P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 04-06-14, 07:10 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - June 7th, '14

Since 2002


































"When the government obtains court authorization to use invasive surveillance equipment, the public should not be kept in the dark. We have open records laws for a reason, but they mean nothing if the government can violate their clear commands at its whim." – Nathan Freed Wessler






































June 7th, 2014




Payback Time: First Patent Troll Ordered to Pay “Extraordinary Case” Fees

Supreme Court's change on fee rules allows FindTheBest to pummel a patent troll.
Joe Mullin

When Santa Barbara startup FindTheBest (FTB) was sued by a patent troll called Lumen View last year, it vowed to fight back rather than pay up the $50,000 licensing fee Lumen was asking for. Company CEO Kevin O'Connor made it personal, pledging $1 million of his own money to fight the legal battle.

Once FindTheBest pursued the case, the company dismantled the troll in short order. In November, the judge invalidated Lumen's patent, finding it was nothing more than a description of computer-oriented "matchmaking."

At that point, FindTheBest had spent about $200,000 on its legal fight—not to mention the productivity lost in hundreds of work hours spent by top executives on the lawsuit, and three all-company meetings.

Now the judge overseeing the case has ruled (PDF) that it's Lumen View, not FindTheBest, that should have to pay those expenses. In a first-of-its-kind implementation of new fee-shifting rules mandated by the Supreme Court, US District Judge Denise Cote found that the Lumen View lawsuit was a "prototypical exceptional case."

Not a close call

"Lumen’s motivation in this litigation was to extract a nuisance settlement from FTB on the theory that FTB would rather pay an unjustified license fee than bear the costs of the threatened expensive litigation," Cote stated in the order she issued on Friday. "Lumen’s threats of 'full-scale litigation,' 'protracted discovery,' and a settlement demand escalator should FTB file responsive papers, were aimed at convincing FTB that a pay-off was the lesser injustice."

In the recent Octane Fitness case (PDF), the Supreme Court changed the test for fee-shifting precisely to deter behavior such as Lumen's, Cote found. Lumen didn't do "any reasonable pre-suit investigation," and filed a number of near-identical "boilerplate" complaints in a short time frame. That all suggests "Lumen’s instigation of baseless litigation is not isolated to this instance, but is instead part of a predatory strategy aimed at reaping financial advantage from the inability or unwillingness of defendants to engage in litigation against even frivolous patent lawsuits."

Cote also recounted Lumen's attempt to get a "gag order" against FTB, to stop it from talking to the press about its case. The motion was denied.

She continued: "The question of whether this case is exceptional is not close, and fee shifting in this case will serve as an instrument of justice.”

The exact amount that Lumen will have to pay isn't yet clear, as FindTheBest will have to file a brief detailing its expenses.

The fees win for FindTheBest comes not long after it lost a more ambitious effort to push forward with a RICO anti-extortion lawsuit against Lumen View. In that case, also overseen by Cote, the judge wasn't convinced that RICO could be used to fight bogus lawsuits, even ones as baseless as Lumen's.

FindTheBest CEO Kevin O'Connor told Ars that he's very pleased with the fee order, and that they're not giving up on their RICO case yet either.

"Settling would have been easier, but I couldn’t let myself give into this injustice," said O'Connor in a statement. "We hope other companies see this as a sign that settling isn’t the only way out." He continued:

This is an exciting day for FindTheBest and the thousands of tech companies across the country who have received demand letters from patent trolls, but this isn’t the end for us. While we respect Judge Cote’s decision on our RICO case, we still feel we have grounds for a case and will be appealing the decision.

This appears to be the first case of a district court judge applying the new fee-shifting rules required by Octane Fitness. Others may be on the way soon. In a case in which Newegg beat back Site Update Solutions, a subsidiary of patent-holder Acacia Research, Newegg was initially denied fees. Last month, an appeals court ordered that case to be re-briefed under the new Octane rules, giving Newegg a second chance.
http://arstechnica.com/tech-policy/2...-patent-troll/





MPAA Strikes Anti-Piracy Deal with Torrent Client Creator
ANDY

The company behind the world's most popular torrent client has struck an anti-piracy deal with the MPAA. Xunlei, a company backed by Google, will implement a content recognition system, ensure that MPAA content is properly licensed, and educate users on the effects of online copyright infringement.

While BitTorrent Inc.’s uTorrent and Mainline products grab most of the headlines, neither are the world’s most popular torrent client. That honor falls to the Chinese-operated Xunlei or ‘Thunder’ software.

As far back as 2009 the world’s leading BitTorrent trackers reported that Xunlei users accounted for more than 104 million unique users. Currently the client has an estimated 142 million users.

Considering the software’s reach the news today that client owner Shenzhen Xunlei Networking Technologies has done an anti-piracy deal with the MPAA is received with some interest, not least since Xunlei is the 12th largest Internet company in China.

The anti-piracy agreement

The Content Protection Agreement (CPA) will see Shenzhen Xunlei actively protect MPAA content including movies and TV shows. Among other measures, the landmark deal will see Xunlei implement a video recognition system to ensure that all MPAA content being made available via Xunlei is properly licensed.

The Chinese company, which is in part backed by Google, has also agreed to educate its users on the effects of online piracy and where to obtain officially licensed copies of MPAA works.

Xunlei operates a number of online ventures, including a streaming service with 136 million monthly users, so it seems logical that the deal will encompass its entire portfolio. Clearly an agreement without ‘teeth’ across all products wouldn’t be good for either Xunlei or the MPAA. The big question now, however, is what pushed the companies together. The answer, as always, is money.

MPAA hindered Xunlei’s IPO

Early 2011 Xunlei announced plans to go public with a listing on NASDAQ, the largest U.S stock market. But by November the whole thing had been canceled, with a poor economic climate held to blame. However, in the background the issue of copyright infringement was burning away.

According to reports in Chinese media, in April 2013 the MPAA demanded that Xunlei install a software plug-in to block its copyrighted content from appearing online. However, Xunlei was only prepared to install it into a video player, not their other software. Talks collapsed, legal action loomed, and the IPO dream was shattered. Clearly the company would need to regroup and consider its options.

Improving its image for a second run

In March 2014 Xunlei hosted the Chinese Internet Copyright Protection Action Plan conference. A former employee of the company who spoke on condition of anonymity said Xunlei did this to improve its image and put its infringement issues behind it.

“You must make a clean break with the pirates,” he told local media.

Just under two weeks ago came the clearest signs yet that Xunlei was ready to move towards that goal.

On May 23rd Xunlei Ltd filed a registration with the U.S. Securities and Exchange Commission for an IPO of its U.S. dollar shares. The offering price was proposed at a maximum of $100 million under the symbol ‘XNET’.

But while doing a deal with the MPAA might stop Hollywood hindering Xunlei’s IPO again, the company’s filing makes worrying reading for potential investors.

Risky business

“Even if we comply with all of our obligations under the content protection agreement, the implementation of content protection measures may affect our users’ experience or otherwise make our services and products less competitive than those of our competitors, which could in turn materially and adversely affect our business, financial condition and results of operations,” the company writes.

“In the event that the content protection agreement is terminated or we are otherwise deemed not to be fully compliant with its material terms, the content providers may initiate a lawsuit or other proceeding against us, including for any past claims that they might otherwise have made prior to entering into the agreement. In addition, other third party content providers may still initiate lawsuits or other proceedings against us.”

A lack of compliance with the most basic of U.S. copyright protections raises yet another red flag.

“We do not currently satisfy all of the statutory requirements of any DMCA safe harbor. If we are ever held to be subject to United States copyright law, that could increase our risk of direct or indirect copyright liability for our resource discovery, acceleration or other services,” Xunlei explains.

Despite the concerns, others are prepared to put up big money. Last month Chinese smartphone manufacturer Xiaomi pumped $310 million into Xunlei boosting its share of the company to around 27%.

With a fresh tagline of “more than just downloads,” Xunlei will be hoping for an exciting future in the United States – without the MPAA on its back.
http://torrentfreak.com/mpaa-strikes...reator-140604/





Should You Have a Right to Sell Your Ebooks and Digital Music?
Jeff John Roberts

SUMMARY: How should the first sale doctrine apply to digital goods? Members of Congress came to New York to hear the opinions of publishing executives, librarians and others.

People can be surprised to discover that they don’t actually own the digital books and songs they buy, but that they instead rent them from large companies like Amazon and Apple. In response, Congress is asking whether copyright law should be changed to ensure people can resell or lend out their digital goods.

This week, the House Judiciary Committee heard testimony from publishing and technology executives as well as public interest groups over whether the government needs to update a long-standing rule known as “first sale” that lets people do what they want with works they lawfully purchased.

The short answer, based on this week’s hearing, appears to be no as members of Congress and those testifying appeared skeptical that people should have the same property rights in digital goods as they do in physical ones. But some suggested that it might be time for companies to do a better job of explaining to consumers about what they are allowed to do with the books and music they “buy.”

A centuries-old property right declines with digital

The “first sale doctrine” is a technical term, but all of us know what it is in practice. It is the right to sell, lend or give away used things without getting the permission of the copyright holder. First sale is what lets libraries distribute a paperback copy of The Hunger Games to hundreds of patrons, or people to sell used records or DVDs at a garage sale.

The rule, which basically ensures that there can be a legal market for secondhand goods, works by saying that copyright owners can’t control distribution of a work after it has already been sold. Part of English law for centuries, the U.S. Supreme Court affirmed it in a 1908 case involving a publisher that had put a sticker on its books saying “The price of this book at retail is $1 net. No dealer is licensed to sell it at a lower price” (the sticker trick didn’t work).

Despite its long pedigree, the power of the first sale rule has shrank dramatically in the digital age. The reason is that copyright owners, wary of how easy it is to copy and share works online, have found a way to make sure that no one technically buys a book, music album or video in the first place.

Rather than selling the books or songs outright, publishers are instead giving consumers a license to use the work. This means that there is no “sale” in the legal sense of the word, and so the first sale rule doesn’t apply.

While this licensing system gives publishers more control, it also means consumers can’t do many of the things they have always done with physical property: sell it, or lend it to friend or leave it to loved ones in a will.

A digital first sale right?

The House Judiciary Committee, which is in the process of reviewing U.S. copyright law, held a field hearing in New York on Monday to get the views of publisher John Wiley, the New York Public Library, and tech CEO John Ossenmacher among others as to whether Congress should require a digital resale right.

For practical purposes, a change in the law could mean giving consumers the right to sell their iTunes library, or to lend ebooks bought on Barnes & Noble to a friend.

The mood at the committee hearing, chaired by Rep. Bob Goodlatte (R-Va), was skeptical, however. Several of the witnesses pointed out that requiring first sale for digital media, which is so easy to exchange and reproduce, would likely bring major harm to the primary market for books and music. Others noted that second hand digital files don’t really become “used” or become deteriorated like books and records.

The only one to argue forcefully for a digital first sale right was Ossenmacher, who once offered a digital locker service called ReDigi that allowed people to sell songs to one another. A federal judge ruled the service liable for copyright infringement last year, rejecting ReDigi’s argument that its technology, which checks to make sure the original owner hasn’t kept a copy of what he or she is selling, made it eligible for the first sale rule.

Ossenmacher claimed at the hearing that technology like ReDigi’s makes it possible to create online equivalents of book and record stores. Although the members of Congress and other witnesses didn’t appear to agree, some did express concern that the current licensing system is too harsh on consumers.

Meanwhile, attorney Sherwin Siy of Public Knowledge, a consumer advocacy group, warned that publishers have started trying to get around the first sale doctrine in the physical world too. Siy pointed to the example of a legal textbook publisher who tried to impose a software-style license on its books, requiring students to return the books rather than resell them.

Overall, though, the most popular solution to the problem of diminished property rights appears to be better licenses.
http://gigaom.com/2014/06/06/should-...digital-music/





Redmond is Patching Windows 8 But NOT Windows 7, Say Security Bods

New tool checks differences, could lead to 0-day bonanza
Darren Pauli

Microsoft has left Windows 7 exposed by only applying patches to its newest operating systems.

Researchers found the gaps after they scanned 900 Windows libraries and uncovered a variety of security functions that were updated in Windows 8 but not in 7. They said the shortcoming could lead to the discovery of zero day vulnerabilities.

The missing safe functions were part of Microsoft's dedicated libraries intsafe.h and strsafe.h that help developers combat various attacks.

Researcher Moti Joseph (@gamepe) - formerly of Websense - speculated Microsoft had not applied fixes to Win 7 to save money.

"Why is it that Microsoft inserted a safe function into Windows 8 [but not] Windows 7? The answer is money - Microsoft does not want to waste development time on older operating systems ... and they want people to move to higher operating systems," Joseph said in a presentation at the Troopers14 conference.

Microsoft has been contacted for comment.

Together with malware analyst Marion Marschalek (@pinkflawd), the duo developed a capable diffing (comparison) tool dubbed DiffRay which would compare Windows 8 with 7, and log any safe functions absent in the older platform.

It was "scary simple", Marschalek said, and faster than finding vulnerabilities by hand.

DiffRay GUI and flow chart
Security bods could then probe and pluck those functions to identify vulnerabilities and exploits.

In a demonstration of DiffRay, the researchers found four missing safe functions in Windows 7 that were present in 8.

"If we get one zero-day from this project, it's worth it," Joseph said.

Future work will extend DiffRay's capabilities to find potential vulnerabilities in Windows 8.1, add intelligence to trace input values for functions and incorporate more intelligent signatures used to find potential holes. Duplicates and abundant false positives in the current version would also be ironed out.

The presentation slides were available online. (Here in pdf.)
http://www.theregister.co.uk/2014/06...searchers_say/





Cable Companies are Astroturfing Fake Consumer Support to End Net Neutrality
Lee Fang

Consumer advocates everywhere are demanding that the Federal Communication Commission continue down its current path for shelving net neutrality and allowing a two-tiered internet. That is, if cable company-created front groups and other industry-funded organizations are to be believed.

The controversy, at the moment, rests on a legal distinction. A federal lawsuit filed by Verizon has forced the FCC into a corner by creating a standard under which effective net-neutrality rules##—which ensure all internet traffic is treated equally—can only be reached, according to most analysts, by classifying the internet as a "common carrier," or in other words, a public utility. Such a distinction would allow the FCC to demand that internet service providers, like Comcast or Verizon, are not allowed to create internet slow lanes and fast lanes.

To the surprise of probably no one, ISPs are enraged at the prospect of being classified as a utility and are fighting back. But the attacks are not fully transparent. Many of the organizations protesting a move toward classifying ISPs as a utility, which is the only likely option for enacting net neutrality, are funded by the ISP lobby.

Take this opinion column by former Republican Senator John Sununu and former Democratic Congressman Harold Ford in the San Francisco Chronicle. The pair argues that reclassification would lead to "chronic underinvestment" in broadband services while threatening job loss. The disclaimer running under their byline says they are honorary co-chairs of Broadband for America, which the paper describes as "a coalition of 300 internet consumer advocates, content providers, and engineers."

A disclosure obtained by VICE from the National Cable and Telecom Association (NCTA), a trade group for ISPs, shows that the bulk of Broadband for America's recent $3.5 million budget is funded through a $2 million donation from NCTA. Last month, Broadband for America wrote a letter to the FCC bluntly demanding that the agency “categorically reject” any effort toward designating broadband as a public utility. It wasn't signed by any internet consumer advocates, as the Sununu-Ford letter suggests. The signatures on the letter reads like a who's who of ISP industry presidents and CEOs, including AT&T's Randall Stephenson, Cox Communications' Patrick Esser, NCTA president (and former FCC commissioner) Michael Powell, Verizon's Lowell McAdam, and Comcast's Brian Roberts.

Notably, Broadband for America's most recent tax filing shows that it retained the DCI Group, an infamous lobbying firm that specializes in creating fake citizen groups on behalf of corporate campaigns.

Another group leading the charge is the American Consumer Institute. The organization recently filed a letter with the FCC opposing reclassification, and argues that ISPs should be left alone. "The fact is that the broadband market is competitive and becoming more so," wrote ACI, which claims that consumers currently enjoy "increased choice." In January, ACI called the Verizon lawsuit that struck down the original FCC net-neutrality guidelines, "a victory for consumers."

Why would a self-professed consumer advocacy group not only oppose moving toward net neutrality but claim that America's broadband market—one of the slowest, most expensive in the industrialized world with fewer than three choices in many parts of the country—is so great?

Perhaps because ACI, like Broadband for America, is financed by an ISP lobby group. Annual tax returns show that a foundation controlled by lobbyists from the cell phone industry, called MyWireless.org, has contributed to ACI since 2010.

Other cable-funded allies have helped spread doubt about net neutrality. "If broadband providers want to start charging Netflix and Google for hogging all the bandwidth, that is their right as the owners of those networks," said Jim Lakely of the Heartland Institute, who called net neutrality regulations "a solution in search of a problem."

Leaked documents from the Heartland Institute, a conservative think tank famous for shilling on behalf of corporate donors, show major funds from Comcast, AT&T, and Time Warner Cable.

The push for reclassifying broadband as a utility may be an uphill battle. As VICE first reported, the FCC is led by a former cable-industry lobbyist, and many of his chief staffers are also former Comcast attorneys. Several new FCC staffers previously lobbied the agency against net neutrality in the past.

Still, the public is beginning to mobilize around the issue. Advocacy organizations focused on promoting a free and fair Internet, including Free Press, Color of Change, the National Hispanic Media Coalition, Demand Progress, and others, are using the FCC comment period, in which the agency is soliciting outside feedback about the rule-making, as an opportunity to organize the public.

Last Sunday, John Oliver rallied viewers of his HBO show, Last Week Tonight, to submit comments to the FCC in support of net neutrality. The response has overwhelmed the agency with thousands of comments.
http://www.vice.com/read/cables-comp...net-neutrality





John Oliver's Net Neutrality Response Swamps FCC

The agency's comment system, accepting public input on proposed Net neutrality rules, buckles after the comedian tells Internet trolls to pile on.
Joan E. Solsman

When the Federal Communications Commission released its proposed Net Neutrality regulations, Chairman Tom Wheeler said the founding fathers were likely looking down on the public outcry over the draft rules and smiling.

They must be laughing hysterically now.

The FCC's online public-comment system stumbled under heavy traffic Monday after comedian John Oliver capped a 13-minute segment about Net neutrality -- the concept that all Internet content should be delivered without preference or discrimination -- with a rallying cry to the Internet's trolls to visit the FCC's website and "focus your indiscriminate rage in a useful direction."

Net neutrality regulations could have the power to stifle or preserve technological innovation and freedom of speech, as well as influence how quickly you get emails, whether your Netflix streams buffer, and how much you pay for Internet connection and services that exist there.

The clip, from Oliver's HBO program "Last Week Tonight" on Sunday, was shared widely on social networks like Twitter, with the YouTube clip's view count approaching the 700,000 mark. Oliver's program itself was watched by 1 million viewers during its first airing, according to TV by the Numbers, a website that reports television ratings from Nielsen.

After Net neutrality regulations set in 2010 were thrown by a federal appeals court earlier this year, the FCC's next move was watched closely by consumer advocates, Internet companies, service providers and the tech press -- and, increasingly, mainstream consumers sometimes uncertain about what the subject even means. Elements of Wheeler's draft rule were leaked, and public confusion -- about whether these were proposals or instituted rules, what was actually being proposed, and how the Internet works -- were difficult to dispel.

As with any good comedian, Oliver's chief goal was to land solid laughs. For facts about Net neutrality and the FCC's proposals, check coverage from CNET's Marguerite Reardon, who has covered the issues extensively.
http://www.cnet.com/news/john-oliver...ry-swamps-fcc/





German Villagers Build Own Broadband Network
AFP

Hacked off with slow download speeds the locals of Löwenstedt clubbed together the cash to build their own super-fast internet service to the delight of the village's tiny population.

Too isolated and with few inhabitants, the tiny village of Löwenstedt in northern Germany is simply too small to show up on the radars of national Internet operators.

So the villagers took their digital fate into their own hands and built a broadband Internet network of their own.

Peter Kock, who runs an agricultural technology supply firm in the village, couldn't be happier.

Data files that used to take two hours to load onto his computer screen now appear in just 30 seconds. "It's brilliant. There's no comparison," he enthused.

And that benefits his customers, too, because thanks to the new high-speed connection he can check the availability of parts much more rapidly.

Surrounded by wind power generators and fields, around 30 kilometres (18 miles) from the Danish border, the picturesque brick houses and gardens of Löwenstedt, with its population of just 640, are spread over about 200 hectares (500 acres).

With around 22 kilometres of network needed to link up all of the houses to the high-speed data highway, "we would never have found a company willing to supply the necessary fibre-optics," said mayor Holger Jensen.

Some 58 other communities in Northern Friesland face similar difficulties and so the idea was born of clubbing together - businesses, individuals and villages - to secure access to a modern technology that is taken for granted in most German towns and cities.

Mounted on the walls of Kock's store room are two white boxes bearing the initials BBNG or Citizens' Broadband Network Company, set up in 2012 to collect the funds and build the fibre-optic network.

The firm with five staff has collected more than €2.5 million ($3.4 million) in funds, thanks to its 925 shareholders who each contributed a minimum of €1,000, said BBNG chief Ute Gabriel-Boucsein.

Solidarity is high in a village like Löwenstedt. And 94 percent of households, like that of Kock and his family, pledged to sign up to the network for two years before it was even built.

Kock also invested €5,000 in BBNG. And his parents who live across the road, aged 76 and 73, invested €1,000.

They receive interest from leasing the network, built in March at a cost of €800,000 to Internet supplier TNG.

"We're too small. Without this initiative we would have been forgotten," said Kock, who added that he feels reassured that his parents would be able to benefit from the advantages of tele-medecine and other technological advances allowing elderly people to continue living in their own homes.

"Living in the country with the luxuries of the town," said mayor Jensen, who is also a farmer, and who says high-speed Internet will enable him to take better care of his livestock.

But there are also wider benefits. The presence of a high-speed Internet network could stem the exodus of young people, help keep companies in the region, support property prices and make the region, which is close to the North Sea, more attractive to tourists.

For now, however, it is only the village of Löwenstedt that has succeeded in mobilizing the solidarity of its inhabitants to build a high-speed Internet network. Other villages have been slower and found it more difficult to follow Löwenstedt's lead.

"At least 68 percent of households in a village have to promise to subscribe to the fibre-optic network before we start work," said BBNG chief Ute Gabriel-Boucsein.

At the end of 2013, just 18 percent of Germany had access to networks with speeds up 10 megabytes per second and above, according to consultancy firm Akamai.

The German government has promised networks of at least 50 megabytes per second by 2018.

"But they don't say how they plan to achieve that," said Gabriel-Boucsein, adding that she was certain that Löwenstedt would remain excluded from such a digital El Dorado.
http://www.thelocal.de/20140601/germ...adband-network





Google Invests in Satellites to Spread Internet Access

Company projects spending more than $1 billion to connect unwired reaches of the globe
Alistair Barr and Andy Pasztor

Google Inc. GOOGL +0.19% plans to spend more than $1 billion on a fleet of satellites to extend Internet access to unwired regions of the globe, people familiar with the project said, hoping to overcome financial and technical problems that thwarted previous efforts.

Details remain in flux, the people said, but the project will start with 180 small, high-capacity satellites orbiting the earth at lower altitudes than traditional satellites, and then could expand.

Google's satellite venture is led by Greg Wyler, founder of satellite-communications startup O3b Networks Ltd., who recently joined Google with O3b's former chief technology officer, the people said. Google has also been hiring engineers from satellite company Space Systems/Loral LLC to work on the project, according to another person familiar with the hiring initiative.

Mr. Wyler has between 10 and 20 people working for him at Google and reports to Craig Barratt, who reports to Chief Executive Larry Page, one of the people said. Mr. Wyler couldn't be reached.

The projected price ranges from about $1 billon to more than $3 billion, the people familiar with the project said, depending on the network's final design and a later phase that could double the number of satellites. Based on past satellite ventures, costs could rise.

Google's project is the latest effort by a Silicon Valley company to extend Internet coverage from the sky to help its business on the ground. Google and Facebook Inc. FB -0.83% are counting on new Internet users in underserved regions to boost revenue, and ultimately, earnings.

Google's Project Loon is designing high-altitude balloons to provide broadband service to remote parts of the world. In April, Google acquired Titan Aerospace, which is building solar-powered drones to provide similar connectivity. Facebook has its own drone effort.

"Google and Facebook are trying to figure out ways of reaching populations that thus far have been unreachable," said Susan Irwin, president of Irwin Communications Inc., a satellite-communications research firm. "Wired connectivity only goes so far and wireless cellular networks reach small areas. Satellites can gain much broader access."

Google's efforts to deliver Internet service to unserved regions—through balloons, drones and satellites—are consistent with its approaches to other new markets. Even if one or more projects don't succeed, Google can often use what it learned in other areas.

A Google spokeswoman said the company is focused on bringing hundreds of millions of additional people online. "Internet connectivity significantly improves people's lives. Yet two thirds of the world have no access at all," she said. She declined further comment.

Tim Farrar, head of satellite-consulting firm TMF Associates, expects Project Loon's balloons eventually to be replaced by Titan's drones. Drones and satellites complement each other, he said, with drones offering better high-capacity service in smaller areas, and satellites offering broader coverage in areas with less demand.

Mr. Farrar worked as a consultant for Teledesic LLC, which tried to build a constellation of low-earth-orbit satellites to deliver Internet service in the 1990s. Teledesic, backed by Microsoft Corp. MSFT +1.49% and telecommunications entrepreneur Craig McCaw, considered using drones to provide additional capacity for the satellite system in some areas, he said. The more than $9 billion project halted satellite assembly in 2002 amid technical hurdles and cost overruns.

Earlier, Iridium Satellite LLC went into Chapter 11 bankruptcy reorganization less than a year after starting voice and data services in 1998.

History is replete with ambitious satellite plans that failed, according to Roger Rusch, who runs TelAstra Inc., a satellite-industry consulting firm. Google's project will end up "costing far more than they can imagine today," he said, perhaps as much as $20 billion. "This is exactly the kind of pipe dream we have seen before."

Google also will have to overcome regulatory hurdles, including coordinating with other satellite operators so its fleet doesn't interfere with others.

O3b, in which Google was an early investor, has been working on providing broadband Internet connectivity from satellites weighing about 1,500 pounds each. O3b has been planning to launch about a dozen satellites, aiming to serve large areas on either side of the equator.

Google hopes to cover the entire globe with more, but smaller, satellites weighing less than 250 pounds, the people familiar with the project said.

Jamie Goldstein, an O3b director and a partner at North Bridge Venture Partners, which backs the company, said he couldn't comment on what Mr. Wyler is working on, citing a nondisclosure agreement with Google. An O3b spokeswoman didn't respond to requests for comment.

During a conference in March, Google CEO Mr. Page mused about spanning the globe with Internet access delivered by Project Loon. "I think we can build a world-wide mesh of these balloons that can cover the whole planet," he said, noting that they are cheaper and faster to launch than satellites.

But satellites are more flexible and provide greater capacity. In recent years, costs to build and launch satellites have dropped sharply, according to Neil Mackay, CEO of Mile Marker 101, an advisory firm.

Consultant Mr. Farrar estimated that 180 small satellites could be launched for as little as about $600 million.

If Google succeeds, it "could amount to a sea change in the way people will get access to the Internet, from the Third World to even some suburban areas of the U.S.," said Jeremy Rose of Comsys, a London-based satellite consulting firm.

Google also is hoping to take advantage of advances in antennas that can track multiple satellites as they move across the sky. Antennas developed by companies including Kymeta Corp. have no moving parts and are controlled by software, which reduces manufacturing and maintenance costs.

Kymeta hopes to sell its ground-antenna systems for hundreds of dollars, said CEO Vern Fotheringham. They would substitute for phased-array antennas which cost roughly $1 million a decade ago, he said.

Kymeta supplies antenna technology for O3b and worked closely with Brian Holz, a former O3b chief technology officer. Mr. Holz recently joined Google's satellite project, along with Mr. Wyler and David Bettinger, technology chief of satellite-communications company VT iDirect Inc., Mr. Fotheringham said.

Technology news website the Information reported on May 27 that Google had hired Messrs. Holz and Bettinger for a satellite project.

"Google certainly has the resources to do something exciting in this area," Mr. Fotheringham said. "We and everyone else in the industry are keen to hear more about what they're working on."

—Evelyn M. Rusli contributed to this article.
http://online.wsj.com/news/article_e...MDAwMTEwNDEyWj





Google Offers New Encryption Tool
Nicole Perlroth

The National Security Agency’s snooping is about to get more difficult.

Google on Tuesday released the source code for a new extension to its Chrome browser that will make it a lot easier for users to encrypt their email.

The tool, called End-to-End, uses an open-source encryption standard, OpenPGP, that will allow users to encrypt their email from the time it leaves their web browser until it is decrypted by the intended recipient. It will also allow users to easily read encrypted messages sent to their web mail service. The tool will require that users and their recipients use End-to-End or another encryption tool to send and read the contents.

This could be a major blow to the N.S.A. Despite numerous cryptographic advances over the past 20 years, end-to-end email encryption like PGP and GnuPG is still remarkably labor-intensive and require a great deal of technical expertise. User mistakes — not errors in the actual cryptography — often benefited the N.S.A. in its decade-long effort to foil encryption.

“It’s important that the government not overstep,” Eric Grosse, Google’s chief of security, said in an interview last week. “We don’t want any government breaking the security of the Internet.”

Google’s new tool may make the NSA and other intelligence agencies’ jobs more difficult. While end-to-end encryption does not eliminate the potential for an attacker or government agency to read a target’s messages, it forces them to hack directly into their computer to read messages rather than catching them in transit, or gathering them through a secret court order to their communications provider.

Speaking by videoconference at the South by Southwest conference in Austin, Tex., this year, Edward J. Snowden, the former N.S.A. contractor, challenged technologists to offer easier end-to-end encryption, saying it would result in a “more constitutional, more carefully overseen enforcement model.”

Until now, technology companies have been hesitant to provide end-to-end encryption because it excludes companies like Google and Yahoo from gathering data from messages that can be sold for targeted advertising. None of the major technology providers have signed on to Dark Mail Alliance, a partnership announced last year by Silent Circle and Lavabit, two privacy-conscious communications providers, that offered companies like Microsoft, Google and Yahoo a new end-to-end encrypted email protocol.

Privacy activists have criticized Google and other companies for not supporting end-to-end encryption sooner.

“Google wants to sit between you and everyone you interact with and provide some kind of added value,” Christopher Soghoian, the principal technologist of the American Civil Liberties Union, said on the SXSW panel with Mr. Snowden. ”They want to be in that connection with you, and that makes it difficult to secure those connections.”

But Google’s announcement on Tuesday showed that the company has heard those concerns.

“We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection,” Stephan Somogyi, a Google privacy and security product manager, wrote in a company blog post. “But we hope that the End-to-End extension will make it quicker and easier for people to get that extra layer of security should they need it.”

It will take more time for users to put End-to-End into effect. On Tuesday, Google released the early draft of its open source End-to-End code for cryptographers, privacy activists and engineers to inspect for mistakes and back doors. Google’s bug bounty program, called its Vulnerability Reward Program, offers security researchers money if they find security bugs in the code, for End-to-End and other products.

Separately, Google released new numbers on Tuesday in a report showing how far companies still need to go to secure user communications. Google automatically encrypts web traffic as it travels from its servers around the Internet, but if the communications provider on the other end does not also support encryption, then the communications aren’t protected.

Google said 40 to 50 percent of emails sent between Gmail and other email providers are not encrypted. Less than 1 percent of traffic between Google and Comcast is encrypted, for example, while more than 95 percent of traffic between Google, Yahoo, Facebook, Twitter, Craigslist and Amazon remains encrypted.

Charlie Douglas, a Comcast spokesman, said the company was currently testing encryption with large websites and email providers and planned to turn on encryption with Google in a matter of weeks. He said Comcast engineers would be on a conference panel next week to discuss best practices and road maps for switching on encryption with other email providers as well.

“We are supportive of, and want to drive adoption of, encryption,” Mr. Douglas said.

Microsoft, which announced earlier this year that it planned to switch on encryption by the end of the year, still has some work to do. Roughly only half the traffic between Google and Microsoft services like Hotmail stays encrypted.

Google’s data will no doubt be used by privacy activists to shame companies that do not support encryption. And indeed, on Tuesday afternoon, Mr. Soghoian had already tweeted a link to Google’s report. “They name,” he wrote. “We shame.”
http://bits.blogs.nytimes.com/2014/0...cryption-tool/





Internet Giants Erect Barriers to Spy Agencies
David E. Sanger and Nicole Perlroth

Just down the road from Google’s main campus here, engineers for the company are accelerating what has become the newest arms race in modern technology: They are making it far more difficult — and far more expensive — for the National Security Agency and the intelligence arms of other governments around the world to pierce their systems.

As fast as it can, Google is sealing up cracks in its systems that Edward J. Snowden revealed the N.S.A. had brilliantly exploited. It is encrypting more data as it moves among its servers and helping customers encode their own emails. Facebook, Microsoft and Yahoo are taking similar steps.

After years of cooperating with the government, the immediate goal now is to thwart Washington — as well as Beijing and Moscow. The strategy is also intended to preserve business overseas in places like Brazil and Germany that have threatened to entrust data only to local providers.

Google, for example, is laying its own fiber optic cable under the world’s oceans, a project that began as an effort to cut costs and extend its influence, but now has an added purpose: to assure that the company will have more control over the movement of its customer data.

A year after Mr. Snowden’s revelations, the era of quiet cooperation is over. Telecommunications companies say they are denying requests to volunteer data not covered by existing law. A.T.&T., Verizon and others say that compared with a year ago, they are far more reluctant to cooperate with the United States government in “gray areas” where there is no explicit requirement for a legal warrant.

But governments are fighting back, harder than ever. The cellphone giant Vodafone reported on Friday that a “small number” of governments around the world have demanded the ability to tap directly into its communication networks, a level of surveillance that elicited outrage from privacy advocates.

Vodafone refused to name the nations on Friday for fear of putting its business and employees at risk there. But in an accounting of the number of legal demands for information that it receives from 14 companies, it noted that some countries did not issue warrants to obtain phone, email or web-searching traffic, because “the relevant agencies and authorities already have permanent access to customer communications via their own direct link.”

The company also said it had to acquiesce to some governments’ requests for data to comply with national laws. Otherwise, it said, it faced losing its license to operate in certain countries.

Eric Grosse, Google’s security chief, suggested in an interview that the N.S.A.'s own behavior invited the new arms race.

“I am willing to help on the purely defensive side of things,” he said, referring to Washington’s efforts to enlist Silicon Valley in cybersecurity efforts. “But signals intercept is totally off the table,” he said, referring to national intelligence gathering.

“No hard feelings, but my job is to make their job hard,” he added.

In Washington, officials acknowledge that covert programs are now far harder to execute because American technology companies, fearful of losing international business, are hardening their networks and saying no to requests for the kind of help they once quietly provided.

Robert S. Litt, the general counsel of the Office of the Director of National Intelligence, which oversees all 17 American spy agencies, said on Wednesday that it was “an unquestionable loss for our nation that companies are losing the willingness to cooperate legally and voluntarily” with American spy agencies.

“Just as there are technological gaps, there are legal gaps,” he said, speaking at the Wilson Center in Washington, “that leave a lot of gray area” governing what companies could turn over.

In the past, he said, “we have been very successful” in getting that data. But he acknowledged that for now, those days are over, and he predicted that “sooner or later there will be some intelligence failure and people will wonder why the intelligence agencies were not able to protect the nation.”

Companies respond that if that happens, it is the government’s own fault and that intelligence agencies, in their quest for broad data collection, have undermined web security for all.

Many point to an episode in 2012, when Russian security researchers uncovered a state espionage tool, Flame, on Iranian computers. Flame, like the Stuxnet worm, is believed to have been produced at least in part by American intelligence agencies. It was created by exploiting a previously unknown flaw in Microsoft’s operating systems. Companies argue that others could have later taken advantage of this defect.

Worried that such an episode undercuts confidence in its wares, Microsoft is now fully encrypting all its products, including Hotmail and Outlook.com, by the end of this year with 2,048-bit encryption, a stronger protection that would take a government far longer to crack. The software is protected by encryption both when it is in data centers and when data is being sent over the Internet, said Bradford L. Smith, the company’s general counsel.

Mr. Smith also said the company was setting up “transparency centers” abroad so that technical experts of foreign governments could come in and inspect Microsoft’s proprietary source code. That will allow foreign governments to check to make sure there are no “back doors” that would permit snooping by United States intelligence agencies. The first such center is being set up in Brussels.

Microsoft has also pushed back harder in court. In a Seattle case, the government issued a “national security letter” to compel Microsoft to turn over data about a customer, along with a gag order to prevent Microsoft from telling the customer it had been compelled to provide its communications to government officials. Microsoft challenged the gag order as violating the First Amendment. The government backed down.

Hardware firms like Cisco, which makes routers and switches, have found their products a frequent subject of Mr. Snowden’s disclosures, and their business has declined steadily in places like Asia, Brazil and Europe over the last year. The company is still struggling to convince foreign customers that their networks are safe from hackers — and free of “back doors” installed by the N.S.A. The frustration, companies here say, is that it is nearly impossible to prove that their systems are N.S.A.-proof.

Most American companies said they never knowingly let the N.S.A. weaken their systems, or install back doors. But Mr. Snowden’s documents showed how the agency found a way.

In one slide from the disclosures, N.S.A. analysts pointed to a sweet spot inside Google’s data centers, where they could catch traffic in unencrypted form. Next to a quickly drawn smiley face, an N.S.A. analyst, referring to an acronym for a common layer of protection, had noted, “SSL added and removed here!”

Google was already suspicious that its internal traffic could be read, and had started a program to encrypt the links among its internal data centers, “the last chink in our armor,” Mr. Grosse said. But the slide gave the company proof that it was a regular target of the N.S.A. “It was useful to have proof, in terms of accelerating a project already underway,” he said.

Facebook and Yahoo have also been encrypting traffic among their internal servers. And Facebook, Google and Microsoft have been moving to more strongly encrypt consumer traffic with so-called Perfect Forward Secrecy, specifically devised to make it more labor intensive for the N.S.A. or anyone to read stored encrypted communications.

One of the biggest indirect consequences from the Snowden revelations, technology executives say, has been the surge in demands from foreign governments that saw what kind of access to user information the N.S.A. received — voluntarily or surreptitiously. Now they want the same.

At Facebook, Joe Sullivan, the company’s chief security officer, said it had been fending off those demands and heightened expectations.

Until last year, technology companies were forbidden from acknowledging demands from the United States government under the Foreign Intelligence Surveillance Act. But in January, Google, Facebook, Yahoo and Microsoft brokered a deal with the Obama administration to disclose the number of such orders they receive in increments of 1,000.

As part of the agreement, the companies agreed to dismiss their lawsuits before the Foreign Intelligence Surveillance Court.

“We’re not running and hiding,” Mr. Sullivan said. “We think it should be a transparent process so that people can judge the appropriate ways to handle these kinds of things.”

The latest move in the war between intelligence agencies and technology companies arrived this week, in the form of a new Google encryption tool. The company released a user-friendly, email encryption method to replace the clunky and often mistake-prone encryption schemes the N.S.A. has readily exploited.

But the best part of the tool was buried in Google’s code, which included a jab at the N.S.A.'s smiley-face slide. The code included the phrase: “ssl-added-and-removed-here-; - )”
http://www.nytimes.com/2014/06/07/te...-agencies.html





Sealed Court Files Obscure Rise in Electronic Surveillance

Law-enforcement requests to monitor cellphones are routinely sealed—and stay that way
Jennifer Valentino-Devries

The U.S. government requests thousands of orders for electronic surveillance every year, and the vast majority stay sealed from the public. The Wall Street Journal explains the process.

In eight years as a federal magistrate judge in Texas, Brian Owsley approved scores of government requests for electronic surveillance in connection with criminal investigations—then sealed them at the government's request. The secrecy nagged at him.

So before he left the bench last year, the judge decided to unseal more than 100 of his own orders, along with the government's legal justification for the surveillance. The investigations, he says, involved ordinary crimes such as bank robbery and drug trafficking, not "state secrets." Most had long since ended.

A senior judge halted the effort with a one-paragraph order that offered no explanation for the decision and that itself was sealed. Mr. Owsley's orders remain buried in folders in a federal courthouse overlooking Corpus Christi Bay. "It's like something out of Kafka," says Mr. Owsley, recently a visiting law professor at Texas Tech University.

Across the U.S., thousands of similar law-enforcement requests for electronic monitoring are likewise locked away from public view, even after the investigations that spawned them have ended. In most cases, they stay sealed indefinitely—unlike nearly all other aspects of American judicial proceedings. Courts long have presumed that search warrants, for example, eventually should be made public.

Several judges and former prosecutors say most of the files under consideration don't involve the kind of national-security matters that led the National Security Agency to gather phone data on millions of Americans. Yet the sealed cases involve some of the same kinds of electronic-tracking methods: monitoring numbers dialed and received by specific phones; recording the "to" and "from" lines in email communications; tracking phone locations; and in some cases, so-called tower dumps, which reveal all the cellphones connected to a single transmission tower at a specified time. Getting permission to use the techniques is easier than getting a search or wiretap warrant.

There is general agreement that judges should be able to keep some material about ongoing probes hidden from public view. What Mr. Owsley and some other federal magistrates question is whether investigators are pushing the boundaries of what is allowed under the federal law enabling the electronic surveillance. The ubiquitous confidentiality, they say, makes it difficult for the public and lawmakers to monitor whether the U.S. is abiding by the law's intent.

"Congress can't regulate what it can't see," says Stephen Smith, a Houston magistrate judge who has written extensively on electronic surveillance. "In fact, it's difficult for me to find out what's going on in another district if the case is sealed."

The government argues that orders need to be sealed to prevent surveillance targets from learning they are under investigation, which could prompt them to change their communication patterns or flee. Prosecutors don't want to let "associates who are still under investigation become aware of specific investigative techniques," said Patricia J. Kenney, an assistant U.S. attorney in the Northern District of California, in a court declaration in September.

Data obtained by The Wall Street Journal from the Justice Department and various federal district courts suggest that electronic-surveillance orders have increased over the past decade and that the vast majority remain sealed. The Journal this week filed legal motions in a Texas federal court to unseal several cases, including some of the former Judge Owsley's.

The increases come amid an explosion in the number of people regularly using cellphones and email. As tools for monitoring electronic communications become more accessible to investigators, such tracking has become more routine and useful in criminal investigations.

Federal courts allowed one surveillance tool called a "pen register"—which records dialed phone numbers and Internet addresses—18,760 times in 2012, according to data released by the Justice Department after a Journal request. That is more than triple the number in 2003, when there were 5,922 such orders.

Requests for location data on phones and vehicles, in particular, increased in the federal courts that provided long-term data. In one of the busiest districts, the Southern District of Florida, requests for cellphone location data and other electronic tracking more than quadrupled in the past decade, according to a Journal analysis.

In the Houston division of the Southern District of Texas, another busy court, requests for detailed location data and tracking rose from 16 in 2004 to 150 in 2013.

"There are all sorts of techniques that can be used now," particularly with cellphone data, says Joel Gonzalez, a partner at Cote & Gonzalez in San Antonio and a former assistant U.S. attorney in the Southern District of Texas. Such data can establish communications patterns among groups of suspects, for example, or tie someone to a location near where a crime occurred.

The Journal contacted 25 federal districts about sealing procedures and reviewed more than 2,000 records of court filings on electronic-surveillance applications from three of the federal districts with the largest criminal caseloads. More than 90% of the applications were listed as being under seal.

The Western District of Texas, the nation's busiest last year by number of criminal cases, stores its surveillance orders in the basement of the John Wood Courthouse in San Antonio. They sit in hundreds of red file folders on metal shelves behind a thick-glass window and a door locked with a keypad.

"Absolutely no information can be given out" on the orders, said divisional-office manager Michael Oakes. "It's pretty strict here."

Unlike with search or wiretap warrants, prosecutors don't have to eventually disclose the surveillance to the target. Unless prosecutors don't request a seal at the outset, or a judge stipulates otherwise, the surveillance orders stay confidential indefinitely under the law.

The government has said that even after a suspect is apprehended or an investigation dropped, unsealing can reveal informants and cooperators and the technical tools used. A Justice Department spokesman said sealing also protects the privacy of people under surveillance but ultimately never charged with a crime, and that the department turns over any orders that might be "exculpatory or otherwise useful" to defendants. Any criminal charges that arise from an investigation are generally a matter of public record.

Decisions about secrecy of most electronic-surveillance orders fall to magistrate judges, who are appointed to eight-year terms by federal district judges and handle pretrial duties including approval of search warrants.

Some magistrates and privacy advocates say surveillance tools have advanced in ways not anticipated by the laws the Justice Department often relies on. They say the principal law governing this type of electronic surveillance—the Electronic Communications Privacy Act, which took effect in 1986, before widespread Internet usage and location tracking—is outdated.

The law passed following a Supreme Court decision saying investigators don't need a warrant to get information on the phone numbers people dial. Congress decided that the government should get some kind of court order. When the law took effect, investigators mainly applied it to land lines. Now, they use it to collect various information about cellphones and Internet use.

To get a court order for a pen register under the law, the government must certify that the information likely to be obtained is "relevant to an ongoing criminal investigation." That standard is well below the "probable cause"—generally, a reasonable belief based on factual evidence—required for a search warrant or a wiretap order. A related law enables the government to get subscriber records from communications companies, including information on previous phone locations and calls made, without a warrant.

In many districts, the government has combined pen-register requests and records requests to get ongoing cellphone location data on suspects.

The Justice Department spokesman says the government has a general policy of seeking a search warrant when getting information on people who are in places where they would have a "reasonable expectation of privacy," such as inside their homes.

There has been periodic talk in Congress about amending the law, including requiring warrants for location tracking, but no significant changes have passed.

The communications companies that must divulge the information stipulated in the orders also aren't allowed to talk about the surveillance, says lawyer Mark Eckenwiler, who represents such companies at Perkins Coie LLP and until 2012 was the Justice Department's primary authority on federal surveillance law. "I regularly see this come across my desk, sent to our clients," he says. "They don't even say 'until further order of the court' or that the court can or will modify it. It's just, dead stop, a permanent injunction"—something he contends violates the First Amendment.

The Justice Department says it makes "no broad generalizations or presumptions" about when matters should remain sealed and that sealing doesn't always need to be permanent.

But when it comes to unsealing old orders, especially many at once, the department sometimes has balked, concerned about putting people in danger. "It is difficult, years after the sealing of applications and orders, to determine the potential harm from the unsealing of these documents," Ms. Kenney, the assistant U.S. attorney, said in her recent court statement regarding a Freedom of Information Act request by the American Civil Liberties Union to get information on location tracking. She added that a systematic review of sealed documents would be impractical.

In the U.S. District Court in Arizona, a proposed change to court rules would unseal pen registers and tracking-device warrants after 180 days unless the government showed reason for it to stay sealed.

A few magistrates have individually challenged sealing procedures. In 2008, Magistrate Judge Smith began unsealing all his new surveillance orders after six months unless prosecutors actively moved to extend the secrecy, arguing that indefinite limits on disclosure violated the First Amendment.

Two of his unsealed 2010 cases reveal the nature of electronic-surveillance orders. In one case, investigators wanted a pen register and records order to track phone numbers and cellphone location for a suspect they believed was trafficking in methamphetamine. In the other, they sought the same to investigate a suspected heroin dealer.

Some applications involve more controversial technology. In 2011, magistrate judges in California complained that investigators were applying for pen registers without explicitly saying they wanted to use sophisticated cellphone-location trackers, called "stingrays," which can be used to locate suspects. Stingrays gather phone-number information, along with other data transmitted by cellphones, by acting as fake cellphone towers. The 1986 surveillance law doesn't contemplate such technology.

Mr. Owsley, the former Texas magistrate judge, says he had similar concerns about applications for "cell-tower dumps," in which agents can obtain records of all phones within range of specified cell towers over time—including people who aren't suspected of a crime.

During his years on the bench, he says, he grew skeptical about some requests. In 2007, he denied a government request to track a suspect using the "E911" electronic cellphone system—which determines the location of the caller—without establishing probable cause.

In late 2010 or early 2011, he says, a prosecutor wanted to use a pen register to get the phone number of an unknown cellphone used in the Three Rivers federal prison in southern Texas. Mr. Owsley couldn't see how a pen register could be used to do such a thing. He says he figured the U.S. wanted to use a stingray, the device encountered by the California judges.

He says he pressed the prosecutor about the legal authority to do so. Before Mr. Owsley could get a response, prison officials located the cellphone, making the issue moot. The case remains under seal, making it impossible to identify the prosecutor involved.

In 2012, a prosecutor applied to Mr. Owsley to get cellphone records for a murder case, he says. The victim's cellphone had been stolen, and investigators believed the suspect had a cellphone, too. Investigators wanted bulk information from mobile towers so they could narrow down a list of phones that might belong to the suspect, according to Mr. Owsley's order in the case.

Mr. Owsley suspected the application was for a cell-tower dump and questioned the prosecutor about it. "It became apparent that he did not understand [the technology] well," Mr. Owsley wrote in a September 2012 opinion. Mr. Owsley denied the request, ruling that the law that allows investigators to get "customer records" from telecommunications providers without a finding of probable cause didn't address cell-tower dumps. He told prosecutors to seek a warrant.

Aside from his published order, the matter remains sealed, and the fate of the case is unclear. A Justice Department spokeswoman in Houston rejected the notion that government lawyers don't understand the technology.

Before leaving the bench, Mr. Owsley had his clerk locate every sealed case he had handled—more than 200, he believes, including matters unrelated to surveillance orders.

Mr. Owsley, who details more about his legal reasoning in a coming California Law Review article online, sought an OK from government lawyers to unseal the surveillance orders. He says the government didn't object to unsealing older matters. The Justice Department declined to comment on the matter.

Mr. Owsley says he got to work ordering documents unsealed. Then a senior judge, Hayden Head, stepped in. He called Mr. Owsley to his chambers and told him he was blocking his effort.

Judge Head, a 1981 appointee of President Reagan, said in a recent interview he believed unsealing so many orders at once was "imprudent" and "unusual." He cited "possible implications for future investigations, ongoing investigations or security." He said the only proper way to unseal the orders would be after careful review on a "case-by-case basis."

Judge Head's sealed order vacating the unsealing efforts includes a list of 146 docket numbers for applications that Mr. Owsley tried to make public.

All remain under seal.
http://online.wsj.com/news/article_e...MDAwMzEwNDMyWj





How the NSA Can 'Turn On' Your Cell Phone Remotely
Jose Pagliery

Even if you power off your cell phone, the U.S. government can turn it back on.

That's what ex-spy Edward Snowden revealed in last week's interview with NBC's Brian Williams. It sounds like sorcery. Can someone truly bring your phone back to life without touching it?

No. But government spies can get your phone to play dead.

It's a crafty hack. You press the button. The device buzzes. You see the usual power-off animation. The screen goes black. But it'll secretly stay on -- microphone listening and camera recording.

How did they get into your phone in the first place? Here's an explanation by former members of the CIA, Navy SEALs and consultants to the U.S. military's cyber warfare team. They've seen it firsthand.

Government spies can set up their own miniature cell network tower. Your phone automatically connects to it. Now, that tower's radio waves send a command to your phone's antennae: the baseband chip. That tells your phone to fake any shutdown and stay on.

A smart hack won't keep your phone running at 100%, though. Spies could keep your phone on standby and just use the microphone -- or send pings announcing your location.

John Pirc, who did cybersecurity research at the CIA, said these methods -- and others, like physically bugging devices -- let the U.S. hijack and reawaken terrorists' phones.

"The only way you can tell is if your phone feels warm when it's turned off. That means the baseband processor is still running," said Pirc, now chief technology officer of the NSS Labs security research firm.

This isn't easy to accomplish. It's a highly targeted attack. But if you are really concerned about the government's ability to reawaken your phone, here are some things you could do.

Recovery mode. Put your phone on what's known as Device Firmware Upgrade (DFU) mode. This bypasses the phone's operating system. Every phone has a different approach for this.

It's fairly easy (albeit cumbersome) for iPhone users. Plug it into a computer with iTunes open. Hold down the Power and Home buttons for 10 seconds (no less) then let go of the Power button. Wait for an iTunes pop-up. That's it.

For Android users, recovery mode varies by model. Android Magazine has a great tutorial here.

Create a barrier. Use a signal-blocking phone case. You can buy them (Off Pocket, HideCell) or even make your own -- assuming you have the patience to do so.

Pull out the battery. Without a power source, the phone can't come back on. This is the best, most surefire option. It's also, annoyingly, no longer a choice on most top-of-the-line smartphones. The iPhone, HTC One and Nokia Lumia don't have removable batteries. Luckily, the Samsung Galaxy and LG G3 still do.

Silent Circle, a company that enables top-end private communication, kept these issues in mind when it co-created the Blackphone. It has a removable battery. It uses PrivatOS, a stripped-down version of Android that reduces tracking.

And because spoofed cell towers can target its antennae too, Blackphone's makers are working with chipmaker Nvidia (NVDA, Tech30) to develop their own custom, more secure baseband chip.

Silent Circle CEO Mike Janke, a former Navy SEAL, said they designed the phone based on revelations that the NSA can find powered off phones and the FBI can tap their microphones.

You probably don't need to fear that the National Security Agency is using this strategy on your phone, Janke said. Those spies are focused on hunting down a specified list of terrorists and foreign fighters. But he noted that the FBI is using these kinds of surveillance tactics in the U.S. for all sorts of crimes.
http://money.cnn.com/2014/06/06/tech...one/index.html





U.S. Marshals Seize Local Cops’ Cell Phone Tracking Files in Extraordinary Attempt to Keep Information From Public
Nathan Freed Wessler

A run-of-the-mill public records request about cell phone surveillance submitted to a local police department in Florida has unearthed blatant violations of open government laws, including an incredible seizure of state records by the U.S. Marshals Service, which is part of the Justice Department. Today the ACLU and the ACLU of Florida filed an emergency motion in state court to preserve the public’s right of access to government records.

Over the past several months, the ACLU has filed dozens of public records requests with Florida law enforcement agencies seeking information about their use of controversial cell phone tracking devices known as “stingrays.” (The devices are also known as “cell site simulators” or “IMSI catchers.”) Stingrays track phones by mimicking service providers’ cell towers and sending out powerful signals that trick nearby phones — including phones of countless bystanders — into sending their locations and identifying information.

The Florida agencies’ responses to our requests have varied widely, with some stonewalling and others releasing records. The most recent request went to the Sarasota Police Department, and the fallout from that request has raised red flag after red flag.

RED FLAG #1: The Sarasota Police initially told us that they had responsive records, including applications filed by and orders issued to a local detective under the state “trap and trace” statute that he had relied on for authorization to conduct stingray surveillance. That raised the first red flag, since trap and trace orders are typically used to gather limited information about the phone numbers of incoming calls, not to track cell phones inside private spaces or conduct dragnet surveillance. And, such orders require a very low legal standard. As one federal magistrate judge has held, police should be permitted to use stingrays only after obtaining a probable cause warrant, if at all.

RED FLAG #2: The Sarasota Police set up an appointment for us to inspect the applications and orders, as required by Florida law. But a few hours before that appointment, an assistant city attorney sent an email cancelling the meeting on the basis that the U.S. Marshals Service was claiming the records as their own and instructing the local cops not to release them. Their explanation: the Marshals Service had deputized the local officer, and therefore the records were actually the property of the federal government.

We emphatically disagree, since the Sarasota detective created the applications, brought them to court, and retained the applications and orders in his files. Merely giving him a second title (“Special Deputy U.S. Marshal”) does not change these facts. But regardless, once the Sarasota Police Department received our records request, state law required them to hold onto the records for at least 30 days, to give us an opportunity to go to court and seek an order for release of the documents.

Instead of complying with that clear legal obligation, the local police allowed the records to disappear by letting the U.S. Marshals drive down from their office in Tampa, seize the physical files, and move them to an unknown location. We’ve seen our fair share of federal government attempts to keep records about stingrays secret, but we’ve never seen an actual physical raid on state records in order to conceal them from public view.

RED FLAG #3: Realizing we weren’t going to get hold of the Sarasota Police Department’s copies of the applications and orders anytime soon, we asked the county court if we could obtain copies from its files. Incredibly, the court said it had no copies. The court doesn’t even have docket entries indicating that applications were filed or orders issued. Apparently, the local detective came to court with a single paper copy of the application and proposed order, and then walked out with the same papers once signed by a judge.

Court rules — and the First Amendment — require judges to retain copies of judicial records and to make them available to the public, but the court (and the detective) completely flouted those requirements here.

The ACLU’s emergency motion seeks a temporary injunction preventing the Sarasota Police Department from transferring any more files to the U.S. Marshals, as well as a determination that the police violated state law by sending the stingray applications and orders to the Marshals Service in the first place and an order requiring the police to produce the records.

When the government obtains court authorization to use invasive surveillance equipment, the public should not be kept in the dark. We have open records laws for a reason, but they mean nothing if the government can violate their clear commands at its whim.
https://www.aclu.org/blog/national-s...tracking-files





N.S.A. Collecting Millions of Faces From Web Images
James Risen and Laura Poitras

The National Security Agency is harvesting huge numbers of images of people from communications that it intercepts through its global surveillance operations for use in sophisticated facial recognition programs, according to top-secret documents.

The spy agency’s reliance on facial recognition technology has grown significantly over the last four years as the agency has turned to new software to exploit the flood of images included in emails, text messages, social media, videoconferences and other communications, the N.S.A. documents reveal. Agency officials believe that technological advances could revolutionize the way that the N.S.A. finds intelligence targets around the world, the documents show. The agency’s ambitions for this highly sensitive ability and the scale of its effort have not previously been disclosed.

The agency intercepts “millions of images per day” — including about 55,000 “facial recognition quality images” — which translate into “tremendous untapped potential,” according to 2011 documents obtained from the former agency contractor Edward J. Snowden. While once focused on written and oral communications, the N.S.A. now considers facial images, fingerprints and other identifiers just as important to its mission of tracking suspected terrorists and other intelligence targets, the documents show.

“It’s not just the traditional communications we’re after: It’s taking a full-arsenal approach that digitally exploits the clues a target leaves behind in their regular activities on the net to compile biographic and biometric information” that can help “implement precision targeting,” noted a 2010 document.

One N.S.A. PowerPoint presentation from 2011, for example, displays several photographs of an unidentified man — sometimes bearded, other times clean-shaven — in different settings, along with more than two dozen data points about him. These include whether he was on the Transportation Security Administration no-fly list, his passport and visa status, known associates or suspected terrorist ties, and comments made about him by informants to American intelligence agencies.

It is not clear how many people around the world, and how many Americans, might have been caught up in the effort. Neither federal privacy laws nor the nation’s surveillance laws provide specific protections for facial images. Given the N.S.A.’s foreign intelligence mission, much of the imagery would involve people overseas whose data was scooped up through cable taps, Internet hubs and satellite transmissions.

Because the agency considers images a form of communications content, the N.S.A. would be required to get court approval for imagery of Americans collected through its surveillance programs, just as it must to read their emails or eavesdrop on their phone conversations, according to an N.S.A. spokeswoman. Cross-border communications in which an American might be emailing or texting an image to someone targeted by the agency overseas could be excepted.

Civil-liberties advocates and other critics are concerned that the power of the improving technology, used by government and industry, could erode privacy. “Facial recognition can be very invasive,” said Alessandro Acquisti, a researcher on facial recognition technology at Carnegie Mellon University. “There are still technical limitations on it, but the computational power keeps growing, and the databases keep growing, and the algorithms keep improving.”

State and local law enforcement agencies are relying on a wide range of databases of facial imagery, including driver’s licenses and Facebook, to identify suspects. The F.B.I. is developing what it calls its “next generation identification” project to combine its automated fingerprint identification system with facial imagery and other biometric data.

The State Department has what several outside experts say could be the largest facial imagery database in the federal government, storing hundreds of millions of photographs of American passport holders and foreign visa applicants. And the Department of Homeland Security is funding pilot projects at police departments around the country to match suspects against faces in a crowd.

The N.S.A., though, is unique in its ability to match images with huge troves of private communications.

“We would not be doing our job if we didn’t seek ways to continuously improve the precision of signals intelligence activities — aiming to counteract the efforts of valid foreign intelligence targets to disguise themselves or conceal plans to harm the United States and its allies,” said Vanee M. Vines, the agency spokeswoman.

She added that the N.S.A. did not have access to photographs in state databases of driver’s licenses or to passport photos of Americans, while declining to say whether the agency had access to the State Department database of photos of foreign visa applicants. She also declined to say whether the N.S.A. collected facial imagery of Americans from Facebook and other social media through means other than communications intercepts.

“The government and the private sector are both investing billions of dollars into face recognition” research and development, said Jennifer Lynch, a lawyer and expert on facial recognition and privacy at the Electronic Frontier Foundation in San Francisco. “The government leads the way in developing huge face recognition databases, while the private sector leads in accurately identifying people under challenging conditions.”

Ms. Lynch said a handful of recent court decisions could lead to new constitutional protections for the privacy of sensitive face recognition data. But she added that the law was still unclear and that Washington was operating largely in a legal vacuum.

Laura Donohue, the director of the Center on National Security and the Law at Georgetown Law School, agreed. “There are very few limits on this,” she said.

Congress has largely ignored the issue. “Unfortunately, our privacy laws provide no express protections for facial recognition data,” said Senator Al Franken, Democrat of Minnesota, in a letter in December to the head of the National Telecommunications and Information Administration, which is now studying possible standards for commercial, but not governmental, use.

Facial recognition technology can still be a clumsy tool. It has difficulty matching low-resolution images, and photographs of people’s faces taken from the side or angles can be impossible to match against mug shots or other head-on photographs.

Dalila B. Megherbi, an expert on facial recognition technology at the University of Massachusetts at Lowell, explained that “when pictures come in different angles, different resolutions, that all affects the facial recognition algorithms in the software.”

That can lead to errors, the documents show. A 2011 PowerPoint showed one example when Tundra Freeze, the N.S.A.’s main in-house facial recognition program, was asked to identify photos matching the image of a bearded young man with dark hair. The document says the program returned 42 results, and displays several that were obviously false hits, including one of a middle-age man.

Similarly, another 2011 N.S.A. document reported that a facial recognition system was queried with a photograph of Osama bin Laden. Among the search results were photos of four other bearded men with only slight resemblances to Bin Laden.

But the technology is powerful. One 2011 PowerPoint showed how the software matched a bald young man, shown posing with another man in front of a water park, with another photo where he has a full head of hair, wears different clothes and is at a different location.

It is not clear how many images the agency has acquired. The N.S.A. does not collect facial imagery through its bulk metadata collection programs, including that involving Americans’ domestic phone records, authorized under Section 215 of the Patriot Act, according to Ms. Vines.

The N.S.A. has accelerated its use of facial recognition technology under the Obama administration, the documents show, intensifying its efforts after two intended attacks on Americans that jarred the White House. The first was the case of the so-called underwear bomber, in which Umar Farouk Abdulmutallab, a Nigerian, tried to trigger a bomb hidden in his underwear while flying to Detroit on Christmas in 2009. Just a few months later, in May 2010, Faisal Shahzad, a Pakistani-American, attempted a car bombing in Times Square.

The agency’s use of facial recognition technology goes far beyond one program previously reported by The Guardian, which disclosed that the N.S.A. and its British counterpart, General Communications Headquarters, have jointly intercepted webcam images, including sexually explicit material, from Yahoo users.

The N.S.A. achieved a technical breakthrough in 2010 when analysts first matched images collected separately in two databases — one in a huge N.S.A. database code-named Pinwale, and another in the government’s main terrorist watch list database, known as Tide — according to N.S.A. documents. That ability to cross-reference images has led to an explosion of analytical uses inside the agency. The agency has created teams of “identity intelligence” analysts who work to combine the facial images with other records about individuals to develop comprehensive portraits of intelligence targets.

The agency has developed sophisticated ways to integrate facial recognition programs with a wide range of other databases. It intercepts video teleconferences to obtain facial imagery, gathers airline passenger data and collects photographs from national identity card databases created by foreign countries, the documents show. They also note that the N.S.A. was attempting to gain access to such databases in Pakistan, Saudi Arabia and Iran.

The documents suggest that the agency has considered getting access to iris scans through its phone and email surveillance programs. But asked whether the agency is now doing so, officials declined to comment. The documents also indicate that the N.S.A. collects iris scans of foreigners through other means.

In addition, the agency was working with the C.I.A. and the State Department on a program called Pisces, collecting biometric data on border crossings from a wide range of countries.

One of the N.S.A.’s broadest efforts to obtain facial images is a program called Wellspring, which strips out images from emails and other communications, and displays those that might contain passport images. In addition to in-house programs, the N.S.A. relies in part on commercially available facial recognition technology, including from PittPatt, a small company owned by Google, the documents show.

The N.S.A. can now compare spy satellite photographs with intercepted personal photographs taken outdoors to determine the location. One document shows what appear to be vacation photographs of several men standing near a small waterfront dock in 2011. It matches their surroundings to a spy satellite image of the same dock taken about the same time, located at what the document describes as a militant training facility in Pakistan.
http://www.nytimes.com/2014/06/01/us...eb-images.html

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

May 31st, May 24th, May 17th, May 10th, May 3rd


Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 04:52 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)