|
|
|||||||
| Peer to Peer The 3rd millenium technology! |
 |
|
|
Thread Tools | Search this Thread | Display Modes |
27-04-11, 05:45 AM
|
#1 | |||||||
Join Date: May 2001
Location: New England
Posts: 10,017
|
Peer-To-Peer News - The Week In Review - April 30th, '11
Since 2002
  "Last week’s decision serves as a warning to others that purchasing a copyright solely to profit from litigation against bloggers and websites is not a good business decision." – Kurt Opsahl April 30th, 2011  Court: Republishing Entire Newspaper Story is Fair Use Eric Goldman The defendants run a website on immigration issues. They posted to their website 100% of a 33 paragraph Las Vegas Review-Journal story on Las Vegas police targeting minorities. The post attributed the story to the Las Vegas Review-Journal. Righthaven then acquired the copyright to the story and, following its standard tactics, sued the defendants for copyright infringement without sending a takedown notice. The defendants asserted a fair use defense, and the court granted it on summary judgment. Its four factor analysis: • the defendants' use was transformative because Righthaven is a litigation-driven business, the republication was to educate the defendants' audience, and it had no substitutive effects. The use was also non-commercial because the defendant organization is a non-profit with an educational focus. The fact that its website solicited donations was immaterial. • the article was an "informational work" which put it closer to fact than fiction. • even though the defendants took 100% of the work, doing so was reasonable because the article wasn't easily distilled or edited. • because the use was transformational and non-commercial, the burden was on the plaintiff to show market harm. It failed (1) because Righthaven didn't allege there was a market for the article itself, and (2) "because Righthaven cannot claim the LVRJ’s market as its own and is not operating as a traditional newspaper, Righthaven has failed to show that there has been any harm to the value of the copyright." Normally, we'd have to wait to evaluate the impact of this ruling until we see how it fares on appeal. However, I believe Righthaven will not be around long enough to see the appellate decision. I have consistently said that Righthaven's business model isn't sustainable, and the combination of their avoidable litigation errors (e.g., their 24 hour lawsuit against Eriq Gardner) plus their heavy staff turnover will hasten their demise. At this point, I assume it will only take one or two 17 USC 505 fee-shifts to the defendant to make Righthaven's economic model irreparably untenable. At this rate, I think 505 fee-shifts are inevitable for Righthaven. Unless and until this ruling is reversed on appeal, its reasoning will accelerate Righthaven's losses in court. After Righthaven's loss in the Realty One case, which said the republication of an article excerpt was fair use, Righthaven said it was focusing on bringing cases only involving 100% republications. Now that this opinion indicates that even 100% republications can be fair use (an argument I proponed in my debate with Steve Gibson last September in the BC Edge call), all of Righthaven's lawsuits over 100% article republications by non-profit defendants (and perhaps others) are at risk. Righthaven could still find more litigation success suing over 100% republications of photos instead of articles. However, Righthaven has gone out of its way to annoy the judge hearing ALL of those cases. As a result, I think those cases are in serious jeopardy too. With its losses in the Realty One and CIO cases and the possibility of losing the photo cases, I think at this point Righthaven has nowhere to go...except into the dust.... There has been some chatter that before Righthaven flames out financially, it will create a body of caselaw that is ultimately disadvantageous to newspapers and content owners generally. Indeed, with Righthaven's help, we are beginning to build out a body of blog-related copyright law, and I expect both the Realty One and CIO opinions to be frequent citations in future online copyright cases. We may ultimately owe a debt of gratitude to Righthaven and its newspaper participants--and the defendants who are bearing the cost and risk of standing up to Righthaven--for this public good. http://blog.ericgoldman.org/archives...lishing_en.htm  Righthaven Copyright Troll Loses Domain Cory Doctorow Righthaven is the copyright trolling outfit created by the Las Vegas Review Journal to blackmail alleged newspaper copyright infringers with baseless threats of domain seizure and huge cash judgements. When they created righthaven.com as a home for information related to their indiscriminate bulk-litigation campaign, they neglected to supply the registration information required of them, and it appears that they declined to provide the info when requested to do so by their registrar, GoDaddy. So GoDaddy's taken away their domain: Quote:
Lessig: Copyright Isn't Just Hurting Creativity: It's Killing Science (Video) Alex_Pasternack Copyleft crusader and Harvard professor Larry Lessig gave a new talk at CERN last week about copyright and how it has affected open access to academic or scientific information, with a bit of commentary about YouTube Copyright School. As usual, it’s blistering commentary. “It’s time to recognize that free access – as in ‘free’ as in speech access – is no fad, and it’s time to push this non-fad war broadly in the context of science,” says Lessig. Whereas copyright tends to focus on protecting artists’ ability to make money from their work, scientists don’t use similar incentives. And yet, her work is often kept within the gates of the ivory tower, reserved for those whose universities or institutions have purchased access, often at high costs. And for science in the age of the internet, which wants ideas to spread as widely as possible to encourage more creativity and development, this isn’t just bad: it’s immoral. http://motherboard.tv/2011/4/25/less...ience-video--2 89% Oppose 'Guilty Until Proven Innocent' File Sharing Law A HorizonPoll of 1922 people nationwide has found 89% opposed having to prove innocence if accused of breaching copyright while sharing files, and thought authorities should have to prove a person has illegally transferred files before disconnection from the internet occurs. Disconnection can only occur under a cabinet-level order but a maximum fine of $15,000 is also possible. The poll, conducted between April 15 and 22, showed 37.1% support the law to stop copyright breaches through file sharing while 38.3% oppose it. 32.2% support the power to disconnect a user, with 45% opposing and 19.3% neutral. 3.2% did not know. In response to a question of whether authorities should have to prove a person has illegally transferred files before they are disconnected, 89.4% said disconnection should occur only after the offence was proven, and only 1.6% supported disconnection without proof. The survey also showed that 18.3% said they had downloaded files that could have been covered by copyright but did not pay for them, 54.5% said they had not and and 27.3% said they did not know. Of the 18.3%, 17.9% said they would download less, while 68.4% said the law would not make a difference, or there were ways around such controls. The survey is weighted by age, gender, ethnicity, employment status, region and party vote 2008. http://www.nbr.co.nz/article/89-oppo...g-law-aw-91574 Superstar Spinner Tiësto Happy to Share Dance scene owes much to illegal downloads, but shift sees emphasis on live venues Mike Devlin Illegal downloading hasn't affected dance music in nearly the same way it has other genres. If anything, it has helped. According to Tijs Michiel Verwest, who is known as Tiësto to millions of electronic dance music devotees, file sharing via peer-topeer sources has had a big effect on dance music, reaching unprecedented heights in recent years. "The whole reason why dance music has been blowing up is because of sharing online," he said from a recent tour stop in Charlotte, N.C. "Back in the days when you had vinyl, even if you really wanted a track, you couldn't buy it if it was sold out. "I think it's better. It's not about the money any more, and the control is gone. It's like the Wild West out there. Ten years ago, the radio and the [record] labels dictated what we had to listen to. Now, you can just go online for a day and find all kinds of stuff." Dance artists still produce recordings, though not all of them are completely concerned with profiting from their recorded work. That's because revenue can be recouped any number of ways, the biggest and best being live performances. Tiësto has seen first-hand the shift toward a live concert experience. Last month he headlined Miami's Ultra Music Festival, a three-day event that drew more than 100,000 dance music fans to performances by Moby, The Chemical Brothers, David Guetta, Duran Duran, Deadmau5 and Erasure. To see such a gathering during what is being touted as a down economy hammered home the point for Tiësto: Dance music is here to stay. "It is more than a comeback - it is really blowing up now," he said of the pendulum shift. The bigger the music, the bigger the stars. Which means, in terms of cultural cachet, few DJs working today can compete with Tiësto. He was named one of Billboard magazine's top-grossing touring acts of 2010, thanks to a world tour that saw him play on six continents and in front of more than a million people. He was also recently voted the Greatest DJ of All Time by British dance music magazine Mixmag. "I was really happy with that," Tiësto, 42, said of the honour. Tiësto was born in Breda, a small town in the Netherlands that was also the birthplace of Elvis Presley's famous manager, Col. Tom Parker (born Andreas Cornelis van Kuijk). Today, Tiësto keeps a permanent residence in Sweden. Not that it really matters. Most of the time, Tiësto is barely home long enough to unpack his travel bags. "I had a funny conversation with my agent about that yesterday," he said. "I was talking about a year tour, 365 days and 365 gigs. We were laughing about it, because I actually could play every night of the week somewhere in the world." Unlike a lot of DJs, who prefer to stay sequestered in their studios, Tiësto has cultivated a reputation for big budget, high concept concerts. Having performed at the opening ceremony of the 2004 Athens Olympics, among other high-profile events, he is perhaps the one DJ who consistently qualifies as an arena act. When he tours, Tiësto prefers not to travel with an entourage. His surprisingly small posse normally tops out at four people, the key elements of his crew being his tour manager, a sound man and someone to do his lights-and-visuals setup. Because it is a small crew, his team is required to work especially hard, Tiësto said. "They prepare the shows months in advance. I think for every show, the guys do 200 or 300 emails to take care of everything." The music side is Tiësto's specialty. Live concerts require more from him than most imagine because if the mood is right, he can easily top three hours. To be in that kind of shape, he puts a premium on exercise and watches his diet -no matter where in the world he finds himself. He will be on the road in Canada until early May for a tour in support of his most recent mix, Club Life: Volume 1 -Las Vegas, Tiësto's tip of the hat to his residency at the Hard Rock Hotel and Casino in Las Vegas. AT A GLANCE Tiësto When: Saturday, 8 p.m. Where: Pacific Coliseum Sold out http://www.vancouversun.com/entertai...761/story.html Wikileaks: Police Arrested Movie Pirate As “A Personal Favor” To Movie Official enigmax Geremi Adam, the movie cammer for the Scene release group ‘maVen’, will go down in history as a grand master of his art. Despite difficulties in pinning a crime on him, eventually Adam was arrested. According to a cable released by Wikileaks, that arrest was carried out as “a personal favor” to a movie industry official, setting off a tragic chain of events which would ultimately lead to Adams’ death. Between 2004 and mid 2006, the Scene group ‘maVen’ released some of the best ‘Telesync‘ versions of pirated movies onto the internet including Bourne Supremacy, Collateral, Spongebob Squarepants, Mission Impossible 3 and Superman Returns. Then, at the end of July 2006, ‘maVen’ releases suddenly stopped. It transpired that the FBI, at the behest of the MPAA, had been investigating ‘maVen’ and had labeled him the ‘world leader’ in movie piracy. They handed their file to the Royal Canadian Mounted Police (RCMP) in April 2006. By September, Geremi Adam was under arrest after ‘camming’ the movies How to Eat Fried Worms and Invincible. At the time, camming a movie in Canada wasn’t an offense so unsurprisingly, Adam was released. Someone clearly wanted maVen out of action and Adam punished. One month later Adam was arrested again. The arrest triggered a chain of events which would lead to Adam, who had a history of depression, enduring a 14 month wait for any charges to be brought. He went on the run, was detained and eventually sentenced to jail. Adam began using drugs in jail to cope with his imprisonment and shortly after his release he tragically died of an overdose. So who was pulling the strings behind the scenes to ensure that so many resources were spent on chasing Adam who, with his camming, wasn’t even committing a crime? Thanks to a US diplomatic cable dated 12th December 2006 and released by Wikileaks this week, we now have the answer. The cable begins by revealing that having previously reported in March 2006 that 40 to 50% of all pirate movies around the world could be linked to camming in Montreal, by the third quarter of that year the Canadian Motion Picture Distributors Association’s (CMPDA) had revised that figure down to 18%. The cable reported that the Royal Canadian Mounted Police (RCMP) considered camming to be a low priority issue and doubted the reports of how much damage it was doing to Canadian industry. As a result they preferred to focus their IP-related resources on dealing with serious issues such as counterfeit pharmaceuticals. The RCMP had encouraged the CMPDA to finance their own civil action to enforce their rights. Although not detailed by name, it is clear that when the cable reported that the individual behind most of Montreal’s camming had been arrested twice, there could be little doubt it was referring to Geremi Adam. The RCMP, at this stage, had been clear – Adam would not receive jail time. The cable goes on to bemoan the lack of effective legislation to deal with camming and at one stage even refers to it as a “high-tech pastime”. It describes how Adam operated, suggesting a “drag and drop” operation which allowed “films such as The Chronicles of Narnia [to] be shown in a Montreal theater and later sold in DVD form on big city streets within a matter of hours.” According to the cable, proving distribution was the key to a successful prosecution. In end, the fact that Adam’s cammed copies appeared online was enough to land him in jail. His initial arrest, however, was prompted by less official means. “With regard to the arrest of the individual who had been pursued by the CMPDA, RCMP officers stated that they arrested the individual ‘as a personal favor’ to a CMPDA official, and that they did not view theater camcording as a major issue’,” reads the US diplomatic cable. “The officers said that IPR holders could pursue legal action against suspects engaged in camcording via the civil code without needing to engage the RCMP. They acknowledged, however, that a conviction under the civil code would not result in prison time, and would usually involve a relatively small fine,” it continues. The cable reveals that the RCMP carried out this “favor” despite believing that Adam was “a small player” who was not receiving “lucrative financial rewards for his work.” “One RCMP officer expressed concern that the RCMP not be seen as ‘the enforcement arm of industry’, noting that the ‘industry comes to [the RCMP] more and more’ with requests for action,” the cable concludes. The full cable can be read here. http://torrentfreak.com/wikileaks-po...ficial-110430/ Wikileaks Cable Confirms Public Pressure Forced Delay of Canadian Copyright Bill in 2008 Michael Geist A new Wikileaks cable confirms that the Conservative government delayed introducing copyright legislation in early 2008 due to public opposition. The delay - which followed the decision in December 2007 to hold off introducing a bill after it was placed on the order paper (and the Fair Copyright for Canada Facebook group took off) - lasted until June 2008. The U.S. cable notes confirmation came directly from then-Industry Minister Jim Prentice, who told U.S. Ambassador David Wilkins that cabinet colleagues and Conservative MPs were worried about the electoral implications of copyright reform: Quote:
Quote:
http://www.michaelgeist.ca/content/view/5763/125/ Day of Action Against File Sharing Legislation Planned May 1 protests against Copyright (Infringing File Sharing) Act include march on Parliament Stephen Bell May 1 has been designated “Three Strikes Day” – a day for nationwide protest against amendments to the Copyright Act put in place by the passage of the Copyright (Infringing File Sharing) Amendment Bill. The amendments, passed under urgency on April 14, are designed to discourage illegal online sharing of copyright material. Though the ultimate penalty, suspension of a repeat offender’s internet account for six months, has been held in abeyance, protesters fear the spectre of such a punishment will deter wireless providers from setting up free public wi-fi networks, in case they are closed down after an offence by one of their casual users. The “Three Strikes” appellation refers to the three stages of the new sanctions put in place by the legislation; in theory this means three acts of downloading at different times could be enough to brand someone a repeat infringer and summon them before the Copyright Tribunal. The chief sore point, however, seems to be the way the legislation was passed – in an urgent session whose main purpose was to put in place legislation to deal with recovery from the Christchurch earthquake. “Not only is the urgency process being abused, but our government is also exploiting the people of Christchurch by using their unfortunate situation to pass underhanded legislation,” Pirate Party of New Zealand secretary Noel Zeng says in a statement on the fledgling party's website. The Wellington arm of the planned protest, involving a march on Parliament, has attracted over 400 committed attendees , through a Facebook page entitled: “Mayday, mayday, we are sinking under idiots in power”. Already, however, the message is becoming blurred into a general plank of ensuring government accountability. The lead message on the Wellington Facebook site, under the names of Christopher Mark Wingate, Lindsay Breach and Hayden Bagshaw, alludes to New Zealand’s indebtedness and the sale of state assets as well as the Copyright Act. One of the protest pages quotes Vikram Kumar, CEO of InternetNZ: “We should have had debate and broad agreement about the role of copyright in an Internet age before legislating what the penalties for infringing should be.” Kumar himself has pointed to that citation and the Wellington Facebook page from his Twitter stream. http://computerworld.co.nz/news.nsf/...lation-planned Parliament Website Outages Following Anonymous Threat Over File-Sharing Bill Alex Walls The parliament website experienced intermittent outages today, in the wake of a threatened attack by hacker collective Anonymous. Anonymous said New Zealand had "crossed the line" when it passed the Copyright (Infringing File Sharing) Amendment Bill and that a quick example would be made of the government, in a press release on their website recently. A user in the Operation Black Out IRC (chat channel) said over Easter that while there were no solid plans as of then, the government servers were "extremely weak" and could be taken down by a person in "two minutes. The government might like to work on that," The same user claimed to have hacked a minister's website and sent a message to all the MPs who voted for the bill, expressing contrition for voting for the bill, and outlining its failures, although this has as yet not been confirmed. And today an email was sent at 9am by parliamentary service general manager Geoff Thorn to MPs that said the parliamentary website was experiencing intermittent outages due to excessive load, a problem often caused by distributed denial of service (DDoS) attacks favoured by Anonymous. "It is possible that this traffic is related to a public threat to bring down the Parliamentary website," Mr Thorn said in the email. Green MP Gareth Hughes, who has been lauded on the internet for opposing the bill, said today that while he supported non-violent direct action, attacking the parliamentary website was not the way for anyone to go. "I think the parliamentary website is part of the democratic process of New Zealand, it's essential that people get access to it." Mr Hughes said while the group was rightly concerned about the bill, the appropriate ways to protest were to join the campaign of blacking out avatars on social media sites, joining the protests organised in May and getting in touch with the government. He said the bill had been improved from Labour's first draft, but that there were still issues, such as "grave concerns" about the presumption of guilt and the internet account suspension penalty. "It's disproportionate, it doesn't work and I believe accessing the internet is a modern human right." Mr Hughes said the government needed to clearly state how they would interpret the fines schedule, and when and how they would decide to bring in the account suspension. Reports on various sites, including the Facebook page for the Black Out (Opposing the bill) campaign, are confused - a counter has been linked stating it has been over a day (NY time) since Anonymous was due to attack New Zealand while other posts state that attacks were planned for today at 3pm. And on Wednesday, the Twitter user YourAnonNews announced that Anonymous itself was under attack at its anonops.net site. A post on the Anonymous facebook page stated the group's anonops.tk website was undergoing maintenance. Anonymous was accused of the hack which stole millions of users' personal information from the Sony PlaystationNetwork but the group has denied responsibility. http://www.nbr.co.nz/article/parliam...-bill-aw-91812 Submissions Open On Copyright Act Regulations The Government has issued a discussion document about the new law to punish internet pirates. The Copyright (Infringing File Sharing) Amendment Act became law last week. It puts in place the three-notice regime to deter illegal file sharing which will come into force on September 1. Parts of the process are still to be decided, and the discussion document covers: • Requirements for information that copyright owners send to internet service providers (ISPs) under the new notice regime; • Form and content of the notices; • The fee an ISP may charge a copyright owner for performing its functions under the Act; and • The method by which the Copyright Tribunal will calculate awards for copyright infringement. Under the Act, internet users who ignore three warning notices can be taken to the tribunal which can award damages against them. There is an ultimate sanction of disconnection, but that will only come into force if the Government considers it is necessary after assessing the effectiveness of the warning system. Commerce Minister Simon Power said today there had been a thorough and constructive process on the regime from beginning to end. "The process for public input into the legislation has been comprehensive, and it's now important that interested parties provide input into the formation of regulations so we can ensure the Act is implemented effectively," he said. Submissions close on May 27. http://www.nzherald.co.nz/business/n...ectid=10722342 Leahy Stands by Piracy Bill, Says First Amendment Doesn't Protect Thieves Gautham Nagesh Senate Judiciary Chairman Patrick Leahy (D-Vt.) on Monday promised he will soon unveil a new version of his controversial bill to combat online piracy. Leahy's Combating Online Infringement and Counterfeits Act (COICA) passed in a committee vote last year despite a small but vocal opposition concerned the bill would allow the Justice Department to infringe on freedom of speech. Leahy promised to introduce a new version of the bill soon that would take into account First Amendment concerns, but was adamant copyright violators are not protected by the Constitution. "There's no First Amendment right that protects thieves. It protects speech," Leahy said when questioned about free speech concerns with the bill. The Obama administration has stepped up enforcement actions against sites that link to or provide pirated and counterfeit content in recent months, mostly through domain seizures carried out by Immigrations and Customs Enforcement. Critics have argued DHS does not allow owners adequate recourse before their sites are seized. Leahy said his staff is working with DOJ to ensure there is adequate judicial review in the bill for sites taken down by mistake to challenge the action. Standing at Leahy's side during Monday's press conference was House Judiciary Chairman Lamar Smith (R-Texas); the two have worked closely on patent reform and are translating that cooperation into the online piracy arena. Others showing their support included representatives from Major League Baseball, the U.S. Chamber of Commerce and organized labor. Trade groups representing content-based industries such as film, music, and software are also backing Leahy's efforts. "For these skilled professionals, online infringement is wage theft," said Paul Almeida, president of the department for professional employees at the AFL-CIO. The coalition of nine unions in content-related industries is among the strongest supporters of Leahy's bill. Leahy flatly rejected the notion that copyright holders should charge less for films or music to reduce the incentive for illegal downloads. Copyright holders "shouldn't have to compete with criminals," Leahy said, comparing illegal download sites with fences that sell stolen goods on the corner. Almeida noted the bicameral and bipartisan support for legislation and said the combination of business and labor support is unusual enough that there isn't a name for it currently. Intellectual Property Subcommittee Chairman Bob Goodlatte (R-Va.) echoed the White House's call for more aggressive laws that give law enforcement agencies more authority to go after copyright violators. http://thehill.com/blogs/hillicon-va...rotect-thieves China to Punish Baidu for Illegal Music Downloads Melanie Lee China's ministry of culture is to punish search engine company Baidu for providing illegal music downloads, a move that may hit its soaring share price. Xinhua, China's official news agency, reported on Monday the government will punish 14 websites that have provided illegal music downloads, including Baidu, China's top search engine. Xinhua reported that an official said the websites continued to provide illegal downloads after repeated warnings not to do so. Details about the punishment were not released. Baidu spokesman Kaiser Kuo said it would act quickly to remove links to files identified by the ministry. "We are aware that songs require approval and have sought to comply with previous notifications from the ministry of culture. But search engine indexing is a continuous process and some files may have reappeared in results," Kuo said. While Xinhua did not say why the songs were illegal, Baidu said it stemmed from a warning issued over a year ago to providers of online music, identifying songs deemed unacceptable. The links to those songs had been removed but new links began to show up because the songs had been uploaded by other users on searchable sites that were found by Baidu, it said. "This will have an impact on their stock price. I think investors in the United States will react on this," said Fiona Zhou, an analyst with consulting firm Pacific Epoch. Baidu shares have risen 54 percent this year, outpacing the 6.3 percent rise in the Nasdaq. Over the past few months, Baidu has been involved in a dispute over its Baidu Library product with a group of authors who said Baidu reproduced their works without permission. Baidu apologized to the authors and took down the infringing material. On April 6, the company said it would launch a licensed music search service in May. Earlier, Baidu reached an agreement with the Music Copyright Society of China (MCSC) to pay fees to the MCSC for every song downloaded using Baidu Ting. The licensed music service would be supported by advertising. Baidu's Mp3 music search has been criticized by the United States as being a "notorious market" for piracy over its ability to provide "deep linking" that steers users to allegedly infringing material hosted on third-party websites. (Reporting by Melanie Lee; Editing by Jacqueline Wong and Dan Lalor) http://www.reuters.com/article/2011/...73O1G420110425 Dropbox Snuffs Open Code that Bypassed File-Sharing Controls 'Torrent successor' Dropship drop-kicked Cade Metz Dropbox – the San Francisco startup that offers a free service for sharing files over the net – has suppressed a fledgling open source project that lets anyone use the service outside of its control, saying the project exposed Dropbox's proprietary protocol and could be used for piracy. The open source project is called Dropship, and it provides a means of sharing files via Dropbox using only their hashes. It saves hashes of a file in JSON format, and anyone can then use the hashes to load the file into their Dropbox account. This could be used to share, yes, copyrighted content, which is officially barred by the company. "Dropship is a tool that attempts to access the Dropbox servers in an unauthorized manner," a Dropbox spokesman tells The Register. Dropship caught Dropbox's attention when it was discussed on the popular developer news site Hacker News under the heading: "Dropship – successor to torrents?" Dropbox’s CTO and cofounder Arash Ferdowsi promptly contacted Dropship developer Wladimir van der Laan, requesting that he remove the project from github. van der Laan complied, but Dropsip was soon mirrored by other Hacker News readers, including web consultant Dan DeFelippi. DeFelippi actually mirrored the project inside his own Dropbox account. He soon received an email, signed by Dropbox CTO Ferdowsi, saying that Dropbox had received a DMCA takedown notice about the Dropship file, and DeFelippi's account was completely banned from sharing public files. As it turns out, there was no takedown notice. According to a company spokesman, the email claiming a DMCA takedown had been received was automatically sent to DeFelippi because the Dropship file had been banned from public sharing on Dropbox. DeFelippi was soon contacted directly by Dropbox's Ferdowski, who rescinded the ban but continued to request the removal of the project. "Source code for Dropship was being hosted as a public file in a Dropbox folder," the spokesman tells us. "The Dropbox system flagged it as a potential issue and an automated notice was sent to the user that there was an issue with their file." But DeFelippi did not comply with the company's requests that he remove the project. He has now hoisted it back onto github and mirrored it in two other places. "Censorship doesn’t work, especially in a community of open source using geeks," he writes. According to Dropbox, however, the Dropship workaround will no longer work due to changes the company has made on its backend. http://www.theregister.co.uk/2011/04...pship_project/ FBI Raids Apartment of Alleged King’s Speech Uploader David Kravets The FBI has raided the Los Angeles apartment of a Screen Actors Guild member the bureau believes was first to upload the Oscar-winning movie The King’s Speech as well as Black Swan, and other in-theater-only films to the Pirate Bay in January, according to interviews and sealed court records obtained by Wired.com. The Tuesday raid of Wes DeSoto’s apartment came months after the guild and the Academy of Motion Picture Arts and Sciences both lauded The King’s Speech with top-acting and top-picture awards. The authorities are also investigating whether there is a link between DeSoto and the notorious Pirate Bay pre-release movie-uploading group TiMPE, according to a sealed FBI affidavit obtained by Wired.com. In the warrant request to search DeSoto’s apartment, FBI special agent Thomas Brenneis wrote Magistrate Suzanne H. Segal of Los Angeles that the bureau was seeking “records, documents, programs, applications or materials relating to ‘TiMPE’ and ‘thepiratebay.org.’” DeSoto, who recently played a small role in CSI: Crime Scene Investigation, said in a telephone interview he has no affiliation with TiMPE, and declined further comment. “I’m nobody in the online file sharing world. This investigation is excessive and a waste of tax dollars,” he said. Federal prosecutors in Los Angeles declined comment. The FBI in Los Angeles was not immediately prepared to comment. The bureau’s involvement in the case, according to the affidavit, commenced in February when Larry Hahn, the Motion Picture Association of America director of content protection, “advised” the FBI that five “feature motion pictures” were uploaded to the Pirate Bay days before. “Each of these movies was high-quality, and believed to have been movie-screener versions provided to members of the Screen Actors Guild,” the FBI’s Brenneis wrote. “Each of the movies had been released for theatrical viewing in the previous three months, before having been uploaded to thepiratebay.org, but none of the movies had been sold or distributed publicly in the DVD or video-streaming formats.” The MPAA declined comment. Threat Level obtained the affidavit on condition that it not publish the 34-page document in its entirety. DeSoto is suspected of using the Pirate Bay handle mf34inc to upload the films in late January. No charges have been filed. The affidavit references the Family Entertainment and Copyright Act of 2005, which makes it a crime, punishable by up to three years in prison, for releasing a work online that is “being prepared for commercial distribution.” The authorities pinpointed DeSoto as the alleged culprit, because the screeners he viewed contained unique watermarks. What’s more, the guild had snail-mailed traceable iTunes codes to its members, who could use the code to access the screener movies. Because pre-release uploading is perceived as an artform on the Pirate Bay, some commenters on Pirate Bay began questioning the authenticity of Black Swan, saying it was a “fake,” the affidavit said. But mf34inc commented back that “SAG now sends out iTunes download codes for screens,” and “I’m a SAG member and thought I’d share these,” according to the affidavit. According to the affidavit, Paramount Pictures had inserted “specific identifying marks” for the screener The Fighter and discovered it linked to mf34inc on Pirate Bay, according to the affidavit. Other movies linked to that handle on Jan. 27 included 127 Hours, The King’s Speech, and Black Swan. Deluxe Webwatch, a Paramount Pictures contractor, continued monitoring the Pirate Bay for additional uploads from mf34inc, according to the affidavit. The next day, Rabbit Hole was being uploaded, and Deluxe Webwatch captured the IP address of the seeder, according to the affidavit. With a subpoena, the authorities demanded Time Warner Cable–Road Runner tell them who was the account-holder of the detected IP address, and the authorities obtained a warrant to search the premises. The agents seized a desktop computer from DeSoto’s apartment. http://www.wired.com/threatlevel/201...eech-uploader/ Film Studio Sues BitTorrent Swarms Latest effort in filesharing war A film studio has attempted to up the ante in file-sharing litigation by launching two lawsuits against BitTorrent swarms. The unusual move by Corbin Fisher and SKN-Law.com sees the firm suing a number of individuals within the Ohio area for sharing two separate hash files tagged to Amateur College Men Down on the Farm with illegal downloaders. This gay porn film was created by the Corbin Fisher film studio, which launched the lawsuits and is using geolocation technology to track down the file-sharing culprits. Some 25 people are cited in the lawsuits as defendents, but there are plans to sue more people in other jurisdictions, reports Slyck. Fans of Corbin Fisher's work complained that the price is too high for the movies, which has led to people resorting to the likes of BitTorrent. Corbin Fisher is well known for keeping a tight grip on the distribution channels of its work and has been actively suing filesharers for some time now. In a recent March lawsuit the studio sued 40,000 people. The studio also offered a deal for filesharers to come forward and reveal their wrongdoing, paying a token amount of $1,000, significantly less than the $990,000 a previous individual was force to pay in a 2010 lawsuit. It is believed that not many people have chosen this option. It's not clear how successful the latest lawsuits will be, giving the fact that some participants in BitTorrent swarms do not actively participate in distributing a file. It may be difficult for the studio to prove that the IP addresses it has on record were really behind the illegal filesharing, but the move may be enough to scare other potential filesharers into paying for legitimate copies or handing themselves in. Andrew Crossley from UK Law firm ACS:Law recently found himself up to his dangly bits in legal hot water after trying to pull a similair stunt in Blighty. http://www.thinq.co.uk/2011/4/26/fil...orrent-swarms/ LimeWire Facing Billion-Dollar Damages Trial David Kravets The nation’s first copyright infringement lawsuit targeting a file sharing software maker following the Supreme Court’s 2005 Grokster decision comes to a head Tuesday with the commencement of the Recording Industry Association of America’s trial against LimeWire. A New York federal jury will decide how much LimeWire and its owner should pay the record labels for wanton infringement committed on LimeWire’s service. U.S. District Judge Kimba Wood last year sided against LimeWire, ruling that LimeWire’s users commit a “substantial amount of copyright infringement,” and that the Lime Group, the company behind the application, “has not taken meaningful steps to mitigate infringement.” The labels claim LimeWire owes more than $1 billion in damages, a sum that neither the company nor founder Mark Gorton could likely pay. On Wednesday, Wood reiterated that LimeWire’s infringement was “willful,” meaning Gorton and company are on the hook for as much as $150,000 for each track infringed. For litigation purposes, Wood said, the RIAA has “identified” 9,715 recordings (.pdf) in which they are seeking damages. LimeWire shuttered in October after Wood ordered it to cease its “file distribution functionality.” LimeWire had claimed 50 million unique monthly users. The lawsuit alleged that at least 93 percent of LimeWire’s file sharing traffic was unauthorized, copyright material. Wood’s ruling last year also found that Gorton was on the hook for damages. What’s more, Wood ruled last week that Gorton could not testify that it was his “feeling” that LimeWire “was not at great legal risk.” The RIAA claims Gorton rearranged his financial holdings in 2005 to protect his assets from infringement lawsuits – assertions the jury will hear. Before the RIAA filed suit in 2006, the record label’s trade group urged LimeWire to license its material or shut down. The U.S. Supreme Court’s 2005 decision in Grokster cleared the way for lawsuits targeting companies that induced or encouraged file sharing piracy. We’ll report the verdict when it comes. http://www.wired.com/threatlevel/201...damages-trial/ Listen To & Record Songs From Internet Radio Stations With StreamWriter [Windows] Jeffry Thurana Long before the age of the computer and the Internet – and even before the age of television - radio was the most advanced entertainment system in every household. Unlike audio cassettes, radio survived the stampede of newer and more advanced technologies while maintaining a fairly strong fan base. Radio has evolved for the better by embracing the Internet. Now it’s more global: anybody can access almost unlimited choices of radio stations in any imaginable genre from all over the world. But traditional radio receivers can’t handle streams of Internet radio. You need the new breed of radio receivers in a new form of desktop application. If you are a fan of Internet radio, you might want to try StreamWriter. This is a Windows application that will help you listen to and record songs from Internet radio stations. The Portable Radio Recorder StreamWriter is available as both a portable and installable application. Both versions require some preliminary setup when you first use it. Other than deciding on the language, you have to determine the location to save the application data. If you install the application to your hard drive, choose “registry/application data folder“. But if you use the portable version, choose “application path“. You also need to decide where to save your recorded songs. If you use the portable version and save the songs on your USB thumb drive, make sure you have enough space on the limited space drive. The main interface of StreamWriter is divided into two: the stream list on the left and the station search/filter on the right. Start by searching or filtering the Internet radio stations according to your liking. You can use music genre, bitrate and file type to find the stations you like. While there are lots of genres you could choose, there are only three bitrate options (64, 128 and 192 KBps) and two file types (MP3 and AAC). Double click on one of the search results to start recording/streaming that particular station. You can choose more than one station, but please note that all the stations will share your Internet bandwidth. So if your Internet connection speed is a bit slow, you should limit the number of stations that you record. You can also listen to one of the stations while recording them. Select one station and click the play button. You can also stop recording a station by selecting it and clicking the “stop record” button (the blue square with the red dot on it). You can refine the category of your recorded songs by adding more filters. Choose the “Filters” tab and type in additional strings in the “Wishlist“. You can even add artist names and song titles if you want to. Songs that match these strings will be downloaded when one of your chosen stations plays them, and they will be displayed in the right pane. The “Saved songs” tab will list all of the recorded songs. I found out that you can play the songs on this list while also playing one of the stations under the “Streams” tab. So unless you can set your brain to process two sources of audio at once, you might want to turn off one source before playing the other. Some Settings & Notes Further adjustments are available in the “Settings” window. One of them is the ability to “Skip ads“. This will make sure that the application will only record the songs Or if you want to assign a keyboard shortcut to the playback control, you can do so in the “Hotkey” section. You can explore other settings and adjust each one to your preferences. Some of you might wonder whether recording Internet radio is legal. I honestly don’t know, but I guess it’s as legal as pressing the record button when the traditional radio plays your favorite songs. But even if you don’t want to record anything, you still can use StreamWriter to listen to Internet radio streams. So what do you think about StreamWriter? Have you tried it? Are you using a different application to listen to Internet radio? Share your thoughts and opinions using the comments below. Oh and if you like Internet radio, don’t forget to check out our article about Shuffler. http://www.makeuseof.com/tag/listen-...riter-windows/ DVRs Give More Shows a Lifeline Bill Carter The digital video recorder was supposed to lay waste to network television. Instead the playback device is offering some shows a lifeline — so much so that network programmers now factor in ratings a full week after a show’s scheduled appearance. That process could change the calculations made as network executives gather in Los Angeles in the next few weeks where, surrounded by spreadsheets, flow charts and piles of research data, they will decide the fates of shows on the ratings bubble like “Lie to Me” and “The Chicago Code” on Fox, “Brothers and Sisters” and “V” on ABC, “$#*! My Dad Says” and “The Defenders” on CBS, and “Chuck” and “Law & Order: LA” on NBC. Currently, networks are paid by advertisers only for how many viewers watch the commercials in their shows over the first three days after a show is broadcast — a model known as “commercial plus three” (C3) ratings. But networks are monitoring how shows do over a full week after they are broadcast to gauge the depth of audience interest and loyalty. And, though they are not pressing the issue, they would eventually like to persuade advertisers to take more notice, as well. “Absolutely it matters,” said David F. Poltrack, the chief research officer for CBS, about the “live plus seven days” ratings. It certainly mattered for the Fox drama “Fringe,” which the network’s top programmer, Kevin Reilly, already renewed in late March for a fourth season. Had he renewed the show based only on the ratings that arrive the morning after each “Fringe” episode, Mr. Reilly would have been considered borderline delusional. For its broadcast on Friday nights, “Fringe” manages only about a 1.7 rating (about 2.24 million viewers) among the 18- to 49-year-olds that Fox pursues (because most of its advertisers seek to reach that group). That number walks right up to the cancellation line. But the tally jumps to a 2.5 rating (about 3.3 million viewers) by the time a week’s worth of recorded playback is included, a number that qualifies as satisfactory for most current television dramas — and robust for any show on a Friday. “More and more our obsession has to be how to engage and count viewers wherever they are,” Mr. Reilly said. “If that’s on a DVR, that counts too.” “Fringe,” a cult science-fiction show, would seem to fit the profile for a program ripe for time-shifting. But the adult drama “Parenthood” on NBC also gets a big boost from seven days of additional viewing — probably enough to guarantee it a renewal as well. The show receives just a 2 rating (about 2.64 million viewers) when it runs on Tuesday night, but that audience increases by about 41 percent to a 2.9 (about 3.82 million viewers) when its playback audience is included. “You’d be foolish not to look at the DVR performance as a measure of the potential a program has,” said Alan Wurtzel, the president for research at NBC. “You have to recalibrate everything: what’s a hit; what’s a marginal show; what’s a failure.” The networks and Nielsen do not release C3 data; it is considered confidential business information. But Mr. Wurtzel said the correlation between growth in ratings over seven days and improvement in ratings for the commercials over three days was close. He said that commercials in “Parenthood” improved by 12 percent over three days. (Ratings for commercials are always lower than ratings for the program content.) The C3 measure was a compromise between the networks, who want all audience over any period of time to be counted, and advertisers, who would prefer only the commercials that run the first day be counted. Mr. Wurtzel said the networks were not fighting the compromise by trying to get the seven-day delayed ratings included in the rates advertisers pay. But he said the networks still wanted to get as much audience measurement as Nielsen would provide. “I would take information for 14 days if they would provide it,” he said, adding that the longer measures are important “so we can monitor engagement and audience behavior, even if we can’t monetize it.” But networks might have a challenge in persuading advertisers to go along. Aaron Cohen, the chief negotiating officer for the ad-buying firm Horizon Media, said advertisers would have little or no interest in looking at data beyond three days. “There is a good reason why we wouldn’t want to go beyond C3,” he said. “Advertisers like retailers and restaurants, anything with near-term openings, are looking for one- to three-day campaigns.” Mr. Cohen said “there has been a movement afoot” to expand beyond three days, driven chiefly by local television stations. “They’re trying to get a return on as many rating points as possible,” he said, adding that advertisers have resisted that change. Several network executives say a slowing growth curve for DVRs means that the impact of the technology may have largely been felt. For some, their worst fears have not been realized. Mr. Poltrack put the DVR penetration rate at about 40 percent, up only slightly from the 38 percent of a year ago. “It’s slowing down,” he said. He pointed to research that showed enthusiasm for the devices waning a bit as people seek to cut down on the bills they pay for television. Mr. Wurtzel cited similar figures for DVR penetration (Nielsen itself set the figure even lower, steady at 38 percent). “Most people who want a DVR have one,” Mr. Wurtzel said. “If you don’t have it yet, you probably don’t care about it.” He added of the machine’s impact, “It is what it is; and everybody’s adapted to it.” Increasingly that includes the executives charged with deciding which shows to retain and which to discard. Mr. Reilly is not so convinced that the DVR is necessarily less of a threat, even with slowing growth figures. “Since the second this device has been introduced,” he said, “there has been denial about it in the industry. There’s no denying it anymore.” Living with the DVR means accounting for the viewers who rely on it. “It’s not a lesser audience,” Mr. Reilly said. “That is your audience and you’ve got to roll all that up.” Mr. Reilly pointed out that when playback numbers are included, hit shows, like “Modern Family” on ABC and “Glee” on Fox, score ratings that would have looked impressive back in the pre-DVR days. Others may post a good percentage of viewing on DVR, but their overall number remains too puny to tolerate. NBC’s new drama “The Event” racked up impressive playback numbers starting in September. That mattered when the show retained respectable numbers for its initial broadcast. The percentage of viewers watching on playback every week remains high for “The Event,” which speaks to the loyalty of that audience. But the overall number for the show has shrunk to a point where that nuance is not likely to provide protection from cancellation anymore. Mr. Reilly noted that performance and added, “But in the middle, with a show that has a passionate loyal following like ‘Fringe,’ playback numbers are especially meaningful.” Of course even with all that recalibration, there has to be room for a little personal privilege. A senior executive from one television production studio, who asked not to be named because of the need to be able to sell shows to the network program heads, said, “They will read the numbers and then they will secretly try to find the justification to renew the shows they love and cancel the ones they don’t.” https://www.nytimes.com/2011/04/25/b...dia/25dvr.html Scuffle Over On-Demand Movies Portends Battles to Come Michael Cieply Hollywood is picking sides for its first all-out brawl since its writers’ labor feud in 2007. And oddly, Christopher J. Dodd, once a powerful senator from Connecticut and now the film studios’ chief spokesman, has mostly been out of the fray. The blow-up is between studios and theater owners over a plan to slip some movies into homes through on-demand video shortly after they arrive in theaters. For Mr. Dodd, the new chairman of the Motion Picture Association of America, it is the first industry crisis since he started in late March. “I’m the new kid on the block,” Mr. Dodd said in an interview by phone on Friday, acknowledging that both his relative inexperience and the need to stay out of business decisions made by individual studios had kept him largely out of the battle. “Each company has to make up its own mind.” Studios, exhibitors and filmmakers are arguing about the future of the business, and whether people in coming years will be more likely to watch movies in theaters or in increasingly sophisticated home setups mimicking the quality, immediacy and, perhaps, cost, of today’s theatrical experience. Last week, four studios — Sony Pictures Entertainment, 20th Century Fox, Universal Pictures, and Warner Brothers — took the first step in their arrangement with DirecTV to release films two months after their theatrical release. The first premium on-demand offering came on Thursday, as DirecTV offered Sony’s “Just Go With It,” with Jennifer Aniston and Adam Sandler, for $30. Two dozen filmmakers, including James Cameron and Peter Jackson, fired back with an open letter criticizing the experiment as a threat to theaters. The fight separated allies who had recently joined to spend billions of dollars to upgrade theaters for digital and 3-D projection, and had used their combined political might to thwart proposed trading in a financial exchange based on box office revenue. The rift underscores how little Mr. Dodd or anyone else can do to buffer the jolts in a film business where the greatest challenges are not the labor disputes or public policy battles that were wrangled by past Hollywood statesmen like the MCA chairman Lew R. Wasserman or the long-serving M.P.A.A. chief Jack Valenti. Rather, the greatest challenges are philosophical and include business choices largely outside the reach of a trade association, which is limited by antitrust law from interfering in decisions that are really about business rather than public policy — hence Mr. Dodd’s unaccustomed restraint. In fact, the difficulties facing the industry are likely to become tougher as film companies feel their way toward a digital future that is only beginning to unfold. “What’s really going on is that the architecture of the industry is changing,” said Jeff Berg, chairman of the International Creative Management agency. Speaking by telephone last week, Mr. Berg predicted increasingly rapid waves of change that would overtake the movie business, as companies struggle to replace disappearing DVD revenue with income from both digitally enhanced theaters and new approaches, like so-called digital lockers, that will allow viewers to store films they have paid for in a pirate-proof virtual space that permits repeat viewing. “There’s a big narrative that’s going to be very disruptive,” Mr. Berg said. The fierce response by executives from big movie chains like Cinemark, AMC and Regal to the studios’ relatively cautious step with on-demand is clearly more about setting a line for future battles than it is about losing money from an Adam Sandler comedy that left most theaters weeks ago. “I have not felt this level of concern about a practice of the studios among our members,” said John Fithian, president of the National Association of Theater Owners, which helped organize the filmmakers’ protest letter (in keeping with that association’s view that it can to some extent oppose the plan without violating the antitrust laws that have held back the M.P.A.A.). Mr. Fithian, also speaking last week, said theater owners had been particularly shocked about the way they learned of the on-demand program: while they were gathered last month at the CinemaCon movie convention in Las Vegas, shortly after Mr. Dodd delivered an address voicing enthusiasm for the moviegoing experience. The report appeared on the Web site of the trade publication Variety. “It came as a significant surprise,” said Mr. Fithian — though he acknowledged that his organization had opposed a years-long battle by the association Mr. Dodd now leads to win Federal Communications Commission approval, granted last May, for the use of antipiracy technology that allowed the new on-demand plan to proceed. Executives from Fox, Sony, Universal and Warner declined to speak publicly about the matter. But executives with several of the studios, who spoke on condition of anonymity to avoid conflict, said they had repeatedly told theater executives that they were closing in on the details of a premium on-demand plan, the broad outlines of which had been publicly discussed for months. According to those executives, theater owners are now considering a number of retaliatory steps, which could include demands to be paid for showing trailers of a film that may wind up with an early video showing, or to be given a higher percentage of the box-office receipts for those films. In an interview this month, Jim Gianopulos, a chairman of Fox Filmed Entertainment, ascribed much of the opposition to fear of “monsters in the closet” — hypotheticals under which movies would be offered on demand even more quickly or at lower prices than anyone now contemplated. Along with Kevin Tsujihara, a member of Warner’s three-member office of the president, Mr. Gianopulos was identified last week by other studio and theater executives as a primary advocate for the current plan, which lets studios experiment with the timing and mix of on-demand films without immediately shaking the theatrical market. In a measure of the situation’s delicacy, Mr. Cameron — who is deeply involved with Mr. Gianopulos on two sequels to his 3-D hit “Avatar” — was the first to put his name on the filmmakers’ letter of opposition. “I do feel it’s not wise to erode your core business,” Mr. Cameron said. The Directors Guild of America, which typically keeps an eye on matters of concern to directors, has so far been publicly silent, leaving the theater owners to organize support from filmmakers as prominent as Michael Mann, Guillermo del Toro and Kathryn Bigelow. “The D.G.A. has not taken a position at this time,” Sahar Moridani, a spokeswoman for the guild, said in an e-mail. Old hands in the film business point out that past changes in viewing technology did not bring the calamity that was sometimes predicted. “I think it will do harm,” Sidney J. Sheinberg, who was president of MCA in Mr. Wasserman’s era, said of the new on-demand plan — yet Mr. Sheinberg also acknowledged that he had been wrong in seeing videocassettes as a threat, rather than a boon, to the studios in the early 1980s. On Friday, Mr. Dodd said he regretted that something as important as the new service had such a ragged introduction. “Can there always be a better way of dealing with these things? Of course there can,” Mr. Dodd said. He said he was planning to do some bridge-building with Mr. Fithian, a longtime friend. As Mr. Dodd sees it, the new on-demand program is a test that might prove especially valuable to potential viewers he described in an earlier e-mail as including “families with young children, senior citizens, the disabled and those living in remote areas.” As for theaters, he said on Friday, no studio wants to see them diminished as a primary showcase for their films. “They don’t make these things for small screens,” he said. https://www.nytimes.com/2011/04/25/b...dia/25vod.html This Week Netflix to Become Largest Subscription Entertainment Business in U.S. Analysts believe the company will still surpass Comcast, even if it is shy of estimates. Paul Bond Netflix is poised to become the largest subscription entertainment business in the U.S. when it reports quarterly earnings on Monday. Analysts are figuring that Netflix will have added around 3.7 million subscribers to its ranks, giving it 23.7 million, give or take 100,000. Even if Netflix is shy of estimates, it will likely show enough growth to propel it ahead of Comcast at 22.8 million video subscribers and beyond the 20.2 million subs at Sirius XM Radio. Because growth has stalled at Comcast’s video business, it will likely have to settle for being third in this particular contest as Sirius XM and Netflix duke it out for supremacy in the entertainment-subscription arena. Ensuring that Netflix maintains it’s growth – and some analysts predict it will close out the year with north of 30 million subs – is its embrace of digital streaming, where there isn’t much competition yet. Analysis from NPD, in fact, suggests 61 percent of all movies viewed through the Internet are done so courtesy of Netflix. That’s eight times more than Comcast, the No. 2 purveyor of online movies, notes BMO Capital Markets analyst Edward Williams. Netflix has partnered with so many consumer electronics manufacturers that its streaming service is on 250 devices, making on-demand viewing of movies and TV shows on TV screens a simple task. “Following the torrid pace of subscriber growth since Netflix’s Watch Instantly service made its way onto game consoles, we expect subscriber growth to remain elevated,” Williams said. “Eventually,” added Lazard Capital Markets analyst Barton Crockett, “Netflix may face more competition from larger players that we believe are likely to launch online streaming subscriptions with better content. For now, however, the company has the only meaningful online streaming subscription offering for consumers in the U.S.” Time Warner’s HBO would like to be considered meaningful online competition some day. It’s rolling out its HBO Go on Apple and Android devices May 2, giving its subscribers 1,400 hours of premium content. Crockett called HBO Go “the beginning of Netflix alternatives,” adding that, “over time, it could be a factor – better content, a comparable interface, could lessen the interest of some in signing up for Netflix.” When Netflix reports first-quarter results Monday, analysts will be looking at how much it is spending to get rights to all that streaming content – more than 17,000 movie and TV titles -- that it boasts of. Some of the recent deals include rights from Lionsgate to stream at least the first four seasons of Mad Men; with Fox for shows like Glee, Sons of Anarchy, Ally McBeal and The Wonder Years; and with CBS for shows like Frasier, Cheers, Twin Peaks, Star Trek and The Twilight Zone. And the most noteworthy deal was with Media Rights Capital because it was for exclusive rights to stream a “TV” series that hasn’t been made yet, putting it in direct competition – sort of – with HBO and other cable networks. Crockett figures Netflix spent $171 million for streaming deals in the first quarter, and will spend more than $1.1 billion in 2011. Michael Pachter of Wedbush Securities says Netflix will spend $500 million more this year to secure rights to streaming content than it did last year. What all this means for the stock, of course, is debatable, but even Netflix’s bulls are cautious, given that Netflix shares have soared 450 percent in two years. Both Crockett and Williams say mostly positive things in their research notes about Netflix, though neither are recommending that their clients buy the stock. Crockett rates shares “neutral” and Williams rates them “market perform.” Pachter’s is probably the most bearish view on Wall Street, rating Netflix shares “underperform” with a price target of $80. The stock most recently closed at $252.22, so Pachter is predicting it will fall nearly 70 percent over the next 12 months. http://www.hollywoodreporter.com/new...ainment-181562 Despite Competitors, Netflix Earnings Rise 88% Sarah Kessler Netflix revealed Monday that its earnings are up 88% compared to this time last year. The subscription movie service reported a net income of $60 million on its Q1 report. More than 3 million new subscribers have signed on to Netflix since January, pushing its total number of viewers to 23.6 million — more than those buying Comcast cable alone. (Comcast still has many more subscribers than Netflix does if you count the customers who buy video service alongside voice and Internet.) Netflix’s earnings have benefited from a price increase on its hybrid service that took effect with its pure streaming plan in November. While the changes were made in Q4 of 2010, they took effect in Q1. Meanwhile, Netflix set a new company record for marketing spend. Netflix is reaping the benefits of establishing a post-Blockbuster model of video rentals. Several competitors have launched to challenge it in the last 12 months — Hulu Plus and Amazon’s Prime Instant Video. Dish Networks, which purchased Blockbuster in April, will likely launch a subscription streaming effort under that brand. The competition helps explain why Netfix has a new focus on original content. It has made exclusive partnerships with CBS and Lionsgate, as well as a non-exclusive agreement with Fox in Q1. “Our competitive strategy relative to other streaming services is simply to grow as fast as we can, so we can afford more content, more marketing, and more R&D than our competitors,” explains Netflix’s Q1 letter to its shareholders. http://mashable.com/2011/04/25/despi...nings-rise-88/ Will Netflix Curb Movie Piracy? Jenna Wortham For the past few weeks, I’ve been on a retro television bender. I’ve watched the first seasons of “Ally McBeal,” “The X-Files,” “Veronica Mars” and “Buffy the Vampire Slayer.” Torrential downpours have kept me couch-bound, so I’ve also been able to catch up on a few movies I missed in the theaters: “The Runaways,” “Hot Tub Time Machine” and a few classics like “The Graduate.” Normally, I might have obtained those shows and movies in an ahem, less-than-legal way, like using a BitTorrent client to download the content from the Web. But lately, I’ve been short on the necessary patience needed to figure out what, exactly, I feel like watching. That’s because while the upside to using torrent sites to nab movies and shows to watch is that it is available for no cost, the downside is that it requires a little extra time to sift through clutter online to find what you want and wait for it to download. As a result, I’ve noticed that my illicit activities have come to a halt, as it’s simply much easier to browse through the catalogs on Netflix Instant, Amazon, iTunes and elsewhere. Will others follow suit? Have they already? This question was raised in a recent blog post on TorrentFreak, a site that covers news related to BitTorrent and other filesharing sites. “Netflix is taking away one of the main piracy motivators (lack of availability) for a group of people,” Ernesto, the site’s moderator, wrote. “Netflix shows that people are willing to pay for access to movies online, even when plenty of pirated copies are available.” Ernesto pointed to Netflix’s recent earnings report, which revealed that the company now boasts more subscribers than any other video service in the United States. Netflix’s steaming service has been growing rapidly, and the company is looking to capitalize on that growth by acquiring original content like an upcoming series from David Fincher and Kevin Spacey. Of course, as many commentors to the blog post on TorrentFreak point out, not every user is abandoning torrents for legitimate streaming sites. The selection available on services like Netflix, Amazon and Hulu is rarely the freshest that Hollywood has to offer. And most of the streaming services we enjoy in the United States aren’t available in other countries, leaving many to seek out alternative ways to find the films and shows they want to watch online. But it begs the question of whether the tide is beginning to turn. http://gadgetwise.blogs.nytimes.com/...-movie-piracy/ How Netflix Stole My Eyepatch & I Stopped Stealing Movies Mike Melanson I think it was about a decade ago now when I downloaded my first camcorder movie off the Internet and a love affair was born. Why bother going out and renting something from Blockbuster or forfeiting your first born for a movie ticket and a bucket of popcorn when you could nearly replicate the entire experience, for free, on your couch with Orville Redenbacher at your side? As time went on and peer-to-peer file sharing grew - and the movies went from shaky, "down in front!" home movies to near-DVD quality replicas - it only got worse. And then, suddenly, it all came to an end. "Cold turkey," as they say. But why? Today, after reading an article over on TorrentFreak about how Netflix is killing BitTorrent, I suddenly felt like a reformed smoker who never intentionally put down the cancer stick. It all made sense. As TorrentFreak's Ernesto writes, "It doesn't take a genius to conclude that Netflix' popularity has a negative effect on the movie piracy rates in the US." Quote:
When Neftlix finally came around and said it would give me as many movies as I'd like for $8 a month, the love affair with free movies was over. After all, $8 barely gets you in the door at most movie theaters and in some cities it won't even cover a matinee. For the convenience of never having to plan, eat up my bandwidth and risk getting a letter from the MPAA, $8 is but a pittance. I was one of the 7.7 million new subscribers that jumped on board in 2010 and I haven't looked back since. It wasn't a conscious decision, it wasn't a pang of guilt, it was a simple, cheap way to fulfill my desire to go on Battlestar Gallactica benders and quickly queue up whatever movie everyone else had raved about six months ago that I'd never gone to see. Sure, Netflix doesn't get first-run movies, or those not-yet-in-the-theater screeners, like peer-to-peer networks do, but my eight bucks buys me a peace of mind and enough content to keep me happy until it makes its way around. As Ernesto concludes, "Netflix shows that people are willing to pay for access to movies online, even when plenty of pirated copies are available. The next step is to offer easy access to movies in the rest of the world, and get rid of the artificial delays in release dates." Besides, if the movie is that good, I might actually hit the theater...and once again be convinced that the only logical approach to movie theater popcorn is the large, because who can justify paying 75 cents less for half as much popcorn? That's just silly. http://www.readwriteweb.com/archives..._stealing_m.ph Is Netflix Reducing Illicit File Sharing? Depends on Which Stats You Believe Ryan Singel Netflix, the DVD-by mail-company-turned-streaming movie-giant, now has as many subscribers as Comcast and in the evenings, accounts for more than 40 percent of U.S. bandwidth usage by some measurements. Those astounding numbers are leading some to wonder whether Netflix is reducing the amount of peer-to-peer file sharing, once the easiest way to find movies to watch. There’s plenty of anecdotal evidence and some logic behind the idea — why take a legal risk and wait hours for a movie to download if you can watch it instantly? But what do the numbers say? Wired asked two leading companies that monitor big chunks of the internet – Arbor Networks and Sandvine, and the results were, well, inconclusive. According to Arbor Network’s chief scientist Craig Labovitz, P2P has fallen to a single digit percentage of North American network traffic (8%) down from highs of over 30% in 2007. “I think Netflix, iTunes and Direct Download all play a role in the diminishing P2P traffic volumes,” Labovitz said. Direct download refers to sites such as Rapid Upload and MegaVideo that many have turned to share files with friends and the world, without the need for peer-to-peer software. P2P is also largely falling as a percentage of net traffic globally, according to Arbor, which gets its traffic data from ISPs that use its monitoring and network security software. Network traffic analysis by Sandvine shows a big jump in streaming video traffic from companies like Netflix and a smaller increase in P2P traffic. Courtesy: Sandvine But Sandvine, a provider of network management and congestion services to ISPs, says it still saw “impressive” growth in P2P traffic in 2009-2010, even as Netflix traffic grew at an astounding rate. “From 2009 to 2010, Real-Time Entertainment grew to represent 42.7% (up from 29.5%) of total internet traffic in the evening,” the company told Wired.com via a spokesman. “In that same time, P2P File sharing also grew, from 15.1% to 19.2%. So, from 2009 to 2010 at least, P2P still grew at an impressive rate.” So which is it? Are people who used to download lots of movies via BitTorrent turning away from it in favor of the convenience and legality of Netflix and other licensed streaming sites like iTunes and Amazon? Or has the movie industry’s foot dragging on making movies available for streaming online turned the U.S. into a nation of perpetual copyright scofflaws? The best answer to that comes from a pair of comments on Hacker News about the speculation of Netflix’s effects on P2P: “When I want to watch a movie, the first place I go to is netflix. I won’t tell you the second place I go to,” one commenter said. In reply another added, “I’d pay an extra 5 bucks a month if it could increase the rate at which netflix lets me ‘play now’ movies. Yes, some movies I specifically want to get on bluray, but there are plenty of others that video quality matters very little to me.” Which makes it pretty obvious that the cure for P2P pirating is in the hands of the studios, if they care to prescribe it. http://www.wired.com/epicenter/2011/...-file-sharing/ Shed a Tear: The Age of Broadband Caps Begins Monday Ryan Singel Come Monday, AT&T will begin restricting more than 16 million broadband users based on the amount of data they use in a month. The No. 2 carrier’s entry into the broadband-cap club means that a majority of U.S. broadband users will now be subject to limits on how much they can do online or risk extra charges as ugly as video store late fees. AT&T’s new limits — 150 GB for DSL subscribers and 250 GB for UVerse users (a mix of fiber and DSL) — come as users are increasingly turning to online video such as Hulu and Netflix on-demand streaming service instead of paying for cable. With the change, AT&T joins Comcast and numerous small ISPs in putting a price on a fixed amount of internet usage. It’s a complete abandonment of the unlimited plans which turned the internet into a global behemoth after the slow-growth dial-up days, when customers were charged by the minute and thus accessed the internet as sparingly as possible. Comcast’s limit, put into place after it got caught secretly throttling peer-to-peer traffic, is 250 GB — which the company says less than 99 percent of users hit. AT&T plans to charge users an extra $10 per month if they cross the cap, a fee that recurs for each 50 GBs a user goes over the cap. And while 150 GB and 250 GB per month might seem like a lot, if you have a household with kids or roommates, it’s not too difficult to approach those limits using today’s services, even without heavy BitTorrent usage. (For those not accustomed to calculating their bandwidth usage, video streaming and online gaming use much more bandwidth than web browsing or e-mailing. For instance, Netflix ranges from .3 GB per hour to 1.0 for normal resolution movies and up to 2.3 GB per hour for HD content.) And it should noted that U.S. limits are far from the world’s worst: Canada’s recently imposed restrictions prompted Netflix to give customers there a choice of lower-quality streams to keep their usage down, because users are charged up to $5 per GB that they exceed their cap. Caps are also worse in Australia. But for the nation which has been key to a wildly expanding internet, the changing tide is both a practical and cultural letdown. The drive to cap usage is ostensibly a way to reduce costs. But in reality, it’s not about the cost of data – bandwidth costs are extremely low and keep falling. Time Warner Cable brought in $1.13 billion in revenue from broadband customers in the first three months of 2011, while spending only $36 million for bandwidth — a mere 3 percent of the revenue. Time Warner Cable doesn’t currently impose bandwidth caps or metering on its customers — though they have reserved the right to do so — after the company’s disastrous trial of absurdly low limits in 2009 sparked an immediate backlash from customers and from D.C. politicians. The real problem ISPs want to fix is congestion due to limited infrastructure. Cable customers share what are known as local loops, and the more that your neighbors use their connection, the less bandwidth is available to you — a situation that becomes painfully clear in the evening, when cable users see their throughput fall. The blunt-force approach of a bandwidth cap does have the advantage of making users think twice about streaming HD movies from Netflix. That is, perhaps not coincidentally, doubly to the advantage of most big ISPs, because they’d rather have you spending money on their video services than paying a third party. Bandwidth-intense services threaten to turn the likes of Comcast, AT&T and Time Warner Cable into utilities — a dependable business, but not one that has the huge profit margins these companies have come to enjoy. Indeed, the question of who gets to write the rules about the internet’s pipes is the major bone of contention in the net neutrality debate, both for terrestrial and mobile data networks. When the new net neutrality rules go into effect, ISPs won’t be able to block their online video competition, but there’s no rule against doing that with bandwidth caps or tiered usage pricing. Moreover, as we all move towards more and more cloud services, whether that’s for backups, music or movies, it’s worrisome that ISPs are more concerned about reining in their most dedicated customers in service of meeting Wall Street’s expectations. Instead, they should be taking the opportunity to dig up the streets to create fiber networks that will make us a nation that’s top in the world’s broadband-ranking chart, rather than a laggard. The real solution is adding infrastructure at the local level, though an interim solution could entail metering data only during peak times, much as mobile-phone calling-minutes plans apply only during peak hours. But, that just goes to show, yet again, that what’s good for the Street often doesn’t translate into what’s good for the country. http://www.wired.com/epicenter/2011/...roadband-caps/ Q&A With Geoff Cook: How We Solved The Chatroulette Porn Problem Erick Schonfeld At the end of last year, social networking site myYearbook shifted its focus more towards games and introduced a live video chat feature which could have completely backfired. But instead of turning into the next Chatroulette, the site has managed to keep the unwanted live porn vids to a minimum. While Chatroulette still has an estimated nudity rate of 1 in 50 videos, myYTearbook was able to cut its nudity rate down to 1 in a 1,000. In a Q&A with myYearbook CEO Geoff Cook, he explains the strategies he used to get there. Q: When you decided to add live video chat to your site, what were you thinking? I mean, seriously, what were you thinking? When we decided to build a Live Video gaming platform, the best example of Live Video at scale was Chatroulette, and it was full of porn. At the time, 1 out of every 10 video streams on Chatroulette was obscene. Chatroulette was growing in part because it was obscene—it was the accident victim and the public was the rubbernecker. Chatroulette’s traffic peaked in March 2010—the same month that Jon Stewart screamed into the camera “I hate Chatroulette!” to end a segment that would be the service’s high water mark. While we were bothered by the content, the visceral social experience that Chatroulette represented was compelling. We loved the serendipity of the Next button, and set out to build a service that would allow the promise of the Next button to be realized. A lot of our effort went into matching users based on location, age, and gender in real time while building out a gaming-platform to give them something to do beyond chat. Since launching in January 2011, we’ve grown to 750,000 video chats a day with 100 times less nudity than Chatroulette a year ago. Q: How did you do it? The core of our abuse-prevention approach is a system that enables us to capture and analyze thousands of images a second from the hundreds of thousands of daily streams. We sample the video streams of users at random, frequent intervals and then conduct processing—both human and algorithmic—on the resulting images. Q: What did you find out from this process? One early finding was that images with faces are 5 times less likely to contain nudity than images without faces. If you’ve ever used Chatroulette, this will make sense as the most common pornography encountered there contains a body part other than, ahem, the face. This is useful information because open-source facial recognition is relatively advanced while other-body-part detection is much less so. As a result, it is possible to use the presence of a face to limit some of the human review problem. Q: Does the fact that there’s a face in an image mean it’s free of porn? The mere presence of a face does not make an image clean. In fact, around 20% of nudity-containing streams also contain a face. However, with a lot of effort and additional processing logic including many factors like chat reputation, social graph, motion, etc., we’ve made the presence of a face helpful in determining “safe” images. Of course “safe” images may themselves be a false negative, and so we do human sampling of these images at a lower sample rate than images not marked “safe.” Q: What happens once a human steps in? The heart of our human-powered solution is a two-tiered image review organization that enables each individual reviewer to scan 400 images a minute looking for abusive content. Both groups are 24 x 7 x 365. Our goal is to be no more than 5 minutes delayed in reviewing streams. We have a zero tolerance policy. If two reviewers deem your behavior inappropriate, your account is removed and you are banned from the site forever. Based on our findings, we believe purely algorithmic approaches to moderation will never provide adequate safety. Q: How does this compare to what Chatroulette is doing? As our product has grown, we’ve noticed Chatroulette make some progress in reducing their nudity problem as well. On a recent night, a review of 1,500 Chatroulette video streams yielded a 1.9% abuse rate—or roughly a 1 in 50 chance of encountering nudity on any click of the Next button. This compares to a less than 1 in 1000 chance on myYearbook. Q: Why the order-of-magnitude discrepancy? myYearbook requires a login. While much has been made of Facebook Connect as an identity-layer that will discourage abuse, we don’t believe the identity aspect plays much of a role per se. Someone who is interested in taking down their pants will do it even on their iPhone in the now-banned iChatr app, which was quickly overrun by abuse, despite the fact that every phone can easily identify you uniquely. The more salient aspect is that there be any login. Q: What difference does a login make? So long as there is any login, a user’s device can be blocked—and we’ve found people who take down their pants for strangers generally lack a certain je ne sais quoi when it comes to circumventing security systems—unlike, say, spammers. We use a technology called Threatmetrix to fingerprint devices and ban both the user and their physical device when we detect abuse. Threatmetrix helps provide the teeth of our zero-tolerance policy. Q: Couldn’t you do this with photos also? Our system for reviewing live video has proven so successful that we are now actively engaged in bringing a similar system to bear on every photo uploaded to myYearbook. In a few months time, we will have perfect insight into every image being posted to the service, and we believe we can make incremental gains there as well by fundamentally turning a report-based system into a pro-active system. Eradicating abuse from user-generated content is a never-ending, human-and-machine-intensive problem that may well spell the difference between success and failure, especially when you are dealing with live video. http://techcrunch.com/2011/04/23/geo...-porn-problem/ Innocent Man Accused Of Child Pornography After Neighbor Pirates His WiFi Carolyn Thompson Lying on his family room floor with assault weapons trained on him, shouts of "pedophile!" and "pornographer!" stinging like his fresh cuts and bruises, the Buffalo homeowner didn't need long to figure out the reason for the early morning wake-up call from a swarm of federal agents. That new wireless router. He'd gotten fed up trying to set a password. Someone must have used his Internet connection, he thought. "We know who you are! You downloaded thousands of images at 11:30 last night," the man's lawyer, Barry Covert, recounted the agents saying. They referred to a screen name, "Doldrum." "No, I didn't," he insisted. "Somebody else could have but I didn't do anything like that." "You're a creep ... just admit it," they said. Law enforcement officials say the case is a cautionary tale. Their advice: Password-protect your wireless router. Plenty of others would agree. The Sarasota, Fla. man, for example, who got a similar visit from the FBI last year after someone on a boat docked in a marina outside his building used a potato chip can as an antenna to boost his wireless signal and download an astounding 10 million images of child porn, or the North Syracuse, N.Y., man who in December 2009 opened his door to police who'd been following an electronic trail of illegal videos and images. The man's neighbor pleaded guilty April 12. For two hours that March morning in Buffalo, agents tapped away at the homeowner's desktop computer, eventually taking it with them, along with his and his wife's iPads and iPhones. Within three days, investigators determined the homeowner had been telling the truth: If someone was downloading child pornography through his wireless signal, it wasn't him. About a week later, agents arrested a 25-year-old neighbor and charged him with distribution of child pornography. The case is pending in federal court. It's unknown how often unsecured routers have brought legal trouble for subscribers. Besides the criminal investigations, the Internet is full of anecdotal accounts of people who've had to fight accusations of illegally downloading music or movies. Whether you're guilty or not, "you look like the suspect," said Orin Kerr, a professor at George Washington University Law School, who said that's just one of many reasons to secure home routers. Experts say the more savvy hackers can go beyond just connecting to the Internet on the host's dime and monitor Internet activity and steal passwords or other sensitive information. A study released in February provides a sense of how often computer users rely on the generosity – or technological shortcomings – of their neighbors to gain Internet access. The poll conducted for the Wi-Fi Alliance, the industry group that promotes wireless technology standards, found that among 1,054 Americans age 18 and older, 32 percent acknowledged trying to access a Wi-Fi network that wasn't theirs. An estimated 201 million households worldwide use Wi-Fi networks, according to the alliance. The same study, conducted by Wakefield Research, found that 40 percent said they would be more likely to trust someone with their house key than with their Wi-Fi network password. For some, though, leaving their wireless router open to outside use is a philosophical decision, a way of returning the favor for the times they've hopped on to someone else's network to check e-mail or download directions while away from home . "I think it's convenient and polite to have an open Wi-Fi network," said Rebecca Jeschke, whose home signal is accessible to anyone within range. "Public Wi-Fi is for the common good and I'm happy to participate in that – and lots of people are," said Jeschke, a spokeswoman for the Electronic Frontier Foundation, a San Francisco-based nonprofit that takes on cyberspace civil liberties issues. Experts say wireless routers come with encryption software, but setting it up means a trip to the manual. The government's Computer Emergency Readiness Team recommends home users make their networks invisible to others by disabling the identifier broadcasting function that allows wireless access points to announce their presence. It also advises users to replace any default network names or passwords, since those are widely known, and to keep an eye on the manufacturer's website for security patches or updates. People who keep an open wireless router won't necessarily know when someone else is piggybacking on the signal, which usually reaches 300-400 feet, though a slower connection may be a clue. For the Buffalo homeowner, who didn't want to be identified, the tip-off wasn't nearly as subtle. It was 6:20 a.m. March 7 when he and his wife were awakened by the sound of someone breaking down their rear door. He threw a robe on and walked to the top of the stairs, looking down to see seven armed people with jackets bearing the initials I-C-E, which he didn't immediately know stood for Immigration and Customs Enforcement. "They are screaming at him, 'Get down! Get down on the ground!' He's saying, 'Who are you? Who are you?'" Covert said. "One of the agents runs up and basically throws him down the stairs, and he's got the cuts and bruises to show for it," said Covert, who said the homeowner plans no lawsuit. When he was allowed to get up, agents escorted him and watched as he used the bathroom and dressed. The homeowner later got an apology from U.S. Attorney William Hochul and Immigration and Customs Enforcement Special Agent in Charge Lev Kubiak. But this wasn't a case of officers rushing into the wrong house. Court filings show exactly what led them there and why. On Feb. 11, an investigator with the Department of Homeland Security, which oversees cybersecurity enforcement, signed in to a peer-to-peer file sharing program from his office. After connecting with someone by the name of "Doldrum," the agent browsed through his shared files for videos and images and found images and videos depicting children engaged in sexual acts. The agent identified the IP address, or unique identification number, of the router, then got the service provider to identify the subscriber. Investigators could have taken an extra step before going inside the house and used a laptop or other device outside the home to see whether there was an unsecured signal. That alone wouldn't have exonerated the homeowner, but it would have raised the possibility that someone else was responsible for the downloads. After a search of his devices proved the homeowner's innocence, investigators went back to the peer-to-peer software and looked at logs that showed what other IP addresses Doldrum had connected from. Two were associated with the State University of New York at Buffalo and accessed using a secure token that UB said was assigned to a student living in an apartment adjacent to the homeowner. Agents arrested John Luchetti March 17. He has pleaded not guilty to distribution of child pornography. Luchetti is not charged with using his neighbor's Wi-Fi without permission. Whether it was illegal is up for debate. "The question," said Kerr, "is whether it's unauthorized access and so you have to say, 'Is an open wireless point implicitly authorizing users or not?' "We don't know," Kerr said. "The law prohibits unauthorized access and it's just not clear what's authorized with an open unsecured wireless." In Germany, the country's top criminal court ruled last year that Internet users must secure their wireless connections to prevent others from illegally downloading data. The court said Internet users could be fined up to $126 if a third party takes advantage of their unprotected line, though it stopped short of holding the users responsible for illegal content downloaded by the third party. The ruling came after a musician sued an Internet user whose wireless connection was used to download a song, which was then offered on an online file sharing network. The user was on vacation when the song was downloaded. http://www.huffingtonpost.com/2011/0..._n_852996.html Researchers Propose New Steganography System for Hiding Data Dennis Fisher A group of researchers has developed a new application that can hide sensitive data on a hard drive without encrypting it or leaving any obvious signs that the data is present. The new steganography system relies on the old principle of hiding valuables in plain sight. Developed by a group of academic researchers in the U.S. and Pakistan, the system can be used to embed secret data in existing structures on a given HDD by taking advantage of the way that file systems are designed and implemented. The software does this by breaking a file to be hidden into a number of fragments and placing the individual pieces in clusters scattered around the hard drive. The method is the work of Hassan Khan, Mobin Javed, Syed Ali Khayam and Fauzan Mirza of the University of Southern California and the National University of Science and Technology in Pakistan. The authors estimate that it would be feasible to hide about 20 MB of data on a typical 160 GB HDD. "In this paper, we present a new, plausible deniability approach to store sensitive information on a cluster-based filesystem. Under the proposed approach, a covert channel is used to encode the sensitive information by modifying the fragmentation patterns in the cluster distribution of an existing file. As opposed to existing schemes, the proposed covert channel does not require storage of any additional information on the filesystem. Moreover, the channel provides two-fold plausible deniability so that an investigator without the key cannot prove the presence of hidden information," the authors wrote in their paper, "Designing a Cluster-Based Covert Channel to Evade Disk Investigation and Forensics." Right now, most users who are interested in keeping some amount of data on their computers secret turn to encryption software. Modern cryptosystems are very effective at preventing adversaries from reading the encrypted data, but they're not so good at hiding the presence of that data. Forensic techniques can easily identify encrypted files and attackers can then use other means to perhaps force a user into divulging the secret key to decrypt them. The method that Khan and his colleagues developed avoids this problem by hiding small pieces of a sensitive file various random places on a hard drive. The authors' system has the added advantage of allowing a user to truthfully deny that there is any hidden data on the system, as the sensitive files are not actually hidden but rather dispersed in pieces. In the paper, the researchers use their approach to embed a file on a FAT32 file system commonly used on Windows PCs. "In order to hide a binary message, a cluster is chained with a consecutive cluster if the bit encountered in the message is similar to the previous bit and a cluster is chained with a non-consecutive cluster if the message bit is different from the previous message bit. The implementation of proposed covert channel requires modification of the starting cluster of a file in the directory entry table and modification of the FAT structure. If the simple FAT structure’s chaining is maintained, the filesystem remains in a consistent state," they say in the paper. The authors acknowledge that their approach may cause a small performance degradation on a system, but not enough to be an issue. In their paper, Khan and his co-authors lay out several different approaches to implementing their method, some of which require that the sender and the recipient know some shared secret. https://threatpost.com/en_us/blogs/r...ng-data-042511 Filtering the Social Web to Present News Items Claire Cain Miller News events as varied as the commercial jet landing in the Hudson River and the uprisings in Egypt have demonstrated that people armed with cellphones — not professional reporters — are often the first source of breaking news, uploading Twitter posts, photos and video to the Web. But the result can leave people drowning in too much information. A Web start-up named Storify, which opens to the public Monday, aims to help journalists and others collect and filter all this information. Using the Storify Web site, people can find and piece together publicly available content from Twitter, Flickr, Facebook, YouTube and other sites. They can also add text and embed the resulting collages of content on their own sites. During a private test period, reporters from The Washington Post, NPR, PBS and other outlets used the service. Storify, based in San Francisco, is one of several Web start-ups — including Storyful, Tumblr and Color — that are developing ways to help journalists and others sift through the explosion of online content and publish the most relevant information. Investors are also betting there is a market for filtering the social Web for high-quality posts. Khosla Ventures has invested $2 million in Storify. Even though journalists may not be the first on the scene, they select the most reliable sources, digest loads of information and provide context for events, said Burt Herman, a founder of Storify and a longtime Associated Press reporter. “We have so many real-time streams now, we’re all drowning,” Mr. Herman said. “So the idea of Storify is to pick out the most important pieces, amplify them and give them context.” Al Jazeera English introduced a talk show, “The Stream,” which appeared online last week and will be televised in May, that collects perspectives from social media using Storify. A recent item on the fear of Islam in the United States, for instance, included YouTube videos, Twitter posts and paragraphs from essays on Web sites and blogs. “Storify is essentially our script,” said Ahmed Shihab Eldin, a producer and host of “The Stream.” “We knew we basically needed to capitalize on the reality that the industry is facing, which is that we no longer have exclusivity on sharing and publishing information.” Andy Carvin, NPR’s one-man encyclopedia on Twitter for the uprisings across the Middle East and northern Africa, first used Storify to cover the shooting of Representative Gabrielle Giffords, when he realized that the reaction to the event was a story itself. “It quickly evolved into looking at how people were discussing the media coverage surrounding it and its potential political impact,” said Mr. Carvin, senior strategist on NPR’s social media desk. “There’s a big need for tools that allow people to collect bits of social media context and organize them in some fashion.” The tools will remain free, but Storify will consider selling ads or charging brands to use the service, said Xavier Damman, a Storify founder. Levi’s and Samsung have already used it for marketing campaigns. Mr. Herman started Storify with Mr. Damman, who is an engineer. Mr. Herman also founded Hacks/Hackers, a group for journalists and engineers with chapters worldwide. “We’re really trying to put together computer science plus storytelling and journalism to think creatively about how you can blend the two worlds,” he said. https://www.nytimes.com/2011/04/25/t...25storify.html Anyone Can Take Down Facebook Pages with a Fake Email Address Sarah Perez Something strange has been happening to several popular Facebook pages in recent weeks: they've disappeared. According to the affected page owners, they're victims of bogus DMCA claims. The DMCA, or Digital Millennium Copyright Act, is a piece of (arguably broken) legislation which allows copyright owners to protect their copyrighted works from infringement. Over the years, it's been used to remove content from Google's search index, from YouTube and Yahoo Video, and by entities like Major League Baseball, record labels, doctors who don't like bad reviews, software companies, and many, many others, in opposition to what most would claim is "fair use" of such content. But while the DMCA has a long history of misuse, or perhaps, heavy-handed use, the law itself is not the main concern here with these Facebook pages' takedowns - it's Facebook's process for handling such complaints. Because the social network does not validate the identity of anyone submitting a DMCA takedown notice, nor does it check to see if the report was sent from a legitimate email address, anyone with an ax to grind can fill out a form with bogus information to see a Facebook Page disappear, sometimes for good. Tech Blogs are Latest Victims This has happened recently to several websites, including some which may be familiar to ReadWriteWeb readers: RedmondPie, Neowin and Ars Technica. We've come across others, too, like the Pakistan-based Rewriting Technology, for example, which proves that this is not just a U.S.-based problem. In many cases, the pages have been taken down multiple times. Typically, the process for handling copyright infringement claims involves the copyright owner submitting a claim to the entity (in this case, Facebook) about the infringing content. The entity, removes the content immediately and informs the entity who had posted the content it had been removed and why. If this was a mistake, the person or organization who had posted the infringing content then has to contact the complaining party directly to resolve the issue. The hosting provider is not involved in resolving the dispute, and is protected by the safe harbor portion of the DMCA from being liable for having allowed the content to be uploaded in the first place. This is Facebook's general process as well. On the form it provides here (https://www.facebook.com/legal/copyr...ight_notice=1), the copyright holder has to provide their name, mailing address, telephone, email and details of the infringement. Facebook Does Not Verify Identity of Submitter, Not Even the Email However, what Facebook does not do is verify whether or not any of that contact information is accurate. While doing so may be an administrative burden the network could not afford, it does not even take the simple step of verifying the reporter's email address is valid. Scam artists, as you may have guessed, have discovered this loophole. In one case, with Hamard Dar's Rewriting Technology site, the page went down for over a month. Dar says he was targeted for money. "He wanted me to pay him...to get the page back," he told us. Dar didn't go for that option, however, because there was no guarantee the scammer would return the page once paid. Instead, Dar ran his own personal investigation until he discovered the person involved and threatened him to withdraw the complaint, saying he would report him to U.S. cyber crime enforcement (the scam artist lives in Chicago). The page was then returned. Damage to Brand Reputation In RedmondPie's case, after its original Facebook page was disabled, leaving over 70,000 Facebook fans in the lurch, a new, fake RedmondPie Facebook page came online, promising its Facebook fans free iPads. Not only was this a loss on Redmond Pie's part, the resulting action greatly damaged the site's brand reputation. We asked Facebook about these situations and a spokesperson told us the company takes all IP claims seriously. It provided us with the following statement: We want Facebook to be a place where people can share and discuss openly while respecting the rights of others. We take seriously both the interests of people who post content and those of rights holders. We work to ensure that we don't take content down as a result of fraudulent notices. However, when a rights holder properly completes our notice form alleging intellectual property (IP) infringement, we will take appropriate action including removing or disabling access to the relevant content. When we do this, we notify the person who shared the content so he or she can take appropriate action, which may include contacting the reporting party or following up with Facebook. Submitting an IP notice is no trivial matter. The forms in our Help Center require statements under penalty of perjury, and fraudulent claims are subject to legal process. Facebook Could Do More But Facebook isn't doing enough to protect these victims, says Graham Cluley, a security research at Sophos, who has previous experience documenting Facebook scams. Facebook could set a higher bar for complainants to jump over, he said. For instance, they could confirm that the email address being used is "legitimate and contactable," he suggested. Facebook could do this easily simply by replying to the email, and requesting the complainant to click on a link to prove they really did sent the email, for example. Facebook could also choose to insist that throwaway email addresses (e.g. Hotmail, Gmail, Yahoo, etc.) cannot be used for these sorts of complaints - that a domain name associated with the brand which claims to being breached is used instead, says Cluley. Or it could even request these claims were sent in on headed letter paper via snail mail or fax. Dirk Knop, a Technical Editor at security firm Avira, agreed with Cluley, saying, "reacting blindly without verifying whether the sender of the complaint even really exists and uses an existing email address is not how it should be done." He said Facebook needs to "react fast and correct this error." That said, neither Cluley, Knop, nor two other researchers at security firms we contacted were aware of this sort of fake takedown notice being used in scams or for spamming purposes, nor was it known to be a common cybercrime trend. No Recourse for Page Owners Without Lawyers But Ars Technica, which is now the most recent victim, notes this problem has been around for some time. Last year, for example, sex blogger Violet Blue's Facebook page was taken down through similar fake claims. To make matters worse, when the targeted individuals are public figures or small-time bloggers, without access to the legal counsel Facebook recommends they use to resolve the matter, they have almost no recourse in resolving the problem. Here's what a typical Facebook response to an innocent victim suggests: While we appreciate your concerns, as we hope you can understand, we are not in a position to adjudicate disputes between third parties. When we receive an allegation of infringement, or a suitable report of a violation of our Statement of Rights and Responsibilities, our procedures require that we take action appropriate to the report. If you believe these reports are not being made in good faith or are inaccurate, we suggest you or your legal counsel contact the complaining party to discuss this further. If the reporting party withdraws their complaint or you prevail in court, we would be happy to follow up about restoring the removed material. But when the complaining party is a ghost, page restoration is difficult, if not impossible. We've seen several of these form emails from Facebook, and they seem to be automated responses, or, at best, form letters, despite being signed with a "real" Facebook employee's name. In some cases, the form letter writer appears to have no knowledge of actions being taken by another Facebook employee, such as is the case when the victim "knows someone at Facebook" who is helping. This leads to even more confusion in what's already a complex situation. How to Protect Yourself For what it's worth, Dar says he found a workaround that allows legitimate page owners to protect themselves until Facebook's policy changes: submit a claim against yourself. Once it's taken down, ask Facebook for support in migrating your fans to a new page. When the migration is complete, you can use the new page safely. If anyone ever reports the page again, you can use your first complaint as proof that the page is yours. "I know it's crazy," he says. But it worked for him. However, other sources say Facebook has stopped assisting in the migration of fans. There is no way for a page owner to manually migrate fans, either. In other words, this workaround may be iffy and ill-advised. We asked Facebook why it didn't validate email addresses, but the spokesperson never responded to that question directly. http://www.readwriteweb.com/archives..._addres s.php The Really Smart Phone Researchers are harvesting a wealth of intimate detail from our cellphone data, uncovering the hidden patterns of our social lives, travels, risk of disease—even our political views. Robert Lee Hotz Apple and Google may be intensifying privacy concerns by tracking where and when people use their mobile phones—but the true future of consumer surveillance is taking shape inside the cellphones at a weather-stained apartment complex in Cambridge, Mass. For almost two years, Alex Pentland at the Massachusetts Institute of Technology has tracked 60 families living in campus quarters via sensors and software on their smartphones—recording their movements, relationships, moods, health, calling habits and spending. In this wealth of intimate detail, he is finding patterns of human behavior that could reveal how millions of people interact at home, work and play. Through these and other cellphone research projects, scientists are able to pinpoint "influencers," the people most likely to make others change their minds. The data can predict with uncanny accuracy where people are likely to be at any given time in the future. Cellphone companies are already using these techniques to predict—based on a customer's social circle of friends—which people are most likely to defect to other carriers. A wave of ambitious social-network experiments is underway in the U.S. and Europe to track our movements, probe our relationships and, ultimately, affect the individual choices we all make. WSJ's Robert Lee Hotz reports. The data can reveal subtle symptoms of mental illness, foretell movements in the Dow Jones Industrial Average, and chart the spread of political ideas as they move through a community much like a contagious virus, research shows. In Belgium, researchers say, cellphone data exposed a cultural split that is driving a historic political crisis there. And back at MIT, scientists who tracked student cellphones during the latest presidential election were able to deduce that two people were talking about politics, even though the researchers didn't know the content of the conversation. By analyzing changes in movement and communication patterns, researchers could also detect flu symptoms before the students themselves realized they were getting sick. "Phones can know," said Dr. Pentland, director of MIT's Human Dynamics Laboratory, who helped pioneer the research. "People can get this god's-eye view of human behavior." So far, these studies only scratch the surface of human complexity. Researchers are already exploring ways that the information gleaned from mobile phones can improve public health, urban planning and marketing. At the same time, researchers believe their findings hint at basic rules of human interaction, and that poses new challenges to notions of privacy. "We have always thought of individuals as being unpredictable," said Johan Bollen, an expert in complex networks at Indiana University. "These regularities [in behavior] allow systems to learn much more about us as individuals than we would care for." Today, almost three-quarters of the world's people carry a wireless phone. That activity generates immense commercial databases that reveal the ways we arrange ourselves into networks of power, money, love and trust. The patterns allow researchers to see past our individual differences to forms of behavior that shape us in common. As a tool for field research, the cellphone is unique. Unlike a conventional land-line telephone, a mobile phone usually is used by only one person, and it stays with that person everywhere, throughout the day. Phone companies routinely track a handset's location (in part to connect it to the nearest cellphone tower) along with the timing and duration of phone calls and the user's billing address. Typically, the handset logs calling data, messaging activity, search requests and online activities. Many smartphones also come equipped with sensors to record movements, sense its proximity to other people with phones, detect light levels, and take pictures or video. It usually also has a compass, a gyroscope and an accelerometer to sense rotation and direction. What They Know Advances in statistics, psychology and the science of social networks are giving researchers the tools to find patterns of human dynamics too subtle to detect by other means. At Northeastern University in Boston, network physicists discovered just how predictable people could be by studying the travel routines of 100,000 European mobile-phone users. After analyzing more than 16 million records of call date, time and position, the researchers determined that, taken together, people's movements appeared to follow a mathematical pattern. The scientists said that, with enough information about past movements, they could forecast someone's future whereabouts with 93.6% accuracy. The pattern held true whether people stayed close to home or traveled widely, and wasn't affected by the phone user's age or gender. "For us, people look like little particles that move in space and that occasionally communicate with each other," said Northeastern physicist Albert-Laszlo Barabasi, who led the experiment. "We have turned society into a laboratory where behavior can be objectively followed." Only recently have academics had the opportunity to study commercial cellphone data. Until recently, most cellphone providers saw little value in mining their own data for social relationships, researchers say. That's now changing, although privacy laws restrict how the companies can share their records. Several cellphone companies in Europe and Africa lately have donated large blocks of calling records for research use, with people's names and personal details stripped out. "For the scientific purpose, we don't care who the people are," said medical sociologist Nicholas Christakis at Harvard University, who is using phone data to study how diseases, behavior and ideas spread through social networks, and how companies can use these webs of relationships to influence drug marketing and health-care decisions. His work focuses on "social contagion"—the idea that our relationships with people around us, which are readily mapped through cellphone usage, shape our behavior in sometimes unexpected ways. By his calculation, for instance, obesity is contagious. So is loneliness. Even though the cellphone databases are described as anonymous, they can contain revealing personal details when paired with other data. A recent lawsuit in Germany offered a rare glimpse of routine phone tracking. Malte Spitz, a Green party politician, sued Deutsche Telekom to see his own records as part of an effort by Mr. Spitz to highlight privacy issues. In a six-month period, the phone company had recorded Mr. Spitz's location more than 35,000 times, according to data Mr. Spitz released in March. By combining the phone data with public records, the news site Zeit Online reconstructed his daily travels for months. In recent days, Apple Inc. triggered privacy alarms with the news that its iPhones automatically keep a database of the phone's location stretching back for months. On Friday, The Wall Street Journal reported that both Apple and Google Inc. (maker of the Android phone operating system) go further than that and in fact collect location information from their smartphones. A test of one Android phone showed that it recorded location data every few seconds and transmitted it back to Google several times an hour. Google and Apple have said the data transmitted by their phones is anonymous and users can turn off location sharing. "We can quantify human movement on a scale that wasn't possible before," said Nathan Eagle, a research fellow at the Santa Fe Institute in New Mexico who works with 220 mobile-phone companies in 80 countries. "I don't think anyone has a handle on all the ramifications." His largest single research data set encompasses 500 million people in Latin America, Africa and Europe. Among other things, Mr. Eagle has used the data to determine how slums can be a catalyst for a city's economic vitality. In short, slums provide more opportunities for entrepreneurial activity than previously thought. Slums "are economic springboards," he said. Cellphone providers are openly exploring other possibilities. By mining their calling records for social relationships among customers, several European telephone companies discovered that people were five times more likely to switch carriers if a friend had already switched, said Mr. Eagle, who works with the firms. The companies now selectively target people for special advertising based on friendships with people who dropped the service. At AT&T, a research team led by Ramon Caceres recently amassed millions of anonymous call records from hundreds of thousands of mobile-phone subscribers in New York and Los Angeles to compare commuting habits in the two metropolitan areas. Dr. Caceres, a lead scientist at AT&T Labs in Florham Park, N.J., wanted to gauge the potential for energy conservation and urban planning. "If we can prove the worth of this work, you can think of doing it for all the world's billions of phones," he said. Thousands of smartphone applications, or "apps," already take advantage of a user's location data to forecast traffic congestion, rate restaurants, share experiences and pictures, or localize radio channels. Atlanta-based AirSage Inc. routinely tracks the movements of millions of cellphones to generate live traffic reports in 127 U.S. cities, processing billions of anonymous data points about location every day. As more people access the Internet through their phones, the digital universe of personal detail funneled through these handsets is expanding rapidly, and so are ways researchers can use the information to gauge behavior. Dr. Bollen and his colleagues, for example, found that the millions of Twitter messages sent via mobile phones and computers every day captured swings in national mood that presaged changes in the Dow Jones index up to six days in advance with 87.6% accuracy. The researchers analyzed the emotional content of words used in 9.7 million of the terse 140-character text messages posted by 2.7 million tweeters between March and December 2008. As Twitter goes, so goes the stock market, the scientists found. "It is not just about observing what is happening; it is about shaping what is happening," said Dr. Bollen. "The patterns are allowing us to learn how to better manipulate trends, opinions and mass psychology." Some scientists are taking advantage of the smartphone's expanding capabilities to design Android and iPhone apps, which they give away, to gather personal data. In this way, environmental economist George MacKerron at the London School of Economics recruited 40,000 volunteers through an iPhone app he designed, called Mappiness, to measure emotions in the U.K. At random moments every day, his iPhone app prompts the users to report their moods, activities, and surroundings. The phone also automatically relays the GPS coordinates of the user's location and rates nearby noise levels by using the unit's microphone. It asks permission to photograph the locale. By early April, volunteers had filed over two million mood reports and 200,000 photographs. Publicly, Mr. MacKerron uses their data to chart the hour-by-hour happiness level of London and other U.K. cities on his website. By his measure, the U.K.'s happiest time is 8 p.m. Saturday; its unhappiest day is Tuesday. Perhaps less surprisingly, people are happiest when they are making love and most miserable when sick in bed. The most despondent place in the U.K. is an hour or so west of London, in a town called Slough. On a more scholarly level, Mr. MacKerron is collecting the information to study the relationship between moods, communities and the places people spend time. To that end, Mr. MacKerron expects to link the information to weather reports, online mapping systems and demographics databases. Several marketing companies have contacted him to learn whether his cellphone software could help them find out how people feel when they are, for instance, near advertising billboards or listening to commercial radio, he said. Mr. MacKerron said he's tempted—but has promised his users that their personal information will be used only for scholarly research. "There is a phenomenal amount of data we can collect with very little effort," he said. Some university researchers have begun trolling anonymous billing records encompassing entire countries. When mathematician Vincent Blondel studied the location and billing data from one billion cellphone calls in Belgium, he found himself documenting a divide that has threatened his country's ability to govern itself. Split by linguistic differences between a Flemish-speaking north and a French-speaking south, voters in Belgium set a world record this year, by being unable to agree on a formal government since holding elections last June. Belgium's political deadlock broke a record previously held by Iraq. The calling patterns from 600 towns revealed that the two groups almost never talked to each other, even when they were neighbors. This social impasse, as reflected in relationships documented by calling records, "had an impact on the political life and the discussions about forming a government," said Dr. Blondel at the Catholic University of Louvain near Brussels, who led the research effort. The MIT smartphone experiment is designed to delve as deeply as possible into daily life. For his work, Dr. Pentland gave volunteers free Android smartphones equipped with software that automatically logged their activities and their proximity to other people. The participants also filed reports on their health, weight, eating habits, opinions, purchases and other personal information, so the researchers could match the phone data to relationships and behavior. The current work builds on his earlier experiments, beginning in 2004, conducted in an MIT dormitory that explored how relationships influence behavior, health, eating habits and political views. Dr. Pentland and his colleagues used smartphones equipped with research software and sensors to track face-to-face encounters among 78 college students in a dorm during the final three months of the 2008 presidential election. Every six minutes, each student's phone scanned for any other phone within 10 feet, as a way to identify face-to-face meetings. Among other things, each phone also reported its location and compiled an anonymous log of calls and text messages every 20 minutes. All told, the researchers compiled 320,000 hours of data about the students' behavior and relationships, buttressed by detailed surveys. "Just by watching where you spend time, I can say a lot about the music you like, the car you drive, your financial risk, your risk for diabetes. If you add financial data, you get an even greater insight," said Dr. Pentland. "We are trying to understand the molecules of behavior in this really complete way." Almost a third of the students changed their political opinions during the three months. Their changing political ideas were related to face-to-face contact with project participants of differing views, rather than to friends or traditional campaign advertising, the analysis showed. "We can measure their daily exposure to political opinions," said project scientist Anmol Madan at MIT's Media Lab. "Maybe one day, you would be able to download a phone app to measure how much Republican or Democratic exposure you are getting and, depending on what side you're on, give you a warning." As a reward when the experiment was done, the students were allowed to keep the smartphones used to monitor them. http://online.wsj.com/article/SB1000...679848814.html Congress Deepens Apple Location Tracking Probe Jasmin Melvin Lawmakers extended their probe into location tracking on mobile devices this week, asking Apple Inc and other developers to divulge how they use location data and scheduling a separate hearing on mobile privacy. The House Energy and Commerce Committee sent letters to top mobile device operating system developers on Monday seeking information on the location data used by their smartphones, tablets and other wireless devices. Lawmakers in the Senate will take on mobile privacy concerns in a hearing on May 10 slated to be the first topic the new judiciary subcommittee on privacy, technology and the law will tackle. "The same technology that has given us smartphones, tablets and cell phones has also allowed these devices to gather extremely sensitive information about users, including detailed records of their daily movements and location," said Senator Al Franken, chairman of the new subcommittee. Franken has asked representatives from Apple and Google Inc to testify at the hearing. Mobile privacy was explored by the last Congress, but the issue took the spotlight recently when reports revealed the latest versions of Apple's mobile operating system -- iOS version 4.0 and later -- might track users' movements. In a letter to Apple Chief Executive Steve Jobs, House lawmakers sought a better understanding of reports that suggest a history of locations visited by iPhone, iPad and iPod touch users is compiled and stored on their devices, as well as in the backup files created when syncing with iTunes. Similar letters were sent to the chief executives of Google, Microsoft Corp, Nokia Corp, Research in Motion Ltd and Hewlett-Packard Co, asking for a response by May 9. Legislators are investigating whether privacy provisions of current communications laws can and should be applied to mobile device developers. The companies are asked what location data their devices store, for how long and why. Other questions include how the data is protected and whether the user is aware and can opt out of such tracking. Energy and Commerce Committee Chairman Fred Upton signed the letters, along with top committee Republicans Greg Walden, Lee Terry, Mary Bono Mack and Marsha Blackburn. (Reporting by Jasmin Melvin; editing by Andre Grenon) http://www.reuters.com/article/2011/...73P72V20110426 Lawmakers: Extend Privacy Codes to App Makers Jasmin Melvin Mobile privacy safeguards should also extend to third-party application developers, two lawmakers said after reviewing the practices of four major U.S. wireless carriers. Representatives Edward Markey and Joe Barton, co-chairs of the House Bi-Partisan Privacy Caucus, released on Thursday letters they received from Verizon Wireless, AT&T Inc, Sprint Nextel Corp and T-Mobile in response to their inquiries last month about the collection, use and storage of location data. The letters showed the wireless carriers generally asked customers before accessing their location data. But developers of popular mobile phone applications were less than forthcoming about their tracking. "Third-party developers can access the location of customers any time they want," Barton said. "They shouldn't have free reign over your location data and personally identifiable information." Markey echoed this sentiment, saying consumer privacy protections must apply "across the entire wireless ecosystem -- from wireless carriers, to mobile handset makers, to application developers." Markey and Barton grew concerned about location tracking after media reports found that Deutsche Telekom AG tracked the exact coordinates of a German politician using its service over a six-month period. More recently Apple Inc has been caught in a firestorm that has broken out over whether it is monitoring the whereabouts of its customers, promising to adjust the mobile software to store less location data. Google Inc, a fierce competitor of Apple in mobile computing, has also faced sharp criticism over reports that Android-based phones track the locations of users. Senate Commerce Committee Chairman Jay Rockefeller will hold a hearing in May on consumer protection and privacy in the mobile marketplace. Senator Al Franken said on Thursday both Google and Apple would attend his May 10 hearing, the first by the new Senate judiciary subcommittee on privacy, technology and the law. It is unclear if this legislative scrutiny will lead to strict new privacy laws that will include app developers. "You'll see Congress give it a lot of attention, but it's still going to be difficult to get comprehensive privacy legislation out of this Congress," Medley Global Advisors analyst Jeffrey Silva said. (Reporting by Jasmin Melvin; editing by Andre Grenon) http://www.reuters.com/article/2011/...73R73Q20110428 TomTom User Data Sold to Dutch Police, Used to Determine Ideal Locations for Speed Traps Tim Stevens We like it when the accumulated speed data from GPS devices helps us avoid traffic incidents and school zones. As it turns out, though, there are some other uses for the same stats. Dutch news outlet AD is reporting that such data captured by TomTom navigation devices has been purchased by the country's police force and is being used to determine where speed traps and cameras should be placed. TomTom was reportedly unaware its data was being used in such a way, but if the police would only agree to sell the data on the location of its speed cameras and traps back to TomTom, why, this could be the beginning of a beautiful relationship. http://www.engadget.com/2011/04/27/t...termine-ideal/ Data Privacy, Put to the Test Natasha Singer BIG OIL. Big Food. Big Pharma. To the catalog of corporate “bigs” that worry a lot of us little people, add this: Big Data. It was not a good week for those who guard their privacy. First, we learned that Apple and Google have been using our smartphones to collect location data. Then Sony acknowledged that its PlayStation network had been hacked — the latest in a string of troubling data breaches. You’d have to be living off the grid not to realize that just about everything there is to know about you — what you buy, where you go — is worth something to someone. And the more we live online, the more companies learn about us. But to what extent do others have a right to share and sell that information? That is the crux of a data-mining case that had arguments last Tuesday before the Supreme Court. The case, Sorrell v. IMS Health, is ostensibly about medical privacy: Vermont passed a law in 2007 that lets each doctor decide whether pharmacies can, for marketing purposes, sell prescription records linking him or her by name to the kinds and amounts of drugs prescribed. State legislators passed the law after the Vermont Medical Society said that such marketing intruded on doctors and could exert too much influence on prescriptions. But three health information firms, including IMS Health and Verispan, along with a pharmaceutical industry trade group, challenged the law, saying it restricted commercial free speech. Access to prescription records, IMS Health says, helps pharmaceutical companies market efficiently to doctors whose patients would most benefit from specific drugs. Now the justices are to decide whether the Vermont law is constitutional. But with the recent headlines about privacy invasion — the PlayStation hack followed a recent breach at the online marketing company Epsilon that exposed e-mail addresses of customers of Citibank, Walgreens, Target and other companies — the Vermont case is tapping into a much broader conversation about consumer protection and informed consent. The case raises questions about who is collecting, managing, storing, sharing and selling all that data. Just as important, privacy advocates say, it raises questions about whether data brokers are adequately safeguarding it. People generally don’t have much control over who collects and sells information about them. Moreover, says Christopher Calabrese, a legislative counsel at the American Civil Liberties Union, they also don’t even know the names of the data brokers who compile those electronic profiles. And, so, consumer advocates are setting their sights on Big Data. “Without government intervention, we may soon find the Internet has been transformed from a library and playground to a fishbowl,” Mr. Calabrese testified in March during a Senate hearing on consumer privacy, “and that we have unwittingly ceded core values of privacy and autonomy.” There are a few laws, like the Video Privacy Protection Act, that prohibit businesses from releasing personally identifiable records, like video rental histories, without customer consent. The Digital Advertising Alliance, a coalition of online marketing groups, introduced a program last year that notifies consumers about online tracking and allows them to opt out of advertising tailored to them. The Vermont law amounts to a kind of do-not-call option for doctors who may welcome visits from pharmaceutical sales reps but don’t want drug marketing based on their own prescription records. That marketing practice is possible because pharmacies, which are required by law to collect detailed information about prescriptions they fill, can sell doctor-specific prescription records to data brokers. (According to federal privacy regulations, personal information about patients, like names and addresses, must be removed before the records can be sold for marketing.) Firms like IMS Health then combine the records, and pharmaceutical reps often use them to tailor presentations to individual doctors. The central concern is privacy — of both doctors and their patients. While pharmacies remove the names of patients before selling the records, those names are replaced with unique codes that track patients over time from doctor to doctor, according to the Vermont complaint. That means data firms could create a profile that includes a person’s prescriptions as well as the names of the pharmacies and dates at which the person picked up the medications, says Latanya Sweeney, a visiting professor of computer science at Harvard. “It ends up building a detailed prescription profile of individuals,” says Professor Sweeney, whose research on data re-identification was cited by several briefs in the case. “Those extended profiles tend to be very unique.” The concern, she says, particularly in a small state like Vermont, is that a nameless prescription record could theoretically be enough to identify someone who might not want others to know that he takes, say, anti-depressants. Moreover, Professor Sweeney argues, data miners could collate those files with public information, like voter registration and hospital discharge records, to link prescriptions to specific people. Federal health privacy regulation, she says, does not protect patient records once they have been de-identified. Nor does the law prohibit re-identification. But IMS Health says it isn’t aware of any case of re-identifying patients whose prescription records were de-identified in accordance with federal rules. The company says it doubly encrypts each patient’s identity and gives the encryption keys to several third parties — meaning that no single entity can decode a file by itself, says Kimberly Gray, chief privacy officer at IMS Health. The company typically sells combined reports that show how many patients received a certain drug from a certain doctor, but not the specific drugstores those patients frequent, Ms. Gray says. IMS never uses public information or outside data sets to try to re-identify patients, she says, and when it does provide encoded patient histories to others for research purposes, it prohibits those third parties from making such attempts. “We would never want to re-identify someone,” Ms. Gray says. “No good can come from that.” Still, it is hard to prevent people from trying to re-identify patients, says Lee Tien, a staff lawyer at the Electronic Frontier Foundation, a digital civil liberties group that filed a brief in support of Vermont. It would be easier, he says, if Congress passed a law that went further than Vermont’s, giving people the right to consent before their encrypted prescription records were sold for marketing purposes. “In Vermont, the doctor can decide,” Mr. Tien says. “But we’d prefer it if the patient were able to say, ‘Don’t sell my data.’ ” https://www.nytimes.com/2011/05/01/b.../01stream.html Show Us the Data. (It’s Ours, After All.) Richard H. Thaler “NO one knows what I like better than I do.” This statement may seem self-evident, but the revolution in information technology has created a growing list of exceptions. Your grocery store knows what you like to eat and can probably make educated guesses about other foods you might enjoy. Your wireless carrier knows whom you call, and your phone may know where you’ve been. And your search engine can finish many of your thoughts before you are even done typing them. Companies are accumulating vast amounts of information about your likes and dislikes. But they are doing this not only because you’re interesting. The more they know, the more money they can make. The collection and dissemination of this information raises a host of privacy issues, of course, and the bipartisan team of Senators John Kerry and John McCain has proposed what it is calling the Commercial Privacy Bill of Rights to deal with many of them. Protecting our privacy is important, but the senators’ approach doesn’t tackle a broader issue: It doesn’t include the right to access data about ourselves. Not only should our data be secure; it should also be available for us to use for our own purposes. After all, it is our data. Here is a guiding principle: If a business collects data on consumers electronically, it should provide them with a version of that data that is easy to download and export to another Web site. Think of it this way: you have lent the company your data, and you’d like a copy for your own use. This month in Britain, the government announced an initiative along these lines called “mydata.” (I was an adviser on this project.) Although British law already requires companies to provide consumers with usage information, this program is aimed at providing the data in a computer-friendly way. The government is working with several leading banks, credit card issuers, mobile calling providers and retailers to get things started. To see how such a policy might improve the way markets work, consider how you might shop for a new cellphone service plan. Two studies have found that consumers could save more than $300 a year by switching to the right plan. But to pick the best plan, you need to be able to estimate how much you use services like texting, social media, music streaming and sending photos. You may not know how to answer or be able to express it in megabytes, but your service provider can. Although some of this information is available online, it’s generally not readily exportable — you can’t easily cut and paste it into a third-party Web site that compares prices — and it is not put together in a way that makes it easy to calculate which plan is best for you. Under my proposed rule, your cellphone provider would give you access to a file that includes all the information it has collected on you since you owned the phone, as well as the current fees for each kind of service you use. The data would be in a format that is usable by app designers, so new services could be created to provide practical advice to consumers. (Think Expedia for calling plans.) And this virtuous cycle would create jobs for the people who dream up and run these new Web sites. Before businesses complain about how hard it would be to comply with such a regulation, they should take a look at the federal government’s Blue Button initiative. This protocol is already providing a secure way for veterans and Medicare beneficiaries to share their medical history with health care providers they trust. (The name “Blue Button” refers to an icon that users click to get the data.) The Blue Button initiative is already spawning private sector applications. Northrop Grumman has developed a smartphone app giving veterans access to their health records and the ability to receive wellness reminders on their phone. HealthVault, a health care management site from Microsoft, also permits Blue Button users to tap into their medical information service. The ability to access these kinds of services could save lives in emergencies. If the government can manage to collect and release personal information in a secure and useful way, so can private companies, which will empower consumers to become better shoppers. Let’s return to the smartphone example. Once a phone owner can provide use data to third-party Web sites, those outfits (BillShrink.com is one) can pinpoint the best pricing plans. Thinking of upgrading your phone? The third-party sites can warn you whether your use is likely to increase, based on the experiences of other consumers who made the same switch. If personal data is accompanied by detailed pricing information, as I discussed in my last column, consumers will be more aware of how they really use products and how much fees really cost them. And transparent pricing will give honest, high-quality providers a leg up on competitors who rely on obfuscation. All of this will help stimulate the best kind of economic growth. THE potential applications are endless. Supermarkets, for example, have already learned that they can attract many customers to their shoppers’ clubs by offering discounts to club members. This allows the stores to know what they buy and to target coupons based on their purchases. Shoppers can opt out — but only at the cost of losing the discounts. So let’s level the playing field. Why not give you, the consumer, something in return for participating? Require that the supermarket make your purchase history available to you. Before you know it, a smart entrepreneur is likely to devise an app that will direct you to cheap and healthy alternatives that can slim your tummy and fatten your wallet. Apps could not only save money; they could also warn shoppers with allergies, for example, that they are buying foods that contain ingredients to which they are sensitive, like nuts or gluten. The ability of businesses to monitor our behavior is already a fact of life, and it isn’t going away. Of course we must protect our privacy rights. But if we’re smart, we’ll also use the data that is being collected to improve our own lives. I hope that American companies follow the lead of their British counterparts and cooperate in a “mydata” program. If they don’t, we should require companies to tell you what they already know about you. To paraphrase Moses, let’s ask them to “let my data go.” https://www.nytimes.com/2011/04/24/business/24view.html Nokia is One of the Most Active Android Contributors, and Other Surprises Carlo Daffara Yes, it may be a surprise, but that’s the beauty of Open Source – you never know where your contributions will be found. In this regard, I received a gentle mention from my friend Felipe Ortega of the Libresoft group of a nice snippet of research from Luis Canas Diaz, “Brief study of the Android community“. Luis studied the contributions to the Android code base, and splitted the contributions using the email of the originator, assigning those with “google.com” or “android.com” as internal, and classifying the others. Here is a sample of the results: (Since October 2008) # Commits Domain 69297 google.com 22786 android.com 8815 (NULL) 1000 gmail.com 762 nokia.com 576 motorola.com 485 myriadgroup.com 470 sekiwake.mtv.corp.google.com 422 holtmann.org 335 src.gnome.org 298 openbossa.org 243 sonyericsson.com 152 intel.com Luis added: “Having a look at the name of the domains, it is very surprising that Nokia is one of the most active contributors. This is a real paradox, the company that states that Android is its main competition helps it!. One of the effects of using libre software licenses for your work is that even your competition can use your code, currently there are Nokia commits in the following repositories: git://android.git.kernel.org/platform/external/dbus git://android.git.kernel.org/platform/external/bluetooth/bluez” In fact, it was Nokia participation in Maemo (and later Meego) and its funding of the dbus and bluez extensions that were later taken up by Google for Android. Intrigued by this result, I made a little experiment: I cloned the full Android gingerbread GIT repo (2.3), separated the parts that are coming from preexisting projects like the Linux kernel and the various external dependencies (many tens of project – included, to my surprise, a full Quake source code…) leaving for example Chromium but removing WebKit. I then took apart the external projects, and counted Google contributions there in an approximate way, and folded back everything. You get a rough size of 1.1GB of source code directly developed or contributed by Google, which means that around 75% of the source code of Android comes from external projects. Not bad, in terms of savings. http://carlodaffara.conecta.it/nokia...her-surprises/ Nielsen: Consumer Desire For Android Grows, Unlike iOS And Blackberry Robin Wauters Nielsen ran monthly surveys of mobile consumers in the United States from July to September 2010, and said back then that 33 percent expressed interest for an Apple iPhone, while slightly more than a quarter (26 percent) said they desired a device with Android and 13 percent said they wanted a Blackberry device. How quickly things change. This morning, Nielsen posited that those same surveys for January 2011 to March 2011 now show that 31 percent of consumers who plan to get a new smartphone indicated that Android was now their preferred OS. Apple’s iOS has slipped slightly in popularity, to 30 percent. RIM / Blackberry, meanwhile, is down to 11 percent. Nearly 20 percent of consumers are unsure of what to choose next. Perhaps surprisingly, desire for Windows Phone devices actually dropped a percent (from 7% to 6%), while interest in Symbian devices remains non-existent when it comes to the US. At the end of last year, Nielsen posited that Apple’s iOS and Android were tied for “most desired operating system” when mobile users who planned to upgrade to a smartphone in the next year were asked about their next phone. Android comes out on top for the first time in the first quarter of 2011, according to Nielsen’s data (see chart above). Nielsen says the trend is visible at the counter, too. Zooming in on sales, half of those surveyed in March 2011 who indicated they had purchased a smartphone in the past six months said they had chosen an Android device. A quarter of recent acquirers said they bought an Apple iPhone, and 15 percent said they had picked a Blackberry phone. http://techcrunch.com/2011/04/26/nie...nd-blackberry/ Why the End of Scarcity Will Change the Economics of Everything James L. McQuivey This post reflects the opinions of the author and not necessarily those of Mashable as a publication. James L. McQuivey, Ph.D. is a Vice President and Principal Analyst at Forrester Research serving Consumer Product Strategy professionals. Apple triggered much debate when it recently announced it would begin enforcing policies that add a 30% toll to any content — Kindle books, newspaper subscriptions — sold through an app on an Apple device. Apple essentially restrained publishers’ access to Apple’s customers — a huge market within the Apple ecosystem. With this move, the company –- typically known for anticipating and even causing seismic shifts in the business world -– demonstrates that it is fundamentally unprepared for one of the biggest transformations we are about to experience: The end of scarcity. Our day-to-day experience teaches us that scarcity is real. All modern business practices are built on this assumption. Some businesses depend upon it entirely. For example, high-end auction houses and low-end infomercials both remind you through various cues that if you don’t buy it now, you may not be able to ever buy it again. But what happens if the economics of scarcity are exchanged for the economics of plenty? For those industries that provide information or experience as a primary good, scarcity is rapidly evaporating. The media business is undergoing a similar change with the rise of citizen journalists, bloggers, and YouTube performers — all of which circumvent the traditional systems that once dictated production norms and processes. Most of these companies have sought to restore order by reinstating scarcity rather than celebrating its passing. It’s not a good sign of things to come. Apple’s recent move was no different. The company imposed artificial scarcity on the relatively boundless iPhone and iPad ecosystem. It’s a restriction of publishers’ access to Apple’s existing customers. This is no criticism of the company’s prowess nor is it a critique of the morality of the company’s strategy. I’m leveling a more devastating charge than that. I’m suggesting that the longer we postpone the inevitable shift to the economics of plenty, the longer we delay the remarkable benefits, both commercial and social, that relinquishing scarcity will provide. We already see hints at what such a shift will do to generate value. The New Model Watch closely as entities of previously impossible scale become commonplace –- companies like Facebook, Google, and even Twitter. These companies scaled up so quickly precisely because they are not bound by scarcity. There is no meaningful limit to how many people can benefit from Facebook, and so it acquires more customers without aggressively marketing its services. Similarly, any new initiative that Google offers the world can reach hundreds of millions of people within a few days at modest incremental cost. It demonstrates how these companies operate under previously undefined rules. In their world, the costs to exploit scale revert to zero. The best ideas, no matter how small or underfunded, have the largest potential impact, and a company that gives its value away may stand to gain more value in return. As a result, companies like Facebook and Google are writing the book on how to manage the economics of plenty, even if they don’t know it. Other industries next in line for disruption like education and health care would be wise to pay attention. Most of what they do depends on the control of information that will soon no longer be scarce. Education reformers have long predicted a world where top professors spread their knowledge across the globe through electronic tools. But the knowledge students need is not only located in those few professors’ minds. Once we digitize not just the distribution of knowledge but the production of it, the existing university system loses its raison d’etre. Why would people come to a single physical location at higher and higher costs when the knowledge it houses is no longer scarce? It is unlikely that universities, hospitals, and other information-dependent entities will see this coming and respond appropriately. While we wait to see which companies can unshackle themselves from the assumption of scarcity, we will live deprived of the innovation the economics of plenty could inspire. I expect that today’s teens will scratch their heads at some future date and wonder why we were so hesitant to accept what will have come so naturally to them. http://mashable.com/2011/04/28/scarcity-economics/ Blumenthal to Sony: Lack of Info on Network Breach is 'Troubling' Gautham Nagesh Sony's failure to notify customers immediately about the hacker attack that shut down the PlayStation Network last week is "troubling" and the firm should provide more information about it, Sen. Richard Blumenthal (D-Conn.) told the tech giant in a letter Tuesday. Sony announced Monday it would shut down the gaming network indefinitely after an attack brought it down last week, potentially endangering users' personal information and prompting widespread outrage from online gamers. "I am concerned that PlayStation Network users’ personal and financial information may have been inappropriately accessed by a third party," Blumenthal wrote to Jack Tretton, president and CEO of Sony Computer Entertainment America. "Compounding this concern is the troubling lack of notification from Sony about the nature of the data breach." Blumenthal claims Sony has yet to notify customers, even a week after the attack, about the breach or provide them with information on how to protect themselves from identity theft. He argued Sony should provide users with services to protect their financial data, including paying for customers' credit reports for two years and insurance for possible identity theft. "PlayStation Network users deserve more complete information on the data breach, as well as the assurance that their personal and financial information will be securely maintained," the letter states. Sony has yet to provide details on the incident to the press aside from acknowledging an "external intrusion" that forced the Japanese firm to shut down the popular gaming network. http://thehill.com/blogs/hillicon-va...rk-data-breach Sony Admits Utter PSN Failure: Your Personal Data has Been Stolen Ben Kuchera Sony has finally come clean about the "external intrusion" that has caused the company to take down the PlayStation Network service, and the news is almost as bad as it can possibly get. The hackers have all your personal information, although Sony is still unsure about whether your credit card data is safe. Everything else on file when it comes to your account is in the hands of the hackers. In other words, Sony's security has failed in a spectacular fashion, and we're just now finding out about it. In both practical and PR terms, this is a worst-case scenario. What did they get? Here is the data that Sony is sure has been compromised if you have a PlayStation Network Account: • Your name • Your address (city, state, and zip) • Country • E-mail address • Birthday • PSN password and login name "It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained," Sony announced. While the company claims that there is "no evidence" that credit card information has been compromised, it won't rule out the possibility. Their advice is to be safe, rather than sorry. "If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained." What can you do? You are warned to keep watch over your accounts, and to be aware of your heightened risk of fraud due to the security breach. "For your security, we encourage you to be especially aware of e-mail, telephone, and postal mail scams that ask for personal or sensitive information," the company said. "Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information." Sony has also provided a wealth of sources for data and protection against identity theft. Quote:
http://arstechnica.com/gaming/news/2...een-stolen.ars Sony Says PlayStation Credit Cards Were Encrypted Kevin Poulsen Reeling from a hack attack that exposed information on 77 million PlayStation Network users, Sony now says that the credit card numbers potentially stolen in the breach were encrypted. “All of the data was protected, and access was restricted both physically and through the perimeter and security of the network,” Sony wrote in a blog post. “The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.” Encrypting the credit card numbers might help Sony argue that it was in compliance with the official Payment Card Industry Data Security Standards, which mandates encryption for stored credit card data — something that could help Sony in the class actions lawsuits that have already begun. Without more details, though, it’s difficult to know how much solace users should take in this latest dribble of information on the massive breach. If the encryption scheme in use was weak, or the intruders compromised the crypto keys, then the card numbers are still at risk. For that matter, with access to the network’s backend systems, it’s possible the intruders could have sniffed newly used credit card numbers as they came into the system, and before they were encrypted. Meanwhile, users are reporting fraudulent charges on cards they’ve used on the PlayStation Network — Wired.com sister site Ars Technica has counted two dozens cases. But out of a sample of any 77 million people, it would be far more surprising to not find recent victims of credit card fraud in the mix, so we’re not counting this as evidence that plaintext cards numbers are in the wild. http://www.wired.com/threatlevel/201...ere-encrypted/ Hackers Claim to Have PlayStation Users’ Card Data Nick Bilton Security researchers said Thursday that they had seen discussions on underground Internet forums indicating that the hackers who infiltrated the Sony PlayStation Network last week may have made off with the credit card numbers of Sony customers. The comments indicated that the hackers had a database that included customer names, addresses, usernames, passwords and as many as 2.2 million credit card numbers, the researchers said. Kevin Stevens, senior threat researcher at the security firm Trend Micro, said he had seen talk of the database on several hacker forums, including indications that the Sony hackers were hoping to sell the credit card list for upwards of $100,000. Mr. Stevens said one forum member told him the hackers had even offered to sell the data back to Sony but did not receive a response from the company. Although several researchers confirmed the forum discussions, it was impossible to verify their contents or the existence of the database. When asked about the hackers’ claims, Patrick Seybold, senior director of corporate communications and social media at Sony, said, ”To my knowledge there is no truth to the report that Sony was offered an opportunity to purchase the list.” Mr. Seybold also pointed to a blog post Sony published Thursday that said: “The entire credit card table was encrypted and we have no evidence that credit card data was taken.” Sony has said that it could not rule out the possibility that hackers might have obtained credit card data. “Sony is saying the credit cards were encrypted, but we are hearing that the hackers made it into the main database, which would have given them access to everything, including credit card numbers,” said Mathew Solnik, a security consultant with iSEC Partners who frequents hacker forums to track new hacks and vulnerabilities that could affect his clients. Mr. Solnik said that people on the forums had details about the servers used by Sony, which may indicate that they had direct knowledge of the attack. Mr. Solnik said researchers believe that the hackers gained access to Sony’s database by hacking the PS3 console and from there infiltrating the company’s servers. Dan Kaminsky, an independent Internet security specialist, said in a phone interview that he had also seen forum posts about a Sony credit card database, but he said he could not confirm who was behind the attack. “These attacks just keep getting larger and larger and larger,” he said. “The security measures technology companies employ today are just not robust enough.” The San Diego office of the Federal Bureau of Investigation, which is helping Sony with its inquiry into the hacking incident, declined to comment. http://bits.blogs.nytimes.com/2011/0...ers-card-data/ DOJ: FBI Digital Counterintelligence Weakened by Focus on Child Porn Cyberattacks are at an all time high; FBI spends twice as much effort fighting porn Kevin Fogarty Despite its growing digital surveillance capabilities and increasing responsibility for investigating and countering cyber attacks on the U.S., the FBI's core cyber security division turns out to be basically incompetent, according to a critical report from the Dept. of Justice. [PDF] Part of the reason is that the 14 agencies that share some responsibility for online counter-espionage don't share information well. Another contributor is the lack of effective pressure from top managers to get agents trained in national-security intrusion topics and tactics. Most of the reason is that the FBI spends twice as much effort investigating child porn as it does attempts by foreign governments to attack U.S. facilities or steal information that would damage U.S. national security, the report found. To put that in perspective, the number of foreign attacks on the U.S. increased 40 percent between 2007 and 2008, according to the report, whose data are pretty old for such a sensitive topic. An April study from McAfee showed 80 percent of utilities in 14 countries had been attacked during the previous year, an increase of almost 50 percent compared to the year before. Attacks ranged from distributed denial of services to intrusions to remove data to intrusions that attempted to take control of the utility's internal IT systems. And that's just among civilian-run utility companies. State Dept. documents released through WikiLeaks this month showed that years-long cyberattacks launched by the Chinese military had netted "terabytes" of sensitive data ranging from names and passwords that would give access to State Department computers, to the design of major weapons systems. The "Byzantine Hades" attacks – and others coming from Russia and other unfriendly powers – represent a new state of cyberwar the U.S. is not yet prepared to fight. The attacks have been so successful "we have given up on the idea we can keep our networks pristine," according to Stewart Baker, a former senior cyber-security official at the U.S. Department of Homeland Security and National Security Agency. The focus has shifted instead to more sophisticated efforts to detect and counter intrusions as they're made. Unfortunately, those are exactly the kinds of skills the FBI cyber squads lack and the kind of crime they don't have the time or resources to investigate. Of 36 agents with cybersecurity responsibilities the DOJ tested – from 10 of the agency's 56 field offices, each of which has at least one "cyber squad" – only 23 told investigators they had the training to investigate national security intrusions. The other 13 "lacked the networking and counterintelligence expertise to investigate national security intrusion cases." Five said they were completely unqualified to investigate national security intrusions effectively, the report said. In 2007 the FBI created a separate career path for digital security investigators called the Cyber Career Path, which includes a four-stage training plan covering 12 core courses and a set of elective courses agents can use to develop a specialty. The agency's habit of moving agents to new offices or new assignments every two or three years to expand their skills or experience makes completing that training difficult, the report concluded. So does a generally inconsistent focus on both online counter-espionage and giving agents either the training or time to build experience in investigating it. Top FBI managers are much more comfortable with agents trained to track down domestic hackers and breaking down doors than they are investigating or countering serious online attacks from overseas. The report – some information in which was blacked out to avoid releasing sensitive or top secret information to which the public should not have access – included the total number of agents who had completed all 12 courses as of June, 2010. The number was the only part of the paragraph explaining the program that was redacted. Online espionage isn't the FBI cyber squads' only responsibility, however. In 2009, 19 percent of the cyber agents worked on national security intrusion investigations, while 31 percent worked on non-spy-related digital crimes and 41 percent investigated online child porn. That's not to say child porn and domestic, non-national-security related cybercrime should not be investigated. When you're losing terabytes of sensitive data to foreign governments who can walk freely through your most secure computer systems, however, maybe it's time to reconsider your priorities. Maybe shift a few agents away from the wankers and point them toward the enemy? http://www.itworld.com/security/1607...sed-child-porn New FBI Documents Provide Details on Government’s Surveillance Spyware Jennifer Lynch EFF recently received documents from the FBI that reveal details about the depth of the agency's electronic surveillance capabilities and call into question the FBI's controversial effort to push Congress to expand the Communications Assistance to Law Enforcement Act (CALEA) for greater access to communications data. The documents we received were sent to us in response to a Freedom of Information Act (FOIA) request we filed back in 2007 after Wired reported on evidence that the FBI was able to use “secret spyware” to track the source of e-mailed bomb threats against a Washington state high school. The documents discuss a tool called a "web bug" or a "Computer and Internet Protocol Address Verifier" (CIPAV),1 which seems to have been in use since at least 2001.2 What is CIPAV and How Does It Work? The documents discuss technology that, when installed on a target's computer, allows the FBI to collect the following information: • IP Address • Media Access Control (MAC) address • "Browser environment variables" • Open communication ports • List of the programs running • Operating system type, version, and serial number • Browser type and version • Language encoding • The URL that the target computer was previously connected to • Registered computer name • Registered company name • Currently logged in user name • Other information that would assist with "identifying computer users, computer software installed, [and] computer hardware installed"3 It's not clear from the documents how the FBI deploys the spyware, though Wired has reported that, in the Washington state case, the FBI may have sent a URL via MySpace's internal messaging, pointing to code that would install the spyware by exploiting a vulnerability in the user's browser. Although the documents discuss some problems with installing the tool in some cases, other documents note that the agency's Crypto Unit only needs 24-48 hours to prepare deployment.4 And once the tool is deployed, "it stay[s] persistent on the compromised computer and . . . every time the computer connects to the Internet, [FBI] will capture the information associated with the PRTT [Pen Register/Trap & Trace Order].5 Where Has CIPAV Been Used and What Legal Process Does the FBI Rely On to Use It? It is clear from the documents we received that the FBI—and likely other federal agencies—have used this tool a lot. According the documents, the FBI has used CIPAV in cases across the country—from Denver, El Paso, and Honolulu in 2005; to Philadelphia, California, and Houston in 2006; to Cincinnati and Miami in 2007. In fact, one stack of documents we received consists entirely of requests from FBI offices around the country to the agency's Cryptologic and Electronic Analysis Unit ("CEAU") for help installing the device.6 The FBI has been using the tool in domestic criminal investigations as well as in FISA cases,7 and the FISA Court appears to have questioned the propriety of the tool.8 Other agencies, and even other countries have shown interest in the tool, indicating its effectiveness. Emails from 2006 discuss interest from the Air Force,9 the Naval Criminal Investigative Service10 and the Joint Task Force-Global Network Operations,11 while another email from 2007 discusses interest from the German government.12 The FBI's Crypto Unit appears to have viewed the CIPAV as a proprietary tool. In one email, an agent grumbled, "we are seeing indications that [CIPAV] is being used needlessly by some agencies, unnecessarily raising difficult legal questions (and a risk of suppression without any countervailing benefit)."13 In another email, an agent stated, "[i] am weary [sic] to just hand over our tools to another Gov't agency without any oversight or protection for our tool/technique."14 And a third email noted, "[w]e never discuss how we collect the [data CIPAV can collect] in the warrants/affidavits or with case agents. AUSAs, squad supervisors, outside agencies, etc."15 It appears from the documents that the FBI wasn't sure what legal process to seek to authorize use of the spyware device. Some emails discuss trying to use a "trespasser exception" to get around a warrant,16 while others discuss telling the AUSA (government attorney) to cite to the "All Writs Act, 28 U.S.C. § 1651(a)."17 And one email suggests some agents thought the tool required no legal process at all. In that email, the FBI employee notes he considers the tool to be "consensual monitoring without need for process; in my mind, no different than sitting in a chat room and tracking participants' on/off times; or for that matter sitting on P2P networks and finding out who is offering KP."18 Eventually, the FBI seems to have sought a legal opinion on the proper use of the tool, both from the Office of General Counsel and from the National Security Law Branch,19 and ultimately, the agency seems to have settled on a "two-step request" process for CIPAV deployments -- a search warrant to authorize intrusion into the computer, and then a subsequent Pen/Trap order to authorize the surveillance done by the spyware.20 What Does This Mean for the FBI's Push for New Back Doors into Our Internet Communications? Over the past few months, we've heard a lot from the FBI about its need to expand the Communications Assistance to Law Enforcement Act (CALEA), a law that that requires all telecommunications and broadband providers to be technically capable of complying with an intercept order. Federal law enforcement officials have argued that under current regulations they can't get the information they need and want to expand CALEA to apply to communications systems like Gmail, Skype, and Facebook. However, these documents show the FBI already has numerous tools available to surveil suspects directly, rather than through each of their communications service providers. One heavily redacted email notes that the FBI has other tools that "provide the functionality of the CIPAV [text redacted] as well as provide other useful info that could help further the case."21 Another email notes that CIPAVs are used in conjunction with email intercepts, perhaps using similar spyware-type tools.22 If the FBI already has endpoint surveillance-based tools for internet wiretapping, it casts serious doubt on law enforcement's claims of "going dark." A device that remains "persistent" on a "compromised computer" is certainly concerning. However, if the FBI obtains a probable cause-based court order before installing tools like CIPAV, complies with the minimization requirements in federal wiretapping law by limiting the time and scope of surveillance, and removes the device once surveillance concludes, the use of these types of targeted tools for Internet surveillance would be a much more narrowly tailored solution to the FBI’s purported problems than the proposal to undermine every Internet user's privacy and security by expanding CALEA. We will continue to report on both the FBI's use of endpoint surveillance tools and on the agency's push to expand CALEA as more documents come in. Click here to access full pdf versions of the documents we received or see below for the pages referenced in this post. https://www.eff.org/deeplinks/2011/04/CIPAV_Post In WikiLeaks’ Growth, Some Control Is Lost Brian Stelter and Noam Cohen WikiLeaks, the Web site responsible for publicizing millions of state secrets in the last year, has tried to pick its media partners carefully. But the site has become such a large player in journalism that some of its secrets are no longer its own to control. WikiLeaks’ latest release — files related to the detainees at Guantánamo Bay, Cuba — took place Sunday in partnership with eight news organizations in the United States and other countries, including The Washington Post and the McClatchy newspapers and The Telegraph of London. The “official” release was sped up when WikiLeaks learned that two news organizations that were collaborators with WikiLeaks in the past but were explicitly shut out this time — The New York Times and The Guardian — were preparing their own Guantánamo stories anyway, having obtained the information independently. This resulted in a mad scramble to be first online with secrets that would never have leaked so quickly if WikiLeaks had not possessed the documents to begin with. For journalism, it was a recalibration of the traditional relationships among competitors and sources. And for WikiLeaks, it was a lesson in how hard it is to steer news coverage rather than be buffeted by it. In its first prominent collaboration with newspapers, last July, WikiLeaks gave exclusive access to a secret archive of Afghan war logs to The Times, The Guardian in Britain, and Der Spiegel in Germany. Now, as it gradually releases 250,000 United States diplomatic cables, WikiLeaks says it has more than 50 local partners, most of them newspapers, from the Daily Taraf in Turkey to Expresso in Portugal to The Hindu in India. Some of those newspapers describe the relationship with WikiLeaks as a contract. WikiLeaks’ intent has always been to maximize its impact, but its media strategy has changed significantly since it began in 2007, with the idea that if it posted important documents to its site — come one, come all — journalists would eagerly report the news there. Since then, it has learned the value of an “exclusive” to journalists, creating partnerships with publishers that impose a collective embargo on when the material can be published in return for privileged access to the material. On its Twitter page, WikiLeaks suggested that it did not mind that it had lost control of its cache of secrets, saying it was pleased that its former partner publications had “added their weight to increasing our impact.” Yochai Benkler, the co-director of the Berkman Center for Internet and Society at Harvard University, said he thought that WikiLeaks’ anti-secrecy quest was “enhanced, not undermined, by the intensification of competition to cover the documents.” The Guantánamo files, he said, confirmed what the earlier releases already suggested: that “the future of the networked Fourth Estate will involve a mixture of traditional and online models, cooperating and competing on a global scale in a productive but difficult relationship.” In an essay this month in the British magazine New Statesman, the founder of WikiLeaks, Julian Assange, explained his reasoning. While he described WikiLeaks as “firmly in the tradition of those radical publishers who tried to lay ‘all the mysteries and secrets of government’ before the public,” he added that “for reasons of realpolitik, we have worked with some of the largest media groups.” While the exclusive-access strategy has had obvious advantages in getting the news out, WikiLeaks faced criticism for allowing only a few news organizations to have access to the cables, said Greg Mitchell, a blogger for The Nation who published “The Age of WikiLeaks.” “Now,” he said, “it’s busting loose and other people are getting them.” That owes partly to the falling out between Mr. Assange and The Times and The Guardian. Bill Keller, the executive editor of The Times, said Mr. Assange seemed to sour on the newspaper after he read both a front-page profile of himself and an article about the Army intelligence analyst suspected of leaking information to WikiLeaks. The profile he deemed unflattering and the other article inadequate. He also complained to Mr. Keller that the newspaper’s Web site had not linked to the WikiLeaks site. “Where’s the respect?” he asked Mr. Keller. Mr. Keller said Monday, “It’s been a long time since I’ve had any communication with Julian Assange.” In essays and interviews Mr. Assange has complained that The Times had worked too closely with the United States government before publishing its material and had a “hostile attitude” toward WikiLeaks. Similarly, Mr. Assange’s relationship with The Guardian started to fray “right at the beginning,” said David Leigh, the newspaper’s investigations editor. In late July, two days before The Guardian was to publish articles about the Afghan war logs, it learned that WikiLeaks had also shared the material with another British organization, Channel 4. “Julian had gone behind our backs because he knew that it would upset us,” Mr. Leigh said in an interview this week. In November, WikiLeaks chose to share the diplomatic cables database with The Guardian but not The Times. When The Times and The Guardian decided to collaborate nonetheless, Mr. Leigh said Mr. Assange “burst into our editors’ office, accompanied by a lawyer, threatening that he was going to sue us.” He did not sue, but the dissatisfaction cut both ways. Mr. Leigh said he was particularly troubled in December when Mr. Assange tried to suppress the newspaper’s coverage of the sexual assault charges against him. By then, a competing newspaper, The Telegraph, had started holding meetings with WikiLeaks. It wanted to replace The Guardian as the group’s go-to outlet in Britain. “We were willing to ensure that their material got a worldwide hearing,” said Tony Gallagher, the editor of The Telegraph. The Telegraph was looped in on the Guantánamo Bay file release, but The Guardian was not. Mr. Leigh called WikiLeaks’ attitude “spiteful and petty.” WikiLeaks’ other new media partners, including The Post and McClatchy, received the Guantánamo files several weeks before WikiLeaks lifted its embargo. Unknown, at first, to the WikiLeaks partners, The Times had independently obtained the files from a source Mr. Keller would not name, and shared them with both The Guardian and NPR. WikiLeaks itself showed some old-fashioned competitive instinct. Responding to accounts that said its partners had not been first to publish, the organization wrote: “Enough. Our first partner, The Telegraph, published the Gitmo Files 1am GMT, long before NYT or Guardian.” Mr. Benkler, a critic of the Guantánamo Bay prison, concluded that even the “scoop the scoop” aspect of the coverage had been productive. What it amounted to, he said, were “more sources providing greater attention to what is basically continued indefensible behavior on the part of the U.S. government.” https://www.nytimes.com/2011/04/27/w...e-secrets.html Why We Need An Open Wireless Movement Peter Eckersley If you sometimes find yourself needing an open wireless network in order to check your email from a car, a street corner, or a park, you may have noticed that they're getting harder to find. Stories like the one over the weekend about a bunch of police breaking down an innocent man's door because he happened to leave his network open, as well as general fears about slow networks and online privacy, are convincing many people to password-lock their WiFi routers. The gradual disappearance of open wireless networks is a tragedy of the commons, with a confusing twist of privacy and security debate. This essay explains why the progressive locking of wireless networks is harmful — for convenience, for privacy and for efficient use of the electromagnetic spectrum. We will need a political and technological "Open Wireless Movement" to reverse the degradation of this indispensable component of the Internet's infrastructure. Part of the task will simply be reminding people that opening their WiFi is the socially responsible thing to do, and explaining that individuals who choose to do so can enjoy the same legal protections against liability as any other Internet access provider.1 Individuals, including Bruce Schneier and Cory Doctorow, have laid some of the groundwork. It's time to spead the message far and wide. But an Open Wireless Movement will also need to do technical work: we need to build new technologies to ensure that people have an easy way to share a portion of their bandwidth without affecting the performance of their own network connections while at the same time ensuring that there is absolutely no privacy downside to running an open wireless network. The wireless world we ought to live in Most of us have had the experience of tremendous inconvenience because of a lack of Internet access. Being lost in a strange place with no way to find a map; having an urgent email to send with no way to do so; trying to meet a friend with no way to contact them. Even if we have data plans for our mobile phones, we've probably had these experience in cities or countries where our phones don't have coverage or don't have coverage for less-than-extortionate prices. We may even experience this problem at home, when our Internet connection dies while we urgently need to use it. Finding yourself in one of these binds is a bit like finding yourself parched and thirsty while everyone around you is sipping from nice tall glasses of iced water, or finding yourself cold and drenched in a rain storm because nobody will let you under their umbrella. At those moments when you are lost, or missing a deadline, or failing to meet your friend, it is almost always true that Internet data links are traveling through your body in the form of electromagnetic wireless signals — it's just that people have chosen to lock those networks so that you can't make use of them. A tragedy of the commons When people turn on WEP or WPA encryption for their networks deliberately, there are two common reasons: a desire to prevent their neighbors from "free riding" on their connections; and a fear that unencrypted WiFi is a security or privacy risk. Both of those reasons have a degree of legitimacy, but neither of them changes the fact that we would be better off if there were more open networks. Also, both of these problems could be solved without password locking our networks. What we need, instead, is to develop and deploy better WiFi protocols. Let's focus on the first issue for a moment: traffic prioritization. Many people would like to have the fastest network connection possible, and for that reason are reluctant to let their neighbors share their link. After all, if your neighbor is streaming music or watching YouTube videos on your WiFi, that's going to slow your traffic down a bit! But those same people would probably be willing to give up some bandwidth at home from time to time, in exchange for having free open wireless everywhere else. In other words, we'd all be better off if we all left our WiFi open, but we each benefit slightly if we close our WiFi. Our failure to work together prevents us from enjoying better, more widespread Internet access. The best solution to this problem is to have WiFi routers which make it very easy to share a certain amount of bandwidth via an open network, but simultaneously provide an encrypted WPA2 network that gets priority over the open network. Some modern routers already support multiple networks like this, but we need a very simple, single-click or default setting to get the prioritization right. Securing the Future for Open WiFi If the problem of open WiFi was just about convincing people to share their connections, we'd be in a better situation. Enough people understand the importance of sharing that we'd have open networks more or less everywhere. The problem that's really killing open WiFi is the idea that an unlocked network is a security and privacy risk. This idea is only partially true. Computer security experts will argue at great length about whether WEP, WPA and WPA2 actually provide security, or just a false sense of security. Both sides are partially correct: none of these protocols will make anyone safe from hacking or malware (WEP is of course trivial to break, and WPA2 is often easy to break in practice), but it's also true that even a broken cryptosystem increases the effort that someone nearby has to go to in order to eavesdrop, and may therefore sometimes prevent eavesdropping. It doesn't really matter that WiFi encryption is a poor defense against eavesdropping: most computer users only understand the simple message that having encryption is good, so they encrypt their network. The real problem isn't that people are encrypting their WiFi: it's that the encryption prevents them from sharing their WiFi with their friends, neighbours, and strangers wandering past their houses who happen to be lost and in need of a digital map. We need WiFi that is open and encrypted at the same time! Insofar as there is some privacy (and psychological) benefit to using an encrypted WiFi network, there's actually no reason why users of open wifi shouldn't get those benefits too! There is currently no WiFi protocol that allows anybody to join the network, while using link-layer encryption to prevent each network member from eavesdropping on the others. But such a protocol should exist. There are some technical details to work through, but they are manageable.2 In fact, this proposed protocol offers some privacy/security benefits not available in shared-passphrase WPA2, which is the strongest easy-to-deploy WiFi encryption system. Under WPA2 all the users on the network can calculate each others' session keys and eavesdrop on each other. With our suggested design, that would cease to be possible. The Unintuitive Benefits of Open Wireless Since 1994, the United States government has auctioned off huge portions of the electromagnetic spectrum to telecommunications companies. WiFi operates in tiny scraps of spectrum that were left over from the auctions. Similar processes have occurred in many other countries. But WiFi networks (especially modern 802.11N networks) turn out to make inherently much more efficient use of spectrum than systems of widely spaced cell phone towers. This results from a property of wireless protocols called area spectral efficiency: basically, if your data only has to travel to a nearby router, the same frequency range can be used for someone else's data around the corner or across the street. In contrast, if your data needs to travel all the way to a cell tower, nobody else in between can use that same portion of spectrum. If we want a future where anyone can watch high definition movies or make video calls from anywhere without wires, what we need is short-range networks with routers everywhere — like the one we'd have if everyone opened their WiFi. What Needs to be Done EFF will be working with other organizations to launch an Open Wireless Movement in the near future. In the mean time, we're keen to hear from technologists with wireless expertise who would like to help us work on the protocol engineering tasks that are needed to make network sharing easier from a privacy and bandwidth-sharing perspective. You can write to us at openwireless@eff.org. https://www.eff.org/deeplinks/2011/0...eless-movement Amazon's Cloud Crash Disaster Permanently Destroyed Many Customers' Data Henry Blodget In addition to taking down the sites of dozens of high-profile companies for hours (and, in some cases, days), Amazon's huge EC2 cloud services crash permanently destroyed some data. The data loss was apparently small relative to the total data stored, but anyone who runs a web site can immediately understand how terrifying a prospect any data loss is. (And a small loss on a percentage basis for Amazon, obviously, could be catastrophic for some companies). Amazon has yet to fully explain what happened when its mission-critical and supposedly bomb-proof systems crashed, but the explanation will be important. As will the explanation for how the company could have permanently destroyed some of its customers data. In our experience, the "back-up" systems of most web-services providers leave a lot to be desired. The back-ups sound reassuring in theory--you are assured that your data is always "backed-up" on a system that is completely separate from the main one and that you'll be able to access it whenever you need it. But then, when you dig, you often discover that that means the data is simply copied to another file on the same box or another box in the same data room. A stronger "backup," obviously, would be housed in a separate location, so that a power-failure or flood or earthquake or other disruption at the main site would not disrupt the backup. Or, better yet, the back-up would be automatically replicated at multiple sites, all independent of one another, in near real-time. And, of course, this is the sort of reliability that Amazon has been selling with its cloud services--including 99.9% uptime. Both promises seem to have been broken here. Here's an email Amazon sent to a big customer letting them know that some of their data was gone for good. You'd think that, under the circumstances, Amazon could do a bit better than an impersonal "hello." Quote:
Quote:
http://www.businessinsider.com/amazo...ta-2011-4?op=1 Friendster to Erase Early Posts and Old Photos Jenna Wortham Long before there was a Facebook, or even a MySpace, there was Friendster, a Web site that gave many people their first taste of the socially networked world to come. Friendster, which started in 2003, has long been eclipsed by younger, more nimble rivals, turning into something of a ghost town. But on Tuesday, its current owners told users of plans to change its business strategy — and to wipe out the site’s trove of digital memories, including ancient dorm-room photos, late-night blog entries and heartfelt friend endorsements, known as “testimonials.” That set off a wave of nostalgia among Friendster members, even though most had stopped visiting the site long ago. Jim Leija, 31, who works at a nonprofit music organization in Ann Arbor, Mich., recalled courting his partner, Aric Knuth, through the site. “All of our early exchanges were with each other through their messaging systems,” he said. “We were writing early love notes back in the winter of 2003.” Mr. Leija said that even though he had not used the service in three or four years, the news of its plans to erase older material tugged at his heartstrings. “Your emotions get wrapped up in it,” he said. “It reflected a particular moment in time in our lives.” The mass deletion of so much evidence of embarrassing wardrobe choices and unrequited crushes might come as a relief to some, especially in an era when it seems that everything uploaded to Facebook can haunt people forever. But some say Friendster has unexpectedly turned into a time capsule with snapshots of who they once were. It is a version of their history that is not in a scrapbook or dusty shoebox but is live on the Web — for now. “We want to forget our misdeeds and bad choices, but we also kind of want to remember them,” said Danah Boyd, a social media researcher at Microsoft and a fellow at Harvard University’s Berkman Center for Internet and Society. “These old networks are our memories.” Joanne McNeil, who studies and writes about Internet culture, said that as more of life is lived on the Web, people become more emotionally invested in the presence of particular online services, even those they have abandoned. Ms. McNeil added that the realization that years of history could be deleted on a corporate whim was jarring. “The impermanence of the Web used to be a way of life,” she said. “A site could be gone in weeks, months. But Google and Gmail came along and changed that, and now we always expect to have a copy of our lives online.” Friendster’s plans to strip the service of older material reminded some of Yahoo’s move in April 2009 to pull the plug on GeoCities, an early provider of free Web home pages. At the time, Internet tinkerers and historians worked to keep the site’s millions of pages from disappearing forever. Jason Scott is the founder of a group called the Archive Team that tries to save such online content. He recently rallied efforts to preserve clips from Google Video, which Google is shutting down in favor of the more popular YouTube. Mr. Scott said that the shuttering of social Web services and online communities was a “critical cultural issue.” “This is the everyday neural activity of a world, of a society, scooped up and saved,” he said. “To me, that’s completely valuable and worthwhile to make sure it is saved for the future.” Mr. Scott said his group planned to try to download as much of Friendster’s public data as possible before it is erased at the end of May, and to make it available online in some form. Friendster’s current owner, MOL Global of Malaysia, said the site’s basic profile information and lists of friends would remain intact as it becomes more of an entertainment site. It is offering ways for members to download threatened photos and other material. Friendster was once considered a hot property. The site’s financial backers included Peter Thiel, a co-founder of PayPal, and K. Ram Shriram, one of the first investors in Google. In fact, Google offered to buy Friendster for $30 million in 2003, but the site’s founder, Jonathan Abrams, chose to keep it independent. When MOL Global bought it in late 2009 for an undisclosed sum, it said the site had more than 115 million members, though it was not clear how many of those were active. Reached by phone on Tuesday, Mr. Abrams said he had not yet heard of the planned changes to the site. And he said he was surprised that anyone would care. “It’s so old news to me,” said Mr. Abrams, who is involved in projects including a work space for start-ups and a social media venture. “After it was bought by the Malaysian company, that was the final chapter.” https://www.nytimes.com/2011/04/27/t...riendster.html British Law Used to Shush Scandal Has Become One Ravi Somaiya On a recent Saturday, reporters from a British newspaper huddled around a television set tuned to a soccer match, straining to hear. They were not listening for the announcers, or even the score. Instead, as one of the journalists recounted, they were listening to the chanting crowd, hoping it would sing en masse about the extramarital affair of one of the players on the field. The reporters knew that the player, married and among Britain’s most famous, had had an affair with a television personality. But the player has taken out a so-called super injunction — a stringent British legal measure that prevents newspapers from publishing a story on the topic, or even from making any mention that a court order has been granted. The injunctions, intended to protect privacy, have become a scandal here in Britain. The BBC political editor Andrew Marr, who often grills Britain’s most prominent politicians on the Sunday show that bears his name, publicly admitted Tuesday that he, too, had used one to hide an affair. And in recent weeks, the issue of the soccer player’s identity has become a matter of national debate, splashed across front pages and featured on television shows. Super injunctions have also been raised in the Houses of Parliament as an example of a curb on the freedom of the press by activist judges. But in a world where millions converse on Facebook, Twitter and the like, the law cannot feasibly be enforced online. So the reporters listening to the soccer game were hoping that the boisterous fans of the rival team would have read about the affair on the Internet and then shout or sing the details to ridicule their opponents, providing a circuitous way of covering the story. But they were disappointed. Britain’s press laws are widely seen as particularly restrictive, so much so that international celebrities and public figures often choose to pursue their libel suits here, in what is frequently referred to as “libel tourism.” But the super injunctions offer a way of stopping stories before they come out and are frequently served on multiple newspapers to pre-empt any possible publication, said Charlotte Harris, a media lawyer who has represented public figures seeking injunctions and others arguing against them. The injunctions are so protective of their subjects that only a few cases have been made public: another soccer player, John Terry, the captain of the English team, who was reported to have had an affair with the ex-girlfriend of a teammate; Fred Goodwin, the former chairman of the $40 billion banking group Royal Bank of Scotland, who faced criticism for his lavish payouts; and Trafigura, a multinational commodities company accused of dumping toxic waste in Africa. Details of other cases may become well known within the media community, and rumors from other sources may even spread online, but once a super injunction is served news organizations must keep their readers in the dark. The injunctions take “a matter of hours” in private meetings between judges and lawyers, said Ms. Harris, the media lawyer. And though their secretive nature makes it hard to verify a precise number, reports in the British press suggest that as many as 30 super injunctions may have been granted to other prominent figures. “The rich and powerful,” said Ian Hislop, the editor of the magazine Private Eye, a satirical weekly that often reports on the hypocrisies of Britain’s elite, “are increasingly turning to these orders.” “They used at least to have to argue that something you’d printed was not true,” Mr. Hislop said referring to Britain’s strong libel laws, widely held to favor those bringing claims. “Now it doesn’t matter whether it’s true or not. They can suppress it with a super injunction and call it privacy.” Private Eye had mounted a legal challenge to Mr. Marr’s super injunction last week, days before he admitted to the court order. Through a BBC spokesman, Mr. Marr declined to comment. But speaking of his injunction, granted in 2008, he told the Daily Mail that he “did not come into journalism to go around gagging journalists. Am I embarrassed by it? Yes. Am I uneasy about it? Yes. But at the time there was a crisis in my marriage,” he said, adding that he was also concerned about protecting the young child of the woman with whom he had had the affair. “I know these injunctions are controversial,” he said, “and the situation seems to be running out of control.” The controversy first surfaced in 2009, when Trafigura obtained a super injunction against journalists who had obtained internal documents discussing the dumping of toxic waste in Ivory Coast. The documents, the company’s lawyers Carter-Ruck argued and the judge agreed, were private material. The order was eventually overturned when a British member of Parliament tabled a question on the issue, using a centuries-old precedent known as privilege, which holds reporting on Parliament above the law. Later, WikiLeaks also published the document. And last month another member of Parliament, John Hemming, also used Parliamentary privilege to reveal that Mr. Goodwin, the former chairman of the Royal Bank of Scotland, “has obtained a super injunction preventing him being identified as a banker.” “Will the government,” Mr. Hemming asked, “have a debate or a statement on the issue of freedom of speech and whether there is one law for the rich, such as Fred Goodwin, and another law for the poor?” Ms. Harris, the media lawyer, argued that “this is so much wider and more important than the rich and powerful protecting themselves.” Tabloid newspapers, she said, were using freedom of speech as a pretext to publish stories that were sometimes spurious. Behind many of the injunctions she has worked on, she said, lies a seamy world of betrayals and tabloid bidding wars for kiss-and-tell tales, “not to mention blackmail and harassment of some of these people.” “If you’re a public figure and a fan you’ve exchanged a few e-mails with suddenly tells you that she is going to ruin your career, that she’ll turn up at your kids’ school, or go to the press and make accusations, what can you do?” Ms. Harris continued. “Instead of hysteria we need a proper debate on this,” she said. “What exactly is private and what exactly is not private?” Mr. Hislop agrees that a debate is essential, and added that to ban publication in the age of the Internet, when many of the recipients of super injunctions can be revealed with a little careful searching online, is “bizarre; it’s ludicrous.” “I suppose those of us in print should be flattered,” Mr. Hislop said, “that only dead-wood publications count for these judges.” https://www.nytimes.com/2011/04/27/w...27britain.html Righthaven v. CIO: It’s Hard Out Here for a Troll Kurt Opsahl Last Friday, the federal district court in Nevada held that the non-profit organization Center for Intercultural Organizing’s posting of a copyrighted news article was a non-infringing fair use. The well-reasoned opinion sets a powerful precedent for fair use and against copyright trolling. The newspaper article at issue was originally published by Stephens Media’s Las Vegas Review-Journal newspaper. Per its standard practice, copyright troll Righthaven LLC found it online and entered into a scheme with Stephens Media, under which the publisher purportedly assigned the right to sue to Righthaven. The litigation factory would then carry on the litigation at its own expense, splitting any proceeds with Stephens Media (less expenses). This scheme was fatal to Righthaven’s infringement claim, because it greatly strengthened CIO’s claim to fair use. When analyzing fair use cases, courts must consider four statutory factors – the purpose and character of the use, the nature of the work, the amount and substantiality of the use, and the harm to the copyright holder’s market. These factors are balanced “in light of the purposes of copyright,” which are “[t]o promote the Progress of Science and useful Arts and to serve the welfare of the public.” (see Perfect 10 v. Amazon) While considering the purpose and character of CIO’s use, the court compared the use made by CIO with the use made by Righthaven. The court wrote: “Although the former owner, the LVRJ, used the article for news-reporting, the court focuses on the current copyright owner’s use, which, at this juncture, has been shown to be nothing more than litigation-driven.” This led to the court to conclude that the purpose and character of the work was “transformative,” meaning it was used for a new purpose and therefore weighed towards fair use. Likewise, when analyzing the “market harm” factor, the Court noted that Righthaven “failed to allege that a ‘market’ exists for its copyright at all.” Indeed, recently unsealed evidence shows that Righthaven is unable to make that allegation, as it is contractually prohibited from licensing the works in question. The court also noted that “Righthaven cannot claim the LVRJ’s market as its own and is not operating as a traditional newspaper.” The court cited to eBay v. MercExchange, a landmark Supreme Court from 2006, which refused to presume harm to the markets of patent trolls (entities that buy up patents solely for purposes of litigation). Taken together, this meant that the “market harm” factor favors fair use where Righthaven is concerned. Finally, the court’s overall balancing clearly disfavored copyright trolling. The Court noted that Righthaven’s “litigation strategy has a chilling effect on potential fair uses of Righthaven-owned articles, diminishes public access to the facts contained therein, and does nothing to advance the Copyright Act’s purpose of promoting artistic creation.” The decision confirms that a non-publishing entity that uses copyrighted works for litigation is in a materially worse position than the original publisher in a fair use analysis. While Stephens Media would likely have lost anyway, the business model promoted by Righthaven ensured that at least two of the four factors and the balancing favored fair use. Righthaven’s decision to focus its efforts on news articles also contributed to its loss. While news reports may involve planning, research, interviews and a great deal of effort by a reporter, the Supreme Court has rejected the notion that copyrights may be based on the ‘sweat of the brow.’ Instead, the question is whether the nature of the work is informational or creative; if the former, the use is more likely to be found to be fair. While other copyright trolls will not necessarily focus on informational works, once again Righthaven’s business model contributed to its loss. As we explained last week, the recently unsealed Strategic Alliance Agreement between Righthaven and Stephens Media shows that the purported assignment of the copyright is a sham. If the court agrees with this assessment, as we believe it should, it may well overshadow this fair use ruling for future Righthaven decisions. However, last week’s decision serves as a warning to others that purchasing a copyright solely to profit from litigation against bloggers and websites is not a good business decision. https://www.eff.org/deeplinks/2011/0...out-here-troll Until next week, - js. Current Week In Review  Recent WiRs - April 23rd, April16th, April 9th, April 2nd Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved. "The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public." - Hugo Black |
|||||||
|
|
|
| Thread Tools | Search this Thread |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Peer-To-Peer News - The Week In Review - April 17th, '10 | JackSpratts | Peer to Peer | 0 | 14-04-10 07:14 AM |
| Peer-To-Peer News - The Week In Review - February 13th, '10 | JackSpratts | Peer to Peer | 0 | 10-02-10 07:55 AM |
| Peer-To-Peer News - The Week In Review - January 30th, '10 | JackSpratts | Peer to Peer | 0 | 27-01-10 07:49 AM |
| Peer-To-Peer News - The Week In Review - January 16th, '10 | JackSpratts | Peer to Peer | 0 | 13-01-10 09:02 AM |
| Peer-To-Peer News - The Week In Review - December 5th, '09 | JackSpratts | Peer to Peer | 0 | 02-12-09 08:32 AM |
Linear Mode
