Peer-To-Peer News - The Week In Review - August 6th, '11

[JackSpratts]

Since 2002


































"Private copying is carried out by millions of people, and many are astonished that it is illegal in this country. We need to bring copyright into line with people's expectations and update it for the modern digital world." – Vince Cable


"That's just unreal. That's six mothers that six guys are going home to." – Kevin Guy
































August 6th, 2011




File-Sharing Lawyers Suspended and Fined
Nicole Kobie

A pair of lawyers have been fined and suspended for using "distressing" tactics to push accused file-sharers into paying settlements.

Davenport Lyons was one of the first law firms to use so-called "speculative invoicing" - sending letters accusing people of illegal file-sharing, and demanding payments to avoid court action.

After public pressure, Davenport Lyons stopped the letter campaign in 2009, passing it off to another law firm, the now-defunct ACS Law.

The pair of lawyers for Davenport Lyons were initially reported to the Solicitors Regulation Authority (SRA) in 2008, and faced a hearing earlier this year with the Solicitors Disciplinary Tribunal (SDT).

The SDT found the pair were more concerned with making money for the firm, and disregarded the impact of the letters on those receiving them.

David Gore and Brian Miller, who is no longer with the firm, have both been suspended for three months and fined £20,000 each. They will also jointly have to pay £150,000 in costs.

"Some of those affected were vulnerable members of the public," an SRA spokeswoman told The Lawyer. "There was significant distress. We are pleased that this matter has been brought to a conclusion and hope that it serves as a warning to others."

Davenport Lyons said the sanctions were "totally unjustified". "The steps we took on behalf of our clients were for the protection of their legitimate legal rights," the firm said in a statement sent to PC Pro. "We consider that we acted in our clients’ best interests at all times."

"We wholeheartedly support David and Brian’s intention to appeal both the Solicitors’ Disciplinary Tribunal’s original decision and the resulting suspension and fine,” it added.

The pair have three weeks to appeal. ACS Law's sole solicitor Andrew Crossley also faces an SDT hearing, which is expected to be held in October.
http://www.pcpro.co.uk/news/369070/f...nded-and-fined





Spanish Court Rules That Linking to Potential Copyright Infringing Material Is Not Copyright Infringement
Oscar Montezuma Panez

We all know that HTML links are the heart of the World Wide Web. What many don’t appreciate is that legal liability for linking varies greatly across countries. Given the importance of linking to the World Wide Web, whether websites can be held liable for copyright infringement for linking to material that is potentially copyright-infringing is a key issue. While US copyright law has a safe harbor for websites that provide location tools, the European framework for e-commerce does not have a specific limitation on liability for websites that provide links. As a result, courts in different EU member states have developed different standards for linking liability. In recent years, Spanish courts have issued several inconsistent rulings on whether websites containing links to potentially copyright-infringing material on peer-to-peer networks violate copyright owners’ exclusive right under Spanish law of making available copyrighted works. But now a recent decision of the influential Court of Appeals of Barcelona (Audiencia Provincial de Barcelona) in the case of Indice-web has clarified that merely providing a link is not "making available" content, and does not infringe copyright.

The case was brought by the Spanish collecting society Sociedad General de Autores y Editores (SGAE), which sued the owner of Indice-web, a website that provided, among other content, links to potentially copyright infringing content that could be downloaded with P2P software. The court at first instance found that Indice-web was not liable for copyright infringement because it did not host any copyright-infringing content and merely operated as an index of websites, providing only links. If viewers chose to click on the links and download particular content, the content would be transmitted by the third party web server and reproduced on the user’s computer, without any involvement of Indice-web. On that basis, the court denied the provisional measures requested by SGAE—an injunction ordering immediate cessation of making available links to musical works in SGAE's repertoire without permission; seizure of all the proceeds earned by the defendant in the marketing of Indice-web; and the suspension of the services provided by the upstream host of Indice-web.

The court noted that Indice-web merely acts as a guide for users by providing a link to works that could later be downloaded or exchanged through P2P programs. The court also noted that Spanish law does not forbid such guidance or orientation. In this case, the court held that "the linking system does not constitute distribution, nor reproduction nor public communication," under Spanish law.

SGAE appealed the ruling, arguing that the first court’s decision only analyzed the defendant’s conduct regarding provision of links to content accessible via P2P networks, but did not consider other possible bases for copyright infringement liability such as providing assistance for direct downloads and unauthorized streaming of copyrighted works hosted on a third party server. The Court of Appeals declined to rule on those questions because they had not been raised by SGAE at first instance. The court clarified that the main issue in question was whether placing a link pointing to content stored on a different server constituted impermissible reproduction, "making available," or communication to the public, under Spain’s copyright law.

The Court of Appeals reaffirmed the reasoning of the previous court and ruled that Indice-web did not violate copyright because it merely provides links and does not participate in hosting or the transmission of potentially copyright-infringing content. It found that: "Providing a link does not imply making available the protected work according to letter i) of article 20.2 of the Intellectual Property Act, and in such sense does not qualify as public communication. Making available the protected work occurs in the computers where the protected work is hosted and where it can be downloaded through P2P networks. In such sense, [it is those] users who make available the protected work." The court also found that Indice-web was not engaged in advertising, or any for profit activities.

Although this ruling is not directly binding outside Spain it is important because it comes from the influential Barcelona Court of Appeals and clarifies the previous inconsistent Spanish rulings. Given the fundamental importance of linking to the World Wide Web, we are heartened to see that the Barcelona Appeals Court and the court of first instance understand Internet architecture and the important policy issues this case raises. We hope other European courts will take a similarly thoughtful approach to these issues going forward.
https://www.eff.org/deeplinks/2011/0...tial-copyright





Porn Studio Loses Appeal in Google Copyright Case
Greg Sandoval

A U.S. appeals court didn't accept the assertion that an adult-entertainment company was nearly driven out of business by Google search results that display thumbnail photos of the site's porn photos.

The Ninth Circuit ruled that Perfect 10, a porn studio with a long history of filing copyright suits against Internet companies, rejected a request for a preliminary injunction against Google. The court said that Perfect 10 didn't present enough evidence to prove that it would suffer irreparable harm from the photos.

Perfect 10 claims Google's software and Web crawler have caused $50 million in losses and the company. But the company failed to present a single former customer who said he or she had stopped paying Perfect 10's subscription fees because of the availability of Google's thumbnail photos.

In addition to filing suit against Google, Perfect 10 has filed suit against Amazon, Visa, and Megaupload, the controversial file-storage business. Last week, a U.S. district judge denied a motion by Megaupload to throw out Perfect 10's complaint and will allow the case to go forward.

Perfect 10 was founded by Norm Zada, a former IBM employee and math professor at Stanford University. Zada is also the son of Lotfi Zadeh, the father of fuzzy logic mathematics.

Perfect 10 was created as the anti-Playboy after a friend was rejected by the magazine. Zadeh's content features women who have not received any surgical enhancements. The company has told the court that it is on the verge of bankruptcy.
http://news.cnet.com/8301-31001_3-20...copyright-case





Time Warner Cable’s Porn Problem: It Isn’t Selling Enough Porn
Peter Kafka

Big cable companies like Comcast and Time Warner Cable keep saying they don’t see Web video cutting into their business: Even if people are watching more Hulu, Netflix, Apple TV, etc., it’s not hurting cable, say the cable guys.

But there’s at least one big, dirty exception.

Time Warner Cable said yesterday that its video-on-demand business dropped significantly in the last quarter. Asked to explain where the drop came from, CEO Glenn Britt came clean, more or less — much of it is because, instead of renting “3 Way Cheating Wives” in HD for $9.98, his customers are getting their fix on the Web for free.

There’s something quite special about listening to buttoned-down corporate chieftains talk about their porn-profit margins. If you ever get the chance, you really should hear for yourself. But this excerpted transcript will have to do for now:

Quote:

One of the things going on with VOD is that there’s been fairly steady trends over some time period now for adult to go down, largely because there’s that kind of material available on the Internet for free. And that’s pretty high margin. That’s been not just this quarter, but going on for some time period.

To be fair, drooping porn rentals don’t account for all of Time Warner Cable’s VOD decline. CFO Rob Marcus said the porn gap is responsible for about a third of the drop, and that the rest is because there weren’t many big pay-per-view events like boxing matches last quarter, and because regular movie rentals are down, too.

Ah. So maybe iTunes and Netflix, et al, are taking dollars away from cable, right? After all, Time Warner Cable video subscriber totals dropped last quarter, again. “I wouldn’t draw any conclusions quite yet,” Marcus says.
http://allthingsd.com/20110729/time-...g-enough-porn/





Big Media's Profits Defy Gloomy Outlook, For Now
Yinka Adegoke

Big media companies reported strong results but a bleak economic outlook has investors worried over whether they can deliver again in the face of high unemployment and slumping U.S. consumer spending.

Comcast Corp, Time Warner Inc and CBS Corp beat Wall Street forecasts because of a mix of content licensing deals, movie box office receipts and advertising growth.

Now, the chief concern among investors is whether earnings over the remainder of the year will hold up. And that largely depends on insurance companies, retailers, restaurants and phone companies continuing to spend on big advertising campaigns.

"We don't see any signs of a deceleration right now," said Steve Burke, chief executive of Comcast-controlled NBC Universal. "We are obviously concerned about the economy the way you would expect us to be; but so far the advertising market continues to be strong."

Shares of Time Warner, parent of CNN, HBO and Warner Bros, closed 1.3 percent lower at $33.57 on Wednesday, with investors seemingly indifferent to the marginal increase in its forecast for the year.

Comcast shares ended little changed, while CBS, which issued results late on Tuesday, rose 1.6 percent. Viacom Inc, Walt Disney Co and News Corp have yet to report results.

NBC Universal saw advertising sales at its cable networks rise by 10 percent, while ad sales at its NBC broadcast network rose by 7 percent.

"Advertising got so badly hit in 2008 and 2009 during the recession that advertising still has room to return to a normalized level to GDP," said Evercore Partners analyst Alan Gould. "Ad sales should do OK through the end of the year, driven by autos, especially as Japanese auto makers come back." (For a graphic showing the market caps of major U.S. media companies, click here: r.reuters.com/zef92s )

U.S. consumer spending habits are a concern after last week's tepid increase in U.S. second-quarter output and rise in the unemployment rate to 9.2 percent in June.

A Better Place

Time Warner's ad sales rose 9 percent at its cable networks, but rose only 2 percent at its magazine unit. CBS's ad sales rose 3 percent across TV, radio and outdoors.

"Given the weak economy, it raises concerns for ... the future of the advertising market. For now, ad markets remain healthy with a note of caution," said Chris Marangi, portfolio manager at Gabelli Multimedia Funds, which owns media stocks including Comcast and Time Warner.

"Most media companies are in a better place to weather an ad decline than they were in 2008," he said.

Comcast also must contend with customers canceling cable service because of lost jobs or lost homes, or because they went with cheaper Web video services like Netflix Inc.

Comcast lost 238,000 basic video customers in the quarter, but added 144,000 Internet and 193,000 phone subscribers. Its chief cable rival, Time Warner Cable lost 128,000 video customers during the quarter.

Comcast's customer numbers "were pretty good, though basic video losses remains a concern for investors," said Collins Stewart analyst Thomas Eagan. "We're close to the broader pay-TV market being flat to down this quarter due to seasonality and the economy."

The company cable customer additions fell in May, but recovered in June, said Comcast Cable President Neil Smit. That recovery continued into July, he said.

Comcast reported second-quarter profit of 42 cents a share, ahead of the average analyst forecast of 41 cents, according to Thomson Reuters I/B/E/S. Revenue rose 9.4 percent to $14.33 billion.

At Time Warner, adjusted earnings per share were 60 cents, ahead of the average analyst forecast of 56 cents. Revenue rose 10 percent to $7.03 billion.

(Reporting by Yinka Adegoke; editing by Paul Thomasch, Robert MacMillan and Matthew Lewis)
http://www.reuters.com/article/2011/...7722CD20110803





Pirate Pays Up: Warner Music Cashes $12 Million LimeWire Check

We knew this was going to happen, but it’s such a man-bites-dog story it’s worth noting anyway: A big file-sharing outfit ended up handing over a bunch of cash to a content company.

In this case the check writer is LimeWire, the once-huge file-sharing operation that finally shut down last year under court order. The company handed over $12 million to Warner Music Group last quarter as part of the $105 million settlement it reached with big music labels last spring.

If you argue, as Warner Music and the other labels previously had, that LimeWire was responsible for more than $1 billion worth of damage, then the check won’t mean much. Nor does it mean much to Warner’s operations — the payout amounted to 1.7 percent of the music label’s quarterly revenue.

Still, the big content companies almost never get any satisfaction in the piracy whack-a-mole game. So we’ll go ahead and note this instance now.

While we’re noting things: Warner’s revenue was up 5 percent for the quarter, buoyed in large part by digital sales, which were up 13 percent. The label still posted a net loss of $47 million, though.
http://allthingsd.com/20110804/pirat...imewire-check/





Newzbin Case Opens Up New Music Front
Robert Ashton

The music industry will waste no time in demanding ISPs immediately block illegal music websites following last week’s landmark court decision requiring BT to prevent its customers accessing pirate website Newzbin2.

Senior executives have told Music Week the music industry has been refining its strategy as it followed the case, brought by the Motion Picture Association. The ruling demonstrated that Section 97A of the Copyright, Designs and Patents Act, which has been on the statute books since the late 90s but never tested, can be used to force BT to take direct action and block the distributer of pirated material.

In around half a dozen key defence points, BT claimed it did not know its service was used to infringe copyright. But, in the High Court on Thursday The Hon. Mr Justice Arnold “blew BT’s out of the water”. More importantly for the creative and music industries, Arnold has also established a clear precedent and established that rights owners can invoke 97A to block illegal sites.

The music industry’s strategy is now decided and Music Week understands the BPI will now use the 97A precedent as part of its arsenal against illegal websites.

The first likely step, which could be just days away, will be to ask ISPs to block some of the biggest illegal websites. It is not known yet which sites – and, therefore, which ISPs will be targeted. If ISPs do not block these sites voluntarily, the BPI will ratchet up the pressure and will seek court orders – citing 97A and the MPA case – requiring them to do so.
http://www.musicweek.com/story.asp?s...de=1046130&c=1





Government Scraps Plan to Block Illegal Filesharing Websites
Mark Sweney

Vince Cable on Wednesday scrapped plans to introduce the blocking of illegal filesharing websites, arguing the scheme proposed by last year's Digital Economy Act is too cumbersome and unworkable, but said that some form of plan to bring down piracy sites is still being worked on.

A consultation document, launched by Cable, said that ministers intend to do more work on what other measures can be pursued to tackle online copyright infringement in an effort to stop widespread music piracy, which is increasingly spreading to television and film.

The business secretary said that people will also be able to make copies of music and other media for personal use, confirming well-leaked plans to relax the current law that makes it illegal to copy the contents of a CD they own onto an iPod or other digital device.

"This brings the law into line with, frankly, common sense," said Cable, responding to the Hargreaves report on the future of UK copyright law, which recommended the changes back in May 2011.

"A lot of this has to do with consumer freeedom. We need to have a legal framework that supports consumer use rather than treat it as regrettable. We can't say that businesses should embrace technology but say to consumers they can't use technology for products they have paid for."

However, Cable was not able to give details on whether the new rules would apply to consumers using cloud services to store digital content on their portable media players, such as those launched by Google and Amazon in the US, adding that it would only apply for devices on a limited basis without infringing European law.

Cable recognised that more needs to be done to crack down on illegal filesharing to protect the copyright holders, but nevertheless backed down on introducing site-blocking legislation to the DEA. "Music and film-makers have to be able to take effective and justified measures," he said. "The basic philosophy is we do recognise the need for protection, but it has to be protection that's proportionate to needs and based on evidence."

Ed Vaizey, the communications minister, said existing measures were too cumbersome and unworkable to have a real impact. He said that a specially commmissioned Ofcom report into the feasibility of site-blocking legislation proved that it was too elaborate and complicated to go through, adding: "We haven't said no to site blocking per se, forever."

Rights holders have heavily lobbied for the introduction of site-blocking legislation to curb digital piracy. However, Vaizey said that last week's landmark high court ruling, which forced BT to cut off access to mass-piracy site Newzbin2, showed that there is a route forward if rights holders want to take it.

But he acknowledged that the court process can take a long time, pointing out that the system can never cope with an illegal website launching on a Friday to cash in on a live sport event and then disappearing on Sunday. "One of the things that is frustrating for rights holders is the length of time it takes for a court process," he conceded.

Vaizey has been aiming to broker a fast-track legal process for site blocking by holding a series of meetings between rights holders. The talks aim to find common ground so both sides can agree in advance if a website is in fact infringing copyright – as well as protect ISPs from any repercussions if rights holders are wrong in their allegations – so that long-winded and costly court cases can be avoided.

"One of the things I've enabled is conversations between ISPs and rights holders," he said. "I want to see if ISPs and rights holders can come to agree a process to get facts together before going to court. The key point is up to court to make a [final] decision".

Ministers still have available the ultimate sanction of disconnecting serial pirates, although under the DEA, they have to examine a variety of lesser penalties before they can introduce disconnection.

Initially, alleged pirates will be sent warning letters that identify them as being serial illegal downloaders from the second half of 2012 – more than a year later than originally anticipated.

Fearful that there could be thousands of time-consuming appeals by recipients of the letters, ministers said that consumers who wish to appeal will have to pay £20, in an effort to deter frivolous claims. The amount will be refundable if somebody receiving a letter can prove their innocence.

The government has also asked Ofcom to begin establishing benchmarks and data on trends in online infringement as soon as possible.

Cable also said that plans for an Amazon-style digital copyright exchange, to create a kind of one-stop shop for easily buying and selling rights, have been accepted in principle. The government has launched a feasibility study to see how the exchange will work.

"[It will] serve as a genuine marketplace independent of sellers and purchasers, for example on the model of independent traders using Amazon.co.uk to sell goods, rather than simply being an aggregated rights database," the government said in its response to Hargreaves's recommendations.

The government allayed a number of the fears that rights holders have raised, such as that forcing them to join may break European regulations, saying it will be a compelling proposition to rights holders but not compulsory.

Intellectual property laws around parody, which are considerably more stringent than in countries such as the US, have also been relaxed to allow comedians, broadcasters and other content creators more scope – ensuring that spoofs such as the YouTube hit Newport State of Mind are no longer removed.
http://www.guardian.co.uk/technology...ng-sites-block





Digital Economy Act: A Foregone Conclusion?
Ben Jones

Was the Digital Economy Act always going to be implemented? The latest revelations in the Act’s complex two year history shows that it was always going to happen, and that public consultation on the matter was just a sham.

The UK Digital Economy Act, like it or loathe it, has been surrounded by an odour from the beginning, and the stench is getting ever more vile.

The Act was pushed through by Lord Mandelson, then Secretary of State (SoS) for Business, reportedly after visiting Dreamworks founder David Geffen at a villa in Corfu on 7 August 2009.

It turns out that Lord Mandelson’s protestations, that the meeting had nothing to do with his support for the initial Bill, were true.

Just released documents show that Mandelson had made his mind up before that, following meetings several weeks earlier with head of Universal Music, Lucian Grainge.

If that doesn’t sound so bad, keep in mind that at this point Mandelson’s department was conducting a public consultation on this very topic, with 2 months still to go.

Documents released from Lord Mandelson’s office this week under the Freedom of Information Act indicate that this was a waste of time, and that almost nothing any participant could have said would have made a difference.

Notes from the July 2nd 2009 meeting show Grainge stating that notices will not work, which users have been happy to verify, and that “industries are being decimated by illegal file sharing”, an odd position to take since the British Phonographic industry has noted singles sales growing by at least 30% annually for the 4 years prior to this, and album sales only slightly down on their pre-Napster figures.

They might be forgiven for this mistake, unless someone had actually pointed out the sales figures in a consultation response, which someone did, although not until the end of the consultation period, in late September, two months after the decisions had been made.

In fact, the timetable released shows that the day after meeting with Grainge, Mandelson looked to force regulator OFCOM to go straight to ‘technical measures’ (slowdowns and disconnections), followed a week later by advice that judging the effectiveness of notices wasn’t needed, based purely on the (false) claims of a music industry CEO.

16 June 2009
Final Digital Britain Report produced
02 July 2009
SoS meeting with Lucian Grainge of Universal. SoS asked for advice on options exploring whether Digital Britain proposals on peer to peer file sharing will go quickly enough and far enough.
03 July 2009
Advice to Lord Carter (copied to SoS and DCMS) on possibility of SoS having a power to direct Ofcom to go directly to introduction of technical measures.
07 July 2009
Advice (through Lord Carter) recommending that the “power to direct” process should be adopted as preferred route (rather than Ofcom decision)
09 July 2009
Letter received from Universal stating :
* Digital Britain’s two proposals: Ofcom’s letters to file-sharers and the ability for music companies to prosecute persistent offenders are not enough on their own.
* Government must start planning for step 3 now – a statutory obligation on ISPs to crack down on persistent file-sharers by cutting bandwidth and suspending and blacklisting their accounts. This is outlined in Digital Britain but not due to be implemented for years. It is essential that this power is included in the Digital Economy Bill”
10 July 2009
Advice (through Lord Carter) on removing reliance on “trigger” mechanism to judge the efficacy of initial obligations.
13 July 2009
E-mail sent to officials stating: The Secretary of State has seen the letter from Lucian Grainge and commented: “I think we should examine, including step 3 power in Bill. What is Stephen Carter’s view? Officials need to meet and discuss asap as Lucian suggests”.

Geoffrey Norris begins series of meetings with key stakeholders to canvass views.

Such flagrant disregard for public opinion is not all that uncommon, but to do so in the middle of a public consultation is a very questionable practice

One consultation respondent told TorrentFreak: “As someone who went to considerable effort to submit a rational and evidence-based response to the consultation on these issues, I am disappointed, although not surprised, to see that the outcome was predetermined.” The UK Pirate Party is a little more scathing.

“These documents show how outrageously complicit everyone from the entertainment industry, politicians and unions were in framing the Digital Economy Act,” PPUK Chair Loz Kaye told TorrentFreak.

“Its most controversial aspect – suspending people from the Internet – was already sorted out in July 2009. It appears that the consultation was just for show, and the lobbyists got all they asked for. There are now serious questions to be asked of successive governments’ relations to groups like Universal Music and the BPI.”

As for the Geffen issue, while it is unlikely that claims that the topic never came up are true, there can be no doubt that Mandelson was not ‘recruited’ then, but a month earlier. A fact he teased with in his denial, which emphasised that “… work on this was already well in hand before the SoS’s [Mandelson's] holiday.”

—

Many thanks to Philippe Bradley and the Open Rights Group for persevering and getting these documents made public.
http://torrentfreak.com/digital-econ...lusion-110731/





Game Piracy Linked To Critic’s Review Scores
Ernesto

A new study by researchers from Copenhagen Business School and the University of Waterloo explores the magnitude of game piracy on public BitTorrent trackers. The researchers tracked 173 new game releases over a three-month period and found that these were downloaded by 12.7 million unique peers. They further show that the number of downloads on BitTorrent can be predicted by the scores of game reviewers.

Solid research on the scope and effects of BitTorrent downloads is rare. Reports sponsored by the entertainment industries are usually biased and some of the more academic studies contain major methodological flaws.

It’s not all bad though, a recent paper published by Copenhagen Business School researcher Anders Drachen and his colleagues is a good example. The researchers looked into the magnitude of game piracy on BitTorrent and they monitored the downloads (peers connected to the swarms) of 173 new game titles that were released late 2010, early 2011.

During this period the researchers found that 127 of the 173 games were available on BitTorrent, and across the three months monitoring period these games were downloaded by 12.7 million unique peers in total.

As can be seen from the table below, the most downloaded games are all major commercial titles. However, the researchers note that there are a few exceptions, such as Bejeweled 3 which was downloaded by more than 250,000 people.

Combined, the 10 most downloaded games are good for over 5.3 million downloads, which equals 42% of the downloads recorded for all 127 games.

Besides game budgets, which appears to be linked to the number of downloads on BitTorrent, the researchers found that game reviews are directly correlated with the interest of pirates. That is, higher reviews generally speaking result in more downloads.

Most torrented games from late 2010 to early 2011 (3 months) Game Downloads Avg Review Score

Drachen et al., 2011
Fallout: New Vegas 962,793 83.7
Darksiders 656,296 82.7
Need for Speed: Hot Pursuit 656,243 88
NBA 2k11 545,559 86.7
TRON Evolution 496,349 59.5
Call of Duty: Black Ops 469,864 83.8
Starcraft 2 420,138 89.5
Star Wars the Force Unleashed 2 415,021 61
Two Worlds II 388,236 73.3
The Sims 3: Late Night 356,771 77.5

Although it sounds intuitive that review scores are correlated to interest in games (and other entertainment), this is certainly not always the case. To find out whether the number of game downloads on BitTorrent could be predicted by the average review score on Metacritic, the researchers correlated the two.

“The result indicates a statistically significant positive relationship between the number of unique peers and aggregated review scores. Put differently, Metacritic Scores explain 10% of the variance in the unique peers per game on BitTorrent,” the researchers write.

The researchers further note that this correlation may be even higher for older games which don’t have as many download spikes. The current research only looked at new releases.

TorrentFreak spoke to Anders Drachen who told us that one of the main motivations for this research was curiosity about the ‘true’ scope of game piracy on BitTorrent.

“There are a lot of numbers being pushed in the piracy debate but a lot of them are being critiqued from different sources, and not a lot of them are based on open methodologies – we were wondering what was actually happening,” he said.

The researchers will continue to look into other factors that influence game piracy and will publish this data in future articles.

Overall the current paper gives a seemingly robust overview of the state of game piracy on BitTorrent. Although the results may not be all that surprising, it’s certainly refreshing to see a decent report on BitTorrent statistics every now and then.
http://torrentfreak.com/game-piracy-...scores-110803/





6 Reasons Why Filesharing Will Go Down in History as the Greatest Thing Ever to Happen to Music
Phillip Brocoum

The record labels would have you believe that Napster and now BitTorrent are ushering in the Dark Age of music, but really it’s just the Dark Age of the music industry; music as an art form is on the brink of a new renaissance.

Here’s a countdown of the top six reasons why consumers and artists alike are embracing this brave new world where music can be freely shared.

6. The internet is a great way to reach out to fans

99% of artists are starving artists (hey, it’s a tough gig), but artists who are really good will always make money. Radiohead’s album “In Rainbows” was given away for free and yet still managed to hit the #1 spot on both UK and US music charts and sold 3 million copies. The fans didn’t buy the album because the law compelled them to or because DRM forced them to, they bought the album to show their love and support for the band — and think how many millions more fans Radiohead now has. Talk about filesharing karma.

5. A live performance cannot be downloaded

Music is better live, and that’s how artists have always made their living: live shows. Word of mouth is the best form of advertising, and there’s no better way to get the word out than to share music online. Rather than cracking down on filesharing, savvy artists know that when their fans share their music with their [millions of online] friends, more of those friends will show up at concerts. Torrented MP3s lead directly to more sold out concerts.

4. Big industry stifles creativity

100 songs by 100 independent artists is better than 100 songs by a single mega-band like U2 or a teeny-bopper like Miley Cyrus. Many aspiring musicians never had a chance because they were pushed aside by the latest hit that the record companies decided to bring out. The decline of the music industry, and the rise of filesharing, means there are opportunities for independent artists who can now share their music with the world without ever signing a contract.

3. BitTorrent is just better

Joe Customer wants to listen to Mumford & Sons on his way to work. Joe carefully weighs his options: he can hop in his car, drive 15 minutes to the nearest Best Buy, wander around the store for a bit looking for the album, wait in line for 10 minutes, drive all the way back home, spend an hour ripping the CD to his computer and syncing it to his iPod, and then finally be able to listen to it on the subway on his way to work the next day — or he can just download the album in five minutes. Tough choice. Consumers don’t pirate music to be evil, they do it because it’s easy, which brings us to our next point…

2. iTunes is a billion-dollar business

Billion with a B! Maybe the industry isn’t dead after all. People are willing to pay lots of money to download music, and rather than doing what the record companies did — sue their own customers and then cry themselves to sleep — Apple saw a golden opportunity and made buying songs as quick and easy as a single click. Plus, iTunes now has 90 second song previews and DRM-free music, and iTunes Match which is virtually legalized sharing. What Apple figured out that the record companies didn’t is that music as a culture is one of sharing and socializing, not lawyers and threats.

And the number one reason why filesharing will go down in history as the greatest thing ever to happen to music…

1. It already is

This article isn’t about the future, it’s about the present. Music has been freely shared for years, ever since Napster, and there’s enough data now to definitively say that music is not dead. In fact, it’s thriving. Thanks to piracy, there’s more music than ever. People walk around with thousands of songs in their pockets and new bands and artists can gather up new fans with ease. The freedom of sharing is the future of music. Why is anyone still trying to stop it?
http://torrentfreak.com/6-reasons-wh...-music-110729/





Patents Against Prosperity
W.W.

AMERICA is still in denial, but among economists and wonks I think the hard truth is settling in: we're not as rich as we thought we were and our prospects for future high growth rates aren't looking so great. America's last best hope for breaking free from what Tyler Cowen has called "the great stagnation" is the discovery of new "disruptive" technologies that would transform the possibilities of economic production in the way the fossil-fuel-powered engine did. As it stands, growth, such as it is, depends largely on many thousands of small innovations increasing efficiency incrementally along many thousands of margins. Innovation and invention is the key to continuing gains in prosperity.

Zero-sum "win the future" rhetoric notwithstanding, it doesn't much matter whether the advances in new technology occur in China, India or America. Nevertheless, it remains that America is the world's leader in technical invention, and continues to attract many of the world's most inventive minds. That's why it is so important that America remain especially conducive to innovation. And that's why America's intellectual-property system is a travesty which threatens the wealth and welfare of the whole world. It may seem a recondite subject, but the stakes couldn't be higher.

This recent episode of Planet Money, "When Patents Attack", is an informative and entertaining primer on the way America's patent system squelches competition, slows innovation, and enables egregious predation through the legal system. Please listen to this. And then tell me that Nathan Myhrvold of Intellectual Ventures is not our age's authentic villainous robber baron, making a fortune gaming America's dysfunctional patent-law system to shake down would-be innovators.

Planet Money's programme explains everything better than I can, but the thrust of it is that it is next to impossible to offer a new technology or software-driven service without getting sued for patent infringement. For example, Spotify, an innovative, highly-praised music streaming and subscription service, became available in America just a couple weeks ago. It took until last week for this to go down:

PacketVideo, a software company that enables wireless streaming of music and videos on mobile devices, filed the suit against Spotify on Wednesday, claiming that the U.K.-based company violated a patent for "distribution of music in digital form."

The plaintiff cited a violation of U.S. patent 5,636,276 and says "Spotify USA has offered for sale, sold, and imported products and/or services configured to infringe the '276 patent, and instructed and encouraged others to use the '276 patent in an infringing manner."

"PacketVideo has a strong intellectual property portfolio, and will take any necessary action needed to protect its intellectual property and prevent the misuse of its patents," says Joel Espelien, general counsel and vice president of strategic relationships.

This is apparently a patent on streaming music over the internet. Naturally, you are familiar with PacketVideo's popular music streaming service. Oh, you're not? I guess that's because they don't offer one. So, Spotify is trying to make money offering a service that will make consumers happy. (I'm using it right now. I think it's terrific.) PacketVideo is trying to make money doing what? Shaking down Spotify?

Here's where Mr Myhrvold's Intellectual Ventures comes in. Intellectual Ventures owns a huge portfolio of patents. Quite possibly they also have some sort of patent that covers streaming music over the internet. Intellectual Ventures makes money through a sort of protection racket that helps Spotify defend themselves against companies like PacketVideo. For a considerable fee, a company can access Intellectual Venture's storehouse of patents and use them defensively against companies claiming patent infringement. Julian Sanchez lucidly explains how the very existence of "defensive patents", and of companies in the business of selling them, is proof of a badly broken intellectual property system:

[T]hink about how defensive patents work. Companies aren’t buying them—or buying into the services of companies like Intellectual Ventures—because they provide otherwise unavailable technical insights. The point, rather, is to acquire (or have access to) a bundle of patents that any potential litigant who sues you is likely to be “infringing” in their own products. ...

This only works, however, if other companies are almost certain to have independently come up with the same idea. A patent that is truly so original that somebody else wouldn’t arrive at the same solution by applying normal engineering skill is useless as a defensive patent. ...

[E]very patent granted for an idea that any number of suitably skilled engineers could have (and would have, and did) come up with is a patent that probably shouldn’t be granted—a pure deadweight loss that’s actually compounded by the squandering of resources on the “arms race,” with no compensating dynamic gain. Actually, there’s probably a dynamic loss: You end up creating a huge incentive for smart and skilled people to spend their time and energy not coming up with a brilliant idea that nobody else would have, but instead trying to be the first to put on paper ideas that are obvious (to a properly trained and up-to-date person) but haven’t been locked down yet—the solution, again, that almost any professional would have come up with once they were actually trying to implement the relevant technology. A sector where investment in defensive patents is so massive, then, is a sector where—even if some of them do genuinely add value—patents are probably doing more harm than good on net.

A new paper on "The Myth of the Sole Inventor" by Mark Lemley, a professor of law at Stanford, reinforces Mr Sanchez's point.

[S]urveys of hundreds of significant new technologies show that almost all of them are invented simultaneously or nearly simultaneously by two or more teams working independently of each other. Invention appears in significant part to be a social, not an individual, phenomenon. Inventors build on the work of those who came before, and new ideas are often "in the air," or result from changes in market demand or the availability of new or cheaper starting materials. ...

The result is a real problem for classic theories of patent law. If we are supposed to be encouraging only inventions that others in the field couldn’t have made, we should be paying a lot more attention than we currently do to simultaneous invention. We should be issuing very few patents – surely not the 200,000 per year we do today. And we should be denying patents on the vast majority of the most important inventions, since most seem to involve near-simultaneous invention.

At a time when our future affluence depends so heavily on innovation, we have drifted toward a patent regime that not only fails to fulfil its justifying function, to incentivise innovation, but actively impedes innovation. We rarely directly confront the effects of this immense waste of resources and brainpower and the attendant retardation of the pace of discovery, but it affect us all the same. It makes us all poorer and helps keep us stuck in the great stagnation.
http://www.economist.com/blogs/democ...ctual-property





Google VP Accuses Competitors of "Attacking" Android with Patents
Jon Mitchell

In a surprisingly candid move, Google Senior Vice President and Chief Legal Officer David Drummond published an opinionated post on the company's official blog contending that its Android mobile operating system is under "attack" from a "hostile, organized campaign against Android by Microsoft, Oracle, Apple and other companies, waged through bogus patents."

Drummond's post is in reference to last week's sale of Nortel's patent portfolio to a consortium of Google's competitors. The purchase of these patents threatens Android's dominant share of the smartphone OS market by making the operating system more expensive for phone manufacturers to license.

Drummond calls this consortium's strategy "anti-competitive," contending that the winning $4.5 billion bid inflated the price of the patents "way beyond what they're really worth," which pushed the portfolio out of Google's reach. He's not the only one who feels that way; federal antitrust officials are investigating the deal.

Pending the outcome of antitrust investigations, it's clear that this deal puts Google and Android on the defensive. Google's position to license its mobile OS across a wide range of platforms is both a blessing and a curse. The range of options for consumers has helped Android net nearly 50% of the smartphone market, but if the cost of licensing becomes prohibitive to cash-strapped hardware manufacturers, that market will dry up quickly, and the profits for Android software developers will go right along with it. Apple doesn't have to worry about such margins, and other phone manufacturers might have to start building side businesses on WebOS or Windows Phone 7 to remain profitable, which is just what HP and Microsoft have been waiting for.

Meanwhile, Google and Apple are said to be squaring off to duel over another large patent portfolio owned by InterDigital. Patents were intended to protect innovation, but they're certainly proving costly and distracting to the software industry's leading innovators.
http://www.readwriteweb.com/archives...ng_android.php





FiOS Dominates as FCC Measures Actual Internet Speeds
Nate Anderson

For the first time ever, the FCC has collected data showing real-world speeds that Americans receive from their Internet providers. And the news is pretty good! Or, perhaps, it's pretty bad!

Advocacy group Free Press blasted the results, released today. "No matter how industry tries to put a positive spin on these results, the report shows conclusively that many Americans are simply not getting what they pay for," said research director S. Derek Turner in a statement. "This study indicates Comcast, Cox, and Verizon FiOS largely perform well, but other companies like Cablevision, AT&T, MediaCom, and Frontier all fail to deliver their customers the quality of service promised.

“In every other industry, giving your customers less than what they paid for is a very serious offense. ISPs should be held to the same standard, no matter how much they try to spin their way out of it.”

Nick Feamster, a Georgia Tech professor who worked with the FCC on proper metrics, had a different take. "We found that the performance of US ISPs more consistently matches their advertised promises than the ISPs in other countries—they do a pretty good job."

As for the FCC, the agency largely stays away from subjective evaluation, though it does note that "actual download speeds are substantially closer to advertised speeds than was found in data from early 2009."

Instead, the FCC report is all about the data. And that data shows the major ISPs generally offer 80-90 percent of their advertised speeds, even during the peak hours of 7pm-11pm, with cable and fiber services actually offering higher-than-advertised speeds for much of the day.

But one ISP stood out, and not in a good way: Cablevision had absolutely atrocious download speeds, dropping to nearly 50 percent of advertised speeds during peak hours.

The FCC obtained this real-world data by contracting with a company called SamKnows, which had run similar tests for the UK government. SamKnows recruited 78,000 Internet users from across the US, then selected 9000 of them to receive a specially configured router. That router took a series of measurements during March 2011 that tested broadband speed from a user's home to a remote server across the Internet. Results were checked against ISP-installed reference points to ensure accuracy.

Not surprisingly, fiber to the home was the best-performing technology, while DSL brought up the rear, but the differences were modest, especially for upload speeds.

The data finally gives consumers a standardized way to compare Internet connection quality among ISPs, rather than limiting themselves to advertised speeds and prices. Want to compare lag between ISPs, or between service tiers? Now you can.

The report also shows that, apart from Cablevision, Internet speeds no longer fall into the toilet when everyone comes home from work in the evening. And if you are lucky enough to have Verizon's FiOS—you won't notice any difference in speeds, ever.

Verizon might be interested in suing the FCC over net neutrality rules, but it's happy enough when the agency shows FiOS in a positive light. Today's speed data "confirms that Verizon FiOS Internet customers receive blazing-fast and sustained upstream and downstream speeds even during peak usage periods," said the company in a statement.

Update: Cablevision got in touch to defend its record.

"Cablevision delivers some of the fastest Internet connections in the country, on our basic tier, two higher levels of service, and our WiFi network, and this report simply does not reflect the experience of our nearly 3 million broadband customers," said a spokesperson. "Our high-speed Internet product leads the nation in consumer adoption and has consistently won top ratings in much broader and more extensive consumer surveys conducted by J.D. Power & Associates, PC Magazine and others." Those ratings, however, cover things like "overall satisfaction" and not actual download speeds.
http://arstechnica.com/tech-policy/n...net-speeds.ars





Researcher Announces N00ter, A Tool For Catching Net Neutrality Cheats
Andy Greenberg

Internet service providers who play favorites, beware. If Dan Kaminsky has his way, your days are numbered.

At the Black Hat security conference in Las Vegas Wednesday, Kaminsky released a free software tool for detecting when an Internet service provider (ISP) is artificially slowing down or speeding up traffic to and from a website, a program the well-known security researcher is calling N00ter, or “neutral router.”

“How do you detect subtle violations in network neutrality? How do you detect biased networks?” Kaminksy asks. “I’m here as an engineer to tell you that we will find you out. And we will find out in a way that’s incontrovertible.”

For advocates of network neutrality–the idea that Internet service providers shouldn’t privilege one service over another–the most disturbing possibility may not be that net neutrality dies outright. It may be that the principle crumbles imperceptibly: Sites that are friends or partners of the carriers sites load slightly faster than their less favored competitors, and the difference is blamed on the someone else’s hardware.

“It’s the subtle changes that concern me. Bing is fifty milliseconds slower than Google. Is this the ISP or the million other things that could be slowing the site down?” Kaminsky asks rhetorically.

N00ter, a tool that Kaminsky plans to release in coming weeks, checks for those marginal traffic cheats. N00ter functions like a VPN, routing traffic through a proxy and disguising its source and destination.

But instead of encrypting the traffic in both directions, it instead spoofs the traffic from a Web site to a user to make it seem to be coming from any Web site that the user wants to test. That traffic can be compared with a normal connection to the site to spot any artificial changes in speed.

“All the other sources of change disappear and we’re left with the one cause, the ISP,” says Kaminsky.

Kaminsky, who rose to prominence in the security field by revealing a fundamental flaw in the Internet’s DNS system at Black Hat in 2008, has designed that oversight to tough to escape. Accounting for the possibility that an ISP might try to trick N00ter by filtering traffic that only goes through the tool in one direction, he’s also built a complementary tool called Roto-N00ter that spoofs traffic in the other direction as well to catch the ISP filtering two-way traffic.

“The endgame here is that it’s impossible to make a filter N00ter can’t detect,” says Kaminsky.

Kaminsky isn’t the only one trying to create a watchdog program for detecting sneaky violations of net neutrality. FCC Chairman Julius Genachowski announced a competition called the Open Internet Challenge, aimed at fostering the creation of apps to detect net neutrality violators, though it has yet to produce a public program. “Our goal is to foster user-developed applications that shine light on any practice that might be inconsistent with the free and open Internet,” Genachowski said at the time. “Empowering consumers with information about their own connections will promote a vibrant, innovative, world-leading broadband ecosystem.”

So which ISPs has Kaminsky caught in the act with n00ter? He says he hasn’t tried to catch anyone. “I would never embarass my firends the ISPs,” he says dryly. “I’m just warning them now not to do anything you wouldn’t want to see on the front page of a newspaper.”

In fact, Kaminsky claims he has nothing against ISPs that do want to throttle bandwidth to certain sites, nor does he oppose network neutrality. “Whatever changes we have, they might as well be transparent,” he says.

“People need data,” Kaminsky adds. “My hope is that we can give people economy-promoting data at the network level. I just provide the data.”
http://blogs.forbes.com/andygreenber...rality-cheats/





Virgin Media to 'Take a Punt' on Free London WiFi Network
Christopher Williams

Virgin Media is close to launching a free public WiFi scheme in London that will challenge BT’s Openzone network, which charges for access.

The firm’s chief executive Neil Berkett told investors that it was in “quite advanced negotiations” with London councils over the plans and said he was optimistic the rollout would begin “in the not too distant future”.

“The proposition would be that we would provide free Wifi access for all,” he said.

Virgin Media’s WiFi network will be freely available to anyone at 0.5Mbps, and to its home broadband subscribers at up to 10Mbps.

The approach contrasts with BT’s extensive Openzone network, which although free to BT broadband customers, is charged at as much as £5.99 for 90 minutes’ browsing.

Mr Berkett described the plans as “a punt” that will cost Virgin Media “a few million pounds” and will “keep them [BT] honest”.

“It is part of our ethos of advancing digital lifestyles,” he said.

He said that 3G mobile broadband networks were not satisfying consumers’ demands for data on the move and suggested that the few years’ delay expected before 4G networks and devices are widely available left a gap in them market.

“The gap that is increasingly occurring between consumers’ need for data outsidfe the home and what they can get on 3G,” said Mr Berkett, adding that Virgin Media might wholesale the faster level of access to mobile networks.

The firm’s interest in public WiFi was first revealed in Novemeber, when its director of advanced technology said virgin media had been "inspired” by a scheme launched by the United States cable network Cablevision. It covered New York with WiFi at a time when American 3G networks were struggling to cope with the smartphone boom.

Virgin Media plans to install WiFi routers in its existing infrastructure, including the street-side cabinets that distribute its cable network into home. The talks with councils are focused on gaining permission for the necessary works.
http://www.telegraph.co.uk/technolog...i-network.html





A New-Found App-etite for the Web
John C. Abell

A funny thing happened on the way to the Apple Store …

Apps were supposed to be the salvation for publishers when the iPad morphed from unicorn status to the real thing last April. Plenty of publishers — newspapers, magazines and books — have built apps. Apple’s newest rules on subscriptions are placating many more.

But there is already a bit of a backlash, and a new awareness that the world wide (open) web may compare favorably to the walled gardens available on the iPad and other tablets.

Why are publishers already starting to re-think the future of media again? For one thing, there is that kickback to Apple —30% off the top — for selling through the iTunes store. Then there are those rules that seem to favor the functionality of Apple apps, like in-app purchasing. And, most ironically, there is the “Aha!” moment that the iPad itself has provided by highlighting what the optimized, mobile web can really be like.

The Financial Times blazed the back-to-the-web movement, abandoning the iTunes store in lieu of an HTML5 site that is still behind their paywall. Apple primed the pump by forbidding in-app sales. Amazon, Kobo and Barnes & Noble moved their stores from their iOS apps to the web.

And, what do you know? The public is better served: In a device-agnostic universe it’s better to buy on the web, which is everywhere, and consume as you like on whatever devices you have, can borrow, may become invented or are available. Even a clunky laptop.

The iPad and apps were supposed to be media’s best hope. But an entirely unintended consequence of Apple policies, and the reality of how content is best served up on flat, multi-touch screens, the smartphone/tablet revolution has paradoxically contributed mightily to the reinvigoration of web design.

The sharper focus of a smaller screen — against the digital tide of deeper, wider, taller, infinite — has imposed a new discipline. Rather than creating a need to compromise on style and substance, optimizing for smaller screens and potentially smaller bandwidth means that lazy, hazy “whatever” design is giving way to techniques which declutter the view and trim the excess weight of web pages.

Along with the physical constraints imposed by smaller screens is the appearance of the next generation of web language, HTML5, which offers developers rendering tools that were once the sole domain of proprietary software by companies like Adobe.

To be sure, this new school is heavily influenced by the design of apps — those small bits of software that run on mobile web devices which may or may not have a relationship with the web (as opposed to the Internet) and may or may not even require connectivity apart from brief periods when new content is pulled from the cloud and stored for offline use.

But the relative ubiquity of Internet access is also working against an app-dominant future. In addition to hotspot proliferation, there isn’t a mobile device that doesn’t have internet access on its own (built-in 3G or 4G) or can’t tap into another device that does.

So what does this all mean in media?

The iPad delivers the new web just fine — better than the old web, even.

The web isn’t dead; it’s just being optimized and focused. It’s becoming better designed by being undesigned, the way a sculptor adapts to the slab while remaining true to the medium.

This trickle of a revolt isn’t going to be the undoing of the Apple eco-system. Non-media revenue is and will always be the prime source for Apple. But it is curious that, a mere two years after all the pent-up expectations of what the Apple tablet would mean for the media, it may just be that apps — a new format for new media — won’t be the only big news going forward.

It could just be that, while nobody was really paying attention, the iPad and the tablet/app revolution it sparked has actually re-invented the web as a delivery system for a clean, new, organized approach to news, periodicals and books.

Less is more. The web may be infinite in all directions, but if the canvas is 9.5 by 7.31 inches (or thereabouts), well, imagine what the clever and the talented can do with that.
http://blogs.reuters.com/mediafile/2...e-for-the-web/





Losing Interest in Social Media: There Is No There There
George Siemens

Google+ was a bit of a breaking point for me. After recreating my online social network ( largely based on blogs from early 2000) in Facebook, Twitter, Foursquare, and Quora, G+ was a chore. I spent a few weeks of responding to G+ friend requests, trying to engage with a few people, posting a few random links, all the while trying to upkeep (occasionally) Twitter and (almost never) Facebook. I’ve concluded that most of the hype around social media is nonsense and that people, particularly the self-proclaimed social media elite are clothing-less. Sure, I’ll still continue to participate in those spaces periodically – as soon as this post is done, I’ll tweet it and share it on G+. Beyond that, however, social media is getting credit for things it’s merely flowing, not actually creating.

A few things over the last few weeks have helped to crystallize this view.

First, I saw this very silly post by Jeff Jarvis, pretending that a hashtag was the equivalent of a power movement. For me, this was a threshold moment where the noise of social media and the actual impact were starkly contrasted. The notion that a hashtag=power or the no one owns a hashtag appeal to power and fairness is absolute and utter nonsense. And reveals just how vacuous power social media users are in their orientation. Washington faces a debt crisis. How do the insular self-perceived new media elites respond? “oh, let’s create a hashtag”. It’s rubbish. And it has no influence. Sure, it’s a good avenue to vent personal feelings and blow off steam. However, that is not a “movement” and it doesn’t influence policy. The notion of the Arab Spring being about social media is similarly misguided.

We are left then, with a small group elitist new media users, trying to build consultancy around the tools, and telling others how wonderful they are. What has social media actually done? Very, very little. The reason? Social media is about flow, not substance.

I’ve been blogging since 2000 and can attribute a numerous positives to this activity: I was hired at University of Manitoba because of my blog and bi-weekly newsletter. I was hired at Athabasca University for similar reasons. I have traveled to over 30 countries and delivered over 200 presentations in the last decade due to my transparent online presence: blogging, writing, teaching. What has Twitter and Facebook done for me? Nothing, really. Other than perhaps attending to my emotive needs of being connected to people when I’m traveling and whining.

Social media=emotions.

Blogging/writing/transparent scholarship=intellect.

Put another way, Twitter/Facebook/G+ are secondary media. They are a means to connect in crisis situations and to quickly disseminate rapidly evolving information. They are also great for staying connected with others on similar interests (Stanley Cup, Olympics). Social media is good for event-based activities. But terrible when people try to make it do more – such as, for example, nonsensically proclaiming that a hashtag is a movement. The substance needs to exist somewhere else (an academic profile, journal articles, blogs, online courses).

Secondly, science and discovery require deep thought, time, and focus. The enormous and complex problems faced by different societies around the world will not be solved by twitter, G+, or social media. As Google’s “in house philosopher” states:

Quote:

Maybe you, too, are disposed toward critical thinking. Maybe, despite the comfort and security that your job offers, you, too, have noticed cracks in the technotopian bubble.

Maybe you are worn out by endless marketing platitudes about the endless benefits of your products; and you’re not entirely at ease with your contribution to the broader culture industry.

Maybe you are unsatisfied by oversimplifications in the product itself. What exactly is the relationship created by “friending” someone online? How can your online profile capture the full glory of your performance of self?

Maybe you are cautious about the impact of technology. You are startled that our social-entertainment Web sites are playing crucial roles in global revolutions. You wonder whether those new tools, like any weapons, can be used for evil as well as good, and you are reluctant to engage in the cultural imperialism that distribution of a technology arguably entails.

If you have ever wondered about any of those topics, and sensed that there was more to the story, you are on to something. Any of the topics could be the subject of a humanities dissertation—your humanities dissertation.

The technology issues facing us today—issues of identity, communication, privacy, regulation—require a humanistic perspective if we are to deal with them adequately. If you actually care about one of those topics—if you want to do something more serious about it than swap idle opinions over dinner—you can. And, I would venture, you must. Who else is going to take responsibility for getting it right?

This view – deep, contextualized awareness of complex interrelated entities (the hallmark of a a progressive or advancing society) – is strikingly antagonistic to the shallow platitudes and self-serving “look at me!” activities of social media gurus whose obsession is self-advancement. At best, they have become the reality TV/Fox News version of social commentary: lots of hype, lots of attention, void of substance, and, at best, damaging to the cause they purport to advance.
http://www.elearnspace.org/blog/2011...o-there-there/





Why Facebook and Google's Concept of 'Real Names' Is Revolutionary

The primary version of identity online is a radical departure from what we expect in real life
Alexis Madrigal

Should you have to use your real name online? It's an issue that's long simmered among social media critics and supporters alike. On one end of the spectrum, there's 4chan, where everything is anonymous. On the other, there are Facebook and Google Plus. Both have drawn fire from for categorically preventing people from using pseudonyms. This week, a new site, My Name Is Me, launched to make the case to allow anyone to use any name they choose.

This has seemed like a niche battle to me: a tiny group of activists complaining about some edge cases while the real-name policies benefited most people by raising the civility of online discourse. On a strictly utilitarian basis, it seemed like their arguments could be ignored.

But this week's discussions have made me rethink my intuition about names on social networks. My instincts had strongly pointed to requiring real names; my experience in the comment trenches of different websites has led me to believe that pure anonymity online creates a short-circuiting of our social software. It seemed natural to believe that attaching a persistent, real name to one's online identity more accurately modeled our real-world social space.

I've changed my mind. The kind of naming policy that Facebook and Google Plus have is actually a radical departure from the way identity and speech interact in the real world. They attach identity more strongly to every act of online speech than almost any real world situation does.

I want to walk you through how I've come to this understanding. Because I've been obsessively listening to Philosophy Bites podcasts, I'm going to use a thought experiment.

Imagine you're walking down the street and you say out loud, "Down with the government!" For all non-megastars, the vast majority of people within earshot will have no idea who you are. They won't have access to your employment history or your social network or any of the other things that a Google search allows one to find. The only information they really have about you is your physical characteristics and mode of dress, which are data-rich but which cannot be directly or easily connected to your actual identity. In my case, bystanders would know that a 5'9", 165 pound probably Caucasian male with half a beard said, "Down with the government!" Neither my speech or the context in which it occurred is preserved. And as soon as I leave the immediate vicinity, no one can definitively prove that I said, "Down with the government!"

In your head, adjust the settings for this thought experiment (you say it at work or your hometown or on television) or what you say (something racist, something intensely valuable, something criminal) or who you are (child, celebrity, politician) or who is listening (reporters, no one, coworkers, family). What I think you'll find is that we have different expectations for the publicness and persistence of a statement depending on a variety of factors. There is a continuum of publicness and persistence and anonymity. But in real life, we expect very few statements to be public, persistent, and attached to your real identity. Basically, only people talking on television or to the media can expect such treatment. And even then, the vast majority of their statements don't become part of the searchable Internet.

Online, Google and Facebook require an inversion of this assumed norm. Every statement you make on Google Plus or Facebook is persistent and strongly attached to your real identity through your name. Both services allow you to change settings to make your statements more or less public, which solves some problems. However, participating in public life on the services requires attaching your name to your statements. On the boulevards and town squares of Facebook, you can't just say, "Down with the government," with the knowledge that only a small percentage of the people who hear you could connect your statement to you. But the information is still being recorded, presumably in perpetuity. That means that if a government or human resources researcher or plain old enemy wants to get a hold of it, it is possible.

The pseudonym advocates note that being allowed to pick and choose a different name solves some of these problems. One can choose to tightly couple one's real-world identity and online identity... or not. One can choose to have multiple identities for separate networks. In the language we were using earlier, pseudonyms allow statements to be public and persistent, but not attached to one's real identity.

I can understand why Google and Facebook don't want this to happen. It's bad for their marketing teams. It generates social problems when people don't act responsibly under the cloak of their assumed identity. It messes up the clarity and coherence of their data. And maybe those costs do outweigh the benefits pseudonymity brings to social networks.

But then let's have that conversation. Let's not pretend that what Google and Facebook are doing has long-established precedents and therefore these companies are only doing what they're doing to mimic real life. They are creating tighter links between people's behavior and their identities than has previously existed in the modern world.
http://www.theatlantic.com/technolog...ionary/243171/





[Reading Hacker News] is Not Launching
John Cromartie

I really enjoyed patio11’s AnyAsq, especially this part:

Quote:

My most important bit of advice: LAUNCH. Asking me questions is not launching. Reading about the topic is not launching. Launching is launching. All good things come from launching. My business went from conception to launch in 8 days. Put a red mark on your calendar: 8 days from now, a month from now, whatever. Launch something by that day.

This answer resonated with me, because I’ve spent a lot of time reading and thinking and wishing about building something in the past. I’ve tried to build things before, but I never launched, and I think that the answer is not to just try harder but to replace these non-launching activities with just launching.

So, I’ve marked my calendar. And to do it, I am saying “goodbye” to Hacker News and Reddit and other news aggregators, along with various time-wasters with the help of a simple tool I wrote. If I really need help or advice, I’ll use IRC or pick up the phone, but otherwise I’m in the rare state of figure-it-out-yourself mode.

By Saturday the 6th of August, I will release a new public-facing website where people can give me money in exchange for the product or service hosted on that site.
http://jcromartie.tumblr.com/post/82...-not-launching





Foxconn to Replace Workers with 1 Million Robots in 3 Years

Taiwanese technology giant Foxconn will replace some of its workers with 1 million robots in three years to cut rising labor expenses and improve efficiency, said Terry Gou, founder and chairman of the company, late Friday.

The robots will be used to do simple and routine work such as spraying, welding and assembling which are now mainly conducted by workers, said Gou at a workers' dance party Friday night.

The company currently has 10,000 robots and the number will be increased to 300,000 next year and 1 million in three years, according to Gou.

Foxconn, the world's largest maker of computer components which assembles products for Apple, Sony and Nokia, is in the spotlight after a string of suicides of workers at its massive Chinese plants, which some blamed on tough working conditions.

The company currently employs 1.2 million people, with about 1 million of them based on the Chinese mainland.
http://news.xinhuanet.com/english201..._131018764.htm





Progress Hits Snag: Tiny Chips Use Outsize Power
John Markoff

For decades, the power of computers has grown at a staggering rate as designers have managed to squeeze ever more and ever tinier transistors onto a silicon chip — doubling the number every two years, on average, and leading the way to increasingly powerful and inexpensive personal computers, laptops and smartphones.

Now, however, researchers fear that this extraordinary acceleration is about to meet its limits. The problem is not that they cannot squeeze more transistors onto the chips — they surely can — but instead, like a city that cannot provide electricity for its entire streetlight system, that all those transistors could require too much power to run economically. They could overheat, too.

The upshot could be that the gadget-crazy populace, accustomed to a retail drumbeat of breathtaking new products, may have to accept next-generation electronics that are only modestly better than their predecessors, rather than exponentially faster, cheaper and more wondrous.

Simply put, the Next Big Thing may take longer to arrive.

“It is true that simply taking old processor architectures and scaling them won’t work anymore,” said William J. Dally, chief scientist at Nvidia, a maker of graphics processors, and a professor of computer science at Stanford University. “Real innovation is required to make progress today.”

A paper presented in June at the International Symposium on Computer Architecture summed up the problem: even today, the most advanced microprocessor chips have so many transistors that it is impractical to supply power to all of them at the same time. So some of the transistors are left unpowered — or dark, in industry parlance — while the others are working. The phenomenon is known as dark silicon.

As early as next year, these advanced chips will need 21 percent of their transistors to go dark at any one time, according to the researchers who wrote the paper. And in just three more chip generations — a little more than a half-decade — the constraints will become even more severe. While there will be vastly more transistors on each chip, as many as half of them will have to be turned off to avoid overheating.

“I don’t think the chip would literally melt and run off of your circuit board as a liquid, though that would be dramatic,” Doug Burger, an author of the paper and a computer scientist at Microsoft Research, wrote in an e-mail. “But you’d start getting incorrect results and eventually components of the circuitry would fuse, rendering the chip inoperable.”

The problem has the potential to counteract an important principle in computing that has held true for decades: Moore’s Law. It was Gordon Moore, a founder of Intel, who first predicted that the number of transistors that could be nestled comfortably and inexpensively on an integrated circuit chip would double roughly every two years, bringing exponential improvements in consumer electronics.

If that rate of improvement lags, much of the innovation that people have come to take for granted will not happen, or will happen at a much slower pace. There will not be new PCs, new smartphones, new LCD TVs, new MP3 players or whatever might become the new gadget that creates an overnight multibillion-dollar industry and tens of thousands of jobs.

In their paper, Dr. Burger and fellow researchers simulated the electricity used by more than 150 popular microprocessors and estimated that by 2024 computing speed would increase only 7.9 times, on average. By contrast, if there were no limits on the capabilities of the transistors, the maximum potential speedup would be nearly 47 times, the researchers said.

Some scientists disagree, if only because new ideas and designs have repeatedly come along to preserve the computer industry’s rapid pace of improvement. Dr. Dally of Nvidia, for instance, is sanguine about the future of chip design.

“The good news is that the old designs are really inefficient, leaving lots of room for innovation,” he said.

But other experts, not connected with Dr. Burger’s research, acknowledged that he and the paper’s other authors — from the University of Texas, the University of Washington and the University of Wisconsin — had put their finger on a real problem.

Shekhar Y. Borkar, a fellow at Intel Labs, called Dr. Burger’s analysis “right on the dot,” but added: “His conclusions are a little different than what my conclusions would have been. The future is not as golden as it used to be, but it’s not bleak either.”

Dr. Borkar cited a variety of new design ideas that he said would help ease the limits identified in the paper. Intel recently developed a way to vary the power consumed by different parts of a processor, making it possible to have both slower, lower-power transistors as well as faster-switching ones that consume more power.

Increasingly, today’s processor chips contain two or more cores, or central processing units, that make it possible to use multiple programs simultaneously. In the future, Intel computers will have different kinds of cores optimized for different kinds of problems, only some of which require high power.

And while Intel announced in May that it had found a way to use 3-D design to crowd more transistors onto a single chip, that technology does not solve the energy problem described in the paper about dark silicon. The authors of the paper said they had tried to account for some of the promised innovation, and they argued that the question was how far innovators could go in overcoming the power limits.

“Where things fall between the two is a matter of opinion,” Dr. Burger said.

Chip designers have been struggling with power limits for some time. A decade ago it was widely assumed that it would be straightforward to increase chips’ clock speed, or the rate at which it makes calculations. Then the industry hit a wall at around three gigahertz, when the chips got so hot that they began to melt. That set off a frantic scramble for new designs.

Today, some of the pioneering designers believe there is still plenty of room for innovation. One of them, David A. Patterson, a computer scientist at the University of California, Berkeley, called dark silicon a “real phenomenon” but said he was skeptical of the authors’ pessimistic conclusions.

“It’s one of those ‘If we don’t innovate, we’re all going to die’ papers,” Dr. Patterson said in an e-mail. “I’m pretty sure it means we need to innovate, since we don’t want to die!”
https://www.nytimes.com/2011/08/01/science/01chips.html





China Imposes Blackout on Train Wreck Coverage
Sharon LaFraniere

After days of growing public fury over last month’s high-speed train crash and the government’s reaction, Chinese authorities have enacted a virtual news blackout on the disaster except for positive stories or information officially released by the government.

The sudden order from the Communist Party’s publicity department, handed down late Friday, forced newspaper editors to frantically tear up pages of their Saturday editions, replacing investigative articles and commentaries about the accident that killed 40 people in eastern China with cartoons or unrelated features. Major Internet portals removed links to news reports or videos related to the crash near Wenzhou in Zhejiang Province, in which 192 people were also hurt.

The government’s decision to muzzle the media followed a remarkable outpouring of online criticism of the government over the July 23 accident. For many in China, the train wreck has crystallized concerns about whether the government is sacrificing people’s lives and safety in pursuit of breakneck development and is cloaking its failures in secrecy or propaganda.

As it did in other recent scandals over health or safety, like the collapse of poorly built schools in the 2008 Sichuan earthquake, the government has moved aggressively to shut down an outcry that, if left unchecked, might spiral into social unrest beyond its control.

Tens of millions of Chinese have posted messages on the Chinese equivalents of Twitter questioning why the two high-speed trains crashed, whether the rescue effort was bungled and why images from the site showed wrecked train cars being buried in pits even before investigators began their work. After initially playing down the event, the state-run media also began to challenge why the accident occurred and how the government had handled it.

While the government censors have no easy way to control the rising tide of microblog posts, they curtailed discussion of the issue in the traditional news media.

Outraged by the order to silence themselves, dozens of journalists insisted in online messages that given the many troubling questions that remain, it was almost impossible to swallow the directives. The government has placed huge importance on the construction of high-speed rail, mounting the world’s largest public works project.

“Tonight, hundreds of papers are replacing their pages; thousands of reporters are having their stories retracted; tens of thousands of ghosts cannot rest in peace; hundreds of millions of truths are being covered up,” the editor of Southern Metropolis Daily, a newspaper based in Guangzhou, wrote Friday. “This country is being humiliated by numerous evil hands.” His post, on the site Sina Weibo, was later deleted.

“My story will not go to print today and looks like I will have to write something else,” wrote another journalist. “I’d rather leave the page blank with one word — ‘speechless.’ ”

It was a rare display of unity among Chinese journalists. All are under the thumb of propaganda authorities, but some work for state-owned publications while others work for privately owned media outlets that are typically more daring.

One prominent weekly, the Beijing-based Economic Observer, ignored the directive, rolling out nine pages of coverage of the accident in its Saturday edition. The report described the Railway Ministry as a runaway operation; reconstructed the events in Wenzhou from the viewpoint of dozens of survivors; and examined the failure of the official, state-operated media to report the accident when it occurred.

One of the Economic Observer’s journalists said the pages were already printed when the orders came.

But many others paid heed: editors said the 21st Century Business Herald and China Business Journal each tore up eight pages of articles while The Beijing Times jettisoned four pages. One discarded article, based on the account of the wife of one victim, was titled: “There was no miracle for them.” The headline was a pointed reference to a case that has been relentlessly trumpeted by officials and the state-run press — the rescue of a toddler 21 hours after the crash, after rescuers had given up all hope and been told to quit.

“There were three calls,” one editor in Beijing said. “The first came around 9 p.m., ordering us to ‘cool down’ coverage of the Wenzhou accident as much as possible.” An hour later, the newspaper was instructed “to print only Xinhua’s wire and not to print anything we had gotten ourselves. No comments, no analysis,” the editor said, referring to the official news agency. A third call at midnight ordered the accident coverage off the front page.

The authorities even postponed the publication of an article prepared by Xinhua, according to one editor who spoke on the condition of anonymity for fear of repercussions. That report focused on the Railway Ministry’s failure to answer a series of questions about the crash.

On its Web site, the Hong Kong Journalists Association protested, noting that only Thursday, Prime Minister Wen Jiabao, speaking at a news conference in Wenzhou, had insisted that the “investigation into the accident should be open, transparent and monitored by the public.”

After initially playing down the accident, the state-run news media had grown more assertive in recent days. They were invigorated in part by the so-called netizens who all week staged an end run around the mainstream press with 140-character updates on China’s Twitter equivalents.

But some may have paid a price: the producer of one news program on CCTV, China’s state-owned television network, was reportedly reprimanded after one hard-hitting segment two days after the accident. A colleague said rumors the producer was fired were false, but declined to describe the repercussions.

In that segment, the host of the program asked: “If nobody can be safe, do we still want this speed? Can we drink a glass of milk that’s safe? Can we stay in an apartment that will not collapse?”

“China, please slow down,” the host said. “If you’re too fast, you may leave the souls of your people behind.”

Mia Li contributed research, and Jonathan Ansfield contributed reporting.
https://www.nytimes.com/2011/08/01/w...crackdown.html





Russian Minister Calls for Limits on the Internet
Guy Faulconbridge

Russia's interior minister called on Tuesday for limits on the Internet to prevent a slide in traditional cultural values among young people, raising fears of controls over the vibrant Russian-language web.

Many of Russia's 53 million web users fear that hardliners around Prime Minister Vladimir Putin would like to impose Chinese-style limits on the Internet to stave off any potential Arab Spring-style unrest ahead of the presidential election.

Russia's iPad-wielding president, Dmitry Medvedev, has ruled out draconian controls while suggesting a discussion of how to deal with clearly illegal content such as child pornography.

Interior Minister Rashid Nurgaliyev is the most senior official to publicly propose limits for cultural reasons.

"It is necessary to work out a set of measures for limiting the activities of certain Internet resources without encroaching on the free exchange of information," ITAR-TASS quoted him as telling an inter-ministerial meeting on fighting extremism.

Nurgaliyev, who did not indicate which sites he felt should be curbed, said that Russia's youth needed looking after to prevent young people from being corrupted by "lopsided" ideas, especially in music, that may undermine traditional values.

"It seems to me that the time has long been ripe to carry out monitoring in the country to find out what they are listening to, what they are reading, what they are watching," he was quoted as saying of Russia's youth.

"They have forgotten the love songs of old, the waltzes, everything that united us, our background and our roots," the 54-year-old former KGB officer said.

Nurgaliyev's lament echoes a wider perception among older Russians that morals have slipped in the two decades since the 1991 fall of the Soviet Union, but his call provoked ridicule and concern in the vibrant Russian-language blogosphere.

"Well, what can I say? I am not even going to say this is completely absurd," Alexei Nikitin said on his Russian language blog here

"Sirs, idiocy is taking over the country."

Andrei Makarevich, the leader of the popular Russian soft-rock group Mashina Vremeni, or Time Machine, told NTV television that Nurgaliyev's comments were so confusing he could not find words to describe them.

But Russian intelligence expert Andrei Soldatov said Nurgaliyev's comments camouflaged a wider drive by law-enforcement forces to establish intrusive monitoring of the Internet.

"Nurgaliyev... wants to use budget funds to set up a system to monitor the Internet," Soldatov, head of the think-tank Agentura.ru, told Reuters. "The fact that Russian law-enforcement forces have begun actively working with companies to exchange information in this sphere is turning the concept of 'privacy' into a complete illusion."

In a country where much media is state-run, the Internet is one of the last bastions of free speech. Russian bloggers freely criticise authorities, often scathingly, question high-level corruption and swap information without fear of censorship.

The Internet has played a crucial role in the unrest that has rocked North Africa and the Middle East, prompting some governments to tighten controls over access.

Such turmoil is unlikely in the near future in Russia, but some hardliners appear keen to ensure they could limit content on the Internet in the event of unrest.

A senior officer in Russia's Federal Security Service (FSB), the main successor to the Soviet-era KGB, said in April that uncontrolled use of Gmail, Hotmail and Skype were "a major threat to national security" and called for access to the encrypted communication providers.

Western diplomats told Reuters that a series of cyber attacks on prominent hosting websites in recent months -- including Medvedev's own blog -- had all the hallmarks of a highly organised, well-financed hacker attack. (Additional reporting by Maria Tsvetkova and Alissa de Carbonnel; Editing by Mark Heinrich) (; editing by Mark Heinrich)
http://www.reuters.com/article/2011/...7710HQ20110802





PayPal Hands Over 1,000 IP Addresses to the FBI, Look Out Anonymous
Matt Jurek

PayPal was attacked by Anonymous last year when they had blocked the Wikileaks accounts transactions. Now PayPal has finally come up with enough evidence to strike back at Anonymous with the help of the FBI. PayPal has come up with a list of over 1,000 IP Addresses left behind when they were attacked by Anonymous.

From the attack last year:

Quote:

PayPal has been under attack ever since they stop taking payments for Wikileaks donations. This time a 4-Chan’s Anon has actually succeeded in taking the site down. As of right now they PayPal site is not responding. MasterCard and Visa have also been under DOS attacks all day as well. Anon had been blocked on Twitter.com and Facebook earlier today which he then proceeded to attack Twitter. Twitter never went down in the attack, probably because their network has a large enough pipe to handle it but the image below shows that it actually had some effect on the servers.

These IP Addresses were left behind from the DDoS attacks which were targeted at PayPal. Those IP Addresses could prove both useful or useless to the FBI as they start their investigation. The DDoS attacks are usually performed on computers that have been infected with viruses so the owner of the machine might not even know they are playing part in the attack. However the FBI may be able to perform forensics on those computers to find out where the infection originated from.

I am sure this story will heat up as time progresses, stay tuned for more details.
http://www.tekgoblin.com/2011/07/30/...out-anonymous/





Android Trojan Records Phone Calls

CA security team finds more advanced Android malware
Jon Brodkin

A new Android Trojan is capable of recording phone conversations, according to a CA security researcher.

While a previous Trojan found by CA logged the details of incoming and outgoing phone calls and the call duration, the malware identified this week records the actual phone conversations in AMR format and stores the recordings on the device's SD card.

The malware also "drops a 'configuration' file that contains key information about the remote server and the parameters," CA security researcher Dinesh Venkatesan writes in a blog, perhaps suggesting that the recorded calls can be uploaded to a server maintained by an attacker.

Venkatesan tested the Trojan in "a controlled environment with two mobile emulators running along with simulated Internet services," and posted screenshots with the results. It appears the Trojan can only be installed if the Android device owner clicks the "install" button on a message that looks strikingly similar to the installation screens of legitimate applications.

After the malware and the remote server configuration file are installed on the Android device, making a phone call "triggers the payload" -- in other words, recording the call and storing it on the SD card.

"As it is already widely acknowledged that this year is the year of mobile malware, we advice the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications," Venkatesan writes.

While Android provides more flexibility than the iPhone by allowing installation of third-party applications, even those that were not approved for the Android Market, this freedom seems to come with increased security risk. Malware-infected applications have also been found in the Android Market itself, but users can protect themselves by installing antivirus software, just as they would on a PC.
http://www.networkworld.com/news/201...id-trojan.html





Here’s How U.S. Spies Will Find You Through Your Pics
Richard Wheeler

Iarpa, the intelligence community’s way-out research shop, wants to know where you took that vacation picture over the Fourth of July. It wants to know where you took that snapshot with your friends when you were at that New Year’s Eve party. Oh yeah, and if you happen to be a terrorist and you took a photo with some of your buddies while prepping for a raid, the agency definitely wants to know where you took that picture — and it’s looking for ideas to help figure it out.

In an announcement for its new “Finder” program, the agency says that it is looking for ways to geolocate (a fancy word for “locate” that implies having coordinates for a place) images by extracting data from the images themselves and using this to make guesses about where they were taken.

More and more digital cameras today don’t just take pictures but also capture what is called metadata — often referred to as data about data — that can include everything from when the picture was taken to what kind of camera was used to where the it was taken. This metadata, often stored in a format called EXIF, can be used by different programs to understand different aspects of the image — and also by intelligence analysts to understand different aspects of the user who took it, and the people who are in it. Like who they are, what they are doing, and where and when they did it.

Sounds great! But there are a few small problems.

First, not all images are digital. Those old pictures of your parents that you scanned? No metadata. Also, not all digital image formats support metadata. That BMP file you’ve got from 1996? No metadata there, either. Next, even if the image format supports metadata, not all digital images are captured with it. Or they are, but they aren’t captured with a full set. That picture from your old-model Flip phone? No metadata there, or not enough metadata. Also, many popular websites — for example Facebook — strip EXIF tags. So it’s not possible to get the metadata unless you can somehow get access to the source file — which means hacking.

All that means that there are a lot of images out there with no metadata and/or with metadata that you can’t get to very easily. But these images might still have visual information within the image, or other clues, that could enable a system — either completely automated or using automated and human processes together — to make a guess about where the image was taken. The best case for intelligence analysts would be a fully automated system. This way they could suck in images from a terrorist website, download them off of captured cameras or cell phones, or scan them from hard copy, and feed all this through the system and get locations of where the images were taken. With more and more images being created in our world every day this automated approach is going to be crucial.

You can already see a little bit of this happening with the new Google Image Search. The new Google Image Search has a “reverse image search” capability that enables you to search for other instances of the same image on the web. In most cases, this is limited to the exact same image. For example, open up Google Image Search into a second browser window and drag in this image:

No matches. So is this helicopter flying over Khost Province in Afghanistan or flying over the back side of the Hollywood sign? Hard to tell from the image itself. And if you test out typing both “Khost Province” and “Hollywood” into the search bar, you’ll get results that point in both directions. Even for a trained human analyst, this might prove too hard to crack (although the lack of rocket pods on this helicopter makes a good case for this not being an MH-6 Little Bird, which points to Hollywood over Khost).

But for some places that have been photographed over and over again, Google can guess where the image was taken. Drag this into Image Search:

If you didn’t guess already, or if you’re still figuring out Image Search, or if you’re impatient, or if you’re just lazy, here’s a hint: It’s the Grand Canyon. Not too hard for Google to guess because so many people have shot it. When it works like this, Google Image Search is almost like a biometrics program for places.

There is also a middle ground where there will probably still be a place for the human, probably with the images that also have some text data associated with them, where skills of not just pattern matching but intuition will be useful.

The caption for this image reads “An Mi-17 helicopter flies to Kabul, coming back from a humanitarian assistance mission in Baharak, Badakhshan province, Afghanistan.” If you didn’t know it was Afghanistan you might think you were looking at the Sierras, but once you know it’s Afghanistan, and Badakshan province, and near Baharak, and taken on a flight from Baharak to Kabul, and you take a look at the big peak in the background and the distinctive runoff pattern in the foothill at the bottom of the frame, a trained analyst might be able to poke around in a 3D visualization program like GoogleEarth and say that the picture was taken around here:

Iarpa will probably look for combinations of both of these approaches, but on an industrial scale. It’s a hard problem, but even now we are starting to see the beginnings of the solution even in the commercial world. And you better believe that it’s not just spooks who want to know where images were taken. Google, Facebook, Apple and all the other internet and social media giants are probably looking to do the same thing so that they can better understand where their users are and what they are doing there.

So before long your Facebook or Google+ account will be automatically tagging who is in your pictures and where they were taken…

…and spooks might be, too.
http://www.wired.com/dangerroom/2011...ugh-pics/all/1





ACLU Questions Use of 'Cell Phone Dragnets'
Ken Dixon

Six cities across the state, plus the Connecticut State Police, were the targets Wednesday of an effort to gauge the extent that law enforcement may be using cellphone locations to invade privacy.

The American Civil Liberties Union of Connecticut joined other ACLU offices in a nationwide campaign to determine whether police are improperly tracking people using their cellphone data. It's one of the first efforts at protecting digital privacy.

Freedom of Information Act requests were sent to the state police and local police departments of Danbury, Waterbury, New Haven, Willimantic, New London and Berlin in what could be the start of a multiyear effort to determine whether privacy rights have been violated.

Except for Berlin, where a warrantless federal tracking campaign occurred in 2008, the cities were selected geographically.

The ACLU asked whether law enforcement officials show probable cause and obtain warrants from judges before obtaining cellphone location information; and how often they seek such information.

In addition, the ACLU requested budget totals on the cost of local cellphone tracking; and policies and procedures for gathering location data.

David McGuire, staff attorney for the ACLU of Connecticut, said in that although Connecticut is relatively small, there are varying police cultures.

"We tried to pick departments that had some substantial activity and were widely dispersed," said McGuire, adding that similar requests occurred Wednesday in 30 other states. "Nationwide it is a large problem and innocent people are being caught in these cellphone dragnets. We're trying to understand the magnitude of the problem."

Danbury Police Chief Alan Baker confirmed the ACLU request made under the state's Freedom of Information Act.

"We did receive the request and like all FOI requests, it has been referred to corporation counsel for review," Baker said. "We anticipate it will take between 30 and 45 days to comply, which is standard. It's an emerging area of the law, and I don't know how much documentation we might have on it."

Lt. J. Paul Vance, spokesman for the state police, confirmed in a Wednesday phone interview that the state Department of Public Safety utilizes cellphone data. "We might use cellphone records depending on the investigation and what's required," Vance said. "We use cellphone records and sometimes it's helpful in criminal investigations. We don't use cellphone information for anything more than criminal investigations. We can and do obtain search warrants as required. It's not our intent to trample on anyone's rights."

McGuire said that the current requests for information were not given to the FBI because local police are the focus of this initial research effort.

In 2008, federal agents got details on calls to and from 180 mobile phones serviced by nine carriers, including the locations of the phones, in what amounted to an act of "mass surveillance," in Berlin, a southern suburb of Hartford, he said.

"This is very much the same as the government walking into private homes on a fishing expedition, without a warrant, and searching the premises," McGuire said. "And technology has made it a whole lot easier. These people were subjected to an unconstitutional search and never even knew it. If any law enforcement agencies in the state are carrying out similar intrusions, the public should know about it."

The ACLU said that more than 375 requests in 31 states were made by 34 ACLU affiliates to delve into the secret use of mobile phone-tracking capabilities.

"The ability to access cellphone location data is an incredibly powerful tool and its use is shrouded in secrecy. The public has a right to know how and under what circumstances their location information is being accessed by the government," said Catherine Crump, staff attorney for the national ACLU Speech, Privacy and Technology Project, in a statement. "A detailed history of someone's movements is extremely personal and is the kind of information the Constitution protects."

"The Constitution guarantees Americans freedom from unwarranted government intrusion everywhere -- in their homes, online and on their cell phones," said Andrew Schneider, executive director of the ACLU of Connecticut. "Technology may make it easier for that intrusion to happen, but that's no excuse for it."

More information about the ACLU requests is available at: acluct.org/celltrack.

Staff Writer John Pirro contributed to this report.
http://www.newstimes.com/news/articl...ts-1714378.php





Researchers Say Vulnerabilities Could Let Hackers Spring Prisoners From Cells
Kim Zetter

Vulnerabilities in electronic systems that control prison doors could allow hackers or others to spring prisoners from their jail cells, according to researchers.

Some of the same vulnerabilities that the Stuxnet superworm used to sabotage centrifuges at a nuclear plant in Iran exist in the country’s top high-security prisons, according to security consultant and engineer John Strauchs, who plans to discuss the issue and demonstrate an exploit against the systems at the DefCon hacker conference next week in Las Vegas.

Strauchs, who says he engineered or consulted on electronic security systems in more than 100 prisons, courthouses and police stations throughout the U.S. — including eight maximum-security prisons — says the prisons use programmable logic controllers to control locks on cells and other facility doors and gates. PLCs are the same devices that Stuxnet exploited to attack centrifuges in Iran.

“Most people don’t know how a prison or jail is designed, that’s why no one has ever paid attention to it,” says Strauchs. “How many people know they’re built with the same kind of PLC used in centrifuges?”

PLCs are small computers that can be programmed to control any number of things, such as the spinning of rotors, the dispensing of food into packaging on an assembly line or the opening of doors. Two models of PLCs made by the German-conglomerate Siemens were the target of Stuxnet, a sophisticated piece of malware discovered last year that was designed to intercept legitimate commands going to PLCs and replace them with malicious ones. Stuxnet’s malicious commands are believed to have caused centrifuges in Iran to spin faster and slower than normal to sabotage the country’s uranium enrichment capabilities.

Though Siemens PLCs are used in some prisons, they’re a relatively small player in that market, Strauchs says. The more significant suppliers of PLCs to prisons are Allen-Bradley, Square D, GE and Mitsubishi. Across the U.S. there are about 117 federal correctional facilities, 1,700 prisons, and more than 3,000 jails. All but the smallest facilities, according to Strauchs, use PLCs to control doors and manage their security systems.

Strauchs, who lists a stint as a former CIA operations officer on his bio, became interested in testing PLCs after hearing about the systems Stuxnet targeted and realizing that he had installed similar systems in prisons years ago. He, along with his daughter Tiffany Rad, president of ELCnetworks, and independent researcher Teague Newman, purchased a Siemens PLC to examine it for vulnerabilities, then worked with another researcher, who prefers to remain anonymous and goes by the handle “Dora the SCADA explorer,” who wrote three exploits for vulnerabilities they found.

“Within three hours we had written a program to exploit the [Siemens] PLC we were testing,” said Rad, noting that it cost them just $2,500 to acquire everything they needed to research the vulnerabilities and develop the exploits.

“We acquired the product legally; we have a license for it. But it’s easy to get it off [eBay] for $500,” she said. “Anyone can do it if they have the desire.”

They recently met with the FBI and other federal agencies they won’t name to discuss the vulnerabilities and their upcoming demonstration.

“They agreed we should address it,” Strauchs said. “They weren’t happy, but they said it’s probably a good thing what you’re doing.”

Strauchs says the vulnerabilities exist in the basic architecture of the prison PLCs, many of which use Ladder Logic programming and a communications protocol that had no security protections built into it when it was designed years ago. There are also vulnerabilities in the control computers, many of which are Windows-based machines, that monitor and program PLCs.

“The vulnerabilities are inherently due to the actual use of the PLC, the one-point-controlling-many,” Rad said. “Upon gaining access to the computer that monitors, controls or programs the PLC, you then take control of that PLC.”

A hacker would need to get his malware onto the control computer either by getting a corrupt insider to install it via an infected USB stick or send it via a phishing attack aimed at a prison staffer, since some control systems are also connected to the internet, Strauchs claims. He and his team recently toured a prison control room at the invitation of a correctional facility in the Rocky Mountain region and found a staffer reading his Gmail account on a control system connected to the internet. There are also other computers in non-essential parts of prisons, such as commissaries and laundry rooms, that shouldn’t be, but sometimes are, connected to networks that control critical functions.

“Bear in mind, a prison security electronic system has many parts beyond door control such as intercoms, lighting control, video surveillance, water and shower control, and so forth,” the researchers write in a paper they’ve released on the topic. “Access to any part, such as a remote intercom station, might provide access to all parts.”

Strauchs adds that “once we take control of the PLC we can do anything. Not just open and close doors. We can absolutely destroy the system. We could blow out all the electronics.”

Prison systems have a cascading release function so that in an emergency, such as a fire, when hundreds of prisoners need to be released quickly, the system will cycle through groups of doors at a time to avoid overloading the system by releasing them all at once. Strauchs says a hacker could design an attack to over-ride the cascade release to open all of the doors simultaneously and overload the system.

An attacker could also pick and choose specific doors to lock and unlock and suppress alarms in the system that would alert staff when a cell is opened. This would require some knowledge of the alarm system and the instructions required to target specific doors, but Strauchs explains that the PLC provides feedback to the control system each time it receives a command, such as “kitchen door east opened.” A patient hacker could sit on a control system for a while collecting intelligence like this to map each door and identify which ones to target.

While PLCs themselves need to be better secured to eliminate vulnerabilities inherent in them, Newman says prison facilities also need to update and enforce acceptable-use policies on their computers so that workers don’t connect critical systems to the internet or allow removable media, such as USB sticks, to be installed on them.

“We’re making the connection closer between what happened with Stuxnet and what could happen in facilities that put lives at risk,” he said.
http://www.wired.com/threatlevel/201...lnerabilities/





Black Hat: Lethal Hack and Wireless Attack on Insulin Pumps to Kill People
Darlene Storm

Like something straight out of science fiction, an attacker with a powerful antenna could be up to a half mile away from a victim yet launch a wireless hack to remotely control an insulin pump and potentially kill the victim.insulin pump

Security researcher Jay Radcliffe is a diabetic who is connected to an insulin pump and glucose monitor at all times. He said that combination of devices turned him into a Human SCADA system. Radcliffe decided to find out if proprietary wireless communication could be reverse-engineered and a device used to launch an injection attack that would manipulate a diabetic's insulin and possibly cause a patient's death. At the Black Hat security conference, Radcliffe is sharing his findings in his presentation called, "Hacking Medical Devices for Fun and Insulin: Breaking the Human SCADA System."

All wireless devices are susceptible to eavesdropping and that includes medical devices like pacemakers, defibrillators and insulin pumps. I read about this in 2008 when a group of computer scientists published their research entitled, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses" [PDF], highlighting how an malicious party could use an antenna, radio hardware, and a PC to wirelessly deliver a potentially lethal shock to an implantable cardiac defibrillator (ICD). Then I read a fictionalized heart hacking version in which cyber-terrorist hackers were wirelessly exploiting vulnerabilities in pacemakers and insulin pumps to carry out untraceable assassinations against political targets.

After conducting his research, Radcliffe told the Associated Press, "My initial reaction was that this was really cool from a technical perspective. The second reaction was one of maybe sheer terror, to know that there's no security around the devices which are a very active part of keeping me alive."

According to Radcliffe, an attacker could intercept wireless signals and then broadcast a stronger signal to change the blood-sugar level readout on an insulin pump so that the person wearing the pump would adjust their insulin dosage. If done repeatedly, it could kill a person. Radcliffe suggested scenarios where an attacker could be within a couple hundred feet of a victim, like being on the same airplane or on the same hospital floor, and then launch a wireless attack against the medical device. He added that with a powerful enough antenna, the malicious party could launch an attack from up to a half mile away.

Research scientist Nathanael Paul, who also wears an insulin pump, started worrying about potentially fatal wireless attacks. Last year, Paul told CNN, "If your computer fails, no one dies. If your insulin pump fails, you have problems." He and other researchers have been working on security solutions like passwords for pacemakers and other embedded medical devices. FDA spokeswoman Karen Riley said, "The FDA shares concerns about the security and privacy of medical devices and emphasizes security as a key element of device design."

Why would someone hack implantable medical devices in the real world? In the April 2010 edition of the New England Journal of Medicine, Dr. William Maisel, an assistant professor at Harvard Medical School, gave some examples. "Motivation for such actions might include the acquisition of private information for financial gain or competitive advantage; damage to a device manufacturer's reputation; sabotage by a disgruntled employee, dissatisfied customer or terrorist to inflict financial or personal injury; or simply the satisfaction of the attacker's ego." In May 2011, Dr. Dale Nordenberg warned that even with data security features, medical devices are prone to malicious attacks. The MDISS Consortium "is working to define the scope of medical device security and safety issues, such as the rate of problems with implantable defibrillators and linear accelerators."

While not quite the same caliber of drama like hacking a heart or an insulin pump, griefers launched an attack in 2008 against epilepsy patients. Launched via computer, the flashing images on the forum were meant to trigger migraines and induce seizures in some users. It was thought to be the "first computer attack to inflict physical harm" on victims.

Like so many other vulnerabilities demonstrated at security conferences, will an attacker use Jay Radcliffe's dramatic research to fatally hack insulin pumps? While the thought is as improbable as it is terrifying, it's not impossible. Like in the geeky science fiction novel, if a medical device embedded in the body were to glitch out, seemingly malfunction, and cause a target's death, who would think to look at it as a long-range wireless assassination which left no smoking gun?
http://blogs.computerworld.com/18744... o_kill_people





DIY Spy Drone Sniffs Wi-Fi, Intercepts Phone Calls
Kim Zetter

What do you do when the target you’re spying on slips behind his home-security gates and beyond your reach?

Launch your personal, specially equipped WASP drone — short for Wireless Aerial Surveillance Platform — to fly overhead and sniff his Wi-Fi network, intercept his cellphone calls, or launch denial-of-service attacks with jamming signals.

These are just a few of the uses of the unmanned aerial vehicle that security researchers Mike Tassey and Richard Perkins demonstrated at the Black Hat security conference here Wednesday.

At a cost of about $6,000, the two converted a surplus FMQ-117B U.S. Army target drone into their personal remote-controlled spy plane, complete with Wi-Fi and hacking tools, such as an IMSI catcher and antenna to spoof a GSM cell tower and intercept calls. It also had a network-sniffing tool and a dictionary of 340 million words for brute-forcing network passwords.

The GSM hack was inspired by a talk given at last year’s DefCon hacker conference by Chris Paget, who showed how to create a cellphone base station that tricks nearby handsets into routing their outbound calls through it instead of through commercial cell towers.

That routing allows someone to intercept even encrypted calls in the clear. The device tricks phones into disabling encryption, and records call details and content before they’re routed to their intended receiver through voice-over-internet protocol or redirected to anywhere else the hacker wants to send them.

The drone takes that concept and gives it flight. The plane weighs 14 pounds and is 6 feet long. Per FAA regulations, it can legally fly only under 400 feet and within line of sight. But the height is sufficient to quiet any noise the drone might produce, which the researchers said is minimal, and still allow the plane to circle overhead unobtrusively.

It can be programmed with GPS coordinates and Google maps to fly a predetermined course, but requires remote control help to take off and land.

The two security researchers created the spy plane as a proof of concept to show what criminals, terrorists and others might also soon be using for their nefarious activities.

Tassey, a security consultant to Wall Street and the U.S. intelligence community, told the conference crowd that if the two of them could think up and build a personal spy drone, others were likely already thinking about it, too.

The spy drones have multiple uses, both good and bad. Hackers could use them to fly above corporations to steal intellectual property and other data from a network, as well as launch denial-of-service or man-in-the-middle attacks. They could also transmit a cellphone jamming signal to frustrate an enemy’s communications.

“It’s hard to keep something that’s flying from getting over your facility,” Tassey said.

A drone could also be used to single out a target, using the target’s cellphone to identify him in a crowd, and then follow his movements. And it would be handy for drug smuggling, or for terrorists to trigger a dirty bomb.

But the drones don’t just have malicious uses. The researchers point out that they would be great for providing emergency cellular access to regions hit by a disaster.

The drones could also be outfitted with infrared cameras and shape-recognition technology to run search-and-rescue missions for lost hikers. The military could use them for electronic countermeasures to jam enemy signals or as communication relays flown over remote areas to allow soldiers on two sides of a mountain, for example, to communicate.

“You don’t need a PhD from MIT to do this,” Perkins said.
http://www.wired.com/threatlevel/201...lackhat-drone/





Afghanistan War: Hobbyists' Toy Truck Saves 6 Soldiers' Lives
Ned Potter

Staff Sgt. Christopher Fessenden is on duty in Afghanistan now after tours with the Army in Iraq. He has traveled with standard-issue equipment -- weapons, helmet, uniform, boots and so forth -- plus a radio-controlled model truck his brother Ernie sent.

The truck is not a toy to him. He says it just saved six soldiers' lives.

"We cannot thank you enough," said Sgt. Fessenden in an email from the front that Ernie, a software engineer in Rochester, Minn., shared with ABC News.

The little truck was used by the troops to run ahead of them on patrols and look for roadside bombs. Fessenden has had it since 2007, when Ernie and Kevin Guy, the owner of the Everything Hobby shop in Rochester, rigged it with a wireless video camera and shipped it to him.

Last week, it paid off. Chris Fessenden said he had loaned the truck to a group of fellow soldiers, who used it to check the road ahead of them on a patrol. It got tangled in a trip wire connected to what Fessenden guesses could have been 500 lbs. of explosives. The bomb went off. The six soldiers controlling the truck from their Humvee were unhurt.

"Monday morning, Ernie comes running into my store and says, 'You're not going to believe this,'" said Guy, recounting the story in a telephone interview.

"I got an email from [Chris] that said, 'Hey, man, I'm sorry, but the truck is gone,'" said Ernie, admitting he still found it all pretty hard to believe. "The neat thing is that the guys in the Humvee were all right."

The military does what it can to protect its troops in Iraq and Afghanistan -- they travel in armored vehicles and are trained in how to patrol for bombs -- but IEDs, or Improvised Explosive Devices, have been a constant danger. Ernie says he once asked Chris, "Doesn't the army have ways of checking for these things?" The answer: "If it does, I don't know about them."

That was what led Ernie and Kevin to send the model truck, a brand called a Traxxis Stampede. After they added the video camera, with a small monitor Chris could mount on his rifle, Kevin guesses the total cost came to about $500.

In his email, Chris Fessenden said the little truck has successfully found four IEDs since he first got it.

"We do mounted patrols, in trucks, and dismounted by foot," he wrote. "The funny thing is the Traxxis does faster speeds than the trucks we are operating in under the governing speed limit... so the traxxis actually keeps up with us and is able to advance past us and give us eyes on target before we get there."

"Is it a toy?" he wrote. "Yeah it is...is it fun... absolutely... but the guys here take the truck very seriously when out on [a] mission."

Replacement Truck on the Way

"I've talked to my brother a number of times and he says anything they get, from a letter to a bag of peanuts, it makes them feel great," said Ernie. "And then if you send them something cool like this, that helps them do their job and keeps them safe... There's just no way of explaining that. It's such a great feeling."

Kevin joined in: "For us, that's what it's all about -- a bunch of guys over there trying to make a difference."

They had already been trying to send Chris a new truck; the Stampede was wearing out. Kevin said he will donate one through a nonprofit group he helped organize, Fuel My Brain. They had tried to raise some money over the weekend at a county fair near Rochester, but had come away with all of six dollars. That was before they had a story to tell about the six soldiers.

"That's just unreal," said Kevin. "That's six mothers that six guys are going home to."
http://abcnews.go.com/Technology/rem...oldiers-lives/





Guardians of Internet Security Are Targets
Somini Sengupta

The Web site of ManTech International, a $2.6 billion computer security company that won a major F.B.I. contract, sells its services this way:

“Whether an intrusion is conducted by a skilled outsider with criminal intent, an adolescent hacker seeking a thrill or a disgruntled employee bent on revenge or espionage, the potential risks to the organization are enormous.”

Last Friday, ManTech was that organization.

A band of Internet vigilantes calling itself Anonymous said it had sneaked into ManTech’s computers to demonstrate the company’s insecurity. The group released what it said were internal company documents and, in language that suggested the handiwork of an adolescent hacker seeking a thrill, taunted the company online: “It’s really good to know that you guys are taking care of protecting the United States from so-called cyber threats.”

ManTech is in good company. In recent months, several security firms and consultants have been hit by the very intruders they are hired to keep at bay.

Think of these companies as the new Pinkertons: Instead of taking on 19th-century outlaws in the Wild West, they are hired today to protect corporate and government data, including the most confidential intelligence information, across a vast virtual frontier. The string of embarrassing attacks on them demonstrates how vulnerable everyone is online, including those who are paid to be the protectors.

Many technology professionals who have long warned about such security risks say so-called hacktivist groups like Anonymous, which publicize their attacks to make a point, are the least worrisome of the many potential intruders out there.

“With the rise of hacktivism, now the people who break into you tell you they break into you,” said Jeff Moss, founder of the Black Hat conference, which drew nearly 6,500 technologists, largely security professionals, to Las Vegas this week. “A little bit of public humiliation is going to go a long way in helping the security industry clean up.”

Other times, the attackers are mysterious and more worrying entities, as in the case of the still unknown organization that in March breached the systems of RSA, whose electronic security tokens are used across many industries.

RSA’s parent company, EMC, has said that replacing tokens and cleaning up the mess has cost it roughly $90 million so far this year. Hackers used information obtained in the RSA attack to break into Lockheed Martin, the largest military contractor in the country.

On Wednesday the security company McAfee said it had uncovered a campaign of computer break-ins at 72 organizations and companies worldwide. McAfee called it the handiwork of a nation-state intent on acquiring, among other things, American military designs. Military contractors in the United States made up a disproportionately large share of the companies selected — 12 in all.

Anonymous, for its part, has made it plain that it goes after defense and intelligence contractors to expose their security vulnerabilities, not for financial or strategic gain. Booz Allen Hamilton, a $5.6 billion company based in McLean, Va., that does computer security work for the Defense Department, was hit by the group in early July; the hackers released the e-mail addresses of 90,000 military personnel.

The most notorious breach of a security company came early this year after an executive at HBGary Federal, a relatively small consultant eyeing a government contract, boasted publicly of his ability to unmask the members of Anonymous. In response, hackers made off with a large trove of the company’s e-mail messages and dumped them online, exposing details of its business transactions.

Greg Hoglund, who is the chief executive of HBGary, the parent company that owns a minority stake in HBGary Federal, said that the breach was the result of “a human mistake” and that his firm, along with other security companies, had fortified their systems since then.

“It was a wake-up call for the entire security industry,” Mr. Hoglund said. “It probably needed to happen. I wish I didn’t have to be the sacrificial lamb.”

As unlikely as it may seem, HBGary Federal still has a contract to help an unnamed federal agency sniff out spies inside its organization. And HBGary continues to sell its software, intended to ferret out the circumstances of a network intrusion.

For its part, ManTech posted a vague statement on its site last Friday after the Anonymous attack, saying that it addresses threats to its information systems and pointing out the obvious: “All organizations attract cyber threats in our highly networked world.”

An academic who studies computer security, who declined to be named because he consults for the government, described the Anonymous attacks on security companies in blunt terms: “They’re pulling their pants down publicly.”

The spate of attacks — and the fear of more — could actually end up buoying the fortunes of the global security industry. A nationwide survey of company technology managers, conducted by Forrester Research, found that computer security had increased as a share of the total information technology budget of companies, to 14 percent this year from 8.2 percent in 2007. Of those surveyed this year, 56 percent said it was a high priority to “significantly upgrade.”

“The landscape is more menacing now,” said Eve Maler, principal analyst for security and risk at Forrester. “Even the most experienced practitioners are in the process of upping their game.”

All of the major defense and intelligence contractors have expanded their digital security wings in recent years. They are simply following the money. The business of security for government agencies is growing by an enviable 9 percent a year, according to the research firm Input/Deltek. Federal government contracts alone amount to over $9 billion today and are projected to grow to $13.3 billion by 2015. “Cybersecurity,” Deltek concluded in a recent report, “is somewhat immune to spending and budget cuts.”
For better or worse, said Jonathan L. Zittrain, a Harvard Law School professor, securing the Internet has been largely left to private players — and even government information is increasingly guarded by private companies, whose actions can be difficult to monitor and hold accountable.

“In the absence of larger public order, we’ve seen do-it-yourself approaches: the technologically savvy can configure their own firewalls, and corporations can try to buy security,” he said. “But this can be as figuratively dicey as trying to get and maintain security contractors in Baghdad immediately following the fall of Saddam Hussein.”
https://www.nytimes.com/2011/08/05/t...e-targets.html





US Internet Providers Hijacking Users' Search Queries
Jim Giles

Searches made by millions of internet users are being hijacked and redirected by some internet service providers in the US. Patents filed by Paxfire, the company involved in the hijacking, suggest that it may be part of a larger plan to allow ISPs to generate revenue by tracking the sites their customers visit. It may also be illegal.

Reese Richman, a New York law firm that specialises in consumer protection lawsuits, today filed a class action against one of the ISPs and Paxfire, which researchers believe provided the equipment used to hijack and redirect the searches. The suit, filed together with Milberg, another New York firm, alleges that the process violated numerous statutes, including wiretapping laws.

The hijacking seems to target searches for certain well-known brand names only. Users entering the term "apple" into their browser's search bar, for example, would normally get a page of results from their search engine of choice. The ISPs involved in the scheme intercept such requests before they reach a search engine, however. They pass the search to an online marketing company, which directs the user straight to Apple's online retail website.

More than 10 ISPs in the US, which together have several million subscribers, are redirecting queries in this way (see below for a complete list). None of the companies would comment on the redirection scheme, but evidence collected by Christian Kreibich and Nicholas Weaver at the International Computer Science Institute in Berkeley, California, who discovered the redirection and have been monitoring it for several months, suggest that the process generates revenue for the ISPs.

The Berkeley team has identified 165 search terms, from "apple" and "dell" to "safeway" and "bloomingdales", that are passed to marketing companies and then redirected to the appropriate retail website. The marketing companies include organisations like Commission Junction, a Santa Barbara, California, a firm that retailers pay to supply traffic to their websites.

Organisations that provide Commission Junction with traffic, which may include Paxfire and the ISPs the Berkeley team monitored, receive a cut of any purchase their users make. The cut is typically around 3 per cent. Commission Junction said that it was investigating the behaviour identified by the Berkeley researchers.

Buy, buy, buy

The process is highly contentious. A user who searched for "apple" would easily have found the company's store via a search engine, so Apple may be needlessly sharing revenue with Commission Junction and the ISPs. Search engines are also being deprived of traffic intended for them. The ISPs are understood to have stopped redirecting Google search traffic after the company complained to them earlier this year. All the ISPs identified by the Berkeley team redirect some Bing and Yahoo searches.

The redirection can also produce unwanted results. A user wanting to read an article in The Wall Street Journal, for instance, might search for "wsj"; the redirection system would take them to a page offering subscription deals for the paper. Searches for "kindle" are sent to Amazon, the company that makes the e-book reader of that name. A normal search for the term provides links to Wikipedia, reviews of the device and links to Kindles for sale on eBay.

"This interception and alteration of search traffic is not just your average privacy problem," says Peter Eckersley at the Electronic Frontier Foundation, a San Francisco-based internet advocacy group that helped the Berkeley team investigate the ISPs. "This is a deep violation of users' trust and expectations about how the internet is supposed to function."

It is not the first time that the desire of ISPs to monitor and monetise the traffic they carry has led to controversy. In 2008, service providers in the UK suffered a backlash after it emerged that they were working with Phorm, a company that developed techniques for tracking the interests and activities of internet users. Advertisers and publishers already track users' browsing, but ISPs are in a particularly powerful position because they can observe almost everything we do online. Many users complained about Phorm's data collection, prompting several ISPs to sever links with the company.

Paxfire connection

In this case, examination of the redirected traffic has led the Berkeley team to believe that the service is provided by Paxfire. The firm, based in Sterling, Virginia, has provided advertising services to ISPs since it was founded in 2003. As well as using Paxfire to redirect specific queries, the ISPs pass many, or perhaps all, searches on Google, Bing and Yahoo through Paxfire servers – a process that places Paxfire in a similar position to Phorm.

Paxfire executives did not reply to New Scientist's multiple requests for comment, but the patents that Paxfire has been awarded, as well as others it has applied for, provide hints of its plans. In March, for example, company CEO Alan Sullivan applied for a patent for a system that would allow ISPs to create a "database of information about particular users" based on the searches and website visits observed by the service provider. The patent says that ISPs could use the information to display relevant advertising.

Paxfire is named in the lawsuit filed by Reese Richman and Milberg, alongside RCN, based in Herndon, Virginia, one of the ISPs identified by the Berkeley team. The suit, which was filed in the district court for the southern district of New York, claims that the two companies violated privacy safeguards enshrined in the Wiretap Act, a 1968 law that regulates electronic communications.

Want to check whether your ISP is monitoring your searches? Try running this tool developed by the Berkeley researchers.

Shielding searches from prying eyes

Feel uneasy about the possibility of your internet search provider keeping tabs on your searches? A simple fix is at hand. Last year, Google launched a service that encrypts its search traffic, including the search term itself. To turn this encryption on, just use "https" instead of "http" at the beginning of the address that you have bookmarked for Google.

If you're a Firefox user and want to use encrypted communication on other sites, including Wikipedia, Twitter and Facebook, consider installing the HTTPS Everywhere extension developed by the Electronic Frontier Foundation. The extension automatically turns on encryption for around 1000 sites that offer it.

List of ISPs that are redirecting some search queries

Cavalier
Cincinnati Bell
Cogent
Frontier
Hughes
IBBS
Insight Broadband
Megapath
Paetec
RCN
Wide Open West
XO Communication

Charter and Iowa Telecom were observed to be redirecting search terms, but have since ceased doing so. Iowa Telecom stopped its redirection between July and September 2010, and Charter stopped in March 2011.
http://www.newscientist.com/article/...h-queries.html





Meet Comex, The 19-Year-Old iPhone Uber-Hacker Who Keeps Outsmarting Apple
Andy Greenberg

Nicholas Allegra lives with his parents in Chappaqua, New York. The tall, shaggy-haired and bespectacled 19-year old has been on leave from Brown University since last winter, looking for an internship. And in the meantime, he’s been spending his days on a hobby that periodically sends shockwaves through the computer security world: seeking out cracks in the source code of Apple’s iPhone, a device with more software restrictions than practically any computer on the market, and exploiting them to utterly obliterate its defenses against hackers.

“It feels like editing an English paper,” Allegra says simply, his voice croaking as if he just woke up, though we’re speaking at 9:30 pm. “You just go through and look for errors. I don’t know why I seem to be so effective at it.”

To the public, Allegra has been known only by the hacker handle Comex, and keeps a low profile. (He agreed to speak after Forbes‘ poking around Twitter, Facebook and the Brown Directory revealed his name.) But in what’s becoming almost an annual summer tradition, the pseudonymous hacker has twice released a piece of code called JailBreakMe that allows millions of users to strip away in seconds the ultra-strict security measures Apple has placed on its iPhones and iPads, devices that account for more than half the company’s $100 billion in revenues.

The tool isn’t intended for theft or vandalism: It merely lets users install any application they want on their devices. But jailbreaking, as the practice is called, violates Apple’s obsessive control of its gadgets and demonstrates software holes that could be exploited later by less benevolent hackers.

Apple didn’t respond to requests for comment, but it’s not thrilled about Allegra’s work. When he released JailbreakMe 3 in July, the company rushed to patch the security opening in just nine days. Nonetheless, 1.4 million people used the tool to jailbreak their gadgets in that time, and more than 600,000 more since then. Allegra has become such a thorn in Apple’s side that its stores now block JailbreakMe.com on in-store wifi networks.

“I didn’t think anyone would be able to do what he’s done for years,” says Charlie Miller, a former network exploitation analyst for the National Security Agency who first hacked the iPhone in 2007. “Now it’s been done by some kid we had never even heard of. He’s totally blown me away.”

To appreciate JailbreakMe’s brilliance, consider how tightly Steve Jobs locks down his devices: Since 2008, Apple has implemented a safeguard called “code-signing” to prevent hackers from running any of their own commands on its mobile operating system. So even after an attacker finds a security bug that gives him access to the system, he can only exploit it by reusing commands that are already in Apple’s software, a process security researcher Dino Dai Zovi has compared to writing a ransom note out of magazine clippings.

After Allegra released JailbreakMe 2 last year, Apple upped its game another notch, randomizing the location of code in memory so that hackers can’t even locate commands to hijack them. That’s like requiring an attacker to assemble a note out of a random magazine he’s never read before, in the dark.

Yet Allegra has managed to find a path around those locks. In JailbreakMe 3, Allegra used a bug in how Apple’s mobile operating system iOS handles PDFs fonts that allows him to both locate and repurpose hidden commands. That critical flaw allowed a series of exploits that not only gains total control of the machine but leaves behind code that jailbreaks it again every time the device reboots –all without ever even crashing the operating system. “I spent a lot of time on the polish,” Allegra says with a hint of pride.

Dino Dai Zovi, co-author of the Mac Hacker’s Handbook, says JailbreakMe’s sophistication is on par with that of Stuxnet, a worm thought to have been designed by the Israeli or U.S. government to infect Iran’s nuclear facilities. He compares Allegra’s skills to the state-sponsored intruders that plague corporations and governments, what the cybersecurity industry calls “advanced-persistent threat” hackers: “He’s probably five years ahead of them,” says Dai Zovi.

Allegra isn’t after profit: his site is free, though it does accept donations. Nor does he criticize Apple for wanting to control what users can install on their devices. He calls himself an Apple “fanboy,” and describes Android’s more open platform as “the enemy.” “I guess it’s just about the challenge, more than anything else,” he says.

The young hacker taught himself to code in the programming language Visual Basic at the age of nine, gleaning tricks from Web forums. “By the time I took a computer science class in high school, I already knew everything,” he says. When he found that he couldn’t save a screenshot from the Nintendo Wii video game Super Smash Brothers to his computer, he spent hours deciphering the file, and later worked on other Wii hacks, getting a feel for its obscure operating system.

“I didn’t come out of the same background as the rest of the security community,” he says. “So to them I seem to have come out of nowhere.”

Allegra argues that his jailbreaking work is legal. The U.S. Copyright Office created an exemption last summer in the Digital Millenium Copyright Act for users to jailbreak their own cell phones, despite’s Apple objections that the ruling could open phones to dastardly hackers and even lead to “catastrophic” attacks that crash cell phone towers.

Whether it’s acceptable to release tools for others to jailbreak their devices, however, has yet to be decided. Three courts have ruled the practice is legal, while another said it could violate the DMCA. In January, Sony used that law and others to sue George Hotz, one of Allegra’s fellow iPhone hackers, for reverse engineering the Playstation 3. The suit was settled, but not before it touched off a wave of retaliatory cyberattacks on Sony by hackers around the world.

Allegra admits that technically, there’s little difference between jailbreaking phones and hacking them for more malicious ends. “It’s scary,” he says. “I use the same phone as everyone else, and it’s totally insecure.”

But at least in the case of JailbreakMe 3, Allegra also created a patch for the PDF vulnerability he exploited, allowing users to cover their tracks so that other hackers couldn’t exploit the same bug. In the period before Apple released an official patch, users who had jailbroken their iPads and iPhones were in some sense more secure than those who hadn’t.

A postscript to Apple: Perhaps your security team could use another intern.
http://blogs.forbes.com/andygreenber...marting-apple/





Windows XP PCs Breed Rootkit Infections

Three-fourths of all rootkits on decade-old OS, says antivirus firm
Gregg Keizer

Machines running the decade-old Windows XP make up a huge reservoir of infected PCs that can spread malware to other systems, a Czech antivirus company said today.

Windows XP computers are infected with rootkits out of proportion to the operating system's market share, according to data released Thursday by Avast Software, which surveyed more than 600,000 Windows PCs.

While XP now accounts for about 58% of all Windows systems in use, 74% of the rootkit infections found by Avast were on XP machines.

XP's share of the infection pie was much larger than Windows 7's, which accounted for only 12% of the malware-plagued machines -- even though the 2009 OS now powers 31% of all Windows PCs.

Rootkits have become an important part of the most sophisticated malware packages, particularly botnets, because they mask the infection from the user, the operating system and most security software. By installing a rootkit, the hacker insures the compromise goes undetected as long as possible, and that the PC remains available to the botnet's controller for nefarious chores, such as sending spam or spreading malware to other machines.

Avast attributed the infection disparity between XP and Windows 7 to a pair of factors: The widespread use of pirated copies of the former and the latter's better security.

"According to our stats, as many as a third of XP users are running SP2 [Service Pack 2] or earlier," said Ondrej Vlcek, the chief technology officer of AVAST, in an interview Thursday. "Millions of people are out of support and their machines are unpatched."

Vlcek assumed that many of the people running XP SP2, which Microsoft stopped supporting with security patches a year ago, have declined to update to the still-supported SP3 because they are running counterfeits.

Although Microsoft serves everyone, even pirates, its monthly security patches and service packs, most security experts believe that users of illegal copies are very hesitant to upgrade or even patch for fear that they'll trigger the black screen and anti-piracy nag notices that Microsoft slaps on screens when it deems a PC is running a counterfeit copy of Windows.

Vlcek urged users running legal copies to upgrade to XP SP3. "Moving to SP3 is the most basic thing that should be done," he said.

Also in play, said Vlcek, is Windows 7's stronger security, especially the 64-bit version.

"The 64-bit version [of Windows 7] has some technologies that really make it much more difficult for rootkits to infect the computer," said Vlcek, calling out that version's kernel driver-signing feature as key to keeping rootkits off machines.

But that hasn't completely protected Windows 7 64-bit, as Vlcek acknowledged.

"The surprising part to me was that I thought the Windows 7 [number] would be even smaller," Vlcek said.

Rootkits able to infect 64-bit copies of Windows 7 remain relatively rare, but they're certainly not unknown: The first popped up in August 2010, and a massive botnet some have called "practically indestructible" last month used a variant of the same malware to install a 64-bit rootkit on Windows 7.

That malware, which goes by a number of names -- Alureon, TDL, Tidserv and most recently, TDL-4 -- is especially devious, as it installs the rootkit into the Master Boot Record (MBR). The MBR is the first sector -- sector 0 -- of the hard drive, where code is stored to bootstrap the operating system after the computer's BIOS does its start-up checks.

By subverting the MBR, the rootkit is even tougher to detect, since it's already in place by the time the OS and security software are loaded into memory.

Avast found that rootkits which infected the MBR were responsible for 62% all rootkit infections.

Users who suspect that their PC is infected with an MBR-based rootkit can scrub their machine with one of several free rootkit detectors, including Avast's "aswMBR" and Sophos' "Anti-Rootkit."
http://www.computerworld.com/s/artic...kit_infections





Website Blocking Anti-Piracy Measures are 'Unworkable', Says Vince Cable

Business secretary Vince Cable is to slam provisions laid out in the Digital Economy Act blocking filesharing websites, branding them as unworkable.

Mr Cable is due to give a speech at the British Library in which he will give his support to a number of recommendations made in the Hargreaves review of intellectual property.

Vince Cable is to criticise anti-piracy measures blocking filesharing websites (PA) Vince Cable is to criticise anti-piracy measures blocking filesharing websites (PA)

While he is expected to support reforms which would make the so-called process of format shifting legal, he is also due to object to certain parts of the Digital Economy Act.

In particular, sections of the legislation which relate to the blocking of filesharing websites are expected to be criticised for being unworkable.

An advance copy of the proposals due to be unveiled, seen by Channel 4, suggests the business secretary will back changes which will make it legal for people to copy their own music, or that belonging to their immediate family, onto a different media for private use.

'Private copying is carried out by millions of people, and many are astonished that it is illegal in this country.

'We need to bring copyright into line with people's expectations and update it for the modern digital world,' Mr Cable said.

The reforms are also expected to offer legal protection to makers of spoof videos, such as the creators of Newport State of Mind, which was recently embroiled in a legal battle.
http://www.metro.co.uk/tech/871137-w...ys-vince-cable





Biggest-Ever Series of Cyber Attacks Uncovered
Jim Finkle

Security experts have discovered the biggest series of cyber attacks to date, involving the infiltration of the networks of 72 organizations including the United Nations, governments and companies around the world.

Security company McAfee, which uncovered the intrusions, said it believed there was one "state actor" behind the attacks but declined to name it, though one security expert who has been briefed on the hacking said the evidence points to China.

The long list of victims in the five-year campaign include the governments of the United States, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and an array of companies, from defense contractors to high-tech enterprises.

In the case of the United Nations, the hackers broke into the computer system of its secretariat in Geneva in 2008, hid there for nearly two years, and quietly combed through reams of secret data, according to McAfee.

"Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators," McAfee's vice president of threat research, Dmitri Alperovitch, wrote in a 14-page report released on Wednesday.

"What is happening to all this data ... is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team's playbook), the loss represents a massive economic threat."

McAfee learned of the extent of the hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a "command and control" server that they had discovered in 2009 as part of an investigation into security breaches at defense companies.

It dubbed the attacks "Operation Shady RAT" and said the earliest breaches date back to mid-2006, though there might have been other intrusions. (RAT stands for "remote access tool," a type of software that hackers and security experts use to access computer networks from afar).

Some of the attacks lasted just a month, but the longest -- on the Olympic Committee of an unidentified Asian nation -- went on and off for 28 months, according to McAfee.

"Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors," Alperovitch told Reuters.

"This is the biggest transfer of wealth in terms of intellectual property in history," he said. "The scale at which this is occurring is really, really frightening."

China Connection?

Alperovitch said that McAfee had notified all 72 victims of the attacks, which are under investigation by law enforcement agencies around the world. He declined to give more details.

Jim Lewis, a cyber expert with the Center for Strategic and International Studies who was briefed on the hacking discovery by McAfee, said it was very likely China was behind the campaign because some of the targets had information that would be of particular interest to Beijing.

The systems of the IOC and several national Olympic Committees were breached in the run-up to the 2008 Beijing Games, for example.

And China views Taiwan as a renegade province, and political issues between them remain contentious even as economic ties have strengthened in recent years.

"Everything points to China. It could be the Russians, but there is more that points to China than Russia," Lewis said.

McAfee, acquired by Intel Corp this year, would not comment on whether China was responsible.

Stone Age

Vijay Mukhi, an independent cyber-expert based in India, says some south Asian governments, including India, are highly vulnerable to hacking from China as it strives to broaden its influence and strategic interests in the region.

"I'm not surprised because that's what China does, they are gradually dominating the cyberworld," he said.

"I would call it child's play (for a hacker to get access to Indian government data) ... I would say we're in the stone age."

An Indian telecommunications ministry official declined to say whether he was aware of the hacking on the government.

The UN said it was aware of the report, and that it has started an investigation to ascertain if there was an intrusion.

But Hwang Mi-kyung, with leading South Korean cyber security firm Ahnlab, cautioned against assuming China was the only one involved.

"I think we're beyond the stage where we should be focusing on the technical aspect of addressing individual attacks and instead we should think more in terms of what we can do policywise. For that, the involvement of Chinese government is very important," she said.

McAfee released the report to coincide with the start of the Black Hat conference in Las Vegas on Wednesday, an annual gathering of security professionals and hackers who use their skills to promote security and fight cyber crime.

In the scorching desert heat, they will meet to talk about a series of recent headline-grabbing hacks, such as on Lockheed Martin Corp, the International Monetary Fund, Citigroup Inc, Sony Corp and EMC Corp's RSA Security.

The activist groups Anonymous and Lulz Security have recently grabbed the spotlight for temporarily shutting down some high-profile websites and defacing others.

But attacks like Operation Shady RAT are far more costly and often undisclosed, as victims fear reputational damage or attention from other hackers. McAfee sees Operation Shady RAT as the tip of the iceberg.

"I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact," Alperovitch wrote in the report.

"In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they've been compromised and those that don't yet know."

(Additional reporting from Tom Miles in Geneva, Jack Kim in Seoul and James Pomfret in New Delhi, editing by Tiffany Wu, Martin Howell and Jonathan Thatcher)
http://www.reuters.com/article/2011/...7720HU20110803





Randi Zuckerberg Runs in the Wrong Direction on Pseudonymity Online
Eva Galperin

The Nymwars rage on. Over the past several weeks Google has been engaged in a very public struggle with its users over its “real names” policy on Google+, prompting blog posts and editorials debating the pros and cons of allowing pseudonymous accounts on social networking sites. But there is one person for whom insisting on the use of real names on social networking sites is not enough. Unsurprisingly, that person is Facebook’s Marketing Director, Randi Zuckerberg. Speaking last week on a panel discussion about social media hosted by Marie Claire magazine, Zuckerberg said,

Quote:

I think anonymity on the Internet has to go away. People behave a lot better when they have their real names down. … I think people hide behind anonymity and they feel like they can say whatever they want behind closed doors.

Take a moment and let that sink in. Randi Zuckberg doesn’t just think that you should be using your real name on Facebook or Google+ or LinkedIn -- she thinks pseudonyms have no place on the Internet at all. And why should we take the radical step of stripping all Internet users of the right to speak anonymously? Because of the Greater Internet F***wad Theory, or the “civility argument,” which states: If you allow people to speak anonymously online, they will froth at the mouth, go rabid, bully and stalk one another. Therefore, requiring people to use their real names online should decrease stalking and bullying and generally raise the level of discourse.

The problem with the civility argument is that it doesn’t tell the whole story. Not only is uncivil discourse alive and well in venues with real name policies (such as Facebook), the argument willfully ignores the many voices that are silenced in the name of shutting up trolls: activists living under authoritarian regimes, whistleblowers, victims of violence, abuse, and harassment, and anyone with an unpopular or dissenting point of view that can legitimately expect to be imprisoned, beat-up, or harassed for speaking out.

As a private company, Facebook is free to set its own policies. Facebook can and does choose real names over free speech and diversity of users –- that’s where the money is. If you don’t like Facebook’s rules, you can just go elsewhere, right? Now Randi Zuckerberg is advocating an Internet in which there is nowhere else to go. An Internet in which everyone has to use their real name is not necessarily going to be any more polite, but it is guaranteed to be a disaster for freedom of expression. Let’s not go there.
https://www.eff.org/deeplinks/2011/0...n-pseudonymity





Zuck’s Sis Quits On Him
Alexia Tsotsis

Facebook has confirmed to us that Mark Zuckerberg’s sister Randi Zuckerberg will be leaving Facebook to start her own social media consulting company RtoZMedia.

The other Zuckerberg had spent six years at Facebook, becoming Director of Marketing in 2009 and leading the company’s Facebook Live programs among other social media-ey initiatives.

ATD has her resignation letter addressed to Sheryl Sandberg and I’m assuming PR VP Elliot Schrage. Meanwhile, I haven’t yet persuaded anyone at Facebook to give me a heads up on whom might replace her as Marketing honcho (I’m hearing it will be an external hire) so I’m just going to post this video of RaZu singing “Valley Fruede” in 1999 — before she was a star — and also that iconic pic of her hugging Mike at The Crunchies in 2009.

Both these moments represent the blithe irreverence that I love about our industry (And “Valley Fruede” is surprisingly still relevant).
http://techcrunch.com/2011/08/03/zuc...-quits-on-him/





The Legislation That Could Kill Internet Privacy for Good
Conor Friedersdorf

An overzealous bill that claims to be about stopping child pornography turns every Web user into a person to monitor

Every right-thinking person abhors child pornography. To combat it, legislators have brought through committee a poorly conceived, over-broad Congressional bill, The Protecting Children from Internet Pornographers Act of 2011. It is arguably the biggest threat to civil liberties now under consideration in the United States. The potential victims: everyone who uses the Internet.

The good news? It hasn't gone before the full House yet.

The bad news: it already made it through committee. And history shows that in times of moral panic, overly broad legislation has a way of becoming law. In fact, a particular moment comes to mind.

In the early 20th Century, a different moral panic gripped the United States: a rural nation was rapidly moving to anonymous cities, sexual mores were changing, and Americans became convinced that an epidemic of white female slavery was sweeping the land. Thus a 1910 law that made it illegal to transport any person across state lines for prostitution "or for any other immoral purpose." Suddenly premarital sex and adultery had been criminalized, as scam artists would quickly figure out. "Women would lure male conventioneers across a state line, say from New York to Atlantic City, New Jersey," David Langum* explains, "and then threaten to expose them to the prosecutors for violation" unless paid off. Inveighing against the law, the New York Times noted that, though it was officially called the White Slave Traffic Act (aka The Mann Act), a more apt name would've been "the Encouragement of Blackmail Act."

That name is what brought the anecdote back to me. A better name for the child pornography bill would be The Encouragement of Blackmail by Law Enforcement Act. At issue is how to catch child pornographers. It's too hard now, say the bill's backers, and I can sympathize. It's their solution that appalls me: under language approved 19 to 10 by a House committee, the firm that sells you Internet access would be required to track all of your Internet activity and save it for 18 months, along with your name, the address where you live, your bank account numbers, your credit card numbers, and IP addresses you've been assigned.

Tracking the private daily behavior of everyone in order to help catch a small number of child criminals is itself the noxious practice of police states. Said an attorney for the Electronic Frontier Foundation: "The data retention mandate in this bill would treat every Internet user like a criminal and threaten the online privacy and free speech rights of every American." Even more troubling is what the government would need to do in order to access this trove of private information: ask for it.

I kid you not -- that's it.

As written, The Protecting Children from Internet Pornographers Act of 2011 doesn't require that someone be under investigation on child pornography charges in order for police to access their Internet history -- being suspected of any crime is enough. (It may even be made available in civil matters like divorce trials or child custody battles.) Nor do police need probable cause to search this information. As Rep. James Sensenbrenner says, (R-Wisc.) "It poses numerous risks that well outweigh any benefits, and I'm not convinced it will contribute in a significant way to protecting children."

Among those risks: blackmail.

In Communist countries, where the ruling class routinely dug up embarrassing information on citizens as a bulwark against dissent, the secret police never dreamed of an information trove as perfect for targeting innocent people as a full Internet history. Phrases I've Googled in the course of researching this item include "moral panic about child pornography" and "blackmailing enemies with Internet history." For most people, it's easy enough to recall terms you've searched that could be taken out of context, and of course there are lots of Americans who do things online that are perfectly legal, but would be embarrassing if made public even with context: medical problems and adult pornography are only the beginning. How clueless do you have to be to mandate the creation of a huge database that includes that sort of information, especially in the age of Anonymous and Wikileaks? How naive do you have to be to give government unfettered access to it? Have the bill's 25 cosponsors never heard of J. Edgar Hoover?

You'd thing that Rep. Steve Chabot (R-Ohio), who claims on his Web site to be "an outspoken defender of individual privacy rights," wouldn't lend his name to this bill. But he co-sponsored it! You'd think that the Justice Department of Eric Holder, who is supposed to be friendly to civil libertarians, would oppose this bill. Just the opposite. And you'd think that lots of tea partiers, with all their talk about overzealous government and intrusions on private industry, would object.

But they haven't.

As Julian Sanchez recently wrote on a related subject, "In an era in which an unprecedented quantity of information about our daily activities is stored electronically and is retrievable with a mouse click, internal checks on the government's power to comb those digital databases are more important than ever... If we aren't willing to say enough is enough, our privacy will slip away one tweak at a time."
http://www.theatlantic.com/politics/...r-good/242853/





Internet Explorer Story was Bogus
BBC

A story which suggested that users of Internet Explorer have a lower IQ than people who chose other browsers appears to have been an elaborate hoax.

A number of media organisations, including the BBC, reported on the research, put out by Canadian firm ApTiquant.

It later emerged that the company's website was only recently set up and staff images were copied from a legitimate business in Paris.

It is unclear who was behind the stunt.

The story was reported by many high profile organisations including CNN, the Daily Mail, the Telegraph and Forbes.

Questions about the authenticity of the story were raised by readers of the BBC website who established that the company which put out the research - ApTiquant - appeared to have only set up its website in the past month.

Thumbnail images of the firm's staff on the website also matched those on the site of French research company Central Test, although many of the names had been changed.

The BBC contacted Central Test who confirmed that they had been made aware of the copy but had no knowledge of ApTiquant or its activities.

Research claims

ApTiquant issued a press release claiming that it had invited 100,000 web users to take IQ tests and matched their results with the type of browser they used.

It also supplied extensive research data.

The results claimed to show that Internet Explorer users were generally of lower intelligence.

The BBC sought alternative views for the original story, including Professor David Spiegelhalter of Cambridge University's Statistical Laboratory, who said: "I believe these figures are implausibly low - and an insult to IE users."

No-one on ApTiquant's contact number was available for comment.

Graham Cluley, senior security consultant at Sophos examined the source material for the BBC after concerns were raised.

"It's obviously very easy to create a bogus site like this - as all phishers know it's easy to rip-off someone else's webpages and pictures," he said.

Mr Cluley also looked at the pdf file containing the data that many people had downloaded from a variety of sources and said it did not appear to contain malware.
http://www.bbc.co.uk/news/technology-14370878#


















Until next week,

- js.



















Current Week In Review





Recent WiRs -

July 30th, July 23rd, July 16th, July 9th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public." - Hugo Black