working to fix the problem.

According to DownDetector.com, customers reported more than 6,000 incidents by 6 p.m. EST (2300 GMT), out of which 44 percent found problems with the internet service, while 31 percent faced issues with the phones.

Reporting by Vibhuti Sharma in Bengaluru; Editing by Lisa Shumaker
https://uk.reuters.com/article/us-gm...-idUKKBN1DF272





Widespread Impact Caused by Level 3 BGP Route Leak
Doug Madory

For a little more than 90 minutes yesterday, internet service for millions of users in the U.S. and around the world slowed to a crawl. Was this widespread service degradation caused by the latest botnet threat? Not this time. The cause was yet another BGP routing leak — a router misconfiguration directing internet traffic from its intended path to somewhere else.

On Nov. 6, our network experienced a disruption affecting some IP customers due to a configuration error. All are restored.

— Level 3 Network Ops (@Level3NOC) November 6, 2017

While not a day goes by without a routing leak or misconfiguration of some sort on the internet, it is an entirely different matter when the error is committed by the largest telecommunications network in the world.

In this blog post, I’ll describe what happened in this routing leak and some of the impacts. Unfortunately, there is no silver bullet to completely remove the possibility of these occurring in the future. As long as we have humans configuring routers, mistakes will take place.

What happened?

At 17:47:05 UTC yesterday (6 November 2017), Level 3 (AS3356) began globally announcing thousands of BGP routes that had been learned from customers and peers and that were intended to stay internal to Level 3. By doing so, internet traffic to large eyeball networks like Comcast and Bell Canada, as well as major content providers like Netflix, was mistakenly sent through Level 3’s misconfigured routers. Traffic engineering is a delicate process, so sending a large amount of traffic down an unexpected path is a recipe for service degradation. Unfortunately, many of these leaked routes stayed in circulation until 19:24 UTC leading to over 90 minutes of problems on the internet.

Bell Canada (AS577)

Anyone else having Bell internet issues? I can’t even connect with their support people! #bell #bellcanada

— Andrew J Dow (@andrewjdow) November 6, 2017

Bell Canada (AS577) typically sends Level 3 a little more than 2,400 prefixes for circulation into Level 3’s customer cone. During the routing leak yesterday, that number jumped up to 6,459 prefixes – most of which were more-specifics of existing routes and, equally as important, announced to Level 3’s Tier 1 peers like NTT (AS2914) and XO (AS2828, now a part of Verizon).

Next is the propagation profile of just one of those Bell Canada routes leaked by Level 3. 50.100.32.0/22, for example, is not normally in the global routing table. That address space is covered by 50.100.0.0/16, a less-specific route. During the leak, this route (along with about 4,000 others) appeared in the global routing table as originated by AS577 and transited by AS3356. About 40% of our BGP sources had these leaked routes in their routing tables and most chose NTT (AS2914) to reach AS3356 en route to AS577 (below right).

Comcast, the largest internet service provider in the United States, was also directly impacted by yesterday’s routing leak.

When Comcast internet is down…#comcastoutage pic.twitter.com/cnGF9aMpTB

— Modiv (@ModivMusic) November 6, 2017

Comcast uses numerous ASNs to operate their network and Level 3 leaked prefixes from quite a few of them, diverting and slowing internet traffic bound for Comcast. According to our data, Level 3 leaked over 3000 prefixes from 18 of Comcast’s ASNs listed below.

• AS33491 (356 leaked prefixes)
• AS7725 (252 leaked prefixes)
• AS7015 (248 leaked prefixes)
• AS33287 (241 leaked prefixes)
• AS33651 (235 leaked prefixes)
• AS22909 (198 leaked prefixes)
• AS33657 (178 leaked prefixes)
• AS33668 (176 leaked prefixes)
• AS20214 (176 leaked prefixes)
• AS7016 (161 leaked prefixes)
• AS33650 (152 leaked prefixes)
• AS33667 (145 leaked prefixes)
• AS33652 (142 leaked prefixes)
• AS33490 (117 leaked prefixes)
• AS13367 (117 leaked prefixes)
• AS33660 (101 leaked prefixes)
• AS33659 (97 leaked prefixes)
• AS33662 (89 leaked prefixes)

Our traceroute measurements into Comcast reveal the impact of the leak from a performance standpoint. The two visualizations below show a bulge of internet traffic headed for the leaked IP address space diverted through Level 3, and the increase in observed latency.

Other Impacts

Level 3 leaked 81 prefixes from RCN who appeared to pull the plug on their Level 3 connection at 18:34 UTC, once they figured out what was causing a slowdown in their network.

Impacts were not limited to the United States. Networks in Brazil, Argentina and the UAE also had routes leaked by Level 3 yesterday. Below are example routes leaked from Giga Provedor de Internet Ltda (AS52610, 42 leaked prefixes), Cablevision S.A. (AS10481, 365 leaked prefixes), and even the Weill Cornell Medical College in Qatar (AS32539, 3 leaked prefixes):

Conclusion

It is important to keep in mind that the internet is still a best-effort endeavor, held together by a community of technicians in constant coordination. In this particular case, initial clues as to the to origin of this incident were first reported in a technical forum (the outages list) when Job Snijders astutely observed new prefixes being routed between Comcast and Level 3 yesterday.

Peer leaks are a continuing risk to the internet without any silver bullet solution. We previously suggested to use protection when peering promiscuously, but even a well-run network like Google has been both the leaker and the leaked.

Networks share more-specific routes to a peer in order to ensure that return traffic comes directly back over the peering link. But there is always the risk that the peer could leak those routes and adversely affect your network. When the leaker is the biggest telecom in the world (and only getting bigger), the impact is likely to be significant.
https://dyn.com/blog/widespread-impa...gp-route-leak/





How AV Can Open You to Attacks that Otherwise Wouldn’t be Possible

New AVGater flaw provided key ingredient for hacker to hijack computer.
Dan Goodin

Antivirus programs, in many cases, make us safer on the Internet. Other times, they open us to attacks that otherwise wouldn't be possible. On Friday, a researcher documented an example of the latter—a vulnerability he found in about a dozen name-brand AV programs that allows attackers who already have a toehold on a targeted computer to gain complete system control.

AVGater, as the researcher is calling the vulnerability, works by relocating malware already put into an AV quarantine folder to a location of the attacker's choosing. Attackers can exploit it by first getting a vulnerable AV program to quarantine a piece of malicious code and then moving it into a sensitive directory such as C:\Windows or C:\Program Files, which normally would be off-limits to the attacker. Six of the affected AV programs have patched the vulnerability after it was privately reported. The remaining brands have yet to fix it, said Florian Bogner, a Vienna, Austria-based security researcher who gets paid to hack businesses so he can help them identify weaknesses in their networks.

Bogner said he developed a series of AVGater exploits during several assignments that called for him to penetrate deep inside customer networks. Using malicious phishing e-mails, he was able to infect employee PCs, but he still faced a significant challenge. Because company administrators set up the PCs to run with limited system privileges, Bogner's malware was unable to access the password database—known as the Security Account Manager—that stored credentials he needed to pivot onto the corporate network.

"With the help of AVGater, I gained local admin privileges," Bogner wrote in an e-mail. With full control over the employee computer his exploit provided, he had no trouble accessing the credential store, which is commonly known as a SAM database. "So AVGater was VERY useful during several of our pentests and red-teaming assignments."

0wning Antivirus

The attack worked first by getting Bogner's malicious file quarantined by the AV program running on the targeted computer. The pentester then exploited vulnerabilities in the AV programs that allowed unprivileged users to restore the quarantined files. He further abused a Windows feature known as NTFS file junction point to force the restore operation to put his malicious file into a privileged directory of Bogner's choosing. The technique took advantage of another Windows feature known as Dynamic Link Library search order. With that, Bogner's malware ran with full privileges.

Bogner initially found six AV engines that were vulnerable and privately reported the flaw to them. All of them have recently plugged the local privilege escalation hole. They are: Emisoft, Ikarus, Kaspersky, Malwarebytes, Trend Micro, and ZoneAlarm. In the past week, Bogner said he has identified seven other AV engines he believes are similarly vulnerable. He's in the process of working with the providers to understand precisely how their products are affected. To give the providers time and to prevent the vulnerabilities from being exploited maliciously in the wild, he isn't naming the AV products.

AVGater is the latest example of the way AV programs can make people susceptible to attacks that otherwise wouldn't be possible. These types of critical AV weaknesses have existed for as long as the industry has, but they didn't start to get much attention until researchers Alex Wheeler and Neel Mehta presented a talk titled 0wning Antivirus at the Blackhat security conference in 2005. They disclosed critical flaws in AV products from Symantec, McAfee, TrendMicro, and F-Secure.

Two years later, researcher Sergio Alvarez delivered a talk at the Chaos Communication Camp that disclosed flaws in products from CA eTrust, Norman, Panda, ESET, F-Secure, Avira, and Avast. In 2008, researcher Feng Xue presented two talks that aired still more vulnerabilities in an even wider list of engines.

More recently, a Google Project Zero researcher has found critical vulnerabilities in AV. In the past year, senior developers for both Chrome and Firefox have also strongly criticized AV security, with Justin Schuh, the security chief for the Google browser, calling AV "my single biggest impediment to shipping a secure browser."

The problem with AV is that it's expected to interact with just about every kind of file, even when it's not opened. That presents a key opening for attackers, particularly when exploiting AV products that haven't been properly safeguarded with security sandboxes, software fuzzers, and similar protections. A recently fixed bug in Microsoft's Windows Defender engine, for example, allowed for code-execution attacks that could be triggered by a simple e-mail attachment, even when the recipient didn't open it.

In fairness to the AV providers, they are generally extremely quick to fix vulnerabilities once they're reported. What's more, there's little doubt that AV prevents millions of computers from being infected with ransomware, keyloggers, and other types of malware that would have had free rein over computers that didn't have the protection installed. As a general rule, people who aren't likely to be narrowly targeted in attacks are probably better off running Windows Defender or another name-brand AV engine. Journalists, lawyers, and activists, on the other hand, should weigh the benefits and risks on a case-by-case basis.
https://arstechnica.com/information-...t-be-possible/





Trump Administration Releases Rules on Disclosing Cyber Flaws
Dustin Volz

The Trump administration publicly released on Wednesday its rules for deciding whether to disclose cyber security flaws or keep them secret, in an effort to bring more transparency to a process that has long been cloaked in mystery.

The move is an attempt by the U.S. government to address criticism that it too often jeopardizes internet security by stockpiling the cyber vulnerabilities it detects in order to preserve its ability to launch its own attacks on computer systems.

The revised rules, published on whitehouse.gov, are intended to shed light on the process for how various federal agencies weigh the costs of keeping a flaw secret, said Rob Joyce, the White House cyber security coordinator.

Speaking at an Aspen Institute event in Washington, Joyce said the rules were the “most sophisticated” in the world and that they set the United States apart from most other nations.

Private companies, he said, “are not getting tips from China, Russia, North Korea, Iran” about flaws in their technology.

Under former President Barack Obama, the U.S. government created an inter-agency review, known as the Vulnerabilities Equities Process, to determine what to do with flaws unearthed primarily by intelligence agencies such as the National Security Agency (NSA).

The process is designed to balance law enforcement and U.S. intelligence desires to hack into devices with the need to warn manufacturers so that they can patch holes before criminals and other hackers take advantage of them.

The new Trump administration charter on the process explains how it functions and names the agencies involved in the vulnerability reviews. They include intelligence agencies in addition to several civilian departments, including the Departments of Commerce, Treasury, Energy and State.

The NSA is listed as the “executive secretariat” of the inter-agency group, tasked with coordinating debate over flaws submitted by the various agencies if there is disagreement about whether to disclose them. If disagreements are not reconciled the group will vote on whether to disclose or retain the flaw.

The rules also require an annual report, portions of which will be made public, that provides metrics about the amount of flaws discovered, retained and disclosed.

Decisions to retain vulnerabilities must be reconsidered every year, according to the charter.

The publication of the charter is “a major improvement,” said Ari Scwhartz, coordinator of the Coalition for Cybersecurity Policy and Law and a former Obama administration cyber official. The Obama administration sought to release a similar document before the end of last year but ran out of time, Schwartz said.

Some security experts have long criticized the process as overly secretive and too often erring against disclosure.

Joyce said on Wednesday more than 90 percent of flaws are ultimately disclosed, though some critics say they are not shared quickly enough and that the most severe flaws are too often stockpiled.

The criticism grew earlier this year when a global ransomware attack known as WannaCry infected computers in at least 150 countries, knocking hospitals offline and disrupting services at factories.

The attack was made possible because of a flaw in Microsoft’s Windows software that the NSA had used to build a hacking tool for its own use.

But in a breach U.S. investigators are still working to understand, that tool and others ended up in the hands of a mysterious group called the Shadow Brokers, which then published them online.

Suspected North Korean hackers spotted the Windows flaw and repurposed it to unleash the WannaCry attack, according to cyber experts. North Korea has routinely denied involvement in cyber attacks against other countries.

Asked about the WannaCry attack, Joyce declined to say whether the Windows flaw detected by the NSA went through the vulnerability review process.

Reporting by Dustin Volz; Editing by Bernadette Baum and Susan Thomas
https://www.reuters.com/article/us-u...-idUSKBN1DF0A0





Foiling Cyberspies on Business Trips
Julie Weed

The admonitions to business travelers headed to other countries should be familiar by now: Keep your laptop with you at all times. Stay off public Wi-Fi networks. Don’t send unencrypted files over the internet.

But not all travelers are heeding them, and many are unaware of the foreign hackers and state-sponsored spies who are taking advantage of their lax security practices.

“There’s a difficult intersection between convenience and security,” said Samantha Ravich, who studies cyber-enabled economic warfare at the Foundation for Defense of Democracies, a policy institute focusing on national security. It takes more time to work abroad in the most secure way, and she said she would “often see executives hanging their head somewhat sheepishly when I ask who in the room follows all the security protocols.”

The theft of technical product specifications, investment plans, research on mergers and acquisitions, marketing plans and other information can have consequences beyond loss of revenue and market position, Ms. Ravich told the Senate Foreign Relations Committee this year. She described potential large-scale effects of state-sponsored economic warfare, which, she said, could disrupt the delivery of items crucial for manufacturing, malware incidents that could disrupt travel and cyberattacks that could force companies to shut down their websites.

The problem of intellectual property theft is not new, but it is now much more widespread. “Placing listening devices in conference rooms, hotels and restaurants is traditional Espionage 101,” Ms. Ravich said. But with tools like tiny inexpensive cameras and microphones or compromised Wi-Fi networks, corporate or state-sponsored industrial espionage “can be done cheaply and at scale,” she said.

Multiple microphones in a conference center, for instance, can be recording constantly, and those recordings can be fed into natural language processing software trained to flag certain words and report those conversations. “It’s not just a guy with headphones listening in the next room anymore,” Ms. Ravich said.

Communicating over the internet while overseas can be especially fraught, said Nicole Miller, an independent consultant in San Francisco who helps companies communicate with employees and customers on cybersecurity issues. “Assume any data, any information you transmit can be taken by a hacker, nation-state or another business,” she said. “These are not pedestrian tools they are using. They are extremely sophisticated.”

Physical security of phones, tablets and laptops is as important as cyberprotection, Ms. Miller said. “Don’t leave your laptop or papers in your hotel room when you go out,” she said. A hotel room safe should not even be considered secure.

Ms. Miller said she advised travelers to create complex passwords for their devices and all of their online accounts, to use two-factor authentication whenever possible and to avoid plugging other people’s USB drives or other external hardware into their computers.

Laptops should also be wiped clean of any data and software at the end of the trip, she said. “Your device could have been altered, your data could have been altered,” without your realizing it, Ms. Miller said.

Sometimes circumstances beyond travelers’ control expose their information, as when customs officers in another country seize a person’s device and copy its contents, she said. “That’s why any information not absolutely required for a trip should remain at the office,” Ms. Miller said.

“And don’t tell your colleague about your great meeting while you are in the back of a taxi or in a restaurant,” she said, because you never know who is listening. Some businesspeople at a foreign conference go so far as to wear buttons telling people not to speak out loud about their intellectual property.

Stanford University and Microsoft are among educational institutions and companies that supply comprehensive precaution and instruction lists to their employees who travel abroad.

Maureen Sharma travels regularly to Asia as part of her work for Mullally International, a small product development company in Seattle. Some unsettling incidents, she said, have made her more cautious when she travels abroad.

“I often get more spam and strange emails that look like they are from me with attachments,” when returning from her business trips. Once, Ms. Sharma said, she received an email that looked as if it were from a Chinese factory she was working with, asking her to send the next payment to a new bank account. “Luckily, I called to confirm, because the factory had not sent that email,” she said.

Ms. Sharma said she makes sure never to bring sensitive information on her laptop and changes all her passwords every time she returns home from any trip abroad.

The same risks may apply to businesspeople staying in hotels in the United States. When the Chinese company Anbang purchased the Waldorf Astoria in New York, President Barack Obama stopped having meetings there over cybersecurity concerns. Business, military and government information is being targeted for industrial espionage, said Evan Anderson, chief executive of Invnt/IP, a group dedicated to combating nation-sponsored intellectual property theft, who writes about intellectual property security for the Strategic News Service website. “So shouldn’t we take the same precautions at home as we would abroad?”

Mr. Anderson said he created a map of Chinese-owned hotels around the world in 2016 and was surprised by how many they were, including some in Silicon Valley where technology companies hold meetings. “Most people don’t realize that an individual Four Seasons hotel, Ritz-Carlton, or many other brands can be owned by a Chinese company with close ties to the Chinese government,” he said.

Of course, listening, spying and hacking can happen no matter who owns a hotel or where a meeting is. “The internet has no borders,” Ms. Miller said. “You could be hacked in another country or the U.S., and you have no idea where that person is.”

Ms. Ravich agreed. “There is a glaring disconnect between how critical this is, and how seriously people take it,” she said. One reason is that the theft of information, data or plans may go unnoticed, unlike the theft of a physical laptop. It is also hard to connect a cyberattack on a company to a specific trip taken by a specific employee.

Companies need to place better controls on the hardware they issue, like laptops and cellphones, Ms. Ravich said, so the devices automatically send only encrypted data, require strong passwords and use cellular connections rather than the local Wi-Fi. To really improve or “harden” cybersecurity for business travelers, she said, companies need to take human behavior out of the equation.
https://www.nytimes.com/2017/11/13/b...ess-trips.html





Pixel Won’t Get KRACK Fix Until December, But is that Really a Big Deal?

Android never relied on WPA2 for security, so breaking it shouldn't matter much.
Ron Amadeo

In October, security researchers discovered a major vulnerability in a Wi-Fi's WPA2 security called "KRACK." This "Key Reinstallation Attack" can disrupt the initial encryption handshake that happens when an access point and a device first connect, allowing an attacker to read information assumed to be securely encrypted. It's possible to totally defeat WPA2 encryption using KRACK, allowing a third party to sniff all the Wi-Fi packets you're sending out. Any device that uses Wi-Fi and WPA2 is most likely vulnerable to the bug, which at this point is basically every wireless gadget on Earth.

Google and the rest of the OEMs are working to clean up Android's KRACK epidemic, and, on Monday, Google addressed the bug in the November Android Security Bulletin. A patch was posted this week to the Android Open Source Project (AOSP) repository, and, at the same time, Google started rolling out a November security update to Google Pixel and Nexus devices. But if you read the bulletin closely, you'll see the November security patch for Google devices does not contain the KRACK fix.

Google's Android security bulletin is not the clearest thing on Earth. The company posted three different general Android security bulletins for November on Monday, labeled "2017-11-01," "2017-11-05," and "2017-11-06." The Pixel/Nexus specific security page mentions that Google is pushing out only the "11-05" update to devices, leaving OEMs to deal with the rest. However, Google also had language saying the "11-05" release "addresses all issues in the November 2017 Android Security Bulletin," which would suggest a KRACK fix.

After contacting Google, we got word that Pixel and Nexus devices will only get patches covering the November 1 and 5 bulletins this month, and it seems Google has changed the ambiguous language in the security bulletin. We also have a bit of news: the KRACK vulnerability won't be patched on Google-branded devices until December. That's right, Pixel and Nexus owners will have to survive a whole extra month being vulnerable to KRACK. But this isn't as huge of a problem as you might imagine.

How whack is KRACK on Android, really?

The KRACK vulnerability affects nearly all Wi-Fi devices, but the researchers put a big target on Android specifically when they said the attack was "exceptionally devastating against Linux and Android 6.0 or higher." The reasoning the post laid out was that because Android could be tricked via KRACK into installing an all-zero encryption key, the researchers claimed it was "trivial to intercept and manipulate traffic sent by these Linux and Android devices."

KRACK can essentially completely break WPA2 security, but the thing is, while Android does use WPA2 for encryption where available, Android doesn't rely on WPA2 for security. Android is used to running on a variety of networks. It has to deal with hundreds of carrier configurations around the world, that random coffee shop hot spot that you share with a bunch of strangers, and sometime just connecting to an unencrypted, open Wi-Fi connection. Android already assumes the network is hostile, so even if you break WPA2 security, you're only treated to a stream of individually encrypted connections. All the Google apps come with their own encryption, and Google's development documents tell developers to "Send all network traffic from your app over SSL." Connecting to websites with HTTPS (like Ars Technica!) will still be secure, and all of Android's back-end Play Services stuff, like the 24/7 connection to Google, is also encrypted.

KRACK is a big deal for some devices, but it's mainly those that use WPA2 as their primary form of security. A lot of times this is IoT stuff like video cameras or "dumber" devices like a printer. On Android, killing WPA2 security is no different from logging in to an open coffee shop Wi-Fi with 25 other random people. Android is used to this, and the OS and apps generally take the right precautions.

The demonstration video from the KRACK researchers does a good job of conveying the actual threat. After using KRACK to break WPA2 security, they still need some other vulnerability to actually do anything. In the case of the video, after breaking WPA2, they find an improperly configured website—Match.com—and use a tool called "sslstrip" to bypass the HTTPS protections that are normally there on the login page. The victim can see that this is happening—there's no indication that the site is secure—but less technical users might not pick up on the indicators. If the victim logged in over an HTTP connection, the attacker could potentially read their username and password.

Removing Match.com's encryption is a problem specific to Match.com, though, and the researchers admit that "bypassing https does not work against properly configured websites, but it does work against a significant fraction." It stinks that Android's WPA2 security can be broken, but it was only one portion of Android's defense-in-depth strategy. An attacker will still need to have some other vulnerability at the ready in order to accomplish anything. Any competently written app or website should still be safe.

Android's security bulletin process

We can also shed a little light on Google's crazy triple security bulletin release this month. Releasing three security bulletins all at once might seem a little excessive, but the reason has to do with coordination with the Android ecosystem. Google has to not only patch AOSP itself but coordinate a rollout among device OEMs and hardware component vendors. The three bulletins allow for flexibility in development and release time and cover different areas of responsibility for different companies.

Normally, there are two security bulletins at the beginning of the month. The bulletin dated the first of the month covers bugs in AOSP, which are fixed directly by Google. These are generally going to be easier to implement on devices because only Google and the OEM are involved. Not every security vulnerability happens exclusively in AOSP, though—sometimes a bug exists in the proprietary code controlled by various component vendors that produce the SoCs, Wi-Fi modules, and other components in a device. Since these patches are the responsibility of the vendor (Qualcomm, Broadcom, Nvidia, etc) and require coordination with Google and the OEM, they can take longer to fix. These bugs therefore get filed to a second security bulletin, dated the fifth of the month.

Google notifies OEMs and vendors of everything in the 01 and 05 patches about 30 days before the public release date and shares preview code with the vendors. The 30 days of advanced notice allows everyone to develop an update specifically for their devices. Then, 30 days later, everyone (theoretically) does a coordinated update release, and Google posts the security bulletin for that release. Ideally OEMs ship the "05" patch every month, but if vendor coordination issues crop up, they can still fall back to shipping just the AOSP fixes in the "01" patch. The patch dates are cumulative, so any vendor claiming the "05" date also has covered the bugs in the "01" release.

Anything dated past the 5th (usually the 6th) is an "out of cycle" patch, meaning it is issued outside the usual monthly cadence. OEMs might not have had this code for very long, so it might not make it into the patch released at the beginning of the month. OEMs can rush out an emergency patch if they feel the problem is important enough, or they can just wait and roll it into next month's patch. In this specific case, Google is one of these OEMs and will be rolling the 11-06 patch into the December security patch.

As for the rest of the OEM landscape, a few have already rolled out a KRACK patch, and others should have things patched up this month. Essential and OnePlus both shipped a patch for KRACK last week. To add more confusion to the situation, Essential is shipping with the "11-05" security patch designation this month, not the 11-06 label, despite already fixing KRACK. The company admits it should be using the 11-06 patch label but says it "wasn't worth delaying the roll-out to fix the patch date." Samsung should have a KRACK fix out this month, too: it posted a November Security Maintenance Release bulletin that contains all the KRACK CVEs.

Users can see what patch level they're on via the "Android security patch level" field on the "About Phone" screen. Bulletin releases like "2017-11-06" will be reformatted to "November 6th, 2017," and each release date covers the vulnerabilities in the previous releases. This month, users will get a monthly security patch, but it might be dated November 5 and, therefore, not have the KRACK fix. Unless you see "November 6th, 2017" in your "About Phone" screen, your phone isn't patched for KRACK—but either way you should still be fine.
https://arstechnica.com/gadgets/2017...ly-a-big-deal/





This $150 Mask Beat Face ID On the iPhone X

It's just a proof of concept at the moment
Thuy Ong

Vietnamese cybersecurity firm Bkav claims it's been able to bypass the iPhone X's Face ID feature using a mask. The mask is made to trick Apple's depth mapping and the result is a kind of creepy hybrid monster head with realistic cutouts for the eyes, nose and mouth.

Bkav says the mask is crafted through a combination of 3D printing, makeup, and 2D images. There's also some "special processing done on the cheeks and around the face" where there are large areas of skin, and the nose is created from silicone. The demo video shows the iPhone being unlocked using the mask, and then again using the researcher’s face, in just one go.

The cost of making the mask is relatively inexpensive at $150, says Bkav, which began working on the mask right after recieving their iPhone X on November 5th. That means it was able to create a bypass for Face ID in less than a week. The firm does stress that the product is just a proof of concept at the moment and more research is needed. "Country leaders, leaders of major corporations... are the ones that need to know about the issue, because their devices are worth illegal unlock attempts. Exploitation is difficult for normal users, but simple for professional ones," Bkav said on an FAQ on its website.

Apple published a technical white paper on Face ID a few weeks ago that described the techniques used in facial matching. It states that the iPhone X uses a neural network that’s trained to spot and resist spoofing, and “defends against attempts to unlock your phone with photos or masks.” The Wall Street Journal's Joanna Stern made a silicone mask that failed to trick Face ID during her review of the iPhone X.

When introducing the iPhone X in September, executive Phil Schiller said Apple’s engineers had worked with professional mask makers and makeup artists in Hollywood to protect against attempts to beat Face ID. "These are actual masks used by the engineering team to train the neutral network to protect against them in Face ID," said Schiller while standing below an image of the masks. He didn't say if any of its masks could defeat the system, however. Schiller did concede that no biometric system is perfect, noting that the probability of a random person unlocking an iPhone X with Face ID is approximately 1 in 1,000,000, compared to 1 in 50,000 for Touch ID.
https://www.theverge.com/2017/11/13/...-x-faceid-mask





Super Creepy Thanksgiving Study Comes with Extra Helping of Smartphone Surveillance

Careful loosening that belt post dinner — you're being watched.
Jack Morse

It's that time of the year again when Americans come together with friends and relatives to share a hearty meal and not think about the world falling apart around them. Or, alternatively, to argue about the different politicians responsible for the crumbling state of our society and planet.

What Thanksgiving revelers might not realize, however, is that the precise geographic details of their communal experience are being recorded, analyzed, and monetized by a combination of smartphone apps and a little known San Francisco-based company by the name of SafeGraph.

And it's super creepy.

The study, which aimed to quantify just how much "politically divided families shortened Thanksgiving dinners" (reportedly 20 to 30 minutes last year, for what it's worth), is an interesting if somewhat bemusing snapshot of a divided America. But that's not what we're here to talk about. Rather, it's how the study authors went about coming to their eventual conclusion that deserves further consideration.

In order to figure out if Americans were cutting their Turkey Day meals short, researchers first needed to determine just how long individuals spent at holiday dinners both in 2015 and 2016 (you know, for comparison purposes). To do this, they hooked up with SafeGraph — a company that bills itself as "unlocking the world's most powerful data so that machines and humans can answer society's toughest questions" (like the length of Turkey dinners, for example).

It's the next part that will freak you out. Figuring out meal durations comes down to knowing if a person ate at home or a family member's spot, and how long that person stayed at Uncle Billy's before getting fed up with his bullshit and bouncing out. To pull that off, study authors M. Keith Chen and Ryne Rohla needed a lot of location data. Enter SafeGraph.

"The [location tracking] data consist of 'pings', each of which identify the location (latitude and longitude) of a particular smartphone at a moment in time," explains the study. "Safegraph tracks the location of more than 10 million Americans’ smartphones, and our core analysis focusses on the more than 17 trillion pings SafeGraph collected in the continental United States in November of 2016."

OK, there's a lot to unpack here, so let's take this one step at a time. First, researchers were able to obtain the latitude and longitude of potentially millions of Americans' smartphones via their San Francisco-based friends. Second, there were more than 17 trillion so-called pings made available to them from last November alone. That means this data is being recorded near constantly.

But wait, it gets weirder. Just how, exactly, did SafeGraph get its hands on all this data? A look at the company's privacy policy provides some insight.

"We obtain information from trusted third-party data partners such as mobile application developers, through APIs and other delivery methods," the company notes. "The data collection and use is governed by the privacy policy and legal terms of the data collector and the website using the data; it is not governed by SafeGraph. The information we collect includes data regarding a device’s precise geographic location, as well as other mobile identifiers such as Apple IDFAs and Google Android IDs, and other information about users and their devices."

In other words, SafeGraph obtains your precise location via the apps on your smartphone. And, with 17 trillion pings from November 2016 alone, the company has a lot of data to work with. So much so, in fact, that researchers can use it to determine how long your Thanksgiving dinner was and whether or not it was at your place or someone else's.

Imagine what other factoids about your daily habits could be gleaned from the same precise location data.

And just what specific apps is SafeGraph getting this info from? We reached out to the company in an attempt to find out, and will update this when and if we hear back.

In the meantime, however, this should serve as a stark reminder that you frequently don't control what smartphone apps do with your data — or who they sell it to — and that if you want to keep the details of your contentious Thanksgiving dinner to yourself, well, maybe considering turning off location services on your cellphone.
http://mashable.com/2017/11/15/thank...artphone-apps/





Why is this Company Tracking Where You are on Thanksgiving?

• A data collection service called SafeGraph collected 17 trillion location markers for 10 million smartphones during the holiday last year.
• 17T: The number of location markers for phones and their users SafeGraph collected during Thanksgiving last year. That’s T, for trillion.

Adrianne Jeffries

This morning, a few publications ran with a holiday-themed data study about how families that voted for opposite parties spent less time together on Thanksgiving, especially in areas that saw heavy political advertising. It’s an interesting finding about how partisan the country is becoming, and admirably, the study’s authors tried to get data that would be more accurate than self-reporting through surveys. To do this, they tapped a company called SafeGraph that provided them with 17 trillion location markers for 10 million smartphones.

The data wasn’t just staggering in sheer quantity. It also appears to be extremely granular. Researchers “used this data to identify individuals' home locations, which they defined as the places people were most often located between the hours of 1 and 4 a.m.,” wrote The Washington Post.

The researchers also looked at where people were between 1 p.m. and 5 p.m. on Thanksgiving Day in order to see if they spent that time at home or traveled, presumably to be with friends or family. “Even better, the cellphone data shows you exactly when those travelers arrived at a Thanksgiving location and when they left,” the Post story says.

To be clear: This means SafeGraph is looking at an individual device and tracking where its owner is going throughout their day. A common defense from companies that creepily collect massive amounts of data is that the data is only analyzed in aggregate; for example, Google’s database BigQuery, which allows organizations to upload big data sets and then query them quickly, promises that all its public data sets are “fully anonymized” and “contain no personally-identifying information.” In multiple press releases from SafeGraph’s partners, the company’s location data is referred to as “anonymized,” but in this case they seem to be interpreting the concept of anonymity quite liberally given the specificity of the data.

It’s unclear if users realize that their data is being used this way, but all signs point to no. (SafeGraph and the researchers did not immediately respond to questions.) SafeGraph gets location data from “from numerous smartphone apps,” according to the researchers. According to SafeGraph’s privacy policy: “We obtain information from trusted third-party data partners such as mobile application developers, through APIs and other delivery methods. The data collection and use is governed by the privacy policy and legal terms of the data collector and the website using the data; it is not governed by SafeGraph.” In other words, SafeGraph is partnering with apps — they could be weather apps, games, wallpapers, anything — and leaving the disclosure up to the app maker. The app makers may have some tiny print that says “we reserve the right to share your location data with third parties,” or they may not have a disclosure at all — it’s not SafeGraph’s problem. “The information we collect includes data regarding a device’s precise geographic location, as well as other mobile identifiers such as Apple IDFAs and Google Android IDs, and other information about users and their devices,” (emphasis ours) the privacy policy continues.

SafeGraph bills itself as a company collecting high quality data that can be used by companies that specialize in artificial intelligence and machine learning. It raised $16 million from investors including IDG Ventures and more than 100 individual investors including Peter Thiel earlier this year. It does not go into much detail about its data sources on its website except to say its data is “high precision/low false positive,” and “Data collected in background from large population.” If you aren’t creeped out enough yet, consider this line in the privacy policy, just for fun: “Likewise, in the event of any potential merger or acquisition, any Data we hold (including information collected on our website) will likely be transferred to the successor entity, and shared with others in preparation or anticipation of such an event (e.g., during due diligence).”

The company has written about the importance of data privacy, albeit with an eye toward legal compliance, but its attitude toward data collection is understandably greedy. In a blog post about an industrywide location collecting software kit called OpenLocate, SafeGraph wrote, “OpenLocate is founded on the belief that developers should have complete control over how location data is collected on their users,” emphasis mine. Developers should have complete control? What about the users?

A user can opt out of this kind of tracking by turning off location services or opting out of ad services on an Android or Apple device. But most people probably don’t realize that their Thanksgiving habits could end up being scrutinized by strangers because they downloaded a weather app. It’s a sign of the times that two university researchers could get their hands on 17 trillion location markers for 10 million people, as data collection is ubiquitous and regulatory oversight is meek. Is your data in this study? It would be very difficult to find out.

If SafeGraph had stuck to selling its product to its B2B clients, we might have stayed blissfully unaware, but now we know. At least we got some insight into how Democrats and Republicans are spending their Thanksgivings.
https://theoutline.com/post/2490/why...n-thanksgiving





Consumers are Holding off on Buying Smart-Home Gadgets Thanks to Security and Privacy Fears
Caroline Cakebread

• Consumers are more cautious about smart-home devices than other Internet of Things gadgets, a new survey found.
• Consumers' hesitation about connected-home devices stems from concerns about privacy and security.
• Few of those surveyed felt gadget makers were doing a good job of informing them about the security risks posed by the devices.

Lots of different Internet of Things devices are catching on with consumers, from smart watches to connected cars.

But there's one set of such gadgets that many consumers are resisting — smart home devices.

Consumers are uneasy about being watched, listened to, or tracked by devices they place in their homes, consulting firm Deloitte found in a new survey it released Wednesday. Thanks to such discomfort, consumer interest in connected home home technology lags behind their interest in other types of IoT devices, Deloitte found.

"Consumers are more open to, and interested in, the connected world," the firm said in its report. Noting the concerns about smart home devices, it added: "But not all IoT is created equal."

Nearly 40% of those who participated in the survey said they were concerned about connected-home devices tracking their usage. More than 40% said they were worried that such gadgets would expose too much about their daily lives.

Meanwhile, the vast majority of consumers think gadget makers weren't doing a good job of telling them about security risks. Fewer than 20% of survey respondents said they were very well informed about such risks and almost 40% said they weren't informed at all.

Some recent high-profile incidents have given consumers cause for caution about smart-home devices. British security researcher Mark Barnes demonstrated earlier this year that it was possible to hack an Amazon Echo smart speaker to listen to what's going on in an owner's house. And last month, a reporter with a review unit of one of Google's new smart speakers discovered the device was recording him without his permission.
http://www.businessinsider.com/consu...-fears-2017-11





Wireless Carriers On Mute as Supreme Court Hears Big Privacy Case
Lawrence Hurley, Dustin Volz

The U.S. Supreme Court is set to consider a major cellphone privacy case later this month, but leading players in the wireless industry that is at the center of the closely watched dispute are keeping their distance.

The case, to be heard by the justices on Nov. 29, involves whether a warrant is required for authorities to obtain cellphone location information that could implicate criminal suspects, the latest in a string of Supreme Court cases on privacy rights in the digital age.

It has become the latest example of how American phone carriers have been reluctant to engage in data privacy disputes -- especially those that may pit them against the U.S. government -- despite their role as custodians of customer data, legal experts and privacy advocates say.

Of the four major U.S. mobile phone carriers -- Verizon Communications Inc (VZ.N), AT&T Inc (T.N), Sprint Corp (S.N) and T-Mobile US Inc (TMUS.O) -- only Verizon has taken a stand in the case. Verizon joined a legal brief with technology companies including Alphabet Inc’s Google (GOOGL.O) and Apple Inc (AAPL.O) calling for stronger protections for the privacy of customer data.

Wireless industry trade group CTIA has shied away from the case, the most significant in years on phone privacy.

Digital right advocates have criticized the industry’s hands-off approach.

“Few private actors have been more involved in the erosion of Americans’ privacy than the telecoms, particularly over the last 15 years,” said Alex Abdo, a senior staff attorney at the Knight First Amendment Institute at Columbia University in New York, which filed a brief supporting expanded privacy rights in the case. “They have been silent for almost all that time.”

Despite massive growth in the amount and types of customer data stored by phone and tech companies, U.S. law on how to treat that information has barely changed during that period.

Some tech firms have urged reforms that would ensure privacy protections for customer data. Microsoft (MSFT.O) and Google both opposed the government’s attempts to obtain customer data stored on foreign servers, a central issue in the other major tech case currently before the Supreme Court.

CTIA, AT&T and T-Mobile declined to comment on the current case. Sprint spokeswoman Lisa Belot said the company had not taken a position on it.

Verizon spokesman Rich Young said the case “highlights the ever-existing need to find the right balance between law enforcement and privacy, and raises tough questions about how to apply old statutes and legal doctrines to modern technologies.”

Although the legal fight is about location information, “the Supreme Court’s decision is likely to impact how the government obtains other sensitive types of information from many other types of providers,” Young added.

UNREASONABLE SEARCH

The Supreme Court twice in recent years has ruled on how criminal law applies to new technology, both times ruling against law enforcement authorities.

Cellphone location records are becoming increasingly important in criminal investigations, with authorities routinely requesting and receiving this data from wireless providers. The four major wireless carriers handle thousands of requests from law enforcement annually for this data.

Such data shows which local cellphone towers that phone users connected to when they made calls. Police can use past data to determine if a suspect was in the vicinity of a crime.

The justices will hear an appeal by a man named Timothy Carpenter who was convicted in armed robberies in Ohio and Michigan. Police helped establish Carpenter was near the scene of robberies at Radio Shack and T-Mobile stores by securing past cell site location information from his cellphone carrier, MetroPCS, now owned by T-Mobile.

Carpenter’s American Civil Liberties Union lawyers argued that police need “probable cause,” and therefore a warrant, in light of the U.S. Constitution’s Fourth Amendment protections against unreasonable searches.

Based on a provision of a 1986 law called the Stored Communications Act, the Justice Department said probable cause was not needed, but rather the lesser “reasonable grounds,” to show that records are “relevant and material” to an investigation.

Civil liberties groups said that law did not anticipate the way mobile devices would become huge data depositories.

A ruling favoring Carpenter would set a precedent that could be applied to other forms of data. Investigations on a range of issues, including public corruption and identity theft, would be threatened if Carpenter wins, the National District Attorneys Association said in a legal brief.

Unlike internet firms, telephone providers require government licenses to operate and many have signed contractual agreements that mandate cooperation with the government on legal processes, said Albert Gidari, a lawyer who represented phone and internet companies on surveillance issues for 20 years.

Digital rights activists said this fact makes U.S. carriers reluctant to pick privacy fights with the government.

“On these issues,” Gidari said, “it does not serve them to be very vocal.”

Reporting by Lawrence Hurley and Dustin Volz; Editing by Jonathan Weber and Will Dunham
https://uk.reuters.com/article/us-us...-idUKKBN1DH1CU





Snapchat’s New Test: Grow Like Facebook, Without the Baggage
Kevin Roose

In today’s social media industry, you essentially have two options: Die young, or live long enough to turn into Facebook.

Snap, the parent company of Snapchat, appears to be headed down the latter path. After a disappointing earnings report last week, which sent the company’s stock tumbling by nearly 20 percent, Snap announced a sweeping strategy shift that contained more than a few hints of Facebook envy.

In an attempt to spur user growth, Snap’s chief executive, Evan Spiegel, announced that Snapchat would be redesigned to make it easier to use. The app, which featured a minimalist design that appealed to teenagers while often perplexing their parents, will soon have a personalized feed that uses algorithms to show relevant stories to users, rather than making them sift through a reverse-chronological feed. Twitter made a similar change last year, also under pressure from Facebook.

Snap has also revamped its ad-buying process to be more like Facebook’s, with ads that can be purchased through an automated system. And it signaled last week that it wanted to expand its presence in the developing world, where Facebook is dominant. Only about 25 percent of Snapchat’s daily active users live outside North America and Europe, compared with more than 65 percent of Facebook’s users.

It’s hard to blame Snap, which declined to comment for this column, for going the Facebook route. Facebook and Instagram, which is owned by Facebook, have been trying to copy Snapchat out of existence for years, and they might be succeeding.

Instagram Stories, a near-clone of Snapchat’s most distinctive feature, has reached 300 million daily active users, nearly twice as many as Snapchat. Facebook’s enormous profits have given lofty expectations to investors in other social media companies, and its more than two billion users have made everything else seem small by comparison.

But Snap’s pivot is more than a necessary business move. It’s an indictment of our current tech landscape, and a warning sign for other start-ups hoping to take on the largest internet companies on their own terms. If a wildly creative company with an app used by 178 million people every day can still be crushed by Facebook, how is anyone supposed to succeed?

Snap still has lots of things going for it. It remains popular among American teenagers, perhaps the most highly coveted marketing demographic in the world. Snapchat has more users in the United States who are 12 to 24 years old than either Facebook or Instagram, according to eMarketer. It has also been able to buck Silicon Valley trends and introduced some truly innovative ideas, like the concept that not all digital communication should be permanently archived. And while Snap is losing money, many of its losses stem from changes it has made in order to compete with Facebook.

Still, the fact that Snap’s future is uncertain should worry you, even if you’ve never used its products. A world in which every successful internet platform is expected to behave like Facebook is a more boring, less innovative world, with no companies to challenge Facebook’s vision of the future. It’s not a good sign that in order to survive as a competitor, Snap may have to abandon the qualities that made it different in the first place.

Part of Snapchat’s appeal when it first appeared six years ago was how different it was from other messaging apps and social networks. Its disappearing photos encouraged honest sharing with close friends, rather than showing off to a large audience of acquaintances. Snapchat’s Discover program was one of the first examples of a social network paying publishers to create original, high-quality content. And unlike Mark Zuckerberg, who once said privacy was an outdated concept, Mr. Spiegel believed in safeguarding users’ data, saying in a 2015 interview that “we care about not being creepy.”

Snapchat’s distinctive qualities also helped steer it clear of some problems that are now plaguing its rivals.

It appears that Snapchat, unlike Facebook, was never exploited by Russian propagandists to influence an election, and it has taken a responsible approach to preventing false information from appearing on its platform. (Snap’s vice president for content, Nick Bell, recently told Bloomberg Businessweek, “We only work with authoritative and credible media companies, and we unashamedly have a significant team of producers, creators and journalists.”) Snapchat has not been overrun by bots and neo-Nazis, as Twitter has. And unlike Google, Snap has not harvested its users’ data in order to chase them around the internet with spammy ads for diet pills and miracle teas.

Snapchat isn’t perfect by any means, and some of the company’s wounds have been self-inflicted. Snap has misled users about its data collection practices in the past, which led to a settlement with the Federal Trade Commission. It spent millions of dollars developing Spectacles, a pair of sunglasses with a built-in Snapchat camera, that everyone talked about but few bought. (Last week, the company wrote off $40 million in losses on the project.) And nobody forced Mr. Spiegel to raise billions of dollars from investors who would demand Facebook-style growth.

Billy Gallagher, a former TechCrunch writer whose book on Snap’s corporate history, “How to Turn Down a Billion Dollars,” will come out next year, characterized the company’s recent changes as “death by a thousand paper cuts.” He told me that while investors might appreciate touches like an automated ad-buying system and a more intuitive app, Snapchat’s core users could feel betrayed.

“A social network acts against users’ interests when it needs to make money,” he said.

Snapchat, Mr. Gallagher writes, was never supposed to be just a photo-sharing app. It was the embodiment of Mr. Spiegel’s worldview about how the internet should work — temporary instead of permanent, private instead of public, candid instead of rehearsed. I asked Mr. Gallagher why Snap needed to compromise its values in pursuit of Facebook-style growth. Couldn’t it reject Wall Street’s demands, concentrate on making its existing users happy and be satisfied as a smaller and more focused company?

Mr. Gallagher said Snap’s employees, many of whom joined because they believed that the company would grow to enormous size, might bristle at any strategy that would hurt the value of their stock options. And he pointed out that Mr. Spiegel, a grandiose 27-year-old who reportedly keeps a portrait of Steve Jobs on a wall of his office, might not be satisfied with merely modest success.

“He has grand, sweeping visions of the future,” Mr. Gallagher said. “It would be very hard for him to eat a slice of humble pie and say: ‘We’re not going to be Facebook. We’re going to be a 150-million-user social network that plays in a well carved-out niche.’”

Last week, Mr. Spiegel pledged to keep Snap’s core values intact while expanding its business. But growth often comes at the expense of experimentation, and Snap’s decision to become more like Facebook is a worrisome sign for people who care about preserving the internet’s quirky heterogeneity. Snapchat’s users were once offered something genuinely different, but it may be time for them to expect more of the same.
https://www.nytimes.com/2017/11/15/b...e-baggage.html





Richard Stallman Vanishing State of Privacy

We are now subject to a greater level of surveillance than any point in history, and most of it is thanks to the digital revolution of the last few decades. Lucy Ingham hears from the legend Richard Stallman about how the digital transformation has dramatically eroded our privacy, and what it means for our lives

The digital revolution has enriched our lives in so many ways, giving us access to information and capabilities our ancestors only dream of. But that has come at a price: surveillance. Companies that provide us with the services we use know an incredible amount about us, from what we’re reading and where we go, to who we vote for and what our hobbies are.

Most of us aren’t keen on this, but we accept it as an unavoidable part of the modern world, if we even think about it at all. The data collected on us is part of the digital ecosystem in which we live, and most of us accept that it’s an unavoidable part of modern reality.

Richard Stallman, president of the Free Software Foundation, programming legend and recipient of at least 15 honorary doctorates and professorships, however, doesn’t think so. He has dedicated his professional life to railing against software surveillance, and despite surveillance continuing to increase in prevalence every year, he remains as strong a voice on the subject as ever.

At the end of 2016, Stallman gave a talk at Web Summit where he outlined the case against software surveillance in the modern world. Addressing a crowd heaving with programmers and yet exceptionally short on journalists – I was the only one – he was his eccentric self, standing with only socks on his feet, dramatically overrunning his timeslot and concluding with the auction of a soft toy wildebeest – known also as a gnu – before vanishing into the night with an army of software disciples following in his wake.

Many too easily dismiss Stallman as an irrelevant oddity, but to do so would be to ignore the very serious and compelling points he raises. For while the rest of us accept the growing lack of privacy afforded to us, Stallman sheds light on how utterly strange and wrong we would have found it even a short while ago.

“Privacy is extremely important. When a great hero, Edward Snowden, informed us of how much the government was snooping on our web browsing, the rate of access to certain Wikipedia pages fell by 20%. Pages like Al Qaeda, bombs,” he says. “These people, they were not terrorists but they were afraid that the government would treat them as terrorists if they were seen looking up certain topics in the encyclopaedia. So people are intimidated by the knowledge that they're being watched all the time.”

So often we think of a loss of privacy as unimportant, but Stallman argues it is quite the opposite, striking at the very roots of the democratic world in which we exist.

“It threatens democracy more directly. Democracy means that people control what the state does, but first we have to know what the state does; the state tends to hide its actions, and the only way we find out is through whistleblowers,” he explains. “But the government doesn't want people to find out about its nasty, perhaps criminal behaviours, so the government declares the whistleblower to be a spy and a traitor, and tries to put the hero in prison.

“If the government can identify the whistleblower, it’s too dangerous for the whistleblower. If we want to find out what the state is doing so that we the people can have control over it, we need to make whistleblowers safe. But if the government can tell who goes where and who talks to who, there's no way for the journalist's source, the whistleblower, to talk with the journalist and have the government not know.

“So we must reduce the level of data collection of our people down to point where the state can't tell who's talking with journalists. Any system of data collection that enables the state to find out who talked with that journalist is a deadline threat to democracy. And no matter what supposed secondary service this data collection serves, we can't, we don't dare, permit it to continue.”

Proprietary software: the driver of unprecedented surveillance

For Stallman, the reason for this data collection is that the market has been dominated by proprietary software, which prevents users from seeing, or making changes to, the code under the hood.

“The reason that we are subject now to more surveillance than there was in the Soviet Union is that digital technology made it possible,” he says. “And the first disaster of digital technology was proprietary software that people would install and run on their own computers, and they wouldn't know what it was doing.

“They can't tell what it's doing. And that is the first injustice that I began fighting in 1983: proprietary software, software that is not free, that the users don't control.”

Here, Stallman is keen to stress, he doesn’t mean free in the sense of not costing money – plenty of free software is paid for – but free in the sense of freedom to control. Software, after all, instructs your computer to perform actions, and when another company has written and locked down that software, you can’t know exactly what it is doing.

“You might think your computer is obeying you, when really its obeying the real master first, and it only obeys you when the real master says its ok. With every program there are two possibilities: either the user controls the program or the program controls the users,” he says.

“It's free software if users control it. And that's why it respects their freedom. Otherwise it's a non-free, proprietary, user subjugating program.”

The reason that we are subject now to more surveillance than there was in the Soviet Union is that digital technology made it possible

According to Stallman, for software to qualify as free it must provide what he describes as “four essential freedoms”.

“Freedom zero is to run the program however you wish, for whatever purpose you have. Freedom one is the freedom to study and change the source code,” he explains.

Source code is particularly important, because when proprietary software is downloaded by a user, it comes as executable code, such as an exe file on Windows.

“Source code, that's like a mixture of English and math; if you've learned that programming language you can read it and understand it, and then you can change it,” he explains. “But to run it we convert it into executable code, which is very hard for anybody to understand. That's called reverse-engineering. So practically speaking, in order for users to study and change the program, they've got to have the source code.”

These two freedoms allows users to individually control their own copies of software, and tailor it to their needs, however they aren’t much use for those of us who can’t program. Which is where freedoms two and three come in, as they are designed to provide collective control, or “the freedom to work in a group to exercise control over what the program does”.

“Collective control is the way that non-programmers can participate deciding what the program can do,” he explains. “It requires two more freedoms: freedom two is to make exact unmodified copies and give or sell them to others when you wish. And freedom three is to make copies of your modified versions and give or sell them to others when you wish.

“So when the program carries these four freedoms, the users control it, it respects their freedom, that's free software. But if one of these freedoms is missing or incomplete, then the program controls the users and the proprietor controls the program.”

Without these freedoms, he argues, software becomes a tool of oppression.

“Non-free software is an injustice; non-free software should not exist; non-free software oppresses its users and therefore I won't use it,” says Stallman. “I don't have any. I go out of my way to ensure nobody does that to me, and also, because of my conscience, refuse to help to do that to other people.”

Spying on the user: Swindle, Shitbit and the Internet of Stings

Much of the proprietary software we use today, Stallman argues, contains malware. But not malware of the type your IT department is tasked to prevent, but code designed to harm the user’s privacy.

“Because the proprietors know they have control over users, they're attempting to mistreat users with that power,” he says. “They put in malicious functionalities. This is why the widely used proprietary programs are typically malware. And among other things, they often spy on their users.”

Here he’s taking a swipe at the major players: the makers of devices used by millions of us around the world.

“This is an example: this is Amazon's e-book reader, the Amazon Swindle. It transmits, from time-to-time, the name of the book being read and the page number to Amazon servers. If the user enters any notes, they're sent to Amazon too. Total Orwellian surveillance of the user,” he says. “I refuse to be oppressed this way: take that Swindle and step on it.”

But Amazon isn’t the only one collecting such intimate data.

“Lots of proprietary programs spy. Windows spies, Mac OS spies, iOS spies, Flash player spies. Thousands of apps spy on the user,” he says.

The proliferation of personal fitness trackers has, according to Stallman, amplified this.

Lots of proprietary programs spy. Windows spies, Mac OS spies, iOS spies, Flash player spies. Thousands of apps spy on the user

“The Shitbit: the device that keeps track of how you walk and sends the data to the company and then says 'would you like to buy this data back from me, data that's from you yourself? And who else can I sell it to?'” he says.

“The point is, that's an advanced form of spying. Whenever there's an app or a product that's tied to a particular server, that's something automatically that's going to shaft you.”

As the internet of things takes off, this looks set to greatly increase this type of data collection.

“The internet of things - well I call it the internet of stings - it's a way that those companies can get power over more things in your life, snoop on more things in your life and have total power,” he says. “And they start by saying its optional, and then your insurance company says 'if you use it we'll give you a discount', and slowly that morphs into 'if you don't use it we're going to charge you extra' and almost everybody feels compelled to say yes.

“And if we apply that kind of standard to consent to sex, it would be basically defining that there's always consent, isn't there? Which shows it’s the wrong standard to apply, and it's wrong here too.

“When people are systematically pressured into saying yes, they're not really saying yes.”

Software backdoors: Stalin’s dream?

One area is particularly concerned about is backdoors within software, that allow companies to remotely make changes to code or assets on people’s machines, and which, Stallman argues, allows them to “remotely attack the user”.

“The Amazon Swindle has a backdoor for erasing books. We saw this in 2009: Amazon remotely erased thousands of books, thousands of copies of the same book: it was 1984 by George Orwell,” he said. “So of course this stimulated a lot of criticism, so Amazon said it would never do this again, unless ordered to by the state. Right.

“Even if Amazon had meant that seriously, it would not be an adequate response. But Amazon didn't mean it seriously: it was just supposed to sound like a promise, supposed to take away momentum from the critics because a few years later Amazon went back to openly erasing books by force without even an order from the state.”

Then there’s Microsoft’s controversial update process, which is achieved through a universal backdoor in its operating system.

“Windows has had a universal backdoor since Windows XP: a universal backdoor means they can forcibly change the software at a distance,” he says. “It's a universal backdoor in the same sense that computers are a universal computing engine and can be programmed to do absolutely any nasty thing to the user.”

However, one of the biggest areas for concern for Stallman is smartphones, a device type that he refuses to own.

I call this Stalin's dream: this is what Stalin would have yearned for

“Portable phones, every portable phone has a universal backdoor,” he says. “So what is a mobile phone? It tracks a person's movements all the time, it has to do that in order to function, but the effect is that the phone company finds always where it is, and can localise it very precisely by triangulating with local towers.

“And with the backdoor they can convert it into a full-time listening device that can hear all the conversation in the room, even when it's not making any call, even when it’s supposed to be switched off.”

For Stallman, this is reality that the architects of the Soviet Union would have loved.

“I call this Stalin's dream: this is what Stalin would have yearned for,” he said. “But the point is: Stalin couldn't do that: it was too far-fetched even for him to dream of. But this is what's happening today.”

This might sound concerning, but there’s more: this is just what we know about. As all of this software is delivered as an executable, there is a considerable amount of software that little is known about, as researchers have been unable to discern exactly what it’s doing.

“Those programs are malware. But there are a lot of other proprietary programs that may or may not be malware, we don't know. We're unable to find out,” says Stallman.

“This is a situation that's a recipe for corruption, so of course power corrupts. The developers of proprietary software face this temptation, and a lot of them are corrupt, and the rest we don't know about.”
http://magazine.factor-tech.com/fact...ate_of_privacy





Study of 500,000 Teens Suggests Association Between Excessive Screen Time and Depression

It's a bleak finding, but other research suggests adolescent hyper-connectedness isn't all bad.
Samantha Cole

It’s a cultural stereotype as old as the landline: teenagers love their phones.

But for North American teen girls, especially, increasing smartphone use could have a darker side. Depression and suicide rates in teenagers have jumped in the last decade—doubling between 2007 and 2015 for girls—and the trend suspiciously coincides with when smartphones became their constant companions. A recent study places their screen time around nine hours per day.

Another study, published on Tuesday, suggests that suicide and depression could be connected to the rise of smartphones, and increased screen time. Around 58 percent more girls reported depression symptoms in 2015 than in 2009, and suicide rates rose 65 percent. Smack in the middle of that window of time, smartphones gained market saturation. “Even if we call screen time a neutral and assume it doesn't help or hurt, it may still have a negative impact if it crowds out time for seeing friends in person,” lead researcher Jean Twenge, psychology professor at San Diego State University, told me in an email. “The large and sudden increase in teen mental health deserves attention, no matter what its cause.”

Still, other research suggests that using new media to communicate and connect doesn’t hurt teenagers, and can maybe, in some cases, be good for them. Are screens, and especially smartphones, really killing teenagers?

In Twenge’s new study, published in the journal Clinical Psychological Science, the researchers looked at two samples: a nationally representative survey by ongoing study “Monitoring the Future” out of the University of Michigan, which is administered annually to 8th, 10th, and 12th graders, and the Centers for Disease Control’s Youth Risk Behavior Surveillance System, a sample of high school students administered by the CDC every other year. (Both surveys began in 1991.) Altogether, over 500,000 young people were included.

The study authors examined trends in how teens used social media, the internet, electronic devices (including gaming systems and tablets), and smartphones, as well as how much time they spent doing non-screen activities like homework, playing sports, or socializing.

Comparing these to publicly available data on mental health and suicide for these ages between 2010 and 2017 showed “a clear pattern linking screen activities with higher levels of depressive symptoms/suicide-related outcomes and non-screen activities with lower levels,” the researchers wrote in the study. All activities involving screens were associated with higher levels of depression or suicide and suicidal thinking, and activities done away from a screen were not.

As for why young women are especially impacted, Twenge said that it’s possible social media is to blame: girls spend more time on social media, and boys spend more on gaming. Social media may be more detrimental to mental health than gaming, she said.

In general, the research around screen time and its impact on mental health is scant and often conflicting, with other research suggesting that, in some ways, it can be beneficial. Some studies claim certain video games can be therapeutic. Online communities can keep teenagers connected to the world and to peer groups that share their interests or identities—thus avoiding the isolation and loneliness that’s often a precursor to suicidal thoughts. It’s hard at times to sus out what findings are fact, and what are a result of older adults confirming their own biases about a medium they didn’t grow up with, aren’t a part of now, and don’t fully understand.

Twenge’s work has drawn criticism from psychology peers in the past—particularly after her article “Have Smartphones Destroyed a Generation?” appeared in the September 2017 issue of The Atlantic. Psychologist and author Sarah Rose Cavanagh published her rebuttal on Medium, claiming that Twenge’s data is “cherry-picked” to reinforce preexisting biases, and that she falls into the old “correlation versus causation trap” in the conclusions she draws.

Psychologist Andrew Przybylski told NPR that teenagers today might just be more willing to admit when they’re worried or sad, or better equipped to recognize symptoms of depression within themselves.

I asked Twenge what she makes of these criticisms—that her conclusions are alarmist, or over-hyped by the media. “I've seen a few people argue that ‘the kids are just fine,’” she said, “but with 65 percent more teen girls committing suicide in just a five-year period, I can't see how anyone can make that argument, or say that it's ‘overhyped.’” Documenting this increase in reported mental health issues is important, she continued, in order to understand the scope of the problem and help teenagers who might need it.

Lisa Pont, therapist and educator with the Centre for Addiction and Mental Health in Toronto, told me that girls are more likely to use, and have unhealthy relationships with, social media. And much of mental health and internet use comes down to isolation. “It is not uncommon for people who are depressed to socially isolate,” Pont said. “Once isolated, people may be inclined to go online to distract from painful emotions, reduce boredom or meet needs for some kind of social connection.” It becomes a vicious cycle. Depression makes them turn to screens more, in this view, and more screen time may make the depression worse.

Twenge is not advocating for pulling the plug on connected teens altogether. One thing experts can agree on is that there is a limit to how much time spent staring at screens starts to affect mood. Two hours seems to be the cut-off, Twenge said. More than that, and negative effects creep in.
https://motherboard.vice.com/en_us/a...and-depression





CompuServe’s Forums, which Still Exist, are Finally Shutting Down
Harry McCracken

Before there was a World Wide Web, a sizable chunk of all meaningful conversation between computer users happened in the forums at CompuServe, which was the dominant online service until AOL came along. There was a CompuServe forum for everything from PC hardware to comic books, the signal-to-noise ratio was generally high, and if you had a question chances were that a fellow member would answer it–just to be helpful.

CompuServe was acquired by AOL in 1998, and was never the same thereafter. AOL itself is now part of Oath, which is part of Verizon. And time is finally running out for the forums, which have stuck around in diminished form even as the rest of CompuServe has dwindled away. They’ll be removed from what remains of CompuServe on December 15, a fact I learned from my Facebook friend Howard Sobel, the cofounder of WUGNET, which has managed tech forums for CompuServe for decades.

The glory days of CompuServe are long gone. So, as far as I know, are the forum threads I participated in from the late 1980s through the mid-1990s. But for those of us who still remember the IDs the once-mighty service assigned us–hi, I’m 74352,1314–knowing that the forums are going away is like hearing about the death of an old friend. May the squeal of a 2,400-bps dial-up modem give way to a moment of silence in their honor.
https://www.fastcompany.com/40495831...-shutting-down

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

November 11th, November 4th, October 28th, October 21st

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
__________________
Thanks For Sharing
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - November 24th, '12 JackSpratts Peer to Peer 0 21-11-12 09:20 AM
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 08:21 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)