P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 28-08-13, 07:37 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - August 31st, '13

Since 2002


































"Today’s historic legislation will support our innovative technology industry, and sends a clear message to the rest of the world that New Zealand won’t tolerate the vexatious practice of ‘patent trolls’." – Paul Matthews






































August 31st, 2013




Survey Bay Releases File-Sharing Data Online
Emma Woollacott

The Cybernorms Research Group at Sweden’s Lund University is working on its third massive study of the habits of file sharers, and is planning to make the full data from all three surveys available free online.

In collaboration with The Pirate Bay, it’s collecting data on the reasons people share copyrighted material and how they regard the legal implications. The aim of the Survey Bay project is to give policymakers more information – and, of course, influence their decision-making too.

“We felt the discussion and the research that was being done was lacking insight on the actual demographics of the file sharing community,” says Marcin de Kaminski, an internet researcher at the Lund University Internet Institute and the Cybernorms Research Group.

“What has been lacking is an understanding of what’s actually going on; it’s been based primarily on rumors or made-up facts about how things are online.”

The reponses that the group’s had so far tend to be, as you might expect, overwhelmingly concerned with justification for file sharing. Many users cite a ‘try before you buy’ attitude, indicating that not all illegal sharing actually represents a lost sale.

Others complain that the material they want to access isn’t available in any other way, or that their low income puts it out of reach.

“The motivation for file sharing is different between different countries. It’s quite obvious that in the US and Europe it seems to be a question of ease of access, maybe getting the latest movies and TV shows. The release dates of television series are still very domestically controlled,” says de Kaminski.

“Also, a lot of responses from other countries show that there it tends to be more about accessing information at all – it might be hard to get the content in a legal way.”

Digital Rights Management comes in for particular vitriol. “If there is a choice between DRM-protected copy of media in the store and non-protected media online, online always wins. (No need to activate, no problems with limited number of re-installs, no problem with selling used copies!)” reads one comment.

One very visible trend is the tendency for file sharers to present themselves as brave fighters for freedom, combatting repressive media interests. There’s great pessimism about the prospects of legal reforms – but confidence that, whatever the state of the law, file sharing will continue and even increase.

“People are getting more and more prepared to access The Pirate Bay, even though their internet provider may have locked it,” says de Kaminski. “Even though repressive actions are getting stronger in some countries, it’s really not affecting the amount of file sharing, as people are using techniques like virtual private networks.”

The data is available here.
http://www.forbes.com/sites/emmawool...g-data-online/





Dropbox, CharTec Partner on Cloud-Based File Sharing
Joe Panettieri

CharTec will act as a distributor of sorts for DropBox, the cloud-based file sharing service, MSPmentor has confirmed.

Dropbox, the cloud-based file sharing and document management giant, has inked a partnership with CharTec, MSPmentor has confirmed. CharTec, which promotes hardware as a service and MSP sales training, will promote the Dropbox service to its partner network.

According to a prepared statement from both companies:

"CharTec's partnership with Dropbox offers a unique opportunity for CharTec Partners to join the Dropbox Partner Network, where they will receive discounts on Dropbox for Business and earn recurring revenue."

File sharing services and related partner programs have flooded the IT channel in recent months. In addition to established giants like Box and DropBox, there are upstart offerings like Anchor, Egnyte HybridCloud, LogMeIn Cubby, Novell Filr and plenty more.

But DropBox ranks among the best-known options and the company's growing partner program seems to have momentum. True believers include TechSquad IT, an MSP in Waukesha, Wis., that now offers Dropbox to its SMB customers.

Chatter about the CharTec relationship has been moving about the channel for several weeks, and has now been confirmed. CharTec is an interesting partner because the company has a loyal following of MSPs that participate in CharTec Academy.

Moreover, CharTec's business relationship with ConnectWise could, in theory, lead DropBox to extend its footprint into the IT Nation community -- which typically leverages ConnectWise, CharTec, LabTech Software and/or Quosal solutions.
http://mspmentor.net/managed-storage...d-file-sharing





SD Times Blog: Researchers Successfully Reverse-Engineer Dropbox
Rob Marvin

No encryption is impenetrable. Hackers and researchers prove it every day, cracking some highly touted security measure thought to be too complex, too fortified to ever be breached.

The latest site to fall is Dropbox, the popular file-hosting service where more than 100 million users upload more than a billion files each day. Developers Dhiru Kholia and Przemyslaw Wegrzyn reverse-engineered Dropbox, a heavily obfuscated—or deliberately unintelligible—application, written in Python.

Once successfully reverse-engineered, the researchers were capable of hijacking Dropbox to intercept SSL traffic from its servers, bypass two-factor authentication and create open-source Dropbox clients. Of course they didn’t; they’re researchers, not hackers.

They did however describe their reverse-engineering method step by step, giving anyone with enough skill the knowledge to try the same method with any of the countless other sites, programs and applications written in Python: NASA, Minecraft, Django, OpenStack and a host of Google products, to name just a few.

“We show how to unpack, decrypt and decompile Dropbox from scratch and in full detail,” they wrote in their research paper. “This paper presents new and generic techniques to reverse-engineer frozen Python applications. Once you have the de-compiled source code, it is possible to study how Dropbox works in detail.”

Kholia and Wegrzyn presented the paper, "Looking inside the (drop) box," at USENIX 2013, explaining how they were able to best the heavily obfuscated code.

“The client consists of a modified Python interpreter [that is] running obfuscated Python bytecode,” they wrote. “However, Dropbox being a proprietary platform, no source code is available for these clients. Moreover, the API being used by the various Dropbox clients is not documented.”

Kholia and Wegrzyn have noticed, however, that Dropbox shored up many of its attack vulnerabilities with each successive update. A hole in the “Launch Dropbox Website” feature, for instance, has been patched since the researchers exploited it.

“We have observed that the latest versions of Dropbox client do not use this tray_login mechanism (in order to allow the user to automatically log in to the website),” they wrote. “They now rely on heavier obfuscation and random nonces (received from the server) to generate those auto-login URLs.”

Thus far, Dropbox has tried to keep reverse-engineering at bay with anti-reversing measures running proprietary and frozen code, but the researchers view these temporary fixes as fool’s errands. They admit the techniques they described are generic enough for reversing other frozen Python applications, and anti-reversing measures won’t stop them.

“We wonder what Dropbox aims to gain by employing such anti-reversing measures,” wrote Kholia and Wegrzyn. “Most of Dropbox’s ‘secret sauce’ is on the server-side, which is already well protected. We do not believe these anti-reverse-engineering measures are beneficial for Dropbox users and for Dropbox.”

The researchers reverse-engineered Dropbox for the greater good, hoping their work inspires the security community to “write an open-source Dropbox client, refine the techniques presented in this paper, and conduct research into other cloud-based storage systems.”

Yet they also liken the relationship between software security and reverse-engineering to an arms race, and one that is only escalating.

“We believe that the arms race between software protection and software reverse-engineering will go on,” they wrote. “Protecting software against reverse-engineering is hard, but it is definitely possible to make the process of reverse-engineering even harder.”
http://sdt.bz/64049





Dropbox, Box Alternatives: Too Many File Sync, Sharing Options?
Joe Panettieri

A growing list of Box and Dropbox alternatives are surfacing in the file syncing and sharing market. But what are the best options for Managed Services Providers (MSPs) that want to generate recurring revenue in this market?

Generally speaking: Customer choice is good for businesses and MSPs. But the number of Dropbox and Box alernatives for business seems to be skyrocketing. File syncing and sharing is certainly a hot market. But is there enough business to keep all of these solutions afloat? That's a critically important question as managed services providers (MSPs) seek recurring revenue in this market while making recommendations to end customers.

First, the big picture: Box and Dropbox are pushing beyond their consumer heritage and certainly have business momentum. As of October 2012 Box had more than 14 million users and was in 92 percent of Fortune 500 companies, the vendor claimed. Dropbox, meanwhile, as of December 2012 claimed to have more than 100 million users -- including 95 percent of the Fortune 500.

Those numbers are impressive but also a bit misleading. If Joe Smith is a 22-year-old receptionist in a Fortune 500 company running Box or Dropbox, he counts toward that high Fortune 500 penetration figure. Read between the lines: There are millions of users -- in the Fortune 500, Global 2000, midmarket and small business sectors -- still up for grabs.

That's where VARs, MSPs and market alternatives enter the picture. Dropbox has been particularly aggressive engaging MSPs to increase its market penetration. One recent move involves a partnership with CharTec -- the MSP educator and hardware as a service (HaaS) specialist, which will promote Dropbox to its partner base.
File Sync, Sharing Company & Product List

Still, market alternatives are emerging by the truckload. A few quick examples:

• Amazon Cloud Drive: Some MSPs consider Amazon the enemy. I disagree. But I'm not sure if/how MSPs can monetize and control Cloud Drive for their customers.

• Anchor: Launched by MSP veterans. The company tends to have a heavy presence at MSP conferences.

• BitTorrent Sync: I'm not a user but people keep mentioning it to me.

• Egnyte: Focused on enterprise file sharing -- with a growing focus on MSPs as partners.

• eFolder: Better known for its BDR solution in the MSP industry, you may notice eFolder Cloud File Sync now heavily promoted by the company.

• Google Drive: I'm not sure this fits specifically into this market segment. But I'm a big user. As is Brett Martin, who told me this has to be on the shortlist.

• LogMeIn Cubby: A pretty new solution. Plus MSP industry veterans like Ted Roller and Shannon Kohn have joined the LogMeIn channel team.

• Microsoft Sky Drive: Popular but is a name change forthcoming?

• SecuriSync: From Intermedia, the hosted Exchange and cloud office company that works closely with MSPs and VARs.

• SugerSync: During a Google Plus conversation, Todd Wahl told me he was an avid SugarSync User.

• TeamDrive: They promote end-to-end encryption...

• Wuala: Never seen it, never used it. But people are talking...

Whom did I miss? What's hot? What's not? I'm all ears...

As you navigate the solutions above keep in mind:

• Some of the solutions lack true partner programs or don't have a clear way for MSPs to generate recurring revenue. Plus, who controls the end-customer pricing, billing and branding?

• Many of the solutions don't yet integrate with traditional MSP software platforms.

• If the file sharing service disappears or go dark, how do customers recover their files?

• Who holds the keys to the file sharing accounts? You? Your customers?

I'm eager to learn more. Beyond Box and Dropbox I don't have a good feel for installed base -- particularly in the channel. Readers, I'm all ears: Educate me...
http://mspmentor.net/cloud-computing...haring-options





New Benchmarks Validate Egnyte as World's Fastest File Sharing Platform for the Enterprise

Latest Numbers Verify Egnyte Solution Dramatically Outpaces All Cloud-only File Sharing Solutions
Press release

Egnyte today released its new benchmark results* confirming that its market-leading file sharing sync and storage platform for the enterprise is the fastest solution on the market today. These results from Egnyte’s testing validate the superiority of Egnyte’s unique solution over all other single user desktop sync products and cloud-only solutions currently on the market.

Egnyte’s own statistics show that in a typical company, business users edit approximately 10% of their total files on a regular basis. Egnyte just syncs the changes using its own block delta sync technology, so 1/10 of the file is actually sent over the network. Cloud-only solutions must sync the entire file. The comparable results are dramatic: for 50GB of data, Egnyte can sync the changes in just 7 minutes vs. an average 72 hours for its main competitors. This underscores the dramatic bandwidth needs of cloud-only file sharing solutions when compared with Egnyte’s solution, which offers the unique ability to efficiently sync on-premise storage with cloud storage.

50GB equates to around 5,000 songs, 600 short videos, 20,000 photographs, 50,000 documents or any combination of such files. Across a medium-sized business, it’s not unrealistic for 100 users to sync 50GB in files on a regular basis.

Beyond speed, there is also a significant network cost element of cloud-only file sharing. An office with a standard Internet network connection of 20Mbps will typically pay $500 per month on average. While the Egnyte storage sync solution easily works within available network bandwidth, a cloud-only solution would quickly saturate this network connection when trying to maintain a comparable file sharing performance. Egnyte’s benchmark report calculates customers with a competitor’s cloud-only solution would have to pay up to $6000+/month to acquire an additional 420 Mbps/month to handle an equivalent amount of traffic.

“These results validate why more than half of our 30,000 customers leverage a combination of on-premise storage and cloud storage,” said Vineet Jain, CEO of Egnyte. “Collaboration happens anywhere business is conducted and its unacceptable to slow down the pace of business with technical issues such as network latency or unpredictable Internet connections. I firmly believe our solution offers the best combination of cloud and on-premise capabilities to ensure that no matter where you are, you can get quick, secure and reliable access to the information you need.”
http://www.prweb.com/releases/2013/8/prweb11063977.htm





SendThisFile Lifts File Sharing Barriers By Allowing Free File Downloads With No Account
Press release

SendThisFile today is announcing the ability to download shared files without an account. With SendThisFile, users can send large files online by uploading files to secure file servers, and then sharing the file download links.

"Our competitors require an account for their website before a user can download a file," said John Stephens, SendThisFile VP of Operations. "SendThisFile does not require an account to download shared files."

By not requiring an account to download files, SendThisFile eliminates a common complaint from end users.

"Not requiring an account to download a file is very important for businesses and professionals," said Scott Sexton, SendThisFile VP of Business Development. "It vastly reduces the friction associated with file transfers and improves user productivity. Users really like it."

At SendThisFile, file privacy and security are determined by the file sharer. Users who send large files can scale the level of file download security based on their need. File sharers can choose from public sharing, optional password protection, or optionally requiring a verified email address. All file transfers are protected by 128-bit SSL encryption security.

Downloading shared files without an account is available today to all SendThisFile customers.
http://www.openpr.com/news/254306/Se...2001f4cb2ee0f9





SolarWinds Introduces Secure File Sharing for the Enterprise
Press release

SolarWinds (NYSE: SWI), a leading provider of powerful and affordable IT management software, today announced new secure file sharing capabilities to its managed file transfer solution, SolarWinds Serv-U Managed File Transfer (MFT) Server.

Organizations can now facilitate secure exchange of information by hosting the file sharing solution within their own data center or private cloud, thus protecting data alternatively stored in a third party cloud application from falling into the wrong hands.

SolarWinds Serv-U MFT Server provides simple and secure file transfer - and now file sharing - hosted on Windows and Linux machines. SolarWinds Serv-U MFT Server enables users to support file uploads and downloads using FTP, FTPS, SFTP, HTTP and HTTPS over IPv4 or IPv6 networks. Administrators can control access to files, monitor activity, automate notifications, and configure from any location through a secure Web management console.

New File Sharing Capabilities

With SolarWinds Serv-U MFT Server's new secure file sharing capabilities, IT pros can safely send files to or request files from anyone through an easy-to-use Web interface client or any Web browser. Users can opt to set expiration dates or passwords and add messages to the recipient of their uploaded files. SolarWinds Serv-U MFT Server then sends a link to the file that recipients can access on secure Web pages. Users can also share the links via email, instant message, or social media.

While several popular third-party file sharing sites allow users to send and receive files easily, SolarWinds Serv-U MFT Server offers a uniquely secure file sharing system for the enterprise by keeping shared data within the data center or private cloud. SolarWinds Serv-U MFT Server integrates with Active Directory, permitting authentication or provisioning of an entire company or of specific departments, and administrators can apply their own security policies, procedures, monitors, and controls to abide by company security standards.

SolarWinds Serv-U MFT Server Highlights:

Upload, download and view files using any Web browser and most mobile devices

Automate transfers from any platform using existing FTP/S or SFTP (SSH) clients

Secure partner data exchanges with FIPS 140-2 validated cryptography and DMZ gateways

Send email or run scripts when files arrive, lockouts occur, or other events fire

Control and monitor bandwidth, access, quotas, and dozens of other attributes

SolarWinds Serv-U MFT Server is available now starting at $2,995 for unlimited users and includes a year of maintenance. For more information, including a downloadable, free 30-day evaluation trial, visit the Serv-U websiteor call 855.498.4154.

Additional Resources:

Video: Secure File Sharing with SolarWinds Serv-U MFT Server

Webinar: Introduction to Secure File Sharing with Serv-U MFT Server
http://www.hispanicbusiness.com/2013...haring_for.htm





Microsoft Updates SkyDrive Pro with 25 GB of Storage, Better Sharing, and More

Just in time too, I just hit the old 7 GB limit
Paul Thurrott

Microsoft today announced a major update to the SkyDrive Pro service that ships as part of the business versions of Office 365: Users will each get a lot more storage, the ability to buy more storage, and other changes, like improved sharing functionality.

This update comes in the nick of time: I just hit the old 7 GB per user storage limit on my own SkyDrive Pro account, and since Microsoft didn't offer any way to upgrade, I was sort of stuck. (Side story that needs to be written: A huge chunk of that storage space was used up by the SkyDrive Pro Recycle Bin, which is ill-understood, hard to find, and almost impossible to clear out. More on that soon.)

Anyway, here's what's changing.

SkyDrive Pro storage: From 7 GB per user to 25 GB per user

Microsoft is raising the default per-user storage limit in SkyDrive Pro from 7 GB to 25 GB (for both new and existing customers). This means that each Office 365 (business) user now gets a minimum of 50 GB of space associated with their account: 25 GB for SkyDrive Pro, 25 GB for email. (Plus, each Office 365 customer gets an additional 5 GB of storage per site mailbox.)

That's just good stuff. But you should know that there is a limit of 20,000 documents for personal document libraries and 5,000 for team sites.

Purchase additional SkyDrive Pro storage

In addition to raising the minimum for SkyDrive Pro storage, Microsoft is now allowing Office 365 (business) customers to purchase additional storage, just as consumers can do with SkyDrive. According to Microsoft, you can purchase increases in increments, up to 50 GB or 100 GB (the current SkyDrive Pro limit), and you can adjust the storage for up to 25 users at once. Additional storage costs $0.20 per GB per month.

File upload limit increased

Microsoft has increased the size of file uploads to 2 GB per file. (I'm not sure what it was before.)

File versioning

Microsoft has enabled a feature called versioning, which is something that also appeared on consumer SkyDrive first. It's on by default for newly provisioned SkyDrive Pro libraries, which suggests that we can turn it on for existing accounts, which would be ideal. According to Microsoft, when enabled, versioning automatically saves the last ten versions of each file so you never lose an important document.

Recycle Bin retention

Files you've deleted from SkyDrive Pro are stored in the SkyDrive Pro Recycle Bin. The default recycle bin retention has been bumped up from 30 days to 90 days.

New Shared with Me view

In another nod to the consumer-oriented SkyDrive, Microsoft is adding a Shared With Me view to the SkyDrive Pro web interface so that you can more easily locate documents, other files, or folders that co-workers have shared with you. " The documents and folders you see in the Shared with Me view may live in someone else's SkyDrive Pro, or they may be shared from a standard team site document library," Mark Kashman and Tejas Mehta write in a new post to the Office 365 Technology blog. "Once they are shared with you, you have the same permissions in SkyDrive Pro that you were originally given by the person who shared the documents with you. This means you can view a document, edit it, share it, and download it, and more- all as if it were natively stored in your SkyDrive Pro."

What I'd like to see—and this is true with consumer SkyDrive as well—is this interface delivered to the file system integration bits on Windows. But this is a huge improvement, of course, and quite welcome.
http://winsupersite.com/office-365/m...aring-and-more





BitTorrent Launches iOS App for its Sync File Sharing Service
Anupam Saxena

BitTorrent has released an iOS app for its file-synchronization service, Sync, which it released to the public in April.

With the introduction of the iOS app, users will be able to use the service to move videos, photos and other files from their iPhones and iPads to their laptops and vice versa. The app also allows users to send photos and videos from their iPhone directly to their friends' iPhone using BitTorrent Sync's mobile-to-mobile sending.

The app also lets users automatically backup photos from their iOS device's Camera Roll to a folder on their computer. To connect the app to the users' previously created folders, they just need to scan a QR code on the other device with the iPhone's camera.

The launch of the iOS app follows BitTorrent Sync's Android app, which was launched last month, coinciding with the service moving to Beta status from Alpha. It had launched with apps for Windows, OS X, Linux PCs in addition to a Web interface. While services like Dropbox, Box, Skydrive and Apple's own iCloud let users backup and sync their files with other devices, they come with limited data transfer capacity and store content on their own servers (which is also susceptible to surveillance).

The Sync service lets users securely sync files and folders across multiple devices. It allows users to experience the functionality of file sync and storage services like Dropbox and Skydrive, but doesn't require them to store their files on a third-party server. So they can access their files across multiple devices via the BitTorrent technology and there's no limit to file size, transfer or storage limits. Also, since a third-party doesn't have access to user data, and data is encrypted during transfers, there are fewer privacy and security concerns.

BitTorrent had mentioned that BitTorrent Sync was specifically designed to handle large files, and encourages users to sync original, high quality, uncompressed files or for remote backups.

In July BitTorrent had said that Alpha users had synced over 8 petabytes (1 petabyte = 1048576 gigabyte) of data. A company spokesperson has now told TechCrunch that users have now synced over 14 petabytes (1 pentabyte = 1048576 gigabye) of data.

While Sync is free to use, BitTorrent also intends to offer paid, premium services aimed at enterprises and power users in the future, as per the report
http://gadgets.ndtv.com/apps/news/bi...service-411421





Court Finds Hotfile, and the Guy Running it, Guilty of Copyright Infringement
Derrick Harris

File-sharing service Hotfile was found guilty of copyright infringement in a U.S. federal court case decided on Wednesday. But just because Hotfile appears guilty, that doesn’t mean cyberlockers are inherently evil — regardless what the MPAA says.

A U.S. District Court in Florida has found digital file-sharing site Hotfile and its owner Anton Titov guilty of copyright infringement, according to a press release issued by the Motion Picture Association of America. It’s the second blow against online file sharing to come on Wednesday, after news broke that music-sharing service Grooveshark had signed a licensing deal with Sony, but the verdict probably shouldn’t surprise anyone with a basic knowledge of copyright law.

The opinion in the case is sealed pending redactions of sensitive material, according to the press release, but the MPAA suggests the court based its decision on the fact that Hotfile encouraged piracy by paying users to upload large files (i.e., not papers or photos, but full-length videos). Assuming that’s true, the decision is pretty square with the legal precedent set during Napster’s legal battle earlier this millennium: Broadly speaking, enabling infringement isn’t illegal, but encouraging it is.

The MPAA paints the victory of its constituents (Disney, 20th Century Fox, Columbia, Universal and Warner Bros., in this case) as a victory against personal cyberlockers, but that seems like a gross overstatement. It’s a victory against cyberlockers that encourage piracy, for sure, but a federal court in New York decided in 2011 that cyberlocker service MP3Tunes was not liable (for the most part) in its case against a collective of music-industry plaintiffs. Among the court’s rationale for the decision was the fact that MP3Tunes neither rewarded nor encouraged infringement and, in fact, punished it.

Hotfile, on the other hand, only began punishing users for infringement after the MPAA’s lawsuit was filed, according to a 2012 article from the Hollywood Reporter.

But just because Hotfile might have been actively encouraging infringement, that doesn’t make the content industry the hero of the piracy story. If anything, its aggressive takedown-claim strategies under the Digital Millennium Copyright Act have been a major nuisance — if not a destructive force — to plenty of legitimate web companies. Ask MP3Tunes and Veoh: They won their lawsuits (Veoh’s victory was even upheld by the 9th Circuit Court of Appeals), but the legal bills forced both into bankruptcy.
http://gigaom.com/2013/08/28/court-f...-infringement/





Peter Hook Compares Possession of Lost Tapes to 'Illegal File-Sharing'
Alice Vincent

Joy Division fans were excited by the discovery of master tapes for Unknown Pleasures, the band's debut album. However, the recordings are now at the centre of an ownership dispute between the producer who unearthed them and Peter Hook, Joy Division and New Order founder and bassist.

The tapes were made by Joy Division and New Order producer Martin Hannett and include the bands' outtakes as well as master copies of recordings made by Seventies rock band Psychedelic Furs. They were reprotedly found "in a skip" by Julia Adamson, who helped Hannett in the studio in the Eighties and has worked alongside the bands for years. Hook, who said he used to help Hannett in the studio, explained that it is "mostly [his] handwriting on the boxes".

Earlier this month Adamson posted a picture of the tapes online and on her Facebook, simply captioning them: "rescued tapes of Martin Hannett's...anyone interested".

The photo has since been shared more than 200 times. Adamson explains that she had "looked after these tapes for a long time" and had "approached the artists (who were my first port of all) and I was subjected to accusations and abuse" and so didn't "really care anymore".

However, Hook subsequently spoke to music website Pitchfork about the tapes and denied ever being contacted about them before. He said, "There is no way on earth that I, renowned collector of all things Joy Division and New Order, would not have been interested." He is currently in negotiations to buy the tapes from Adamson, but by law she must offer the music to the band first rather than the public.

Hook explained: "There’s a culture of finder’s keepers, so invariably, over the years, I’ve bought many items of memorabilia back from various people. But English law is very explicit about ownership. The band owned the copyright and the music, and under English law it’s illegal to give away people’s music without their consent.

"If Julia did want to give them away, she needs our permission. It’s the same as illegal file-sharing on the internet."

If the tapes are successfully returned, Hook said he would like to create "the definitive collection" of bootlegged Joy Division Martin Hannett tapes. However, because the musician is currently contesting the reformed New Order's right to the trademarked name, the process could be slowed.
http://www.telegraph.co.uk/culture/m...e-sharing.html





Google Breaks ChromeCast's Ability to Play Local Content

Bad news for all ChromeCast users who were thinking of being able to stream local content to their HD TVs. Google has pushed an update for ChromeCast which has broken support for 3rd party apps like AirCast (AllCast) which allow users to 'stream' local files from their devices to ChromeCast connected TV sets.

The renowned Cyanogenmod developer Koushik Dutta was working on AirCast and was planning to eventually publish it on the Google Play Store. We tested the apps and it worked great.

The app won't work anymore if your ChromeCast was updated.

Dutta says that Google has intentionally broken his app. "They disabled 'video_playback' support from the ChromeCast application,” says Datta.

It is intentional? Can't it be a bug? Datta says otherwise. “Given that this is the second time they've purposefully removed/disabled the ability to play media from external sources, it confirms some of my suspicions that I have had about the ChromeCast developer program: The policy seems to be a heavy handed approach, where only approved content will be played through the device. The ChromeCast will probably not be indie developer friendly. The Google TV team will likely only whitelist media companies."

This is very unlike of Google which always maintained that 'you own the device that you buy and are free to do what ever you want to do with it.' We have seen this in Google's Chromebooks and Android devices where Google documented how to root such devices and install the OS of your own choice.

Google has not released any official statement about breaking the playback feature, but if Google is deliberating doing what Amazon, Microsoft of Apple do with their devices to break the 3rd party features then it doesn't sound very good. One of the USPs of ChromeCast was the huge potential it holds beyond broadcasting content from YouTube, Netflix, Google Play Movies/Music and Chrome browser. Many bloggers cites this potential as an edge over Apple TV.

If ChromeCast loses this ability it may not remain a 'devel' friendly device.

Is Google taking the path of Apple, Amazon and Microsoft? Is Google diverting from it's 'you own the device you buy and can do whatever you want to do with it?'
http://www.muktware.com/5857/google-...-local-content





Confirmed: ChromeCast Will be Able to Play Local Content, Go Ahead and Order Yours
Swapnil Bhartiya

When the Google ChromeCast was announced it was an instant hit and all the units were 'sold' immediately. One of the core features of ChromeCast was the ability to play local content. This $35 device seemed to hold much more potential than the AppleTV and other such devices the market.

Many developers like Koushik Dutta started building apps which would allow user to stream local content.

I downloaded the app and were really excited to see the 'chromecast' of my son's video in full HD without any delay. However, Koush posted yesterday that Google has updated ChromeCast 'deliberately' breaking the playback capabilities.

The suspicion was raised that Google doesn't want streaming of local data through ChromeCast. Then there were misleading stories from sites like The Verge which set a very dangerous tone for local content 'branding' it as pirated. Casey Newton of the Verge wrote:

It seems likely that Google would try to block apps like AirCast, which could upset its relationships with content providers by make it easier for users to play pirated movies on their TVs. Google did not immediately respond to a request for comment.

I am a film-maker and I make a lot of documentaries, all of us make home movies of family events or trips. We are purchase movies from sites like Amazon and play them locally. So, not every 'local' content is 'pirated'!

All this made one to think that this update is an indication that Google doesn't want to allow users to play local content through this device.

That contradicted Google's stand on 'if you buy a device, you own it and you are free to do anything with it.' We have seen the awesome documentation Google has done to assist users in 'unlocking' their Nexus devices or ChromeBooks to put OS of their choices. So, why would Google have issues with ChromeCast?

I had my own doubts when I wrote this story. I reached out to Google and I got a statement from a Google spokesperson and that statement make it very very clear that Google has no problem with streaming local content via ChromeCast.

We’re excited to bring more content to Chromecast and would like to support all types of apps, including those for local content. It's still early days for the Google Cast SDK, which we just released in developer preview for early development and testing only. We expect that the SDK will continue to change before we launch out of developer preview, and want to provide a great experience for users and developers before making the SDK and additional apps more broadly available.

So it's abundantly clear that Google is not trying to block playback of local content. It's just that the SDK is in very early stage and developers should refrain from publicly releasing apps as they may break unless the SDK is in stable stage.

So if you were planning to buy ChromeCast and changed your mind thinking it won't play local content you don't have to worry. You will be able to play anything that you want on that device. As far as developers are concerned they can wait till the SDK is ready for the prime time.

So go ahead and order your ChromeCast
http://www.muktware.com/5860/confirm...nd-order-yours





Sirius XM Sued for Digital Royalty Underpayment
Nate Raymond

A U.S. nonprofit charged with collecting digital royalties for music artists sued satellite radio service provider Sirius XM Radio Inc for at least $50 million on Monday for underpaying on recordings, including ones from before 1972.

The lawsuit was filed in the U.S. District Court for the District of Columbia by SoundExchange Inc, an entity appointed by the Copyright Royalty Board to collect and distribute performance royalties established under federal law.

The lawsuit said from 2007 through 2012, Sirius XM "systematically" underpaid SoundExchange for the statutory license that allows the service to air recordings to its millions of paying subscribers.

The lawsuit said Sirius in particular reduced by 10 percent to 15 percent the gross revenues it reports to calculate the royalties because that corresponded with performances of pre-1972 recordings.

The royalty rate that would be charged against those gross revenues ranged from 6 percent in 2007 to 8 percent in 2012, according to SoundExchange, which was established by the Recording Industry Association of America.

"We cannot sit by and watch this multi-billion dollar company reap record profits from the creative contributions of artists and labels without paying them everything they deserve," SoundExchange Chief Executive Michael Huppe said in a statement.

Representatives for Sirius XM did not immediately respond to a request for comment.

But in the complaint, SoundExchange said Sirius had taken the position that the statutory license established under federal law does not cover pre-1972 recordings.

Sound recordings were not given federal copyright protection until 1972 and instead relied on state law for protection.

The lawsuit also accuses Sirius of, among other things, excluding from its revenue calculations money it earned from customers subscribing to its Sirius XM Premier package and of failing to make timely royalty payments.

The lawsuit seeks $50 million to $100 million or more, along with appropriate late fees and interest.

The case is SoundExchange Inc v. Sirius XM Radio Inc, U.S. District Court, District of Columbia, No. 13-01290.

(Reporting by Nate Raymond in New York; Editing by Eric Walsh and Jacqueline Wong)
http://www.reuters.com/article/2013/...97Q02V20130827





White House Copyright Czar Jumps to Industry Anti-Piracy Group
David Kravets

Victoria Espinel quit her job as the U.S. government’s top intellectual-property enforcement officer to become president of the Software Alliance. Photo: White House Photo Office

Victoria Espinel, the nation’s copyright czar until two weeks ago, has been named president of an anti-piracy trade group that lobbies governments on behalf of the software industry.

Espinel resigned earlier this month from the key White House post she’d held for four years. The Software Alliance, which goes by the acronym BSA, announced today that Espinel was named president of the group that bills itself as “the world’s premier anti-piracy organization.”

The association’s chairman, Pascal Di Fronzo, who is the general counsel of Autodesk, said, “We are thrilled to have Victoria leading BSA forward in an important phase of growth and evolution for the software industry. Victoria brings an extraordinary wealth of expertise on key issues at the intersection of trade policy, market access and IP protection.”

Espinel is best known for playing an active role in secret negotiations between Hollywood, the recording industry and ISPs to disrupt internet access for users suspected of violating copyright law under an initiative generally known as “six strikes.”

Congress created the IP czar position in 2008 as part of intellectual-property reform legislation. The position, which remains vacant in Espinel’s wake, is on par with the nation’s drug czar Congress created in 1982 to wage the War on Drugs.

The Software Alliance consists of some of the world’s leading software makers, including Apple, Microsoft and Oracle.

“I am looking forward to working closely with BSA’s member companies to ensure markets around the world provide the enabling environments necessary for technology innovation to continue flourishing. Software drives growth and productivity in all sectors of the global economy, and it enriches modern life,” Espinel said in a statement. “BSA will continue to be a forceful and effective advocate on issues central to the next phase of the industry’s growth as rapid changes in the digital landscape create new opportunities and policy priorities.”

To be sure, many of the initiatives brought under Espinel’s tenure align nicely with the Software Alliance’s anti-piracy philosophy.

One program she helped coordinate was the Department of Homeland Security’s “Operation in Our Sites,” which over a three-year period seized more than 1,700 websites that allegedly streamed sporting events; hawked counterfeit drugs, clothes, and accessories like handbags; and unlawfully allowed the downloading of copyrighted movies and music.

Both the copy right and copy left applauded Espinel in 2010 when she unveiled the President Barack Obama administration’s first “Joint Strategic Plan” concerning intellectual-property enforcement — which gave a big nod to fair use.

But Espinel is best known for her cozy relationship with Hollywood and the music industry’s lobbying arms to facilitate the crafting of an historic anti-piracy agreement among the nation’s largest consumer internet providers, including AT&T, Cablevision, Comcast, Time Warner and Verizon.

It requires internet service providers, for the first time, to punish residential internet-service customers who media companies suspect are violating copyright rules by downloading copyrighted movies or music from peer-to-peer networks. Among other things, repeat violators could have their internet throttled or briefly suspended.
http://www.wired.com/threatlevel/201...bsa-president/





Copy Protection for 3-D Printing Aims to Prevent a Piracy Plague

Streaming designs to 3-D printers like Netflix does movies could prevent unauthorized copying.
Tom Simonite

People in the 3-D printing world have talked for years about the possibility of unauthorized copying and sharing of designs—similar to what the file-sharing program Napster allowed for music. Now the first commercial solution to this as-yet theoretical problem is preparing to launch. It was developed by Authentise, a startup based in Mountain View, California.

The company’s software makes it possible for a design to be sent to a 3-D printer in such a way that it can be printed only once. “You don’t receive the raw design file,” says Andre Wegner, cofounder and CEO of the company, “so you can’t copy and share it.”

Authentise’s approach is similar to the way Netflix sends viewers at home a stream of video frames only as their computer needs them to play a movie. Instructions that tell a 3-D printer about how to squirt out material are sent to it only as it needs them. Once the process is done, the instructions are instantly discarded, leaving a completed print but no full digital representation of its design.

“We’re already talking to a number of people about using the technology to enable buying of designs online, with an iTunes-like functionality,” says Wegner. He declines to say which companies are involved, but says that a toy or movie company such as Disney could use Authentise’s technology to allow people to pay a small fee to print out, for example, a movie character.

A version of the technology, called SendShapes, is set to launch next month. To receive a design a person will have to download a small software program that receives the streamed design and passes it along to a 3-D printer. Authentise, which has five employees, was founded at and is partially supported by Singularity University, an educational nonprofit focused on future technologies supported by Google and the X Prize foundation.

Some companies are already attempting to control the sharing of 3-D design files that they say infringe on their copyright. In February this year, the TV network HBO demanded that nuProto, an Orlando, Florida, company that offers 3-D printing services, stop printing iPhone docks with a design inspired by the show Game of Thrones. Shapeways, a company that charges to print out designs on its large “farms” of 3-D printers that work with many materials, including metal and ceramic, has hired a staff attorney after several incidents in which companies claimed their rights had been infringed by designers using the company’s services and online catalogue.

Wegner doesn’t pretend that Authentise can make it technically impossible for a person with the right motivation and knowledge to find a way to collect a streamed design file. Rather, he aims to make the process of paying for access to a protected design smooth enough to be more attractive than unauthorized copying. “We think you can make printed objects cheap and easy enough to print to attract the majority of consumers,” he says, drawing an analogy with how millions of people pay iTunes, Amazon, and Spotify for music despite piracy still being very easy.

Michael Weinberg, a staff attorney with Washington nonprofit Public Knowledge, which works on intellectual property issues related to technology, says there will likely be a market for technology like Authentise’s as technological improvements lead more consumers and businesses to buy 3-D printers or to use commercial 3-D printing services. However, it will have to be implemented carefully, he says, pointing to the music industry’s failed attempts to rein in file sharing by embedding copy protection, or DRM, into music files. Major music download services no longer use such technology.

“There are situations where a protected distribution chain can be really helpful,” says Weinberg. “Think of a person that wants a verified replacement part for something that is broken.” A person in that situation would want to know that the design they were getting was the real thing, says Weinberg, whether they were printing it themselves, using a third-party service like that of Shapeways, or visiting a physical store such as Staples, which is adding 3-D printers to some of its locations.

Wegner says that his company will use its technology only in ways that offer easier alternatives to using unauthorized print designs, rather than embedding it into design files or printers in ways that lock down how they can be used. However, others have expressed interest in more controlling methods of copy protection (see “Nathan Myhrvold’s Plan to Prevent 3-D Printer Privacy”).

Whatever copy control mechanisms gain traction, legal tussles and perhaps even court cases appear inevitable. Intellectual property laws affecting 3-D designs and physical objects are much more complex than those involved in unauthorized copying of music and movies, says Weinberg, who recently published a white paper on copyright and 3-D printing. While media files, as “creative works,” are unambiguously protected by copyright laws, “useful objects” have traditionally been exempt from copyright protection, and when a 3-D design can be copyrighted is something of a copyright gray area. But such uncertainty is unlikely to prevent companies from trying to use copyright to assert themselves, says Weinberg. “If you would like to control the use of something, finding a way to get copyright on it is a very attractive thing to do.”
http://www.technologyreview.com/news...piracy-plague/





New Zealand Bans Software Patents

Summary: Passage of new patent law marks end of years of debate and lobbying.
Rob O’Neill

New Zealand has finally passed a new Patents Bill that will effectively outlaw software patents after five years of debate, delay and intense lobbying from multinational software vendors.

Aptly-named Commerce Minister Craig Foss welcomed the modernisation of patents law, saying it marked a "significant step towards driving innovation in New Zealand".

“By clarifying the definition of what can be patented, we are giving New Zealand businesses more flexibility to adapt and improve existing inventions, while continuing to protect genuine innovations,” Foss said.

The nearly unanimous passage of the Bill was also greeted by Institute of IT Professionals (IITP) chief executive Paul Matthews, who congratulated Foss for listening to the IT industry and ensuring software patents were excluded.

Matthews said it was a breakthrough day "where old law met modern technology and came out on the side of New Zealand’s software innovators”.

The Patents Bill was first drafted in 2008. In 2010 the Commerce Select Committee recommended a total ban on software patents. However, that stance was overturned with the introduction of a Supplementary Order Paper (SOP) in August last year where the removal of software patents was reversed.

An IITP poll of members at the time showed 94% of those with a view were in favour of banning software patents.

“The patents system doesn’t work for software because it is almost impossible for genuine technology companies to create new software without breaching some of the hundreds of thousands of software patents that exist, often for very obvious work,” Matthews said.

“Today’s historic legislation will support our innovative technology industry, and sends a clear message to the rest of the world that New Zealand won’t tolerate the vexatious practice of ‘patent trolls’”.
http://www.zdnet.com/new-zealand-ban...ts-7000019955/





Burning Man's Open Source Cell Phone System Could Help Save the World

Solar-powered OpenBTS systems costs pennies a day and operates in the farthest outreaches of Earth.
Julie Bort

Today I bring you a story that has it all: a solar-powered, low-cost, open source cellular network that's revolutionizing coverage in underprivileged and off-grid spots. It uses VoIP yet works with existing cell phones. It has pedigreed founders. Best of all, it is part of the sex, drugs and art collectively known as Burning Man. Where do you want me to begin?

"We make GSM look like a wireless access point. We make it that simple," describes one of the project's three founders, Glenn Edens.

The technology starts with the "they-said-it-couldn't-be-done" open source software, OpenBTS. OpenBTS is built on Linux and distributed via the AGPLv3 license. When used with a software-defined radio such as the Universal Software Radio Peripheral (USRP), it presents a GSM air interface ("Um") to any standard GSM cell phone, with no modification whatsoever required of the phone. It uses open source Asterisk VoIP software as the PBX to connect calls, though it can be used with other soft switches, too. (More stats in a minute that I promise will blow away your inner network engineer.)

This is the third year its founders have decided to trial-by-fire the system by offering free cell phone service to the 50,000-ish attendees at Burning Man, which begins today in Black Rock City, Nevada. I've posted a few photos of the set-up here. But the project is still new and mostly unheard-of. The second-generation hardware is in beta and the project’s commercial start-up, Range Networks, won't emerge from stealth mode until September (at the DEMO conference).

Two of OpenBTS's three founders are a duo of wireless design gurus that make up Kestrel Signal Processing: David Burgess and Harvind Samra. The third is industry luminary Glenn Edens, the same Edens who founded Grid Systems, maker of the first laptop in the early ‘80s, who is also known as the former director of Sun Microsystem’s Laboratories (among his other credentials). He is Range Networks’ CEO.

Burning Man has become a brutal, but great test vehicle. "There are not too many places you can go where tens of thousands of people show up, all of them with cell phones, in a hostile physical environment – lots of heat and dust, with no power and no cell service," Edens says.

GSM operates on licensed bandwidth, so for any U.S. installation, the OpenBTS crew always obtains a FCC license and works with the local carrier to coordinate frequency use. When attendees get into range and power up their phones, the system sends them a text that says “Reply to this message with your phone number and you can send and receive text messages and make voice calls.”

Edens notes: "You can also make phone calls to any number, but you can’t receive them, except from other people at Burning Man. We don’t have a roaming agreement in place with any carriers yet. So calls from people out of range from Burning Man will go to voicemail … but you can check your voicemail." (You can follow the progress of the system setup on Burgess's blog).

Edens jokes that Kestrel gets an equal number of compliments and complaints for making cell phones accessible at the event. You win some and you lose some.

Certainly, the potential of OpenBTS is a winner. The system is only "as big as a shoebox," Edens says, and requires a mere 50 watts of power "instead of a couple of thousand" so it is easily supported by solar or wind power, or batteries. It performs as well as any other GSM base station which has a maximum range of 35 kilometers and a typical range of 20 kilometers, depending on geography, antennae height, etc.

It can use a wireless backhaul, too. "We’re working with UC Berkeley on a really interesting project on super long distance wireless backhaul. We can also use private microwave and all the usual backhaul technologies," Edens says. A full‐power base station with software costs around $10,000. Compare that to the typical $50,000 - $100,000 investment for base station controllers, mobile switching centers and "a whole lot of plumbing" to bring in power, backhaul, etc., in a traditional cellular network.

Like other GSM cell networks, OpenBTS networks can connect to the public switched network and the Internet. Because it converts to VoIP, it "makes every cell phone look like a SIP end point … and every cell phone looks like an IP device. But we don’t touch anything in the phone … any GSM phone will work, from a $15 refurbished cell phone all the way up to iPhones and Androids." Low cost phones are particularly important for projects in impoverished areas, where people can benefit most from better communications services.

"The UN and ITU studies show that when you bring communications services to an area, healthcare goes up, economic well being goes up, education goes up," Edens says, noting that costs and power needs are low enough that even a small village can afford to do this. Users may need to pay $2 or $3 a month.

He brags that setup is downright trivial. "After the Haiti earthquake, we sent a system that was installed at the main hospital in Port Au Prince. They had it working an hour after unpacking it from the box. The hospital PBX was down. They used it as their phone system for about two weeks."

Kestral has sold about 150 units, hardware and software, since last January, with trial systems installed in India, Africa, the South Pacific and a number of other countries. The team has also done a few private installations like oil fields, farms, and ships at sea. They are also providing a system to the Australian Base in Antarctica. Plus OpenBTS has been downloaded about 4,000 times, mostly by researchers able to build their own base stations. It is also of interest for military communications, law enforcement and DARPA projects.

Because OpenBTS relies on licensed bandwidth, the team hasn't been targeting enterprises wanting private campus-wide cell phone networks, though that’s not out of the question. Still, Edens says there's plenty of work to be done for the 60% of the world’s landmass and the 40% of the world’s population that don’t have service, he says, quoting number from the ITU. Carriers such as Telefonica to T-Mobile have expressed interest.

Edens is clearly as proud of the OpenBTS project's technological achievements as he is of its potential role to save the planet. "A lot of people said it couldn’t be done. But software-defined radio technology has gotten so good. It's our second generation radios that we’re testing now and although the three of us have done 98% of the coding work, we've had great support from the open source community."

More power to you.
http://www.networkworld.com/news/201...rning-man.html





Ignored by Big Companies, Mexican Village Creates its Own Mobile Service
Subodh Varma

After being ignored by a company owned by the world's richest man Carlos Slim, a tiny Mexican village has developed its own mobile network with international connections. The local service costs 15 pesos ($1.2) per month-13 times cheaper than a big firm's basic plan in Mexico City, AFP reports.

The village of Villa Talea de Castro, dotted with small pink and yellow homes, has a population of 2,500 indigenous people. Tucked away in a lush forest in the southern state of Oaxaca, it was not seen as a profitable market for companies such as Slim's America Movil. The company wanted at least 10,000 subscribers to bring the village into its mobile coverage, AFP said.

So the village, under an initiative launched by indigenous groups, civil organizations and universities, put up an antenna on a rooftop, installed radio and computer equipment, and created its own micro provider called Red Celular de Talea (RCT) this year.

Calls to the United States, where many of the indigenous Zapoteco resident have migrated, charge a few pennies per minute.

"I have two children who live outside the village and I communicate with them at least two or three times per week," restaurant manager Ramiro Perez, 60, told AFP. Before, Perez had to use telephone booths where he paid up to 10 pesos ($0.75) per minute.
The coffee-producing village installed the network with the help of Rhizomatica, a non-profit with US, European and Mexican experts who aim to increase access to mobile telecommunications in communities that lack affordable service.

In a statement, Rhizomatica, a civil group named Redes and a town official said they hoped that a telecom reform pushed through Congress by President Enrique Pena Nieto to open the market will "break the obstacles" that prevent the development of such community-based projects.

"Many indigenous communities have shown interest in participating in this project and we hope that many more can join this scheme," the statement said.

The equipment used in Talea, which was provided by California-based Range Networks, includes a 900mhz radio network and computer software that routes calls, registers numbers and handles billing. Calls to the United States are channeled via a voice over Internet protocol ( VoIP) provider.

The village received a two-year-permit from the Federal Communications Commission to have the right to test the equipment.

When a cellphone user arrives in the village, a text message automatically appears saying: "Welcome to the Talea Cellular Network (RTC)-to register, go to the radio with this message."

There is one catch: phone calls must be limited to a maximum of five minutes to avoid a saturation of lines.

Israel Hernandez, a village resident and one of the volunteers who helped set up the system, said the network uses the radio-electric spectrum that ""telephone (service) providers refuse to use because it is financially unviable."

Slim's Telcel is part of his America Movil empire, which controls 70 percent of Mexico's mobile phone market and has 262 million subscribers across Latin America but never made it to Talea.

Alejandro Lopez, a senior town hall official, said the village had approached big telecom firms but that they had required 10,000 potential users as well as the construction of a path where an antenna would be erected and a lengthy power line.

"Despite some technical problems, because we are in a test period, the project has been a success" with 600 villagers signing up since the service opened three months ago, Lopez said.

Buoyed by the system's success, the village has decided to buy its own equipment that will allow RCT to run 35 lines simultaneously and plans to install in the coming weeks.

The next step, RCT volunteer Hernandez said, is to form cooperatives with other indigenous villages to request concessions from the Mexican government in order to resolve "this lack of free frequencies for cellphone communications in the country's rural communities."
http://articles.timesofindia.indiati...rica-movil-afp





Greek Community Creates an Off-The-Grid Internet
Joe Kloc

In an effort to buck the expensive rates of unreliable corporate telecom companies, a community in Athens, Greece, has created its own private Internet.

Built from a network of wireless rooftop antennas, the Athens Wireless Metropolitan Network (AWMN) now has more than 1,000 members. Data moves “through” the AWMN mesh up to 30 times faster than it does on the telecom-provided Internet.

According to Mother Jones, this off-the-grid community has become so popular in Athens and on nearby islands that it has developed its own Craigslist-esque classifieds service as well as blogs and an internal search engine.

"It's like a whole other Web," AWMN user Joseph Bonicioli told the magazine. "It's our network, but it's also a playground."

The AWMN began in 2002 in response to the poor Internet service provided by traditional telecommunications companies in Athens. However, the past few years have illustrated another use for these citizen-run meshes: preserving the democratic values of the Internet.

As the Internet has become a ubiquitous presence in day-to-day life, governments around the world have sought to control it. In 2011 for example, when former Egyptian president Hosni Mubarak found out that protesters were organizing on Facebook, he commanded the country’s Internet service providers to shut down access, denying 17 million Egyptians access to the Web for days.

Later that year in the U.S., the city of San Francisco temporarily shut down cellphone service in its transit system to stop a protest.

As Bonicioli told Mother Jones, "When you run your own network, nobody can shut it down."

These DIY meshes are also used to provide Internet in places major telecom companies can’t—or won’t—reach. For example, one was constructed last year in the Brooklyn neighborhood of Red Hook after Hurricane Sandy knocked out resident’s access to the networks of major Internet service providers.

Similarly, Guifi, the largest mesh in the world, was built to address spotty Internet service in rural Spain. It has over 21,000 members.

Meshes have taken on new relevance in the wake of former National Security Agency contractor Edward Snowden’s leaks about the agency’s massive Internet surveillance programs.

It is estimated (albeit roughly) that the NSA touches as much as half of the world’s Internet communications each day. The agency gains access to much of this information through partnerships with telecom companies that allow the agency to install splitters on their fibre optic Internet cables. Privately run meshes would deny the NSA—and other government intelligence agencies around the world—this access point to Internet data.

As the New America Foundation’s Sascha Meinrath told Mother Jones, "We're making infrastructure for anyone who wants to control their own network."
http://www.dailydot.com/politics/gre...internet-mesh/





Web Ad Killer AdBlock Launches Crowdfunding Initiative to Finance… an Internet Ad Campaign
Jon Russell

AdBlock, the company behind the AdBlock Chrome extension that block out Internet advertising, is going meta after it launched a crowdfunding initiative to raise a minimum of $25,000 for an advertising campaign of its own.

AdBlock has launched the Kickstarter/Indiegogo-style 30 day donation push to finance a promotional campaign that will use the very medium that it restricts: Web ads.

“We’re going to use ads to get rid of ads,” the campaign page explains. “We will use the money raised to make AdBlock banner ads and video commercials, and we will show these across the Internet to people who don’t have AdBlock.”

The donation page quietly went live this weekend — crossing $4,000 at the time of writing — but AdBlock says it will push a notice to users of its services this coming week to generate further interest.

It expects that alert to users to drive around 15 million visitors to the campaign page, which includes a variety of donation packages, priced upwards of $1. Like Kickstarter and Indiegogo, donors will only pay if the minimum target is reached.

There is an ambition to make its campaign more visible, and AdBlock says it will rent a billboard on Times Square if it can bring in $50,000 in donations. If the amount reaches $150,000, it wants a full page spread in the New York Times — while, at the crazy end of of crazy, it’s pledging a Super Bowl 2014 TV spot if it can pull in a highly unlikely $4.2 million.

AdBlock says it can make the Internet “a better place for everyone” if it cuts out “annoying” advertising. While that may appeal to some, many Internet sites — The Next Web included — rely on advertising to bring in revenue, which pays for staff to write content — so cutting out ads is very much detrimental to many content creators.

One argument to justify services like AdBlock is that that online media should develop better business models that are not reliant on ads. While that’s all well and good on paper, it remains to be seen how many Internet users will pay for anything — let alone news and content — which they are used to getting for free; while other monetization models are still to come to the fore.

Bearing those arguments in mind, it will be interesting to see how AdBlock’s campaign progresses.

(I’m quite aware of the irony that The Next Web, a site that includes ads, is effectively prompting the campaign by writing about it. But we consider our content to be of high enough quality, and the types of advertising that we serve to be more than bearable, that our readers aren’t compelled to ‘AdBlock’ us.)

UPDATE: A previous version of this post conflated the AdBlock and AdBlock Plus brands. The post has now been amended to remove this error. AdBlock Plus is a separate company to AdBlock.
http://thenextweb.com/insider/2013/0...-ad-campaign/?





Was ESPN Sloppy, Naive or Compromised?
Robert Lipsyte

So what’s more damaging to a corporate image: to be considered sloppy, naïve or compromised? Or all three? You get to pick in the wake of ESPN’s announcement Thursday that it was removing its brand from an upcoming two-part documentary by PBS’s “Frontline” that “reveals the hidden story of the NFL and brain injuries” (or so it claims in a controversial trailer).

The ESPN action drew immediate media and mailbag accusations that the NFL had pressured the network into severing ties to the PBS films. I thought the best and briefest characterization came from Ombuddy Philip Berenbroick of Arlington, Va., who saw ESPN’s decision as an example of “the dueling journalism and profit motives [via protecting valued partners] at the network.”

It’s hard to argue with that depiction. That duel also turns out to be the major ongoing conflict that the ombudsman deals with. This column is a first response to the current issue; there may be more columns to come as we learn more on the topic.

The background: For the past 15 months, ESPN’s enterprise/investigative unit has been working “in collaboration” with “Frontline” on two shows scheduled to air in October. They are titled “League of Denial: The NFL, Concussions and the Battle for the Truth,” and are in parallel with a forthcoming book of the same name by Steve Fainaru and Mark Fainaru-Wada -- brothers and investigative reporters for ESPN.

By all accounts, it has been a close and happy collaboration between elite news teams, producers and writers. Results of that collaboration have already appeared on ESPN.com and “Outside the Lines,” the ESPN show that most closely resembles the PBS show in serious intent, as well as on the “Frontline” site. Indeed, ESPN has done extensive reporting on the NFL and concussions, from its “Football at a Crossroads” series to revealing reports by Fainaru and Fainaru-Wada on concussion controversies involving Mike Webster and Junior Seau.

There were mutual corporate benefits. PBS would draw new viewers from the crowds in the ESPN grandstand, and ESPN would derive a dash of PBS prestige from its association with one of the nation’s most respected documentary broadcasts. Both sides trumpeted the relationship. In July 2012 at the Aspen Ideas Festival, on a panel with PBS president Paula Kerger, ESPN president John Skipper said: “We're not the public trust that PBS is, but we do a certain amount of programming that is a bit of the public trust.”

That attitude was a point of pride among ESPN journalists, including Dwayne Bray, a senior news producer who was working closely with “Frontline.” On Aug. 6, on a joint media panel with “Frontline” in Los Angeles to promote the documentary, Bray took on the question of ESPN reporting on the toughest topic bedeviling its most important business partner. Pro football is the most popular sport on ESPN and generates the most income. But the NFL is also dealing with more than 4,200 named player-plaintiffs in lawsuits over concussion-linked injuries.

At a news conference on the tour, Bray boasted of ESPN’s “bifurcated” structure in which journalism and business remained separate. He pointed out that ESPN has been reporting on football concussions since 1994, and that “the NFL is just going to have to understand” the nature of the ESPN-“Frontline” partnership.

That event, Skipper told me, was for him “the catalyst or starting episode” of what ultimately resulted in ESPN’s decision to part ways with “Frontline.” Skipper didn’t attend the event, and said he was “startled” when he read about a promotional trailer for the documentary which was screened at the news conference. He hadn’t seen the trailer or approved its content, which included the ESPN logo and a collaboration credit. He thought it was “odd for me not to get a heads up,” and said it made him “quite unhappy” to discover that ESPN had no editorial control over the trailer.

Upon screening it, Skipper said he found the trailer to be “sensational.” He particularly objected to the tagline -- “Get ready to change the way you see the game” -- and to the final sound bite in the piece, from neuropathologist Ann McKee. Referring to brain injuries, she says, “I’m really wondering if every single football player doesn’t have this.”

Skipper said he found that comment to be “over the top.”

Eight days after the catalytic news conference, on Aug. 14, Skipper and NFL Commissioner Roger Goodell had lunch in New York City. It’s not hard to assume, as many have, that Goodell raised issues about the “Frontline” documentary and demanded that Skipper take some action to protect the NFL brand.

Commissioners are always trying to strong-arm or sweet-talk ESPN executives, especially Skipper. How well they succeed is a matter of constant speculation, both among Ombuddies and from some inside ESPN. Right or wrong, there is a perception that the company’s decisions -- both long-term and moment-by-moment -- are often made to promote, or at least not provoke, important “partners.”

When I spoke to Skipper on Friday and told him that my sources indicated he had discussed the “Frontline” partnership with Disney chairman and CEO Bob Iger, as well as lawyers at both Disney and ESPN, he confirmed that was true. Skipper noted, however, that he had made the calls to advise those parties of his decision to “remove the brand because we did not control the content.” He denied that anyone at Disney or the NFL demanded the action.

Said Skipper, “I am the only one at ESPN who has to balance the conflict between journalism and programming.”

ESPN’s public reasoning for separating from “Frontline” was tied to oversight, with the network saying “Because ESPN is neither producing nor exercising editorial control over the Frontline documentaries, there will be no co-branding involving ESPN on the documentaries or their marketing materials.” On Friday, Skipper released a statement of editorial support, saying “I want to be clear about ESPN’s commitment to journalism and the work of our award-winning enterprise team. We will continue to report this story and will continue to support the work of Mark Fainaru-Wada and Steve Fainaru. We have respect as well for the efforts of the people at ‘Frontline.’ ”

Which takes us back to the challenge of ESPN’s “dueling journalism and profit motives.” What exactly happened here, and how should we feel about it?

If, as Skipper told me, the ESPN-“Frontline” association was “a loose arrangement,” it seems an unusually sloppy execution for ESPN, an organization that is usually much more buttoned-up. (Raney Aronson, the deputy executive producer for “Frontline,” told me the arrangement was more of an “editorial exchange” and that “we were working on a piece of paper” -- meaning some legal memorialization of the partnership.)

Was attention not being paid at ESPN? Too much time spent acquiring tennis rights, the SEC, Keith Olbermann, Nate Silver and Jason Whitlock, and not enough on journalism?

Was ESPN naïve about the relationship with a hard-driving documentary unit whose viewership, not to mention its bottom line, was not invested in football? Was it also naïve to fail to anticipate the inevitable reaction from the NFL, which from the beginning had pointedly refused to cooperate with “Frontline” (no league footage, no Goodell interview, limited access to doctors who advise the NFL on concussions)? The league was not happy with a recent OTL report on one of its main doctors -- which ran on ESPN’s platforms just last weekend -- so why would it support “League of Denial”?

Or did ESPN cave in to pressure from the NFL or Disney or both? And if so, really, what was the point? It couldn’t have been to stifle interest in the project. The media coverage of ESPN’s decision to remove its imprimatur from the “Frontline” films will probably result in both a sales and ratings boost for the book and documentaries, respectively.

So what just happened? Beats me. At best we've seen some clumsy shuffling to cover a lack of due diligence. At worst, a promising relationship between two journalism powerhouses that could have done more good together has been sacrificed to mollify a league under siege. The best isn't very good, but if the worst turns out to be true, it’s a chilling reminder how often the profit motive wins the duel.

This is a dicey time for the journalism side of the ESPN bifurcation. For all the current fuss, an even stronger message than ESPN’s disassociation from the “Frontline” project was the network’s recent decision to reschedule the Sunday morning OTL show from 9 a.m. on ESPN to 8 a.m. on ESPN 2 during the fall. A justifiably proud show is being demoted … for more football talk!

I’ll be staying on this story, as circumstances warrant, but will leave you for now with both foreboding and optimism.

“It’s sad because it sounds like a terrible blow for journalism at ESPN,” Sandy Padwe, a Columbia journalism professor, said of ESPN’s breakup with “Frontline.” Padwe, who recently ended a hitch of almost 19 years as a consultant to OTL, added that many journalists inside of ESPN are “demoralized by the capitulation and so much fine work is being marginalized.”

But Bray, the producer who has been among several in the forefront of the concussion investigations for ESPN, told me, “This issue is about branding, not about journalism. We will still get to do the stories, and no one will interfere with that.”
http://espn.go.com/blog/ombudsman/po...or-compromised





‘Cuckoo’s Calling’ Reveals Long Odds for New Authors
James B. Stewart

“The Cuckoo’s Calling” became the publishing sensation of the summer when word leaked that its first-time author, Robert Galbraith, was none other than J. K. Rowling, the mega-best-selling creator of Harry Potter.

Mystery solved? Maybe not. It’s no surprise that “The Cuckoo’s Calling,” a detective story set in a London populated by supermodels and rock stars, shot to the top of best-seller lists once the identity of the author was revealed. But if the book is as good as critics are now saying it is, why didn’t it sell more copies before, especially since the rise of online publishing has supposedly made it easier than ever for first-time authors?

“It makes me sad,” Roxanne Coady, founder of R. J. Julia Booksellers in Madison, Conn., and the online retailer JustTheRightBook.com, told me last week from Maine, where she said she was sitting near a stack of unread new books. “Because not everyone turns out to be a J. K. Rowling. It reminds me how difficult it is for even good books to succeed.”

It’s not entirely clear why Ms. Rowling decided she wanted “to fly under the radar,” as she put it on the Robert Galbraith Web site, other than to say that “being Robert Galbraith has been all about the work, which is my favorite part of being a writer.” Writing under a pseudonym obviously ruled out any tedious book signings or publicity appearances, but Ms. Rowling doesn’t have to do anything she doesn’t want to.

And it wasn’t about money, since Ms. Rowling is donating all royalties to charity. “If sales were what mattered to me most, I would have written under my own name, and with the greatest fanfare,” she said. (A spokeswoman in London for Ms. Rowling responded to my questions by directing me to the Galbraith Web site, and said Ms. Rowling would have no further comment.)

Ms. Rowling’s last book, “The Casual Vacancy,” an adult comedy of manners published under her name and the first since the end of the Potter series, was met with high expectations and withering reviews from prominent critics. Michiko Kakutani wrote in The New York Times, “the real-life world she has limned in these pages is so willfully banal, so depressingly clichéd that ‘The Casual Vacancy’ is not only disappointing — it’s dull.” The Los Angeles Times faulted “Rowling’s inability to engage us, to invest us sufficiently in her characters.”

Still, with hardcover sales of just over 1.3 million copies, it was the No. 1 hardcover fiction title of 2012, according to Publishers Weekly’s annual ranking, outselling John Grisham, James Patterson and Danielle Steel.

Ms. Rowling may well have felt that the reaction, both critical and commercial, was distorted by her fame, and hence decided on a pseudonym for “The Cuckoo’s Calling.” It’s not clear exactly who was in on the secret: her agent, of course, and at least someone at Little, Brown & Company, her publisher, including her editor, who also edited “The Casual Vacancy.” (“The Cuckoo’s Calling” was published by Mulholland Books, a Little, Brown imprint.) “Few people within the publishing house knew the true identity of Robert at the time,” Nicole Dewey, a Little, Brown spokeswoman, told me, declining to be more specific about who knew.

But that already distorted the experiment to some extent. Given how difficult it is for first-time fiction authors, especially in a crowded genre like mystery, to find both an agent and publisher, it’s not clear “The Cuckoo’s Calling” would have made it off the slush piles. At least one other publisher, Orion Books, which like Little, Brown, is a subsidiary of the Hachette Book Group, rejected the manuscript. An editor there told The Telegraph in London that the book “didn’t stand out.”

In any event, a publishing contract is hardly a guarantee of critical or commercial success. Much depends on how a new manuscript is treated by the publisher. Morgan Entrekin, the president and publisher of Grove Atlantic, is widely viewed as a master at introducing new literary talent to the marketplace. He published “Cold Mountain” by then first-time novelist Charles Frazier, which went on to win the National Book Award and sell over 11 million copies.

“There’s no question, if a publisher decides to get behind a book, to invest its publishing capital, to use its traction with the chains, with Amazon, fight for the promotion money to get the book into the front of stores, you can do a lot to bring attention to a worthy first novel,” he said.

Mr. Entrekin cited “Matterhorn,” by first-time novelist Karl Marlantes, which he published in 2010. The author “worked on the book for over 20 years and couldn’t find a publisher,” Mr. Entrekin said. Then, as the book was about to be published in a tiny first edition, Mr. Entrekin got a copy from a buyer at Barnes & Noble, loved it, and bought out the first printing.

He re-edited it, cut 300 pages, got advance quotes from prominent authors, introduced the author to booksellers and hosted a media lunch in Manhattan. Amazon.com gave the book a glowing review, chose it as a best book of the month, and got an exclusive review from Mark Bowden, author of “Black Hawk Down.” “ ‘Matterhorn’ is a great novel,” his review began. It sold over 400,000 copies.

“I invested tens of thousands of dollars and a lot of publishing capital over nine months because I believed in that book,” Mr. Entrekin said. “This is what publishers can do to add value. It’s not slapping on a name like J. K. Rowling.”

Of course, most new books don’t get that kind of support. Suffice it to say that “The Cuckoo’s Calling” didn’t, even though Ms. Dewey told me it “was treated like any new novel by a first-time writer. Little, Brown sent out bound galleys and talked it up to retailers, as they do with all new titles. We aim for all of our books to reach the widest possible audience and make every effort to market and publicize each title in a way that connects it with that audience.”

I spoke to several book retailers, at both large chains and independent stores, and not one could recall seeing an advance reading copy, or hearing anything from the Little, Brown sales representatives.

“There was absolutely no buzz,” Ms. Coady said. “There was no direct correspondence from the editor or a publicist. We didn’t hear anything from the sales representatives. They’ll usually tell us that there are five to 10 books on their list that we want to make sure you read. They know our customers and what they like, so we trust them. This book wasn’t one of them. I don’t know if we bought any copies. Maybe one.”

The publisher procured two quotes, or blurbs, for its news release, one from the Scottish crime writer Val McDermid, the other from the English novelist and actor Mark Billingham, who said, perhaps all too presciently, that the book was “so instantly compelling it’s hard to believe this is a debut novel.” Booksellers said Little, Brown could have rustled up more prominent authors, including at least one American.

Nor did “The Cuckoo’s Calling” get much critical attention. I asked Little, Brown for reviews that appeared before the identity of the author was known, and the only examples it provided were from Publishers Weekly, Library Journal and Booklist, all trade publications. Several newspapers reviewed it in London, but no mainstream American book critic did. The early reviews were positive — far more so than those for “Casual Vacancy” — which must have been heartening to Ms. Rowling. But those in Publishers Weekly and Booklist were a single paragraph, and they failed to generate much buzz or help it stand out from the masses of genre fiction published each year.

It’s not clear how many copies had sold by the time Mr. Galbraith’s identity was revealed in July by The Times of London. The BBC reported that it had sold just 1,500 printed copies. Ms. Rowling, on the Galbraith Web site, maintains that the book had sold 8,500 copies across all formats and received two offers from television producers. “Robert was doing rather better than we expected him to,” she wrote. Ms. Dewey said it had sold an additional 5,000 copies in the United States, for a total of 13,500, which is “a great achievement for any unknown author.” Still, from Ms. Coady’s perspective as a bookseller, “It would have stayed on the path it was on, which is towards oblivion.”

If Ms. Rowling had been paid the traditional 15 percent of the $26 hardcover price in royalties, and less on e-books, that would amount to less than $50,000.

The experiment, of course, was over. It’s safe to say that “The Cuckoo’s Calling” has gotten more media attention than any other book this year, thanks to Ms. Rowling’s celebrity and her unmasking. “The Cuckoo’s Calling” was immediately reviewed pretty much everywhere. Ms. Kakutani called it “a highly entertaining book that’s way more fun and way more involving” than “The Casual Vacancy.”

“I read it,” Ms. Coady said. “It’s pretty good. Is it brilliant? No. It’s a classic detective story, better written than most.”

Little, Brown told me this week that “The Cuckoo’s Calling” has sold 1.1 million copies in all formats, and is still on best-seller lists. “It’s the power of the author brand,” Mr. Entrekin said. “It transformed the exact same text into a far more salable book. It got media attention all over the world. That’s a level of attention you can’t buy at any price.”

What’s clear is that without the aura of celebrity, “The Cuckoos’ Calling” would have been just another work of debut crime fiction. Its author might have gotten a modest TV deal, and maybe another book contract, while working another job to make ends meet. “Most books come out and do nothing,” Ms. Coady said. “There are still too many books being published. We can only get behind so any books, and then hope they take off on their own. It worries me that so many slip through the cracks.”

New authors can still make the best-seller lists, as Ms. Rowling herself did with the Potter books, or E. L. James with the erotic “Fifty Shades of Grey.” But they are extreme exceptions. Mr. Entrekin agreed that many good books don’t achieve the success they deserve. “There’s no formula,” he said. “A publisher can only do so much. A book’s fate is ultimately in the hands of the book gods.”
http://www.nytimes.com/2013/08/31/bu...w-authors.html





China Suffers Major DDoS Attack on .cn Domain

It's still unclear where the DDoS attack originated from
Michael Kan

China's Internet on early Sunday morning suffered a major distributed denial of service (DDoS) attack that briefly disrupted and slowed access to sites in the .cn domain.

The DDoS attack was the largest in history against the domain servers for China's .cn ccTLD (country code top level domain), according to the China Internet Network Information Center (CNNIC), which administers the domain.

The first attack started Sunday around midnight Beijing time, and was then succeeded by a larger attack at 4 a.m, the CNNIC said in an Internet posting. A number of sites were affected, but Internet service to the sites had been gradually restored by 10 a.m. Sunday

It's unclear where the attack originated from or if it was still continuing. A CNNIC spokeswoman said on Monday it would update the public once more information was gathered. Chinese regulators have already launched unspecified measures to protect the domain system, while CNNIC has apologized for the disruption.

China has often been accused of launching DDoS attacks. In this year's first quarter, it was the top source country for DDoS attacks, according to security vendor Prolexic. The U.S. was ranked second.

DDoS attacks can commonly work by deploying armies of hacked computers to send traffic to a website, saturating it with data so that it becomes inaccessible to normal users.

China, however, has said its facing a surge of Trojan and botnet attacks against the country. Many of those attacks are coming from the U.S., South Korea and Germany. China has also denied the country sponsors hacking, despite claims brought by U.S. officials and security vendor Mandiant that its government actively conducts cyber-espionage.
http://www.itworld.com/internet/3704...tack-cn-domain





Times Site Is Disrupted in Attack by Hackers
Christine Haughney and Nicole Perlroth

The New York Times Web site was unavailable to readers on Tuesday afternoon after an online attack on the company’s domain name registrar. The attack also forced employees of The Times to take care in sending e-mails.

The hacking was just the latest of a major media organization, with The Financial Times and The Washington Post also having their operations disrupted within the last few months. It was also the second time this month that the Web site of The New York Times was unavailable for several hours.

Marc Frons, chief information officer for The New York Times Company, issued a statement at 4:20 p.m. on Tuesday warning employees that the disruption — which appeared to be affecting the Web site well into the evening — was “the result of a malicious external attack.” He advised employees to “be careful when sending e-mail communications until this situation is resolved.”

In an interview, Mr. Frons said the attack was carried out by a group known as “the Syrian Electronic Army, or someone trying very hard to be them.” The group attacked the company’s domain name registrar, Melbourne IT. The Web site first went down after 3 p.m.; once service was restored, the hackers quickly disrupted the site again. Shortly after 6 p.m., Mr. Frons said that “we believe that we are on the road to fixing the problem.”

The Syrian Electronic Army is a group of hackers who support President Bashar al-Assad of Syria. Matt Johansen, head of the Threat Research Center at White Hat Security, posted on Twitter that he was directed to a Syrian Web domain when he tried to view The Times’s Web site.

Until now, The Times has been spared from being hacked by the S.E.A., but on Aug. 15, the group attacked The Washington Post’s Web site through a third-party service provided by a company called Outbrain. At the time, the S.E.A. also tried to hack CNN.

Just a day earlier, The Times’s Web site was down for several hours. The Times cited technical problems and said there was no indication the site had been hacked.

The S.E.A. first emerged in May 2011, during the first Syrian uprisings, when it started attacking a wide array of media outlets and nonprofits and spamming popular Facebook pages like President Obama’s and Oprah Winfrey’s with pro-Assad comments. Their goal, they said, was to offer a pro-government counternarrative to media coverage of Syria.

The group, which also disrupted The Financial Times in May, has consistently denied ties to the government and has said it does not target Syrian dissidents, but security researchers and Syrian rebels say they are not convinced. They say the group is the outward-facing campaign of a much quieter surveillance campaign focused on Syrian dissidents and are quick to point out that Mr. Assad once referred to the S.E.A. as “a real army in a virtual reality.”

In a post on Twitter on Tuesday afternoon, the S.E.A. also said it had hacked the administrative contact information for Twitter’s domain name registry records. According to Whois.com, the S.E.A. was listed on the entries for Twitter’s administrative name, technical name and e-mail address.

Twitter said that at 4:49 p.m., the domain name records for one image server, twimg.com, were modified, affecting the viewing of images and photos for some users. By 6:29 p.m. the company said, it had regained control, although as of early evening, some users were still reporting problems receiving images.

The social networking company, based in San Francisco, said no user information had been affected.

Mr. Frons said the attacks on Twitter and The New York Times required significantly more skill than the string of S.E.A. attacks on media outlets earlier this year, when the group attacked Twitter accounts for dozens of outlets including The Associated Press. Those attacks caused the stock market to plunge after the group planted false tales of explosions at the White House.

“In terms of the sophistication of the attack, this is a big deal,” Mr. Frons said. “It’s sort of like breaking into the local savings and loan versus breaking into Fort Knox. A domain registrar should have extremely tight security because they are holding the security to hundreds if not thousands of Web sites.”

Vindu Goel contributed reporting.
http://news.nytco.com/2013/08/28/bus...-web-site.html





New York Times Outage Traced to Phishing Email to Melbourne IT Partner
Paresh Dave

Melbourne IT, an Australian firm that allows website owners to buy addresses such as latimes.com, said the downtime suffered by the New York Times website Tuesday began when hackers gained access to the user name and password of one of the company's sales partners.

Using those reseller's credentials, hackers changed the records that tell computers around the world from where to download web pages when someone types NYTimes.com into an Internet browser.

[Updated, 8:27 a.m. Aug. 28: The U.S.-based sales partner’s credentials ended up in the hackers’ hands after a targeted phishing attack was directed at the firm’s staff, Melbourne IT Chief Technology Officer Bruce Tonkin said early Wednesday. Essentially, several people at the U.S. firm were duped by emails that coaxed them into giving up log-in credentials.

PHOTOS: Biggest tech flops of 2013 -- so far

“We have obtained a copy of the phishing email and have notified the recipients of the phishing email to update their passwords,” Tonkin said in an email. “We have also temporarily suspended access to affected user accounts until passwords have been changed.”]

Late Tuesday, Melbourne IT spokesman Tony Smith said said the company was reviewing how to improve security.

"We are currently reviewing our logs to see if we can obtain information on the identity of the party that has used the reseller credentials, and we will share this information with the reseller and any relevant law enforcement bodies," he added.

Smith recommended that "for mission critical (domain) names," domain-name owners use additional security features available from domain name registries that cost money but limit changes that can be made without extra authorization.

"Some of the domain names targeted on the reseller account had these lock features active and were thus not affected," Smith said.

The hacking group also appeared to have tried to redirect visitors of some Twitter services and Huffington Post U.K., but they didn't suffer easily visible outages.

Marc Frons, chief information officer for the New York Times Co., told the newspaper that he attributed the breach to “the Syrian Electronic Army or someone trying very hard to be them.” He warned company employees to refrain from sending sensitive email messages because the records changes made by the hackers could have allowed them to hijack emails.

The Syrian group did not immediately offer a reason for Tuesday’s attack, but it came as the White House debated how to respond to clear indications that the Syrian government launched a chemical attack on its civilians. Cybersecurity analysts said the incident highlighted the fact that every war will now have an online component.

"Website defacements ... are more about image and propaganda than anything else, but the ubiquity of the World Wide Web and the amplification power of computer networks guarantee that information operations are more important than ever," said Kenneth Geers, senior global threat analyst for the cybersecurity firm FireEye. He called the attack "a propaganda coup" for the Syrian Electronic Army that at least brought the hacking group free advertising.

Hackers have long defaced popular websites to direct attention to issues they consider important, but the number and intensity of the attacks continue to grow. The websites of the Washington Post, Financial Times, CNN and Time magazine have also been affected in recent months.

The NYTimes.com website was down for more than six hours. In the meantime, visitors saw either error messages or web pages created by the Syrian Electronic Army. The New York Times was able to get the redirection blocked by working with other Internet service providers. The company that hosts the website of the Syrian Electronic Army, for example, suspended the account.

Experts say these kind of disruptions are expected to continue.

“As long as media organizations play a critical role as influencers and critics, they will continue to be targets of cyber-attacks,” said Michael Fey, chief technology officer for computer security giant McAfee.

As news organizations have improved their own computer security, hackers have looked for weak spots at outside services the companies use.

Security analysts said other hackers, driven primarily by a desire to make money, may have used the sort of power they held while inside Melbourne IT's systems to send visitors to websites laden with computer viruses.

"It's what they could have done that really scares me," said HD Moore, chief research officer for cybersecurity firm Rapid7.

The New York Times suffered an hourlong outage earlier this month but attributed it to “technical difficulties” during a routine morning maintenance operation.
http://www.latimes.com/business/tech...,7651273.story





“thereisnofatebutwhatwemake”—Turbo-Charged Cracking Comes to Long Passwords

Cracking really long passwords just got a whole lot faster and easier.
Dan Goodin

For the first time, the freely available password cracker ocl-Hashcat-plus is able to tackle passcodes with as many as 55 characters. It's an improvement that comes as more and more people are relying on long passcodes and phrases to protect their website accounts and other online assets.

Until now, ocl-Hashcat-plus, the Hashcat version that can use dozens of graphics cards to simultaneously crack huge numbers of cryptographic hashes, has limited guesses to 15 or fewer characters. (oclHashcat-lite and Hashcat have supported longer passwords, but these programs frequently take much longer to work.) Released over the weekend, ocl-Hashcat-plus version 0.15 can generally accommodate passwords with lengths of 55 characters. Depending on the hash that's being targeted and the types of cracking techniques being used, the maximum can grow as high as 64 characters or as low as 24. The long sought-after improvement targets one of the last remaining defenses people employ to make their passwords resistant to cracking.

"This was by far one of the most requested features," Jens Steube, the lead Hashcat developer who also goes by the handle Atom, wrote in the release notes for the new version. "We resisted adding this 'feature' as it would force us to remove several optimizations, resulting in a decrease in performance for most algorithms. The actual performance loss depends on several factors (GPU, attack mode, etc.), but typically averages around 15 percent."

As leaked lists of real-world passwords proliferate, many people have turned to passwords and passphrases dozens of characters long in hopes of staying ahead of the latest cracking techniques. Crackers have responded by expanding the dictionaries they maintain to include phrases and word combinations found in the Bible, common literature, and in online discussions. For instance, independent password researcher Kevin Young recently decoded one particularly stubborn hash as the cryptographic representation of "thereisnofatebutwhatwemake." Such cracks are known as "offline attacks" because they target the hashes leaked as a result of a database compromise, allowing the person who recovers the hashes to try an unlimited number of guesses until the correct plaintext passwords are found. Once the underlying credentials are revealed, a hacker can use them to compromise the online account they secure.

Yiannis Chrysanthou, a security researcher who recently completed his MSc thesis on modern password cracking, was able to crack the password "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn1." That's the fictional occult phrase from the H.P. Lovecraft short story The Call of Cthulhu. It would have been impossible to use a brute-force attack or even a combined dictionary to crack a phrase of that length. But because the phrase was contained in this Wikipedia article, it wound up in a word list that allowed Chrysannthou to crack the phrase in a matter of minutes.

Until now, hackers and security consultants who cracked such words had to use software controlling the central processing unit of their computer or that used one or more graphics cards to crack a single hash. This weekend's update means that for the first time, Hashcat users can achieve speeds as high as eight billion guesses per second on a virtually unlimited number of compromised hashes. Breaking the 15-character limit is just one of several improvements designed to bring increased speed and precision to the password cracking program.

Microsoft Active Directory, anyone?

Another enhancement is the support of a new technique that allows crackers to radically reduce the number of password guesses by customizing their attacks to the password policy of company or organization they're targeting. Short for Password Analysis and Cracking Kit, the PACK toolkit was developed by researcher Peter Kacherginsky and can save huge amounts of time, particularly when targeting corporate networks.

"If we're a pentester, and we're to audit an AD [short for Microsoft Active Directory] domain, we typically face a password policy," Steube wrote. "Password policies aren't always very clever; most of the time, they force users to select passwords with predictable patterns... Using a specific set of masks we can avoid candidate passwords that do not match the policy, thus reducing the keyspace efficiently."

ocl-Hashcat-plus targets a much wider number of popular cryptographic products and applications, including TrueCrypt 5.0 and beyond, 1Password, Lastpass, the SHA256 algorithm in the Unix operating system, and hashing operations found in the latest version of Apple's OS X operating system. The program also supports a much wider array of video cards from both Nvidia and AMD.

In all, Hashcat developers spent more than six months modifying 618,473 lines of source code, accounting for more than half of the Hashcat code base. Going up against a typical TrueCrypt configuration, a PC running ocl-Hashcat-plus and two AMD HD 6990 video cards can cycle through 223,000 password candidates each second, fast enough to exhaust all 14.3 million words contained in the seminal RockYou dump of passwords in 65 seconds. In many cases the slowdowns created by the support of long passwords has been offset by enhancements made to other parts of the program. One such improvement arranges passwords continued in user-supplied lists by the number of characters. Under many conditions, this can significantly reduce the time needed for GPUs to process the data.

The new version of Hashcat came two days after developers for Russia-based ElcomSoft updated the company's Phone Password Breaker software. The fee-based forensic tool now supports the selective recovery of certain types of data stored in Apple's iCloud service. The new version allows users to retrieve contacts, call logs, pictures, or other specific types of backed up data without having possession of the original iPhone, as long as the attacker has the user's Apple ID and password.
http://arstechnica.com/security/2013...ong-passwords/





Physicists Test Quantum Cryptography For Handheld Mobile Devices

Quantum cryptography has only ever been possible between places equipped like quantum optics laboratories. Now physicists have worked out how to do it with handheld mobile devices
The Physics arXiv Blog

Quantum cryptography uses the laws of physics to guarantee the secrecy of messages sent from one location to another. It is one of the few quantum technologies that is become mature enough to make the leap from the laboratory to the commercial world.

So governments, the military and commercial organisations such as banks are all interested having this kind of perfect secrecy. And indeed a number of companies have cropped up in the last 10 years to sell the service.

One problem is that quantum cryptography is only possible between places that have the kind of gear usually only found in quantum optics laboratories. It generally requires that both the transmitter and receiver have a source of single photons, a way of controlling and modifying individual photons and superconducting photon detectors.

What’s more, the equipment at each end has to be carefully aligned so that both parties are able to detect the polarisation of the photons they send. And if there is any noise that changes the polarisation of the photons, the cryptography simply doesn’t work.

That scuppers any possibility of using quantum cryptography with handheld devices which would obviously be difficult to align.

Today, Jeremy O’Brien at the University of Bristol and a few pals reveal a way to solve this problem which they say could make quantum cryptography available in handheld machines.

In the new technique, only one of the parties, Alice say, needs to have the quantum optics gear such as a source of photons and so on. Alice creates the photons and then sends them down an ordinary optical fibre to Bob, the other party.

Bob, merely modifies the photons to encode them with information before sending them back to Alice. This dramatically simplifies the equipment Bob requires, allowing it to fit in a handheld device.

O’Brien and co also use a robust form of quantum key distribution that does not require Alice and Bob to align their equipment before making a measurement.

Instead Alice and Bob make measurements in random directions and then publish the list of directions for anyone to see. Only those measurements that happened to be aligned contribute to the code.

As long as the alignment between Alice and Bob’s devices changes slowly compared to the rate at which photons pass back and forth between them, this mechanism works pretty well. O’Brien and co call the new technique “reference frame independent quantum key distribution” or rfiQKD.

O’Brien and co compare the new technique to a conventional quantum cryptography protocol known as BB84 and it comes off well. When the team deliberately add noise to simulate a change in alignment, the BB84 protocol immediately stops working.

By contrast, rfiQKD is much more robust. It works when noise levels are high and even when it becomes overwhelmed, it begins running again as soon as noise levels drops, unlike the BB84 protocol. “We demonstrated the automatic, passive recovery capability of our system after periods of rapid and substantial noise that force a protocol failure,” say the team.

The end result is a system that has the potential to bring quantum cryptography to a much wider range of applications than has been possible before now, say O’Brien and co. “The results significantly broaden the operating potential for QKD outside of the laboratory and pave the way for quantum enhanced security for the general public with handheld mobile devices.”

Ref: arxiv.org/abs/1308.3436 : Reference Frame Independent Quantum Key Distribution Server With Telecom Tether For On-Chip Client
http://www.technologyreview.com/view...obile-devices/





Feds Plow $10 Billion Into “Groundbreaking” Crypto-Cracking Program

Consolidated Cryptologic Program has 35,000 employees working to defeat enemy crypto.
Dan Goodin

The federal government is pouring almost $11 billion per year into a 35,000-employee program dedicated to "groundbreaking" methods to decode encrypted messages such as e-mails, according to an intelligence black budget published by The Washington Post.

The 17-page document, leaked to the paper by former National Security Agency (NSA) contractor Edward Snowden, gives an unprecedented breakdown of the massive amount of tax-payer dollars—which reached $52 billion in fiscal 2013—that the government pours into surveillance and other intelligence-gathering programs. It also details the changing priorities of the government's most elite spy agencies. Not surprisingly, in a world that's increasingly driven by networks and electronics, they are spending less on the collection of some hard-copy media and satellite operations while increasing resources for sophisticated signals intelligence, a field of electronic spying feds frequently refer to as "SIGINT."

"We are bolstering our support for clandestine SIGINT capabilities to collect against high priority targets, including foreign leadership targets," James Clapper, director of national intelligence, wrote in a summary published by the WaPo. "Also, we are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit Internet traffic."

The document goes on to reveal that something called the Consolidated Cryptologic Program has received more than $10 billion annually for the past four years, and it employs about 35,000 people. It also shows that 23 percent of this year's program funding supported collection and operations, 15 percent went to processing and exploitation, and 14 percent funded analysis and production.

The document and the WaPo reporting don't detail the methods or specific capabilities of the program. As Ars reported earlier this month, some cryptographers are growing increasingly concerned that breakthroughs in discrete mathematics could soon spawn a so-called cryptopocalypse that could undermine the security of core encryption algorithms. Security expert Bruce Schneier and other cryptographers have publicly doubted the likelihood of such a scenario happening anytime soon, but since there's no mathematical proof that the theory isn't possible, there's no way to dismiss the possibility. And if anyone were to find a way to break the RSA encryption algorithm and other widely used technologies, it would most likely be an army of 35,000 mathematicians and cryptographers with more than $10 billion per year at their disposal.

The document also shows that that CIA received about $14.7 billion in 2013, more than the $10.8 billion earmarked for the NSA. In all, there are more than 107,000 employees in various US intelligence programs, according to the WaPo. The paper also reported that the NSA employs 64 percent of all military personnel in the program, at 14,950.
http://arstechnica.com/security/2013...cking-program/





Hacker Pleads Guilty to Selling FBI Access to U.S. Supercomputers
David Kravets

A 24-year-old Pennsylvania hacker pleaded guilty today to accusations he tried to sell access to Energy Department supercomputers he unlawfully accessed.

The defendant, who remains free pending a November sentencing date, faces as much as 18 months behind bars under a plea deal (.pdf) with Massachusetts federal authorities.

Among other exploits, Andrew James Miller pleaded guilty to propositioning an undercover Federal Bureau of Investigation agent during an online chat to pay him $50,000 for “root” access to the supercomputers at the National Energy Research Scientific Computing Center at the Lawrence Berkeley National Lab California.

Using the handle “Green,” he pasted during the chat that he had proof of access, the government said in an indictment. The research center, which houses some of the world’s most powerful computers, offers high-end computing power for Energy Department-approved projects.

The defendant, a member of the hacking group Underground Intelligence Agency, was arrested and indicted (.pdf) in June. A fellow member of the group, Robert Burns, who went by the handle “Intel,” assisted authorities with the prosecution, court documents show.

Miller gained access to the supercomputers via hacking into a Japanese university that had connections to those computers, the government said. Miller told FBI agents that he also had access to the supercomputers via Harvard University and the University of California at Davis.

The feds never paid him the $50,000, according to court records. (.pdf)

According to court documents, the defendant bragged to FBI agents online that he had broken into the corporate servers of American Express, Yahoo, Google, Adobe, WordPress and other companies and universities.

The authorities said they paid him $1,000, via Western Union, for access to the entire corporate network of RNKTel, a Massachusetts-based telco.

“According to RNKTel, with that administrator-level access, a bad actor could not only have accessed RNKTel’s confidential business records but could also have altered customer accounts to obtain, for free, the telecommunication services that RNKTel sells to its customers,” prosecutors said.

For $1,200, the FBI bought from Miller a database of thousands of log-in credentials of the ISP Layered Tech of Texas. Miller also sold the FBI — for $1,000 — access to the domain of the Domino’s Pizza chain, according to court records.
http://www.wired.com/threatlevel/201...mputer-access/





Allegations that NSA Tool Can Neutralize Common Online Security

Information has surfaced regarding surveillance software allegedly in use by the NSA that is able to neutralize SSL, or Secure Sockets Layer, and HTTPS, that being one of the internet’s most common ways to encrypt private information.

Details regarding an unsecured database operated by Parabon Computing that was probed by a user known via Twitter as “AgentViz” was posted to the website Encyclopedia Dramatica. Parabon markets sophisticated products such as Blitz, which allow IT managers to experience dealing with simulated denial-of-service attacks on their networks.

RT America was approached by Anonymous on Monday with a tip on the alleged surveillance tool called 'Locksmith', and a link to the Encyclopedia Dramatica entry. The group as a whole seems to take no role in the information that has been posted, and its legitimacy remains in question.

According to the initial information provided, that software plays a role in the data packet surveillance brought to light by Edward Snowden’s PRISM leaks, which revealed the existence of a number of tools employed by American intelligence services to collect the online information on a grand and unregulated scale.

Encyclopedia Dramatica (or ED) is known within the hacktivist subculture as a satirical open wiki full of in-jokes, though it has often held important information as well, such as in the case of the FBI’s and Scotland Yard’s investigation and arrest of Ryan Cleary who was involved in the 2011 cyber attack of Sony.

The ED entry RT was directed to on that site entitled 'Parabon Leaks' refers to the Locksmith software, which can allegedly neutralize the encrypted SSL protocol, which works together with HTTPS, another common and trusted privacy layer available to online users for secure payments, instant messaging, and on email and social networking sites, among others.

In essence, the adoption of HTTPS allows for what websites offer as "secure" payment online, and is therefore vital to online commerce. Beyond payment transactions, SSL -- which acts as the virtual "handshake" of security certificates that work over HTTPS -- are also critical to securing online access over Wi-Fi connections, as well as for the popular Tor anonymity network tool.

The Locksmith software appears to be a product of AccessData, a digital forensics company. The entry on the wiki contains screenshots of product brochures which detail Locksmith’s ability to scan, monitor and analyze SSL encrypted data.

AccessData bills the software for use within networks by IT managers, though the allegation is that the same capabilities can then be employed by Locksmith to parse through the mountains of data collected by the NSA to decrypt SSL/HTTPs data indiscriminately.

Though the product’s details are stated so matter-of-fact as to appear mundane, according to Anonymous the technical hurdles in truly determining what Locksmith is capable of doing has resulted in their discovery to be disregarded. Still, the group insists that Locksmith represents yet another piece of software currently in use by NSA surveillance operations. Beyond Locksmith, the ED entry includes a number of other documents, as well as mention of more software including "Jigsaw."

The Parabon Leaks entry mentions that journalist Glenn Greenwald, now a key figure writing on Edward Snowden's NSA revelations, was contacted with links to the information but so far appeared to have disregarded the potential leak.

According to security expert Mikko Hyppönen of F-Secure Labs, he was made aware of the ED entry and its information over the weekend, but has not yet confirmed the veracity of the claims.

The group itself acknowledges that it may take months to understand what Locksmith represents, though it alleges that the NSA is attacking its information leak by shutting down links and editing pages on its open wiki that tells users to disregard Locksmith as “boring” and “common” IT software with no connection to PRISM.
http://rt.com/usa/allegations-nsa-to...pts-https-085/





Cyberspying: Government May Ban Gmail for Official Communication

The government will soon ask all its employees to stop using Google's Gmail for official communication.
ET Bureau

The government will soon ask all its employees to stop using Google's Gmail for official communication, a move intended to increase security of confidential government information after revelations of widespread cyberspying by the US.

A senior official in the ministry of communications and information technology said the government plans to send a formal notification to nearly 5 lakh employees barring them from email service providers such as Gmail that have their servers in the US, and instead asking them to stick to the official email service provided by India's National Informatics Centre.

"Gmail data of Indian users resides in other countries as the servers are located outside. Currently, we are looking to address this in the government domain, where there are large amounts of critical data," said J Satyanarayana, secretary in the department of electronics and information technology.

Snowden fallout
The move comes in the wake of revelations by former US National Security Agency contractor Edward Snowden that the US government had direct access to large amounts of personal data on the internet such as emails and chat messages from companies like Google, Facebook and Apple through a programme called PRISM.

Documents leaked by Snowden showed that NSA may have accessed network infrastructure in many countries, causing concerns of potential security threats and data breaches. Even as the new policy is being formulated, there has been no mention yet of how compliance will be ensured.

Several senior government officials in India, including ministers of state for communications & IT Milind Deora and Kruparani Killi, have their Gmail IDs listed in government portals as their official email.

A Google India spokeswoman said the company has not been informed about the ban, and hence it cannot comment on speculation. "Nothing is documented so far, so for us, it is still speculation," Google said in an email response.

A senior official in the IT department admitted on condition of anonymity that employees turn to service providers such as Gmail because of the ease of use compared with official email services, as well as the bureaucratic processes that govern creation of new accounts.

"You can just go and create an account in Gmail easily, whereas for a government account, you have to go through a process because we have to ensure that he is a genuine government user."

Last week, IT Minister Kapil Sibal said the new policy would require all government officials living abroad to use NIC servers that are directly linked to a server in India while accessing government email services. Sibal said there has been no evidence of the US accessing Internet data from India.

Sunil Abraham, executive director of Bangalore-based research firm Centre for Internet and Society, said he agrees with the government's decision to ban Gmail for official communication and that any official violating this needs to be punished.

"After Snowden's revelations, we can never be sure to what extent foreign governments are intercepting government emails," he said. Abraham, however, called the government's decision a "late reaction", as the use of Gmail and other free email services by bureaucrats has increased in the past.

"Use of official government email would also make it easier to achieve greater transparency and anti-corruption initiatives. Ministers, intelligence and law enforcement officials should not be allowed to use alternate email providers under any circumstance."
http://timesofindia.indiatimes.com/t...w/22156529.cms





NSA Leaks: David Cameron's Response Is Intimidation, Says World Press Body

World Association of Newspapers and News Publishers tells the UK government its actions could threaten press freedom
Josh Halliday

David Cameron has been warned by a world newspaper body that his response to the NSA leaks colud threaten the freedom of the press. Photograph: Ben Stansall/AFP/Getty Images

David Cameron has been told that the government's attempt to destroy sensitive leaked documents about mass surveillance was "an act of intimidation" that risks a chilling effect on press freedom.

The World Association of Newspapers and News Publishers (WAN-IFRA) has written to the prime minister over the government's "deeply regrettable" response to files leaked by the National Security Agency whistleblower Edward Snowden.

The body, which represents 18,000 publications from 3,000 companies, condemned officials for their "symbolic" attempt to restrict reporting by destroying computer hard drives held by the Guardian.

"That your government felt the need to threaten legal action in order to block reporting into issues of public interest is deeply regrettable," the organisation wrote in its letter to the prime minister.

"Furthermore, WAN-IFRA is extremely concerned that the government's actions were an act of intimidation that could have a chilling effect on press freedom in the UK and beyond."

It described as "outrageous and deeply disturbing" the detention of David Miranda, the partner of Guardian journalist Glenn Greenwald, at Heathrow airport under Schedule 7 of the Terrorism Act 2000.

"The apparent misuse of this particular element of anti-terror legislation places journalists, and those aiding journalistic work, under suspicion of being terrorists or having involvement in terrorist activities," said WAN-IFRA.

"This is an outrageous and deeply disturbing connection to make, and we seek assurances from you and your government that the necessary inquiries will be made to ensure any inference of association between journalism and terrorism is not part of official policy and is publicly condemned as categorically misleading."

The letter to Cameron came as the Guardian shared some of its documents leaked by Snowden with the New York Times to circumvent what the newspaper described as "a climate of intense pressure" from the government. Journalists in America are protected by the first amendment which guarantees free speech and in practice prevents the state seeking pre-publication injunctions or prior restraint.

In the letter, signed by the WAN-IFRA president Tomas Brunegård and World Editors Forum president Erik Bjerager, the body added its concern over a "perceived slide in press freedom" in the UK, citing the arrest of dozens of journalists and questions over the future of press regulation following Lord Justice Leveson's report.

It added: "We respectfully call on you to reaffirm the United Kingdom's commitment to a free and independent press and to realign the various government and police authorities behind this unequivocal message.

"We urge the UK government to respect the rights of journalists to protect their sources and to create the conditions necessary to ensure the press can continue its crucial role in maintaining free and fair societies, without government interference or intimidation."
http://www.theguardian.com/media/201...ron-newspapers





Lord Blair: We Need Laws to Stop 'Principled' Leaking of State Secrets

Former Metropolitan police commissioner says 'facilitating terrorism' by leaking should be made explicitly criminal

Tougher laws are needed to prevent members of the public from revealing official secrets, former Metropolitan police commissioner Lord Blair has said.

The peer insisted there was material the state had to keep secret, and powers had to be in place to protect it.

The intervention comes after police seized what they said were thousands of classified documents from David Miranda – the partner of Guardian journalist Glenn Greenwald, who has been reporting leaks from the former US intelligence officer Edward Snowden.

The Home Office has defended the use of anti-terrorism laws to detain and question Miranda at Heathrow airport earlier this month.

Lord Blair told BBC Radio 4's Broadcasting House programme: "The state has to have secrets – that's how it operates against terrorists.

"It has to have the right to preserve those secrets and we have to have a law that covers a situation when somebody, for all sorts of wonderfully principled reasons, wishes to disclose those secrets.

"It just is something that is extremely dangerous for individual citizens to [make] those secrets available to the terrorists."

Lord Blair said the threat from international terrorism was "constantly changing" and there was a need to "review the law".

He warned there was a "new threat which is not of somebody personally intending to aid terrorism, but of conduct which is likely to or capable of facilitating terrorism". He cited the examples of information leaks related to Bradley Manning and WikiLeaks.
"Most of the legislation about state secrets is in the Official Secrets Act and it only concerns an official," he said.

"I think there is going to have to be a look at what happens when somebody possesses material which is secret without having authority."
http://www.theguardian.com/uk-news/2...cipled-leaking





Hackers Threaten to Reveal Secrets of New Zealand MPs Behind Snooping Bill

The Anonymous hacker group has threatened to post New Zealand MPs’ secrets online after the country’s parliament passed an NSA-style spying bill. It follows a hack by the group against the NZ government that took out the Kiwi secret services’ website.

In an interview over an encrypted link with New Zealand newspaper the Herald, the hacktivist group said they would target the politicians responsible for a so-called snooping bill. The group said they were giving the MPs a chance to prove to the NZ public that they had nothing to hide.

"Releasing such personal information sends a message that they're not very hard to find, they aren't the only ones who can gather intelligence,” a representative of Anonymous said.

The hacktivist organization knocked out the Government Communications Security Bureau’s (GCSB) website on Friday in a denial-of-service attack. In the interview with the Herald, the group said the cyber-attack was merely a distraction that masked another hack to obtain secret data.

Anonymous is opposing an amendment that was passed by the New Zealand parliament on August 21. The legislation would grant the GCSB – New Zealand’s equivalent of the NSA – new powers to support the country’s police, Defense Force and Security Intelligence Service.

Opponents of the controversial bill have criticized the legislation as ambiguous, and say it could open the door to NSA-style surveillance. Anonymous has characterized the bill as “an unadulterated violation of human rights, constitutionally illegal, and an invasion of the people's privacy.”

They have also criticized NZ Prime Minister John Key, who championed the bill, for failing to stand up to the US.
The GCSB confirmed the hack attack Friday, but rejected the claims that classified data had been taken.

The debate over the GCSB’s new powers triggered a number of mass protests, with three quarters of New Zealanders “concerned” by the amendment, according to a survey by Fairfax Media-Ipsos.

However, Key has rejected criticism of the bill as fueled by “misinformation” and “conspiracy” fears stirred up by the country’s opposition. He has trenchantly defended the bill as necessary to protect the country’s cyber-security in the face of various threats.

"There will be times where a serious cyber-intrusion is detected against a New Zealander and the GCSB will then need to look at content – that's why the law allows that. But that should be the end point, not the starting point," Key said.

One of the most vocal members of the NZ opposition, Kim Dotcom, founder of MegaUploads, said the so-called threats were “imaginary” and a justification for “a radical termination of our basic rights.”

Last January New Zealand police stormed Dotcom’s mansion in Auckland, seizing digital material and other assets. A judge later ruled that the raid was illegal. Since then Dotcom has accused the New Zealand government of collaborating with the US secret services.
http://www.isidewith.com/article/hac...mps-behind-sno





Obama Administration Asks Court to Force NYT Reporter to Reveal Source

Previous ruling said reporters have no privilege to safeguard confidentiality leaving Risen to reveal his source or go to jail
Ed Pilkington

Last month's ruling leaves Risen facing the prospect of having to break his promise to his source or go to jail. Photograph: AP

The Obama administration is trying to dissuade federal judges from giving the New York Times reporter James Risen one last chance to avoid having to disclose his source in a criminal trial over the alleged leaking of US state secrets.

The Department of Justice has filed a legal argument with the US appeals court for the Fourth Circuit in Richmond, Virginia, in which it strongly opposes any further consideration of Risen's petition. Risen's lawyers have asked the court to convene a full session of the 15-member court to decide whether the journalist should be granted First Amendment protection that would spare him from having to reveal the identity of his source to whom he promised confidentiality.

A three-member panel of the same court last month issued a 2-1 majority ruling in which they found that reporters had no privilege that would safeguard the confidentiality of their sources in a criminal trial. The judgement leaves Risen, a prominent investigative reporter specialising in national security issues, facing the prospect of having to break his promise to his source or go to jail.

The legal crunch emerged from Risen's 2006 book, State of War, in which the author reveals details of the CIA's attempts to foil Iran's nuclear programme. James Sterling, a former CIA employee, is being prosecuted under the Espionage Act for the criminal disclosure of the information – one of seven officials to face the severe charges under the Obama administration including Chelsea Manning who has been sentenced to 35 years in military jail as the WikiLeaks source.

In a 26-page filing, the US prosecutor Neil Macbride and his team argue that Risen has no grounds to be offered a full hearing of the appeals court because there is no such thing as a reporters' privilege in a criminal trial. They insist that the New York Times journalist was the only eyewitness to the leaking crimes of which Sterling has been charged and under previous case law has no right to claim First Amendment protection.

"Risen's eyewitness testimony is essential proof of the disputed identity of the perpetrator that cannot be duplicated or replaced by other evidence in the case," MacBride writes.

The DoJ's robust attempt to block any further legal discussion about Risen's plight will add to the impression that the Obama administration is determined to stamp on official leaking regardless of its implications for press freedom – a syndrome that some critics have dubbed a "war on whistleblowing". Risen's lawyers argue that the hardline approach conflicts with the Justice Department's own recent guidelines in which it talks of a need for balance between pursuing leakers while "safeguarding the essential role of a free press in fostering government accountability in an open society".
http://www.theguardian.com/law/2013/...n-no-privilege





War on Leaks Is Pitting Journalist vs. Journalist
David Carr

A disgruntled loner with access to military secrets comes across documents that pull back the veil on government actions in a lost war and decides for a variety of reasons, some noble and some personal, to share them with the world.

That was Daniel Ellsberg in 1969, and for his efforts, which became the publication of the Pentagon Papers, he was investigated and indicted, but eventually he was hailed as a hero and enshrined in the journalistic canon.

Today that role has been taken up by Pfc. Bradley E. Manning (who now wants to be known as Chelsea) and Edward J. Snowden. Their chances of being widely declared heroes aren’t nearly as great: Private Manning was sentenced to 35 years in prison last week, and Mr. Snowden, who revealed documents showing the extent of surveillance by the National Security Agency, is still hiding in Russia beyond the reach of the United States government.

Perhaps they got what’s coming to them. They knew, or should have known, the risks of revealing information entrusted to them, and decided to proceed. Like almost all whistle-blowers, they are difficult people with complicated motives.

So, too, are the journalists who aid them. It’s not surprising that Julian Assange, the founder of WikiLeaks, who brokered the publishing of Private Manning’s documents, and Glenn Greenwald, the columnist for The Guardian who has led the Snowden revelations, have also come under intense criticism.

What is odd is that many pointing the finger are journalists. When Mr. Greenwald was on “Meet the Press” after the first round of N.S.A. articles, the host, David Gregory, seemingly switched the show to “Meet the Prosecutor.” He asked, “To the extent that you have aided and abetted Snowden, even in his current movements, why shouldn’t you, Mr. Greenwald, be charged with a crime?”

Jeffrey Toobin, who works for both CNN and The New Yorker, called Mr. Snowden “a grandiose narcissist who belongs in prison.” This week, he called David Miranda, Mr. Greenwald’s partner who was detained by British authorities for nine hours under antiterror laws, the equivalent of a “drug mule.”

Mr. Assange has also come under withering criticism, including in the pages of The New York Times, which accused him, among other things, of not smelling very nice as we cooperated with WikiLeaks in publishing reams of articles in July 2010 based on the revelations from Private Manning.

This week, Michael Grunwald, a senior national correspondent at Time, wrote on Twitter: “I can’t wait to write a defense of the drone strike that takes out Julian Assange.” (He later apologized, perhaps reasoning that salivating over the killing of anyone was in poor taste.)

What have Mr. Assange and Mr. Greenwald done to inspire such rancor from other journalists? Because of the leaks and the stories they generated, we have learned that in the name of tracking terrorists, the N.S.A. has been logging phone calls and e-mails for years, recorded the metadata of correspondence between Americans, and in some instances, dived right into the content of e-mails. The WikiLeaks documents revealed that the United States turned a blind eye on the use of torture by our Iraqi allies, and that an airstrike was ordered to cover up the execution of civilians. WikiLeaks also published a video showing a United States Army helicopter opening fire on a group of civilians, including two Reuters journalists.

In the instance of the stories based on the purloined confidential documents in the Manning and Snowden leaks, we learned what our country has been doing in our name, whether it is in war zones or in digital realms.

Mr. Toobin agrees that an important debate has been joined, but says no story, no matter how big, justifies journalists’ abetting illegal acts, saying, “Journalists are not above the law.”

“The Jane Mayers, Sy Hershes and Walter Pincuses have all done superb work for decades without the rampant lawlessness that was behind these stories,” he said, adding later, “I’ve never heard any of those journalists endorsing the wholesale theft of thousands of classified government records.”

The larger sense I get from the criticism directed at Mr. Assange and Mr. Greenwald is one of distaste — that they aren’t what we think of as real journalists. Instead, they represent an emerging Fifth Estate composed of leakers, activists and bloggers who threaten those of us in traditional media. They are, as one says, not like us.

“By no means was I treated as a hero when I first came forward. I was indicted and spent two years in court,” Mr. Ellsberg said in an interview. “But in those days, journalists were not turning on journalists. With Snowden in particular, you have a split between truly independent journalists and those who are tools — and I mean that in every sense of the term — of the government. Toobin and Grunwald are doing the work of the government to maintain relationships and access.”

It is true that Mr. Assange and Mr. Greenwald are activists with the kind of clearly defined political agendas that would be frowned upon in a traditional newsroom. But they are acting in a more transparent age — they are their own newsrooms in a sense — and their political beliefs haven’t precluded other news organizations from following their leads. (In fact, The Times confirmed on Friday that it would work on a series of articles based on the N.S.A. documents with The Guardian.)

Yes, the argumentative Mr. Greenwald and the often obnoxious Mr. Assange don’t just have opinions, they tend to rub our mainstream noses in them. During the course of their collaboration and coverage of the WikiLeaks investigation, Mr. Assange and Bill Keller, then the executive editor of The Times, traded some rather memorable barbs. (I understand some of the antagonism: I was at a very proper lunch in the English countryside with Mr. Assange and he announced to the table that he thought the primary requirements for being a journalist at The New York Times were the ability to lie and obfuscate. Why thank you, Mr. Assange. Now could you pass the salad, please?)

In a phone interview, Mr. Keller suggested that he “let Julian get under my skin a little more than I should have.” But he said that Mr. Assange should be afforded the protections given to any journalist.

Mr. Keller said the relationship with sources and competitors on coverage was always fraught with peril, but technology has created significant disruption to both the business model and the practice of journalism.

“Stuff that used to happen in a sedate place with a kind of Robert’s Rules of Order have now turned into the World Wrestling Federation, with everybody piling into the ring and throwing punches,” he said. “There has been a tendency for people used to a more decorous world to bristle at the characters who have acquired prominence in this new world.”

The reflex is understandable, but by dwelling on who precisely deserves to be called a journalist and legally protected as such, critics within the press are giving the current administration a justification for their focus on the ethics of disclosure rather than the morality of government behavior.

“I think the people in our business who are suspicious of Glenn Greenwald and critical of David Miranda are not really thinking this through,” said Alan Rusbridger, editor in chief of The Guardian. “The governments are conflating journalism with terrorism and using national security to engage in mass surveillance. The implications just in terms of how journalism is practiced are enormous.”

If the revelations about the N.S.A. surveillance were broken by Time, CNN or The New York Times, executives there would already be building new shelves to hold all the Pulitzer Prizes and Peabodies they expected. Same with the 2010 WikiLeaks video of the Apache helicopter attack.

Instead, the journalists and organizations who did that work find themselves under attack, not just from a government bent on keeping its secrets, but from friendly fire by fellow journalists. What are we thinking?
http://www.nytimes.com/2013/08/26/bu...ournalist.html





Tech Companies and Government May Soon Go to War Over Surveillance
Patrick Gray

Everyone assumes that technology companies like Apple, Facebook, and Google don’t care that their customers are being spied on. I don’t believe that’s true.

On the very day the media dropped detailed documents on the NSA’s X-Keyscore collection program, the Facebook engineering team published a blog post stating that all access to Facebook via apps and web browsers was now SSL encrypted. Given X-Keyscore was a program primarily designed to intercept unencrypted internet traffic, you could be forgiven for interpreting Facebook’s post as a middle finger pointed in NSA’s direction. (Sources inside Facebook say it is a coincidence, and indeed the company had been in the process of enabling this across-the-board for years. But still. The timing.)
You want us to execute that warrant for you? Ok, sure, but the user will get a nice big popup warning telling them that their messages are likely being intercepted!

There are new interception hurdles everywhere you look. Even plain old SSL encryption is becoming more difficult to snoop on. Previously, governments could rely on complicit or compromised certificate authorities to provide them with the means to intercept encrypted traffic. Thanks to the Iranian government’s overly enthusiastic use of this technique, Google made changes to the Chrome browser to neuter the practice. Similar updates are expected soon in Internet Explorer. There goes another interception technique for law enforcement!

And it’s only going to get worse for the poor ole G-Men. Technology companies are enabling security features that make certain types of government surveillance extremely difficult, and it’s a trend that’s set to continue. That’s why the U.S. government has long wanted laws that force tech companies to make their products wiretap friendly.

It’s not just web providers that are making life more difficult for government intercepts. It would take Apple, for example, a negligible amount of development time to introduce the cryptographic anti-snooping features of OTR — a form of instant messaging encryption and authentication — into a protocol like iMessage. At the moment authorities can get in the middle of the keying process at Cupertino and read user content, if they show a warrant. But one simple iOS update and they won’t be able to do that anymore without setting off alarm bells: You want us to execute that warrant for you? Ok, sure, but the user will get a nice big popup warning telling them that their messages are likely being intercepted! (Still want us to proceed? Didn’t think so.)

There’s the rub. Currently, there’s no law stopping companies like Apple, Facebook, and Google from introducing such security changes or forcing them to build in backdoors. Why would Apple want its users migrating to cross-platform, anti-snooping messaging apps like Hemlis (by the founders of The Pirate Bay)? Especially when the company could push itself out of the surveillance business with its own technical tweaks before federal regulations force them to become key players in warrant execution.

In fact, advancements in the usability of cryptographic protocols have made anti-surveillance features relatively simple for technology companies to bake into their communications products. And public demand for greater security and privacy in the wake of Edward Snowden’s revelations may make it virtually obligatory for them to do so before new wiretapping laws can be introduced.

This heralds a looming standoff between technology companies and government … even though much of the focus until now has portrayed the two as being in the same camp.

B.S. (Before Snowden) and A.S. (After Snowden)

Before the Snowden leaks, it was hard to imagine the Tea Party and Occupy movements skipping together through meadows holding identical placards.

Not anymore.

Today, an attempt to introduce laws that would heavily fine software and internet companies for failing to make their products wiretap-friendly would be met by a full-scale revolt by the commentariat — and by the noisy political fringe on the left and the right.

President Obama was reportedly on the verge of backing the new wiretapping plan as recently as May this year. Only the “Snowden files” hit the press one month later, and surveillance became a hot-button issue. These laws seemingly dropped off the agenda.

For now.

Before Snowden, the proposed law would have been a mildly controversial but grudgingly accepted compliance regime for technology companies. The blowback might have been limited to a few angry Reddit threads and Anonymous denial-of-service attacks against government websites.

Now, it would become a serious political liability for the Obama administration — as well as a public relations and commercial disaster for the technology industry.
This World War May Have Started in India

The FBI’s proposed regulations were first publicly mooted in 2010. But it was arguably the 2008 terrorist attacks halfway across the world — in Mumbai, India — that first set tech companies on a collision course with the state. Because the attackers reportedly used BlackBerry devices when conducting the attack to successfully avoid eavesdropping by India’s security services.

Intelligence services around the world noticed. Here was a simple consumer device that terrorists used for secure communications in organizing and conducting their strike.

A year and a half after the Mumbai attacks, the Indian government’s message for BlackBerry maker RIM was clear: Help us intercept your users’ communications or get out of our country. (The message was the same for Skype and Google.) Tense negotiations followed and were apparently resolved later when interception capabilities were demonstrated to government officials.
Before, blowback would have been limited to a few angry Reddit threads and Anonymous denial-of-service attacks against government websites. Now, it would become a serious liability.

Indian Department of Telecommunications (DoT) documents leaked to The Times of India this month show RIM worked with Indian telcos to make it possible to execute warrants against “regular” BlackBerry users. However, RIM could not assist in intercepting messages between two users of the same BlackBerry Enterprise Server (BES).

It wasn’t an outright win for the Indian government, but without the threat of regulation it’s unlikely the government would have even gotten that far.

And before people start screaming that RIM’s decision favors corporate users over consumers, it’s important to understand that intercepting messages from one BES user to another is a technical pain-in-the-ass of the highest order. Short of backdooring their products, there’s not much RIM can do about it.

But building in a backdoor is just what the previously proposed U.S. laws would make RIM do in America.

Months after the India showdown, at the urging of the FBI, the U.S. government threatened technology companies with similar actions. You’ve written an encrypted messaging app? Great! Except we’ll fine you $25,000 a day if you can’t execute our warrants and give us access to your users’ communications.

So What Next?

The FBI has legitimate reasons to want these laws. Violating the civil rights of the general population isn’t its core business; wiretaps are vital to many legitimate investigations into awful crimes. Technology has changed enough over the past 30 years to believe that some communications legitimately targeted by the FBI and other agencies are “going dark”. (Even unencrypted internet-based messages are complicated to intercept. If the target of a warrant uses the in-game chat feature in Pokemon for Nintendo DS to communicate with a co-conspirator, forget about fancy encryption — how the hell are they going to decode that?)

Only the government didn’t expect the Snowden twist. And so, contrary to popular discourse about tech companies actively participating in surveillance, the technology industry is naturally moving towards making its products harder to eavesdrop on.
It’s one thing to prevent software companies from implementing security features. But it’s quite another to strip existing security measures from users’ devices.

Here’s a fresh political consideration: It’s one thing to establish a legal framework that would prevent software companies from implementing certain security features in the future. But it’s quite another to establish a law that would strip existing security measures from users’ devices.

Since Snowden’s leaks have bolstered consumers’ desire for greater privacy from government interception and have almost certainly delayed the introduction of U.S. lawmakers’ legislation, we now find ourselves in a not-so-comfortable status quo. What’s going to give? Will Congress still legislate to force those wiretap capabilities? Or will the tech companies say “screw you” and start rolling out decent security features to their users? And how will agencies like the NSA get around these types of problems?

Tech companies now have the motivation to introduce such changes, and the opportunity. The only thing lacking might be the intestinal fortitude to follow through. This window of opportunity won’t be open forever.

My guess is the de facto interception technique of the future will involve targeting users’ endpoints (phone, computer, tablet, whatever) instead of trying to intercept communications in transit. That will work for targeted interception, but knocks out a lot of the dragnet stuff. Sounds like a win to me. But only time, and perhaps some further revelations, will tell.
http://www.wired.com/opinion/2013/08...may-be-at-war/





NSA Paying U.S. Companies for Access to Communications Networks
Craig Timberg and Barton Gellman

The National Security Agency is paying hundreds of millions of dollars a year to U.S. companies for clandestine access to their communications networks, filtering vast traffic flows for foreign targets in a process that also sweeps in large volumes of American telephone calls, e-mails and instant messages.

The bulk of the spending, detailed in a multi-volume intelligence budget obtained by The Washington Post, goes to participants in a Corporate Partner Access Project for major U.S. telecommunications providers. The documents open an important window into surveillance operations on U.S. territory that have been the subject of debate since they were revealed by The Post and Britain’s Guardian newspaper in June.

New details of the corporate-partner project, which falls under the NSA’s Special Source Operations, confirm that the agency taps into “high volume circuit and packet-switched networks,” according to the spending blueprint for fiscal 2013. The program was expected to cost $278 million in the current fiscal year, down nearly one-third from its peak of $394 million in 2011.

Voluntary cooperation from the “backbone” providers of global communications dates to the 1970s under the cover name BLARNEY, according to documents provided by former NSA contractor Edward Snowden. These relationships long predate the PRISM program disclosed in June, under which American technology companies hand over customer data after receiving orders from the Foreign Intelligence Surveillance Court.

In briefing slides, the NSA described BLARNEY and three other corporate projects — OAKSTAR, FAIRVIEW and STORMBREW — under the heading of “passive” or “upstream” collection. They capture data as they move across fiber-optic cables and the gateways that direct global communications traffic.

The documents offer a rare view of a secret surveillance economy in which government officials set financial terms for programs capable of peering into the lives of almost anyone who uses a phone, computer or other device connected to the Internet.

Although the companies are required to comply with lawful surveillance orders, privacy advocates say the multimillion-dollar payments could create a profit motive to offer more than the required assistance.

“It turns surveillance into a revenue stream, and that’s not the way it’s supposed to work,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center, a Washington-based research and advocacy group. “The fact that the government is paying money to telephone companies to turn over information that they are compelled to turn over is very troubling.”

Verizon, AT&T and other major telecommunications companies declined to comment for this article, although several industry officials noted that government surveillance laws explicitly call for companies to receive reasonable reimbursement for their costs.
Previous news reports have made clear that companies frequently seek such payments, but never before has their overall scale been disclosed.

The budget documents do not list individual companies, although they do break down spending among several NSA programs, listed by their code names.

There is no record in the documents obtained by The Post of money set aside to pay technology companies that provide information to the NSA’s PRISM program. That program is the source of 91 percent of the 250 million Internet communications collected through Section 702 of the FISA Amendments Act, which authorizes PRISM and the upstream programs, according to an 2011 opinion and order by the Foreign Intelligence Surveillance Court.

Several of the companies that provide information to PRISM, including Apple, Facebook and Google, say they take no payments from the government when they comply with national security requests. Others say they do take payments in some circumstances. The Guardian reported last week that the NSA had covered “millions of dollars” in costs that some technology companies incurred to comply with government demands for information.

Telecommunications companies generally do charge to comply with surveillance requests, which come from state, local and federal law enforcement officials as well as intelligence agencies.

Former telecommunications executive Paul Kouroupas, a security officer who worked at Global Crossing for 12 years, said that some companies welcome the revenue and enter into contracts in which the government makes higher payments than otherwise available to firms receiving reimbursement for complying with surveillance orders.

These contractual payments, he said, could cover the cost of buying and installing new equipment, along with a reasonable profit. These voluntary agreements simplify the government’s access to surveillance, he said.

“It certainly lubricates the [surveillance] infrastructure,” Kouroupas said. He declined to say whether Global Crossing, which operated a fiber-optic network spanning several continents and was bought by Level 3 Communications in 2011, had such a contract. A spokesman for Level 3 Communications declined to comment.

In response to questions in 2012 from then-Rep. Edward J. Markey (D-Mass.), who was elected to the Senate in June, several telecommunications companies detailed their prices for surveillance services to law enforcement agencies under individual warrants and subpoenas. AT&T, for example, reported that it charges $325 to activate surveillance of an account and also a daily rate of $5 or $10, depending on the information gathered. For providing the numbers that have accessed cell towers, meanwhile, AT&T charged $75 per tower, the company said in a letter.

No payments have been previously disclosed for mass surveillance access to traffic flowing across a company’s infrastructure.

Lawyer Albert Gidari Jr., a partner at Perkins Coie who represents technology and telecommunications companies, said that surveillance efforts are expensive, requiring teams of attorneys to sift through requests and execute the ones deemed reasonable. Government agencies, meanwhile, sometimes balk at paying the full costs incurred by companies

“They lose a ton of money,” Gidari said. “And yet the government is still unsatisfied with it.”

The budget documents obtained by The Post list $65.96 million for BLARNEY, $94.74 million for FAIRVIEW, $46.04 million for STORMBREW and $9.41 million for OAKSTAR. It is unclear why the total of these four programs amounts to less than the overall budget of $278 million.

Among the possible costs covered by these amounts are “network and circuit leases, equipment hardware and software maintenance, secure network connectivity, and covert site leases,” the documents say. They also list in a separate line item $56.6 million in payments for “Foreign Partner Access,” although it is not clear whether these are for foreign companies, foreign governments or other foreign entities.

Some privacy advocates favor payments to companies when they comply with surveillance efforts because the costs can be a brake on overly broad requests by government officials. Invoices also can provide a paper trail to help expose the extent of spying.

But if the payments are too high, they may persuade companies to go beyond legal requirements in providing information, said Chris Soghoian, a technology expert with the American Civil Liberties Union who has studied government payments related to surveillance requests.

“I’m worried that the checks might grease the wheels a little bit,” he said.
http://www.washingtonpost.com/world/...4a1_story.html





U.S. Spy Network’s Successes, Failures and Objectives Detailed in ‘Black Budget’ Summary
Barton Gellman and Greg Miller

U.S. spy agencies have built an intelligence-gathering colossus since the attacks of Sept. 11, 2001, but remain unable to provide critical information to the president on a range of national security threats, according to the government’s top-secret budget.

The $52.6 billion “black budget” for fiscal 2013, obtained by The Washington Post from former intelligence contractor Edward Snowden, maps a bureaucratic and operational landscape that has never been subject to public scrutiny. Although the government has annually released its overall level of intelligence spending since 2007, it has not divulged how it uses the money or how it performs against the goals set by the president and Congress.

The 178-page budget summary for the National Intelligence Program details the successes, failures and objectives of the 16 spy agencies that make up the U.S. intelligence community, which has 107,035 employees.

The summary describes cutting-edge technologies, agent recruiting and ongoing operations. The Post is withholding some information after consultation with U.S. officials who expressed concerns about the risk to intelligence sources and methods. Sensitive details are so pervasive in the documents that The Post is publishing only summary tables and charts online.

“The United States has made a considerable investment in the Intelligence Community since the terror attacks of 9/11, a time which includes wars in Iraq and Afghanistan, the Arab Spring, the proliferation of weapons of mass destruction technology, and asymmetric threats in such areas as cyber-warfare,” Director of National Intelligence James R. Clapper Jr. wrote in response to inquiries from The Post.

“Our budgets are classified as they could provide insight for foreign intelligence services to discern our top national priorities, capabilities and sources and methods that allow us to obtain information to counter threats,” he said.

Among the notable revelations in the budget summary:

●Spending by the CIA has surged past that of every other spy agency, with $14.7 billion in requested funding for 2013. The figure vastly exceeds outside estimates and is nearly 50 percent above that of the National Security Agency, which conducts eavesdropping operations and has long been considered the behemoth of the community.

●The CIA and the NSA have begun aggressive new efforts to hack into foreign computer networks to steal information or sabotage enemy systems, embracing what the budget refers to as “offensive cyber operations.”

●Long before Snowden’s leaks, the U.S. intelligence community worried about “anomalous behavior” by employees and contractors with access to classified material. The NSA planned to ward off a “potential insider compromise of sensitive information” by re-investigating at least 4,000 people this year who hold high-level security clearances.

●U.S. intelligence officials take an active interest in friends as well as foes. Pakistan is described in detail as an “intractable target,” and counterintelligence operations “are strategically focused against [the] priority targets of China, Russia, Iran, Cuba and Israel.” The latter is a U.S. ally but has a history of espionage attempts against the United States.

●In words, deeds and dollars, intelligence agencies remain fixed on terrorism as the gravest threat to national security, which is listed first among five “mission objectives.” Counterterrorism programs employ one in four members of the intelligence workforce and account for one-third of the intelligence program’s spending.

●The governments of Iran, China and Russia are difficult to penetrate, but North Korea’s may be the most opaque. There are five “critical” gaps in U.S. intelligence about Pyongyang’s nuclear and missile programs, and analysts know virtually nothing about the intentions of North Korean leader Kim Jong Un.

Formally known as the Congressional Budget Justification for the National Intelligence Program, the “top-secret” blueprint represents spending levels proposed to the House and Senate intelligence committees in February 2012. Congress may have made changes before the fiscal year began on Oct 1. Clapper is expected to release the actual total spending figure after the fiscal year ends on Sept. 30.

The document describes a constellation of spy agencies that track millions of surveillance targets and carry out operations that include hundreds of lethal strikes. They are organized around five priorities: combating terrorism, stopping the spread of nuclear and other unconventional weapons, warning U.S. leaders about critical events overseas, defending against foreign espionage, and conducting cyber-operations.

In an introduction, Clapper said the threats facing the United States “virtually defy rank-ordering.” He warned of “hard choices” as the intelligence community — sometimes referred to as the “IC” — seeks to rein in spending after a decade of often double-digit budget increases.

The current budget proposal envisions that spending will remain roughly level through 2017 and amounts to a case against substantial cuts.

“Never before has the IC been called upon to master such complexity and so many issues in such a resource-constrained environment,” Clapper wrote.

An espionage empire

The summary provides a detailed look at how the U.S. intelligence community has been reconfigured by the massive infusion of resources that followed the 2001 attacks. The United States has spent more than $500 billion on intelligence during that period, an outlay that U.S. officials say has succeeded in its main objective: preventing another catastrophic terrorist attack in the United States.

The result is an espionage empire with resources and a reach beyond those of any adversary, sustained even now by spending that rivals or exceeds the levels at the height of the Cold War.

The current total budget request was 2.4 percent below that of fiscal 2012. In constant dollars, it was about twice the estimated size of the 2001 budget and 25 percent above that of 2006, five years into what was then known as the “global war on terror.”
Historical data on U.S. intelligence spending is largely nonexistent. Through extrapolation, experts have estimated that Cold War spending probably peaked in the late 1980s at an amount that would be the equivalent of $71 billion today.

Spending in the most recent cycle surpassed that amount, based on the $52.6 billion detailed in documents obtained by The Post plus a separate $23 billion devoted to intelligence programs that more directly support the U.S. military.

Lee H. Hamilton, an Indiana Democrat who chaired the House Intelligence Committee and co-chaired the commission that investigated the Sept. 11 attacks, said that access to budget details will enable an informed public debate on intelligence spending for the first time, much as Snowden’s disclosures of NSA surveillance programs brought attention to operations that had assembled data on nearly every U.S. citizen.

“Much of the work that the intelligence community does has a profound impact on the life of ordinary Americans, and they ought not to be excluded from the process,” Hamilton said.

“Nobody is arguing that we should be so transparent as to create dangers for the country,” he said. But, he added, “there is a mind-set in the national security community: ‘Leave it to us, we can handle it, the American people have to trust us.’ They carry it to quite an extraordinary length so that they have resisted over a period of decades transparency. . . . The burden of persuasion as to keeping something secret should be on the intelligence community, the burden should not be on the American public.”

Experts said that access to such details about U.S. spy programs is without precedent.

“It was a titanic struggle just to get the top-line budget number disclosed, and that has only been done consistently since 2007,” said Steven Aftergood, an expert at the Federation of American Scientists, a Washington-based organization that provides analyses of national security issues. “But a real grasp of the structure and operations of the intelligence bureaucracy has been totally beyond public reach. This kind of material, even on a historical basis, has simply not been available.”

The only meaningful frame of reference came in 1994, when a congressional subcommittee inadvertently published a partial breakdown of the National Intelligence Program. At the time, the CIA accounted for just $4.8 billion of a budget that totaled $43.4 billion in 2012 dollars. The NSA and the National Reconnaissance Office, which operates satellites and other sensors, commanded far larger shares of U.S. intelligence budgets until years after the Cold War ended.

During the past decade, they have taken a back seat to the CIA.

The NSA was in line to receive $10.5 billion in 2013, and the NRO was to get $10.3 billion — both far below the CIA, whose share had surged to 28 percent of the total budget.

Overall, the U.S. government spends 10 times as much on the Defense Department as it does on spy agencies.

“Today’s world is as fluid and unstable as it has been in the past half century,” Clapper said in his statement to The Post. “Even with stepped up spending on the IC over the past decade, the United States currently spends less than one percent of GDP on the Intelligence Community.”

Dominant position

The CIA’s dominant position is likely to stun outside experts. It represents a remarkable recovery for an agency that seemed poised to lose power and prestige after acknowledging intelligence failures leading up to the 2001 attacks and the 2003 U.S.-led invasion of Iraq.

The surge in resources for the agency funded secret prisons, a controversial interrogation program, the deployment of lethal drones and a huge expansion of its counterterrorism center. The agency was transformed from a spy service struggling to emerge from the Cold War into a paramilitary force.

The CIA has devoted billions of dollars to recruiting and training a new generation of case officers, with the workforce growing from about 17,000 a decade ago to 21,575 this year.

The agency’s budget allocates $2.3 billion for human intelligence operations and $2.5 billion to cover the cost of supporting the security, logistics and other needs of those missions around the world. A relatively small amount of that total, $68.6 million, was earmarked for creating and maintaining “cover,” the false identities employed by operatives overseas.

There is no specific entry for the CIA’s fleet of armed drones in the budget summary, but a broad line item hints at the dimensions of the agency’s expanded paramilitary role, providing more than $2.6 billion for “covert action programs” that would include drone operations in Pakistan and Yemen, payments to militias in Afghanistan and Africa, and attempts to sabotage Iran’s nuclear program.

The black budget illuminates for the first time the intelligence burden of the wars in Afghanistan and Iraq. For 2013, U.S. spy agencies were projected to spend $4.9 billion on “overseas contingency operations.” The CIA accounted for about half of that figure, a sum factored into its overall $14.7 billion budget.

Those war expenditures are projected to shrink as the United States withdraws forces from Afghanistan. The budget also indicates that the intelligence community has cut the number of contractors it hires over the past five years by about 30 percent.

Critical gaps

Despite the vast outlays, the budget blueprint catalogues persistent and in some cases critical blind spots.

Throughout the document, U.S. spy agencies attempt to rate their efforts in tables akin to report cards, generally citing progress but often acknowledging that only a fraction of their questions could be answered — even on the community’s foremost priority, counterterrorism.

In 2011, the budget assessment says intelligence agencies made at least “moderate progress” on 38 of their 50 top counterterrorism gaps, the term used to describe blind spots. Several concern Lebanon’s Hezbollah movement, an enemy of Israel that has not attacked U.S. interests directly since the 1990s.

Other blank spots include questions about the security of Pakistan’s nuclear components when they are being transported, the capabilities of China’s next-generation fighter aircraft, and how Russia’s government leaders are likely to respond to “potentially destabilizing events in Moscow, such as large protests and terrorist attacks.”

A chart outlining efforts to address key questions on biological and chemical weapons is particularly bleak. U.S. agencies set annual goals for at least five categories of intelligence collection related to these weapons. In 2011, the agencies made headway on just two gaps; a year earlier, the mark was zero.

The documents describe expanded efforts to “collect on Russian chemical warfare countermeasures” and assess the security of biological and chemical laboratories in Pakistan.

A table of “critical” gaps listed five for North Korea, more than for any other country that has pursued or is pursuing a nuclear bomb.

The intelligence community seems particularly daunted by the emergence of “homegrown” terrorists who plan attacks in the United States without direct support or instruction from abroad, a threat realized this year, after the budget was submitted, in twin bombings at the Boston Marathon.

The National Counterterrorism Center has convened dozens of analysts from other agencies in attempts to identify “indicators” that could help law enforcement officials understand the path from religious extremism to violence. The FBI was in line for funding to increase the number of agents who surreptitiously track activity on jihadist Web sites.

But a year before the bombings in Boston, the search for meaningful insight into the stages of radicalization was described as one of the “more challenging intelligence gaps.”

High-tech surveillance

The documents make clear that U.S. spy agencies’ long-standing reliance on technology remains intact. If anything, their dependence on high-tech surveillance systems to fill gaps in human intelligence has intensified.

A section on North Korea indicates that the United States has all but surrounded the nuclear-armed country with surveillance platforms. Distant ground sensors monitor seismic activity and scan the country for signs that might point to construction of new nuclear sites. U.S. agencies seek to capture photos, air samples and infrared imagery “around the clock.”

In Iran, new surveillance techniques and technologies have enabled analysts to identify suspected nuclear sites that had not been detected in satellite images, according to the document.

In Syria, NSA listening posts were able to monitor unencrypted communications among senior military officials at the outset of the civil war there, a vulnerability that President Bashar al-Assad’s forces apparently later recognized. One of the NRO’s functions is to extract data from sensors placed on the ground near suspected illicit weapons sites in Syria and other countries.

Across this catalogue of technical prowess, one category is depicted as particularly indispensable: signals intelligence, or SIGINT.

The NSA’s ability to monitor e-mails, phone calls and Internet traffic has come under new scrutiny in recent months as a result of disclosures by Snowden, who worked as a contract computer specialist for the agency before stockpiling secret documents and then fleeing, first to Hong Kong and then Moscow.

The NSA was projected to spend $48.6 million on research projects to assist in “coping with information overload,” an occupational hazard as the volumes of intake have increased sharply from fiber-optic cables and Silicon Valley Internet providers.

The agency’s ability to monitor the communications of al-Qaeda operatives is described in the documents as “often the best and only means to compromise seemingly intractable targets.”

Signals intercepts also have been used to direct the flight paths of drones, gather clues to the composition of North Korea’s leadership and evaluate the response plans of Russia’s government in the event of a terrorist attack in Moscow.

The resources devoted to signals intercepts are extraordinary.

Nearly 35,000 employees are listed under a category called the Consolidated Cryptologic Program, which includes the NSA as well as the surveillance and code-breaking components of the Air Force, Army, Navy and Marines.

The NSA is planning high-risk covert missions, a lesser-known part of its work, to plant what it calls “tailored radio frequency solutions” — close-in sensors to intercept communications that do not pass through global networks.

Even the CIA devotes $1.7 billion, or nearly 12 percent of its budget, to technical collection efforts, including a joint program with the NSA called “CLANSIG,” a covert program to intercept radio and telephone communications from hostile territory.

The agency also is pursuing tracking systems “that minimize or eliminate the need for physical access and enable deep concealment operations against hard targets.”

The CIA has deployed new biometric sensors to confirm the identities and locations of al-
Qaeda operatives. The system has been used in the CIA’s drone campaign.

Spending on satellite systems and almost every other category of collection is projected to shrink or remain stagnant in coming years, as Washington grapples with budget cuts across the government. But the 2013 intelligence budget called for increased investment in SIGINT.

Counterintelligence

The budget includes a lengthy section on funding for counterintelligence programs designed to protect against the danger posed by foreign intelligence services as well as betrayals from within the U.S. spy ranks.

The document describes programs to “mitigate insider threats by trusted insiders who seek to exploit their authorized access to sensitive information to harm U.S. interests.”

The agencies had budgeted for a major counterintelligence initiative in fiscal 2012, but most of those resources were diverted to an all-hands emergency response to successive floods of classified data released by the anti-secrecy group WikiLeaks.

For this year, the budget promised a renewed “focus . . . on safeguarding classified networks” and a strict “review of high-risk, high-gain applicants and contractors” — the young, nontraditional computer coders with the skills the NSA needed.

Among them was Snowden, then a 29-year-old contract computer specialist whom the NSA trained to circumvent computer network security. He was copying thousands of highly classified documents at an NSA facility in Hawaii, and preparing to leak them, as the agency embarked on the new security sweep.

“NSA will initiate a minimum of 4,000 periodic reinvestigations of potential insider compromise of sensitive information,” according to the budget, scanning its systems for “anomalies and alerts.”

Julie Tate contributed to this report.
http://www.washingtonpost.com/world/...972_story.html





How Surveillance Changes Behavior: A Restaurant Workers Case Study
Steve Lohr

Employee theft and fraud are huge problems in the restaurant industry, which has low wages and high worker turnover.Dave Kaup for The New York Times Employee theft and fraud are huge problems in the restaurant industry, which has low wages and high worker turnover.

Surveillance is certainly much in the news lately. Most notably, of course, there is the continuing outcry over the National Security Agency’s call-tracking program, disclosed in the documents leaked by Edward Snowden.

But surveillance even surfaced as a subject in last week’s televised debate among the Democratic candidates for mayor in New York. The office seekers were asked whether New York City should have more surveillance cameras. Six of the seven, card-carrying liberals all, replied without hesitation, yes. (Only Anthony Weiner said no.)

Most of the public discussion of surveillance technology and its use revolves around the question: Is it spooky or reassuring?

But another issue is the effect of surveillance on behavior. And a new research paper, published on Saturday, shows in detail how significant the surveillance effect can be.

The paper, “Cleaning House: The Impact of Information Technology Monitoring on Employee Theft and Productivity,” is the work of three academics: Lamar Pierce, an associate professor at the Olin Business School at Washington University in St. Louis; Daniel Snow, an associate professor at the Marriott School at Brigham Young University; and Andrew McAfee, a research scientist at the Sloan School of Management at the Massachusetts Institute of Technology.

The researchers measured the impact of software that monitors employee-level theft and sales transactions, before and after the technology was installed, at 392 restaurants in 39 states. The restaurants were in five “casual dining” chains. The paper does not name the five, but it cites examples of the casual dining category including Applebee’s, Chili’s and Olive Garden.

Employee theft and fraud is a big problem, estimated at up to $200 billion a year across the economy. In the restaurant industry, analysts estimate the losses from employee theft at 1 percent of revenue. That does not seem like a lot, but restaurant profit margins are slender, typically 2 to 5 percent. So cutting down on theft can be an important contributor to a restaurant’s financial health.

Most of the restaurant industry pays its servers low wages and they depend on tips. Employee turnover is high. In that environment, a certain amount of theft has long been regarded as a normal part of the business.

Unethical behavior runs the gamut. There is even a how-to book on the subject, published in 2004, “How To Burn Down the House: The Infamous Waiter and Bartender’s Scam Bible by Two Bourbon Street Waiters.” A simple example is a bartender’s not charging for a round of drinks, and urging the customers to “take care of me” — with a large tip. Other tactics are more elaborate.

But monitoring software is now available to track all transactions and detect suspicious patterns. In the new study, the tracking software was NCR’s Restaurant Guard product, and NCR provided the data. The software is intentionally set so that a restaurant manager gets only an electronic theft alert in cases that seem to clearly be misconduct. Otherwise, a manager might be mired in time-consuming detective work instead of running the restaurant.

The savings from the theft alerts themselves were modest, $108 a week per restaurant. However, after installing the monitoring software, the revenue per restaurant increased by an average of $2,982 a week, or about 7 percent.

The impact, the researchers say, came not from firing workers engaged in theft, but mostly from their changed behavior. Knowing they were being monitored, the servers not only pulled back on any unethical practices, but also channeled their efforts into, say, prompting customers to have that dessert or a second beer, raising revenue for the restaurant and tips for themselves.

“The same people who are stealing from you can be set up to succeed,” said Mr. Pierce of Washington University.

In the research, the data sets were sizable. For example, there were more than 630,000 transactions by servers tracked and collected each week over the course of the project.

But more significant, the researchers say, is what the data analysis might contribute to fields of study like social psychology and behavioral economics — and the business discipline of human resources management.

In human resources, much emphasis is placed on employee selection: if you pick the right people, they will do the right thing. Instead, this research suggests that the surveillance effect on employee behavior is striking.

“What’s surprising is the weird effectiveness of the intervention, once the monitoring technology is in place,” said Mr. McAfee of M.I.T.

Not surprisingly, NCR is delighted by the results. “It validates the customer data we’ve seen,” said Jeff Hindman, a vice president at NCR. “But this is done by outside experts with the academic standards and statistical rigor they bring to the analysis.” http://bits.blogs.nytimes.com/2013/0...rs-case-study/





Open Secret About Google’s Surveillance Case No Longer Secret
Jennifer Valentino-DeVries and Danny Yadron

The Justice Department recently won a court battle to keep an Internet company from talking about federal demands for user data, arguing that even disclosing the company’s name would damage national security.

But then, after months of arguments, the department appears to have been foiled by its own redaction process, which left the name “Google” on one page that was posted Friday in the U.S. District Court for the Southern District of New York.

The case and Google’s role in it underscore a tension between some Silicon Valley companies and the government over national security surveillance and the secrecy surrounding it.

Google has been pushing back against data-gathering tools called national security letters in two federal courts since this spring.

Such letters, known as NSLs, allow the Federal Bureau of Investigation to demand account information and other data, but not the content of calls and emails. They typically come with a strict gag order, and companies cannot even acknowledge they receive them.

After a judge in California ruled the law was a violation of the First Amendment right to free speech in March, Google challenged several of the letters it had received and asked to be freed from the gag orders.

The decisions have consistently sided with the government and ordered Google to comply and keep quiet.

But after news broke that Google was part of a program called Prism, which allows the National Security Agency to collect data on Internet users from U.S. technology companies, the company asked one of the judges, in New York, to reconsider.

Google and other companies involved in the NSA programs have said the secrecy surrounding government data-gathering leaves them unable to tell their customers what they really do with the data and puts their business at a disadvantage.

“[Redacted] has a First Amendment right to communicate transparently with its users and the public regarding its receipt of the NSL,” an attorney for the initially unnamed company wrote in a court filing, dated Aug. 16. “In light of broadly available misinformation about [redacted] receipt of and compliance with national security process and the concerns and questions of its users… [redacted] seeks to advance the public debate by taking reasonable, limited steps to increase transparency regarding its practices.”

Many references to an unnamed company are redacted in the 10-page document. But a sentence before a large blocked-out section on page 8 says that, after the Guardian and Washington Post newspapers reported Prism’s existence, “the public’s already healthy interest in Google’s receipt of, and response to, national security legal process skyrocketed.”

Whoops.

The FBI didn’t respond to requests for comment. The court didn’t respond to a request for comment left on Sunday.

A Google spokesman declined to comment on if Google is indeed involved in the case, further highlighting how the government’s gag order remains in effect.

The Google spokesman did however stand up for the unnamed technology company. “We fight for our users and have petitioned the U.S. government for more openness about their requests for user information, so we find the government’s position in this case disappointing,” the spokesman said.

The attorney listed on the filing, Todd Hinnen of Seattle firm Perkins Coie, represents Google in litigation, according to his online biography. Reached by phone Friday evening, Hinnen said he could “neither confirm nor deny” the veracity of the document. He declined to comment on his involvement with Google.

The company’s legal push against the records requests has been previously reported, after a filing error in California resulted in the release of a one-page document that included Google’s name and a reference to the law governing national security letters. But the government officially has never acknowledged Google’s involvement.

In a June 5 letter to the court, the government argues that divulging the company’s name “would alert current and potential adversaries and targets,” possibly leading them to “change tactics and stop using the provider’s services altogether.”

The government also argues that, if the court were to allow the company to acknowledge receipt of the national security letters, it would set a bad precedent and lead to many other companies being allowed to discuss NSLs.

Google, for its part, says in its memo that discussion of NSLs should be part of “a debate the President has encouraged” since the disclosure of Prism and other programs revealed by former NSA contractor Edward Snowden.

“Maintaining the redaction now serves only to protect a secret that everyone already knows,” the company says in the document.
http://blogs.wsj.com/digits/2013/08/...longer-secret/





N.S.A. Phone Data Collection Is Illegal, A.C.L.U. Says
Scott Shane

In a detailed legal attack on the National Security Agency’s collection of Americans’ phone call data, the American Civil Liberties Union argued in court papers filed Monday that the sweeping data gathering violates the Constitution and should be halted.

The A.C.L.U. cited the writings of George Orwell and the comprehensive East German surveillance portrayed in the film “The Lives of Others” in warning of the dangers of large-scale government intrusion into private lives. The new motion, elaborating on the A.C.L.U.’s arguments against the data collection, came in a federal lawsuit challenging the N.S.A. program that the group filed in June.

Intelligence officials have emphasized that the N.S.A. database does not contain the contents of any Americans’ calls, but only the so-called metadata — the numbers called and the time and duration of each call. They say the database is searched only based on “reasonable, articulable suspicion” of terrorism and is valuable for tracking terror plots.

The Justice Department is expected to ask the judge in the case, William H. Pauley III of the Southern District of New York, to dismiss it. The department declined to comment on the A.C.L.U.’s filing.

In a declaration in support of the A.C.L.U., Edward W. Felten, a professor of computer science and public affairs at Princeton, said that by gathering data on the three billion calls made each day in the United States, the N.S.A. was creating a database that could reveal some of the most intimate secrets of American citizens.

“Calling patterns can reveal when we are awake and asleep; our religion, if a person regularly makes no calls on the Sabbath or makes a large number of calls on Christmas Day; our work habits and our social aptitude; the number of friends we have, and even our civil and political affiliations,” Mr. Felten wrote.

He pointed out that calls to certain numbers — a government fraud hot line, say, or a sexual assault hot line — or a text message that automatically donates to Planned Parenthood can reveal intimate details. He also said sophisticated data analysis, using software that can instantly trace chains of social connections, can make metadata even more revealing than the calls’ contents.

The N.S.A.’s collection of call log data is approved in general terms by the Foreign Intelligence Surveillance Court. But the information is collected without individualized court warrants, based in part on a Supreme Court ruling from 1979, Smith v. Maryland, that said call logs recorded in a criminal case were not subject to protection under the Fourth Amendment.

The A.C.L.U argues that the Smith ruling involves “narrow surveillance directed at a specific criminal suspect over a very limited time period.” The organization said the facts in the Smith case bore little resemblance to the mass collection of data on every call made in the country over the last seven years, which it said violated the Fourth Amendment’s guarantee against unreasonable searches and seizures.

The lawsuit also charges that the data collection violates the First Amendment’s free speech clause by imposing “a far-reaching chill” on the A.C.L.U.’s interaction with clients and sources.

“Americans do not expect that their government will make a note every time they pick up the phone of whom they call, precisely when they call them and for precisely how long they speak,” the group wrote.

The A.C.L.U. lawsuit is one of several challenges to N.S.A. programs based on leaks by Edward J. Snowden, the former N.S.A. contractor who is now in Russia.

The Electronic Privacy Information Center, an advocacy group, has asked the Supreme Court to intervene and void the surveillance court’s approval of the phone data collection. Other individuals and interest groups are also pursuing court cases.
http://www.nytimes.com/2013/08/27/us...aclu-says.html





How to Keep the NSA Out of Your Computer

Sick of government spying, corporate monitoring, and overpriced ISPs? There's a cure for that.
Clive Thompson

JOSEPH BONICIOLI mostly uses the same internet you and I do. He pays a service provider a monthly fee to get him online. But to talk to his friends and neighbors in Athens, Greece, he's also got something much weirder and more interesting: a private, parallel internet.

He and his fellow Athenians built it. They did so by linking up a set of rooftop wifi antennas to create a "mesh," a sort of bucket brigade that can pass along data and signals. It's actually faster than the Net we pay for: Data travels through the mesh at no less than 14 megabits a second, and up to 150 Mbs a second, about 30 times faster than the commercial pipeline I get at home. Bonicioli and the others can send messages, video chat, and trade huge files without ever appearing on the regular internet. And it's a pretty big group of people: Their Athens Wireless Metropolitan Network has more than 1,000 members, from Athens proper to nearby islands. Anyone can join for free by installing some equipment. "It's like a whole other web," Bonicioli told me recently. "It's our network, but it's also a playground."

Indeed, the mesh has become a major social hub. There are blogs, discussion forums, a Craigslist knockoff; they've held movie nights where one member streams a flick and hundreds tune in to watch. There's so much local culture that they even programmed their own mini-Google to help meshers find stuff. "It changes attitudes," Bonicioli says. "People start sharing a lot. They start getting to know someone next door—they find the same interests; they find someone to go out and talk with." People have fallen in love after meeting on the mesh.

The Athenians aren't alone. Scores of communities worldwide have been building these roll-your-own networks—often because a mesh can also be used as a cheap way to access the regular internet. But along the way people are discovering an intriguing upside: Their new digital spaces are autonomous and relatively safe from outside meddling. In an era when governments and corporations are increasingly tracking our online movements, the user-controlled networks are emerging as an almost subversive concept. "When you run your own network," Bonicioli explains, "nobody can shut it down."

THE INTERNET may seem amorphous, but it's at heart pretty physical. Its backbone is a huge array of fiber-optic, telephone, and TV cables that carry data from country to country. To gain access, you need someone to connect your house to that backbone. This is what's known as the "last mile" problem, and it's usually solved by large internet service providers such as AT&T and Comcast. They buy access to the backbone and charge you for delivering the signal via telephone wires or cable lines. Most developed nations have plenty of ISPs, but in poor countries and rural areas, the last-mile problem still looms large. If providers don't think there's enough profit in household service, they either don't offer any or do it only at exorbitant rates.

Meshes evolved to tackle this problem. Consider the Spanish network Guifi, which took root in the early aughts as people got sick of waiting for their sclerotic telcos to wire the countryside. "In some places you can wait for 50 years and die and you're still waiting," jokes Guifi member Ramon Roca. The bandwidth-starved Spaniards attached long-range antennas to their wifi cards and pointed them at public hot spots like libraries. Some contributed new backbone connections by shelling out, individually or in groups, for expensive DSL links, while others dipped into the network for free. (Guifi is a complex stew of charity, free-riding, and cost-sharing.) To join the bucket brigade, all you had to do was add some hardware that allowed your computer's wifi hub to pass along the signal to anyone in your vicinity. Gradually, one hub at a time, Guifi grew into the world's largest mesh, with more than 21,000 members.
"When people see the price they get from the mesh, they're like, 'Ten bucks a month? Oh, shit, I'll pay that!'"

In some ways, a community mesh resembles a food co-op. Its members crunch the numbers and realize that they can solve the last-mile problem themselves at a fraction of the price. In Kansas City, Isaac Wilder, cofounder of the Free Network Foundation, is using this model to wire up neighborhoods where the average household income is barely $10,000 a year. His group partners with community organizations that pay for backbone access. Wilder then sets up a mesh that anyone can join for a modest sum. "The margins on most internet providers are so ridiculously inflated," he says. "When people see the price they get from the mesh, they're like, 'Ten bucks a month? Oh, shit, I'll pay that!'"

In other cases, meshes are run like tiny local businesses. Stephen Song, the founder of Village Telco, markets "mesh potatoes," inexpensive wifi devices that automatically mesh with each other, allowing them to transmit data and make local calls. In towns across Africa, where internet access is overpriced or nonexistent, mom-and-pop shops buy backbone access and then sell mesh potatoes to customers, offering them cheap monthly phone and internet rates. Song hopes this entrepreneurial model will lead to stable networks that don't have to rely on donations or tech-savvy community volunteers. He set up a mesh himself in Cape Town, South Africa. "The primary users of that tech were grandmothers," Song says. "Grandmothers are really dependent on their families, and visiting is hard—it's a really hilly area. So if you have an appealing low-cost alternative, they go for it."

WHILE MESH networks were created to solve an economic problem, it turns out they also have a starkly political element: They give people—particularly political activists—a safer and more reliable way to communicate.

As activism has become increasingly reliant on social networking, repressive regimes have responded by cutting off internet access. When Hosni Mubarak, for instance, discovered that protesters were using Facebook to help foment dissent, he ordered the state-controlled ISPs to shut down Egypt's internet for days. In China, the Communist Party uses its "Great Firewall" to prevent citizens from reading pro-democracy sites. In the United States, authorities have shut down mobile service to prevent activists from communicating, as happened a couple of years ago during a protest at San Francisco subway stations. And such reactions aren't only prompted by dissent. Some of the big phone and cable companies have begun to block digital activities they disapprove of, like sharing huge files on BitTorrent. In 2009, the recording industry even persuaded France to pass a law—since declared unconstitutional—that canceled the internet service of any household caught downloading copyrighted files more than three times.
"What if you could communicate with anyone, anywhere, without going over an inch of corporate or government cable?"

The last-mile problem, it turns out, isn't just technical or economic: It's political and even cultural. To repurpose the famous A.J. Liebling statement, internet freedom is guaranteed only to those who own a connection. "And right now, you and me don't own the internet—we just rent the capacity to access it from the companies that do own it," Wilder says.

So now digital-freedom activists and nonprofits are making mesh tools specifically to carve out spaces free from government snooping. During the Occupy Wall Street actions in New York City, Wilder set up a local mesh for the protesters. In Washington, DC, the New America Foundation's Open Technology Institute is developing Commotion—"internet in a suitcase" software that lets anyone quickly deploy a mesh. "We're making infrastructure for anyone who wants to control their own network," says Sascha Meinrath, who runs OTI. In a country with a repressive government, dissidents could use Commotion to set up a private, encrypted mesh. If a despot decided to shut off internet access, the activists could pay for a satellite connection and then share it across the mesh, getting a large group of people back online quickly.

Meinrath and his group have tested Commotion in American communities, including Detroit and Brooklyn's Red Hook neighborhood, where locals used it to get back online after Hurricane Sandy. Now OTI is working on a mesh that will provide secure local communications for communities in Tunisia.

Even voice calls can be meshed. Commotion includes Serval, software that lets you network Android phones and communicate directly via wifi without going through a wireless carrier—sort of like a high-tech walkie-talkie network. Created by Paul Gardner-Stephen, a research fellow at Australia's Flinders University, Serval also encrypts phone calls and texts, making it extremely hard for outsiders to eavesdrop. When OTI employees tested it this spring using external "range extenders," they were able to text one another from nearly a mile away on the National Mall. Hopping onto the DC Metro, they found they could trade messages while riding six cars apart. "We now know how to make a completely distributed phone system," Gardner-Stephen says. Despite the modest ranges now possible, there are plenty of potential uses. After an earthquake, he notes, Serval could help citizens and aid agencies make local calls instantly. In an Occupy-style scenario, police may try to shut down texting via Verizon and AT&T only to discover that activists have their own private Serval channel.
In an Occupy-style scenario, police may try to shut down texting via Verizon and AT&T only to discover that activists have their own private Serval channel.

Granted, Meinrath points out even encrypted systems like Commotion aren't a privacy panacea. Encryption can be broken, and if the mesh hooks up to the regular internet—via satellite, for instance—then you're sending signals back out to where the NSA and others have plenty of taps.

Even so, alternative networks are a pretty subversive idea, one that has attracted some strange bedfellows. The State Department recently ponied up almost $3 million to support Commotion, because officials think it could help freedom of speech abroad. But given the revelations about NSA spying (Commotion's developer, OTI, is considering joining a lawsuit to challenge the agency's surveillance program), the software is likely to gain traction among activists here at home. "It makes all the sense in the world," Meinrath says.

THE RISE OF community meshes suggests a possibility that is considerably more radical. What if you wanted a mesh that spanned the globe? A way to communicate with anyone, anywhere, without going over a single inch of corporate or government cable? Like what Joseph Bonicioli has in Athens writ large—a parallel, global internet run by the people, for the people. Could such a beast be built?
Down in Argentina, meshers have shot signals up to 10 miles to bring together remote villages; in Greece, Bonicioli says they've connected towns as far as 60 miles apart.

On a purely technical level, mesh advocates say it's super hard, but not impossible. First, you'd build as many local mesh networks as you can, and then you'd connect them together. Long-distance "hops" are tricky, but community meshes already use special wifi antennas—sometimes "cantennas" made out of Pringles-type containers—to join far-flung neighborhoods. Down in Argentina, meshers have shot signals up to 10 miles to bring together remote villages; in Greece, Bonicioli says they've connected towns as far as 60 miles apart. For bigger leaps, there are even more colorful ideas: Float a balloon 60,000 feet in the air, attach a wifi repeater, and you could bounce a signal between two cities separated by hundreds of miles. It sounds nuts, but Google actually pulled it off this past summer, when its Project Loon sent a flotilla of balloons over New Zealand to blanket the rural countryside with wireless connections. There are even DIY satellites: Home-brewed "cubesats" have already been put into orbit by university researchers for less than $100,000 each. That's hardly chump change, but it's well within, say, Kickstarter range.

For stable communications, though, the best bet would be to snag some better spectrum. The airwaves are a public resource, but they are regulated by national agencies like the Federal Communications Commission that dole out the strongest frequencies—the ones that can travel huge distances and pass easily through physical objects—to the military and major broadcasters. (Wifi uses one of the rare public-access frequencies.) If the FCC could be convinced to hand over some of those powerful frequencies to the public, meshes could span huge distances. "We need free networks, and we need free bandwidth," says Eben Moglen, a law professor at Columbia University and head of the Software Freedom Law Center. But given the power of the telco and defense lobbies, don't hold your breath.

The notion of a truly independent global internet may still be a gleam in the eye of the meshers, but their visionary zeal is contagious. It harkens back to the early days of the digital universe, when the network consisted mostly of university scientists and researchers communicating among themselves without corporations sitting in the middle or government (that we know of) monitoring their chats. The goal then, as now, was both connection and control: an internet of one's own.
http://www.motherjones.com/politics/...rivacy-nsa-isp





New Facebook Report Shows Over 25,000 Government Requests for User Data Worldwide
Adi Robertson

Facebook is opening up its ledger of government probes for user information, revealing over 25,600 separate requests in the first half of 2013. Today, the company launched its "Global Government Requests Report," a chart laying out how often various countries order Facebook to give up data about a user and how many of those requests are honored. Overall, at least 25,607 orders were put in for 37,954 separate accounts in the first six months of this year, with nearly half of them coming from the United States. Virtually no country had all its requests honored, but the total numbers were often still high: in the US, 79 percent of requests were honored at least in part.

The table lists anything made by any government branch, from standard law enforcement to more covert activities, and it includes requests for all kinds of information. That means we're looking at everything from a police subpoena asking for a burglar's account email address to a secret court order for the IP address of a protestor. In many cases, it's impossible to know the context behind a request, but some of the data raises questions.

Facebook still can't give exact numbers for American requests

Between the beginning of 2013 and June 30th, for example, the Turkish government made 96 requests on 170 users; Facebook returned some data for just under half of those. In June, an official claimed the government was working with Facebook to identify protestors on social media during a bloody crackdown, something that Facebook denied. "We reject all government data requests from Turkish authorities and push them to formal legal channels unless it appears that there is an immediate threat to life or a child, which has been the case in only a small fraction of the requests we have received," it said then. Now, though, it appears that Turkey didn't actually have an overwhelming number of requests rejected, though the story is still very fuzzy.

Besides the US, only five countries asked for information on over 1,000 users: France, Italy, India, Germany, and the UK. Of those, France and Germany saw about 40 percent of their requests granted, while India and Italy got about half granted. The UK saw nearly 70 percent approved at least in part. But all five are dwarfed by the US, which made between 11,000 and 12,000 requests on 20,000 – 21,000 users. These numbers appear to have risen slightly from Facebook's estimates in 2012. Unlike all other country data, the US numbers can't even be reported exactly. The gag orders associated with FBI national security letters and FISA court requests make it difficult to talk about many orders at all, and Facebook was only allowed to start mentioning them in ranges in June.

Google and Microsoft have gotten similar allowances from the government, and both currently list US national security requests in wide ranges like Facebook does. Google particularly has fought for greater transparency in government requests, but following revelations that the NSA has broad access to information from almost every tech giant, lifting the veil on how often user data is given up has become simply good business practice for anyone whose success rests on keeping the public trust.
http://www.theverge.com/2013/8/27/46...-for-user-data





Facebook Friends Could Change Your Credit Score
KatieLobosco

Some tech startups are using your online social data to determine your creditworthiness.
Katie Lobosco

Choose your Facebook friends wisely; they could help you get approved -- or rejected -- for a loan.

A handful of tech startups are using social data to determine the risk of lending to people who have a difficult time accessing credit. Traditional lenders rely heavily on credit scores like FICO, which look at payments history. They typically steer clear of the millions of people who don't have credit scores.

But some financial lending companies have found that social connections can be a good indicator of a person's creditworthiness.

One such company, Lenddo, determines if you're friends on Facebook (FB) with someone who was late paying back a loan to Lenddo. If so, that's bad news for you. It's even worse news if the delinquent friend is someone you frequently interact with.

"It turns out humans are really good at knowing who is trustworthy and reliable in their community," said Jeff Stewart, a co-founder and CEO of Lenddo. "What's new is that we're now able to measure through massive computing power."

A German company called Kreditech says that it uses up to 8,000 data points when assessing an application for a loan.

In addition to data from Facebook, eBay or Amazon (AMZN, Fortune 500) accounts. Kreditech also gathers information from the manner in which a customer fills out the online application. For example, your chances of getting a loan improve if you spend time reading information about the loan on Kreditech's website. If you fill out the application typing in all-caps (or with no caps), you're knocked down a couple pegs in Kreditech's eyes.

Kreditech can determines your location and considers creditworthiness based upon whether your computer is located where you said you live or work.

The individual data points may not have meaning themselves, but can paint an good picture of the applicant when brought together, said Sebastian Diemer, a co-founder of Kreditech.

Another company, Kabbage, an online service that offers cash advances to small businesses, considers an owner's FICO score -- but only as one piece of a larger pie.

"We can get much better, faster data," said Marc Gorlin, Kabbage's chairman and co-founder.

Borrowers grant Kabbage access to their PayPal, eBay (EBAY, Fortune 500) and other online payment accounts, disclosing real-time sales and delivery information. The company says it can determine a business' creditworthiness and put money into its account in just seven minutes.

Once a small business is getting credit from Kabbage, it also has the option to link up its Facebook and Twitter accounts to the site, which could provide a bump in its "Kabbage score." The small businesses that do are 20% less likely to be delinquent on their loans, Gorlin said.

"Someone who's paying attention to Facebook and Twitter channels to deal with customer service is more likely to be on top of other parts of their business, too, like inventory and shipments," he said.

For now, many of these tech startups attract a niche group of borrowers. Kabbage targets small business owners who sell products online. Lenddo and Kreditech target middle-class individuals in emerging markets where credit is tight.

Lenddo has about 250,000 members, but it only operates in the Philippines, Columbia and Mexico. But others are larger in scope: Kreditech says it receives 1,000 applications per day and gives 10 million loans each year. Kabbage expects to provide 75,000 cash advances this year, ranging between $500 and $50,000 -- that's three times as many loans that the U.S. Small Business Administration gave last year.

Using "big data" to assess credit risk is on the verge of going mainstream. Kreditech has already began selling its technology to national online lenders in Russia and the Czech Republic. Gorlin said he hopes Kabbage will move into that space for lenders as well.

Some in the financial industry are skeptical about social data and online behavior being used as a kind of credit score. John Ulzheimer, a credit expert at CreditSesame.com, says social data aren't necessarily indicative of whether the borrower will pay back a loan on time. FICO only considers a handful of factors, but they are all "incredibly predictive of risk," Ulzheimer said.

There's also the potential to game the system. Consumers can easily control how many Facebook friends they have and tweets they write. The same cannot be said for what goes into their credit score.

"To me, using social media is a little bit dangerous," Ulzheimer said.
http://money.cnn.com/2013/08/26/tech...ore/index.html





‘Revenge Porn’ Could Be Criminal Offense in California
Somini Sengupta

On a recent episode of “The Newsroom,” on HBO, the character Sloan Sabbith, a financial reporter, was mortified when an ex-boyfriend posted compromising pictures of her online, which then went viral. Her recourse – on the show at least – was to track down the offending creep and punch him.

If Ms. Sabbith were living in California, she would be closely following the deliberations of the state Legislature here this week. A proposal, to be debated Tuesday in the Assembly, could let victims of so-called revenge porn see their vindictive ex-lovers go to jail for up to a year.

The bill passed the state Senate earlier this summer. It would make it a criminal misdemeanor to post nude or revealing pictures that may have once been taken with a subject’s consent. The practice has become increasingly common, victims’ advocates say. And it poses a vexing legal question, pitting the rights of victims against the principles of free expression. Making matters more complicated is the fact that sites that host these user-generated images are usually immune from civil liability under federal law.

The California proposal is among a few state measures meant to designate revenge porn as a specific crime. New Jersey has one on the books. Florida floated a similar bill earlier this year, which free-speech advocates decried as overly broad. The California proposal, in its current form, differs in that it has been amended to specifically address people who distribute images “with the intent to cause serious emotional distress.”

The measure covers photos and video recordings of a person in “a state of full or partial undress in any area in which the person being photographed or recorded has a reasonable expectation of privacy.”

The question, though, is whether a new practice, enabled by the Internet, deserves a new law – or whether instead existing statutes provide enough protection.

“I’m unclear exactly how much ground the new law would cover that isn’t already covered by existing laws, such as anti-harassment/anti-stalking laws,” said Eric Goldman, a law professor at Santa Clara University, who has warned against newly criminalizing new online behaviors, “As usual, one of the key questions is how existing law has failed and what behavior is being newly criminalized.”

The American Civil Liberties Union opposed the measure when it was originally introduced and has said nothing about the latest amendments.

Its advocates argue that a specific statute is necessary because existing anti-stalking and harassment laws generally cover a repeated pattern of posting such images, and not one particular instance, which itself can be damaging. What’s more, they say, making the posting of these images a punishable offense under a new law would send a message to police and prosecutors. “It signals taking the issue seriously, that harms are serious enough to be criminalized,” said Danielle Citron, a law professor at the University of Maryland.

As for free expression, she argued that the law should distinguish between images that are meant to be public – protest art, for instance, which should get the highest First Amendment protection – and those that are meant to be private, like nude pictures.

Complicating matters, nonconsensual pornography, as the practice is sometimes called, doesn’t involve only a victim and a perpetrator. One person might record the image with the subject’s consent and post without consent, while another entity can host it – several Web sites specialize in doing just that – and many other Internet users can in turn spread that image far and wide in a matter of hours, or less.

“It’s not entirely clear what the culpability of each of these actors are in many contexts, or if they should equally be held liable,” said Woodrow Hartzog, a law professor at Samford University in Birmingham, Ala. He suggested using other laws, like breach of trust, to go after the individuals who post the material.

Web sites that host these images have a strong ally in Section 230 of the federal Communications Decency Act, which protects third-party platforms from liability for user-generated content. There have been efforts to weaken that immunity, most recently by a coalition of state prosecutors that urged Congress to amend the statute. They have been loudly criticized by some Internet free-speech advocates.
http://bits.blogs.nytimes.com/2013/0...in-california/





Discover the World's Greatest Internet Cities
Mary Jander

In this Digital Age, part of what makes a great city is its connectedness to the Internet.

The growth of online business, smartphones with mobile applications, social networking, and GIS are instrumental in improving the quality of life in cities worldwide.

In New York City, for instance, GIS tracking was essential to delivering emergency services during Superstorm Sandy. In Tokyo and Seoul mobile banking is integral to everyday life. In Prague, Amsterdam, or Montreal youthful travelers easily keep in touch with home. The Internet, in short, is fundamental to urban life, and the more applications the better.

In this report, we at Future Cities have taken a look at the quality of Internet connectivity across cities worldwide, using the following criteria to let the cream rise to the top:

• Average Internet connection speed. Faster is, of course, better. We consulted the most recent "State of the Internet" report from online tracking firm Akamai for information on services in cities worldwide.

• Availability of citywide WiFi, preferably free and fast. Ubiquitous mobile communications demand cellular-based WiFi networks -- LTE (a.k.a. 4G LTE), WiMax, municipal broadband, and the like.

• Openness to innovation. Cities that accommodate startups are more likely to enjoy the benefits of early access to emerging technologies, along with the economic boosts that come with exciting young companies.

• Support of public data. Cities that open local data such as real estate records, 311 inquiries, location information, and various statistics to the public for creative use get our vote. Civic hackathons are a terrific vehicle for serving the public good via great city applications.

• Security and data privacy. It won't matter much if a city has great Internet connectivity if citizens' identities are being stolen online. To make this list, cities had to stand up in terms of security.


So without further ado, we present you with our list, in no particular order. Enjoy -- and tell us what you think on the message board!

• Seoul
• Hong Kong
• Tokyo
• Prague
• Amsterdam
• Montreal
• Seattle
• Geneva
• Stockholm
• Vienna

(Note: All Internet speeds come from Akamai's report, "The State of the Internet, 1st Quarter, 2013." Salary ranges are in US dollars, and have come from sources including Indeed.com, Salary.com, SimplyHired.com, and PayScale.com.)

— Nicole Ferraro, Editor in Chief; Mary Jander, Managing Editor; and Rich Heap, Community Editor, UBM's Future Cities
http://www.ubmfuturecities.com/docum...?doc_id=525595





Researcher Controls Colleague’s Motions in 1st Human Brain-to-Brain Interface
Doree Armstrong and Michelle Ma

University of Washington researchers have performed what they believe is the first noninvasive human-to-human brain interface, with one researcher able to send a brain signal via the Internet to control the hand motions of a fellow researcher.

Using electrical brain recordings and a form of magnetic stimulation, Rajesh Rao sent a brain signal to Andrea Stocco on the other side of the UW campus, causing Stocco’s finger to move on a keyboard.

While researchers at Duke University have demonstrated brain-to-brain communication between two rats, and Harvard researchers have demonstrated it between a human and a rat, Rao and Stocco believe this is the first demonstration of human-to-human brain interfacing.

“The Internet was a way to connect computers, and now it can be a way to connect brains,” Stocco said. “We want to take the knowledge of a brain and transmit it directly from brain to brain.”

The researchers captured the full demonstration on video recorded in both labs. The following version has been edited for length. This video and high-resolution photos also are available on the research website.

Rao, a UW professor of computer science and engineering, has been working on brain-computer interfacing in his lab for more than 10 years and just published a textbook on the subject. In 2011, spurred by the rapid advances in technology, he believed he could demonstrate the concept of human brain-to-brain interfacing. So he partnered with Stocco, a UW research assistant professor in psychology at the UW’s Institute for Learning & Brain Sciences.

On Aug. 12, Rao sat in his lab wearing a cap with electrodes hooked up to an electroencephalography machine, which reads electrical activity in the brain. Stocco was in his lab across campus wearing a purple swim cap marked with the stimulation site for the transcranial magnetic stimulation coil that was placed directly over his left motor cortex, which controls hand movement.

The team had a Skype connection set up so the two labs could coordinate, though neither Rao nor Stocco could see the Skype screens.

Rao looked at a computer screen and played a simple video game with his mind. When he was supposed to fire a cannon at a target, he imagined moving his right hand (being careful not to actually move his hand), causing a cursor to hit the “fire” button. Almost instantaneously, Stocco, who wore noise-canceling earbuds and wasn’t looking at a computer screen, involuntarily moved his right index finger to push the space bar on the keyboard in front of him, as if firing the cannon. Stocco compared the feeling of his hand moving involuntarily to that of a nervous tic.

“It was both exciting and eerie to watch an imagined action from my brain get translated into actual action by another brain,” Rao said. “This was basically a one-way flow of information from my brain to his. The next step is having a more equitable two-way conversation directly between the two brains.”

The technologies used by the researchers for recording and stimulating the brain are both well-known. Electroencephalography, or EEG, is routinely used by clinicians and researchers to record brain activity noninvasively from the scalp. Transcranial magnetic stimulation is a noninvasive way of delivering stimulation to the brain to elicit a response. Its effect depends on where the coil is placed; in this case, it was placed directly over the brain region that controls a person’s right hand. By activating these neurons, the stimulation convinced the brain that it needed to move the right hand.

Computer science and engineering undergraduates Matthew Bryan, Bryan Djunaedi, Joseph Wu and Alex Dadgar, along with bioengineering graduate student Dev Sarma, wrote the computer code for the project, translating Rao’s brain signals into a command for Stocco’s brain.

“Brain-computer interface is something people have been talking about for a long, long time,” said Chantel Prat, assistant professor in psychology at the UW’s Institute for Learning & Brain Sciences, and Stocco’s wife and research partner who helped conduct the experiment. “We plugged a brain into the most complex computer anyone has ever studied, and that is another brain.”

At first blush, this breakthrough brings to mind all kinds of science fiction scenarios. Stocco jokingly referred to it as a “Vulcan mind meld.” But Rao cautioned this technology only reads certain kinds of simple brain signals, not a person’s thoughts. And it doesn’t give anyone the ability to control your actions against your will.

Both researchers were in the lab wearing highly specialized equipment and under ideal conditions. They also had to obtain and follow a stringent set of international human-subject testing rules to conduct the demonstration.

“I think some people will be unnerved by this because they will overestimate the technology,” Prat said. “There’s no possible way the technology that we have could be used on a person unknowingly or without their willing participation.”

Stocco said years from now the technology could be used, for example, by someone on the ground to help a flight attendant or passenger land an airplane if the pilot becomes incapacitated. Or a person with disabilities could communicate his or her wish, say, for food or water. The brain signals from one person to another would work even if they didn’t speak the same language.

Rao and Stocco next plan to conduct an experiment that would transmit more complex information from one brain to the other. If that works, they then will conduct the experiment on a larger pool of subjects.

Their research was funded in part by the National Science Foundation’s Engineering Research Center for Sensorimotor Neural Engineering at the UW, the U.S. Army Research Office and the National Institutes of Health.
http://www.washington.edu/news/2013/...ain-interface/

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

August 24th, August 17, August 10th, August 3rd

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 06:30 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)