P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 22-01-14, 08:57 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - January 25th, '14

Since 2002


































"So much information, on so many people. You know, for us, this would have been a dream come true." – Wolfgang Schmidt, Stasi


"Simply identifying the account holder associated with an IP address tells us very little about who actually downloaded using that IP address." – Judge Robert Lasnik






































January 25th, 2014




Judge: IP-Address Does Not Prove Copyright Infringement
Ernesto

A federal judge in Washington has issued a key order in one of the many ongoing mass-BitTorrent piracy lawsuits in the United States. The judge ruled that a complaint from the “Elf-Man” movie studio is insufficient because the IP address evidence does not prove that an account holder is guilty of copyright infringement.

Mass-BitTorrent lawsuits have been dragging on for years in the US, involving hundreds of thousands of alleged downloaders.

The copyright holders who start these cases generally provide nothing more than an IP address as evidence. They then ask the courts to grant a subpoena, allowing them to force Internet providers to hand over the personal details of the associated account holder.

The problem, however, is that the person listed as the account holder is often not the person who downloaded the infringing material. Or put differently; an IP address alone can’t identify a movie pirate.

Judges who handled similar cases in the past have made observations along the same lines and now Washington District Judge Robert Lasnik has added his opinion, ruling that IP address-only evidence fails to meet the pleading standards required to pursue for copyright infringement.

The case in question involves the makers of the movie Elf-Man, who sued hundreds of people for being involved in pirating their film using BitTorrent. The studio alleges that the IP address assigned to each defendant was monitored sharing a pirated version of the film.

More specifically, the complaint alleges that the defendants either (a) downloaded the pirated film themselves, or (b) permitted, facilitated, or promoted the use of their Internet connections by others to download the film.

While the above may be accurate in some cases, it’s not good enough for a copyright infringement claim. Ruling on a motion to dismiss filed on behalf of one of the defendants, Judge Lasnik notes that part (b) is not a valid claim.

“[The movie studio] has actually alleged no more than that the named defendants purchased Internet access and failed to ensure that others did not use that access to download copyrighted material,” Lasnik states.

In other words, the complaint itself states that the account holder may not be the person who downloaded the movie, which isn’t enough to pursue the case.

“Simply identifying the account holder associated with an IP address tells us very little about who actually downloaded ‘Elf-Man’ using that IP address,” Judge Lasnik writes.

“While it is possible that the subscriber is the one who participated in the BitTorrent swarm, it is also possible that a family member, guest, or freeloader engaged in the infringing conduct,” he adds.

As a result, the defendant’s motion to dismiss was granted because the movie studio failed to state a claim for direct copyright infringement, contributory infringement and indirect infringement. The copyright holder is allowed to file an updated complaint, but doubts that the movie studio will be able to make a valid claim.

The ruling is crucial as it confirms that an IP address is not enough evidence in these cases, and that account holders are not legally responsible per se for others who may pirate on their connection. Or at least, that an IP address alone is not enough to launch a copyright infringement lawsuit.

As noted by troll watcher SJD the order is a win for the many people involved in similar cases. “This is yet another nail (and a pretty sharp one) in the coffin of copyright trolling,” she writes.

Elf-Man’s main star Jason Acuna probably won’t mind the outcome, as he previously distanced himself from the lawsuits in question.

“I’m not backing it at all.. Has NOTHING to do w/ me!! It’s all them..,” he wrote on Twitter.
http://torrentfreak.com/judge-ip-add...gement-140121/





The iPod of Prison
Joshua Hunt

In early 2005, Josh Demmitt arrived at a federal prison camp, in Sheridan, Oregon, to serve a thirty-month sentence for starting a fire outside an animal-testing facility at Brigham Young University. The nineteen-year-old received a warm welcome from his fellow inmates, who greeted him with coffee and cigarettes, advice on procuring vegan meals, and a pocket AM/FM radio.

The radio provided hours of welcome distraction for Demmitt, who had come from Sheridan’s adjoining detention center, where, he says, he spent weeks without a radio while confined to a small cell for at least twenty-three hours a day. The radio was unlike any Demmitt had seen outside prison, with a transparent plastic body that revealed the landscape within: a single AA battery rested at the bottom of its circuit board, while its antenna—one and three quarter inches of copper wire coiled around a small ferrite bar—peeked through a white Sony logo, just above the AM/FM dial.

The pocket analog radio, known by the bland model number SRF-39FP, is a Sony “ultralight” model manufactured for prisons. Its clear housing is meant to prevent inmates from using it to smuggle contraband, and, at under thirty dollars, it is the most affordable Sony radio on the prison market.

That market consists of commissaries, which were established by the Department of Justice in 1930 to provide prisoners with items not supplied by their institutions; by offering a selection of shampoos and soaps, they shifted personal hygiene costs to inmates, while distractions like playing cards eased tensions among the nation’s growing prison population. More than half a million inmates each week shop at commissaries stocked by the Keefe Group, a privately held company that sells items to the Federal Bureau of Prisons, and twelve out of fourteen privately managed state departments of corrections. A sample commissary order form lists items like an I.B.M. typewriter ribbon, hair dye, RC Cola, Sensodyne toothpaste, chili-garlic sauce, Koss CL-20 headphones, and a “Sony Radio.”

Commissaries often carry other, bargain-brand radios, but according to former inmates and employees of the Bureau of Prisons and the Keefe Group, who spoke on the condition of anonymity, America’s federal prisoners are most likely to own a Sony. Melissa Dolan, a Sony spokesperson, confirmed in an e-mail that selling portable radios in American prisons has long been a “stable business” that represents “sizable” sales for the company. Of the models available, the SRF-39FP remains an undisputed classic, still found on commissary lists an impressive fifteen years after its initial release, making it nearly as common behind prison walls as Apple’s iPod once was outside of them, despite competition from newer devices like digital radios and MP3 players.

But sheer availability doesn’t explain its ubiquity. The SRF-39FP is the gold standard among prison radios in part because it runs on a single AA battery, and offers forty hours of listening time—longer than an iPod Classic. Digital models can require twice as many batteries, like the Sony SRF-M35FP, which runs on two AAAs. Federal inmates are particularly attuned to battery life because they are allowed to spend just three hundred and twenty dollars each month on commissary goods; more cash spent on batteries means less for snacks, stationery, clothing, and toiletries.

The importance of radio battery life in prison communities cannot be overstated; the devices are relied on for more than listening to music, hearing about local news and weather, and watching television (TV sets in common areas often use transmitters to broadcast sound on a dedicated frequency). A study conducted at San Vittore prison in Milan, Italy, found that “in a place where privacy is constantly denied, radio becomes a vital tool for building and maintaining one’s private self.” Some inmates even had a term for using their radio to create a bubble of personal space: “I headphone myself,” one said.

There is also a bit of prison culture itself at work in the story of the SRF-39FP. Radios like the one that was loaned to Demmitt are usually left behind by inmates who have reëntered the free world. Some prisoners believe that it is bad luck for radios to leave prison with their owners, while others believe that taking them simply violates the “convict code,” according to former inmates like Demmitt and Steven Grayson, author of “The Unauthorized Federal Prison Manual.” Whether radios are abandoned as a matter of solidarity, convenience, or good karma, they pass from inmate to inmate, serving one sentence after another. The durable, analog SRF-39FPs have been changing hands in this manner for a decade and a half, which adds up to a lot of radios in circulation.

This practice helps explain the relative rarity of the SRF-39FP outside prisons. A unit in good condition can fetch up to double or triple its retail value among enthusiasts and collectors like Gary DeBock, a co-founder of the Ultralight Radio Group. According to DeBock, the outside supply depends upon stock siphoned from the California prison system and sold on auction sites like eBay.

DeBock is a member of the “DXing” community, whose hobbyists attempt to pick up distant radio or television signals, including those from amateur or pirate radio stations. (“DX” is shorthand for “distant stations.”) DeBock’s fascination with the SRF-39FP began when he realized that it could receive AM signals from places as distant as Japan and Korea at his home in Puyallup, Washington. “Since then, I’ve probably had more exposure to the SRF-39FP than anyone else who has managed to stay out of prison,” DeBock said.

Others in the online DXing community argue that the SRF-39FP is superior to virtually every other pocket analog radio, praising it for its large tuning thumbwheel, over-all sensitivity and audio quality, and, above all, its reputed indestructibility. Electronics and radio collectors also marvel at features that are normally associated with professional equipment rather than consumer goods: in particular, an exceptional single-integrated-circuit receiver that insures reception in remote locations—or deep within heavy prison walls. In fact, the SRF-39FP was one of the first radios to use the breakthrough CXA1129N integrated-circuit chip, considered by DeBock to be the primary innovation among Sony pocket radios; it helped make the SRF-39FP the smallest and most sophisticated in a line of pocket radios that had launched two decades earlier, in the late nineteen-seventies.

In recent years, Sony has opted to shift its prison-radio lineup away from analog, focussing instead on digital models like the SRF-M35FP. Last year, the Bureau of Prisons decided that it was time to further upgrade prison tech. Following a successful test at the same West Virginia federal prison camp where Martha Stewart spent five months for lying about a stock sale, prison officials began selling MP3 players that allow inmates to download songs at terminals in prison commissaries.

A Bureau of Prisons spokesperson said that the MP3 program wasn’t expected to make money in its early years. Price is one reason: the MP3 player sold in federal prisons costs roughly three times as much as an SRF-39FP, and downloads can cost up to a dollar and fifty-five cents per song. Limited song selection is another reason; the Bureau of Prisons prohibits songs deemed explicit or likely to incite the inmate population. (JPay, a company that provides services to inmates, boasts that, with its catalogue of ten million songs, “no other music service in corrections offers as many tracks for download.”) However, despite modest expectations for the technology upgrade, the Bureau of Prisons spokesperson Ed Ross said that more than fifty per cent of federal inmates have already bought MP3 players. It seems inevitable that the MP3 player will soon completely eclipse radios like the SRF-39FP in American prisons, just as they did outside, but for now both devices are woven into prison life.

Josh Demmitt left his Oregon prison camp in May, 2007, two and a half years after he had arrived. While his radio didn’t come back with him to suburban Utah, within a matter of weeks he bought his first iPod.
http://www.newyorker.com/online/blog...ony-radio.html





Google Set to Face Intellectual Ventures in Landmark Patent Trial
Dan Levine

Intellectual Ventures is set to square off this week against Google Inc's Motorola Mobility unit in the first trial that the multibillion-dollar patent-buying firm has undertaken since it was founded.

Privately-held Intellectual Ventures sued Motorola in 2011, claiming the mobile phone maker infringed patents covering a variety of smartphone-related technologies, including Google Play. Motorola has denied the allegations and will now go to trial over three of those patents.

Barring any last-minute settlements, jury selection is scheduled to begin on Tuesday at a federal court in Wilmington, Delaware.

The trial takes place amid an unfolding debate in Congress over patent reform, in which Intellectual Ventures and Google are on opposite sides. Google is backing attempts to curb software patents and make it easier to fight lawsuits, while IV has warned that Congress should not act too rashly to weaken patent owners' rights.

IV and other patent aggregators have faced criticism from some in the technology industry, who argue that patent litigation and royalty payments have become a burdensome tax on innovation. They say firms like IV, which do not primarily make products, are exploiting the patent system.

But IV argues that unlike some of the firms denounced as "patent trolls," it invests only in quality intellectual property and does not file frivolous lawsuits. IV also says it helps inventors get paid for their innovations while helping tech companies protect and manage their intellectual property.

Should the Delaware jury rule against Motorola and uphold IV's patents, it could bolster the firm's argument that it does not buy frivolous patents, said Shubha Ghosh, a University of Wisconsin Law School professor.

Yet a win for Motorola could be held up as evidence that the U.S. government issues too many dubious patents. And even if IV prevails, Google could still argue that patent litigation before a jury of non-expert citizens is akin to a lottery, said Ghosh, who supports patent reform.

"Just because you have a winning ticket doesn't mean it's not still a lottery," he said.

IV and Google both declined to comment on the upcoming trial.

Since its founding in 2000, IV has raised about $6 billion (3.6 billion pounds) from investors and has bought tens of thousands of intellectual property assets from a variety of sources. Google was an investor in IV's first patent acquisition fund, but did not join later vehicles.

IV filed a barrage of lawsuits in 2010 against companies in various sectors, and most defendants have since settled.

THE INVENTORS

Two of the patents in the upcoming Motorola trial cover inventions by Richard Reisman, U.S. government records show. Through his company, Teleshuttle, Reisman has developed several patent portfolios for various technologies, including an online update service, according to the Teleshuttle website.

IV claims that the two Reisman patents cover several of Motorola's older-generation cellphones that have Google Play, a platform for Android smartphone apps. Motorola argues that IV's patents should never have been issued because the inventions were known in the field already.

Reisman did not respond to requests for comment.

One of the patents in play against Motorola has been in a courtroom before. Teleshuttle and a British partner, BTG, sued Microsoft and Apple in 2004 using one of the same patents now in play against Motorola.

In 2006, Teleshuttle and BTG sold their patent rights to Delaware-based Twintech EU LLC for $35 million up front, plus a percentage of future licensing fees, according to BTG's website. At the same time as the sale, BTG and Teleshuttle abruptly withdrew their cases against Apple and Microsoft.

Microsoft and Apple were both early investors in Intellectual Ventures. IV often uses subsidiary companies to buy patents, and then transfer them at a later date to related corporate entities, though public records do not indicate whether IV had an ownership interest in Twintech.

IV took title on the patents from Twintech in September 2011 and sued Motorola a month later, U.S. records show. In a 2011 blog post, Reisman wrote that his deal with IV provided resources "to let me focus on my work as an inventor."

Microsoft declined to comment while Apple did not respond to a request for comment.

Another patent being asserted against Motorola was originally issued to Rajendra Kumar in 2006. Kumar's company, Khyber Technologies, transferred it to Balustare Processing NY LLC in July 2011, which passed it over to IV about a month later, patent records show.

Khyber Technologies was founded in 1991 with the goal of creating the next generation of handheld computing products, according to its website. The patent that IV obtained from Khyber covers detachable handset technology, which IV claims Motorola used in its defunct Lapdock product.

Kumar declined to comment on the IV lawsuit.

If IV wins, damages will be decided at a later proceeding. The trial is expected to last about ten days.

The case in U.S. District Court, District of Delaware is Intellectual Ventures I and Intellectual Ventures II, 11-908.

(Reporting by Dan Levine; editing by Jonathan Weber)
http://www.reuters.com/article/2014/...A0J0PC20140120





Candy Crush Saga Has Trademarked Candy And Apple's App Store Is Helping Enforce It
Anthony Wing Kosner

Candy Crush Saga is the most pervasive casual game phenomena since Angry Birds and it seems intent on crushing any potential competitors—at least those that use the word “candy” in their titles. King.com Limited registered claim with the US trademark office almost a year ago, to the word ‘candy’ as it pertains to video games (and clothing!) Well, last Wednesday, January 15, King’s filing was approved and today there are reports that developers are receiving emails from Apple if their games contain the word “candy” in the title. There is no report yet if any clothing makers have been contacted, but a quick look at the Zaraterez website shows that they are no longer offering Candy Crush as one of their leggings offerings.

According to a report by Jim Squires in the GameZebo blog, a developer named Benny Hsu, who makes a game called All Candy Casino Slots – Jewel Craze Connect: Big Blast Mania Land (quite a keyword-stuffed mouthful!), got such an email from Apple. “Lots of devs are frustrated cause it seems so ridiculous,” says Hsu. Developers are being asked to remove their apps from the App Store or prove that their gams do not infringe upon the Candy Crush trademark.

When Hsu contacted King.com, expecting an apology for the mistake, their paralegal answered him, “Your use of CANDY SLOTS in your app icon uses our CANDY trade mark exactly, for identical goods, which amounts to trade mark infringement and is likely to lead to consumer confusion and damage to our brand. The addition of only the descriptive term ‘SLOTS’ does nothing to lessen the likelihood of confusion.”

Copycat apps are indeed a serious issue on the app stores and it is hard to guard against fakes, but the Candy Crush claim seems a bit broad. Surely there are many games involving candy that are sufficiently differentiated from Candy Crush so as to not be deemed infringing. Ironically, Candy Crush Saga is itself a knockoff of a hugely popular (and decade old) “match-three” game called Bejeweled. But it is name recognition at question here, not originality. One would think that Hasbro, the maker of that venerable children’s board game (which does have video game versions) Candy Land, would already have this trademark sewed up.

Games like Candy Crush Saga represent big money for Apple, so it is no wonder they are helping to enforce King’s trademark efforts. And it is good for developers of popular games to see that Apple is combating copycats. But won’t many more developers be turned off by this apparent land grab in keyword space? What, no more “birds,” “farms,” “words,” ”rope,” ”fruit,” (or “ninjas”)? It seems to me that the notices should have been reserved for legitimate “copycat” games that are clearly playing on the popularity of Candy Crush and hoping to fool people into downloading their substandard app.

This last point is where this all gets a little absurd. Candy Crush Saga makes an estimated daily revenue of just shy of $1 million—and it’s a free game! It makes that money by sucking players into its manipulative game play and offering to scratch the resulting itches for a price. Someone might download a copycat game but they won’t actually get sucked in unless it’s actually a good game. Meanwhile, Candy Crush itself is being investigated by the U.K. Office of Fair Trading to see if “guidelines are needed to stop firms exploiting young users,” not to mention the 25-55 year-old female target demographic that has gotten hooked.

Update: I have been contacted by a representative from King who issued the following statement:

“We have trademarked the word ‘CANDY’ in the EU, as our IP is constantly being infringed and we have to enforce our rights and to protect our players from confusion. We don’t enforce against all uses of CANDY – some are legitimate and of course, we would not ask App developers who use the term legitimately to stop doing so.

The particular App in this instance was called ‘Candy Casino Slots – Jewels Craze Connect: Big Blast Mania Land’, but its icon in the App store just says ‘Candy Slots’, focussing heavily on our trademark. As well as infringing our and other developer’s IP, use of keywords like this as an App name is also a clear breach of Apple’s terms of use. We believe this App name was a calculated attempt to use other companies’ IP to enhance its own games, through means such as search rankings.”

I am following up with the company to determine the exact criterion they are using to enforce their trademark, but according to their spokesperson Hsu was the only developer contacted and asked to remove an infringing app from the Apple App Store. More on this story as it develops…
http://www.forbes.com/sites/anthonyk...ng-enforce-it/





King.com, Makers of Candy Crush Saga...Trademark Trolls with a Double Standard?

King.com (makers of Candy Crush Saga) recently trademarked the word "Candy" and are now using their legal & financial power against smaller competing companies:

Candy Crush Saga developer trademarks 'candy' (Polygon.com)
Candy Crush owner King.com wins trademark, immediately starts sending takedowns (Geek.com)

It's ironic that King.com is concerned about intellectual property when they so blatantly copied our game Scamperghost with their game "Pac-Avoid" in late 2009. In fact, using "Pac" from Namco's Pac-Man is exactly the same thing they're trying to stop people from doing with their "Candy" trademark!

How It Happened / Proof

We were in talks with Lars Jörnow at King.com to license our Scamperghost game. Before the deal was closed (and certainly before any contracts were signed) MaxGames.com made a better offer so we thanked King for considering our game and politely ended our negotiations.

King.com (giant company) retaliated against us (two young indie devs) by quickly making a direct clone of our game and almost released it before us! We only got ours out sooner because a friend close with the company contacted us privately to warn us in advance...

Some fellow Flash game developers were pretty outraged at the IndieGamer.com forum. King.com eventually emailed us:

from: Lars Jörnow <larsj@king.com>
date: Fri, Feb 12, 2010 at 11:43 AM
subject: IndieGamer Forum post
mailed-by: king.com

We wanted to sponsor Scamper Ghost since it's a great game and since we were actively looking for an avoider game at the time. The flash world is filled of similar-looking games, and there are probably hundreds of avoider-games with similar menus, a box with enemies, and coins - and we thought Scamper Ghost was awesome.

Scamper Ghost is a great game. We're sorry our deal didn't turn out with you guys - you made out with more money and we were left without an avoider game that we had already planned on. We needed an avoider game and sponsored a similar game.

- Lars


But it was worse than just "sponsorship of a similar game." We tracked down the developer that made Pac-Avoid and it turns out they were contacted by King.com to clone the game!

from: Porter porter@epicshadow.com
date: Mon, Jun 21, 2010 at 9:25 PM
subject: Pac Avoid / Scamper Ghost

First off, sorry that we (Andrew and I of EpicShadow) cloned your game for Lars of King.com. I know there's a ton of rumor as to what happened, so here's the exact details, you believing them is your decision. Lars approached us one day explaining that you (Stolen Goose) had signed a contract, had been working with him on finishing the deal, and then got a better deal and backed out. As tempting as more cash would be, if contract was signed, douche move. I don't know if that actually happened, so feel free to clear it up. He asked us to clone the game very quickly, and even wanted to beat the release of the original game.


No "contract" was ever signed, this was Lars/King justifying their actions to a small indie developer that might otherwise have turned down the request to copy our game.

Scamperghost isn't the most original game in the world. It's obviously inspired by Pac-Man but we at least took it in an original direction by making it a mouse avoider with no walls.

King.com, however, showed no respect for other people's intellectual property when they made a direct, blatant clone of Scamperghost. Now they've trademarked "Candy" and are using their massive legal power against other small competing developers. A bit of a double-standard, eh?
http://junkyardsam.com/kingcopied/#





Corporations Abusing Copyright Laws Are Ruining the Web for Everyone
Paul Sieminski

Picture this somewhat typical scenario: Before breakfast, you use WordPress to write your morning blog post, which includes a screen shot of a movie you saw last night, along with your thoughts about the film. During your workday, a colleague shows you a viral YouTube parody of a popular music video (found via a Google search). On your lunch break, you shop for a new book on Amazon, which you buy after reading a few reader reviews that include short quotations from the book. After work, you take pictures of your Brooklyn loft replete with Obey art posters and post them to Airbnb, hoping to rent it out for the week you’re visiting family. At night, you catch up on an episode of Downton Abbey that you recorded to your DVR earlier in the week.

Whether you know it or not, each one of these activities is made possible by the legal term “fair use.” It’s an indispensable part of our lives, enabling many of the websites and services we use daily or depend on for our livelihoods. Fair use also happens to be an exception to content owner’s rights under copyright law.

By allowing limited use of copyrighted material for things like criticism, review, commentary, parody, or just personal non-commercial use, fair use has a widespread and often invisible impact on today’s social internet. Yet its very ubiquity means it’s often taken for granted by individuals — and the internet companies who benefit from it.

This is worrying because fair use is under threat, and one of the culprits is the DMCA takedown notice that provides copyright owners an easy tool to remove content they claim to be unlawfully posted. Copyright owners send these notices to web companies who host content; the companies must then remove the content or risk legal liability themselves. Meant to promote the quick removal of impermissible copyright infringement, the DMCA system works well in many cases.

Unfortunately, an increasing number of copyright holders misuse this system to target even lawful fair use of their work. And the current DMCA system enables these aggressive copyright owners by providing virtually no penalties for failing to consider common exceptions to infringement — like fair use.

Many times per week, WordPress.com receives such DMCA takedown notices that target what we can plainly see is fair use. An all too common example is a notice directed at a blogger who is criticizing a company or its products, and therefore using screenshots of the company’s website or a photo of the company’s wares in their post. This isn’t just an outlier case; given our unique vantage point, we see an alarming number of businesses attempt to use the DMCA takedown process to wipe criticism of their company off the internet.

What can someone on the receiving end of a fair use takedown do? One option is to challenge the removal of content by filing a “counter notice” with the internet company that removed the posting. Making this filing is a fairly easy thing to do, but few users actually go through with it.

In fact, Twitter reported in its most recent transparency report that it saw a 76% year-over-year increase in DMCA takedown demands: over 5,500 takedown notices were received over a six month period. But in that same time, Twitter received only six counter-notices challenging removal of content. One reason this number may be so low is that, in the process of submitting a counter notice, users are required to reveal their personal identity and agree to be sued in federal court.

The risk of being liable for large statutory damages (even if the infringement is minor) clearly daunts and sidelines an average individual user. The unfortunate result of this takedown notice power differential, however, is that a massive amount of content is being permanently removed from the internet. Even though much of it is lawfully and fairly used.

This is where internet companies have an opportunity to step in and do more to help, instead of just blindly honoring takedown notices. One obvious solution is education — not just for users but for DMCA complaint submitters too — about when fair use applies in the context of their sites.

Another issue is that it’s easy on many websites to submit a DCMA takedown notice, but not as easy to submit a DMCA counter notice for improperly targeted content. Addressing this disparity is another easy step companies can take since many users don’t understand how to navigate the process and certainly don’t want to (or can’t) spend money hiring a lawyer to help. On WordPress.com, where I work, we created a simple counter-notice form that’s both easy to find and complete. We also make an effort to carefully review inbound DMCA notices, and push back on the ones that clearly target fair use, so lawful content is not taken down in the first place.

Many internet companies enjoy the legal protections of the DMCA and the convenience of letting users be responsible for what they post. But this puts much of the burden of defending lawfully posted content on individual users. Users who post content to a company’s services are a constituency whose expression deserves to be protected. Until copyright laws change to provide some meaningful penalties for targeting fair use, internet companies need to be more active on copyright issues, serving as the first line of defense in protecting the fair uses of content that have helped to make their platforms so popular. Not to mention profitable, as fair use of content drives consumer demand for online information and services.

Fair use has also transformed the internet from a passive information library to an active, participatory, sharing web. People interact with information more meaningfully and passionately when they can transform it, review it, mash it up, and add their own individual perspectives to it — leading to a better internet for everyone (including copyright holders!). So let’s do what we can to make sure the fair-use doctrine that created this living and breathing entity is protected.
http://www.wired.com/opinion/2014/01...care-fair-use/





Online Movie Streaming Can Be Profitable as TV, Disc Sales

New report also shows that revenue from DVD and Blu-ray sales will likely decrease by 38% over the next four years
Lucas Mearian

If movie producers charged a $15 monthly fee to just 45% of the world's online subscribers, they could rake in just as much cash as they currently do through TV downloads and disc sales, a report released today showed.

According to the report from U.K.-based Generator Research, movie producers this year are expected to earn $29.4 billion from TV and home video sales.

"Movie producers have little to fear from online distribution in the long term," the report states. "It is the distribution part of the movie business that should be worried because online distribution will replace a sizable portion of their current industry.

"For those operating in developed Internet markets, this will mean that corporate strategies must change," the report added.

The report's theoretical model for ISPs points to a future where internet users pay a fixed fee for movie content on services such as Netflix, just like many users do today for music content.

The Generator Research model assumes stagnant online movie distribution. However, online movie revenue is expected to increase by 260% from $3.5 billion this year to $12.7 billion in 2018, the report adds.

Forty-five percent of the world's broadband subscribers equates to 348 million people.

According to the report's hypothetical model, the $15 fee would offer open access to all movie content - meaning instant online access to all movies that have been ever produced, "along with new releases as they come out."

"And they would get access to all of this from all of their connected devices," the report stated.

Box office revenues, according to the report, are also expected to increase over the next four years by 22%, from $33.2 billion in this year to $40.5 billion in 2018.

Revenue from television downloads and rentals are also expected to increase, Generator Research said, from $11.7 billion in 2014 to $14.3 billion in 2018, a 22% hike.

Conversely, DVD and Blu-ray revenues will fall because consumer demand is falling and competition from so-called "virtual formats" is increasing. Revenue from DVD and Blu-ray sales will decrease by 38% from $14.3 billion in 2014 to $8.9 billion in 2018, the report showed.

"We think that movies represent a sustainable entertainment proposition: there is no evidence that consumers are growing bored with movies and when all channels are taken into account demand for great movies today is actually stronger today than at any time in the past," Generator Research stated.
http://www.computerworld.com/s/artic..._TV_disc_sales





Paramount Stops Releasing Major Movies On Film

It becomes the first big Hollywood studio to embrace digital-only U.S. releases. Others are expected to quickly follow suit.
Richard Verrier

For more than a century, Hollywood has relied on 35-millimeter film to capture its fleeting images and deliver them to the silver screen. Now, in a historic move, Paramount Pictures has become the first big studio to stop releasing its major movies on film in the United States.

The studio's Oscar-nominated film "The Wolf of Wall Street" is the studio's first movie in wide release to be distributed entirely in digital format, according to theater industry executives briefed on the plans who were not authorized to speak publicly.

Paramount recently notified theater owners that its Will Ferrell comedy "Anchorman 2: The Legend Continues," which opened in December, was the last movie released on 35-mm film, these people said. Previously, only small movies such as documentaries were released solely in digital format.

The decision is likely to encourage other studios to follow suit, accelerating a complete phase-out of film that could come by the end of the year.

"It's of huge significance because Paramount is the first studio to make this policy known," said Jan-Christopher Horak, director of the UCLA Film & Television Archive. "For 120 years, film and 35 mm has been the format of choice for theatrical presentations. Now we're seeing the end of that. I'm not shocked that it's happened, but how quickly it has happened."

Paramount has kept its decision under wraps, at least in Hollywood, and a spokeswoman for the studio did not return calls for comment.

Its reticence reflects the fact that no studio wants to be seen as the first to abandon film, which retains a cachet among purists. Some studios may also be reluctant to give up box-office revenue by bypassing theaters that can show only film.

About 8% of U.S. theater screens have not gone digital and can show movies only in the old-fashioned film format. Internationally, Paramount is still expected to ship film prints to Latin America and other foreign markets where most theaters still show movies on film.

Studios prefer digital distribution because it is much cheaper. Film prints cost as much as $2,000; a digital copy on disc usually costs less than $100. Eventually, these movies could be beamed into cinemas by satellite, saving even more on production and shipping costs.

Digital technology also enables theaters to screen higher-priced 3-D films and makes it easier for them to book and program entertainment.

Other studios were expected to jump on the digital bandwagon first. 20th Century Fox sent a letter to exhibitors in 2011 saying it would stop distributing film "within the next year or two." Disney issued a similar warning to theater operators. And last year, many industry watchers expected Lions Gate to make history with an all-digital November release of "The Hunger Games: Catching Fire."

Paramount's move comes nearly a decade after studios began working with exhibitors to help finance the replacement of film projectors with digital systems.

As a result, large chains have moved quickly to embrace digital technology: Ninety-two percent of the 40,045 screens in the U.S. have already converted to digital, according to the National Assn. of Theatre Owners.

The slackening demand for film has been felt across the industry. Last month, Technicolor, the French-owned film processing and post-production company, closed a film lab in Glendale. That lab had replaced a much larger facility at Universal Studios that employed 360 workers until it closed in 2011. Last year, Technicolor closed its Pinewood film lab in Britain.

"The Wolf of Wall Street" would seem an unlikely choice for the industry's first all-digital wide release. The movie was partially shot on film, and its director, Martin Scorsese, is a passionate advocate for film preservation. His last feature film, the 2011 3-D extravaganza "Hugo," was a loving homage to film's early days.

A spokesman for Scorsese said the director was traveling and not available for comment.

The march to digital puts further pressure on some small-town community theaters that have been struggling to finance the purchase of $70,000 digital projectors.

Those theaters are at risk of going out of business if they can no longer obtain film prints of movies. More than 1,000 theaters, about half of them independently owned, have not converted to digital. Some are turning to their communities to raise funds for digital equipment.

Others have opted to close because of the high costs.

Jeff Logan, who operates a small chain of theaters in South Dakota, has invested more than $700,000 to equip his three theaters with new digital equipment.

But Logan said that last year, he had to close a nearby drive-in theater that dated back to 1949 because he couldn't afford to install a digital projector there.

"We looked at some of the financing," Logan said. "But there was no way we would have been able to service the debt."
http://www.latimes.com/entertainment...#ixzz2qrAuZPCW





Don’t Bother Subscribing, HBO Wants You to Use Your Friends’ HBO Go Logins
Zach Epstein

Did you think you were getting away with something by saving $150 a year while using your friend’s HBO Go login instead of subscribing to HBO yourself? As it turns out, HBO not only doesn’t mind that you’re using someone else’s login to stream its pay TV content for free… it wants you to. In fact, according to the company’s chief executive, account sharing is a “terrific marketing vehicle for the next generation of viewers.”

“It presents the brand to more and more people and gives them an opportunity, hopefully, to become addicted to it,” HBO CEO Richard Plepler told BuzzFeed during a recent interview. He continued, ”What we’re in the business of is building addicts, building video addicts,and the way we do that is exposing our product and our shows and our brand to more and more people.”

Regarding whether or not account sharing may be a problem that impacts HBO’s bottom line, Plepler doesn’t see it that way. “It’s not that we’re unmindful of it, it just has no impact on the business,” he said. Instead, the executive believes it will ultimately lead to more HBO subscriptions over time.

So there you have — time to stop pirating Game of Thrones and just borrow someone’s HBO Go login.

A video of the interview with HBO CEO Richard Plepler follows below.
http://bgr.com/2014/01/20/hbo-go-login-sharing-policy/





As Netflix Rises, HBO and Showtime Subscribers Shrink as Percentage of U.S. Households

NPD finds that U.S. households subscribing to premium cable channels dropped 6 percentage points over 18-month period, while Netflix and other SVOD services grew 4 points
Todd Spangler

Is Netflix putting a dent in premium cable subscriptions? A new study suggests that a growing number of consumers are opting to pay for standalone Internet video services instead of subscribing to HBO or Showtime — although the data does not prove there’s a trend.

Total U.S. households that subscribe to HBO, Showtime, Starz and other premium TV channels declined by 6 percentage points over an 18-month span, from 38% in March 2012 to 32% in August 2013, according to a report from research firm NPD Group. Over the same period, households subscribing to Netflix and other subscription video-on-demand services including Hulu Plus and Amazon Prime Instant Video rose 4 percentage points, from 23% to 27%.

One big caveat to this report: The data does not demonstrate cause and effect. NPD did not ask consumers if they dropped premium cable TV services because they were switching to Netflix or other SVOD options. Meanwhile, other studies have found that Netflix is additive to the pay-TV bundle in general, and not a replacement.

Furthermore, Showtime says it actually grew subscribers in the past year — to hit 23 million at the start of 2014, up from 22 million a year ago. HBO’s subscriber count in the U.S. has been flat at around 28 million, but the Time Warner-owned cabler says it, too, boosted sub numbers last year (though a rep declined to release specifics). Starz, for its part, said it added a net 1.2 million subs for the 12 months ended September 2013, to hit 22 million.

Even so, premium channels’ distribution as a percentage of total U.S. households is dropping — as is pay-TV more broadly — given that the number of American homes is increasing. In August 2013, 86% of U.S. households subscribed to cable, satellite or telco TV service, down from 88% in 2010, according to Leichtman Research Group.

NPD analyst Russ Crupnick, however, was comfortable speculating that some consumers obviously are eliminating their premium-TV subscriptions in favor of broadband-delivered video services. “As SVOD increasingly strives to become a channel itself, viewers might consider it to be an adequate substitution for other premium channels, or perhaps they are switching to economize on their time and money spent,” he said.

Netflix had 31.1 million U.S. streaming subscribers as of the end of the third quarter of 2013, up 24% from a year earlier. Netflix is set to report Q4 2013 results on Wednesday.

NPD’s report was based on a survey group with 7,500 respondents in households with Internet access. The company said data is weighted to reflect the U.S. population aged 13 and older.
http://variety.com/2014/digital/news...me-1201065399/





AMC Movie Theater Calls FBI to Arrest a Google Glass User
Julie Strietelmeier

A long time Gadgeteer reader contacted me today through Google Hangouts to tell me that he had a story that he thought I’d be interested in reading. He then forwarded me a long email with a story from a very good friend of his. It was such a surprising story that I asked if I could have permission to post it here on The Gadgeteer. I ended up communicating with the author of the story and have posted it here for everyone to read…

“I have been using Google Glass for about 2 months now, and about 2 weeks ago I got prescription lenses for the glasses. So in the past two weeks I was wearing Google Glass all the time. There were no stories to write about, until yesterday (1/18/2014).

I went to AMC (Easton Mall, Columbus, OH) to watch a movie with my wife (non- Google Glass user). It is the theater we go to every week, so it has probably been the third time I’ve been there wearing Google Glass, and the AMC employees (guy tearing tickets at the entrance, girl at the concession stand) have asked me about Glass in the past and I have told them how awesome Glass is with every occasion.

Because I don’t want Glass to distract me during the movie, I turn them off (but since my prescription lenses are on the frame, I still wear them). About an hour into the movie (Jack Ryan: Shadow Recruit), a guy comes near my seat, shoves a badge that had some sort of a shield on it, yanks the Google Glass off my face and says “follow me outside immediately”. It was quite embarrassing and outside of the theater there were about 5-10 cops and mall cops. Since I didn’t catch his name in the dark of the theater, I asked to see his badge again and I asked what was the problem and I asked for my Glass back. The response was “you see all these cops you know we are legit, we are with the ‘federal service’ and you have been caught illegally taping the movie”.

I was surprised by this and as I was obviously just having a nice Saturday evening night out with my wife and not taping anything whether legally or illegally, I tried to explain that this is a misunderstanding. I tried to explain that he’s holding rather expensive hardware that costed me $1500 for Google Glass and over $600 for the prescription glasses. The response was that I was searched and more stuff was taken away from me (specifically my personal phone, my work phone – both of which were turned off, and my wallet). After an embarrassing 20-30 minutes outside the movie theater, me and my wife were conducted into two separate rooms in the “management” office of Easton Mall, where the guy with the badge introduced himself again and showed me a different ID. His partner introduced herself too and showed me a similar looking badge. I was by that time, too flustered to remember their names (as a matter of fact, now, over 30 hours later I am still shaking when recounting the facts).

What followed was over an hour of the “feds” telling me I am not under arrest, and that this is a “voluntary interview”, but if I choose not to cooperate bad things may happen to me (is it legal for authorities to threaten people like that?). I kept telling them that Glass has a USB port and not only did I allow them, I actually insist they connect to it and see that there was nothing but personal photos with my wife and my dog on it. I also insisted they look at my phone too and clear things out, but they wanted to talk first. They wanted to know who I am, where I live, where I work, how much I’m making, how many computers I have at home, why am I recording the movie, who am I going to give the recording to, why don’t I just give up the guy up the chain, ’cause they are not interested in me. Over and over and over again.

I kept telling them that I wasn’t recording anything – my Glass was off, they insisted they saw it on. I told them there would be a light coming out the little screen if Glass was on, and I could show them that, but they insisted that I cannot touch my Glass for the fear “I will erase the evidence against me that was on Glass”. I didn’t have the intuition to tell them that Glass gets really warm if it records for more than a few minutes and my glasses were not warm. They wanted to know where I got Glass and how did I came by having it. I told them I applied about 1000 times to get in the explorer program, and eventually I was selected, and I got the Glass from Google. I offered to show them receipt and Google Glass website if they would allow me to access any computer with internet. Of course, that was not an option. Then they wanted to know what does Google ask of me in exchange for Glass, how much is Google paying me, who is my boss and why am I recording the movie.

Eventually, after a long time somebody came with a laptop and an USB cable at which point he told me it was my last chance to come clean. I repeated for the hundredth time there is nothing to come clean about and this is a big misunderstanding so the FBI guy finally connected my Glass to the computer, downloaded all my personal photos and started going though them one by one (although they are dated and it was obvious there was nothing on my Glass that was from the time period they accused me of recording). Then they went through my phone, and 5 minutes later they concluded I had done nothing wrong.

I asked why didn’t they just take those five minutes at the beginning of the interrogation and they just left the room. A guy who claimed his name is Bob Hope (he gave me his business card) came in the room, and said he was with the Movie Association and they have problems with piracy at that specific theater and that specific movie. He gave me two free movie passes “so I can see the movie again”. I asked if they thought my Google Glass was such a big piracy machine, why didn’t they ask me not to wear them in the theater? I would have probably sat five or six rows closer to the screen (as I didn’t have any other pair of prescription glasses with me) and none of this would have happened. All he said was AMC called him, and he called the FBI and “here are two more passes for my troubles”. I would have been fine with “I’m sorry this happened, please accept our apologies”. Four free passes just infuriated me.

Considering it was 11:27pm when this happened, and the movie started at 7.45, I guess 3 and a half hours of my time and the scare my wife went through (who didn’t know what was going on as nobody bothered to tell her) is worth about 30 bucks in the eyes of the Movie Association and the federal militia (sorry, I cannot think of other derogatory words). I think I should sue them for this, but I don’t have the time or the energy to deal with “who is my boss – they don’t want me, they want the big guy” again, so I just spilled the beans on this forum, for other to learn from my experience.

I guess until people get more familiar with Google Glass and understand what they are, one should not wear them to the movies. I wish they would have said something before I went to the movies, but it may be my mistake for assuming that if I went and watched movies two times wearing Glass with no incident the third time there won’t be any incident either. As for the federal agents and their level of comprehension… I guess if they deal with petty criminals every day, everybody starts looking like a petty criminal. Again, I wish they would have listened when I told them how to verify I did nothing illegal, or at least apologize afterwards, but hey… this is the free country everybody praises. Somewhere else might be even worse.”

Crazy huh? His story read like something out of the Jack Ryan movie that he and his wife had gone to see. Are there any other Google Glass users out there that have been treated badly just for your wearable tech? If not, are you reconsidering wearing a pair to the next movie you attend?
http://the-gadgeteer.com/2014/01/20/...le-glass-user/





Here We Go Again: Canadian Recording Industry Calls on Government To Regulate the Internet
Michael Geist

Graham Henderson, the head of the Music Canada (formerly the Canadian Recording Industry Association) wrote a blog post late last year lamenting musicians' earnings, a situation he blames on the Internet allowing a few to "amass staggering, unprecedented wealth" while musicians toil for tiny incomes. Leaving aside the facts that the Canadian music industry experienced increased digital sales last year (while sales declined in the U.S.) and that the Ontario government is handing out tens of millions of tax dollars to the industry, Henderson now says the government needs to step in and regulate the Internet. According to Music Canada, government support must be complimented by:

judicious and reasonable regulation of the internet. The actions taken by courts in other jurisdictions have very reasonably required ISPs to block websites that are almost entirely dedicated to the theft of intellectual property.

In fact, Internet regulation and blocking websites are not the only music industry target. Last week, Music Canada appeared before the Ontario Standing Committee on Finance and Economic Affairs, where it cited Google as a problem:

the federal government has done a lot to help us in our battle against illegal sources, but they could certainly do more. One of the biggest problems we have is that consumers cannot find legal services on Google. Type in: "Carly Rae Jepsen"; pick your song; press “search.” You would have to look to page 7 of the results to find iTunes. Before you get there, you have six and a half pages littered with illegal sites which are constantly being taken down and constantly being put back. With government support, maybe we can urge intermediaries to actually do something to help consumers find legitimate sources, because I think they’d like to.

I tried replicating Henderson's claims regarding Google and arrived at much different results. Searching for Carly Rae Jepsen and the song Call Me Maybe, the very first result was a music video posted by Jepsen's label which receives royalties and has a link to the iTunes version for purchase. Other top results include Jepsen's own website (with links to iTunes sales of her songs) and licensed streaming versions of the song, which all appear before "infringing sites."

With digital sales on the rise in Canada and copyright reform now complete, regulating the Internet, blocking websites, and manipulating search results is the last thing government's should be mandating. Yet it seems that is precisely what the music industry once again has on its mind.
http://www.michaelgeist.ca/content/view/7054/125/





BeWifi Lets You Steal Your Neighbor’s Bandwidth When They’re Not Using It

By aggregating wireless signals, Telefonica is trying to make unreliable Wi-Fi better.
Katie Collins

What if, when you were up at a ridiculous hour Skyping your relatives in Australia, you could borrow unused bandwidth from your sleeping neighbors to make your own broadband connection faster and stronger?

High up in a glass tower in Barcelona, Telefonica's research and development team has been attempting to tackle exactly this question. The solution they have come up with, BeWifi, is a technology that gathers bandwidth from local Wi-Fi routers in order to enhance the connection of the users that happen to be on the Internet at exactly that moment in time.

Telefonica started to research the idea, without making changes to existing infrastructure, in 2008. "We were exploring what would be the opportunities for bringing the peer-to-peer and sharing phenomenon into this arena," Pablo Rodriguez, Telefonica's Director of Product Innovation and Research, told Wired.co.uk.

"Your broadband connection is not used 100 percent of the time," he explained. "If you bring [connections] together smartly and manage to aggregate the spare capacity...[it's] a much better customer experience."

The way Telefonica has made this happen in a practical way is to build its own routers that can be installed in houses within a neighborhood. So far these have had to be installed by engineers, but the next generation are plug-and-play, and eventually all that will be needed is an over-the-air software update to customers' existing routers. According to Rodriguez, the software "creates a mesh to aggregate the capabilities [of the routers]." Pooling all of the bandwidth from these routers allows anyone within the network to take advantage of it at home, and they can also connect to any BeWifi network they come across on their mobile devices when out and about.

"From a technical point of view it's not trivial because you have to develop the software that is on the router to make sure that the router not only communicates with itself but also communicates in a mesh way with the other routers that are in the neighborhood," says Rodriguez.

The technology's only limitation is the actual Wi-Fi bandwidth available, he says. "What you need is some densely populated area—it could either be a small village or it could be a high-rise building, but you need to have some sort of community that is able to share the bandwidth."

Rodriguez is keen to emphasize that security has been a priority from the beginning and the network is completely safe and private. Homeowners will also always get priority over their own bandwidth, he says. "You always get at least what you paid for, but potentially you're going to get a lot more."

He does concede though that Telefonica needs to work out a way to deal with customers within a single network that are perhaps on different tariffs and are contributing more to the mesh than others. He suggests a system whereby the bandwidth a customer gets is somehow proportional to the capacity they bring into the system. This hasn't been a problem so far because the BeWifi pilots Telefonica has run so far in Catalonia have all involved households on the same tariff. By testing the technology in the market early on, Telefonica now has a better understanding of potential customer adoption and how it might scale the project further, Rodriguez explained.

When Telefonica advertised the first trial, over 1,000 people signed up in the north of Barcelona during the first week. "We were able to double the speed that customers were getting and we had some very interesting feedback," said Rodriguez, detailing that some people couldn't run Skype and YouTube at the same time before using BeWifi.

Through the pilot, Telefonica discovered that BeWifi also offered some unplanned benefits. One case involved a customer whose home broadband was suffering an outage. "His Internet connection came down and he was going through another Wi-Fi router from a nearby home and he didn't even notice it was happening," Rodriguez explains.

Another unexpected finding was that people do not use the Internet heavily all at exactly the same time—a concern at the beginning of the trial—but in sporadic bursts. This means there is nearly always some spare bandwidth available to be recycled.

Telefonica is currently looking towards developing economies and its huge customer base of over 200 million households in 14 countries in South America as the places in which BeWifi could have a real impact.

"Where it provides the most benefit is in areas where the connectivity [is poor]," says Rodriguez. "Where you need to do more with less, that's where technology helps you."
http://arstechnica.com/business/2014...-not-using-it/





Don’t Touch My Internet (Unless You Want a Riot)
Dominic Basulto

Increasingly, it appears that Americans are taking the Internet for granted, and that’s a problem. It’s only January, and we’ve already had a federal appeals court strike down the FCC’s net neutrality rules and President Obama placed into the awkward position of having to explain the nation’s rampant NSA spying on both American citizens and overseas allies. Both of these are significant events that could impact the future of the Internet, but what has been the outcome so far?

Sure, there’s been a bit of moral outrage over allegations of NSA abuses, a few op-ed pieces, but mostly a lot of confusion about what things like net neutrality actually mean, and why we should even care. In fact, most Americans are probably resigned to even more NSA spying in the future, no matter what President Obama tells us. And when it comes to net neutrality, it’s not exactly an issue that will lead to riots in the streets.

Contrast what’s happening in America with the scene of hundreds of rioting protesters in Turkey, who are literally taking to the streets in Istanbul and Ankara to protest what they perceive as the government’s heavy-handed role in censoring the Internet. They are extremely agitated about the way the Turkish government is taking steps to push forward new legislation as a way to silence dissent and limit free speech. A new draft law in Turkey would give the government’s top telecom authority the right to block Web sites or remove Internet content without a court decision, as well as force Turkey’s ISPs to keep Internet user data for two years.

As the Turkish protesters see it, this new draft law on the Internet is just the latest step by the government to take away their full and transparent use of the Web. As a result, they are willing to take on rubber bullets and risk being tear-gassed, all while carrying around banners that read “Don’t Touch My Internet,” mostly because they understand the epic sweep of what the government is attempting to do. In short, they fear that Turkey could become another China, sealed off from Europe and the West.

So what’s the takeaway from the Turkish Internet riots? Here’s the important point for Americans: rulings and laws about the Internet that appear quite innocent can actually have far-reaching implications in the wrong hands.

Consider the Turkish example. The way the Turkish government explains things, a casual observer might not even “get” what’s at stake. Government officials claim the new law is all about protecting the privacy of users and blocking annoying porn sites. But Turkey’s Internet users see it differently – they see it as a last-ditch effort by the Turkish government to keep photos and documents of a government corruption probe from leaking out over the Internet before elections in March. They fear that the ability for the government to remove content from the Web whenever they please would be used not to block stuff like porn, but rather, tweets or blog posts from anti-government Turkish voters. Ever since the Gezi Park protests, they see the Turkish government as engaged in a visible and important battle to silence detractors.

So compare that to the current debate over net neutrality in the United States. Yes, it’s a fiendishly complex issue, but as the Post’s Hayley Tsukayama pointed out in an explainer video, the striking down of net neutrality could actually have some serious consequences for the way we consume content online. ISPs such as Verizon could use the ruling not just to charge users more money for Internet content like video, but they could also make it impossible for small, independent Internet companies to have their content seen if they don’t “pay to play.” One Post reader even likened it to a mafia shakedown scheme, in which content providers who don’t pay “protection money” don’t get their content reliably delivered to users.

Thus far, the Internet has been awfully good at collaborating behind efforts to stop Internet censorship. Look at what happened in 2012 with the highly visible debate over SOPA, when Wikipedia and other popular websites went dark and Internet users engaged in all kinds of “Stop SOPA” campaigns. But as Clay Shirky warned then, similar Internet censorship laws will keep coming. American Internet users should take a cue from Turkey and realize that the government sometimes passes laws about Internet freedom not always to protect your rights, but rather, to protect their rights. Changing the structure of the Internet also changes the types of arguments we can have and the types of content that we can create. And sometimes that’s worth fighting over.
http://www.washingtonpost.com/blogs/...u-want-a-riot/





Chinese Internet Traffic Redirected to Small Wyoming House
Nicole Perlroth

In one of the more bizarre twists in recent Internet memory, much of the Internet traffic in China was redirected to a small, 1,700-square-foot house in Cheyenne, Wyo., on Tuesday.

A large portion of China’s 500 million Internet users were unable to load websites ending in .com, .net or .org for nearly eight hours in most regions of China, according to Compuware, a Detroit-based technology company.

The China Internet Network Information Center, a state-run agency that deals with Internet affairs, said it had traced the problem to the country’s domain name system. And one of China’s biggest antivirus software vendors, Qihoo 360 Technology, said the problems affected roughly three-quarters of the country’s domain name system servers.

Those servers, which act as a switchboard for Internet traffic behind China’s Great Firewall, routed traffic from some of China’s most popular sites, including Baidu and Sina, to a block of Internet addresses registered to Sophidea Incorporated, a mysterious company housed on a residential street in Cheyenne, Wyo.

A simple Google search reveals that the address on Thomes Avenue in Cheyenne is not a corporate headquarters, but a 1,700-square-foot brick house with a manicured lawn.

That address — which is home to some 2,000 companies on paper — was the subject of a lengthy 2011 Reuters investigation that found that among the entities registered to the address were a shell company controlled by a jailed former Ukraine prime minister; the owner of a company charged with helping online poker operators evade an Internet gambling ban; and one entity that was banned from government contracts after selling counterfeit truck parts to the Pentagon.

Wyoming Corporate Services, the registered agent for Sophidea Incorporated, according to Internet records, did not respond to requests for comment on Tuesday afternoon.

It was not immediately clear what caused the traffic shift Tuesday. One Chinese newspaper suspected a cyberattack. But by late Tuesday, some technologists had come to an alternate theory: a backfiring of China’s own Internet censoring system.

Sophidea appears to be a service that redirects traffic from one address to another to mask a person’s whereabouts — or to evade a firewall.

Some technologists surmised Tuesday that the disruption may have been caused by Chinese Internet censors who attempted to block traffic to Sophidea’s websites but mistakenly redirected traffic to the service instead.

That theory was buttressed by the fact that a separate wave of Chinese Internet traffic Tuesday was simultaneously redirected to Internet addresses owned by Dynamic Internet Technology, a company that helps people evade China’s Great Firewall, and is typically blocked in China.

Bill Xia, who created Dynamic Internet Technology in 2001, told The Wall Street Journal Tuesday that his company had nothing to do with the traffic shift and also suspected that the problem was the doing of China’s own Internet censors.

The disruption mirrored a similar incident in 2002 when Chinese Internet users attempting to access Sina.com were redirected to a banned website belonging to followers of Falun Gong, a spiritual movement banned in China.

Nicole Perlroth reported from San Francisco. David Barboza contributed reporting from Shanghai.
http://bits.blogs.nytimes.com/2014/0...wyoming-house/





A Popular Chinese Social Networking App Blazes Its Own Path
David Barbozajan

Every half-hour or so, Jenny Zhao, young and wired, unlocks her iPhone 5 to connect with friends using Weixin, China’s wildly popular social messaging app.

“I’m probably on Weixin six hours a day,” says Ms. Zhao, 24, a cosmetics marketer in Shanghai. “A lot of what I do revolves around it.”

Weixin (pronounced way-shin) is this country’s killer app, a highly addictive social networking tool that allows smartphone users to send messages and share news, photos, videos and web links, much like America’s WhatsApp, or Line, a Japanese communications and messaging app. In the United States, a similar version is known as WeChat.

Just three years after being introduced in China, Weixin has nearly 300 million users — a faster adoption rate than either Facebook or Twitter — giving the app a dominant position in what is now the world’s biggest smartphone market. It has already stopped the growth of the messaging service of the country’s biggest mobile phone company and provoked China’s largest Internet companies to create competing services.

But in the free-for-all in China, one leading social media company is not a factor. Analysts say the phenomenal rise of Weixin all but dooms any chance that Facebook will become the market leader there.

In 2009, the Chinese government blocked access to Facebook, without explanation. Twitter and YouTube are also blocked in China.

Since then, Facebook has hinted that it may try to re-enter the market, perhaps by teaming up with a local company. Weixin’s success has made that all the more difficult.

“Even if Facebook had permission, it’s probably too late,” says Wang Xiaofeng, a technology analyst at Forrester Research. “Weixin has all the functionality of Facebook and Twitter, and Chinese have already gotten used to it.”

Weixin is the creation of Tencent, the Chinese Internet powerhouse known for its QQ instant messenger service and its popular online games. Tencent, which is publicly traded and is worth more than $100 billion on the Hong Kong exchange, is now seeking to strengthen that grip in social networking and expand into new areas, such as online payment and e-commerce.

Alibaba, China’s e-commerce goliath, has already announced plans to fight back in China, with its own newly developed messaging app, called Laiwang.

Tencent, meanwhile, is so confident of its messaging app that it is promoting Weixin overseas, particularly in Southeast Asia, where there are already tens of millions of users. The company also plans a marketing blitz in Europe and Latin America, using the name WeChat. The company declined to say whether or when it would promote the service in the United States.

Weixin could help change global perceptions of Chinese companies. Although Chinese Internet companies are still considered knockoffs of Google, Facebook, Twitter and eBay, analysts say they are quickly transforming themselves into dynamic, innovative technology companies with unique business models.

Weixin, for instance, is no mere copy of an existing service but an amalgam of various social networking tools: part Facebook, part Instagram and even part walkie-talkie. Rather than send a short mobile phone message by typing Chinese characters, which can be time-consuming, users simply hold down a button that records a voice message.

“Chinese Internet companies are no longer behind,” says William Bao Bean, a former technology analyst who is now a managing director at the venture capital firm SingTel Innov8. “Now, in some areas, they’re leading the way.”

The disruptive powers of the service are indisputable. Weixin has already stunted the growth of China’s popular microblogging service Sina Weibo, and eroded the profitability of a service offered by China’s big, state-run telecommunications operators: the mobile phone short message service known as SMS.

At China Mobile, the country’s biggest mobile phone service provider, revenue from short message services peaked in 2009 at nearly $9 billion. Three years later, it was down nearly 20 percent from that high, and it very likely dropped again last year, according to recent estimates.

Analysts say that technology shifts often kill companies that are slow to react. But the threat of extinction can also inspire companies to reinvent themselves, or to search for the next great thing.

That is what happened at Tencent, which has been growing at a torrid pace for much of the past decade. Fearing the development of a disruptive technology that could upend this success, Tencent executives say they encouraged the company’s software developers and product managers to search for new ideas.

In late 2010, Allen Zhang, the head of Tencent’s research and development center in Guangzhou, organized a team of 10 developers to work on a smartphone messaging app. He was inspired by Kik messenger, which he worried might eventually threaten Tencent’s dominant, PC-based QQ instant messenger.

Three months later, Tencent released Weixin. With an elegant and easy-to-use interface, the messaging app attracted 50 million users within a year, and over the next two years reached nearly 300 million users worldwide.

Weixin, technology experts say, has what every Internet company executive dreams about: stickiness. Although Tencent does not track the time that users spend on the service, analysts say it is most likely multiples of other major blogging or social media services.

Analysts say Tencent also has a huge opportunity to make money from the free service. By introducing free mobile games — with virtual items available for purchase — and a payment feature that can be used online or offline, Weixin could soon develop into a profitable business with little or no advertising.

The company is now experimenting with use of Weixin to book taxis, hotels and airline flights, and even to control televisions and home appliances. Last August, a technology analyst at Barclays forecast that Weixin could have 400 million users and nearly $500 million in revenue this year. With investors anticipating such growth, shares of Tencent have soared 94 percent in the past year.

Some Tencent executives even view Weixin as a company savior. Last year, Tencent’s chief executive and co-founder, Ma Huateng — known in English as Pony Ma — said during a speech that the power of Weixin was that it was mobile, like a “portable organ” that unlike a PC was always with the user.

If Weixin had been created by another company, Mr. Ma went on, Tencent might have gone into decline. “Looking back,” he said, “those two months were a matter of life and death” for the company.

There are challenges, of course. One, analysts say, is that China’s tech-savvy young people are fickle, and could just as quickly switch to other messaging services. Another challenge could come from Tencent’s rival Alibaba, the Chinese e-commerce company that has all but declared war on Weixin.

Last August, Alibaba barred vendors on its Taobao.com shopping site from using Weixin to market their products. Alibaba then introduced its competing service, Laiwang, and announced plans to introduce a mobile games platform.

Tencent’s overseas expansion plans could also be hampered by concerns about a Chinese company’s handling so much personal information, and then being forced to turn it over to the Chinese authorities, which have tight controls over Internet services.

Tencent executives insist the risks of spying are small because the company does not store messages on its servers.

Access to Facebook may now be blocked in China, but the American company is selling advertising to Chinese companies and considering re-entering the market.

“We are interested in China but have made no decisions about how we will approach it,” a company spokeswoman said this month.

For now, Chinese consumers are flocking to Weixin, seemingly glued to it. At work, on subways and in restaurants, one can hear the increasingly familiar ping of a new Weixin message being received.

“I use Weixin every day,” said Zhang Shoufeng, 29, a food and beverage saleswoman, as she relaxed at a shopping mall restaurant on a recent evening. “My friends are on it and my boss is on it. We are talking about where to eat, where to hang out and where to meet for company conferences. This is how we communicate.”
http://www.nytimes.com/2014/01/21/te...-own-path.html





Verizon Says it Received Over 321,000 Legal Orders for User Data in 2013

Of those, over 6,000 were court orders to provide metadata in real time.
Cyrus Farivar

Joining the parade of technology companies that are releasing "transparency reports" as a window into government legal pressure, Verizon announced on Wednesday that it received over 321,000 total orders from various American law enforcement agencies in 2013. It is the first major telecom to publish such a report. (Virtual network operator Credo Mobile did so earlier this month.)

"We do not release customer information unless authorized by law, such as a valid law enforcement demand or an appropriate request in an emergency involving the danger of death or serious physical injury," the company wrote.

However, between 2001 and 2004, Verizon and other telcos did hand over massive amounts of data to American government agencies under no statutory or other legal authority.

In October 2012, the Supreme Court declined to review a lower court ruling in a case that challenged a Bush-era law (the FISA Amendments Act) retroactively giving telecommunications firms—including Verizon, Sprint, and AT&T—legal immunity after performing warrantless wiretapping at the government’s request. By letting the lower court ruling stand, the Supreme Court effectively wiped out related cases pending against Verizon pertaining to user data handover. The court affirmed the legality of the retroactive immunity statute.

Of requests in 2013, Verizon now says that over 6,000 included "pen register or trap and trace orders," which compel carriers to hand over metadata in real-time.

As Verizon describes it: "With a pen register order we must afford real-time access to the numbers that a customer dials (or IP addresses that a customer visits); with a trap and trace order we must afford real-time access to the numbers that call a customer. Such orders do not authorize law enforcement to obtain the contents of any communication."

Additionally, Verizon said that it received 1,000 to 2,000 National Security Letters, which are under gag order by default and have been increasingly challenged in court. As the company added:

Our Report reflects the fact that telecom providers receive more government demands than companies in perhaps any other industry. Information about individuals’ use of their communications equipment has become a uniquely important tool for law enforcement to protect citizens and bring wrongdoers to justice. As such, it should come as no surprise that the number of government demands directed to the major telecom providers is much greater than the number of demands directed to companies that do not offer the same communications services. Overall, we saw an increase in the number of demands we received in 2013, as compared to 2012.

The Verizon report has drawn some praise from the civil libertarian crowd so far.

"With this report, Verizon has set a strong precedent for transparency within the telecommunications industry," said Harley Geiger, of the Center for Democracy and Technology, in a statement. "The report has a level of detail that should be followed by other companies—including statistics on requests for location data, content, phone records, and cell tower dumps, as well as specifying the legal authorities used.

"Verizon consistently telling government agents to get a warrant to compel disclosure of customers’ communications content is a crucial customer privacy protection. As Verizon noted, however, the US government restricts transparency regarding national security requests. We believe the government should authorize detailed company reporting on these requests, and we support Verizon’s pledge to provide more information if reforms are made."
http://arstechnica.com/tech-policy/2...-data-in-2013/





Watchdog Report Says N.S.A. Program Is Illegal and Should End
Charlie savagejan.

An independent federal privacy watchdog has concluded that the National Security Agency’s program to collect bulk phone call records has provided only “minimal” benefits in counterterrorism efforts, is illegal and should be shut down.

The findings are laid out in a 238-page report, scheduled for release by Thursday and obtained by The New York Times, that represent the first major public statement by the Privacy and Civil Liberties Oversight Board, which Congress made an independent agency in 2007 and only recently became fully operational.

The report is likely to inject a significant new voice into the debate over surveillance, underscoring that the issue was not settled by a high-profile speech President Obama gave last week. Mr. Obama consulted with the board, along with a separate review group that last month delivered its own report about surveillance policies. But while he said in his speech that he was tightening access to the data and declared his intention to find a way to end government collection of the bulk records, he said the program’s capabilities should be preserved.

The Obama administration has portrayed the bulk collection program as useful and lawful while at the same time acknowledging concerns about privacy and potential abuse. But in its report, the board lays out what may be the most detailed critique of the government’s once-secret legal theory behind the program: that a law known as Section 215 of the Patriot Act, which allows the F.B.I. to obtain business records deemed “relevant” to an investigation, can be legitimately interpreted as authorizing the N.S.A. to collect all calling records in the country.

The program “lacks a viable legal foundation under Section 215, implicates constitutional concerns under the First and Fourth Amendments, raises serious threats to privacy and civil liberties as a policy matter, and has shown only limited value,” the report said. “As a result, the board recommends that the government end the program.”

While a majority of the five-member board embraced that conclusion, two members dissented from the view that the program was illegal. But the panel was united in 10 other recommendations, including deleting raw phone records after three years instead of five and tightening access to search results.

The report also sheds light on the history of the once-secret bulk collection program. It contains the first official acknowledgment that the Foreign Intelligence Surveillance Court produced no judicial opinion detailing its legal rationale for the program until last August, even though it had been issuing orders to phone companies for the records and to the N.S.A. for how it could handle them since May 2006.

The privacy board’s legal critique of the program was approved by David Medine, the board’s chairman and a former Federal Trade Commission official in the Clinton administration; Patricia M. Wald, a retired federal appeals court judge named to the bench by President Jimmy Carter; and James X. Dempsey, a civil liberties advocate who specializes in technology issues.

But the other two members — Rachel L. Brand and Elisebeth Collins Cook, both of whom were Justice Department lawyers in the George W. Bush administration — rejected the finding that the program was illegal.

They wrote in separate dissents that the board should have focused exclusively on policy and left legal analysis to the courts. Last month, two Federal District Court judges reached opposite legal conclusions in separate lawsuits challenging the program.

Ms. Brand wrote that while the legal question was “difficult,” the government’s legal theory was “at least a reasonable reading, made in good faith by numerous officials in two administrations of different parties.” She also worried that declaring that counterterrorism officials “have been operating this program unlawfully for years” could damage morale and make agencies overly cautious in taking steps to protect the country.

But the privacy board was unanimous in recommending a series of immediate changes to the program. The three in the majority wanted those changes as part of a brief wind-down period, while the two in dissent wanted them to be structural for a program that would continue.

Some of those recommendations dovetailed with the steps Mr. Obama announced last week, including limiting analysts’ access to the call records of people no further than two links removed from a suspect, instead of three, and creating a panel of outside lawyers to serve as public advocates in major cases involving secret surveillance programs.

Other recommendations — like deleting data faster — were not mentioned in the president’s speech. And all members of the board expressed privacy concerns about requiring phone companies to retain call records longer than they normally would, which might be necessary to meet Mr. Obama’s stated goal of finding a way to preserve the program’s ability without having the government collect the bulk data.

The program began in late 2001 based on wartime authority claimed by President Bush. In 2006, the Bush administration persuaded the surveillance court to begin authorizing the program based on the Patriot Act under a theory the Obama administration would later embrace.

But the privacy board’s report criticized that, saying that the legal theory was a “subversion” of the law’s intent, and that the program also violated the Electronic Communications Privacy Act.

“It may have been a laudable goal for the executive branch to bring this program under the supervision” of the court, the report says. “Ultimately, however, that effort represents an unsustainable attempt to shoehorn a pre-existing surveillance program into the text of a statute with which it is not compatible.”

Defenders of the program have argued that Congress acquiesced to that secret interpretation of the law by twice extending its expiration without changes. But the report rejects that idea as “both unsupported by legal precedent and unacceptable as a matter of democratic accountability.”

The report also scrutinizes in detail a handful of investigations in which the program was used, finding “no instance in which the program directly contributed to the discovery of a previously unknown terrorist plot or the disruption of a terrorist attack.”

Still, in her dissent, Ms. Cook criticized judging the program’s worth based only on whether it had stopped an attack to date. It also has value as a tool that can allow investigators to “triage” threats and provide “peace of mind” if it uncovers no domestic links to a newly discovered terrorism suspect, she wrote.
http://www.nytimes.com/2014/01/23/us...hould-end.html





Protect Yourself From The NSA With WireOver’s Encrypted File Sharing
Josh Constine

Nothing is truly NSA-proof or hacker-proof, but WireOver wants to offer you more security than Dropbox, Google Drive, or Skydrive. The Y Combinator startup just emerged from stealth with a desktop app that lets you send files of any size for free. And for $10 a month, your transfers get end-to-end encryption so only the recipient can open them. WireOver can’t even look at what you’re sending.

If you just want to send huge video files or photo collections to friends and aren’t worried about encryption, WireOver is totally free for unlimited file-size sharing. But its premium level of privacy could be a big draw for anyone with sensitive files to send.

WireOver founder Trent Ashburn tells me there are security holes in the way big file storage and sharing providers transfer your stuff. “In the industry it’s called encryption in transit and encryption at rest. But the files arrive on the servers decrypted. Their servers will re-encrypt them and store them, but the encryption keys used are controlled by and accessed by the provider.”

Ashburn tells me there’s a risk of the same company having both a copy of your encrypted files and the key to open them. But with WireOver’s end-to-end encryption, files are never stored on its servers, and it doesn’t have the decryption key. “The approach we’re going for is ‘Trust No One’”.

WireOver Founder Trent Ashburn

Ashburn spent several years building computational models for quantitative hedge funds before becoming a semi-pro cyclist. He wanted to start a company he could relate to, and he found he was having some trouble with file transfers.

“With Dropbox, Google Drive, and Skydrive, sending small and medium-size files is pretty much solved but it’s a pain to send big files securely. There’a bunch of things that Dropbox works great for [like syncing]. And they do their best within their goals to have security, but they’re not trying to be the most secure tool. They’re trying to be your files everywhere.”

So Ashburn entered WireOver into Y Combinator. They built a bunch of failed prototypes before settling on a Python-based desktop client. Along with the YC funding it got from Andreessen Horowitz, SV Angel, and Yuri Milner, the four-person startup has raised an additional seed round from Bessemer Venture Partners, Boston’s .406 Ventures, and angels like BrandCast’s Hayes Metzger.

How To Use WireOver

Once you’ve installed WireOver, you just dump files into its little window, and type in the email address of the recipient[s]. Once they have WireOver installed and running, the file is transferred completely peer-to-peer, or routed by WireOver’s servers but isn’t stored there.

If you have a Pro account select “Secure” transfer , your file gets end-to-end encryption, even if the recipient doesn’t hasn’t bought a premium WireOver subscription. For even more security again man-in-the-middle attacks, you can request to verify the recipient’s machine’s crytopgraphic fingerprint.

The big downside to WireOver using a transfer system rather than cloud storage is that both the sender and recipient have to be online at the same time. You can’t just upload a file, email someone a link, and shut off your computer.

But since WireOver doesn’t store files, it doesn’t have to charge for unencrypted transfers. That means you could send 200 gigabyte or even terrabyte-sized files for free, which could cost hundreds or thousands of dollars a year on Dropbox, Drive, or SkyDrive. If you’re looking for security and privacy, WireOver might be worth the $10 a month.

Ashburn says some clients have switched to WireOver from sending physical hard drives and USB drives through the mail or with FedEx. While there are other encrypted file sharing services, we haven’t found any popular ones that offer unlimited file sizes for free, or encryption of those files for as cheap.

Companies large and small are seeing their data fall into the hands of hackers, and we’re realizing our governments are engaging in widespread surveillance. Meanwhile, as our cameras get better and our screens get bigger, file sizes just keep going up. So whether you’re paranoid or just want to send all your photos to mom, WireOver understands.
http://techcrunch.com/2014/01/17/wireover/





The Inside Story of Tor, the Best Internet Anonymity Tool the Government Ever Built
Dune Lawrence

Last year, Edward Snowden turned over to the Guardian, a British newspaper, some 58,000 classified U.S. government documents. Just a fraction of the files have been made public, but they outline the National Security Agency’s massive information-collection system. They’ve thrown light onto the methods of an arm of the government used to working in the shadows and started an intense debate over national security and personal liberty. One of the earliest and most explosive revelations was the existence of Prism, a top-secret program giving the NSA direct access to the systems of Google, Facebook, and other U.S. Internet companies.

Snowden himself remains something of a mystery even as the U.S. government attempts to obtain his return from Russia, where he’s in hiding, and very possibly jail him for the rest of his life. As an infrastructure analyst for the NSA, he came to understand at a high level how information moves around the Internet. Snowden almost certainly relied on one very specific and powerful tool to cover his tracks. In photographs he’s often with his laptop, and on the cover of his computer, a sticker shows a purple and white onion: the “o” in the word “Tor.”

Tor, an acronym for “the onion router,” is software that provides the closest thing to anonymity on the Internet. Engineered by the Tor Project, a nonprofit group, and offered free of charge, Tor has been adopted by both agitators for liberty and criminals. It sends chat messages, Google (GOOG) searches, purchase orders, or e-mails on a winding path through multiple computers, concealing activities as the layers of an onion cover its core, encrypting the source at each step to hide where one is and where one wants to go. Some 5,000 computers around the world, volunteered by their owners, serve as potential hop points in the path, obscuring requests for a new page or chat. Tor Project calls these points relays.

Its users are global, from Iranian activists who eluded government censors to transmit images and news during the 2009 protests following that year’s presidential election, to Chinese citizens who regularly use it to get around the country’s Great Firewall and its blocks on everything from Facebook (FB) to the New York Times. In addition to facilitating anonymous communication online, Tor is an access point to the “dark Web,” vast reaches of the Internet that are intentionally kept hidden and don’t show up in Google or other search engines, often because they harbor the illicit, from child porn to stolen credit card information.

It’s perhaps the most effective means of defeating the online surveillance efforts of intelligence agencies around the world, including the most sophisticated agency of them all, the NSA. That’s ironic, because Tor started as a project of the U.S. government. More than half of the Tor Project’s revenue in 2012, or $1.24 million, came from government grants, including an $876,099 award from the Department of Defense, according to financial statements available on the project’s website.

Yet because of Snowden, we now know that the NSA has been working to unpeel the protective layers built by the Tor system. Along with evidence of the NSA’s mass data collection, Snowden leaked an agency presentation that demonstrated just how surveillance-proof the software is. It was titled “Tor Stinks.” The spooks, according to the slide deck, were thwarted by the software at every turn. Gaining access to some Tor relays, for example, didn’t work, because they had to control all three computers in a circuit to defeat the encryption. “We will never be able to de-anonymize all Tor users all the time. With manual analysis we can de-anonymize a very small fraction of Tor users,” one slide reads. NSA spokeswoman Vanee Vines said in an e-mailed statement: “It should hardly be surprising that our intelligence agencies seek ways to counteract targets’ use of technologies to hide their communications. Throughout history, nations have used various methods to protect their secrets, and today terrorists, cybercriminals, human traffickers, and others use technology to hide their activities. Our intelligence community would not be doing its job if we did not try to counter that.”

Countering Tor is clearly frustrating for the NSA, and Internet users have taken note. Hits to Tor’s download page almost quadrupled last year, to 139 million. “Encryption works,” Bruce Schneier, a cybersecurity expert who helped the Guardian analyze the Snowden documents, said at a talk in New York in January. “That’s the lesson of Tor. The NSA can’t break Tor, and it pisses them off.”

Tor’s world headquarters occupies one room of a YWCA in Cambridge, Mass. Its neighbor is Transition House, which helps survivors of domestic abuse. Of 33 “core people” listed on Tor’s website, nine are full-time employees, and the majority work remotely. For the most part, the project is crowdsourced: Hundreds of volunteers around the world work on improving Tor’s software and solving technical challenges like staying ahead of censors in China, which has devoted enormous resources to shutting down anti-censorship tools, including Tor. A request to visit the office in person provoked some mild skepticism from Kelley Misata, who handles press for the group. “The Tor team is primarily virtual (and spread around the world),” she e-mailed, “so our office is made up of only a few members of the team working there on a regular basis.”

On a Friday in December, Executive Director Andrew Lewman, Misata, and a researcher named Sarah Cortes showed up to talk at the office, which has the air of a temporary camp, with little décor other than an enlarged Tor logo stuck between two windows and one Ikea run’s worth of furniture. We sat at a tall table surrounded by stools that required an awkward perch.

Lewman, 43, has longish dark hair threaded with gray and pulled back by a headband, accentuating heavy eyebrows and large dark eyes. He swallows audibly and speaks quickly. He says he first came across Tor in 2003, when he was working for a large international company with employees in China—he won’t say which one—who needed to get around Beijing’s increasing Internet controls. Tor was an effective and inexpensive solution, and he began volunteering as a code developer, eventually designing the software’s user interface. He’s been executive director since 2009. “People now know about Tor. They’ve heard the name,” he says. “What most of the world takes away is this privacy stuff exists, there’s this thing called Tor, and the NSA doesn’t like it.”

Lewman seems, if not tired of talking about the NSA, at least eager to shift discussion to the many uses of Tor that are totally unrelated to three-letter agencies. When the Chinese government clamped down on the Internet in 2009 to ensure a triumphant 60th anniversary celebration of the founding of the People’s Republic, Tor saw a spike in use in the country. Teenagers in the Boston exurb of Natick installed it on school-issued laptops so they could get on Facebook, to the school district’s displeasure.

Lewman also works with victims of domestic violence, teaching them to get online without revealing to abusers their location and activities. Tor and Transition House are developing guidelines for women at the shelter regarding technology use and online safety.

For Lewman—as with other people behind Tor—the cause has a personal side. When he worked for an Internet marketing firm in the mid 2000s, a consumer, irritated by marketing e-mails, found Lewman’s name on the website and began to threaten him, and then his family, online. The stalker eventually showed up at the office, requiring intervention by the police.

Misata has also had her privacy invaded online. A former colleague cyberstalked her for five years, she says, including posting nasty allegations that topped Google results, complicating job applications. She became an advocate and motivational speaker against cyber harassment. When she heard Lewman speak in 2012, she decided Tor was the safest place for her to work. “A lot of the conversations that I have in D.C., when they stand on their soapbox and say, ‘Tor is only used by bad guys,’ it’s very easy for me to step back and say, ‘Here’s why it’s so important to keep the network open for those who need it,’ ” says Misata, who is pursuing a Ph.D. at Purdue University and researching the use of technology in human trafficking.

Lewman’s message is the same, whether he’s talking to teenagers, Fortune 500 companies, or the U.S. Drug Enforcement Agency, whose agents must maintain deep cover as they infiltrate smuggling and production networks: Everything on the Internet is tracked and recorded, and you might not want that. “A simple question I ask companies is, ‘What do you Google for?’ ” Lewman says. “A number of firms are starting to realize, when we are doing sensitive things, we shouldn’t be doing it ‘naked’ on the Internet.”

Companies routinely use Internet traffic analysis to track what’s coming from competitors’ IP addresses. Searches for patents on specific technologies can lead to hints about what another company is planning. What if a company wants to research a competitor’s pricing? Chances are, Lewman says, if they’re doing it without cloaking their identity, they’ll get answers tailored for them, not the answers a real customer would get.

Living up to its credo of anonymity online, Tor doesn’t have detailed data on its users. They’re clearly not all noble political dissidents, though. Tor had a cameo in October in the FBI takedown of the online drug market, Silk Road, an operation that took years for the Feds to crack because it operated exclusively on the network. Tor estimates that users currently number about 300,000 a day, down from a peak of more than half a million a day over the summer.

“Tor’s biggest problem is press. No one hears about that time someone wasn’t stalked by their abuser. They hear how somebody got away with downloading child porn,” says Eva Galperin, global policy analyst at the Electronic Frontier Foundation, a civil liberties advocacy group in San Francisco. “The reason bad guys use Tor is because it works better than anything else. But at the same time, if there was no Tor, bad guys would still find a way of maintaining their anonymity and everyone else would be left out in the cold.”

Paul Syverson at the U.S. Naval Research Laboratory in Washington is one of the world’s foremost researchers on encrypting and routing data and one of Tor’s creators. He works in the lab’s Center for High Assurance Computer Systems, where a joke nameplate outside his office reads “cryptologicist.” I meet him in December in an all-purpose room stuffed with detritus, including a vacuum cleaner, half-dead plants, some battered cardboard boxes, and shelves crammed with old journals. White dust from a chalkboard scrawled over with formulas covers the floor and chairs.

Syverson, 55, has a Ph.D. in philosophy and looks distinctly unmilitary in an oversize flannel shirt and cargo pants. “The thing we had in mind when we started working on it was to protect government workers going on the public Internet,” he says, specifically analysts doing open-source intelligence gathering. That was in 1995, the Internet’s infancy. By 1996 the research lab had a publicly accessible onion routing system in place, hosted on a Navy server with virtual relays, to demonstrate the concept.

In 2000, Syverson met Roger Dingledine, whose graduate work at the Massachusetts Institute of Technology had focused on the creation of an anonymous online publishing system. Syverson persuaded Dingledine, and eventually another MIT graduate named Nick Mathewson, to help him develop an onion router that could be deployed on the wider Internet. (Dingledine is now project leader of the Tor Project and a researcher and advocate for privacy-enhancing technologies; Mathewson, a director and researcher, continues to help develop the software.)

“The basic notion of onion routing is that you have a distributed collection of computers that are scattered around, and you build a cryptographic circuit,” Syverson says. “We wanted it to work with parts of the Internet that don’t know anything about onion routing.”

The group developed the system as it works today, creating a routing process in which the cryptographic keys for each leg of the path are separate and ephemeral, so that no one can go back and decrypt old traffic. It’s one of the elements that has frustrated the NSA—in the original design, a single hostile node could record traffic and compromise the rest of the system.

For the onion router to work properly, the Navy needed to step back from running it. A cloaking system is not useful if all the cloaks say “Navy” on them. “If you have a system that’s only a Navy system, anything popping out of it is obviously from the Navy,” Syverson says. “You need to have a network that carries traffic for other people as well.” Tor Project was incorporated as a nonprofit in 2006 to manage operations.

In technical terms, Tor provides privacy by separating identity from routing online. In a normal session online, you’re browsing from your computer or a router that’s assigned its own IP address. Every request you send out carries that address, and information is returned there. When you use Tor, instead of your chat message, or the URL you type going directly to its destination, it’s routed through Tor’s network of volunteer nodes, moving through at least three of them, before exiting the network and proceeding to the endpoint. The website that receives it doesn’t know what your IP address is, nor does any point in the Tor circuit except for the entry relay. For most users, a Tor session does not feel different from going on the Web with the Firefox browser. But all the winding through relays does slow things down, and the default settings disable some functions for security reasons—including plugins that allow videos—but they can be turned back on.

Despite being designed to enable secrecy, Tor’s methods are almost totally transparent. From the start, Tor has been built on open-source code, meaning the software’s building blocks are freely available. Anyone with the skill to read code can look at how it’s built and how it works—and help improve it.

Such transparency is one of the organization’s key tenets. The Snowden documents have revealed the NSA’s effort to undermine encryption techniques and insert “back doors,” or deliberate vulnerabilities, into hardware and software that the NSA can then use to get into and spy on systems. In December, the German magazine Der Spiegel revealed the existence of vulnerabilities for commercially developed systems from the likes of Juniper Networks (JNPR) and Cisco Systems (CSCO). (When contacted by Der Spiegel, both companies denied having knowledge of such back doors or collaborating with the government; Juniper reiterated this to Bloomberg Businessweek.) With Tor’s code open for all to see and examine, flaws can’t remain hidden—or as easy to exploit.

Syverson and other researchers have written voluminously about Tor’s weaknesses. The network operates within the wider Web, and the way users behave and configure their computers outside Tor is one of the biggest sources of insecurity. One way the NSA found to get around Tor’s software and spy on users was an attack called “EgotisticalGiraffe,” exploiting a vulnerability in the Firefox browser. Another approach was to try to reconstruct the encrypted path to find the identity of a Tor user by monitoring relays, according to the “Tor Stinks” presentation. Success with this approach was “negligible,” because all three hops in the circuit had to be part of the set NSA could monitor, and the agency had access to few of them.

Tor exerts little control over who volunteers to host traffic, and researchers have found evidence of abuse, such as cases where an operator is snooping on traffic. The group has worked on solving that problem by ranking some relay points as more trusted than others, and giving users the ability to choose a set of trusted computers for the first relay.

Tor has evolved in other ways to stay ahead of what are sometimes referred to on its website as adversaries. Because Tor keeps a public list of all its relays—the IP addresses that volunteer to route Tor users’ requests—the Chinese government has tried blocking all of those IP addresses. To get around that, Tor in 2009 invented “bridges,” relays provided upon request to users who are blocked from regular Tor relays. Bridges aren’t listed in a public directory, making them more difficult to block.

There is a deeper layer of Tor, where information is hosted, called hidden services. These sites are tagged with the extension “.onion” and can only be accessed using Tor. A regular Internet user’s traffic goes through at least three hops; hidden services traffic goes through at least six. Iranian activists during the Green Movement protests in 2009 maintained blogs and websites using hidden services, according to Lewman. The drug bazaar Silk Road operated as a hidden service. You couldn’t find and use Silk Road with a Google search—its IP address was hidden from users. Those who wanted to buy drugs on the site had to use Tor as their browser, type in Silk Road’s .onion address, and use Bitcoins to pay for their purchases.

There is naturally suspicion that the NSA has in fact cracked Tor. In September a security researcher, Robert Graham of Errata Security, analyzed almost 23,000 connections to a relay he’d set up, and concluded that the majority were vulnerable to NSA decryption. Three-quarters of the traffic he monitored used an older version of Tor based on encryption keys that “everyone seems to agree” the NSA can break, he wrote. Version 2.4 of Tor’s software uses a different form of encryption keys, based on something called elliptic curves, which are more difficult to decode—but according to Graham’s analysis only a small subset of users have upgraded to that software version.

Conspiracy theories abound. On one Reddit discussion about Tor’s links to the government, an anonymous poster asked: “How can we be sure that TOR isn’t a front for the CIA or FBI? I mean, it’s too easy to just download, install, and be on your merry way browsing in ‘anonymity.’ ”

Lewman’s job, as he tries to drum up more funding and more volunteers to host relays, is to counter such thinking, which the Snowden revelations have, ironically, added to. “People have such fear of the NSA and the CIA and all these other three-letter organizations,” he says, “that they’re just like, ‘Whoa, I don’t want anything to do with that whatsoever.’ ”

More bandwidth, Lewman says, is what Tor needs most. He says he wants to increase Tor’s capacity by getting universities to run it and work out all the kinks before business puts in real money—citing the example of Facebook, which also started on campus. Major corporations are interested in using Tor, but they expect a ready-made product that’s already incorporated into the big enterprise packages provided by companies such as Cisco. So far, few large corporations have offered to host relays, he says.

It’s the kind of thing the Tor developers might discuss at their next meeting. Asked how often the “virtual team” gets together in person, Misata says she’s in the midst of organizing one of two such annual get-togethers for February. The core group of 30-plus spends the first half of the week discussing current and future initiatives and “bonding” and the second half hosting public meetings to spread the word of Tor. For privacy reasons, some in the developers group refuse to come to the U.S. For the gathering, Misata ended up choosing Iceland. She’s looking for hotels that don’t require guests to provide their passport.
http://www.businessweek.com/articles...ecurity-agency





Memories of Stasi Color Germans’ View of U.S. Surveillance Programs
Matthew Schofield

Wolfgang Schmidt was seated in Berlin’s 1,200-foot-high TV tower, one of the few remaining landmarks left from the former East Germany. Peering out over the city that lived in fear when the communist party ruled it, he pondered the magnitude of domestic spying in the United States under the Obama administration. A smile spread across his face.

“You know, for us, this would have been a dream come true,” he said, recalling the days when he was a lieutenant colonel in the defunct communist country’s secret police, the Stasi.

In those days, his department was limited to tapping 40 phones at a time, he recalled. Decide to spy on a new victim and an old one had to be dropped, because of a lack of equipment. He finds breathtaking the idea that the U.S. government receives daily reports on the cellphone usage of millions of Americans and can monitor the Internet traffic of millions more.

“So much information, on so many people,” he said.

East Germany’s Stasi has long been considered the standard of police state surveillance during the Cold War years, a monitoring regime so vile and so intrusive that agents even noted when their subjects were overheard engaging in sexual intercourse. Against that backdrop, Germans have greeted with disappointment, verging on anger, the news that somewhere in a U.S. government databank are the records of where millions of people were when they made phone calls or what video content they streamed on their computers in the privacy of their homes.

Even Schmidt, 73, who headed one of the more infamous departments in the infamous Stasi, called himself appalled. The dark side to gathering such a broad, seemingly untargeted, amount of information is obvious, he said.

“It is the height of naivete to think that once collected this information won’t be used,” he said. “This is the nature of secret government organizations. The only way to protect the people’s privacy is not to allow the government to collect their information in the first place.”

U.S. officials have defended the government collection of information since word of it broke in newspaper stories based on documents leaked by former National Security Agency contractor Edward Snowden. The records are used only to track down terrorists overseas, officials say. The collection has been carefully vetted by the Foreign Intelligence Surveillance Court, a body of U.S. judges whose actions are largely kept secret. There is no misuse.

German Chancellor Angela Merkel, who grew up in East Germany, tried to provide an out for President Barack Obama, offering as a possible explanation for the sweeping nature of the U.S. collection efforts that “the Internet is new to all of us.” She was roundly mocked for that statement, and her administration appeared far less forgiving more recently, when similar spying charges were leveled against the British government.

Germans are dismayed at Obama’s role in allowing the collection of so much information. Before his presidency, hundreds of thousands of Germans turned out to hear him speak in Berlin. During a visit last week, the setup was engineered to avoid criticism: Obama spoke to a small, handpicked audience, many from the German-American school. Access to the Brandenburg Gate, the backdrop for his speech, was severely limited, as was access to Berlin’s entire downtown.

As many Germans as heard Obama speak turned out at quickly arranged protests, including one by self-proclaimed tech nerds near the historic Checkpoint Charlie, where U.S. soldiers welcomed visitors from the communist sector of Berlin for four decades with a sign, “You are entering the American sector.” One demonstrator added this coda: “Your privacy ends here.”

The center-left newspaper Sueddeutsche Zeitung took Obama to task over the surveillance issue. “Governments do not have the right to conceal broad lines of policy,” the newspaper wrote. “President Obama is operating according to an odd maxim: ‘I am doing a lot of the same things that George W. Bush did, but you can trust me because I am the one doing it.’ Not even Obama is deserving of that much trust."

“Everyone knows that gathering so much information is bullshit,” said Reinhard Weisshuhn, a political activist and foreign policy adviser. “It’s a total breach of trust by the government. This is how a society destroys itself.”

For 15 years, the Stasi tracked Weisshuhn’s every move and conversation. His Stasi file, which he, like many other Stasi targets, reviewed after the Berlin Wall collapsed, ran to 9,000 pages. He was shocked, and he’s quick to stress that the United States shouldn’t be compared to the totalitarian East German state.

“But that doesn’t mean the president gets a free pass,” he said. “The United States is an open society. This is a problem that must be honestly addressed and fixed.”

Weisshuhn shares a common German perception on the scandal: Snowden, who’s been charged under the Espionage Act for leaking news of the domestic spying, isn’t the bad guy.

"In our case, we thought we were being paranoid until we saw what they’d gathered and realized we’d been naive," Weisshuhn said. "Here, it’s not the whistle-blower who is wrong, it’s the gathering of information."

Germans, especially those raised in the east, are unconvinced by arguments that the sweeping collection of information is used only to track terrorists. The assertions by U.S. officials that unspecified attacks have been thwarted don’t persuade them, either. They haven’t forgotten the fear of living under a government that used vague threats to justify blanket spying. In East Germany, the threats came under the banner of disloyalty to socialist ideals. In the United States, the monitoring programs come under the banner of anti-terrorism.

Dagmar Hovestaedt is the spokeswoman for the German Stasi Records Agency, which showed 88,000 people last year what the Stasi had gathered on them. She said the U.S. should consider doing the same.

“This is a study on how to deal with the information the NSA is now gathering,” she said of her archive. “To say that the NSA is the equivalent of the Stasi is too simplistic, but the people who are spied on do have a right to know what was learned about their lives, what they had hoped to keep private that was not. Transparency is essential.”

Still, she noted that Stasi victims have a large advantage in finding out what was studied.

“It’s easy to make information available when it was gathered by a state that no longer exists,” she said.

Stefan Wolle is the curator for Berlin’s East German Museum, which focuses in part on the actions of and reactions to the Stasi. What becomes clear when studying the information the organization gathered is the banality of evil: Simple pieces of everyday life are given much greater importance than they deserve when a secret organization makes the effort to gather the information.

“When the wall fell, I wanted to see what the Stasi had on me, on the world I knew,” he said. “A large part of what I found was nothing more than office gossip, the sort of thing people used to say around the water cooler about affairs and gripes, the sort of things that people today put in emails or texts to each other.

“The lesson,” he added, “is that when a wide net is cast, almost all of what is caught is worthless. This was the case with the Stasi. This will certainly be the case with the NSA.”
http://www.mcclatchydc.com/2013/06/2...r-germans.html





Russia Hacked Hundreds of Western, Asian Companies: Security Firm
Jim Finkle

A U.S. cybersecurity firm says it has gathered evidence that the Russian government spied on hundreds of American, European and Asian companies, the first time Moscow has been linked to cyber attacks for alleged economic - rather than political - gains.

According to the firm, CrowdStrike, the victims of the previously unreported cyber espionage campaign include energy and technology firms, some of which have lost valuable intellectual property.

CrowdStrike declined to go into detail about those losses or to name any victims, citing confidentiality agreements related to its investigation.

Officials with the Russian Interior Ministry could not be reached for comment early on Wednesday in Moscow.

"These attacks appear to have been motivated by the Russian government's interest in helping its industry maintain competitiveness in key areas of national importance," Dmitri Alperovitch, chief technology officer of CrowdStrike, told Reuters on Tuesday evening.

Cybersecurity researchers have in the past said that China's government was behind cyber espionage campaigns against various corporations dating back as far as 2005, but China has vehemently denied those allegations. Alperovitch said this is the first time the Russian government has been linked to cyber intrusions on companies.

Governments have been using computer networks to spy on each other for more than 30 years in the type of surveillance programs conducted by virtually every nation, according to CrowdStrike. It is only in the past decade that some nations have started using cyber espionage as a platform for gaining data to help promote their national economic interests, according to Alperovitch.

CrowdStrike has been following the activities of the Russian group of hackers, which it dubbed "Energetic Bear," for two years. The firm believes the Russian government is behind the campaign because of technical indicators, as well as analysis of the targets chosen and the data stolen, according to Alperovitch.

"We are very confident about this," he said. Victims include European energy companies, defense contractors, technology companies and government agencies, according to the CrowdStrike report.

Manufacturing and construction firms in the United States, Europe and Middle East as well as U.S. healthcare providers were also cited as targets in the report that was posted on the web early on Wednesday morning, here

CrowdStrike described the activities of the Energetic Bear hackers in its annual cyber threat report, released on Wednesday. It also documented attacks by hacking groups in China and Iran and described the activities of the activist Syrian Electronic Army.

Alperovitch, who is of Russian ethnic origin and now lives in the Washington, D.C., area, is an expert on cyber espionage who rose to prominence while working for McAfee Inc. While there he managed a team of researchers who produced a landmark January 2010 report that described how Chinese hackers had launched an unprecedented series of attacks known as "Operation Aurora" on Google Inc and dozens of other companies.

In 2012, he co-founded CrowdStrike, which collects intelligence about the activities of hacking groups around the world and sells software to thwart such attacks.

He told Reuters that the data his firm has obtained about Energetic Bear suggests that authorities in Moscow have decided to start using cyber espionage to promote Russia's national economic interests.

"They are copying the Chinese play book," he said. "Cyber espionage is very lucrative for economic benefit to a nation."

(Reporting by Jim Finkle, additional reporting by Megan Davies in Moscow; Editing by Tiffany Wu and Ken Wills)
http://www.reuters.com/article/2014/...A0L07Q20140122





New Security Report Confirms Everyone Is Spying on Everyone
Nicole Perlroth

Lest we forget, the National Security Agency is in good company.

A new security report confirms that Chinese hackers spied on The New York Times in 2012, as well as attendees of the G20 Summit in St. Petersburg last fall. Iranian hackers spied on dissidents in the lead up to state elections last May. The Syrian Electronic Army is only getting better, and North Korean hackers were behind a destructive cyberattack that wiped data from South Korean banks last year.

These were just some of the findings of CrowdStrike, the hot Laguna Niguel, Calif., security start-up which tracked more than 50 hacking groups last year. The company, started by George Kurtz, the antivirus company McAfee’s former chief technology officer, and Dmitri Alperovitch, McAfee’s former vice president of threat research, produced its findings in an annual report Wednesday.

The report buttresses previous findings by The New York Times, Google and a number of other security firms, including FireEye, the Milpitas, Calif.-based security software firm that acquired Mandiant last year.

It also offered a number of interesting new discoveries. Among them:

• A Russian hacking group that Crowdstrike calls “Energetic Bear” was behind a range of cyberattacks in 23 countries that predominantly affected Western energy companies and a broad range of other targets. Among them: European governments and defense contractors; American, European and Asian universities; American health providers; manufacturing and construction companies in the Middle East, Europe and the United States, and research institutes.
• As security software becomes more prolific, hackers continue to make their way down the food chain to computer hardware where it is much more difficult to identify and remove.
• Regional conflicts such as Syria’s civil war and protests in the Middle East continue to spill over into cyber conflict.
• Hackers in the Middle East and North Africa are ramping up their hacking capabilities.
• High-profile world events such as the upcoming Sochi Olympics and World Cup and upcoming elections in Egypt, Iraq, Tunisia and Turkey may coincide with cyberattacks as was the case with the G20 Summit last fall.

Needless to say, this won’t be a slow year for the $67 billion cybersecurity industry.
http://bits.blogs.nytimes.com/2014/0...g-on-everyone/





Chrome Bugs Allow Sites to Listen to Your Private Conversations
Tal Ater

By exploiting bugs in Google Chrome, malicious sites can activate your microphone, and listen in on anything said around your computer, even after you’ve left those sites.

Even while not using your computer - conversations, meetings and phone calls next to your computer may be recorded and compromised.


While we’ve all grown accustomed to chatting with Siri, talking to our cars, and soon maybe even asking our glasses for directions, talking to our computers still feels weird. But now, Google is putting their full weight behind changing this. There’s no clearer evidence to this, than visiting Google.com, and seeing a speech recognition button right there inside Google’s most sacred real estate - the search box.

Yet all this effort may now be compromised by a new exploit which lets malicious sites turn Google Chrome into a listening device, one that can record anything said in your office or your home, as long as Chrome is still running.

Google’s Response

I discovered this exploit while working on annyang, a popular JavaScript Speech Recognition library. My work has allowed me the insight to find multiple bugs in Chrome, and to come up with this exploit which combines all of them together.

Wanting speech recognition to succeed, I of course decided to do the right thing…

I reported this exploit to Google’s security team in private on September 13. By September 19, their engineers have identified the bugs and suggested fixes. On September 24, a patch which fixes the exploit was ready, and three days later my find was nominated for Chromium’s Reward Panel (where prizes can go as high as $30,000.)

Google’s engineers, who’ve proven themselves to be just as talented as I imagined, were able to identify the problem and fix it in less than 2 weeks from my initial report.

I was ecstatic. The system works.

But then time passed, and the fix didn’t make it to users’ desktops. A month and a half later, I asked the team why the fix wasn’t released. Their answer was that there was an ongoing discussion within the Standards group, to agree on the correct behaviour - “Nothing is decided yet.”

As of today, almost four months after learning about this issue, Google is still waiting for the Standards group to agree on the best course of action, and your browser is still vulnerable.

By the way, the web’s standards organization, the W3C, has already defined the correct behaviour which would’ve prevented this… This was done in their specification for the Web Speech API, back in October 2012.

How Does it Work?

A user visits a site, that uses speech recognition to offer some cool new functionality. The site asks the user for permission to use his mic, the user accepts, and can now control the site with his voice. Chrome shows a clear indication in the browser that speech recognition is on, and once the user turns it off, or leaves that site, Chrome stops listening. So far, so good.

But what if that site is run by someone with malicious intentions?

Most sites using Speech Recognition, choose to use secure HTTPS connections. This doesn’t mean the site is safe, just that the owner bought a $5 security certificate. When you grant an HTTPS site permission to use your mic, Chrome will remember your choice, and allow the site to start listening in the future, without asking for permission again. This is perfectly fine, as long as Chrome gives you clear indication that you are being listened to, and that the site can’t start listening to you in background windows that are hidden to you.

When you click the button to start or stop the speech recognition on the site, what you won’t notice is that the site may have also opened another hidden popunder window. This window can wait until the main site is closed, and then start listening in without asking for permission. This can be done in a window that you never saw, never interacted with, and probably didn’t even know was there.

To make matters worse, even if you do notice that window (which can be disguised as a common banner), Chrome does not show any visual indication that Speech Recognition is turned on in such windows - only in regular Chrome tabs.

You can see the full source code for this exploit on GitHub.

Speech Recognition's Future

Speech recognition has huge potential for launching the web forward. Developers are creating amazing things, making sites better, easier to use, friendlier for people with disabilities, and just plain cool…

As the maintainer of a popular speech recognition library, it may seem that I shot myself in the foot by exposing this. But I have no doubt that by exposing this, we can ensure that these issues will be resolved soon, and we can all go back to feeling very silly talking to our computers… A year from now, it will feel as natural as any of the other wonders of this age.
http://talater.com/chrome-is-listening/





U.S. Teenagers Are Driving Much Less: 4 Theories About Why

EIA sees slower growth in U.S. miles traveled as more teens shun licenses.
Marianne Lavelle

Throw a sheet over the little deuce coupe, park the little red Corvette, and send the pink Cadillac to the ranch.

U.S. teenagers just aren't as into driving as they used to be, U.S. government forecasters acknowledged Monday in dramatically altered projections for transportation energy use over the next 25 years.

Growth in "vehicle-miles traveled" (VMT)—that key gauge of America's love affair with the automobile that once reliably ratcheted up year after year—will slow dramatically, the U.S. Energy Information Administration (EIA) says in its new Annual Energy Outlook. The EIA slashed its projected annual VMT growth rate to 0.9 percent, a drop of 25 percent compared to its forecast only a year ago.

The change is partly due to slower population growth, but also because of a generational shift confirmed by at least four studies in the past year. In the United States, young people are not only driving less than teens did a generation ago, they aren't even getting licenses.

Put that demographic trend together with the dramatic increase in fuel economy expected in the years ahead, and U.S. energy consumption to fuel cars is expected to drop one-quarter to 12.1 quadrillion Btu by 2040.

It sounds like good news for everyone except carmakers and songwriters, but the figures have stirred ferocious debate among numbers-crunchers. Is indifference to motoring, like so many other youth trends, a passing phase? Or have we finally erased the last traces of American Graffiti and the car-centric teen culture that once celebrated cruising, hot-rodding, and drive-ins?

These are more than academic questions, since they affect a huge chunk of the economy. U.S. energy and transportation forecasters plan to look more deeply into the reasons behind the trends, but here are the key theories that have been aired so far.

With "Virtual" Access, No Need for Wheels

Researchers at the University of Michigan's Transportation Research Institute (UMTRI) note that the percentage of young drivers is inversely related to the proportion of Internet users. Social media may be taking the place of motorized transportation, they theorize.

"Virtual contact, through electronic means, reduces the need for actual contact," said Michael Sivak, a research professor in UMTRI's human factors group. Bolstering this theory is international data the Michigan researchers compiled showing that in countries around the world, a higher proportion of Internet users was associated with lower rates of licensed young drivers.

Seven countries, including Canada, South Korea, Germany, and Japan, are seeing similar shifts in the demographics of licensed drivers.

In the United States, the Michigan team found that the percentage of 19-year-olds with driver's licenses fell from 87 percent to 70 percent between 1983 and 2010. For 17-year-olds, the fall was even more dramatic, from 69 percent in 1983 to 46 percent by 2010.

Times Are Too Tough for Teen Driving

The insurance industry's research arm, the Highway Loss Data Institute (HLDI), pointedly disputes the "virtual access" theory. Its analysis of U.S. collision insurance policies confirms the trend, showing a 12 percent drop in covered teen drivers just since 2006. But HLDI said the fall-off tracked with an increase in unemployment that was steeper among teens than for the general population of drivers. "It looks like teens just can't afford to drive," said HLDI Vice President Matt Moore. "Paying for their own cars, gas, and insurance is hard if they can't find a job."

Scientists with the Centers for Disease Control also cited economic factors in their analysis of the downward trend in teen driving.

Moore argued the trend may be transitory. "As the economy picks up again, it's possible that more teenagers will get behind the wheel," Moore said. "Unfortunately, that may also mean a rise in teen crash fatalities, which have been trending downward."

It's a Matter of Choice

But the nonprofit U.S. Public Interest Research Group (PIRG) argues that something fundamental has changed in how young people feel about cars. "Many members of Generation Y have reduced their driving because they choose to take transportation alternatives instead of cars to school, work, and recreation, and because many have chosen to live in ways that require less time behind the wheel of a car," PIRG said in a report compiling a number of polls that support the theory. PIRG followed up with a report on the overall downward trend in U.S. driving, showing that cities with the biggest drops in driving had no greater unemployment than cities with smaller declines. (See related, "Car Sharing Widens Lanes of Access for City Drivers.")

Said PIRG, "Growing evidence—both anecdotal and quantitative—suggests that some of this change is being driven by shifts in young people's priorities and preferences, shifts that could very well persist as Generation Y ages." (Related: "Bike Share Schemes Shift Into High Gear")

They Just Haven't Gotten Around to It

But only 9 percent of young nondrivers cited concern over how driving affects the environment as their reason for putting off getting a license, a survey by the Michigan researchers found. The top reason for putting off getting a license, cited by 37 percent of respondents, was far less lofty: "too busy or not enough time to get a driver's license."

Among the other (primary or secondary) reasons cited was something to support almost any of the competing theories: 32 percent said owning and maintaining a vehicle was too expensive, 31 percent said they were able to get transportation from others, 22 percent said they preferred to bike or walk, and 17 percent said they preferred public transit.

Twenty-two percent of the young nondrivers said they never planned on getting a driver's license—a minority, but one researchers will be trying to understand better in the years ahead.
http://news.nationalgeographic.com/n...ve-less-today/





What Hard Drive Should I Buy?
Brian Beach

My last two blog posts were about expected drive lifetimes and drive reliability. These posts were an outgrowth of the careful work that we’ve done at Backblaze to find the most cost-effective disk drives. Running a truly unlimited online backup service for only $5 per month means our cloud storage needs to be very efficient and we need to quickly figure out which drives work.

Because Backblaze has a history of openness, many readers expected more details in my previous posts. They asked what drive models work best and which last the longest. Given our experience with over 25,000 drives, they asked which ones are good enough that we would buy them again. In this post, I’ll answer those questions.

More





T-Mobile Will Now Give You A Free Checking Account, Complete With 42,000 No-Fee ATMs
Steve Kovach

T-Mobile isn't just content being your wireless carrier. It now wants to manage your checking account, too.

The company announced today Mobile Money, a free checking account service available to anyone with a T-Mobile phone number.

With T-Mobile's Mobile Money, your wireless carrier is your bank. T-Mobile retail stores are your banking branches. T-Mobile retail employees are your tellers. And while it sounds bizarre, it's just another example of a company trying to remove the banks from banking. (Mobile Money is very similar to Simple, another promising alternative banking service.)

Here's how it works:

• You walk into a T-Mobile store and open your checking account with an initial cash deposit. T-Mobile gives you a prepaid Visa card. (You'll eventually get your own debit card with your name on it.)
• You deposit cash to your account at the T-Mobile store and checks by snapping a photo of the document using the T-Mobile Mobile Money app for iPhone or Android.
• To get cash, you can make withdrawals (no fees!) from a network of 42,000 ATMs that you can find using the app. There's also a network of international ATMs that you can use for free.
• You can transfer money to other Mobile Money customers using the app if you have the person's T-Mobile phone number and last four digits of his or her debit card.
• You pay your bills electronically using the app or T-Mobile's website. You can also have T-Mobile cut a check and send it to someone if that's your only option.

Mobile Money is totally free except for the occasional fee you might have to pay for stuff like same-day bill payments.

But it's not for everyone, of course. T-Mobile is only offering free checking, not savings accounts or any of the other premium services traditional banks offer. It's simply an option for T-Mobile customers who want to easily move money in their checking accounts around. If you need more than that, you're probably better off with your regular bank.
http://www.businessinsider.com/t-mob...ey-2014-1?op=1
















Until next week,

- js.



















Current Week In Review





Recent WiRs -

January 18th, January 11th, January 4th, December 28th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 05:27 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)