Peer-To-Peer News - The Week In Review - February 11th, ’06

[JackSpratts]

"This demonstrates that he either doesn't have a clue what he's talking about, or that he's simply inventing evidence and switching to Limewire after we totally destroyed him on the Kazaa stuff." – Zi Mei


"Frankly, we'll probably be wrong 99 percent of the time." – James W. Pennebaker


"In a technical sense he's calibrating his servos, but we like to call it stretching." – Caleb Chung


"This most recent decision is consistent with the definitive decision of the French Appellate Court of Montpellier. It is an important stepping stone in our fight to legalize P2P." – Jean-Baptiste Soufron


"It was the first time I ever smelled pot and I knew I wanted to be a musician." – Sheryl Crow





































February 11th, ’06





Say sea bone!

French Judge Authorizes Downloading And Uploading Of Copyrighted Content On The Internet
Aziz Ridouan

Paris, France – An Internet user defended by the Association of Audionautes (ADA) was released free of charges by the District Court of Paris after downloading and uploading music and movies on the Internet.

The decision, dated December 8, 2005 and made public this week, is available online at: http://www.audionautes.net/pages/PDF...estgiparis.pdf [fr]

Several Internet users defended by the ADA have already been released free of charges for having downloaded copyrighted content on Internet on the basis of the "private copying" doctrine:

- Rodez Tribunal Correctionnel, October 13, 2004: Absolved of charges
- Châteauroux Tribunal de Grande Instance, December 15, 2004: No damages
- Montpellier Cour d'Appel, March 10, 2005: Absolved of charges
- Meaux Tribunal Correctionnel, April 21, 2005: Downloading qualified as private copying, 70 cents / title for uploading
- Le Havre Tribunal Grande Instance, September 20, 2005: Same as above, but 20 cents / title for uploading
- Créteil Tribunal de Grande Instance, November 2, 2005: Absolved of charges for downloading as well as uploading using eMule

But this decision is the first one to authorize both the downloading and uploading of P2P content for Internet users. On September 21, 2004, the prosecutor's office found 1875 MP3 and DIVX files on the defendant's hard drive. Based on this discovery, a French record producer association known as the SCPP (Société Civile des Producteurs Phonographiques) sued him for downloading and uploading 1212 music tracks.

The District Court of Paris, however, refused to agree with the SCPP's argument. Following the line of reasoning utilized by the ADA for nearly two years, the Judges decided that these acts of downloading and uploading qualified as “private copying.”

While the case has been appealed to a higher court, Aziz Ridouan, President of the ADA approves of the current verdict and is confident that it will be affirmed. According to Jean-Baptiste Soufron, Legal Counsel of the ADA, "This most recent decision is consistent with the definitive decision of the French Appellate Court of Montpellier. It is an important stepping stone in our fight to legalize P2P." France was the first country in the world to propose the legalization of P2P downloading to Parliament.
http://www.audionautes.net/blog/inde...n-the-internet





P2P File Sharing Is On The Rise
p2pnet

The desperate Big Four Organized Music Goliaths say their p2p file scaring tactics are either significantly reducing the numbers of people using the p2p networks, or the numbers are static.

Depends on if you're talking to the RIAA (Recording Industry Association of America - Down) or IFPI (International Federation of the Phonographic Industries - Static), both owned by the Big Four, Warner Music, Vivendi Universal, EMI and Sony BMG.

However, the real story is: the numbers of file sharers in the US and around the world continues to rise, says p2p research firm Big Champagne.
http://www.p2pnet.net/story/7851





Inquiry Set For French File-Sharing Plan

The French government is moving ahead with plans for a controversial law that would legalize file-sharing of music and films, a move that could undo years of antipiracy work by the entertainment industry.

France's Culture Minister Renaud Donnedieu de Vabres is set to be questioned about the draft on Wednesday by the parliamentary commission for cultural affairs and the commission for economic affairs.

The project has worried the music, film and television industries because it would make France the first country to allow unlimited peer-to-peer downloading for a flat fee of several euros a month.

File-sharing lets consumers swap songs and movies without paying for them. Some legalized versions of peer-to-peer networks are starting to crop up, including one expected to be launched soon in Germany by Warner Bros.

"We are concerned and monitoring the situation closely," Francine Cunningham, a spokeswoman for the International Federation of the Phonographic Industry music trade group said on Friday. "But it has a long way to go before it becomes law."

The draft law, which originally aimed to tackle online piracy, is backed by consumer groups in France but heavily opposed by such companies as Vivendi Universal, which owns Universal Music, the world's biggest record company, and a stake in film and TV company NBC Universal.

French cinema and music trading associations together with rock stars such as Johnny Hallyday have spoken out against the law, arguing it would kill their work.

In December, the French government put forward a measure that aimed to clamp down on users sharing pirated material over the Internet by introducing stiffer punishments such as fines of up to 300,000 euros ($362,200) and prison sentences of up to three years.

But deputies, both from the ruling conservatives and the opposition Socialists, threw the planned law off course at the end of December by adding amendments that would legalize file-sharing in exchange for a fee to cover a licensing charge.

"Everything we're hearing from the government is that it won't happen," said Geraldine Moloney, a spokeswoman for the Motion Picture Association in Europe.

"If it did, it would have an impact on the film community worldwide, but the whole industry is mobilized against it," she added.

Some legal experts have said the amended draft law, which calls for a "compulsory license" or "global license" could violate European Union intellectual property laws.

"The 'compulsory license' would replace the fast-growing legitimate online market in France by an 'average' payment which would by no means remunerate the creation of music and investments made by the recording industry," the International Federation of the Phonographic Industry said.
http://news.com.com/2100-1025_3-6034897.html





Songbird, the "Open Source iTunes Killer," Flies Today

A team led by ex-Winamp-er Rob Lord today released a preview edition of Songbird, a desktop media player that offers an open source alternative to services like Apple's iTunes and the Windows Media Player. Instead of connecting to one locked store full of DRMmed goods, it can connect to any and all available music (and video) on the internet.

Code brains behind the project include people who helped build Winamp, Muse, Yahoo's "Y! Music Engine" media player, and developers from Mozilla Foundation. Initial release is for Windows only, with editions for other OSes to follow in the coming weeks.

Built on the same platform as Firefox, Songbird acts like a specialized web browser for music. It sees the online world through MP3-colored glasses -- it looks at an archive of public domain sound files or a music store's catalog, and displays available media for you.

I spoke with Rob Lord earlier today by phone about the preview release. Screenshots and interview after the jump.

BB: So why did you guys build this?
RL: People should have more choice about music and video formats, and where they get their music. Imagine what your experience of the web wold be like if IE connected only to microsoft.com. That's what digital networked media players are like today. Fairplay [Ed. Note: Apple's proprietary DRM] is the 8-track of our generation, and those formats may become obsolete a lot sooner than people using those services realize. Songbird can connect to any a la carte media store -- downloadable music, radio, video, P2P networks, and classes of services that haven't been created yet. Services like iTunes -- where everybody has to shop from the same store -- are like walled garden online services back in the early days. AOL, Prodigy. That's how we connected to the 'net then. Songbird is to iTunes what the Firefox browser is to those old, limiting online services. It opens up the whole internet to you as a music browsing experience.

BB: Should the RIAA be worried about you?
RL: As we say in our FAQ, "We don't steal music and you shouldn't either. We support DigitalConsumer.org's Bill of Rights as the best means to a burgeoning, diverse and lawful digital media market."

BB: Who funded the project, and how will you make money in the future?
RL: I provided the funding. I think we're going to put a "donate" button on the site. And we're going to sell t-shirts, and maybe some songbird-shaped fuzzy holders for digital music players.

BB: Apart from the ability to connect to lots of different sources, what will Songbird do differently?
RL: The opportunity to innovate is stymied by architecture. All of the popular media players out there have pretty much the same feature set on the desktop -- when you leave aside what's possible when you connect to the internet, they all do pretty much the same thing these days. Rip, mix, burn, play, organize playlists. But plug them in to the internet, and there's so much more they could be doing. The possibilities for networked services are totally untapped. For instance, [Winamp co-creator] Justin Frankel created a collaborative jamming service, and you can't do that inside any commercial media player now. You'll be able to do those kinds of things inside Songbird.

BB: Why does the ability to obtain music from multiple stores or sources online matter?
RL: Why wouldn't you buy your bluegrass in one place and your trance music in another? Why shouldn't there be music communities like lastfm and others that focus on specific niches? Even if you could buy all your music in one place, like Wal-Mart, would you want to? Maybe the experience would be better if you could connect to lots of different places, and communities, and social networks.

BB: What's in it for those providers?
RL: It's an open format, so they can do deep integration into our player, and reach new audiences. We built Songbird on the Mozilla Foundation's XULRunner platform, which is also used by Firefox and the Thunderbird email client. Firefox is very widely used now, there are 400 extensions, everybody knows it's as much of a movement as a piece of software. The difference between the Firefox and Internet Explorer browsers is substantial, but it's nothing like the difference between iTunes or Windows Music and Songbird.

BB: Songbird's logo is a cute, rotund, whistling birdie -- but what's up with that puff of gas coming out of his posterior? Is your mascot farting?
RL: Sorry, bad reception (SSSHHCSRRGRRR CRACKLE)
http://www.boingboing.net/2006/02/08...e_open_so.html





Sloppy RIAA 'Investigation' Attacked
p2pnet

Did RIAA spokesman Jonathon Whitehead switch the names of two completely different p2p applications in a deliberate bid to fool a court hearing a p2p file sharing case?

The question is raised in an affidavit presented in the latest stage of Atlantic Recording v John Does 1-25.

The RIAA (Recording Industry Association of America) still claims the existence of metadata in shared folders is enough to prove copyright infringement took place, but the assertion has again been roundly attacked by programming expert Zi Mei.

"Whitehead shot himself in the foot with his latest declaration," Mei told p2pnet. "He asserts that all Does are Gnutella users, directly contradicting earlier testimony, which included pages of Kazaa screenshots.

"This demonstrates that he either doesn't have a clue what he's talking about, or that he's simply inventing evidence and switching to Limewire after we totally destroyed him on the Kazaa stuff, hoping no one would notice.

"It's obvious that Mr. Whitehead doesn't know Kazaa from a kazoo either, or he's simply pretending he doesn't. The RIAA's 'investigative' techniques are sloppy and harmful, to say the least."

After weeks of non-stop, principally voluntary, work to meet the February 7 deadline, Mei today submitted his second affidavit, revealing telling holes in RIAA spokesman Jonathon Whitehead's second set of assertions in Atlantic v. John Does 1-25, and also, "pointing out its inconsistencies with the first declaration, as well as its inconsistency with the way computers work, and with the way the internet works," says Recording Industry vs The People.

Zi recently appealed to p2pnet readers for help and he told us he was grateful for the input he subsequently received.

In his affidiavit, Mei wonders if Whitehead deliberately and knowingly switched the names of Kazaa and Limewire p2p, "in an attempt to mislead the Court and reconcile flaws in his earlier testimony".

If that was the case, says the programmer, "it casts clear doubt as to his integrity".

Whitehead, "betrays either confusion or ignorance of how decentralized P2P networks like FastTrack (Kazaa) and Gnutella (Limewire) actually work," he states.

"Moreover," he goes on later in the paper, "Mr. Whitehead still has not even attempted to explain the process through which the plaintiffs allegedly obtained the IP addresses allegedly associated with defendants."

Go here for a .pdf scan of Mei's paper. We'll try and bring you a text version in the near future.

Meanwhile, definitely stay tuned. When it concludes, this case will further damage the Big Four's steadily eroding credibility and have an enormous impact on future sue 'em all suits.
http://p2pnet.net/story/7850





Marie Lindor to Move for Summary Judgment
Ray Beckerman

Marie Lindor, a home health aide who has never bought, used, or even turned on a computer in her life, but was nevertheless sued by the RIAA in Brooklyn federal court for using an "online distribution system" to "download, distribute, and/or make available for distribution" plaintiff's music files, has requested a pre-motion conference in anticipation of making a summary judgment motion dismissing the complaint and awarding her attorneys fees under the Copyright Act.
http://recordingindustryvspeople.blo...r-summary.html





Torvalds Versus GPLv3 DRM Restrictions
Joe Barr

Linus Torvalds, father of the Linux kernel, has fleshed out his unhappiness with GPLv3 in three recent posts on the Linux Kernel Mailing List (LKML).

Torvalds previously stated that the kernel will remain under the licensing terms of GPLv2.

Yesterday, Tovalds offered his opinion as to where the battle over DRM should take place:
I would suggest that anybody who wants to fight DRM practices seriously look at the equivalent angle. If you create interesting content, you can forbid that _content_ to ever be encrypted or limited.

In other words, I personally think that the anti-DRM clause is much more sensible in the context of the Creative Commons licenses, than in software licenses. If you create valuable and useful content that other people want to be able to use (catchy tunes, funny animation, good icons), I would suggest you protect that _content_ by saying that it cannot be used in any content-protection schemes.

Afaik, all the Creative Commons licenses already require that you can't use technological measures to restrict the rights you give with the CC licenses. The "Share Alike" license in particular requires all work based on it to also be shared alike, ie it has the "GPL feel" to it.

If enough interesting content is licensed that way, DRM eventually becomes marginalized. Yes, it takes decades, but that's really no different at all from how the GPL works. The GPL has taken decades, and it hasn't "marginalized" commercial proprietary software yet, but it's gotten to the point where fewer people at least _worry_ about it.

As long as you expect Disney to feed your brain and just sit there on your couch, Disney & co will always be able to control the content you see. DRM is the smallest part of it - the crap we see and hear every day (regardless of any protection) is a much bigger issue.

The GPL already requires source code (ie non-protected content). So the GPL already _does_ have an anti-DRM clause as far as the _software_ is concerned. If you want to fight DRM on non-software fronts, you need to create non-software content, and fight it _there_.

I realize that programmers are bad at content creation. So many programmers feel that they can't fight DRM that way. Tough. Spread the word instead. Don't try to fight DRM the wrong way.

In a later post, Tovalds replied to Pierre Ossman, who suggested the GPL can currently be thwarted by DRM measures:
> The point is not only getting access to the source code, but also being able
> to change it. Being able to freely study the code is only half of the beauty
> of the GPL. The other half, being able to change it, can be very effectively
> stopped using DRM.

No it cannot.

Sure, DRM may mean that you can not _install_ or _run_ your changes on somebody else's hardware. But it in no way changes the fact that you got all the source code, and you can make changes (and use their changes) to it. That requirement has always been there, even with plain GPLv2. You have the source.

The difference? The hardware may only run signed kernels. The fact that the hardware is closed is a _hardware_ license issue. Not a software license issue. I'd suggest you take it up with your hardware vendor, and quite possibly just decide to not buy the hardware. Vote with your feet. Join the OpenCores groups. Make your own FPGA's.

And it's important to realize that signed kernels that you can't run in modified form under certain circumstances is not at all a bad idea in many cases.

For example, distributions signing the kernel modules (that are distributed under the GPL) that _they_ have compiled, and having their kernels either refuse to load them entirely (under a "secure policy") or marking the resulting kernel as "Tainted" (under a "less secure" policy) is a GOOD THING.

Notice how the current GPLv3 draft pretty clearly says that Red Hat would have to distribute their private keys so that anybody sign their own versions of the modules they recompile, in order to re-create their own versions of the signed binaries that Red Hat creates. That's INSANE.

Btw, what about signed RPM archives? How well do you think a secure auto-updater would work if it cannot trust digital signatures?

I think a lot of people may find that the GPLv3 "anti-DRM" measures aren't all that wonderful after all.

Because digital signatures and cryptography aren't just "bad DRM". They very much are "good security" too.

Babies and bathwater..

And finally, in yet another response to Ossman and others on the LKML, he wrote:
> So taking open software and closed hardware and combining it into something
> that I cannot modify is ok by you?

But you CAN modify the software part of it. You can run it on other hardware.

It boils down to this: we wrote the software. That's the only part _I_ care about, and perhaps (at least to me) more importantly, because it's the only part we created, it's the only part that I feel we have a moral right to control.

I _literally_ feel that we do not - as software developers - have the moral right to enforce our rules on hardware manufacturers. We are not crusaders, trying to force people to bow to our superior God. We are trying to show others that co-operation and openness works better.

That's my standpoint, at least. Always has been. It's the reason I chose the GPL in the first place (and it's the exact same reason that I wrote the original Linux copyright license). I do _software_, and I license _software_.

And I realize that others don't always agree with me. That's fine. You don't have to. But I licensed my project under a license _I_ agreed with, which is the GPLv2. Others who feel differently can license under their own licenses. Including, very much, the GPLv3.

I'm not arguing against the GPLv3.

I'm arguing that the GPLv3 is wrong for _me_, and it's not the license I ever chose.
http://trends.newsforge.com/article..../02/02/1636216





Pants on fire

DRM Is A Complete Lie

It has never protected a single thing
Charlie Demerjian

DRM IS A LIE. When an agenda driven DRM infection peddler gets on a soapbox and blathers about how it is necessary to protect the BMW payments of a producer who leeches off the talented, rest assured, they are lying to you. DRM has absolutely nothing to do with protecting content, it is about protecting the wallets of major corporations. The funny thing is they aren't protecting it from you, they are protecting it from each other.

Let's look at the shattering success of every DRM solution to date. Every single one has failed. The score card is hundreds if not thousands against, zero for. Name me one song, movie or software title that is DRM infected that has not found it's way to the net within a week of release, usually long before release. There are none. To protect content, DRM is an abject and total failure, and will continue to be.

It also hurts the user - there is no DRM infection that in any way benefits the consumer. It costs more to develop, costs to license, makes hardware more expensive and complex, and screws the user under legitimate uses. It has a negative value to the consumer.

So, it makes content less attractive, less playable, and is legally dubious, so why is the industry hell bent on infecting everything from your prophylactics to your computers? Simple, they want a bigger slice of the pie, and DRM is the way to get it. No, not bigger profit margins, the greedy bastards already do that with each format change, DRM infections are about edging each other out.

Here is the problem, every DRM infection is unique, patented, copyrighted, copywronged, and DMCAd ad nauseum, They protect their code in every way possible, and make it so you have to get their approval to use it. This is all done under the guise of protecting content, but that is a lie. If you are going to steal content, do you think violating another copyright on the DRM mechanism will make you lose more sleep? Not a chance.

If you are a rival company though, you can't really violate such things and get away with it for long, Sony, MS and most people swiping GPLd code are proof of that. So, you have to license it to play ball, or at least play music and movies. That is the true nature of DRM infections, to keep other big greedy companies out.

So, say you are a big immoral record company that see walking wallets, aka customers, as not giving you enough of their hard earned money, some have the gall to buy from other big greedy immoral companies. Bastards! What do you do? Make sure they have a hard time playing things from the other guys.

Let's take a good example of this, the first few generations of Sony's DRM infected failures of an almost MP3 player. Sony decided that its proprietary ATRAC format was better than MP3, and technically it could be, but that is irrelevant. They didn't support MP3s out of the box, but would do a one way conversion if you wanted to put your MP3s on the Walkman. Taking them off was a bit curious though.

Also, if you wanted to buy music, you could go to the wonderful (sarcasm people, sarcasm) Sony connect store, and buy almost anything that Sony licensed artists made. If you wanted a song by a Warner artist, well, tough. Stepping into the land of make believe for a minute, imagine that Time-Warner made digital music players, and lets pretend they have an encoding system and DRM infection called HURT-SCAM. You can buy a TW player and download any HURT-SCAM song, curiously this meant only titles from a Warner artist. If you have a Sony player, it doesn't support HURT-SCAM, and TW players don't support ATRAC.

Now, if this hypothetical TW player wanted to play ATRAC, they could reverse engineer it, and get bitten by the same DMCA laws they bought so many Congresspeople to implement, and the same is true for Sony wanting to implement HURT-SCAM. (Please note, I am not intoning that these companies buy government, remember this is make believe. The US governmental system is immune to such things, just ask them.). Basically, both sides have to license their bitter rivals before they can interoperate.

Now, lets step back into the land of reality. You have ATRAC, FairPlay (har har), Real, WMA, and a host of other DRM infections, and none can play any of the others. If you have a player that can do one, chances are that it can't do any of the others, almost like the license terms preclude it, but it would take someone much more cynical than I to say that. You have enough walled gardens to last a lifetime, and each one is filled with greedy execs trying to wrap their mind around how much money this will bring them. The stakes are high, they each want it all, and want all the others to go away, there is no middle ground.

The enforcement mechanism is quite simply the DRM infection Without DRM, the other guys could invade their garden and do thing that might benefit the user, I mean take away the profits they feel are rightfully theirs. In the mean time every piece of media thus 'protected' is available for download. DRM has done, is doing and will do nothing to stop piracy.

Basically, you and I are the innocent bystanders in this drive by shooting called DRM. The big companies are at war, and we are the casualties. So, they have to send their flying monkeys to sue single moms, 12 year olds and octogenarians to make it appear that they are doing what they say. Bull, they are lying. The sad part is that the public, and worse yet, the governments are listening to them.

The misinformation campaign seems to have sunk in, people don't even question that DRM is about protecting content any more, even though it has never done so. It hurts the users, and hurts the companies making it, but they have their eyes on the big prize. DRM infections are the only way to keep their rivals at bay, lobbing a few bullets at the users is a low price to pay for that.
http://www.theinquirer.net/?article=29161





Libraries Fear Digital Lockdown
Ian Youngs

Libraries have warned that the rise of digital publishing may make it harder or even impossible to access items in their collections in the future.

Many publishers put restrictions on how digital books and journals can be used.

Such digital rights management (DRM) controls may block some legitimate uses, the British Library has said.

And there are fears that restricted works may not be safe for future generations if people can no longer unlock them when technology evolves.

The British Library spends £2m of its £16m annual acquisitions budget on digital material, mainly reference books and journals.

But by 2020, 90% of newly published work will be available digitally - twice the amount that is printed - according to British Library predictions published last year.

Libraries are allowed to give access to, copy and distribute items through "fair dealing" and "library privilege" clauses in copyright law.

But as publishers attempt to stop the public illegally sharing books and articles, the DRM they employ may not cater for libraries' legal uses.

"We have genuinely tried to maintain that balance between the public interest and respecting rights holders," Dr Clive Field, the British Library's director of scholarships and collections told the BBC News website.

"We are genuinely concerned that technology inadvertently may be disturbing that balance, and that would be unhelpful ultimately to the national interest."

The All Party Parliamentary Internet Group is conducting an inquiry into DRM.

In written evidence, the Libraries and Archives Copyright Alliance (Laca) said there were "widespread concerns in the library, archive and information community" about the potentially harmful effects of DRMs.

"We have grave concerns about the potential use of DRMs by rightholders to override existing copyright exceptions," its statement said.

In the long term, the restrictions would not expire when a work went out of copyright, it said, and it may be impossible to trace the rights holders by that time.

"It is probable that no key would still exist to unlock the DRMs," Laca said. "For libraries this is serious.

'Threaten'

"As custodians of human memory, a number would keep digital works in perpetuity and may need to be able to transfer them to other formats in order to preserve them and make the content fully accessible and usable once out of copyright."

In its written submission to the group, the British Library said DRM must not "exert excessive control on access to information".

"This will fundamentally threaten the longstanding and accepted concepts of fair dealing and library privilege and undermine, or even prevent, legitimate public good access."

Fair dealing and library privilege must be "re-interpreted and sustained for the digital age", it added.

Dr Field said: "This is going to be one of the significant challenges for us over the next few years."
http://news.bbc.co.uk/go/pr/fr/-/1/h...gy/4675280.stm





Spyware Tunnels In On Winamp Flaw
Joris Evers

A security bug in Winamp is being exploited by miscreants to install spyware on machines running the media player software, experts have warned.

Earlier this week, security companies warned that attack code for exploiting the flaw was circulating on the Internet. Last week, Sunbelt Software said it had found a Web site hosting a malicious Winamp playlist file. Opening the file loads spyware onto an unwitting user's PC, it said.

"After surfing to a malicious Web site on our test machines, the file 'x.pls' begins to download," Sunbelt's Adam Thomas wrote in a posting on the anti-spyware software maker's corporate blog. "Almost immediately, Winamp starts to execute the play list and remote code execution begins."

The flaw was disclosed on Monday, when Winamp maker Nullsoft, a division of America Online, released an update to fix it. The company posted version 5.13 of Winamp, while Secunia and other security companies issued alerts about the problem. Secunia rated the issue "extremely critical," its highest rating.

"Not following the recommendation from Nullsoft to upgrade to version 5.13 could result in the extremely nasty CWS Looking-For.Home Search Assistant infection as well as an installation of our good friend SpySheriff," Thomas wrote. Antivirus software is not yet detecting this exploit, he wrote.

Home Search Assistant might monitor a user's activity and send out confidential information to its creator, according to Sunbelt's threat database. SpySheriff will display a false warning that the computer is infected with spyware. It then tries to persuade the user to buy a SpySheriff product, according to Sunbelt.

Distributors of adware and spyware often exploit security vulnerabilities in programs to get their applications onto PCs. Makers of such software often pay distributors per installation of the adware or spyware.

The Winamp problem affects version 5.12 of the media player. Earlier versions may also be affected. Late last week, the malicious Web site referred to by Sunbelt, 008k.com, appeared to be offline. The site displayed a message: "Site is closed for abuses."
http://www.zdnetasia.com/news/securi...9310016,00.htm





Apple's In The Eye Of Flaw Finders
SecurityFocus

At the recent ShmooCon hacking conference, one security researcher found out the hard way that such venues can be hostile, when an unknown hacker took control of the researcher's computer, disabling the firewall and starting up a file server.

While such compromises have become common in the Windows world, this time the computer was am Apple PowerBook running the latest version of Mac OS X. The victim, a security researcher who asked to remain anonymous, had locked down the system prior to the conference and believes that a previously unknown exploit caused the compromise. However, in the following weeks, forensics performed on the system did not reveal any clues as to how the PowerBook had been compromised.

"The machine was as hardened as best practices could suggest for anyone," the researcher said. The person who breached the PowerBook used information gathered from the computer to contact a friend of the researcher and bragged about the compromise. "This was not a subtle hack," the researcher stressed.

The compromise underscores a number of trends that has already caused a shift in focus among flaw finders and could result in more attacks on Mac OS X (http://www.securityfocus.com/news/11321). Security researchers themselves have moved over to Apple computers in the past few years and have learned the ins and outs of the operating system. The company's move to Intel-based hardware for its next-generation of Macs also gives flaw finders familiar territory in which to look for bugs. Finally, as Apple continues to garner more market share, the lure of a larger set of targets will make attacks more likely, say security researchers.

"This is almost certainly the year of the OS X exploit," said Jay Beale, a senior security consultant for Intelguardians and an expert in hardening Linux and Mac OS X systems. "The OS X platform may be based on a Unix platform, but Apple seems to be making mistakes that Unix made, and corrected, long ago."

Apple also has been widely criticised for not talking (http://news.com.com/2100-1002_3-5225115.html) about the details of its vulnerability-response process or how it manages security incidents. While Microsoft has the lion's share of security problems - and the Mac OS X hardly any - the Redmond, Wash, based software giant has received high marks (http://www.securityfocus.com/news/11371) from security researchers for its responsiveness, while Apple has often been the focus of complaints (http://www.securityfocus.com/columnists/256).

"On a good day, Apple doesn't even make it to Microsoft's level of security awareness," Beale said.

The company has generally refused to discuss the security of its Mac OS X operating system with the media and declined to comment for this article. The security researcher whose PowerBook was compromised has discussed the issue with Apple but without any conclusions being reached.

Apple has made good decisions regarding the Mac OS X architecture and has had far fewer security problems as a result, said Adam Shostack, chief technology officer for security firm Reflective.

"There are some things that make the Mac more secure," Shostack said. "There is a user model that does not rely on a user running programs in administrator mode. There is no ActiveX in Safari and there is no ActiveX equivalent. That makes it harder to go to a web page and have your Mac compromised."

Yet, the platform is garnering more attention from the experts who search for vulnerabilities. Driven by the cool look of the Mac OS X and the ability to run most Unix and Linux security tools on the system, Apple's operating system has become popular among security researchers.

That popularity could be the reason that the number of vulnerabilities logged in Apple's Mac OS X surpassed the number of vulnerabilities found in Microsoft's Windows XP in 2004 and 2005, according to data from theNational Vulnerability Database (NVD) (http://nvd.nist.gov/). Apple had to contend with 88 vulnerabilities (29 high severity ones) in the Mac OS X in 2005, up from 54 in the prior year, while Microsoft patched 61 vulnerabilities (38 deemed of high severity) in Windows XP in 2005, up from 44 the prior year, according to the NVD. The data does show that fewer of the flaws in Mac OS X were considered severe.

Such numbers always have to be taken with a grain of salt. Differing ways of reporting flaws, different editorial policies on the part of the vulnerability database staff, and differences between what software components are considered part of the operating system all combine to make vulnerability statistics less than authoritative (http://www.securityfocus.com/news/11367).

However, some security researchers speculate that the number of flaws found in the future will increase. Apple's change to the Intel platform will put many security researchers in their comfort zone in dealing with the architecture. While the change will not mean much for application-level vulnerabilities, flaws in the memory architecture or in processor-specific functions could be found more easily, Reflective's Shostack said.

"OS X running on x86 means that the skills that people have developed and a lot of the tools people have created for finding problems, analysing problems, and writing the code to take advantage of them, will work," he said. "They no longer need to learn a different assembler or a different memory architecture."

Finally, the old adage about market share still holds, said Dan Kaminsky, an independent consultant for Doxpara Research. As Macs become more popular, attackers will tend to target the platform more often, he said.

"There just aren't that many Mac users right now," Kaminsky said. "As it gets put on more and more desk tops, it becomes a pretty high-profile target in terms of what is your return on investment for committing an attack against the group."

Ironically, Apple's lack of experience with major attacks might also cause problems for the company and its users, Kaminsky said.

"The reality is that security work does comes from a trial by fire," he said. "And Apple really has not had that experience. It had not had the experience from some 20 years that Unix had and that Linux has absorbed. It has not had the experience that Microsoft had with its summer of worms."

Yet, it's almost certain the experience will come, he said.
http://www.theregister.co.uk/2006/02...vulnerability/





Millionaire on Hacking Charge
Sophie Kirkham

MATTHEW MELLON, heir to a £6.6 billion banking and oil fortune, will appear in court next month in connection with an investigation into an alleged phone-tapping and computer hacking gang.

The former husband of Tamara Mellon, who runs the Jimmy Choo shoe empire, will appear alongside 17 other defendants accused of involvement in the operation, which allegedly provided clients with confidential information about wealthy people and businesses.

Following a tip-off from BT, Scotland Yard has conducted a long investigation into a private detective agency run by a former policeman which it believed was bugging phone calls.

It is now alleged the group was also hacking into NHS computers to access confidential medical files to blackmail people, spying on police and bugging their phone calls to get information. There are also several charges of falsifying invoices.

One of the group is said to have taken BT overalls, a reflective jacket and tools, along with a BT works barrier and stool, and a shirt from NTL, another other telecoms company.

A regular on the London social scene and close friends with Elizabeth Hurley and Hugh Grant, Mellon, 41, inherited a £14m trust fund at the age of 21. He now has a fortune put by The Sunday Times Rich List at £50m. His family is held in the same regard in America as the Rockefellers, Vanderbilts and Astors.

He met Tamara Yeardye in 1998. The couple’s marriage in 2000 at Blenheim Palace took up eight pages in American Vogue and the bride wore a Valentino wedding dress encrusted with diamonds. More than half the guests were said to be wearing Jimmy Choos.

The Mellons spent several years as a golden couple of London society often appearing in magazine pages and at charity functions. In 2002 they had a daughter, Araminta. But the marriage fell apart amid revelations of Mellon’s cocaine habit, which he is said to have battled in the 1990s, and the couple went through an acrimonious divorce last year.

After the marriage ended Tamara, who is now worth £60m in her own right, began seeing Oscar Humphries, the son of Barry, creator of Dame Edna Everage. Mellon has recently said he was planning a change in career from working as chief designer for Harry’s, an upmarket men’s shoe company he launched five years ago — he has tried his hand at film producing in the past.

He remains a colourful figure on the social scene — his hobbies are said to include nude jet skiing — and he has had a string of celebrity girlfriends since his marriage break-up. He is currently seeing Noelle Reno, a 24-year-old actress.

Mellon, who lives in Belgravia, London, is charged with conspiracy to cause unauthorised modification of computer material.

Also in the dock at Bow Street magistrates’ court in February will be another wealthy businessman, Adrian Kirby, who made his money from waste disposal units. Kirby, 47, of Haslemere, Surrey, has a fortune put at £65m by the Rich List.

He is charged with conspiracy to intercept communications unlawfully, unauthorised modification of computer material and perverting the course of justice.

Former Essex police officer Scott Gelsthorpe, 31, of Kettering, Northamptonshire, is facing 15 charges.

The suspects, 17 men and one woman, come from southern England, Lincolnshire and France and are said to have committed the offences between July and September 2004. They will appear before magistrates on February 23.
http://www.timesonline.co.uk/newspap...015469,00.html





A Detective to the Stars Is Accused of Wiretaps
David M. Halbfinger and Allison Hope Weiner

Anthony Pellicano, the deposed detective to the stars, masterminded a sprawling wiretapping ring that helped his clients gain an advantage in disputes with opponents including actors, reporters and talent managers, federal prosecutors said on Monday.

Prosecutors said that among the people who had been illegally wiretapped or subjected to criminal background checks were the actors Sylvester Stallone, Keith Carradine, Garry Shandling and Kevin Nealon; a Hollywood reporter for The New York Times; and managers of the Creative Artists talent agency.

On Monday, prosecutors unsealed a 110-count indictment that accused Mr. Pellicano, along with a former phone company worker, a former Los Angeles police officer and four others with crimes that include racketeering and conspiracy, wiretapping, identity theft, witness tampering and destruction of evidence. The charges are the latest in what are expected to be continuing waves of charges stemming from the three-year investigation.

Not named in the indictment were any of the top Hollywood lawyers who frequently retained Mr. Pellicano as an investigator, and whose entanglement in a criminal case could send shock waves throughout the entertainment industry.

But the government indictment strongly suggested that those who retained Mr. Pellicano were not entirely unaware of his actions. Mr. Pellicano was hired, the indictment said, "for the purpose of implementing illegal wiretaps," and gave his clients the contents of recorded conversations, which they used for several purposes "including securing a tactical advantage in litigation by learning their opponents' plans, strategies, perceived strengths and weaknesses, settlement positions and other confidential information."

Indeed, prosecutors said at a news conference that the investigation was continuing, and indicated that the indictment, which was returned last Wednesday, had been timed to coincide with the end of Mr. Pellicano's prison sentence on firearms and explosives charges. He was to have been freed on Saturday.

According to the prosecutors, Mr. Pellicano, now 61, ran a well-oiled and highly lucrative operation for digging up dirt on adversaries. Beginning in 1995, they say, he paid a computer programmer, Kevin Kachikian, 41, to develop software he called "Telesleuth" to convert audio into digital signals that could be recorded on a computer. They say he also paid two Pacific Bell workers, Rayford Earl Turner, 49, and Teresa Wright, to provide the telephone records of his targets and to help him secretly install wiretaps on their phone lines.

And beginning in 1997, prosecutors said, he bribed a Los Angeles police officer, Mark Arneson, 52, and a Beverly Hills police officer, Craig Stevens, 45, to check confidential law enforcement databases for criminal histories and driving records. Mr. Stevens and Ms. Wright previously pleaded guilty in the case; the others were charged Monday.

Three clients of Mr. Pellicano's were also named in Monday's indictment. Robert Pfeifer, 50, the former head of Hollywood Records, was accused of hiring the detective to investigate and wiretap a former girlfriend, Erin Finn. And two brothers, Abner Nicherie, 42, and Daniel Nicherie, 45, both of Las Vegas, were accused of paying him to wiretap a wealthy entrepreneur, Ami Shafrir, who had accused them of looting his family's assets in an elaborate business fraud. Mr. Pfeifer was arrested on Friday; Abner Nicherie was arrested Monday at his home, and Daniel Nicherie was already in federal custody on separate charges of defrauding Mr. Shafrir.

In addition to the criminal charges, the government is seeking forfeiture of at least $1.9 million that Mr. Pellicano and his cohort were paid for their work.

The case against Mr. Pellicano arose when a reporter, Anita Busch, was threatened in 2002 while pursuing an article for The Los Angeles Times about the actor Steven Seagal and his relationship with a mob figure. A tip from an informer led the F.B.I. to a convicted felon, Alexander Proctor, who was recorded saying he had been hired by Mr. Pellicano to stop Ms. Busch's reporting.

That November, after Ms. Busch discovered that her phone had been tapped, investigators raided Mr. Pellicano's office, seizing computer files with nearly two billion pages of notes and transcripts of wiretaps.

In a contentious bail hearing Monday, Daniel A. Saunders, the lead prosecutor, charged that Mr. Pellicano was a flight risk. He said Mr. Pellicano had met with his girlfriend, Sandra Will Carradine, as recently as January and asked her to flee with him should he be let out on bail.

Mr. Pellicano's lawyer, Steven F. Gruel, argued that the prosecution was merely trying to pressure Mr. Pellicano to become a government witness. But Magistrate Judge Stephen J. Hillman ordered Mr. Pellicano detained without bail.

Ms. Carradine, who pleaded guilty to perjury last month, is now a cooperating witness. She is also the ex-wife of Keith Carradine, the actor, and she had hired Mr. Pellicano in connection with their divorce. Both Mr. Carradine and his girlfriend, Hayley DuMond, were among the people whom Mr. Pellicano had run through government databases, prosecutors say.

The list of those victims, in fact, may provide something of a road map to the continuing investigation. Among the Los Angeles area lawyers who used Mr. Pellicano in cases in which the government has said he committed crimes are Bert Fields, the late Edward L. Masry and Daniel Davis.

Mr. Fields represented Brad Grey, the former talent manager and current chairman of Paramount Pictures, in litigation against Mr. Shandling and also against Bo Zenga, a screenwriter. Mr. Zenga was wiretapped, and he, his wife, his brother, his lawyer, a witness in the case and her girlfriend, and another witness were all subjected to criminal checks, prosecutors said.

Mr. Zenga's lawyer, Greg Dovel, said he had been shown transcripts of his own conversations with Mr. Zenga by F.B.I. agents. "It's like somebody was writing down the important parts of the conversation and highlighting them," he said. "It's like a summary you would pass to a lawyer working on the case."

Mr. Fields also represented Kenneth Starr, a business manager who is not related to the former special prosecutor and who was sued by his former client, Sylvester Stallone, on Feb. 14, 2002. That month, prosecutors say, Mr. Pellicano wiretapped Mr. Stallone.

Mr. Fields also represented a New York hedge fund manager involved in litigation against Aaron Russo, a Hollywood producer, who was wiretapped and whose family was run through criminal databases. Another alleged victim of Mr. Pellicano, Jude Green, was involved in a bitter divorce case in which Mr. Fields's firm represented her husband.

Several others who are said to have been victims of Mr. Pellicano were involved in adversarial relationships with Michael S. Ovitz, the former head of Creative Artists Agency and president of Disney, who later formed Artists Management Group. Mr. Ovitz's heirs at Creative Artists took his re-entry into the business as a betrayal and refused to share clients, and Mr. Ovitz was forced to sell Artists Management. During that dispute, Bryan Lourd and Kevin Huvane of Creative Artists were run through criminal databases, prosecutors say.

At the time, Bernard Weinraub, a New York Times reporter, and Ms. Busch, then a freelance writer, were collaborating on stories about Mr. Ovitz's troubles at Artists Management. On May 16, 2002, prosecutors say, Mr. Pellicano had his police informants run both Mr. Weinraub's and Ms. Busch's names through criminal databases.

Also in May 2002, Mr. Pellicano ran criminal checks on Arthur Bernier, a former Artists Management executive who had sued the firm a month before; and James Casey, who sued Artists Management in March of that year to collect a finder's fee for a Boston Celtics star and client of the firm, Paul Pierce.

A former Artists Management counsel, James Ellis, said that Mr. Pellicano was one of several investigators recommended by an outside lawyer to investigate Mr. Bernier and Mr. Casey, but that the company knew nothing of his activities.

"This is the first we've heard that he actually did this," Mr. Ellis said. As for the checks on Mr. Weinraub and Ms. Busch, Mr. Ellis said, "That wasn't done at our direction."

The late Mr. Masry was tied to the case, prosecutors said, by Kissandra Cohen, a former employee who sued him for sexual harassment, and who was wiretapped by Mr. Pellicano; and by Bilal Baroody, a onetime client who later sued Mr. Masry for malpractice after losing $400,000, and who was checked out by Mr. Pellicano's police informants.

Mr. Davis, a criminal lawyer, represented a man accused of manslaughter in the death of Sandra Rodriguez in May 2001. Mr. Pellicano is suspected of having run checks on Ms. Rodriguez in August 2001. Mr. Davis also represented an accused rapist, and Mr. Pellicano illegally ordered up criminal checks on five of the accusers, prosecutors say.
http://www.nytimes.com/2006/02/07/bu...pellicano.html





15 Million Malicious Websites
Jimmy Daniels

Okay, here’s notice that the problems in the internet are not getting better, they are getting worse, Websense announced in a press release that their database of websites that contain malicious code, peer to peer file sharing, spyware, phishing, and 80 some other categories of “bad stuff” has increased to over 15 million. 15 million websites our children could easily surf into, or we could surf into, that would try to take advantage of us somehow. This contradicts the study from Washington University I posted about here, but, that study was just a sample that grabbed data from some websites, it was not a massive undertaking like this one.

The Websense Master Database is the most accurate, up-to-date database in the industry. Recent increases to the Master Database reflect the continual growth of the internet as an attack vector by today’s cyber-criminals. The Websense database reached 10 million sites in May 2005 and quickly grew to 15 million sites within approximately eight months. Today, the database includes more than 90 categories, such as spyware, phishing and peer-to-peer (P2P) file sharing, which organizations can use to protect employees against malicious internet sites as well as set flexible filtering policies for employee web usage.

“Websense has more than 10 years of specialized internet mining expertise, and the growth that we have seen over the past year in malicious content has been astonishing,” said Patrick Swisher, director, database operations for Websense, Inc. “As our knowledge of the internet continues to increase, so does our ability to create more sophisticated processes to classify these types of high-risk sites and provide our customers with greater protection. Our award- winning software has the ability to proactively discover and immediately protect our customers against the most ominous web- based threats such as spyware, bots, phishing attacks, viruses and crimeware.”

During 2005, software vulnerabilities were increasingly exploited by malicious websites hosting malcode, and the Websense Master Database’s security-related categories reflect this growth. For example, since February 2005, spyware-related websites have increased from approximately 48,000 sites to more than 130,000 today — a 170 percent upsurge. In addition, during the same time period, phishing and other fraudulent websites have grown approximately 271 percent from 7,270 to more than 27,000 sites.

To maintain database accuracy, Websense purges dead website links from the database on a daily basis, and to date has removed nearly four million dead links. This is of particular importance for internet categories that represent web security risks, such as phishing or fraud-based websites, which have a short life span. Phishing websites are currently online for an average of less than six days and the underlying IP addresses associated with those websites change frequently. Source: PRWeb.

Some highlights, Malicious websites grew more than 3,900 percent, P2P websites had a 50 percent increase, and Keyloggers more than doubled in growth.

We Say: This is a lot more accurate than the Washington study as that one was just a sample, in that study they only crawled 18 million url’s, while this one analyzes more than 75 million sites a day for malicious code. They also have a global honey pot, meaning, unprotected computers that are there just to be taken advantage of, exploited, etc, like a normal users computer and to discover MMC(Mobile malicious code), new Trojan horses, keyloggers and blended threats. They have also removed over 4 million websites from the list, because lots of these websites don’t stay live very long, they move from url to url, trying to infect us.

As Sergeant Phil Esterhaus from Hill Street Blues used to say, Hey, let’s be careful out there.
http://www.realtechnews.com/posts/2648





Internet Draws Ire Of New York Consumers

The Internet has passed credit and banking as the biggest source of consumer complaints in New York state, Attorney General Eliot Spitzer said Wednesday.

Spitzer's office received 7,723 complaints about the Internet last year, up 28 percent from 2004, he said.

Complaints about the Internet accounted for about 15 percent of the more than 51,000 written complaints the office received last year.

Typical Web-related complaints involved computer spyware and spam, nondelivery of goods, and incorrect charges for shipped goods, Spitzer said.

Credit and banking complaints, involving such things as credit cards, identity theft, debt collection and credit reporting, generated 6,164 complaints in 2005, while automobile-related complaints totaled 5,514.

In 2004, credit and banking generated 6,724 complaints, followed by 6,255 related to automobiles and 6,013 related to the Internet, Spitzer said. There were nearly 55,000 reported complaints overall.

Spitzer is a 2006 Democratic gubernatorial candidate in New York. He announced the statistics as part of National Consumer Protection Week.
http://news.com.com/Internet+draws+i...3-6036741.html





MP3 Inventor Fraunhofer Makes Tool To Fight Music Piracy

Using digital watermarking technology
John Blau

The Fraunhofer Institute has developed prototype technology to help curb the sharp rise in online music piracy, which ironically has been enabled through another invention of the renowned German research group: MP3 audio compression.

Researchers at the Fraunhofer Integrated Publication and Information Systems Institute have successfully tested a software system, based on the group's own digital watermarking technology, for tracking pirated audio files in P2P (peer-to-peer) filesharing networks, said Michael Kip, a spokesman for the institute.

Kip referred to the Fraunhofer approach as an alternative to DRM (digital rights management) systems, which he said require special players and are prone to hacking.

While watermarking technology isn't new per se, this is the first time it has been used in a system to automatically track pirating in P2P networks, according to Kip.

The system lets content providers, such as music studios, embed a watermark in their downloadable MP3 files. Watermark technology makes slight changes to data in sound and image files. For instance, the change could be a higher volume intensity in a tiny part of a song or a brighter colour in a minuscule part of a picture. Even the best-trained human eyes and ears, according to Kip, can't detect the change.

The digital media watermark used in the Fraunhofer system also contains a 'hash value', which creates a link between the content provider and registered purchaser. "The hash value is like a fingerprint; it contains unique information about the user," Kip said. "The software we've developed can automatically search for fingerprints."

The Fraunhofer approach differs from others in that it doesn't monitor the individuals who illegally download music but rather scans for content that has been illegally uploaded.

"If, for instance, you purchase and download a CD, burn a copy and give it to a friend and that person puts it on a filesharing network, our system will trace that music back to you and, depending on the legal system of the country you're in, you could be [hit] with an expensive fine," Kip said. "This could certainly help deter online music piracy."

Fraunhofer envisions the prototype software as an application that content providers can install on their own servers for automatically monitoring P2P networks around the clock.

The institute will demonstrate the technology next month at the CeBit trade show in Germany.

Asked if widely used MP3 technology isn't partly to blame for online music piracy, he said: "Yes and no. You can use a knife to cut bread or kill someone. It's a tool that can be misused."

Research on compression of music files was conducted in the 1980s by a team of scientists at the Fraunhofer Institute for Integrated Circuits. Their development, the Mpeg1 Layer 3 algorithm, was first shortened to Mpeg Layer 3 and later to MP3.
http://www.pcadvisor.co.uk/news/index.cfm?newsid=5671





China Swoops On 'Unhealthy' Sites
Correspondents in Beijing

CHINESE regulators closed down more than 2,000 websites last year because they had too much sex, violence or politics, state media reported.

The crackdown was part of a nationwide campaign to eradicate the distribution of pornography and other illegal activities, the Beijing Morning Post said.

The paper referred to the websites as "unhealthy," a word describing a broad range of illegal content including pornography, excessive violence and sensitive political or religious issues.

China has stepped up its policing on the internet in recent months in a bid to stem what it sees as an unhealthy influence on the young.

The General Administration of Press and Publication said in November it had already issued warnings to 53 websites that provide downloads for pornographic games.

In September, the Chinese government announced revised internet rules that required internet operators to re-register their news sites and police them for content that could "endanger state security" and "social order".

Any content that "harms national security, reveals state secrets, subverts political power, (and) undermines national unity" is also banned.

The regulations further prohibit posts that "instigate illegal gatherings, formation of associations, marches, demonstrations or disturb social order".
http://australianit.news.com.au/arti...-15319,00.html





Internet Lions Turn Paper Tiger in China
Tom Zeller Jr.

LET'S play "What if?"

What if the Chinese authorities didn't simply force Google to exclude sites like hrw.org (the Human Rights Watch Web site) and lesbian.com from the Chinese version of its search engine results, or insist that Yahoo hop to whenever the government fancied the identity of one of its e-mail users, as the authorities have done?

What if they also stipulated that the chief executive of any Internet company doing business in China had to have "Mao Zedong — Luv U 4 Eva" tattooed across his back? Would the companies leave China?

The scary thing is, one might reasonably chew on that question longer than this one: What if Chinese law required Internet companies to reveal the identities of all users who forwarded really bad e-mail jokes, lame chain letters or any messages containing the terms "free speech," "Tiananmen Square" or "Super Freak," because such activities carried a 10-year prison term?

"With all due respect to the memory of Rick James, the king of funk," an executive might say, "we must abide by the laws of the countries in which we operate."

And what if — as a mark of good faith for being permitted to do business in what any rational observer has to admit is now the most tantalizing Internet and technology market on the planet — an executive from each company were required to assist, mano a mano, in the beating of an imprisoned blogger?

Nothing too strenuous, but you would have to make like you meant it.

What if no one had to know? They never would, right?

Yes, it's an all too easy and not entirely fair game to play. The issues on the ground in China are complex, and there are plenty of people who believe that Bill Gates is right when he says, as he did last week when discussing the matter at a Microsoft-sponsored conference in Lisbon, that "the ability to really withhold information no longer exists."

That is to say, Microsoft or Google may agree to censor this or filter that, but in the end, censorship is no match for human ingenuity and the endless ways for the Internet to provide workarounds. "You may be able to take a very visible Web site and say that something shouldn't be there," Mr. Gates said, "but if there is a desire by the population to know something, it is going to get out."

But even if that's true, Western technology companies have only themselves to blame if users in the free world quickly ask when Shi Tao, the journalist whose name Yahoo gave to Chinese authorities and who subsequently was sentenced to a 10-year prison term, will be released. Or that people use what-ifs to ponder the moral limits of saying that local law is local law.

That's partly because it is only recently that any of the players have made any genuine efforts at transparency in their dealings with China.

Two weeks ago, Google took the bold step of plainly admitting that it was entering the Chinese market with a censored search product, tweaked according to government specifications. Then last week, Microsoft announced new policies that would enable it to honor a government's demand to shut down a citizen's blog (as happened five weeks ago with a popular MSN blogger in Beijing) while still keeping the blog visible outside of China.

But these are small victories, said Julien Pain of the group Reporters Without Borders, which tracks Internet censorship in China, not least because the companies "seem now to accept censorship as a given, and have simply decided to be transparent about it."

Still, to many, it signaled progress.

And yet all four American companies with P.R. baggage in China — Cisco, Yahoo, Microsoft and now Google — were no-shows at a hearing last Wednesday of the Congressional Human Rights Caucus. At least three of the companies submitted written statements defending their activities in China, but their absence only added to their image problem, as headlines like "Tech Firms Snub Feds" and "Google Stiffs Congressional Caucus" bounced around the blogosphere.

And thus, the months of what came off as appeasing Beijing and engaging in mealy-mouthed image management at home seem to have taken a toll — most recently, and perhaps most pointedly, on Google.

It is telling, to say the least, that the darling of so many technophiles — which promised to "do no evil" — is now on the receiving end of spontaneous boycotts, with disillusioned search-lovers looking for alternatives. These signs of lost innocence also show that the race for China may soon offer a selling point to companies that don't cooperate with repressive regimes.

"Today, I know you don't deserve me," wrote one visitor to NoLuv4Google.org, a site where users can "break up" with Google and officially boycott the search giant on Valentine's Day, Feb. 14. "You betrayed my love and trust. I have been with you for so many years. Now, we are through! FOREVER. I am gonna hook up with IceRocket."

IceRocket is one of several search alternatives listed at NoLuv4Google.org, which is run by a group called Students for a Free Tibet. Clusty.com, a search site developed by several Carnegie Mellon computer scientists, is another. Clusty proudly states that it "never censors search results" or excludes material "that would be objectionable to governments or would be unlawful in unelected, nondemocratic regimes."

In an e-mail message, Mark Cuban, IceRocket's founder, put it more bluntly: "IceRocket doesn't and won't censor. We index more than one million Chinese-language blogs. No chance we censor or block anything in this lifetime."

Even David Pinto, who owns the popular — and wholly apolitical — site BaseballMusings.com, has ceased taking income from Google ads. "I was no longer comfortable taking money from them," he said. That's the sort of apple-pie protest that American companies can't ignore.

On Feb. 15, the House subcommittee on Global Human Rights will hold hearings on the whole topic, and all four companies — Cisco, Yahoo, Google and Microsoft — are expected to attend, given that the committee, unlike the caucus, could muster subpoenas if it wanted. The companies will presumably explain that they can't be dogmatic on censorship when doing business in China, and that if American Internet companies don't do business in China, change will never come there.

These are hard arguments to dismiss, but so, too, are the what-ifs. One that ought to be on the mind of the companies as they come before Congress might be this: What if, years from now, the Great Firewall of China comes tumbling down and the full extent of your arrangements with the Chinese regime becomes known?

"One day, people in China may be able to see the records of conversations between multinational tech companies and the Chinese authorities," wrote Rebecca MacKinnon, a research fellow at the Berkman Center for Internet and Society at Harvard Law School, in her blog at Rconversation.com.

"What were the exact terms of the deals? Who made them? In what context did these conversations take place?" Ms. MacKinnon wrote. "I expect the revelations won't be too flattering for the companies concerned."
http://www.nytimes.com/2006/02/06/te...gy/06link.html





Yahoo Is Accused of Aiding China in Case of Jailed Dissident
Mark Magnier

BEIJING — In a development expected to put more pressure on foreign high-tech companies operating in China, a free-speech group Wednesday accused Yahoo of providing information to the Chinese government that helped it arrest and imprison a cyber-dissident in 2003.

The report by Paris-based Reporters Without Borders said Chinese court documents showed that Yahoo helped authorities identify Li Zhi through his e-mail address and user name.

The former civil servant from Dazhou in southwestern China was sentenced in December 2003 to an eight-year term for "inciting subversion" after posting essays detailing local corruption.

Yahoo officials were not immediately available for comment. The company has acknowledged handing over such information in the past, saying it must obey the laws of the countries in which it operates.

In September, Reporters Without Borders accused Yahoo of providing information that led to last year's 10-year prison term for Chinese journalist Shi Tao.

The group called on Yahoo to release a list of all cyber- dissidents about whom it had given information to Chinese authorities. "How many more cases are we going to find?" the group said in a statement.

Yahoo, Microsoft, Google and Cisco are under growing pressure over their business practices in China.

The four companies have been asked to appear at a congressional hearing next week to address the ethical responsibilities of Internet firms.

Critics say the companies are cozying up to a police state in their headlong quest for profits. The companies say they are only complying with the law.

Microsoft has shut down a popular blog in China, and Google and Yahoo have filtered their Chinese search results in accordance with Chinese government policy.

Cisco has provided equipment used to filter information.

Free-speech groups predicted that more disclosures detailing cooperation with government censors were likely to surface.

"This will add to the pressure on these companies to be more transparent," said Abi Wright, Asia program coordinator with the New York-based Committee to Protect Journalists, which gave Shi an award last year. "User trust is such an important part of their business, and this goes to the very heart of that trust issue."

Companies are under shareholder pressure to enter the China market, which has 100 million Internet users, second only to the United States.

But their compliance with tough Chinese restrictions has threatened to alienate some of their core U.S. and European users, who see this as a break with basic free-speech principles.

"All companies are coming to realize that doing business in China brings benefits but some pretty heavy baggage and costs," said Michael Geist, a professor of Internet and e-commerce law at Canada's University of Ottawa.

"This is very troubling to a lot of people," he said.

Reporters Without Borders reported that 49 cyber-dissidents and 32 journalists were in prison in China for posting articles and criticism of authorities on the Internet.
http://www.latimes.com/technology/la...ck=1&cset=true





FAQ: When Google Is Not Your Friend
Declan McCullagh

Google's recent legal spat with the U.S. Department of Justice highlights not only what information search engines record about us but also the shortcomings in a federal law that's supposed to protect online privacy.

It's only a matter of time before other attorneys realize that a person's entire search history is available for the asking, and the subpoenas begin to fly. This could happen in civil lawsuits or criminal prosecutions.

That type of fishing expedition is not legally permitted for Web mail providers. But because search engines are not fully shielded by the 1986 Electronic Communications Privacy Act--concocted back in the era of CompuServe and bulletin board systems--their users don't enjoy the same level of privacy.

"Back then, providers were very different animals than they are now," says Paul Ohm, a former Justice Department attorney who teaches computer crime law at the University of Colorado at Boulder.

Two solutions are simple to describe, but not likely to happen. First, search engines could voluntarily--or be required by law to--delete search histories after a few months unless the customer objects. Second, federal law could be amended to make it clear that search engines, which serve as a window to the Internet, are fully protected.

CNET News.com has surveyed Google, Microsoft, Yahoo and AOL to find out their privacy practices, and assembled these answers to frequently asked questions.

Q: Does Google collect and record people's search terms whether they're logged in or not?
Yes. Google confirmed this week that it keeps and collates these results, which means the company can be forced to divulge them under court order. Whether Google does anything else with them is another issue.

Given the Department of Justice's recent subpoena to Google, it's likely the police or even lawyers in civil cases--divorce attorneys, employers in severance disputes--eventually will demand that Google, Microsoft, Yahoo, AOL, and other search engines cough up users' search histories.

Q: Has this happened before?
Almost. A North Carolina man was found guilty of murder in November in part because he Googled the words "neck," "snap," "break" and "hold" before his wife was killed. But those search terms were found on Robert Petrick's computer, not obtained from Google directly.

Also, attorneys have already begun introducing searches conducted on Google, Yahoo and AltaVista as evidence.

Q: When I use search engines, I type in a lot of search terms I consider private. What does this mean?
We go into all the details below. But the short answer is that when private companies collect reams of data all the time on nearly every American, and the government and curious attorneys can get to that with few obstacles, this becomes a problem. Search engines provide a look into people's personal lives, and privacy awareness has not kept pace.

Q: Aren't there any privacy laws that protect us?
Not really. There is a federal law called the Electronic Communications Privacy Act. But it was enacted in 1986, long before politicians knew about the Internet, and the wording doesn't prevent police and attorneys from targeting search engines.

Politicians wrote that law in a way that is technology-specific--one key part revolves around the meaning of the pre-Internet term "processing services"--instead of adopting a more flexible approach that would grow with technology. Some states may have laws that are more applicable.

Q: Why does Google store that information about me, anyway?
No law requires Google to delete it, and there are some business justifications for keeping it.

For instance, keeping detailed records can help in identifying click fraud (faking clicks on Web ads to drive up a rival's cost), and in optimizing search results for different geographic areas. Compiling a user profile can aid in tailoring search results in products like Google Personalized Search. Also, disk storage is cheap, and engineers tend to prefer to keep data rather than delete it.But it's hardly clear that a compelling reason exists for keeping older records--beyond a few months--unless a customer voluntarily chooses options like personalization.

Q: Does that mean Google has the technical ability to link a person's searches together and divulge them when legally required?
Yes. Google says in its FAQ that it records Internet address, date, time, browser type, operating system and a cookie ID.

Author and entrepreneur John Battelle received word from Google this week that the company can perform two important types of matches. (We confirmed this with Google and followed up with additional questions.)

First, given a number of search terms, Google can produce a list of people (identified by Internet address or cookie) who searched for a given term. Second, given a collection of Internet addresses, Google can produce a list of the terms searched by the user of a given address. That effectively creates an electronic dossier of an individual.

Q: What about other search engines?
We surveyed AOL, Microsoft and Yahoo as well. Microsoft and Yahoo gave us the same response as Google did.

AOL's was a little different. Spokesman Andrew Weinstein said AOL could provide a list of search terms typed in by a user. But AOL does not have a system in place to perform the opposite mapping, which would find out what users typed in which search terms. Weinstein also said that AOL deletes personally identifiable search data after 30 days, which makes it unique among the quartet we surveyed.

Q: What about links people click on from search engine results? Can that information be turned over too?
Yes. Through a process known as redirection, Yahoo and AOL record what links people click. Unless the companies discard these records, they would be fair game for a subpoena.

Q: Let's say the Bush administration wanted to obtain a list of the names or Internet addresses of anyone who typed "how to grow marijuana" or "how to cheat on income taxes" into Google. Could that be done?
Probably. If the Electronic Communications Privacy Act does not apply, all that's required is a subpoena from a prosecutor, and no prior approval from a judge is necessary. One Harvard law professor calls the subpoena power "akin to a blank check."

"The threshold rule is relevance," says Paul Ohm, the University of Colorado law professor. "Relevance has been quite broadly construed. As long as you can show that something's relevant to a case or criminal investigation, I think the litigant would have a pretty good argument."

Using the examples of finding out who did searches like "how to make meth" or "how to kill the president," Ohm says prosecutors "would have a very good argument that it's relevant to an investigation."

Q: How can I protect my privacy from search engines?
First, to protect your privacy if your computer is stolen, you can clear your browser's history (sometimes called "private data"). In Firefox, select that option from the Tools menu and delete your browsing history and saved form information. Apple Computer's Safari has a similar option under the History menu. Encrypting your hard drive through OS X's FileVault or PGP's Whole Disk Encryption may be a good idea.

Second, you can clear the cookies that are set by search engines. In Firefox, go to Preferences and select Privacy. You have the option to delete cookies and even prevent certain sites from ever setting them again. Be warned, though, that adding Google.com to the list may prevent using options like personalization or Gmail.

Third, if you're really worried, go to Anonymizer.com and sign up for one of its anonymous browsing options (they're primarily for Windows users). Tor is another option.

Danny Sullivan has posted a more extensive list of recommendations at SearchEngineWatch.com.

Q: Is Congress going to do anything?
Rep. Ed Markey, a Massachusetts Democrat, has pledged to introduce legislation to prevent storing search terms "beyond a reasonable period of time."

There are some political and practical problems with this approach. First, Markey is a liberal Democrat in a town controlled by Republicans, so his proposal isn't going anywhere. Second, any such law could be wildly disruptive--it could mean class-action lawyers would get rich suing tech companies on charges that their data-retention duration is not "reasonable."

Finally, it's hardly clear that the Bush administration will embrace such a proposal--search terms could prove useful in criminal prosecutions, and the Justice Department seems to like the ability to demand them from search engines.

Q: How are Internet addresses handed out? Do people always have the same one?
It depends. Many DSL and cable modem providers allocate Internet addresses only when they're in use (the methods are called DHCP and PPPoe). Those IP addresses can change frequently.

Other IP addresses tend to be fixed. Faculty and staff members at universities, and employees of corporations, are more likely to have fixed Internet addresses.

Q: If Google knows I'm connecting from a dynamically assigned Internet address of 192.1.1.1 one day, and 192.2.2.2 the next day and 192.3.3.3 the third, how can it link my queries together to create that dossier?
This is where "cookies" come in. A cookie is simply a device for a Web site to recognize people the next time they return. Google, Yahoo, AOL and Microsoft all set cookies by default. (Microsoft's expire in 2016; Yahoo's in 2010; Google's in 2038. AOL sets a third-party cookie that expires in 2011.)

In the above example, Google.com would set a cookie for whoever's connecting from Internet address 192.1.1.1 the first day, and then figure out that the same Web browser is connecting from 192.2.2.2 and 192.3.3.3 the next two days. If people are logged in to their Google account, this makes the process even easier, of course.

Q: Even if a search engine company knows my Internet address is 192.1.1.1, and links my previous searches together, how can they--or the government--get my name, home address or other information?
If you have a Google account for products like Gmail, Google Groups, Personalized Search or Google Alerts, Google knows your e-mail address and other personal information, which it can be forced to disclose. If a Web publisher signs up for Google AdSense for advertising revenue, Google will have the publisher's real name, mailing address and Social Security Number.

If a person doesn't use any other Google services, all the company can divulge in response to a subpoena is that person's Internet address. Then whoever's asking about the person will send a second subpoena to the person's Internet service provider to find out billing information. This is a relatively straightforward procedure used by the Recording Industry Association of America (RIAA) in thousands of file-swapping lawsuits.

Q: Has anyone ever sent search engines a subpoena or other kind of legal request for someone's search terms?
We don't know. Google and Yahoo refused to answer the question, though there is no law prohibiting them from doing so.

AOL said only that the Electronic Communications Privacy Act would apply. Microsoft was by far the most forthcoming. With the exception of the Justice Department subpoena for search terms (without user identities) last year, Microsoft said it has "not received either criminal or civil requests related to MSN Search data."

Microsoft also said it "has never received either criminal or civil requests" to produce the lists of people who typed in a search term. Oddly, the other companies were not nearly as open.

Q: How long do companies keep records of my search terms?
Microsoft, Google and Yahoo all said they keep data as long as it's necessary, which could mean forever. Microsoft did add that the company is "looking at ways" to provide users with the option to delete their search histories, and Yahoo made a similar statement.

AOL, on the other hand, says it deletes personally identifiable data after 30 days.

CNET News.com's Elinor Mills contributed to this report.
http://news.zdnet.com/2100-9588_22-6034666.html





Rumours Mount Over Google's Internet Plan
Benjamin Cohen

Google is working on a project to create its own global internet protocol (IP) network, a private alternative to the internet controlled by the search giant, according to sources who are in commercial negotiation with the company.

Last month, Google placed job advertisements in America and the British national press for "Strategic Negotiator candidates with experience in...identification, selection, and negotiation of dark fibre contracts both in metropolitan areas and over long distances as part of development of a global backbone network".

Dark fibre is the remnants of late 1990s internet boom where American web companies laid down fibre optic cables in preparation for high speed internet delivery. Following the downturn in the technology sector during the early 2000s, the installation process for many of these networks was left incomplete. This has resulted in a usable network of cables spread across the United States that have never been switched on. By purchasing the dark fibre, Google would in effect be able to acquire a ready made internet network that they could control.

Late last year, Google purchased a 270,000sq ft telecom interconnection facilities in New York. It is believed that from here, Google plans to link up and power the dark fibre system and turn it into a working internet network of its own.

It was also reported in November that Google was buying shipping containers and building data centres within them, possibly with the aim of using them at significant nodes within the worldwide cable network. "Google hired a pair of very bright industrial designers to figure out how to cram the greatest number of CPUs, the most storage, memory and power support into a 20- or 40-foot box<" Robert Cringely wrote. "The idea is to plant one of these puppies anywhere Google owns access to fiber, basically turning the entire Internet into a giant processing and storage grid."

Google has long been rumoured to be planning to launch a PC to retail for less than $100. The Google computers are likely to be low-grade machines that require a connection to Google to be able to perform functions such as word processing and spreadsheet manipulations. While using the computers, it is understood that consumers will be shown personalised advertising from the company's AdWords network.

The various reports prompted analysts Bear Stearns to note last year: "We think Google could be experimenting with new hardware endeavours that could significantly change potential future applications by Google, creating another advantage for Google over its competitors. Investors may currently under appreciate Google as a potential hardware company."

The technology industry has also been alive with talk that the Google $100 machines will be less like a standard home PC and more like a television: in effect, one of the first convergent devices betweem the internet and television. While offering the standard PC applications, the "Google Cube" will also offer interactive content from a variety of sources while retaining Google branding and displaying Google advertising.

A leading content provider, who did not wish to be named, told Times Online: "We are in discussions with Google to provide content for their alternative internet service, to be distributed through their Google Cube product. As far as I'm aware they have been conducting negotiations with a number of other players in our marketplace to provide quality content to their users."

However, industry insiders fear that the development of a network of Google Cubes powered over a Google-owned internet network will greatly increase the power that Google wields over online publishers and internet users.

Should Google successfully launch an alternative network, it is is theoretically possible for them to block out competitor websites and only allow users to access websites that have paid Google to be shown to their users.

However, the moves towards providing equipment for as little as £60 will prove popular with home users and even governments, who will welcome the spread of the internet to homes that could not previously afford the intital costs of purchasing PCs.

Contacted by Times Online today, a spokesperson for Google denied that it had any such plans, before adding its customary rider: "It's Google's policy not to comment on speculation concerning products before they are launched."
http://business.timesonline.co.uk/ar...023600,00.html





Google, Skype In Startup To Link Hotspots
Peter Svensson

Google Inc. and eBay Inc.'s Skype are investing in a startup that plans to help hotspot owners charge for Wi-Fi access, a plan that could face significant opposition from Internet service providers.

The Internet heavyweights were joined by venture capital firms Index Ventures and Sequoia Capital in making a $22 million investment in FON, the Spanish startup. In its announcement Sunday, FON did not say how much each investor was contributing.

FON's idea, floated just three months ago in a Web posting by founder Martin Varsavsky, is to sign up people who have Wi-Fi hotspots in one of two ways.

"Linus" members, named after Linus Torvalds, who created the freely distributed Linux software, will share their hotspot with other Linus members for free.

"Bill" members, named after Microsoft Corp. founder Bill Gates, will charge for access to their hotspot. FON will get some of that revenue, and share it with Internet service providers, or ISPs.

The network has gained 3,000 Linus members since going live in November. There is no software yet for Bill members, but Varsavsky expects it to be ready within four months. Linus software is so far only available for Wi-Fi routers from Linksys, a division of Cisco Systems Inc.

FON faces a hurdle in that most ISPs prohibit subscribers from sharing internet access with people outside their household. Many broadband subscribers share their access now for free, though, and it's hard for Internet service providers to stop them.

Traffic from a FON-connected hotspot would be easy for an ISP to identify, said Glen Fleishman, editor of the Wi-Fi Networking News site, because users have to authenticate themselves at a FON server.

Varsavsky wants to partner with ISPs to get them to allow their subscribers to set up FON hotspots. It has signed up a Swedish ISP, Glocalnet, and is in discussions with U.S. companies.

To win over the ISPs, Varsavsky points out that Linus members need Internet service to be Linus members.

"So in fact, FON is an incentive to become a customer of an ISP," he said.

Mark Harrad, a spokesman at Time Warner Cable, said the company was not aware of FON's plans. Its terms of service prohibit its 4.8 million residential broadband subscribers from sharing their connection outside the household.

Representatives at Google did not return messages seeking comment on the search engine's investment in FON.

Skype's Internet telephone service works over wireless connections, and a cell-phone-like device is in the works to take advantage of that fact.

"FON has a great idea to help people share Wi-Fi with one another to build a global unified broadband network, and were happy to lend support," Skype Chief Executive Niklas Zennstrom said in a statement.

FON's idea is not entirely novel - in fact, several companies and associations have tried to tie together free Wi-Fi hotspots into networks, but none has succeeded on a large scale.

"The problem with all these free projects is that they fail because everybody wants to be a freeloader and nobody wants to provide Wi-Fi," said Varsavsky. FON, on the other hand, demands reciprocal sharing from its Linus users.

There are also commercial Wi-Fi networks built by T-Mobile USA and Boingo Wireless Inc. with hotspots in more than 50,000 locations. Varsavsky hopes to have a much larger network by the end of the year because FON doesn't have to create the hotspots by itself.

Fleishman said FON has a chance to reach a critical mass of users, but it will be competing with free or low-cost municipal Wi-Fi networks in several cities. Google has itself offered to build a free Wi-Fi network to cover San Francisco.
http://seattlepi.nwsource.com/busine...i_Network.html





Court Overturns Temporary Restraining Order Against Wikimedia Deutschland

In the lawsuit between the registered association Wikimedia Deutschland and the father of the hacker Tron the local court in the Berlin district of Charlottenburg has now proclaimed its verdict: The application of the plaintiff has been dismissed. Wikimedia Deutschland is once again legally entitled to redirect visitors to the domain wikipedia.de to the international domain de.wikipedia.org, the lawyer of the association Thorsten Feldmann reported today.

The lawsuit centers on the question of whether Wikipedia is entitled in an article to reveal the real name of the hacker who died in 1998. As early as December 2005 the father of the dead hacker had obtained a temporary restraining order against the Wikimedia Foundation in Florida. However, the foundation does not seem to have been served the order yet. That move on the part of the father was followed in January by a temporary restraining order against the registered association Wikimedia Deutschland, which has now been overturned.

The verdict had been delayed several times. Thus the lawyer of Tron's father Friedrich Kurz had last week doubted that the lawyer of Wikimedia Deutschland had a proper mandate and had dismissed the motions against the temporary restraining order submitted by the association's lawyer as irrelevant. After the court rejected the notion that Tron's right to privacy was being violated postmortem, Mr. Kurz argued that as the only living person to bear this particular surname the appearance of his client's surname in the free online encyclopedia violated the latter's right to privacy. The court apparently did not endorse this reasoning.

An appeal against the verdict is possible. Last week Mr. Kurz had already proclaimed that he would be taking further legal action to prevent the real name of the hacker from being made public on the Internet.
http://www.heise.de/english/newsticker/news/69391




BitTorrent End to End Encryption and Bandwidth Throttling - Part I
Thomas Mennecke

No one will ever take away the enormous contribution Bram Cohen has given to the file-sharing community. Much like the revolution of file-sharing under Napster in 1999, BitTorrent has redefined the way people share and search for information. Initially, BitTorrent evolved largely under the direction of its creator. More recently however, this protocol is shifting further away from the direction of Bram Cohen and more towards independent developers.

One of the key focuses currently facing members of the BitTorrent community is traffic shaping (or bandwidth throttling.) Since its inception, BitTorrent has become the unquestioned consumer of bandwidth, as CacheLogic reports over 60% of all Internet traffic is attributable to this protocol. Some ISPs have simply reinvested in their networks and allowed BitTorrent to flourish, while others report that Shaw Cable and Rogers Cable in Canada have made their BitTorrent experience excessively slow and intolerable.

In response, BitTorrent developers have introduced “end to end” encryption in an effort to counter these policies. By fooling traffic shaping software, this has become very welcomed news from those who experience bandwidth throttling. Interestingly enough, Bram Cohen, the founder of BitTorrent, has not supported this direction. Yet as the course of BitTorrent evolution changes, the needs of the populace are instead being addressed by community oriented developers.

In today's interview, Slyck speaks with the developer of µTorrent, Ludvig Strigeus, with additional information provided by the administrator of daily operations, "Firon."

Slyck.com: First and foremost, how effective has this feature proven to be?

µTorrent: I don't really know how effective this option is yet, it's only been tested in a limited environment. We haven't been able to do any significant tests with users of ISPs that shape. But so far, it seems to be helping shaped users in swarms that have PE-enabled clients.

Slyck.com: What is your motivation and philosophy behind this feature? Why are you working on it and what do you hope the benefit for the BitTorrent community will be?

µTorrent: I'd like all users to be able to use BitTorrent and be able to upload and download. After all, BT is being used in many legal things, including distribution of public domain content, patches for games, and so on. An ISP shouldn't be able to block a legitimate protocol.

Slyck.com: Could you spend a moment to explain how end to end encryption works?

µTorrent: The encryption uses a shared secret (the torrent info hash), which is different for each torrent, in combination with Diffie-Hellman keys that are generated when the connection is set up. The Diffie-Hellman helps minimizing the risk of passive listeners, and the shared secret helps avoiding man-in-the-middle attacks.

Slyck.com: Recently, Bram Cohen brought up several arguments against end to end encryption. What is your reaction to these arguments, and how valid do you believe they are? Do you think perhaps they are being made to further his effort to make BitTorrent more legitimate?

µTorrent: I don't really agree with his arguments. He seems to be a bit out of touch with the reality of the situation. There's a significant number of severely throttled users (or that have BT blocked outright)out there, and ISPs need to realize that the internet is not port 80, 443 and e-mail. Very, very few ISPs cache BT, even less so than those that shape, so that's a fairly lousy argument to counter encryption.

His argument to let the tracker handle which peers are PE-enabled isn't very good either, since it's trivial for an ISP to block or alter the tracker request/response to achieve their desired effect of saving bandwidth because they can't cope with non-HTTP traffic. And one of the main problems with ISPs that shape is that they don't shape reasonably (say to maintain network quality and not interfere with VoIP or some such), but always throttle it down to a grinding halt. This is unfair, and users should be able to use the bandwidth they paid for.

Slyck.com: How dynamic is your approach to end to end encryption? For example, will you be able to maintain a likely technological arms race with ISPs?

µTorrent: If some severe flaw were discovered with PE, it would be significantly easier for us to update the clients with a fix than it would be for an ISP to update their hardware/software to detect any such changes we make.

Slyck.com: Bram Cohen stated "Most ISPs don't do such shaping", yet the reaction from Shaw and Rogers broadband customers reflects differently. How many other ISPs do you know of shape traffic, and do you believe that the number will increase in months and years to come?

µTorrent: I think he's wrong, a significant number of Canadian users seem to be shaped, and there's various ISPs in Singapore doing similarly.

There's ISPs in the US, Israel, and Australia, Belgium, and many others (some are listed on Azureus'wiki). It seems to be a growing trend, since the list of ISPs that users report are shaping seems to be growing.

Slyck.com: Is the encryption static or is it dynamic (does it change according to some parameters)?

µTorrent: The parameter that changes per-connection is the Diffie-Hellman key. The info hash also influences the encryption, but it's not different for each connection (obviously).

Slyck.com: What has been the feedback from end users? For example, are people complaining the decryption of Diffie-Hellman is resource hungry?

µTorrent: We have not had any feedback yet. The amount of resources for Diffie-Hellman is quite small, we're talking much less than a percent of CPU time for normal users. The data stream is encrypted with RC4.

My Pentium 4 can encrypt at 300MB/s (with optimized assembly code), so even if you download at a very fast speed, the RC4 encryption would just use a percent or two of CPU time, which is much less than the time required to compute SHA hashes of all downloaded pieces.

Slyck.com: Encryption is a tool better known for securing the transfer of private information. Are there any benefits of securing the transfer of information that is being offered publicly, or is the encryption soley to circumvent ISP throttling?

µTorrent: The major goal of the protocol was to circumvent throttling, however it was designed with the idea in mind, that it should be hard for a passive listener to detect what traffic is transmitted.

Slyck.com: By encrypting the data, is there a risk BitTorrent will lose some of its acceptance, hence encouraging more ISPs to throttle?

µTorrent: I don't know, did HTTP lose acceptance when HTTPS was invented? I don't think so.

Like the eDoneky2000 network, BitTorrent’s control and direction is slowly morphing towards the open source community. MetaMachine, the original creative force behind eDonkey2000 has seen the direction of this network forever replaced by eMule. This evolution of events is nearly impossible for original talents to reverse, and the future of BitTorrent is little different.
http://www.slyck.com/news.php?story=1083





Encrypting Bittorrent to Take Out Traffic Shapers

Over the past months more Bittorrent users noticed that their ISP is killing all Bittorrent traffic . ISP’s like Rogers are using bit-shaping applications to throttle the traffic that is generated by Bittorrent.

But, at the same time two of the most popular Bittorrent clients are working together to implement header and message stream encryption in order to take out these traffic shapers.

Currently both Azureus and µTorrent included this new form of encryption (specs) in their latest Beta’s. The fact that these two clients are actively working together to implement this new feature is promising and will make this form of encryption the new standard since the users of these two clients cover the majority of all Bittorrent users.

There are two “encryption modes” available.

The 2 different payload encryption methods plaintext transmission and RC4 provide a different degree of protocol obfuscation, security and speed. Where the plaintext mode only provides basic anti-shaping obscurity, no security and low CPU usage the RC4 encryption obfuscates the entire stream and not only the header and adds some cryptographic security at the price of spent CPU cycles.

The question now is.. Does it work? and how effective is it? If it works it will definitely offer a great solution to all Bittorrent users who suffer from traffic shaping ISP’s.

Bram Cohen, the creator of the Bittorrent protocol reacted quite negatively on these new developments. He questions the need for encryption since only a few ISP’s are actively shaping traffic. Among other things he also fears incompatibility between clients and increased cpu usage. Although these arguments can be countered quite easily, developers should keep them in mind.

But the fact is, if this new encryption method is launched successfully it will be a huge step forward for the Bittorrent community.
http://torrentfreak.com/encrypting-b...affic-shapers/





Labels? We don’t need no stinkin labels!

TuneCore
From the site

Get Your Own Music on iTunes
You keep all your rights.
You own your recordings.
You get all the money.
No contracts.

What is TuneCore?

TuneCore is a music delivery and distribution service that gets music you created (even cover versions) up for sale on iTunes and Rhapsody without asking for your rights or taking any money from the sale or use of your music.
What Are You Paid?

You get 100% of what iTunes and Rhapsody pay. We take nothing, all the money goes to you. You keep ALL the rights and ownership of your music and master recordings. TuneCore is non-exclusive, so you're never locked in.
Where Can I Put My Music Up For Sale?

iTunes U.S. is always included. Choose as many of these additional stores/services as you want:
iTunes Canada
iTunes Japan
iTunes U.K./Europe
iTunes Australia
Rhapsody Service

...many more coming soon!
How Does It Work?

TuneCore has arrangements with iTunes and Rhapsody that let us place your music in their online stores and subscription services. You get 100% of the money that iTunes and/or Rhapsody pays.

Upload your music via our Website, or mail your CD to us.

Use our online art tool to design your own album cover, or upload your own.

Got questions? See our FAQ

Got seven or more albums you'd like delivered? Ask Jeff about volume discounts.

Who are we? Meet the founders.

Get your music to the world!
http://www.tunecore.com/





Indie Labels Take a Risk, and Win, with Musicals
Jeff Lunden

In the best original cast recording category for the upcoming Grammy Awards, three out of the five albums nominated were released by Ghostlight Records. The New York-based label isn't a household name, but it is one of a handful of independents that are keeping the cast album alive.

That a big Broadway hit would wind up on a small independent label says a lot about changes in the economics of the recording industry. For years, cast albums were pretty big business. Shows such as Hello Dolly! and Man of La Mancha could make the Billboard charts, right next to the Beatles.

But in the past decade or so, the major labels have released fewer and fewer original cast albums, says Brian Drutman, senior director for Decca Broadway. "The average Broadway cast recording costs about $400,000," Drutman says. "It's not inexpensive... even selling tremendously well, [an album] can take upwards of a year to recoup its initial investment."

The original cast album of Wicked has beat the odds for Decca Broadway. Since its release in December 2003, it has sold almost 700,000 copies. But while Decca and the other majors are looking for the next blockbuster, labels like Ghostlight Records have been picking up the slack.

Ghostlight owners Sherie Rene Scott and Kurt Deutsch began the business in their second bedroom, selling albums over the Internet. Now, they've recorded Broadway hits such as The 25th Annual Putnam County Spelling Bee. Deutsch says he convinced Broadway producers to record on his label by changing the standard business model. While companies like Decca Broadway finance and own their recordings, Deutsch convinced producers to pay for the discs themselves.

Another source of show recordings is PS Classics. Philip Chaffin and Tommy Krasker run that label out of their house in Bronxville, N.Y. After the success of its Grammy-nominated Nine in 2003, Krasker says opportunities to record cast albums began to flow. PS Classics' current bestseller is a revival of Fiddler on the Roof. Chaffin and Krasker have also forged an alliance with the leading composer of the American musical stage, Stephen Sondheim. The Tony Award-winning revival of Sondheim's Assassins earned PS Classics a second Grammy nomination for its recording.
http://www.google.com/url?sa=X&oi=ne...ryId%3D5187068





Can Usernames Violate Trademark Law?
submitted by welvis

We got a legal threat this morning from FamilyPants.com because a user on one of our forums chose 'FamilyPants' as their username. They're upset because Google (and only Google) puts the user's profile on the first page of results for "familypants". I would think this is considered fair use.
http://www.digg.com/technology/Can_u...trademark_law_





Can DSL Handle Success?
Marguerite Reardon

After getting piles of mail from Verizon Communications about its new $14.95 DSL service, Barbara Cerney finally decided to ditch dial-up. But when she called Verizon to sign on, she got an unpleasant surprise.

Though her neighbors were using Verizon DSL, the company said the service was oversubscribed and she'd have to wait at least a month. Her only immediate broadband option was to subscribe to Comcast's more-expensive cable modem service. And the Annapolis, Md., resident, having made up her mind about slow Internet speeds, did just that.

The situation illustrates a potential catch-22 for Verizon as it looks to prevail over cable competitors in the broadband market. The company, and fellow DSL provider AT&T, have enjoyed significant success over the past year in using price cuts to convince customers that it's time to make the jump to broadband. But those same promotions could backfire if the companies can't accommodate the increased volume of speed-hungry customers.

"They may end up being a victim of their own success," said Jim Penhune, an analyst with Strategies Analytics. "It may be a good short-term problem to have too many people interested in your service, but it's not something you want as a sustained problem."

Last June, AT&T (then SBC Communications) was the first of the two large phone companies to dramatically reduce its DSL pricing--to $14.95 for the first year of service. In August, Verizon followed suit, offering its new tier of service, which includes 768kbps downloads, for $14.95 per month. And last week, AT&T answered back, with a $12.99 price tag for the first year. Since AT&'s prices are promotional, after the first year the price of the service jumps to the company's regular pricing model, which is $29.99 per month.

Since Verizon floated its $14.95 offer, the company has quickly grabbed new broadband subscribers. Last week it reported that the fourth quarter of 2005 had been its best ever for broadband, with 613,000 new subscribers signing on, a 14 percent quarter-over-quarter increase.

The company now has a total of 5.1 million broadband subscribers, a figure that includes all tiers of DSL customers, as well as subscribers to its fiber-to-the-home service, Fios, an ultra-high-speed package.

AT&T has also seen subscriber numbers jump. In the third quarter of 2005--the quarter immediately following its initial $14.95 promotion--the company increased broadband subscribers by 528,000. That number tailed off a bit in the fourth quarter, when AT&T added 425,000 new DSL subscribers. The company has a total of 6.9 million broadband subscribers.

"The price cuts on DSL by the phone companies have definitely helped them add new subscribers," Penhune said. "I doubt AT&T and Verizon would be reporting the quarter-on-quarter subscriber growth they have the last two quarters if they hadn't cut prices the way they did."

The phone companies' strategy is simple: They hope that by giving customers a taste of broadband at a low price, they'll eventually wring more profits out of subscribers by selling them higher-speed services or other, more-advanced services such as Internet Protocol TV.

Verizon has already started selling its television service over Fios in several states, including Texas, Florida and Virginia. AT&T is testing its TV service in Texas, and it expects to offer it more widely later this year.

Incapacitated?
But it's a tricky business. The low-priced DSL services have certainly struck a chord with price-sensitive customers--but even without the price cuts, experts say, the growth in the broadband market is still healthy as people drop dial-up for broadband and more-experienced Internet surfers upgrade to faster speeds.

That seems to be borne out by the fact that cable operators, who have marketed their services by emphasizing faster download and upload speeds, have also been adding new subscribers.

Comcast, the largest high-speed Internet provider in the country, reported last week that it added 378,000 new broadband subscribers in the fourth quarter of 2005. In total, it added 1.5 million subscribers in 2005, ending the year with 8.5 million high-speed customers.

That's in spite of the fact that Comcast's services are pricier than its rivals' DSL offerings. Cerney, for example, nabbed an introductory rate of $19.99 a month--but that price lasts for only three months, after which the cost jumps to $42.95.

Comcast and other cable operators say they'd rather compete on the value of their service than strictly on the price. As a result, they tend to bundle multiple services, such as high-speed Internet access, telephony service and TV, all in one package. Plus, Comcast's 6mbps service is much faster than Verizon's 768kbps service.

The bundling strategy has worked well for Comcast. For example, it claims that 98 percent of its new digital voice customers subscribe to a second service with the company.

"What we are finding is that our customers are choosing our service and recommending it to friends and family," said Jeanne Russo, a spokeswoman for Comcast. "We offer a better service than our competition. And we're able to service everyone in our footprint and provide the speeds we promise."

All this could spell trouble for Verizon as it looks to meet demand.

A spokeswoman said the company has been forced to stop taking orders in some parts of the country. Equipment shortages from one of Verizon's key suppliers, which the company has chosen not to name, is part of the problem, she said--coupled with increased demand for Verizon DSL services.

"If we reach capacity at a central office, we have no choice but to stop selling for awhile until we get in additional equipment to serve more customers or until more lines free up," said spokeswoman Bobbi Henson. "The extreme popularity of our new 768K service, in combination with equipment shortages we've had from our vendor, have resulted in some of our offices now reaching capacity."

Henson said the equipment supply issue should be cleared up soon, and that after that, the company shouldn't have problems servicing new customers.

AT&T said it hasn't had any trouble keeping up with demand, hence the recent price cut to $12.99.

Despite any inconveniences or delays, Cerney, the disappointed prospective Verizon customer, said she still hopes to take advantage of the Verizon deal.

"I was just so tired of dial-up, and $14.95 is a great deal," she said. "I really don't want to have to pay $45 a month for Internet, so I'll probably try to switch to Verizon when the Comcast promotion ends."
http://news.com.com/Can+DSL+handle+s...3-6035271.html





Wireless ISPs Limiting P2P Speeds
Liam Getreu

Wireless ISPs in Australia have admitted to throttling peer-to-peer (P2P) traffic on their networks.

Eric Hamilton, Unwired's chief technical officer, told The Australian that its policy, which has been in force for a number of months already, was aimed at giving normal users priority speeds over those who would otherwise bog down the network.

Some users on Unwired have recently reported speed and congestion issues in peak times, which could have led Unwired to this decision. But Unwired claims it has capacity for 70,000 customers on its network, but has less than 40,000 currently connected. Unwired chairman Steve Cosser said last year that "wireless broadband today is a viable alternative to ADSL and cable", but very few ADSL providers limit speeds on P2P applications.

iBurst provider Independent Service Providers also de-prioritises P2P traffic, with chief technical officer Mark Russell stating that "voice, DNS and web get the highest" priority, while peer-to-peer traffic is "at the lowest."

But how does this affect ISPs that buy Unwired bandwidth wholesale? Internode MD Simon Hackett told Whirlpool that although "the service Internode sells has no port/service type based prioritisation in it", he couldn't be sure "where the reported prioritisation of traffic occurs in the Unwired network." "So it's possible that Unwired apply prioritisation to all customer traffic", he said.

Hackett isn't against the idea of de-prioritisation of P2P, however. "Surely its sensible to ensure that 'real time' traffic such as web page access, VoIP, SSH etc does receive priority over bulk file transfer if the network has underlying resource limitations that need to be addressed."
http://whirlpool.net.au/article.cfm/1593





Robotic Toys Take Stage At DEMO Conference
Matthew Fordahl

Sony Corp. may have put its Aibo robotic dogs to sleep, but the inventor of the popular Furby toy said on Tuesday the market for toy animatrons is anything but extinct.

Caleb Chung unveiled a lifelike toy dinosaur named Pleo that senses its surroundings, reacts to touch, walks about on its four legs and shows emotion.

The robot, about the size of a toy poodle, expresses sadness and disappointment by gently lowering its head and tail when it's ignored. Rub its rubbery back or poke its feet, and the 3.5-pound dinosaur springs back to life just like something made of flesh and blood.

Pleo made its debut on the first day of the 16th annual DEMO conference, which is taking place in Phoenix this week. The show gives about 70 startups and established companies about six minutes each to showcase what they hope will be the next big thing in technology.

Ugobe Inc., which Chung co-founded, hopes Pleo will be the must-have present for Christmas 2006. The diminutive dino is expected to be available later this year for about $200 each.

"By using breakthrough materials, an array of sensors and programmed intelligence, Ugobe has created a unique animated form that challenges the relationship between human beings and nonliving creatures," noted Chris Shipley, DEMO's executive producer.

Unlike Furby's single motor and microprocessor, Pleo has eight processors that control 14 motors and receive signals from 38 sensors. It also can learn from its experiences - in effect writing its own code as it goes.

"What we're trying to do is recreate life in order to get to an emotional bonding," Chung said.

At DEMO, the robot initially made a cautious debut as it sensed its environment, a small table on a large stage. After a few seconds, its movements began to resemble a living object waking up.

"In a technical sense he's calibrating his servos, but we like to call it stretching," Chung said.

The Pleo eventually took a few cautious steps. When it reached the edge of the table, it stopped and peeked over. When Chung stopped playing with it, it appeared to get depressed.

Still, it's not likely to get as depressed as owners of Sony's Aibo robotic dogs. The company discontinued them last month to cut costs, calling the toys a niche product.

Other companies also showcased products that also mix fun and high tech:

- Blurb Inc.'s BookSmart lets anyone create professional-looking books from a PC or Macintosh. Unlike current do-it-yourself publishing tools, BookSmart offers layout flexibility. It also can "slurp" Web log content into a book and allows multiple people to contribute to a book over the Internet.

Each book, which costs about $30 for up to 40 pages, can be created within 30 minutes, said Eileen Gittins, the company's founder and chief executive. It is expected to be commercially available next month.

- Bones in Motion Inc.'s BiM Active turns nearly any cell phone into an automatic journal of outdoor activities. Walkers, runners and cyclists can record their routes in real time, using their phones' built-in satellite tracking capabilities. It also tracks speed, distance, calories burned and elevation.

All the information also can be accessed and shared via the Web. It also allows routes to be searched, ranked and displayed using Google Inc.'s mapping system. Bones in Motion also announced Sprint will start offering the service this week for $9.99 a month.

- MooBella LLC's Ice Cream System uses a combination of fresh ingredients and the Linux operating system to automatically scoop up tasty desserts. The vending machine, designed for cafeterias, convenience stores and other public places, lets customers choose from more than 90 combinations of flavors and mix-ins using a friendly touch screen display.

Within a minute, the ingredients are aerated, flavored, mixed and flash frozen. The machines also keep track of inventories and sales over a wireless Internet connection.

"Every MooBella consumer can become a Ben or Jerry," said Bruce Ginsberg, the company's president. "Our unique technology is as rich as our all-natural ice cream is smooth and creamy."

MooBella machines are expected to start appearing first in the Boston area in 2006. The price of each machine was not announced.
http://hosted.ap.org/dynamic/stories...MPLATE=DEFAULT





Who Ya Gonna Call With Email Trouble From the Tour Bus?

Rock Stars Take Along Techs As Sidekicks of a Sort; 'Give Hope to Every Geek'
Amy Chozick

Computer technician Joshua Kapellen doesn't look like a rock 'n' roll roadie. He's cleanshaven, wears starched, white button-down shirts and a clip-on tie. But to megaband U2, Mr. Kapellen is just as important as all its husky stage hands.

Last March, lead singer Bono needed his Xbox connected while the band rehearsed in Canada. Mr. Kapellen got a call. He hooked up the contraption and a few minutes later was playing videogames with Bono. "It was one of the coolest things that has ever happened to me," says Mr. Kapellen.

Mr. Kapellen, 28 years old, put his life in Minneapolis on hold in 2004 when Best Buy Co.'s Geek Squad of computer repair people asked him to accompany the Irish band and provide tech support to the 120 people traveling with the "Vertigo" world tour. He has been on the road in North America and Europe ever since.

"We're just ordinary guys," Mr. Kapellen says of computer repairmen. "But somehow we get ourselves into these extraordinary situations."

In the rock world, a measure of fame has rubbed off on personal assistants, groupies and even bouncers. But as the music industry becomes increasingly dependent on technology, the guy who gives tech support to the stars has become an essential, if overlooked, member of the entourage.

While on tour, pop stars Mary J. Blige, Beyoncé Knowles and Alicia Keys all have requested help from the Geek Squad, according to Best Buy, the big chain of electronics stores. Snoop Dogg, who does commercials for the T-Mobile Sidekick multipurpose gadget, occasionally needs a tech's assistance, his publicist confirms. Prince, who is religious about reading fans' reactions immediately after a show, also employs technicians to hook up high-speed Internet in his dressing room.

"Prince only uses the finest techies in the country," says the artist's lawyer, L. Londell McMillan.

Younger musicians, especially hip-hop stars, get loads of free gadgets from companies hoping they'll promote their wares, but that doesn't mean they know how to use them.

"I'm so computer illiterate, it's like crazy," says rapper Ludacris. The 28-year-old Atlanta-born star says his manager, Chaka Zulu, took classes in computer science so he could help him with everything from the Internet to receiving short, emailed bits of music he can incorporate into new songs. Technology is "my whole world," Ludacris says. "I need my people to help me out."

David Lemmink, a computer engineer for Nocturne Productions in DeKalb, Ill., travels with Bon Jovi's "Have a Nice Day" world tour. His duties include getting Jon Bon Jovi and his crew high-speed wireless Internet while on the tour bus and in arenas and making sure the onstage video screens are working properly.

"Backstage used to be a party, but now it's a business," says Mr. Lemmink, who has also helped Paul McCartney, Don Henley and Stevie Nicks with their technology needs.

The Paris Hilton Effect

A turning point for computer wonks came last February when socialite Paris Hilton's Sidekick was stolen and its contents -- ranging from nude photos to friends' personal information -- were posted online. Celebrities started to realize that a good tech guy could have installed passwords and security programs to prevent that information from getting out, says Robert Stephens, who founded Geek Squad in Minneapolis in 1994. He says the squad has received calls from Madonna, Ozzy Osborne and Kiss to help with technology, including security and privacy consulting.

Geek Squad, which was sold to Best Buy in 2002, now has nearly 12,000 employees. Technicians like Mr. Kapellen are paid about $32,000 a year, the industry average for computer technicians, according to the Association of Support Professionals.

"Let's face it, computer repairmen are at the bottom of the food chain," Mr. Stephens says, but these glamorous job opportunities "give hope to every geek out there."

During a U2 concert at Madison Square Garden in 2001, Larry Mullen Jr., the group's drummer, accidentally sat on his 10-year-old Casio organizer, which contained all his contacts, Mr. Stephens says. As Mr. Mullen's assistant scurried to give him his backup organizer, it fell and shattered. One of the band's guitar technicians called Mr. Stephens for help.

"He said, 'I'll give you anything if you can get this thing fixed,' " recalls Mr. Stephens, who found a similar model on eBay and was able to use parts from that one to pull data off Mr. Mullen's antiquated organizer.

Technology may seem mundane, says Tim McWilliams, a production coordinator with the Rolling Stones, but in the past five years it has become "the cornerstone of any successful rock tour."

Last August, Cory MacDonald left his girlfriend, his apartment and his car in Boston to travel with the Rolling Stones "Bigger Bang" world tour. Many nights he just waits in his hotel room. If Mick Jagger has a problem with his laptop, Mr. MacDonald gets a call, says Mr. McWilliams.

After the band's San Francisco show last November, Mr. MacDonald, 22, and the rest of the crew were treated to a blowout party at SBC Park, where the Giants play. "There was free alcohol and free food. We were all over the place," Mr. MacDonald says, "I could get used to being a roving rock-star tech guy."

Luke Steiner was called away from his typical tech jobs in Minneapolis to help Ms. Keys and her crew with computer problems in 2003. Mr. Steiner, 24, says he doesn't get many dates on the weekend, so just meeting Ms. Keys and helping with her "tiny Internet problems" made him "feel like a rock star for a brief moment."

Mick Jagger: 'You're So Cool'

Technology can be particularly baffling for older musicians. During the Rolling Stones' 1997 "Bridges to Babylon" concert, Geek Squad's Mr. Stephens helped 62-year-old Mr. Jagger connect to the Internet after he had had trouble dialing-up. "All I did was add a 9 in front of the number and he was like 'wow, man, you're so cool,' " Mr. Stephens recalls, imitating a British accent. As for Keith Richards, also 62, Mr. Stephens says, "I seriously think he'd never operated a computer before."

Technology consultant Billy Field used to be a "taper" at Grateful Dead concerts, making amateur recordings of the band's music. Now, he helps Dead-style jam band Widespread Panic with all its tech needs. Mr. Field, 35, has also worked for the Allman Brothers, R.E.M. and 10,000 Maniacs. He says that with some rockers, "it's just a matter of getting them comfortable enough with technology until the little light bulb goes off above their head."

Widespread Panic's lead singer, John "J.B." Bell, says he'll probably never trade in his pad and pen for a Palm organizer. "We're old school, man," the 43-year-old Mr. Bell says. That makes him even more dependent on tech guys when he needs to get online. "It might be a computer nerd thing, but when you're forlorn in a crisis, that's your hero," Mr. Bell says.
http://online.wsj.com/article/SB113902321348065131.html