P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 18-07-18, 06:44 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - July 21st, ’18

Since 2002


































"I think everybody in America ought to be terrified about that." – Avery Gardiner






































July 21st, 2018




S. Korea Heightens Efforts to Root Out Illegal File Sharing on Overseas Sites
Yonhap

The South Korean government has intensified its efforts to crack down on illegal file sharing sites based overseas in response to increasing copyright infringement.

In a briefing on Tuesday, the relevant agencies -- the Ministry of Culture, Sports and Tourism, the Korea Communications Commission and the National Police Agency -- announced an ongoing war against online copyright infringement and investigation results.

The government formed a task force earlier in the year, which started cracking down on those sites in May.

The task force team has so far led 12 illegal sites to close or stop operating. Among them, eight site operators, including the illegal comics sharing site Bamtoki, will face legal action.

As part of the efforts, the Korea Copyright Protection Agency and the KCC have agreed to hire more officials tasked with monitoring illegal sites, as well as to expand government discussion and monitoring of the issue.

"We are making progress on censuring illegal content largely due to the relevant agencies' collaborative efforts," an official from the culture ministry said, adding that illegal sites operating overseas are no longer a grey area of copyright infringement and the government will hold them legally accountable.

The government vowed to continue cracking down on illegal file downloads until the Korean legal content market takes root to protect various kinds of cultural content, including web comics, entertainment shows and dramas.
http://www.koreaherald.com/view.php?ud=20180710000347





Amazon Briefly Sold Pirated Copies of ‘Frostpunk,’ ‘Surviving Mars’
Brittany Vincent

Update: Recently, Amazon began selling PC titles such as “Surviving Mars” and “Frostpunk” at exceedingly low prices. Buyers would find “Frostpunk,” for instance, for $2.99, when the game just released this past April. When potential buyers looked closer into these apparent bargains, it seemed that Amazon was, in fact, selling pirated copies of the games.

Redditors at r/GameDeals discussed the pricing in a thread, which pointed readers to the cheap copy of “Frostpunk,” which as listed as being for sale via Amazon Digital Services. It was a far cry from the game’s retail price of $29.99. “Surviving Mars” was sold for $3.99, when it normally sells for $39.99. Users eventually discovered that, after purchasing the cheap copy of “Frostpunk,” that it was indeed a pirated version.

“It’s piracy,” said Redditor CodependentlyWealthy. “Someone took the GOG version of the game, repackaged it with their [sic] own installer signed and published by ‘Ace Media Group LLC’ and submitted it to Amazon,” the user explained. Beyond that, players are unable to uninstall the game, and retain files were left in the installer from the GOG client used to run the game, making for a very sloppy pirating job.

The games have since been taken down from Amazon, and have since been labeled “currently unavailable.” Amazon has yet to comment on the situation, though “Surviving Mars” developers have confirmed that those sales were not approved, warning that users “steer clear” of the listings.

Reached for comment Tuesday evening, an Amazon representative said: “Our customers trust that when they make a purchase through Amazon’s store—either directly from Amazon or from its third-party sellers—they will receive authentic products, and we take any claims that endanger that trust seriously. We strictly prohibit the sale of counterfeit products and these games have been removed. “
https://variety.com/2018/gaming/news...es-1202875203/





Amazon’s Curious Case of the $2,630.52 Used Paperback
David Streitfeld

Many booksellers on Amazon strive to sell their wares as cheaply as possible. That, after all, is usually how you make a sale in a competitive marketplace.

Other merchants favor a counterintuitive approach: Mark the price up to the moon.

“Zowie,” the romance author Deborah Macgillivray wrote on Twitter last month after she discovered copies of her 2009 novel, “One Snowy Knight,” being offered for four figures. One was going for “$2,630.52 & FREE Shipping,” she noted. Since other copies of the paperback were being sold elsewhere on Amazon for as little as 99 cents, she was perplexed.

“How many really sell at that price? Are they just hoping to snooker some poor soul?” Ms. Macgillivray wrote in an email. She noted that her blog had gotten an explosion in traffic from Russia. “Maybe Russian hackers do this in their spare time, making money on the side,” she said.

Zowie. Amazon is selling copies of my One Snowy Knight for $1,558.59
+ $5.49 shipping + $0.00 estimated tax or $2,630.52
& FREE Shipping + $0.00 estimated tax Hang in there, it's being reprinted in July for MUCH less...lol pic.twitter.com/eEqWUzg7kf
— Deborah Macgillivray (@Scotladywriter) June 5, 2018

Amazon is by far the largest marketplace for both new and used books the world has ever seen, and is also one of the most inscrutable. The retailer directly sells some books, while others are sold by third parties. The wild pricing happens with the latter.

Books were Amazon’s first product. They made the company’s reputation and powered Jeff Bezos’ ascent to his perch as the world’s richest person. Amazon sold books so cheaply that land-based shops could not compete. It controls about half the market for new books, more than any bookseller in the history of the United States.

But books are now a minuscule part of the company’s revenue. Amazon is expanding into seemingly every field and geography, rattling competitors along the way. Prime Day, to be held on Monday, is a promotion that draws enormous media attention to discounted tech, gaming and other products. Meanwhile, the original bookstore is looking a little neglected, as if it were operated by algorithms with little sensible human input.

“Amazon is driving us insane with its willingness to allow third-party vendors to sell authors’ books with zero oversight,” said Vida Engstrand, director of communications for Kensington, which published “One Snowy Knight.” “It’s maddening and just plain wrong.”

The wild book prices were in the remote corners of the Amazon bookstore that the retailer does not pay much attention to, said Guru Hariharan, chief executive of Boomerang Commerce, which develops artificial intelligence technology for retailers and brands.

Third-party sellers, he said, come in all shapes and sizes — from well-respected national brands that are trying to maintain some independence from Amazon to entrepreneurial individuals who use Amazon’s marketplace as an arbitrage opportunity. These sellers list products they have access to, adjusting price and inventory to drive profits.

Then there are the wild pricing specialists, who sell both new and secondhand copies.

“By making these books appear scarce, they are trying to justify the exorbitant price that they have set,” said Mr. Hariharan, who led a team responsible for 15,000 online sellers when he worked at Amazon a decade ago.

Amazon said in a statement that “we actively monitor and remove” offers that violate its policies and that examples shown it by The Times — including the hardcover version of the scholarly study “William T. Vollmann: A Critical Companion,” which was featured for $3,204, more than 32 times the going price — were “in error, and have since been removed.” It declined to detail what its policies were.

A decade ago, Elisabeth Petry wrote a tribute to her mother, the renowned novelist Ann Petry. “At Home Inside,” published by the University of Mississippi Press, is now out of print, but late last week secondhand copies were for sale on Amazon. A discarded library copy was $1,900. One seller offered two copies, each for $1,967, although only one was described as “Nice!” All these were a bargain compared with the copy that cost $2,464.

“I wish I had some of that money,” Ms. Petry said.

Buying books on Amazon can be confusing, because sometimes the exact same book can have more than one listing. For instance, a search for the Petry book turned up another listing. This time, there was just one copy for sale, which cost a mere $691. Whether a customer paid that price or three times that sum apparently depended on what listing he or she found.

“Let’s be honest,” said Peter Andrews, a former Amazon brand specialist who is manager of international client services at One Click Retail, a consulting firm. “If I’m selling a $10 book for $610, all I need to do is get one person to buy it and I’ve made $600. It’s just a matter of setting prices and wishful thinking.”

One of the sellers of Ms. Macgillivray’s book is named Red Rhino, which says it is based in North Carolina. The bookseller’s storefront on Amazon is curiously consistent. One of the first books on the store’s first page was Anthony Bourdain’s “Kitchen Confidential.” It was priced at $607, a hundred times what it cost elsewhere on Amazon.

All the books on the first few pages of the storefront — including such popular standbys as “Fahrenheit 451,” “The Very Hungry Caterpillar” and “1984” — also go for $600.

That appears to be a popular price point for booksellers taking the high road. Acme Books, which was selling the $691 Petry book, used that exact price for “101 Blessings for the Best Mom in the World” and quite a few other books.

Red Rhino got nearly 1,400 customer-service reviews over the last year — an impressive number, considering many customers do not bother posting reviews. The reviews are 91 percent positive, although some of the reviewers appeared uncertain just what a book is. “The book is intact, and it is not broken,” wrote one. Commented another: “Very nice. Flexibility noted in many venues.”

Neither Acme nor Red Rhino returned emails for comment sent through their Amazon pages. As with many Amazon booksellers, it is hard to determine what, if any, existence they have outside the retailer.

Even a casual browse through the virtual corridors of Amazon reveals an increasingly bizarre bazaar where the quaint policies of physical bookstores — the stuff no one wants is piled on a cart outside for a buck a volume — are upended. John Sladek, who wrote perceptive science fiction about robotics and artificial intelligence, predicted in a 1975 story that computers might start making compelling but false connections:

If you’re trying to reserve a seat on the plane to Seville, you’d get a seat at the opera instead. While the person who wants the opera seat is really just making an appointment with a barber, whose customer is just then talking to the box-office of “Hair,” or maybe making a hairline reservation …

Mr. Sladek, who died in 2000, is little read now, which naturally means his books are often marketed for inordinate sums on Amazon. One of his mystery novels, “Invisible Green,” has a Red Rhino “buy box” — Amazon’s preferred deal — offering it for $664.

That is a real bargain compared with what a bookseller with the improbable name Supersonic Truck is asking: $1,942. (Copies from other booksellers are as little as $30.) Supersonic Truck, which Amazon says has 100 percent positive ratings, did not respond to a message seeking comment.

Ms. Macgillivray, who has published eight novels, said she had been poking around Amazon’s bookstore and was more perplexed than ever by the pricing.

“There’s nothing illegal about someone listing an item for sale at whatever the market will bear, even if they don’t have the book but plan to buy it when someone orders it,” she said. “At the same time, I would think Amazon wouldn’t want their platform used for less than honorable practices.”

Since Ms. Macgillivray tweeted about “One Snowy Knight,” the price on Amazon has not stood still. The most expensive copy just jumped again, to $2,800.
https://www.nytimes.com/2018/07/15/t...k-pricing.html





China's First $100M Film Pulled From Cinemas After Disastrous Opening Weekend

The producers of fantasy epic 'Asura' promoted the project as China's most expensive movie ever made, but it earned just $7.1 million over its opening weekend.
Patrick Brzeski

In the long lead-up to its release, Chinese fantasy epic Asura was promoted as China's most expensive film ever made, with a production budget of over $110 million (750 million yuan). So perhaps it's unsurprising that the film's producers, which include Jack Ma's Alibaba Pictures, decided to take desperate action after the movie opened to just $7.1 million over the weekend.

Late Sunday evening in Beijing, Asura's official social media accounts posted a simple statement saying that the film would be pulled from cinemas as of 10 p.m. local time. After landing in theaters with limited fanfare, China's priciest picture ever would vanish from the scene entirely.

Asura is co-produced by Zhenjian Film Studio and Ningxia Film Group — two of the investors behind the successful Painted Skin fantasy franchise — along with Alibaba Pictures Group and other minority investors.

The statement announcing Asura's retreat from cinemas supplied no explanation for the unprecedented move. But a representative from Zhenjian Film, which is credited as lead producer, later told Chinese news site Sina: "This decision was made not only because of the bad box office. We plan to make some changes to the film and release it again."

A spokesperson for the film declined to comment when contacted by THR on Monday.

The producers had hoped that Asura would serve as the kickoff to a major fantasy franchise — a property akin to China's own Lord of the Rings. The film is an original dramatization of ancient Tibetan mythology, with a vast set of characters occupying different heavenly realms. Teenage heartthrob Lei Wu plays the film's hero, a young boy who must embark on an epic journey to save Asura, a godly dimension of pure desire, after it is threatened by a coup from a lower kingdom. Veteran Hong Kong actors Tony Ka Fai Leung and Carina Lau also star as mythical demigods.

Some in the Chinese industry have expressed skepticism over Asura's purported $113 million budget — most of China's biggest blockbusters, such as Wolf Warrior 2 ($870), have been made for about half that much — but it's clear that the film's backers spent heavily on foreign production talent and lavish visual effects. The film's costumes were designed by Oscar-winner Ngila Dickson (Lord of the Rings), while Hollywood veteran Martín Hernandez served as audio director (The Revenant, Birdman) and Charlie Iturriaga (Deadpool, Furious 7) supervised the VFX work. The film is the directorial debut of Hollywood stunt coordinator-turned-filmmaker Peng Zhang (Rush Hour 3, Twilight 1 & 2).

Adding a layer of intrigue to the saga, Asura's backers are now alleging sabotage.

Some 90 percent of all Chinese movie tickets are bought online and two mobile ticketing platforms currently dominate the market, Alibaba-owned Tiao Piao Piao and Maoyan, partially backed by Tencent. Both services supply average user review scores for every film on release — numbers that have the same controversial power as Rotten Tomatoes' "tomatometer ratings" or Metacritic's "metascores" in North America. A third influential Chinese review aggregator, Douban.com, operates independently of the ticketing services and is known to attract a more discerning, sometimes snarky, reviewer community.

Just as trolls have occasionally gamed Rotten Tomatoes ratings in the U.S., Chinese studios have sometimes alleged that their scores were unfairly hurt by fake negative reviews — or that the competition was boosted by purchased positive ones. Such ghostwriters for hire are known in China as "shuijun," a pejorative term that literally means “water army,” because companies pay them to “flood” forums with fake reviews.

Asura's producers are now alleging that they were targeted by a particularly aggressive "water army" attack. In a second social media post, they say they discovered a large number of 1/10 reviews for Asura posted to Maoyan by suspicious accounts immediately after the film's release. Describing the episode as "the shame of the industry," they say a sizable discrepancy soon emerged between Asura's early average scores on Maoyan (4.9/10) and on Alibaba's Tiao Piao Piao (8.4/10). The statement concludes with a series of pointed statements directed at Maoyan, questioning the integrity of the platform's rating system and asking when the company will take action to address such problems. The post also ends with some disparaging words for the shadowy, unknown perpetrators of the campaign, saying that "whoever is behind this is dirty, stupid and ridiculous."

Asura's disastrously small debut may be the result of more important factors than a temporary rigging of Maoyan's ratings, however (After all, the ticketing service is usually estimated to have a market share of less than 40 percent).

A more obvious explanation could be that the film opened against uncommonly strong competition. During the same frame that Asura debuted to just $7.1 million, holdover blockbuster Dying to Survive added $69 million for an 11-day total of $366 million, while veteran actor-director Jiang Wen's much anticipated period action movie Hidden Man opened to a healthy $46.2 million. Both films also have been critical favorites: Dying to Survive ranks at 8.9/10 or higher across all Chinese platforms, while Hidden Man has an average score of about 7.4/10.

The available tracking data also suggests that the usual makers of a bomb — low audience interest, weak marketing — also probably played a part. "Based on our tracking, prerelease market heat for this movie was quite low — below average," a representative for Beijing-based market research firm Fankink told THR Monday.

Asura's score on Maoyan also moderated to 6.4/10 as the weekend progressed, while its rating on Alibaba's Tao Piaopiao dropped to 7.1/10 by Sunday. If Maoyan's score started unfairly low, Tao Piao Piao's may have been initially inflated (both ticketing services have since pulled Asura's scores, since the film is no longer on release). Meanwhile, on Douban, Asura has held to the uncommonly low score of 3.1/10. Fair play or the work of a water army? The Internet in China will soon have its say.
https://www.hollywoodreporter.com/ne...eekend-1127224





Netflix Plummets after Missing Big on Subscriber Growth

• Netflix missed its subscriber addition projections for the first time in five quarters, leading shares to tumble.
• Domestic subscriber additions: 674,000 vs. 1.23 million subscribers estimated, per FactSet and Street Account
• International subscriber additions: 4.47 million subscribers vs. 5.11 million subscribers estimated, per FactSet and Street Account

Michelle Castillo

Netflix missed its subscriber addition projections for the first time in five quarters, leading shares to tumble more than 14 percent.

The company reported second-quarter earnings after the market closed on Monday. In addition to a slight miss on revenue compared to estimates, Netflix posted a huge miss on subscriber additions. The company only added 5.15 million subscribers, about one million less than forecast. Domestic additions were only a little more than half of its projections, while it just added 4.5 million subscribers internationally.

Netflix reported:

• Revenue: $3.91 billion vs. $3.94 billion estimated, according to a Thomson Reuters consensus estimate.

• Domestic subscriber additions: 674,000 vs. 1.23 million subscribers estimated, per FactSet and Street Account

• International subscriber additions: 4.47 million subscribers vs. 5.11 million subscribers estimated, per FactSet and Street Account

• Earnings per share (EPS): 85 cents (including $85 million in non-cash unrealized gain). It was not immediately clear if Netflix's reported EPS was comparable with a Thomson Reuters consensus estimate of 79 cents.

Some analysts were worried the company could not sustain its share price growth, which is over 100 percent year-to-date. They also raised concerns as competitors like Amazon ramp up their streaming efforts, while others like Disney and AT&T are prepared to invest in more digital content. Netflix is expected to spend up to $8 billion this year on 700 original series.

Netflix also issued a weaker guidance for the third quarter than expected, saying it is expecting to add 5 million subscribers total compared to an analyst estimate of more than 6 million. It is projecting 650,000 new subscribers in the U.S. and 4.35 million internationally.
https://www.cnbc.com/2018/07/16/netf...-earnings.html





PeerTube, the “Decentralized YouTube”, Succeeds in Crowdfunding
A.S.

It is done. With 53,100 euros collected in forty-two days, the PeerTube project originating in France blows through its initial goal. The principle is intriguing: a fully decentralized version of YouTube , whose computer code is freely accessible and editable, and where videos are shared between users without relying on a central system. Online since March 2018 in a beta version, the project should definitely take off by October, based on the money raised.

At the origin of PeerTube is the French association Framasoft , one of the main associations advocating for the development of free software in Europe. With its strategy of development and centralization, Google, which owns YouTube, quickly became a symbol in the fight orchestrated by Framasoft – which launched four years ago a campaign called “De-google-ify Internet” .

11,000 videos online

Like Mastodon, an alternative to Twitter launched in 2016, PeerTube relies on a decentralized and federative system. In other words, there is no higher authority that manages, broadcasts and moderates the content offered, as is the case with YouTube, but a network of “instances”. Created by one or more administrators, these communities are governed according to principles specific to each of them. Anyone can freely watch the videos without registering, but to upload a video, you must choose from the list of existing instances , or create your own if you have the necessary technical knowledge.

At the moment, 141 instances are proposed. Most do not have specifics, but one can find communities centered on a theme or open to a particular region of the world. In all, more than 4,000 people are currently registered on PeerTube, for a total of 338,000 views for 11,000 videos.

Possible Evolutions/ Predictions

PeerTube is fully editable and adaptable to the needs of everyone …, provided you know how to code . The registered community is largely composed of a technophile user-base, and therefore able to propose new features. Improving and simplifying the user experience is one of Framasoft’s main objectives.

But the current operation of the platform, not really intuitive for a non-initiated, is also the main flaw of PeerTube. ” The Gafam put us in a position of consumers,” says Pouhiou, communication officer for Framasoft. ” Of course, they have the means to create extraordinarily practical software that brings a lot of comfort to the user. But often, this gain of comfort is accompanied by a loss of control of our data. If we want to regain the power , we must also take the responsibilities that go with it. ”

This ” incompressible ” difficulty does not necessarily worry the association. PeerTube is not for the moment a ” YouTube killer “, but a project in its youth. There is no question of attracting too many users at once: the platform, largely perfectible, might discourage the general public – some functions, such as the subscription to a channel, are not yet in place. PeerTube does not seek to attract star Youtubers either.

Unlike YouTube, PeerTube does not display default ads. ” In terms of monetization, we wanted to make a neutral tool, ” says Pouhiou. For now, a simple “support” button allows videographers to direct their viewers to Tipee, Patreon, Paypal and other donation tools. But in the future, Framasoft hopes that ” people will be able to code their own monetization system “.

Self-managed moderation

Other issues may eventually be debated. The pornographic content, authorized by certain instances-provided they display a label ” Not safe for work ” and blur the thumbnail- is still present among the most popular videos of PeerTube. The organization into federations can also open the door to the creation of instances accepting extremism and calls for violence.

Again, Framasoft relies on its community to prevent overflows and maintain the original freshness: ” PeerTube works a little on the same principle as Twitter , says Pouhiou. We can track and add videos on an instance but it is not automatically reciprocal. A community can be ostracized if its actions are considered harmful by others . ”

How will PeerTube evolve? Two years after its creation, his “big brother” Mastodon is doing rather well , and has exceeded one million users. So there is hope for an alternative to big machines in Silicon Valley. Especially since accumulating in recent months the problems of moderation and monetization, YouTube has alienated some of its users, who may well appreciate the emergence of an alternative.
https://quariety.com/2018/07/20/peer...-crowdfunding/





FCC Vote Likely Dooms Sinclair-Tribune Merger

An order refers the case to a judge, but mergers usually die at that point.
Kris Holt

The FCC has voted to send the proposed sale of Tribune Media properties to Sinclair to a hearing, effectively hammering the second-to-last nail in the coffin on the buyout. The agency's commissioners unanimously agreed on a Hearing Designation Order (HDO), which refers the matter to a judge -- at which point mergers usually die.

Earlier this week, FCC chairman Ajit Pai raised "serious concerns" about Sinclair's selloff of 21 stations it had proposed in order to remain under station ownership limits post-merger. Had Sinclair declined to sell off some stations, its 173 broadcast stations in 81 markets, combined with Tribune's 42 stations in 33 markets would reach 72 percent of US TV households.

The FCC's National TV Ownership rule "does not limit the number of TV stations a single entity may own nationwide so long as the station group collectively reaches no more than 39 percent of all US TV households." But the rule is more flexible for stations that broadcast using UHF frequencies.

Pai, who has been accused of aiding the merger by relaxing the ownership regulations, said Monday that Sinclair's plan would allow the company "to control those stations in practice, even if not in name, in violation of the law." He noted that, "When the FCC confronts disputed issues like these, the Communications Act does not allow it to approve a transaction."

The order lays out some valid concerns over some of the stations Sinclair planned to sell, particularly related to stations in Chicago, Dallas and Houston. Sinclair removed applications related to stations in those three cities Wednesday, but one of them laid out a plan to "transfer WGN-TV in Chicago to an individual (Steven Fader) with no prior experience in broadcasting who currently serves as CEO of a company in which Sinclair's executive chairman has a controlling interest." Sinclair still would have owned most of WGN-TV's assets, and largely would have been responsible for running it.

That application included a buyback clause for Sinclair (which it would presumably would have taken up had station ownership rules changed down the line), and suggests Fader would buy the station at far below market value for "the station license and certain other minimal assets." The HDO raises similar concerns with Cunningham Broadcast Corporation, which was to buy some other stations.

The judge to whom the order refers the case will determine whether Sinclair would still effectively control some of the stations it planned to sell. The judge should rule within the next month or so on a timeframe for the hearings.
https://www.engadget.com/2018/07/19/...gnation-order/





Effort to Shame Republicans for Killing Net Neutrality Gains Steam in the House

Ignoring the public’s will on net neutrality is going to be an issue in the midterms.
Karl Bode

Colorado Representative Mike Coffman is the first House Republican to break party ranks and support an effort to reverse the FCC’s historically-unpopular attack on net neutrality.

The Senate voted 52-47 last May to use the Congressional Review Act to restore the popular FCC rules, first passed in 2015 then repealed last November. The Senate vote required several Republicans, like Maine Senator Susan Collins, to break ranks in order to succeed.

The focus then shifted to the House, where net neutrality supporters need 215 votes to force the reversal. With Coffman’s vote, the number of supporters of the initiative now rests at 176. Net neutrality activists hope Coffman’s decision will encourage other Republican lawmakers to support the effort.

“The dam is breaking, as it should,” the ACLU said of Coffman’s move. “Rep. Coffman’s support to undo FCC Chairman Ajit Pai’s repeal of net neutrality shows that public pressure is continuing to build on this issue and cannot be ignored this November.”

Net neutrality has overwhelming, bipartisan public support, since most people realize that a healthy, open internet free of giant ISP meddling benefits consumers and competitors alike. But ISPs have long succeeded in framing the debate as a partisan one to help stall progress, sow public dissent, and prevent legislative consensus.

Coffman issued a statement indicating he’d not only be joining the Congressional vote to restore the FCC’s rules, he’d be tabling his own net neutrality legislation.

The problem: analysis of Coffman’s proposed law shows it to be significantly weaker than the FCC’s original proposal, while failing to address numerous areas where ISPs behave anti-competitively—such as usage caps or the kind of interconnection shenanigans that slowed many Netflix streams to a crawl a few years back.

Coffman’s bill also isn’t likely to survive the House, thanks to ISP loyal lawmakers like Tennessee Rep. Marsha Blackburn, who has been pushing her own, loophole-filled and ISP-approved legislation in an effort to prevent tougher state or federal laws from taking root.

“While my bill moves through the Congress, I am taking an ‘all of the above’ approach by simultaneously signing the discharge petition on the CRA, and introducing my bill” said Coffman.

To be clear, even with Coffman’s support, the gambit remains a decidedly uphill affair.

Should it pass the House, the proposal would still need to avoid a veto by President Trump, whose public statements have indicated he doesn’t actually understand what what net neutrality is. He’s largely relegated all authority on the matter to FCC boss Ajit Pai, whose disdain for consumer protections and public feedback is already the stuff of internet legend.

Still, Democrats hope that putting the issue to a vote will force ISP-loyal lawmakers to put their blind fealty to ISPs like Comcast to a documented public vote, something that’s not likely to earn Republicans any favors during the already contentious, looming midterm elections.

Should the CRA gambit fail, the next best effort to restore net neutrality rests with looming court challenges by consumer groups and small companies like Mozilla, who say the FCC ignored the will of the public, the insight of most experts, and all objective data in a rushed attempt to please Comcast, AT&T and Verizon.

ISPs are also facing efforts in more than half the States in the country to pass state level net neutrality protections. AT&T, Verizon and other providers have threatened to sue states that try to stand up for consumers, and cable providers like Charter are already trying to use the FCC repeal to claim states cannot hold ISPs accountable for terrible broadband service.

Should these efforts fail to hold ISPs like Comcast accountable, the next best hope for restoring net neutrality and a healthy internet rests with voting cash-compromised lawmakers out of office in the looming midterms and thereafter.
https://motherboard.vice.com/en_us/a...m-in-the-house





Study Suggests Buried Internet Infrastructure at Risk as Sea Levels Rise
Terry Devitt

Thousands of miles of buried fiber optic cable in densely populated coastal regions of the United States may soon be inundated by rising seas, according to a new study by researchers at the University of Wisconsin-Madison and the University of Oregon.

The study, presented here today (July 16, 2018) at a meeting of internet network researchers, portrays critical communications infrastructure that could be submerged by rising seas in as soon as 15 years, according to the study's senior author, Paul Barford, a UW-Madison professor of computer science.

"Most of the damage that's going to be done in the next 100 years will be done sooner than later," says Barford, an authority on the "physical internet" -- the buried fiber optic cables, data centers, traffic exchanges and termination points that are the nerve centers, arteries and hubs of the vast global information network. "That surprised us. The expectation was that we'd have 50 years to plan for it. We don't have 50 years."

The study, conducted with Barford's former student Ramakrishnan Durairajan, now of the University of Oregon, and Carol Barford, who directs UW-Madison's Center for Sustainability and the Global Environment, is the first assessment of risk of climate change to the internet. It suggests that by the year 2033 more than 4,000 miles of buried fiber optic conduit will be underwater and more than 1,100 traffic hubs will be surrounded by water. The most susceptible U.S. cities, according to the report, are New York, Miami and Seattle, but the effects would not be confined to those areas and would ripple across the internet, says Barford, potentially disrupting global communications.

The peer-reviewed study combined data from the Internet Atlas, a comprehensive global map of the internet's physical structure, and projections of sea level incursion from the National Oceanic and Atmospheric Administration (NOAA). The study, which only evaluated risk to infrastructure in the United States, was shared today with academic and industry researchers at the Applied Networking Research Workshop, a meeting of the Association for Computing Machinery, the Internet Society and the Institute of Electrical and Electronics Engineers.

Much of this infrastructure is buried and follows long-established rights of way, typically paralleling highways and coastlines, says Barford. "When it was built 20-25 years ago, no thought was given to climate change."

Many of the conduits at risk are already close to sea level and only a slight rise in ocean levels due to melting polar ice and thermal expansion as climate warms will be needed to expose buried fiber optic cables to sea water. Hints of the problems to come, says Barford, can be seen in the catastrophic storm surges and flooding that accompanied hurricanes Sandy and Katrina.

Buried fiber optic cables are designed to be water-resistant, but unlike the marine cables that ferry data from continent to continent under the ocean, they are not waterproof.

Risk to the physical internet, says Barford, is coupled to the large population centers that exist on the coasts, which also tend to be the same places where the transoceanic marine cables that underpin global communication networks come ashore. "The landing points are all going to be underwater in a short period of time," he notes.

Moreover, much of the data that transits the internet tends to converge on a small number of fiber optic strands that lead to large population centers like New York, one of the more vulnerable cities identified in the study.

The impact of mitigation such as sea walls, according to the study, are difficult to predict. "The first instinct will be to harden the infrastructure," Barford says. "But keeping the sea at bay is hard. We can probably buy a little time, but in the long run it's just not going to be effective."

In addition to looking at the risk to local and long-haul infrastructure in the nation's coastal areas, the study examined the risk to the buried assets of individual internet service providers. It found the networks of CenturyLink, Inteliquent and AT&T to be at highest risk.

The findings of the study, argues the Wisconsin computer scientist, serve notice to industry and government. "This is a wake-up call. We need to be thinking about how to address this issue."
https://www.eurekalert.org/pub_relea...-ssb071218.php





Google Fiber Could Get a Jolt from FCC Utility Pole Policy

It would give companies access to territory that telecoms and internet providers had ruled.
David Lumb

Google Fiber could get serious help from a new rule (PDF) the FCC is set to pass that would give individual companies access to poles across the US. Currently, independent bodies -- like, say, a new internet provider -- who want to add their lines to poles must request telecoms to do the work, but the federal agency is considering implementing a nationwide One Touch Make Ready (OTMR) arrangement that would allow companies to add their cables themselves. In short, this could seriously help Google speed up the rollout of its high-speed internet solution.

In a blog post, the company admitted that it underestimated how much access and space on utility and phone poles to place communications equipment has slowed Google Fiber's expansion. This isn't a new: Access to and real estate on communications infrastructure was important to the rollout of high-speed internet in Europe early in the decade, and it remains crucial in the US. Google has actually benefited from OTMR rules implemented locally -- at least until telecoms intervened, like when Comcast sued the city of Nashville in 2016 to overturn its new statutes.

As the FCC was poised to consider telecoms and internet providers a Title II utility in early 2015, Google argued to be included in that group, which would give it access to utility poles instead of being forced to dig trenches for its cables. Should the agency implement its OTMR policy, it wouldn't be a surprise to see pushback from traditional telecoms and providers -- but it could mean Google Fiber would be able to shift from its predominantly-wireless detour back to hooking new communities up to its high-speed networks.
https://www.engadget.com/2018/07/13/...y-pole-policy/





Russia’s Alternate Internet

Russia says it’s creating its own internet infrastructure for security reasons — but it has some experts worried.
Mack DeGeurin

Russia has nearly completed an alternative to the Domain Name System — the common “phone book” of the internet that translates numerical IP addresses to readable text like “Amazon.com” and “NYMag.com.” When implemented, the DNS alternative could separate Russia and its allies from the rest of the connected internet — a possibility that, however remote, has experts worried about a “balkanization” of a global network.

Last November, the Russian Security Council announced its ambition to create an independent internet infrastructure for Russia and the other members of BRICS (Brazil, India, China, and South Africa). According to reports, the Russian government sought to create the alternative internet to protect itself from American and Western manipulation of internet services and avoid “possible external influence.” (Sound familiar?)

Now, the project appears near completion. Last week, a senior member of the Russian Foreign Ministry reportedly said that the DNS alternative was ready, but would only be used in “the worst-case scenario.” While the Russian government claims it needs this DNS alternative as a defensive measure to avoid American and Western European cyberattacks, security experts worry it could be used as a backup for an offensive attack.
Photo: Sergei Chirikov/AFP/Getty Images

“If they have their own DNS system that would make it easy for them to threaten or to actually attack our [internet] infrastructure,” Mike Lloyd, a network security expert at RedSeal, told Select All.

Lloyd compared the internet to a medieval city where everyone drinks from the same water well. “If I choose to dig another well because I want another water supply, is that because I am worried you are going to cut off access to my water supply, or is it because I want to poison your water supply and be able to keep drinking mine?” Lloyd added.

A fully implemented DNS alternative could also impede experts’ ability to trace online trolls and misinformation spreaders. “Right now, forensic analysts have a lot of access into DNS records,” Bob Gourley, CTOvision publisher and former chief technology officer at the Defense Intelligence Agency, told Select All. “Russia would have the ability to reduce the forensic evidence that investigators have access to.”

In the event of misinformation attacks, like the ones conducted during the 2016 elections, this alternative DNS would make it easier for a nation state to cover its tracks. “The use of these Russian internet troll farms and these social-media campaigns, even figuring that out is going to be harder if Russia controls all the DNS information,” added Gourley.

While experts would still likely be able to trace a troll farm back to its nation origin, this DNS alternative would make it difficult to pinpoint the exact address of origin. In the Russia example, Gourley said, this would make it easy for the government to deny responsibility.

According to Lloyd, the Russian Foreign Ministry’s claim that it’s using the system to avoid Western surveillance does not add up. Since most of the actual underwater internet cables route through the United States at some point, Lloyd says Russia would need to physically relay its own cable if it truly wanted to eliminate the possibility of Western surveillance.

Russia’s DNS alternative also differs significantly from other internet manipulations in authoritarian states like China and North Korea. Where China’s Great Firewall places a premium on surveillance, Russia’s DNS alternative does not. Partly, this is because of cost (China reportedly employs over 2 million workers to manage its surveillance state), but also because Russia realizes it is engaged in a constant arms race with its citizens between surveillance and circumvention — a race it is unlikely to win. As Russia and Iran’s recent Telegram-ban failures demonstrate, tech-savvy users will find ways around most blocks.

While Russia may not invest as heavily in surveillance, if implemented properly, Gourley said this new DNS alternative could severely restrict access to certain sites by Russian citizens. According to Gourley, the Russian government could choose to limit access to Western sites like Facebook or Google, or restrict Western news outlets.

“This shows how important geopolitical factors are to the technology world,” Gourley said. “Global politics and how the internet is governed are totally related now. Russia and China have overlapping interests when it comes to cracking down on the use of the internet by open societies, and cracking down on the internet within their own countries.”

Of course, the degree to which you should worry about an attack on DNS depends largely on how suspicious you are of Russia. The thing is, Russia has already proven that it possesses the capacity and the willingness to attack nation states by crippling their internet infrastructure.

Take last year’s NotPetya ransomware attack, which crippled Ukraine’s power grid and banking sector and led to the loss of billions of dollars throughout Europe. The attack was attributed to the Russian GRU foreign military intelligence agency by both the United States and the United Nations. These threats on internet and physical infrastructure are not just limited to Ukraine. In March, the U.S. Department of Homeland Security and the FBI released a joint statement that claimed that Russian cyberthreat actors have been targeting critical U.S. infrastructure since 2016.

What an Attack on DNS Would Look Like

On an early October morning in 2016, millions of U.S. internet users awoke to find their daily routines in shambles. Morning Mix Spotify playlists would not load, Netflix streams were down, and PayPal accounts were disabled. Those searching for answers on Twitter and Reddit found that they, too, were offline.

By the end of the day, service to these sites returned, but the damage was done. DYN, a major DNS provider and one of the main backbones of the internet, had been attacked by a powerful, destructive botnet.

Can't get on a website? This is a live map, right now, of the massive DDoS attacks on Dyn's servers. It is creating many issues right now. pic.twitter.com/fekUqNgaL7
— Flying With Fish (@flyingwithfish) October 21, 2016

This massive disturbed-denial-of-service attack launched against DYN was one of the largest in history and introduced the world to now-notorious Mirai Botnet. It was also launched by a crew of teenage Minecrafters.

According to Lloyd, a successful Russian attack on DNS could resemble something akin to the DYN attack, except instead of originating with kids, it would have the financial and military backing of major Russian intelligence agencies. With its own DNS, Russia (and any allies using the alternative) could launch an attack without getting caught in the cross fire.

Again, one should treat possibilities of cyberdoom with a heavy bit of skepticism. Maybe this Russian internet precaution does serve the sole purpose of protecting Russia from potential U.S. intervention. Indeed, the U.S. has its own proven track record of foreign manipulation.

However, given the post–2016 election revelations of Russian hacking and online manipulation throughout the U.S. and the West, and the Kremlin’s close ties to NotPetya, one need not stretch the imagination far to give credence to these concerns.
http://nymag.com/selectall/2018/07/r...berattack.html





Charges Against Russians Undermine Assange Denials About Hacked Email Origins
Raphael Satter and Desmond Butler

At the beginning of 2017, one of Julian Assange's biggest media boosters traveled to the WikiLeaks founder's refuge inside the Ecuadorean Embassy in London and asked him where he got the leaks that shook up the U.S. presidential election only months earlier.

Fox News host Sean Hannity pointed straight to the purloined emails from the Democratic National Committee and Hillary Clinton's campaign chairman.

"Can you say to the American people, unequivocally, that you did not get this information about the DNC, John Podesta's emails, can you tell the American people 1,000 percent you did not get it from Russia or anybody associated with Russia?"

"Yes," Assange said. "We can say — we have said repeatedly — over the last two months that our source is not the Russian government and it is not a state party."

The Justice Department's indictment Friday of 12 Russian military intelligence officers undermines those denials. And if the criminal charges are proved, it would show that WikiLeaks (referred to as "Organization 1" in the indictment) received the material from Guccifer 2.0, a persona directly controlled by Russia's Main Intelligence Directorate of the General Staff, also known as GRU, and even gave the Russian hackers advice on how to disseminate it.

Whether Assange knew that those behind Guccifer 2.0 were Russian agents is not addressed in the indictment. But it seems unlikely that Assange, a former hacker who once boasted of having compromised U.S. military networks himself, could have missed the extensive coverage blaming the Kremlin for the DNC hack.

Assange told Hannity he exercised exclusive control over WikiLeaks' releases.

"There is one person in the world, and I think it's actually only one, who knows exactly what's going on with our publications and that's me," Assange said.

On June 22, 2016, by which point the online publication Motherboard had already debunked Guccifer 2.0's claim to be a lone Romanian hacker, WikiLeaks sent a typo-ridden message to the persona, saying that releasing the material through WikiLeaks would have "a much higher impact than what you are doing," the indictment states.

"If you have anything hillary related we want it in the next (two) days pref(er)able because the DNC is approaching and she will solidify bernie supporters behind her after," says a message from July 6, 2016, referring to the upcoming Democratic National Convention and Clinton's chief party rival, Bernie Sanders.

The exchange appears to point to a desire to undercut Clinton by playing up divisions within the Democratic camp.

"we think trump has only a 25% chance of winning against hillary ... so conflict between bernie and hillary is interesting," the message says.

At that time in the campaign, there were simmering tensions between the supporters of Clinton and Sanders that would come to a head during the convention because of the hacked emails.

WikiLeaks and a lawyer for Assange, Melinda Taylor, did not return messages seeking comment on the indictment or the exchanges with Guccifer 2.0.

Assange's eagerness to get his hands on the alleged material from GRU reflected in the indictment — and prevent anyone else from beating WikiLeaks to the punch — is also revealed in leaked messages to journalist Emma Best. She, like several other reporters, also was in communication with Guccifer 2.0.

In copies of Twitter messages obtained by The Associated Press and first reported by BuzzFeed, WikiLeaks demands that Best butt out.

"Please 'leave' their convers(a)tion with them and us," WikiLeaks said on August 13, 2016, arguing that the impact of material would be "very substantially reduced" if Best handled the leak.

Best told BuzzFeed she dropped the matter. About an hour after the conversation ended, Guccifer 2.0 announced on Twitter that it was sending a "major trove" of data and emails to WikiLeaks.

The indictment also puts to rest a conspiracy theory, carefully nurtured by Assange and his supporters, that slain DNC staffer Seth Rich was at the origin of the leaks.

Rich died in July 2016 in what police in the District of Columbia say was a botched robbery. But the tragedy became fodder for conspiracy theorists who pushed the unfounded allegation that Rich, 27, had been providing information to the hackers and was killed for it.

It was Assange who first floated the idea into the mainstream, bringing up Rich's case in an interview with Dutch television the following month.

"What are you suggesting?" the startled anchor asked him.

"I'm suggesting that our sources take risks and they become concerned to see things occurring like that," Assange answered.

The anchor pressed Assange repeatedly, eventually saying: "It's quite something to suggest a murder. That's basically what you're doing."

Over the next few months, WikiLeaks would continue to amplify the conspiracy theory -- all while stopping short of endorsing it outright. During all this time, the indictment alleges, WikiLeaks knew full well that Guccifer 2.0 was its source, cajoling the account's operators to hand it more data and ordering rival journalists to steer clear.

The conspiracy theory has been a source of deep pain for Rich's family, who declined to comment on the indictment.

Lisa Lynch, an associate professor of media and communications at Drew University who has written about WikiLeaks, said the indictment highlighted the cynicism of WikiLeaks' wink-wink support for conspiracy theories.

"We can see very well-intentioned people arguing about whether those documents should be published," Lynch said of the DNC documents. "But the whole Seth Rich thing is incredibly venal."
http://www.courant.com/nation-world/...715-story.html





Microsoft Says Russia Tried to Hack Three 2018 US Midterm Candidates
Max de Haldevang

A Microsoft executive today swiftly contradicted Donald Trump’s claim that Russia is not trying to disrupt the 2018 midterms: The company has already worked with the US government to foil Russian hacking attempts on three candidates.

While refusing to disclose their names for privacy reasons, Tom Burt, Microsoft’s vice president for customer security, told the Aspen Security Forum that the three candidates “were all people who, because of their positions, might have been interesting targets from an espionage standpoint, as well as an election disruption standpoint.”

Burt said that the hackers targeted the candidates’ staffers with the kind of phishing tactics used to inveigle their way into the Democratic National Committee servers in 2016: They set up a fake Microsoft domain and attempted to direct staffers towards it. The government and Microsoft “were able to avoid anyone being infected by that particular attack,” he said.

When asked yesterday if he believed Russia was interfering in the US midterms, Trump said: “No.” This contradicted his own intelligence chief Dan Coats’s statement days earlier: “Today, the digital infrastructure that serves this country is literally under attack.”

White House press secretary Sarah Huckabee Sanders later claimed Trump had been misunderstood, insisting that he had meant “no” to further questions from reporters. “We believe that the threat still exists,” she said, according to the New York Times (paywall). “Which is why we are taking steps to prevent it.”

Burt said that so far Russian hackers have been less active than in 2016, during the presidential race. “The consensus of the threat intelligence community right now is that we’re not seeing the same level of activity by the Russian activity groups,” he said. “We don’t see the activity of them trying to infiltrate think tanks and academia and in social networks to do the research that they do to build the phishing attacks.”

He warned, however: “That doesn’t mean we’re not going to see it, there’s a lot of time left before the election.”
https://qz.com/1332159/microsofts-to...rm-candidates/





Thousands of Mega Logins Dumped Online, Exposing User Files

Exclusive: Email addresses, passwords, and lists of file names were exposed.
Zack Whittaker

Thousands of credentials for accounts associated with New Zealand-based file storage service Mega have been published online, ZDNet has learned.

The text file contains over 15,500 usernames, passwords, and files names, indicating that each account had been improperly accessed and file names scraped.

Patrick Wardle, chief research officer and co-founder at Digita Security, found the text file in June after it had been uploaded to malware analysis site VirusTotal some months earlier by a user purportedly in Vietnam.

Wardle passed the data to ZDNet.

We verified that the data belonged to Mega, the file-sharing site formerly owned by internet entrepreneur Kim Dotcom by contacting several users, who confirmed that the email address, password, and some of the files we showed them were used on Mega. (You can read more here about how we verify data breaches.)

The listings date back to the cloud service's debut in 2013, and as recently as January.

We sent the data to Troy Hunt, who runs data breach notification site Have I Been Pwned, to analyze. His analysis pointed to credential stuffing -- where usernames and passwords are stolen from other sites and ran against other sites -- rather than a direct breach of Mega's systems. He said that 98 percent of the email addresses in the file had already been in a previous breach collected in his database.

Some 87 percent of the accounts in the Mega file were found in a massive collection of 2,844 data breaches that he uploaded to the service in February, said Hunt.

Of those we contacted, five said that they had used the same password on different sites.

When reached, Mega chairman Stephen Hall also said the exposed credentials pointed to credential stuffing, and not a breach.

He said in an email that the list is "only 0.0001 percent of our 115 million registered users."

It's not known who compiled the list or how the data was scraped. Although the site claims to offer end-to-end encryption so that even the company can't see what is uploaded, the site doesn't allow for two-factor authentication -- making it far easier to break into accounts when a user's account password leaks. An attacker would only need to use the credentials to log in to each account to confirm they work, and to scrap the file names.

Hall said the company plans to introduce two-factor authentication "soon," but did not say when.

Mega keeps a record of the IP address of each user who logs in to an account. Three users said they saw suspicious logins accessing their account from countries in Eastern Europe, Russia, and South America in the past few months since the credentials file was uploaded.

One of the accounts in the file contained file listings for what appeared to describe child abuse content. Given the nature of the account's content, ZDNet informed the authorities.

In a reply to our email, Hall said it was "unclear" if the child abuse content was uploaded by the original account owner or if it was uploaded by someone else using the account as an anonymous drop box.

But the illegal content was uploaded years earlier, according to upload dates on the file listing, making any recent third-party involvement unlikely.

"Mega has zero tolerance for child sexual abuse materials," said Hall. "Any reports result in links being deactivated immediately, the user's account closed and the details provided to the authorities."

"Mega can't act as censor by examining content as it is encrypted at the user's device before being transferred to Mega," he said. "As well as it being technically impossible, it is also practically infeasible for Mega and other major cloud storage providers, with 100s of files being uploaded each second."

It's not the first time Mega has faced security issues. In 2016, hackers claimed to obtain internal Mega documents. Hall said at the time that no user data was compromised.
https://www.zdnet.com/article/thousa...ng-user-files/





Tech Consumers Should Not be Forced to Sacrifice Privacy for Security

• The Consumer Technology Association supports the proposed ENCRYPT Act, which would forbid laws that require manufacturers to weaken encryption or leave "back doors" for law enforcement.
• President and CEO Gary Shapiro argues that weakening encryption weakens privacy for law-abiding consumers.
• Shapiro says that law enforcement already has many means at its disposal to get useful info from tech devices, and doesn't require new laws.

Gary Shapiro, President and CTO of the Consumer Technology Association

We all expect privacy, especially when it comes to our phones. But how do we feel about upholding the privacy of criminals and terrorists? And what should we do if the information needed to catch or prosecute a criminal – or potentially save lives – is locked away in someone’s encrypted phone?

One problem the technology industry has recently faced is the “backdoor encryption” problem – a situation where law enforcement agencies want access to information on digital and mobile devices that may be instrumental in solving a time-sensitive case. The result is a law enforcement request for a “backdoor” to devices from tech companies – a way to bypass a device’s security measures and gain access to protected devices.

In June, a bipartisan team of legislators put forward the ENCRYPT Act (Ensuring National Constitutional Rights for Your Private Telecommunications). The bill, sponsored by Rep. Ted Lieu (D-CA), would restrict state and local governments from requiring backdoors to exist, and also prevent any restriction of encryption capabilities. The goal is to develop a standardized national encryption policy that protects users’ privacy rights. This bill is an encouraging step forward and one supported by the Consumer Technology Association (CTA).

“Having 50 different mandatory state-level encryption standards is bad for security, consumers, innovation and ultimately law enforcement,” Rep. Lieu explained in a statement about the bill. “Encryption exists to protect us from bad actors, and can’t be weakened without also putting every American in harm’s way.”

“End-to-end” encryption, which ensures information exchanged online can be viewed only by the participants in the conversation, is a common offering of internet companies. It assures users their sensitive data will not fall into the hands of hackers. As Sen. Ron Wyden (D-OR) put it, “If you want to be in a safe community, you shouldn’t be able to weaken encryption.”

This protection was put to the test in December 2015 after two shooters opened fire on workers at the San Bernardino, California, Inland Regional Center, killing 14 people. Critical information about the attack was locked in one of the shooter’s iPhones. The FBI asked Apple for access, and Apple refused. The company argued that if the platform’s backdoor “key” leaked, the security of everyone using the platform – including tens of millions of device users in the U.S. – would be compromised. Before a hearing could take place, the FBI was able to unlock the phone with the aid of a third party, but the battle over encryption continues.

The law enforcement community has claimed that laws have not kept pace with innovation, preventing investigators from gaining information necessary to keep us safe. But law enforcement already has access to a vast amount of powerful technology. Tech companies can – and do – work with law enforcement to help obtain data through means that don’t require new technical rules. Apple, for example, has a policy of releasing iCloud backup data when presented with a valid search warrant, and tools such as facial recognition software, iris scans and gait analyses can be invaluable in identifying criminals.

Transparency between law enforcement and tech companies is critical. But law enforcement needs to avoid overreach, and tech companies should clearly explain data protection policies to customers as well as law enforcement agencies.

That way, the privacy and security of millions of law-abiding users won’t be compromised – and their confidence in technology will remain strong. Encryption doesn’t have to be a black-and-white issue. In an ideal world, we won’t have to choose between privacy and security, but instead be able to find ways for the two to coexist.
https://www.cnbc.com/2018/07/13/priv...ommentary.html





4,500 Tech Workers, 1 Mission: Get Democrats Elected
Kevin Roose and Sheera Frenkel

It was four months and eight days until the 2018 midterm elections, and Anna Eskamani had not spent a penny to promote her political campaign online.

Ms. Eskamani, 27, is running to represent Florida’s 47th District in the State Legislature. Like many state-level candidates, she writes her own fund-raising emails and manages her own social media accounts. And with her busy schedule on the campaign trail, advertising online is an afterthought.

“My budget is zero for it right now,” Ms. Eskamani said. “It just hasn’t been necessary.”

One recent morning, Ms. Eskamani attended an hourlong phone conference with volunteers from a group called Tech for Campaigns, who hoped to change her mind.

Dozens of progressive groups are organizing for Democrats in this year’s midterms. But Tech for Campaigns has focused on a particularly challenging assignment: dragging Democratic campaigns into the digital age, before it is too late.

In a year and a half of existence, Tech for Campaigns has become a kind of Democratic Geek Squad — a national volunteer network consisting of more than 4,500 tech workers with day jobs at companies like Google, Facebook, Netflix and Airbnb. These volunteers, who include engineers, marketers and data scientists, are matched with Democratic campaigns across the country to provide training on digital skills, such as how to promote themselves on social media, build their email lists and use data analytics to identify potential donors.

“What’s at stake if we don’t build a true centralized digital arm is falling further behind the Republicans and continuing to lose ground, the battles on key issues and elections at every level,” said Jessica Alter, a co-founder of the group and a longtime tech executive. “If we don’t start now, it will be too late in 2020.”

One of the group’s biggest tasks, Ms. Alter said, is persuading candidates to campaign heavily on social media, rather than relying solely on TV ads and printed mailers. Many Democrats running in 2018 are spending a much smaller percentage of their ad budgets on digital ads than their rivals, sometimes as little as 10 percent versus more than 40 percent for Republicans, according to two political consultants with ties to multiple campaigns.

Tech for Campaigns has advised Democrats in about 60 races since it started, including Justin Nelson, who is running for attorney general in Texas, and Rob Quist, who was narrowly defeated in a special congressional election in Montana last year. The group plans to work with 200 campaigns by the end of the year, with a special focus on helping state-level candidates like Ms. Eskamani, who typically do not have the budgets to hire dedicated digital teams.

“We do a lot of things that digital consultants don’t,” Ms. Alter said. “The most common question we get asked is, ‘What’s the catch?’”

When Ms. Alter started contacting campaigns last year, she was shocked at how prosaic their technology was. Some campaign workers spent hours manually copying and pasting voter information into email lists. Others were not using basic social media capabilities, such as call-to-action buttons that can be used to ask followers to sign a petition, attend an event or make a donation.

“They have all these really ingrained habits from pre-2016 that are very, very hard to unlearn,” Ms. Alter said.

Democrats are often thought to be tech-savvy, because the Obama campaigns of 2008 and 2012 were celebrated for their online touch and because much of Silicon Valley backs the party’s candidates. In fact, Ms. Alter said, Democrats in congressional and state-level races have been outmatched by their Republican rivals, who benefited from the party’s heavy tech investments during the Obama years and their enthusiastic embrace of targeted ads on platforms like Facebook and Google.

“People don’t understand how not far along we are as a party,” Ms. Alter said. “Obama was really good at tech, but it never trickled down to a Senate race, let alone the state-level stuff.”

In 2016, state and federal Republican campaigns outspent Democratic campaigns 3 to 1 on Google ads, according to a presentation made to political ad buyers by Google’s election team. From April to July of that year, the period when many campaigns were building their email lists and garnering early support, Republicans outspent Democrats 20 to 1, according to the presentation, which was obtained by The New York Times. Brad Parscale, the digital marketing executive who developed the Trump campaign’s social media-centric strategy in 2016, has been tapped as his campaign manager for 2020.

Democratic officials say they are catching up. The Democratic National Committee hired Raffi Krikorian, a former Uber executive, as its chief technology officer last year. Dan Sena, the executive director of the Democratic Congressional Campaign Committee, said that the group’s digital budget had tripled, and that the party was “light-years ahead of where it was” in 2016 because of new investments in its digital capabilities. Democrats are also getting help from outside groups like Higher Ground Labs, which finances start-ups that build campaign technology.

Ms. Alter, 38, who sold her start-up last year and now works as an entrepreneur-in-residence at the venture capital firm Social Capital, came up with the idea for a tech volunteer network in early 2017, just after President Trump issued his travel ban targeting residents of several Muslim-majority countries.

Outraged about the policy, and looking for a way to help, she enlisted Peter Kazanjy and Ian Ferguson, two friends in tech who shared her liberal politics. They agreed that Silicon Valley tech workers would jump at the opportunity to apply their technical skills to campaigns. How different is selling a candidate online, after all, from selling shoes or shaving kits?

“This is not rocket science,” Mr. Kazanjy said. “Campaigns are online/offline e-commerce plays, where the transaction is a vote.”

They sent a Google form to their friends in the tech industry to gauge interest. Within three days, more than 700 people had signed up. The group has since grown to more than 4,500 volunteers, raised more than $100,000 in a crowdfunding campaign, and moved into an office in downtown San Francisco that it shares with a venture capital firm.

Nick Hobbs, 29, first heard about Tech for Campaigns while working at Google. Mr. Hobbs, who left the company last year, had always been politically active, but Tech for Campaigns gave him a way to channel his efforts into something productive.

“Instead of coming home and watching Netflix, we come home and go to work,” said Mr. Hobbs, who is helping redesign the campaign website of Elizabeth Thomson, a Democrat running in New Mexico’s 24th District.

Other left-wing advocacy groups, such as Swing Left and Indivisible, are helping to recruit volunteers and generate grass-roots support in competitive districts. Tech for Campaigns sees its role as behind-the-scenes amplification. Its work is mostly remote, and volunteers use a Slack channel to coordinate as well as regular calls with campaign officials.

The group has not been universally welcomed by the party. It has irked some officials and media consultants, whose turf it is edging in on. And the group’s volunteers have learned to give advice to candidates gently, to avoid coming off as arrogant know-it-alls.

“We’re very conscious of Silicon Valley having a savior complex,” Ms. Alter said. “We don’t walk in saying, ‘We’re the experts. Let us run your campaign.’”

Chris Hurst, a first-time politician who was elected to Virginia’s House of Delegates last November, worked with Tech for Campaigns beginning several months before Election Day. The group redid his website, tweaked his online ads and coordinated a mass texting campaign to get out the vote.

In the end, Mr. Hurst defeated his Republican opponent by eight points.

“I know, 100 percent, that they made a difference in our campaign,” said Andrew Whitley, Mr. Hurst’s campaign manager. “I was very surprised these Silicon Valley folks were willing to donate their time like that.”

By the end of the recent conference call, Tech for Campaigns had persuaded Ms. Eskamani, the Florida House candidate, to start running ads on her social media accounts. In the coming days, the group said, it would audit her other social media accounts to see which types of posts generated the best engagement and give her tips for increasing their impact.

Ms. Eskamani gushed with excitement.

“I love it,” she said. “Oh, my gosh, so much structure. It’s great.”
https://www.nytimes.com/2018/07/13/t...democrats.html





Have the Tech Giants Grown Too Powerful? That’s an Easy One
John Herrman

In start-up lore, no figure is more venerated than the tech-world founder. No mere entrepreneur, the founder is unique, sitting above the categories other people might use to order the society around them. In fact, the personage is cast as a sort of revolutionary, proposing big solutions to questions nobody else is even thinking to ask — less often because the questions are too complicated or obscure than because they’re too obvious, too expansive.

In a widely read 2005 essay, Paul Graham, a founder of the start-up incubator Y Combinator and the closest thing the start-up world has to a pre-eminent guru, shared his big idea about ideas: Many of the best ones are questions. “A few grammatical tweaks,” he writes, “and a woefully incomplete idea becomes a promising question to explore.” And many of the best questions are ones that might seem insoluble at first blush. “I found spam intolerable, and I felt it had to be possible to recognize it statistically,” Graham says of his own work. “And it turns out that was all you needed to solve the problem.” The recipe for good questions, he goes on, is simple: “finding the problem intolerable and feeling it must be possible to solve it.”

The easy question is a common start-up origin story: One day, the founder asks, “Why can’t I?” before going on to figure out, though hard work, that he or she actually can. According to Reed Hastings, the question that started Netflix was: Why don’t video stores offer flat membership fees the way health clubs do? Indeed, the stories of many tech giants can be told through the big question they eventually answered. Google: Why isn’t there a good way to rank search results? Facebook: Why aren’t social networks connecting people with real names? Uber: Why can’t I use an app to summon a taxi? Twitter: Why isn’t there a dead-simple way to just publish whatever you want for a gathered audience? In real life, each of these companies had more sinuous origins, with dead ends and discarded ideas. But their successes are easier to grasp when understood in retrospect as complicated answers to big, obvious questions — questions that, once heard, made sense to millions of people.

In 2018, founders have been questioning matters far bigger than search results or video stores: about politics, about culture and about how the world might be reordered in much more radical ways. Most recently, however, the case for “just asking questions” — for finding a problem intolerable and believing there must be some way to fix it — has proved remarkably well suited for a fresh purpose: challenging the tech companies themselves.

In political terms, the dominant tech companies have settled into a sort of permanent revolution. If they were founded to address an easy question, that question has either been answered and forgotten or repeated enough times to convert it into an odd, self-justifying ideology. (See: Facebook’s “Connecting the world.”) The questions became companies, which then, mostly without explicitly deciding to, became institutions. And now, for anyone affected by the tech industry, the most obvious and important questions are about the world that these companies are making.

The first easy question to ask of the big tech companies: What are they, really? Certainly not what they tell consumers they are. Twitter and Facebook are not merely places to hang out with or meet people, or competitors with the news media, but entirely new forms of discourse built around centralized advertising marketplaces. Uber is not a car company but an attempt to build a new private transit layer over the places in which it operates. Amazon is not a competitor to bookstores or brick-and-mortar retail — or even a store of any kind — but a new logistical model for the exchange and transport of goods, media and services.

This leads to other obvious questions. How does Facebook make money while connecting the world? (Many, many ways, most of which involve advertising transactions in which users have a passive role.) How does Facebook decide what to show me next? (Using many “signals” and algorithms that you’ll just have to trust were written to show you what’s most relevant.) How does Twitter decide which users are suspended as it recreates public discourse? (According to inconsistently enforced rules and with the help of a large, invisible contract labor force.) Are Uber drivers employees? (Strictly speaking, no.)

Other questions are more technical. An easy question with a hard answer: Who owns the content I upload to Instagram? (You do — except you have granted Instagram a license to use it for almost any purpose.) Is Instagram listening to me? Because these ads are kind of creeping me out. (No, but the company partners with other firms that collect information about your online behavior, so if for instance you talked about something, then searched for it on your phone in a different app, maybe it could end up helping Instagram serve an ad, so, well, yes, but not literally, no, it is not listening to your spoken words.) O.K., then, what about my Echo — is my Amazon Echo always listening to me? (No — well, only so it can hear when you say “Alexa.” So, yes?) So is my Echo listening when, for example, I’m having sex? (Again, no, only for the word “Alexa,” so, well, actually yes.)

The companies most vulnerable to easy questions tend to be the ones that can no longer be understood in terms of former competitors or current peers — because they don’t really have any. Google doesn’t have to worry about losing its users; it simply wants them to use Google more and to use more Google products. Vindicated by growth, these businesses take the liberty to redesign more of our online lives than any of us have asked for. As with Facebook, and to some extent now Amazon, there is no overarching pitch to its users beyond: Where else could you possibly go?

With impressive speed, companies founded to confront “intolerable” problems that it “must be possible to solve” have become intolerable in ways obvious to everyone but them. When Mark Zuckerberg was summoned in front of American and European lawmakers, the hardest questions to answer were some of the easiest to ask: Would Mr. Zuckerberg, whose company trades in such information, be comfortable sharing with the world the name of the hotel he stayed at last night, or the people he messaged with this week? (No, of course not.) How does Facebook make money? (An unilluminating “We run ads.”) Does Facebook have any competitors, really? (Sure, like ... email?)

There are companies that are mostly immune to the easy-question-hard-answer dynamic. Easy questions about Netflix, for one, tend to have easy answers: You pay; they stream. Most obvious questions about Apple can be answered by pointing out that it would like to sell you expensive items on a fairly regular basis. What these more straightforward companies have in common is that their founding questions doubled as consumer rallying cries — they asked, and continued to ask, about things that their customers need, or at least want, and tend to understand.

But for the rest of the tech giants, the easy questions have much harder answers. As these companies grew, they did more than just vanquish their competition. Their growth and free-service benevolence succeeded at making the very idea of competitors’ challenging their efforts — the industry’s traditional way to solve the problems they’ve created — seem unnecessary or even counterproductive. They’ve ducked the easy questions for so long that it’s reasonable to suspect that they doubt we will like the answers.
https://www.nytimes.com/2018/07/11/m...nts-power.html





Google Chrome Has A Nasty Surprise
Gordon Kelly

With over 60% market share, Chrome is the undisputed king of web browsers. A key factor behind this is Google ’s commitment to keeping it seamlessly updated with essential fixes and optimisations, but now the company has admitted Chrome’s latest upgrade comes with an unavoidable nasty surprise…

‘Great Secret Features’ and ‘Nasty Surprises’ are my regular columns investigating the best features / biggest problems hidden behind the headlines.

Chrome's new user interface is coming soon, but another problem has arrived firstGoogle

In a blog post, Google has admitted the newest version of Chrome rolling out to customers worldwide is going to consume up to 13% more of your system memory. For a browser whose biggest failing has long been its excessive memory consumption (1,2,3,4,5), this is the last thing users will want. Especially those with older systems and less RAM.

Google also confirmed this is a cross-platform change and will apply to Chrome on Windows, Mac, Linux, and Chrome OS. The last of these could be particularly impacted as Chrome OS systems often ship with only 4-8GB of RAM.

So why has Google done this?

It’s all in the name of security. The new, more bloated Chrome contains a feature called ‘Site Isolation’ which combats the serious Spectre vulnerability which exposes computers at a chip level.

“Site Isolation is a significant change to Chrome’s behavior under the hood, but it generally shouldn’t cause visible changes for most users or web developers (beyond a few known issues),” explains Chrome software engineer Charlie Reis in the blog point.

“It simply offers more protection between websites behind the scenes. Site Isolation does cause Chrome to create more renderer processes, which comes with performance tradeoffs: on the plus side, each renderer process is smaller, shorter-lived, and has less contention internally, but there is about a 10-13% total memory overhead in real workloads due to the larger number of processes.”

Site Isolation splits a single across multiple renderer processes to boost securityGoogle

Reis says his team “continues to work hard to optimize this behavior to keep Chrome both fast and secure” but for now everyone is just going to have to bite the bullet.

What’s more, if you are concerned about system performance, there’s nothing you can do to opt out. Reis says Site Isolation will be enabled for 99% of users across all platforms with just 1% held back as a test group.

What about mobile platforms? In a tweet, Google Chrome security specialist Justin Schuh says a version is being made for Android but has yet to be shipped due to “resource consumption issues.”

Ultimately, Google is right to do everything in its power to mitigate Spectre. It’s just unfortunate that the method chosen will impact the computers of users who are least likely to afford an upgrade...
https://www.forbes.com/sites/gordonk...inux-chromeos/





Rights Group Questions DEA Exploit of Encrypted Cellphones
Frank Bajak

In the first known case of its kind, U.S. drug agents supplied unwitting cocaine-trafficking suspects in California with smartphones they thought were encrypted but had been rigged to allow eavesdropping, Human Rights Watch reported Friday.

The advocacy group said it feared the technique could be abused to violate the privacy of non-criminals.

"I think there are real debates to be had as to whether that is lawful or should be lawful," said HRW researcher Sarah St. Vincent. "They could use this on peaceful protesters, (though) there's no evidence of that."

Human Rights Watch called on the Drug Enforcement Administration to explain whether the technique — employed in a 2012 southern California case involving a Canadian operating out of Puerto Vallarta, Mexico — is still being employed and whether its use is widespread.

The Canadian, John Krokos, pleaded guilty in 2015 to related felony charges with Los Angeles-based associates. He was sentenced to 138 months in prison.

DEA spokesman Wade Sparks in Washington, D.C., said at least one defendant is still awaiting trial.

"We can't comment on the case or any of the techniques used until the case is fully adjudicated," Sparks said, adding that the DEA was not going to "give out investigative techniques one way or the other, especially with ongoing cases awaiting adjudication."

Court papers indicate undercover federal agents first supplied Krokos' group with compromised Blackberry cellphones in 2010. Encrypted emails and other communications that the defendants thought were private were instead intercepted by law officers because they had decryption keys.

"I believe that, since the (Blackberries) had encryption technology on them, Krokos felt relatively safe in communicating over the devices," a DEA agent who provided the phones to ring members said in an affidavit.

Available court documents suggest the DEA may not have obtained court orders for the wiretapping until after the booby-trapped devices had been delivered in exchanges typically occurring in parking lots in southern California.

Sparks would not comment on the issue: "The courts will determine that. That's why the courts exist,"

The DEA also prevented the defendants from buying non-compromised encrypted BlackBerry devices from other sellers, including by arranging for their interception in Mexico, court papers show.

Human Rights Watch said Blackberry, the phone's maker and service provider, said it had no involvement in the DEA operation and no ability to decrypt the encrypted phones used because the keys are controlled by the customer. The company did not respond Friday to an emailed request for comment or a phone message.

The FBI has recently renewed its push to persuade technology companies to give it a back door into encrypted devices for use in criminal investigations. Companies led by Apple have resisted the campaign, noting that such back doors can also be exploited by data thieves.
https://apnews.com/9da49f7e8068442885a418f65f119878





EFF to Japan: Reject Website Blocking
Katharine Trendacosta

Website blocking to deal with alleged copyright infringement is like cutting off your hand to deal with a papercut. Sure, you don’t have a papercut anymore, but you’ve also lost a lot more than you’ve gained. The latest country to consider a website blocking proposal is Japan, and EFF has responded to the call for comment by sharing all the reasons that cutting off websites is a terrible solution for copyright violations.

In response to infringement of copyrighted material, specifically citing a concern for manga, the government of Japan began work on a proposal that would make certain websites inaccessible in Japan. We’ve seen proposals like this before, most recently in the European Union’s Article 13.

In response to Japan’s proposal, EFF explained that website blocking is not effective at the stated goal of protecting artists and their work. First, it can be easily circumvented. Second, it ends up capturing a lot of lawful expression. Blocking an entire website does not distinguish between legal and illegal content, punishing both equally. Blocking and filtering by governments has frequently been found to violate national and international principles of free expression [pdf].

EFF also shared the research leading Internet engineers did in response to a potential U.S. law that would have enabled website blocking. They said that website blocking would lead to network errors and security problems.

According to numerous studies, the best answer to the problem of online infringement is providing easy, lawful alternatives. Doing this also has the benefit of not penalizing legitimate expression the way blocking does.

Quite simply, website blocking doesn’t work, violates the right to free expression, and breaks the Internet. Japan shouldn’t go down this path but look to proven alternatives.
https://www.eff.org/deeplinks/2018/0...bsite-blocking





FBI Director: Without Compromise on Encryption, Legislation May be the 'Remedy'
Patrick Howell O'Neill

FBI Director Christopher Wray said Wednesday that unless the U.S. government and private industry are able to come to a compromise on the issue of default encryption on consumer devices, legislation may be how the debate is ultimately decided.

“I think there should be [room for compromise],” Wray said Wednesday night at a national security conference in Aspen, Colorado. “I don’t want to characterize private conversations we’re having with people in the industry. We’re not there yet for sure. And if we can’t get there, there may be other remedies, like legislation, that would have to come to bear.”

Wray described the issue of “Going Dark” because of encryption as a “significant” and “growing” problem for federal, state and local law enforcement as well as foreign law enforcement and intelligence agencies. He claims strong encryption on mobile phones keeps law enforcement from gaining access to key evidence as it relates to active criminal investigations.

“People are less safe as a result of it,” he said.

The encryption debate became mainstream when in 2015, after a terrorist attack in San Bernardino, California, the FBI was unable to gain access to the shooter’s iPhone. At the time, former FBI Director James Comey attempted to convince Apple to write new software that would allow the U.S. government to break into the locked phone. Apple resisted and the fight gained the national spotlight. Then-candidate Donald Trump called for a boycott of Apple.

Comey made many of the same arguments as Wray, asserting that the government’s lack of access to locked iPhones put public safety in jeopardy.

The FBI had claimed investigators were locked out of nearly 8,000 devices in 2017. That number it turns out was enormously exaggerated due to an internal reporting error.

Apple CEO Tim Cook has for years been a vocal defender of strong encryption, positioning Apple as a privacy-first technology company in stark contrast to some of its competitors and detractors.

“Like many of you, we at Apple reject the idea that our customers should have to make tradeoffs between privacy and security,” Cook said in a 2015 speech in the capital. “We can, and we must provide both in equal measure. We believe that people have a fundamental right to privacy. The American people demand it, the constitution demands it, morality demands it.”

In an April 2018 interview on the topic, Cook said that “the only way to protect your data is to encrypt it. There is no other way known today. And so, if I were you, I would do business with no one that wasn’t doing that. Now, it is a thorny issue from a law enforcement point of view, because they may want to know what you’re saying, and I don’t have access to what you’re saying. And my view is kind of simple, is I don’t think that you as a user expect me to know what you’re telling people, right?”

Reflecting back on the high-profile legal battles over encryption in 2015 and 2016, Cook said Apple would continue to refuse and fight any attempt to compel them to create software that would force open a phone.

“If that same circumstance rose again, we would fight,” Cook said earlier this year. “Because this is a value of America, right? You should not be able to compel somebody to write something that is bad for civilization. Right? This is a fundamental wrong.”

An industry of cell phone hacking companies is more profitable than ever as a result of increased demand from governments around the world. Cellebrite and GrayShift are the two most well known mobile forensics companies in the world.

Apple recently introduced a new security feature popularly known as ‘USB Restricted Mode’ that restricts data access via USB devices, exactly the kind of tools mobile forensics companies use to break into iPhones. A workaround to Apple’s new feature was quickly found; a back and forth that highlights the ongoing arms race for protection and exploitation of mobile encryption security.

“But I really do believe that if people come at it with a goal that I think we all share of having both strong cybersecurity and protecting flesh-and-blood Americans — again, there’s a way to do this,” Wray said on Wednesday. “We’re a country that has unbelievable innovation. We put a man on thermion. We have autonomous vehicles. The number of things that are created every day in this country really defies imagination sometimes. And so the idea that we can’t solve this problem as a society — I just don’t buy it.”

In April, CyberScoop reported that the Senate Judiciary Committee was in the early stages of writing encryption legislation, having already spoken with multiple large American tech companies through their policy teams in D.C..
https://www.cyberscoop.com/fbi-direc...on-may-remedy/





How GPS Can Track You, Even When You Turn It Off

• A team of Northeastern University researchers recently found a way to track people with cellphones with GPS capabilities turned off.
• “People don't really realize that their mobile phone, with access to all these sensors, is, in some sense, potentially like the best spying device you can imagine," one researcher told CNBC.

Jennifer Schlesinger, Andrea Day

Could someone be tracking you as you drive around your city or town?

You may think turning off your smartphone’s location will prevent this, but researchers from Northeastern University in Boston found that isn’t always the case.

“Not a lot of people are aware of this problem. Mainly because when we think about location, we associate it with the GPS on the phone,” said Sashank Narain a postdoctoral researcher at Northeastern.

In a test, Narain and his team were able to track people driving through Boston, Waltham, Massachusetts, and London. Traditional locators, like GPS were turned off — so the researchers used other sensors.

“The goal of our project is to make people aware that vulnerabilities such as these exist, and they should be taken care of,” Narain added.

Guevara Noubir, a professor at Northeastern University who was involved in the research and also directs Northeastern’s Cybersecurity & Information Assurance Graduate Program, told CNBC that “there’s a whole area, what's called the side channel attacks, where you use side information to infer something that can have an impact on security,” and specifically, privacy.

‘Best spying device’

Using Android phones running Google’s operating system, the researchers did the tracking using sensors in smartphones that were not designed to track location. Those tools included an accelerometer, which tracks how fast a phone is moving, a magnetometer, which works like a digital compass, and a gyroscope, which tracks rotation.

These sensors are responsible for things like changing the screen orientation from horizontal to vertical when the phone is moved.

“People don't really realize that their mobile phone, with access to all these sensors, is, in some sense, potentially like the best spying device you can imagine…” Noubir said.

In order to track the test subjects, the researchers had them download what seemed to be a flash light app — but actually was gathering sensor data.

“You need to have an app installed on the phone, but once that is done, all the other processes… [are] automatic,” Narain said.

Right now, the techniques used by the researchers work best in certain cities.

“In a place like Boston, which has a lot of unique turns and very curvy roads, you can get an accuracy of up to 50 percent of guessing the user's location in the top five search results. In case of a place like Manhattan, which is mostly grid-like, it's much more difficult,” Narain said.

The ability to track gets easier with more information.

“If you were to travel the same path every day, we have extremely high probability to guess where you live, where you work and what trajectories you took. Extremely high meaning that on repeated paths more than 90 percent,” Noubir said.

The researchers were surprised by the results and expect more accuracy over time.

“We were not honestly expecting such high accuracies,” he said. “As the sophistication of these sensors on smartphones improve, as they become more and more accurate, this may become a primary means of invading users' privacy.”

Although Northeastern used Android phones, Noubir said the hack “applies also to iPhones, because they have similar kind of permissions for the sensors and so on.”

In a statement to CNBC, a Google spokesperson said that Android P, its latest operating system, “restricts access to sensors such as accelerometers and gyroscopes. Smartphone sensors do not directly provide user location data, and this research highlights just how difficult it would be to use these sensors for location tracking.”

Apple declined to comment to CNBC.

To protect yourself, users should only download apps from Google and Apple’s official stores. Also, make sure your operating system is up to date.
https://www.cnbc.com/2018/07/13/gps-...rn-it-off.html





Americans Can Legally Download 3-D Printed Guns Starting Next Month
David Williams

Gun-rights activists have reached a settlement with the government that will allow them to post 3-D printable gun plans online starting August 1.

The settlement ends a multi-year legal battle that started when Cody Wilson, who describes himself as a post-left anarchist, posted plans for a 3-D printed handgun he called "The Liberator" in 2013.

The single-shot pistol was made almost entirely out of of ABS plastic -- the same stuff they make Lego bricks out of -- that could be made on a 3-D printer. The only metal parts were the firing pin and a piece of metal included to comply with the Undetectable Firearms Act.

The US State Department told Wilson and his non-profit group Defense Distributed to take down the plans. It said the plans could violate International Traffic in Arms Regulations (ITAR), which regulate the export of defense materials, services and technical data.

In essence, officials said someone in another country -- a country the US doesn't sell weapons to -- could download the material and make their own gun.

Wilson complied, but said the files already had been downloaded a million times.

He sued the federal government in 2015.

U.S. requires group to remove 3D gun instructions from its website

The settlement

The settlement, which is dated June 29, says that Wilson and Defense Distributed can publish plans, files and 3-D drawings in any form and exempts them from the export restrictions. The government also agreed to pay almost $40,000 of Wilson's legal fees and to refund some registration fees.

The settlement has not been made public, but Wilson's attorneys provided a copy to CNN.

"We asked for the Moon and we figured the government would reject it, but they didn't want to go to trial," said Alan M. Gottlieb with the Second Amendment Foundation, which helped in the case. "The government fought us all the way and then all of the sudden folded their tent."

Gottlieb said they filed the lawsuit during the Obama administration, but he doesn't think that explains the change of heart.

"These were all career people that we were dealing with. I don't think there was anything political about it," he said.

Avery Gardiner, the co-president of the Brady Campaign to Prevent Gun Violence, said she'd be astonished if the settlement wasn't approved by political appointees.

"We were shocked and disappointed that the Trump administration would make a secret backroom deal with very little notice," Gardiner said. She said she found out about the settlement from a magazine article.

The group has filed a Freedom of Information Act request for emails and other documents related to the settlement.

Josh Blackman, Wilson's attorney, said he wished the settlement signaled a philosophical change.

"They were going to lose this case," Blackman said. "If the government litigated this case and they lost this decision could be used to challenge other kinds of gun control laws."

The implications

Do-it-yourself firearms like The Liberator have been nicknamed "Ghost Guns" because they don't have serial numbers and are untraceable.

Wilson has built a website where people will be able to download The Liberator and digital files for an AR-15 lower receiver, a complete Baretta M9 handgun and other firearms. Users will also be able to share their own designs for guns, magazines and other accessories.

He says the files will be a good resource for builders, even though it's not yet practical for most people to 3-D print most of the guns.

"It's still out of reach for them. We'll get to watch it all develop," Wilson said. "The plans will be here when that moment comes."

For Wilson and his supporters, the ability to build unregulated and untraceable guns will make it much harder, if not impossible for governments to ban them.

Gardiner fears it will make it easier for terrorists and people who are too dangerous to pass criminal background checks to get their hands on guns.

"I think everybody in America ought to be terrified about that."

The fact that high end 3-D printers are still too expensive for most people doesn't ease her concerns.

"The people who make them will be state actors or well financed criminal cartels who have the ability to execute well organized criminal attacks in the United States and elsewhere," she said.

She said that providing the plans to anyone in the world, who has Internet access is a national security threat.

The Defense Distributed website proclaims that "the age of the downloadable gun formally begins."
https://www.cnn.com/2018/07/19/us/3d...rnd/index.html

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

July 14th, July 7th, June 30th, June 23rd

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
__________________
Thanks For Sharing
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 30th, '11 JackSpratts Peer to Peer 0 27-07-11 06:58 AM
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 05:06 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)