P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 28-01-15, 08:41 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - January 31st, '15

Since 2002


































"That statistic is horrifying. It’s also baloney." – Andy Greenberg


"That's remarkable for its implied threat: if you don't let us ban or backdoor strong encryption, we're going to start breaking into your homes." – Glyn Moody


"We are now offering services that are both better and more user-friendly than illegal platforms… In [the past] five years, we have virtually eliminated illegal file-sharing in the music industry." – Marte Thorsby


"It’s as if we’re shutting down half our brains. I think that the day that information from the outside world becomes completely inaccessible in China, a lot of people will choose to leave." – Chin-Chin Wu


"Current DSL offerings won't be considered broadband under new rules." – Micah Singleton






































January 31st, 2015




Recording Industry Has 'Virtually Eliminated Illegal File-Sharing' In Norway -- By Offering Better Products
Glyn Moody

Techdirt has written a number of times about growing evidence that good, reasonably-priced streaming services are reducing dramatically the number of illegal downloads in the regions where they are available. One of the countries where that was observed some years ago is Norway. Now, a new report in Music Business Worldwide indicates that things are looking even better for the recorded music business there:

A countrywide survey in December 2014 showed that just 4% of Norwegians under 30 years still used illegal file-sharing platforms to get hold of music.

Even better for the worldwide industry, less than 1% of people under 30 years said that file-sharing was their main source of obtaining music.


The head of the International Federation of the Phonographic Industry (IFPI) in Norway, Marte Thorsby, explains why she thinks that has happened:

"We are now offering services that are both better and more user-friendly than illegal platforms… In [the past] five years, we have virtually eliminated illegal file-sharing in the music industry."

There we have it from the recording industry itself: offer "better and more user-friendly" products and illegal file-sharing just goes away on its own -- no intrusive surveillance, punitive three-strikes or clumsy site blocking required. How much clearer does it have to be?
https://www.techdirt.com/articles/20...products.shtml





Jury Awards $5 Million to Funk Legend Sly Stone
AP

Funk legend Sly Stone was awarded $5 million on Tuesday in a breach-of-contract suit that claimed his business partners and his own company cheated him out of royalties.

A Los Angeles Superior Court jury ruled for the 71-year-old performer in his action against his ex-manager Gerald Goldstein, attorney Glenn Stone and Even St. Productions Ltd.

"It's a good day for Sly, it's a good day for entertainers in general," said one of his attorneys, Nicholas Hornberger. "This was an important verdict for people that are artists, entertainers, music composers, etc."

Stone, whose real name is Sylvester Stewart, led the group Sly and the Family Stone to a string of hits in the 1960s and early '70s including "Everyday People," ''Dance To The Music" and "Family Affair." But heavy drug use began to take a toll.

His lawyers say Stone's career was long eclipsed and he was destitute when Goldstein and Glenn Stone convinced him to become an employee of and co-owner of Even St. Productions with them in 1989.

Stone assigned royalty rights to the company and was supposed to receive some of the money it collected for him but Goldstein and Glenn Stone arranged to get it through shady accounting, Hornberger argued.

"They met him, they signed him up...but what they really wanted was his royalties," Hornberger said.

Gregory Bodell, the attorney for Goldstein and Glenn Stone, said the performer approached his clients to revitalize his career and promised to make comeback records that he never recorded.

His clients weren't seeking the performer's royalties because he didn't have any, in part because he owed millions to the Internal Revenue Service, Bodell said.

Sly Stone testified that he had not received any royalty payments between 1989 and 2000.

But Bodell said his clients helped to pay off the IRS, renegotiated royalty issues with record companies and over 20 years obtained millions of dollars in royalties for the performer — perhaps as much as $9 million.

Jurors assessed $2.5 million in damages against Even St. Productions, $2.45 million against Goldstein and $50,000 against Glenn Stone.

Bodell said the award will be challenged.

Even St. Productions filed for Chapter 11 bankruptcy protection in 2013. A message left for a lawyer representing the company was not immediately returned.
http://mashable.com/2015/01/28/sly-stone-5-million/





Jay Z Bids on Aspiro, a Swedish Music Streaming Company
Ben Sisario

Jay Z is getting into the streaming music business, with a $56 million offer for Aspiro, a Swedish company behind two niche music services, WiMP and Tidal.

Jay Z’s bid, made through his company Project Panther, was revealed in a statement early Friday by Aspiro, which is publicly traded in Sweden. According to the statement, negotiations began in December, and Jay Z’s offer — representing a 59 percent premium over the stock’s closing price on Thursday — has already received preliminary acceptance by Aspiro’s board.

The deal would give the rapper and entrepreneur Jay Z, whose real name is Shawn Carter, a foothold in the expanding world of streaming music, and also would likely offer an expanded profile for his entertainment and sports company, Roc Nation.

The streaming market has been growing quickly, but is already rife with competition from players like Spotify, Deezer, Rdio, Rhapsody and even YouTube. Last year, Apple paid $3 billion for Beats, the company founded by Dr. Dre and the music executive Jimmy Iovine, and it is expected to revamp its music offerings, with streaming playing a prominent role.

Jay Z’s pursuit of Aspiro may suggest an interest in what so far has remained a niche side of the digital music market: high-fidelity audio. WiMP, available in a handful of European countries, and Tidal, which arrived in Britain and the United States in September, stream music in so-called lossless audio formats that are much higher in quality than what is offered by Spotify and most other similar outlets.

WiMP has 512,000 paying users, according to Aspiro’s most recent quarterly report; it has not said how many customers it has for Tidal, which sells subscriptions at $20 a month, twice the going rate of Spotify and most other streaming outlets.

The number of companies offering higher-quality digital audio has grown substantially recently. In addition to Tidal and WiMP, Deezer offers its Elite version through a deal with Sonos speakers; the new PonoMusic player from Neil Young recently went on sale; and Sony has been drawing attention for its high-resolution new Walkman, at prices over $1,000. But analysts say that for the most part, consumers have shown little interest in these products.

For Jay Z, another attraction in buying a streaming service might be to further expand the media portfolio of Roc Nation. Started in 2008 as a joint venture with Live Nation Entertainment, the company already operates in a number of areas in music, covering recordings, music publishing and artist management, and in 2013, it also expanded into representing top athletes through its Roc Nation Sports division.
http://www.nytimes.com/2015/01/31/bu...g-company.html





Nickelodeon to Offer a Streaming Service as Viacom Steps Up Digital Efforts
Emily Steel

Nickelodeon, the entertainment group focused on children’s programming, said on Thursday that it would start a new subscription streaming service in March that will be available outside traditional cable or satellite television packages.

The new offering from the home of “SpongeBob SquarePants” and “Dora the Explorer” will have a distinct brand intended to draw in children and their parents. More details of the product are to be disclosed in advertising sales presentations next month.

“We want to satisfy the demand that is coming from the viewers out there,” said Philippe Dauman, chief executive of Viacom, the media conglomerate that owns Nickelodeon, MTV and Comedy Central.

“They have an insatiable appetite for great content,” he added. “They want to view that content on every device that they own.”

The move signals an attempt by Viacom to prove its relevance at a time of mega-mergers and rapid digital transformations that are upending the media business. Shares in the company slid about 12 percent in 2014, after persistent ratings struggles and advertising declines. The total audience for Viacom’s television networks tumbled 18 percent during the quarter that ended Dec. 31, according to Bernstein Research. Viacom has blamed issues with the measurement process used for determining ratings for the declines.

“There is a frustration at Viacom and many other media companies that the world is moving and that the tools they have at their disposal will not help them accomplish their goals,” said Michael Nathanson, a media analyst with MoffettNathanson Research.

Nickelodeon introduced a number of digital initiatives in the last year, including new apps and original series for the web and mobile. Its programming also is available for streaming on Amazon.

With the offering it announced on Thursday, Viacom joins other television groups that are starting their own streaming services. CBS started a $6-a-month option in October and HBO is expected to start a stand-alone streaming service this year.

Viacom may have to tread more carefully than its rivals, analysts said. Its business is built on selling its bundle of television networks to cable and satellite companies, which in turn package those networks together for subscribers. In the quarter ended Dec. 31, Viacom earned $1.1 billion, about a third of its total revenue, from those so-called affiliate fees.

While creating a compelling digital-only offering from Nickelodeon could increase both subscription and advertising revenue, it could also encourage viewers to abandon their cable or satellite subscriptions, analysts said. In turn, the cable and satellite companies could drop Viacom from their lineup or force the media group to significantly cut its rates. Viacom then would need to create equally compelling subscription streaming services for its other networks, which also include VH1, BET, TV Land and Spike.

“They don’t want to destroy the rest of the bundle,” said David Bank, a media analyst with RBC Capital Markets. “If it does disrupt the bundle, do they have to roll out a similar strategy with all of their properties? Will those be as compelling?”

When asked whether Viacom would need to consolidate with another television group to protect its negotiating power with cable and satellite distributors, Mr. Dauman said that the company was confident that it was on solid footing on its own.

The comments came as Viacom reported earnings that matched analysts’ expectations for the quarter ended Dec. 31. Net income declined 9 percent to $500 million, or $1.20 a share.

Total revenue increased 5 percent to $3.3 billion, helped by a 6 percent increase in the filmed entertainment group.

Domestic advertising revenue declined 6 percent for the quarter, dragged down by ratings issues.

In a call with analysts, Viacom executives also disclosed — without providing details — that they would reorganize the business in the coming months to better position the company for future growth. Analysts said that the reorganization was likely to result in layoffs, with the company favoring workers with technical skills over those with traditional television backgrounds.

Viacom also announced that it was spending about $400 million on two separate transactions. One was an agreement to acquire five regional television channels in India, which it will own with its existing Indian partner, Network18.

Mr. Dauman said Viacom also was negotiating another acquisition “that would add to our scale in an important part of our business.” The company has reportedly been in talks to acquire a trio of comedy websites, including The Onion, Funny or Die and CollegeHumor.

Sumner M. Redstone, Viacom’s chairman and controlling shareholder, was notably absent from the company’s conference call. Mr. Redstone, 91, usually makes short opening remarks. The company said he listened in from Los Angeles.

Separately, Time Warner Cable, the country’s second-largest cable operator, on Thursday reported earnings that missed analysts expectations for the quarter ended Dec. 31. Net income was $554 million, or $1.95 a share, up from $540 million, or $1.89 a share, in the year-earlier period. Total revenue increased 3.8 percent to $5.8 billion, bolstered by an uptick in its business services group and the sale of Internet services. While the company increased its total customer relationships, it lost 38,000 video subscribers, not as steep a decline as it suffered in the same quarter last year.

In a conference call, Time Warner Cable executives said that the company continued to seek regulatory approval for its proposed $45 billion merger with Comcast and that the deal remained on track to close “early this year.”
http://www.nytimes.com/2015/01/30/bu...g-service.html





'YOUTUBE is EVIL': Somebody had a Tape Running, Google...

Cellist Zoë Keating strikes back with YouTube transcript
Andrew Orlowski

Analysis It's not often a $450bn multinational is humbled by a single classical musician with a tape recorder. Yet that seems to be what happened this weekend.

Google spends billions on marketing, paying lobbyists and buying influence. It funds over 150 organisations and overtook Goldman Sachs last year as the biggest corporate political donor in the USA.

It has politicians and regulators firmly where it wants them – and can sue the ones who aren't. Google must, therefore, have thought that cellist Zoë Keating would be a pushover. Keating releases her own work without a record label, and so conducts her negotiations herself. No fancy lawyers here to complicate things. Right?

What they probably didn't reckon on was the solo artist apparently keeping a record of their conversations.

Last week the cellist re-opened last year's controversy of the treatment of independent musicians and small operators by Google's YouTube service by asking her fans for advice. If she refused to sign the new terms, Google would stop paying her, but could continue to use her music on YouTube, she reported. If she signed, she'd lose control of her work. The contract would tie her down for five years. We reported her concerns here on Friday.

Over the weekend, Google disputed her account. Her claims were "patently false", it fumed to industry blog Digital Music News.

The transcript

However, Keating appears to have kept verbatim notes – strongly indicating that a tape was running – and she's now published the transcript of the conversation she said she'd had with the YouTube rep she'd been negotiating with for a year.

The transcript is available here. Keating wants to continue her current deal with Google as it stands – but that's not an option, as the rep makes clear in the transcript. She must sign the new contract and opt in to the Key music service. She can't run videos without monetisation. Google will "block" her (in the Google rep's words) if she refuses to sign, "but the commercial terms no longer apply".

"Yeah, it’s harsh," the rep agrees in the transcript, before helpfully pointing out "a loophole". She can disassociate herself from her material and settle for the peanuts YouTube offers, "if you’re not so concerned about revenue". The kind of revenue a successful artist might hope pays the rent.

What's at stake? Experts have contributed several excellent pieces on the spat. The core issue, as David Lowery points out in a must-read post, Google wants exclusive control over when and where an author's work appears on the internet.

He writes:

In other words by saying "no" to Music Key, [you allow] YouTube [to] still feature user generated videos on their service AND you won’t get any money. Think about it. This is like saying “no” to a record deal but result[ing] in the label having your songs forever and paying you nothing! YouTube is EVIL.

That seizure of control hurts, explains writer David Newhoff, because it strikes the very reason Keating wanted independence as an artist. It's why she doesn't have a record label. (We're not sure if she has a publisher – her work is widely used in TV, film, theatrical productions and ads, and a publisher helps here).

Weaker copyright laws

Newhoff, too, agrees that The New Man seems very similar to the Old Man, the music industry we were told would die out.

"The new boss wears a new uniform, but he’s just another boss. Only this time he has a worse deal in one pocket and a rock in the other."

Industry analyst Mark Mulligan, a strong supporter of music streaming services, thinks Google has become corrupted by absolute power. Google's actions wouldn't go very far in the marketplace if it had not been for the weakening of copyright, he argues.

A familiar argument over the past 15 years is that copyright is a regulatory-style impediment wielded by large old companies to impede progress. But it was always an individual right designed to protector the creator against The Man. The Man used to be Dodgy Megacorp Records, while today The Man is a gigantic internet company, with a monopoly gatekeeper over those very routes to market an artist needs to take. The Man is more powerful than ever, but it's a different Man.

With strong copyright, neither Old Man nor New Man could get away with such actions as YouTube has attempted here: assuming control of global digital distribution against the artist's consent. But thanks to the erosion of legal protection, power has shifted away from the individual, and towards "The Man", on a scale never seen before. Because copyright is so weak today, Google can try it on.

SOPA was a clumsy and imperfect attempt to take out foreign piracy sites, which distort the market significantly. And you know what happened there. The consequences wash up eventually, and Zoë Keating is on the receiving end today.

As Silicon Valley has been very successful in persuading the public to throw away their strong legal protections, Google may well get away with it. How's your SOPA protest looking today?
http://www.theregister.co.uk/2015/01..._tape_running/





Tor and Encryption Have Created a ‘Zone of Lawlessness,’ Justice Department Says
Jason Koebler

Tuesday, the federal government continued its offensive against default consumer encryption enabled by Apple and Google and anonymity tools like Tor, saying that greater privacy and security has created a “zone of lawlessness” that law enforcement is having trouble cracking.

Leslie Caldwell, an assistant attorney general at the Justice Department, said that the department is “very concerned” by the Google’s and Apple’s decision to automatically encrypt all data on Android and iOS devices. Her comments aren’t entirely surprising, considering that FBI Director James Comey previously said that the agency would push Congress to make automatic encryption illegal, and President Obama has also expressed concern with the development.

The problem that privacy and security advocates have pointed out is that the US government doesn’t really seem to understand what it’s asking for. Caldwell was being interviewed as a part of the annual State of the Net Conference in Washington, DC. One minute, she was vilifying encryption; the next, she was sending a message to the country’s citizens and companies that they need to be “more conscious of cybersecurity.”

“They need to be assuming they are vulnerable, assuming their data can be taken,” she said.

"We have made some advances in our ability to penetrate the Tor network"
End-to-end encryption is one of the absolute best ways to protect data, and the security of its users is the main reason why Google and Apple decided to make it default on their smartphones.

The move has been extremely controversial with the government, because it makes data too safe, Caldwell argued.

“We understand the value of encryption and the importance of security,” she said. “But we’re very concerned they not lead to the creation of what I would call a ‘zone of lawlessness,’ where there’s evidence that we could have lawful access through a court order that we’re prohibited from getting because of a company’s technological choices.”

She said that she hopes Apple and Google will consider building in back doors that will allow the companies to decrypt the phones if they are physically mailed back to the manufacturer.

The companies would then send information “relevant to [the] investigation” to law enforcement. As it stands, Apple currently has no way of decrypting phones—only the user can.

Ending with one message for users: Be afraid be very afraid. // But end to end encryption actually protects users best #SOTN15

— Amie Stepanovich (@astepanovich) January 27, 2015

Many experts have argued that such backdoors would defeat the purpose of encrypting data on the phone in the first place—if there are various ways of decrypting something against a user's will, then is it ever truly encrypted?

“When the government calls for reduced security on smartphones, or worse yet, seeks technological backdoors into our devices, we are being asked to expose our personal data to criminals,” Nuala O’Connor of the Center for Democracy and Technology wrote soon after Comey’s comments in October. “Any backdoor the government can walk through to uncover evidence will eventually be used by malicious actors to exploit our personal information.”

Encryption isn’t the only internet tool under the government’s crosshairs, however. Caldwell said that the anonymization of cyber criminals is at least as big of a problem for the government, and suggested that most people who use Tor and other anonymity tools are criminals.

“Tor obviously was created with good intentions, but it’s a huge problem for law enforcement,” she said. “There are a lot of online supermarkets where you can do anything from purchase heroin to buy guns to hire somebody to kill somebody, there are murder for hire sites. We understand 80 percent of traffic on the Tor network involves child pornography.”

The NSA, Justice Department, and other law enforcement agencies have spent much of the last several years attempting to crack Tor, and the recent raid of Silk Road 2 and other dark net markets suggests they’ve had some success.

“We have made some advances in our ability to penetrate the Tor network, but it’s still a real challenge,” Caldwell said. “The international nature of the internet is already a huge challenge. When you add in the Tor network, that makes it more of a challenge. Someone may be sitting in Romania engaging in child exploitation activity making its way to the United States, and it’s difficult to locate those people. It’s even more difficult to find them and bring them to justice.”

This presentation at #SOTN2015 encouraging all the worst stereotypes: Tor is for pedophiles, Bitcoin for money laundering

— Amie Stepanovich (@astepanovich) January 27, 2015

She’s not wrong that tools like Tor and encryption can, in certain cases, make law enforcement’s job more difficult. But she’s also ignoring the fact that, with proper encryption, law enforcement is much less likely to have to deal with the types of botnets, malware, and hackers that it says it has an obligation to stop.

Technology has certainly changed the law enforcement landscape, as she said—but that doesn’t mean every anonymity and cryptographic tool is making us all less safe.
http://motherboard.vice.com/read/tor...epartment-says





Anonymous Calls for Activists to Help Expose International Paedophile Networks with 'Operation DeathEaters'

The hacktivist group is planning on building enough evidence to kick-start a tribunal into international paedophile networks
Loulla-Mae Eleftheriou-Smith

Hacktivist group Anonymous, which has made public attacks on extremists, corporations and religious and governmental bodies, is calling for help in its fight against international paedophile networks, or what it calls the “paedosadist industry”.

In a project named Operation DeathEaters, Anonymous says it is is planning on collating evidence against international paedophile rings and their severe abuse of children and find the links between different operations, and to bring them to justice.

Anonymous has issued a video instructing activists on how they can aid in the operation, which has appeared at a time of serious allegations of historic child sexual abuse levied against prominent UK figures, including claims that a VIP Westminster paedophile ring existed in the past.

Recent allegations have led to the Met police’s investigation into three alleged murder cases of young boys dating back to the 1970s and 1980s that have been linked to claims that there existed a VIP Westminster paedophile ring allegedly involving high profile establishment figures.

“The Westminster paedophile ring is one of many cases where Operation DeathEaters has actively pursued and sought truth, in order to end the hideous crimes concealed behind the British elite,” Anonymous alleges in a statement.

“In fear of these investigations being bungled over time, the operation’s objectives are clear and simple: source public information before it disappears, push for independent enquiry, and offer support to witnesses and the victims where needed.”
Read more: Anonymous calls for boycott of Cyber Monday

The group references a number of findings from investigations into to the alleged Westminster paedophile ring as part of its list of cases being examined under Operation DeathEaters, including cases against Jimmy Savile, Cyril Smith, claims of wide-scale abuse allegedly documented at Elm Guest House and the work of the now-defunct Paedophile International Exchange.

Anonymous states the objective of Operation DeathEaters is to achieve an independent, internationally linked, victim-led tribunal or inquiry into the trafficking and “paedosadism industry”.

It has outlined its first step in the operation as gathering “meticulously researched and clearly documented examples of high level complicity in the industry, obstruction of justice and cover ups to show the need for independent inquiries”.

Anonymous is planning on setting up a database to be able to map the connections between cases, and is calling on its followers to research cases of high level corruption and to “present them widely and clearly” by sharing the information across social media, and to find “qualified and trusted people” who should be chosen to serve on the independent, victim-led inquiries.
http://www.independent.co.uk/news/uk...s-9998350.html





No, Department of Justice, 80 Percent of Tor Traffic Is Not Child Porn
Andy Greenberg

The debate over online anonymity, and all the whistleblowers, trolls, anarchists, journalists and political dissidents it enables, is messy enough. It doesn’t need the US government making up bogus statistics about how much that anonymity facilitates child pornography.

At the State of the Net conference in Washington on Tuesday, US assistant attorney general Leslie Caldwell discussed what she described as the dangers of encryption and cryptographic anonymity tools like Tor, and how those tools can hamper law enforcement. Her statements are the latest in a growing drumbeat of federal criticism of tech companies and software projects that provide privacy and anonymity at the expense of surveillance. And as an example of the grave risks presented by that privacy, she cited a study she said claimed an overwhelming majority of Tor’s anonymous traffic relates to pedophilia.

“Tor obviously was created with good intentions, but it’s a huge problem for law enforcement,” Caldwell said in comments reported by Motherboard and confirmed to me by others who attended the conference. “We understand 80 percent of traffic on the Tor network involves child pornography.”

That statistic is horrifying. It’s also baloney.

In a series of tweets that followed Caldwell’s statement, a Department of Justice flack said Caldwell was citing a University of Portsmouth study WIRED covered in December. He included a link to our story. But I made clear at the time that the study claimed 80 percent of traffic to Tor hidden services related to child pornography, not 80 percent of all Tor traffic.

That is a huge, and important, distinction. The vast majority of Tor’s users run the free anonymity software while visiting conventional websites, using it to route their traffic through encrypted hops around the globe to avoid censorship and surveillance. But Tor also allows websites to run Tor, something known as a Tor hidden service. This collection of hidden sites, which comprise what’s often referred to as the “dark web,” use Tor to obscure the physical location of the servers that run them. Visits to those dark web sites account for only 1.5 percent of all Tor traffic, according to the software’s creators at the non-profit Tor Project.

The University of Portsmouth study dealt exclusively with visits to hidden services. In contrast to Caldwell’s 80 percent claim, the Tor Project’s director Roger Dingledine pointed out last month that the study’s pedophilia findings refer to something closer to a single percent of Tor’s overall traffic.

The Department of Justice didn’t respond to WIRED’s questions about Caldwell’s comments.

Even with its focus on Tor hidden services, not general Tor use, the University of Portsmouth findings were troubling enough. The notion that the majority of the dark web’s visits involve pedophilia raises serious questions about the tradeoffs between safety and privacy that Tor hidden services allow. But as WIRED wrote at the time, the pedophilia sites represented only 2 percent of Tor hidden services—a small number of popular kiddie porn sites draw a large percentage of the dark web’s traffic, it seems. Categories of sites ranging from drug markets to discussion forums to whistleblowing sites all accounted for larger slices of the dark web. Even Facebook has now launched its own Tor hidden service.

The Tor Project also identified numerous caveats that might have led to the over-representation of pedophilia sites in the study’s findings: Law enforcement and anti-abuse organizations often visit child porn sites to track and infiltrate them. Hackers sometimes launch floods of fraudulent traffic at the sites with the aim of taking them offline. Unstable sites that frequently go offline might generate more visit counts in the study’s methodology. And sites visited through Tor2Web, a tool designed to make Tor hidden services more accessible to non-anonymous users, would be underrepresented, shifting more of the findings towards sites whose content requires strong anonymity.

But none of those possible fudges in the study comes close to the one Caldwell made in her statements Tuesday, conflating Tor hidden services with Tor itself. After all, some of the most central non-hidden-service applications of Tor are to enable Internet users in countries like China and Iran to evade their governments’ online repression, and even allowing US intelligence and law enforcement to gather data online without detection. Both those uses explain why much of Tor’s funding comes directly from the American military and Department of State.

So to whoever at the Department of Justice is preparing these talking points for public consumption: Thanks for citing my story. Next time, please try reading it.
http://www.wired.com/2015/01/departm...ic-child-porn/





Mozilla Dusts Off Old Servers, Lights Up Tor Relays

Worst outcome means 50 percent capacity hit
Darren Pauli

Mozilla has given the Tor network a capacity kick with the launch of 14 relays that will help distribute user traffic.

Engineers working under the Foundation's Polaris Project inked in November pulled Mozilla's spare and decommissioned hardware out of the cupboard for dedicated use in the Tor network.

It included a pair of Juniper EX4200 switches and three HP SL170zG6 (48GB ram, 2*Xeon L5640, 2*1Gbps NIC) servers, along with a dedicated existing IP transit provider (2 X 10Gbps).

French Mozilla engineer Arzhel Younsi (@xionoxfr) said its network was designed to fall no lower than half of its network capacity in the event of maintenance or failure.

"The current design is fully redundant [which] allows us to complete maintenance or have node failure without impacting 100 percent of traffic ... the worst case scenario is a 50 percent loss of capacity," he said in a post.

"The design also allows us to easily add more servers in the event we need more capacity, with no anticipated impact."

The platform is not close to filling its bandwidth capacity and could receive further improvements including being moved into Mozilla's managed infrastructure and having IPv6 support.

Younsi noted the Tor element of Polaris was still considered an experiment as factors in running effective nodes such as throughput limits for middle and exit relays had to be better understood.

It used the open source Ansible platform for configuration management, a tool under consideration for in-house engineering use, and was secured with strick firewall filters, hardened operating systems and network devices, and edge filters.

"It is important to note that many of the security requirements align nicely with what's considered a good practices in general system and network administration," Younsi said.

Periodic internal and external security checks were set while graphs for 'everything' will be published using Observium to track efficiency.

The Polaris initiative was a effort of Mozilla, the Tor Project and the Centre for Democracy and Technology to help build more privacy controls into technology.
http://www.theregister.co.uk/2015/01...up_tor_relays/





CSE Tracks Millions of Downloads Daily: Snowden Documents
Amber Hildebrandt, Michael Pereira and Dave Seglins

Canada's electronic spy agency sifts through millions of videos and documents downloaded online every day by people around the world, as part of a sweeping bid to find extremist plots and suspects, CBC News has learned.

Details of the Communications Security Establishment project dubbed "Levitation" are revealed in a document obtained by U.S. whistleblower Edward Snowden and recently released to CBC News.

Under Levitation, analysts with the electronic eavesdropping service can access information on about 10 to 15 million uploads and downloads of files from free websites each day, the document says.

"Every single thing that you do — in this case uploading/downloading files to these sites — that act is being archived, collected and analyzed," says Ron Deibert, director of the University of Toronto-based internet security think-tank Citizen Lab, who reviewed the document.

In the document, a PowerPoint presentation written in 2012, the CSE analyst who wrote it jokes about being overloaded with innocuous files such as episodes of the musical TV series Glee in their hunt for terrorists.

CBC analyzed the document in collaboration with the U.S. news website The Intercept, which obtained it from Snowden.

The presentation provides a rare glimpse into Canada's cyber-sleuthing capabilities and its use of its spy partners' immense databases to track the online traffic of millions of people around the world, including Canadians.

That glimpse may be of even greater interest now that the Harper government plans to introduce new legislation increasing the powers of Canada's security agencies.

Though Canada’s always been described as a junior partner in the Five Eyes spying partnership, which includes the U.S., Britain, New Zealand and Australia, this document shows it led the way in developing this new extremist-tracking tool.

"It's really the first time that a story has been reported that involves [CSE] as the lead agency in a program of pure mass surveillance," said Glenn Greenwald, a constitutional lawyer and journalist with The Intercept, and who has been instrumental in bringing Snowden's information to public attention.

Canada's electronic surveillance service said it cannot comment on the specific program, but added that some of its metadata analysis is designed to identify foreign terrorists who use the internet for activities threatening the security of Canada and Canadians.

"CSE is clearly mandated to collect foreign signals intelligence to protect Canada and Canadians from a variety of threats to our national security, including terrorism," agency spokesman Andrew McLaughlin wrote in an email to CBC.

Deibert, at the Citizen Lab, says that on the surface the Levitation program is reassuring, indicating Canada's spies are doing their job, but he adds that the mass surveillance nature of it raises questions.

'A giant X-ray machine'

According to the document, Canada can access data from 102 free file upload sites, though only three file-host companies are named: Sendspace, Rapidshare and the now-defunct Megaupload.

Sendspace told CBC News that "no organization has the ability/permission to trawl/search Sendspace for data," and its policy states it won't disclose user identities unless legally required.

No other file-sharing company responded to CBC requests for comment.

However, the Levitation document says that access to the data comes from unnamed "special sources," a term that in previous Snowden documents seemed to refer to telecommunications companies or cable operators.

It is also unclear which, or how many, of the Five Eyes access information on these uploaded files and whether the companies involved know the spy agencies have this access.

Many people use file-sharing websites to share photos, videos, music and documents, but these cyber-lockers have also been accused of being havens for illegally sharing copyrighted content.

Not surprisingly, extremists also use the online storage hubs to share propaganda and training materials.

To find those files, the document says Canada's spy agency must first weed out the so-called Glee episodes as well as pictures of cars on fire and vast amounts of other content unrelated to terrorism.

Analysts find 350 "interesting download events" each month, less than 0.0001 per cent of the total collected traffic, according to the top-secret presentation.

Surveillance specialists can then retrieve the metadata on a suspicious file, and use it to map out a day's worth of that file user's online activity.

By inputting other bits of information into at least two databases created by the spying partners, analysts can discover the identity and online behaviour of those uploading or downloading these files, as well as, potentially, new suspicious documents.

The Levitation project illustrates the "giant X-ray machine over all our digital lives," says Deibert.

From IP to ID

Once a suspicious file-downloader is identified, analysts can plug that IP address into Mutant Broth, a database run by the British electronic spy agency Government Communications Headquarters (GCHQ), to see five hours of that computer's online traffic before and after the download occurred.

That can sometimes lead them to a Facebook profile page and to a string of Google and other cookies used to track online users' activities for advertising purposes. This can help identify an individual.

In one example in the top-secret document, analysts also used the U.S. National Security Agency's powerful Marina database, which keeps online metadata on people for up to a year, to search for further information about a target's Facebook profile. It helped them find an email address.

After doing its research, the Levitation team then passes on a list of suspects to CSE's Office of Counter Terrorism.

The agency cites two successes as of 2012: the discovery of a German hostage video through a previously unknown target, and an uploaded document that gave it the hostage strategy of a terrorist organization.

It's unclear from the leaked document how long Levitation was operational and whether it is still in use.

CSE says its foreign signals intelligence has "played a vital role in uncovering foreign-based extremists' efforts to attract, radicalize and train individuals to carry out attacks in Canada and abroad." But it offered no specifics about Levitation.

'What else can they do?'

Back in 2012, the spy agency appeared to be assessing the power and accuracy of the Levitation project as compared to other tools in its counterterrorism arsenal.

Though the presentation jokes about filtering out Glee episodes, the issue underscores an increasing problem for spy agencies around the world: how the massive haystack of internet traffic they are collecting is straining spy agency resources.

Projects like Levitation aim to automate part of the process.

But it also causes some people to worry about what these powerful and secretive agencies can do with such an immense store of data at their fingertips.

"The specific uses that they talk about in this context may not be the problem, but it's what else they can do," says Tamir Israel, a lawyer with the University of Ottawa's Canadian Internet Policy and Public Interest Clinic.

National security expert Wesley Wark says the Levitation documents clearly demonstrate the CSE's abilities. But he also warns the tool has the potential to be "hugely intrusive."

A recent story by The Guardian illustrates that potential. The British newspaper revealed that that the GCHQ scooped up emails to and from journalists working for some of the largest American and British media outlets, as part of a test exercise.

The story, based on Snowden documents, says GCHQ has also listed investigative journalists as a "threat" who rank somewhere between terrorists and hackers.

A similar issue could arise here, with the eavesdropping service choosing targets outside the terrorism realm, says Israel.

Academics, lawyers, journalists, activists and business people commonly use file-hosting sites as part of their jobs.

"It's completely at the discretion of CSE essentially what documents to pick," Israel says.

The mass surveillance by Canada's signals intelligence agency also raises questions about the number of Canadians inadvertently caught up in it.

In the Levitation presentation, two anonymous Canadian IP addresses from a Montreal-based data server appear on a list of suspicious downloads around the world. The list also included several from allies and trading partners, including the U.K., U.S., Spain, Brazil, Germany and Portugal.

By law, CSE isn't allowed to target Canadians. Canada's commissioner charged with reviewing the secretive group found it unintentionally swept up private communications of 66 Canadians while monitoring signals intelligence abroad, but concluded there was no sign of unlawful practice.

Canada is supposed to mask the identities of untargeted Canadians scooped up in its surveillance before passing information to its Five Eyes partners and law enforcement agencies.

Deibert says there are "all sorts of grey areas" in how CSE operates, including how long they can retain the data they collect, the volume of the mass collection, the rules around metadata and how this data is shared with spying partners.

"The mission is appropriate," he says. "But is engaging in wholesale mass surveillance the appropriate means to that end? Especially in the context where, in this country, you have very little oversight in any meaningful sense."
http://www.cbc.ca/news/cse-tracks-mi...ents-1.2930120





How Canada's Spy Agency Hunts Extremists Through File-Sharing Sites

A newly released top-secret presentation by Canada's electronic spy agency shows how it sifts through millions of files uploaded online every day around the world in an attempt to find those intending to commit extremist acts.

The Communications Security Establishment document provides extensive details about this mass surveillance, which taps into the massive databases kept by Canada's "Five Eyes" spying partners and is conducted under the code name Levitation. Here's how Levitation works.

Scour file-sharing sites
Canada and its spying partners have amassed a vast trove of metadata of files uploaded and downloaded around the world. Every day, the agency's analysts sift through information on 10 to 15 million uploads or download events. It could include videos, music, documents and other files hosted by so-called "free file upload" sites. The data comes from 102 file-sharing websites.

Watch a suspicious file
Security analysts focus on suspicious files. Every month, the agency identifies about 350 “interesting download events” related to extremism or terrorism, the document says, adding this is the "easy part." One target file is The Explosives Course, an English al-Qaeda bomb-making manual published in late 2010, found on Sendspace.com.

Trace the IP
At 7:46 a.m., someone downloads The Explosives Course. Analysts look at the IP address. It reveals the location of the computer network used as Kenya. It doesn't give them the exact location of the person.

Follow the cookies
They drill down further. The IP address is plugged into Mutant Broth, a database run by Britain's electronic spy agency, which stores billions of internet cookies (most commonly used for targeted advertising). With this data, they piece together the target's online activity for five hours before the file was downloaded and five hours after.

Identify the suspect
In total, the agency finds nearly 700 signs of online activity, but only 77 match the characteristics of the computer used to download the al-Qaeda manual. These identifiers include the type of web browser and operating system the person used. The most revealing page visited is a Facebook profile. According to that page, the person is based in Dubai, in the UAE. The spies now have a name and possible location.

Digging deeper
But that's not the end. The agency can also plug that Facebook ID – every profile gets assigned a unique number – into the U.S. National Security Agency's powerful Marina database, which keeps online metadata of millions of people for up to a year. That can give CSE lots of information, including a person's email address.

Share findings
In the end, the spy agency not only paints a detailed picture of someone's online life, but can also identify that individual as a new potential suspect. In other cases, the exercise leads them to previously unknown suspicious documents. Ultimately, all these findings are handed over to CSE's Office of Counter Terrorism. Some information may end up in the hands of spying partners or law enforcement agencies.
http://www.cbc.ca/news/multimedia/ho...ites-1.2928400





Experts Unmask 'Regin' Trojan as NSA Tool
Marcel Rosenbach, Hilmar Schmundt and Christian Stöcker

Just weeks ago, SPIEGEL published the source code of an NSA malware program known internally as QWERTY. Now, experts have found that it is none other than the notorious trojan Regin, used in dozens of cyber attacks around the world.

Earlier this month, SPIEGEL International published an article based on the trove of documents made available by whistleblower Edward Snowden describing the increasingly complex digital weapons being developed by intelligence services in the US and elsewhere. Concurrently, several documents were published as well as the source code of a sample malware program called QWERTY found in the Snowden archive.

For most readers, that source code was little more than 11 pages of impenetrable columns of seemingly random characters. But experts with the Russian IT security company Kaspersky compared the code with malware programs they have on file. What they found were clear similarities with an elaborate cyber-weapon that has been making international headlines since November of last year.

Last fall, Kaspersky and the US security company Symantec both reported for the first time the discovery of a cyber-weapon system which they christened "Regin". According to Kaspersky, the malware had already been in circulation for 10 years and had been deployed against targets in at least 14 countries, including Germany, Belgium and Brazil but also India and Indonesia.

Symantec spoke of a "highly complex" threat. Many of the targets were in the telecommunications sector, but others included energy companies and airlines. Both Symantec and Kaspersky did not shy away from superlatives when describing the malware program, calling it a "top-tier espionage tool" and the most dangerous cyber-weapon since Stuxnet, the notorious malware program used to attack the Iranian nuclear program.

"We are certain that we are looking at the keylogger-module from Regin," Costin Raiu, head of research for Kaspersky, said of the code published by SPIEGEL. A keylogger is a program that can record keys struck on a keyboard -- thus logging sensitive information such as passwords, email addresses and text documents -- and then send that information back to the malware programmer.

"Pursuant to our technical analysis, QWERTY is identical with the Regin plug-in 50251," Raiu says. In addition, the analysis revealed that Regin is apparently an attack platform that can be used by several different institutions in several different countries. Kaspersky published its findings in a blog post on Tuesday.

The new analysis provides clear proof that Regin is in fact the cyber-attack platform belonging to the Five Eyes alliance, which includes the US, Britain, Canada, Australia and New Zealand. Neither Kaspersky nor Symantec commented directly on the likely creator of Regin. But there can be little room left for doubt regarding the malware's origin.

• The source code excerpt published by SPIEGEL comes straight from the Snowden archive.

• Regin was also apparently involved in the attack on the Belgian telecommunications firm Belgacom. And Belgacom, as SPIEGEL reported in the summer of 2013, was a target of the British intelligence agency GCHQ. Ronald Prins, head of the Dutch security company Fox IT, which analyzed the attack on Belgacom, told SPIEGEL ONLINE in the summer of 2011 that Regin appeared to be a tool belonging to the NSA and GCHQ.

There are also additional clues pointing to Regin being a Five Eyes tool:

• In the QWERTY code, there are numerous references to cricket, a sport that enjoys extreme popularity in the Commonwealth.

• There are many similarities with the cyber-weapons system that the intelligence agencies call "Warriorpride" in the Snowden documents.

• The targets thus far known are consistent with Five Eyes surveillance targets as outlined in the Snowden documents.

In the last several years, Regin has been exposed as the cyber-weapon behind a number of digital attacks:

• The attack on the partially state-owned company Belgacom, as mentioned above.

• A serious cyber-attack on the European Commission in 2011. The deputy head of Germany's Federal Office for Information Security, Andreas Könen, told SPIEGEL at the end of last December that, "we have reconstructed that; there are clear congruencies."

• The Austrian newspaper Der Standard, citing anonymous sources, reported last November that malware code from the Regin family had been found in the network of the International Atomic Energy Agency, based in Vienna.

• Germany's Bild newspaper also reported a Regin infection in the computer of a member of the department for European affairs in Angela Merkel's Chancellery. According to the paper, the malware was found on the woman's private computer. The Federal Office for Information Security says that Regin has not yet been found on official German government computers.

It seems likely that more Regin discoveries will be made. Kaspersky alone, says Raiu, has found the malware in computers belonging to 27 international companies, governments and private persons.
http://www.spiegel.de/international/...a-1015255.html





'Super-Secure' BlackPhone Pwned by Super-Silly Txt Msg Bug

People always talk about your reputation ... Just be good to free()
Darren Pauli

Exclusive: The maker of BlackPhone – a mobile marketed as offering unusually high levels of security – has patched a critical vulnerability that allows hackers to run malicious code on the handsets.

Attackers need little more than a phone number to send a message that can compromise the devices via the Silent Text application.

The impact of the flaw is troubling because BlackPhone attracts what hackers see as high-value victims: those willing to invest AU$765 (£415, $630) in a phone that claims to put security above form and features may well have valuable calls and texts to hide from eavesdroppers.

Mark Dowd (@mdowd), noted Sydney-based hacker and co-founder of security consultancy Azimuth Security, discovered the flaw during casual research in the latter months of 2014. He shared his findings with The Register while the fix – due to be disclosed today – was being developed.

"Successful exploitation can yield remote code execution with the privileges of the Silent Text application, which runs as a regular Android app, but with some additional system privileges required to perform its SMS-like functionality such as access to contacts, access to location information, the ability to write to external storage, and of course net access," Dowd said, noting the bug took him about a week to find.

The flaw could also be coupled with a privilege-escalation exploit to gain full control of the vulnerable device, but this was not required to run arbitrary code as an unprivileged user.

Dowd has, in the past, reported vulnerabilities he discovered in a ZRTP third-party library utilized by the Silent Phone app in 2013 prior to the July 2014 launch of BlackPhone.

It was the marketing of the Silent suite of apps that piqued Dowd's interest – which led him to report the security hole he uncovered.

"They aim to combat mass-surveillance by relying on encrypted phone calls and messages by default, which is an effective counter-measure, but I wanted to evaluate those solutions from an application security standpoint [and] by that I mean I wanted to see how robust their implementations were against targeted attacks, and evaluate any additional attack surface they might expose," he said.

The flaw discovered in Silent Text is really a programming blunder within the Silent Circle Instant Messaging Protocol (SCIMP) library, which is responsible for establishing encrypted communication channels between devices for secure transmissions of text messages and files.

"The SCIMP protocol encodes messages as JSON objects, which are then transmitted to the remote party over XMPP," Dowd explained to The Register.

"The flaw I discovered occurs during the deserialization of these JSON objects. It is a type confusion vulnerability, which when exploited allows an attacker to overwrite a pointer in memory, either partially or in full.

"This pointer is later manipulated by the program and also the system allocator, allowing you to do things such as pass arbitrary pointers to free()."

The expert went on to say:

Specifically, libscimp expects JSON objects to contain a message type, and multiple fields that are relevant to that message type. By sending a JSON object that contains multiple message types, it is possible to have fields read in to memory from the JSON object for one message type misinterpreted as fields of another message type. This allows the attacker to engineer a situation whereby a pointer to user-controlled data may be overwritten (or partially overwritten) with a value of their choosing.

It is important to note that the implementation flaw does not imply any inherent weaknesses in the design of the SCIMP protocol nor the encryption mechanisms used by BlackPhone.

The device and its Silent Text app were the brain children of encryption gurus Phil Zimmermann, Jon Callas and Mike Janke who created the device in the wake of and in opposition to global spying revelations revealed by NSA leaker Edward Snowden.

They have not revealed how many BlackPhones are in operation, however the Android Silent Text app has clocked more than 50,000 downloads, according to Google, and is also available on Apple iOS.

Silent Circle was not available for immediate comment.

After publication of this article, once a patch was issued to BlackPhone owners, Dowd shared more technical details on the text-messaging flaw, here.
http://www.theregister.co.uk/2015/01...en_to_plunder/





Kim Dotcom Launches End-to-End Encrypted Voice Chat ‘Skype Killer’
Samuel Gibbs

Kim Dotcom’s encrypted file sharing service has added free end-to-end encrypted voice and video chat through the browser.

MegaChat, which promises to keep video chats secure and private, has been developed by the Mega “Conspiracy Team” and is being described as a “Skype killer” by Dotcom.

“We are releasing #MegaChat beta step by step. Starting with video calling today. Text chat & video conferencing will follow soon,” said Dotcom.

MegaChat does not require software beyond a web browser to operate, unlike many other similar services, although plugins for Google’s Chrome and Firefox are available for “faster loading and added resilience against attacks”.

‘No US-based online service provider can be trusted’

The system allows users to share encrypted files having previously shared a personal decryption key with them.

Dotcom claimed that “no US-based online service provider can be trusted with your data” and that “Skype has no choice. They must provide the US Government with backdoors”.

Revelations from the Snowden leaks showed that Microsoft handed the US National Security Agency access to encrypted messages.

Microsoft handed the NSA access to encrypted messages

MegaChat is being positioned as a secure alternative to Skype that cannot be snooped on by security services using end-to-end encryption to maintain privacy. The service is based in New Zealand.

Dotcom also promised encrypted video conferencing, email and text chat would roll out at a later stage.

Mega’s security credentials have been questioned in the past. Passwords were stolen from the service shortly after its launch in 2013, leading security researchers to question whether Mega could live up to its security promises.

To quell those fears, Dotcom launched a bounty for security flaws, offering to reward bug spotters.
http://www.theguardian.com/technolog...t-skype-killer





WikiLeaks Demands Answers After Google Hands Staff Emails to US Government

• Search giant gave FBI emails and digital data belonging to three staffers
• WikiLeaks told last month of warrants which were served in March 2012

Ed Pilkington and Dominic Rushe

Google took almost three years to disclose to the open information group WikiLeaks that it had handed over emails and other digital data belonging to three of its staffers to the US government, under a secret search warrant issued by a federal judge.

WikiLeaks has written to Google’s executive chairman, Eric Schmidt, to protest that the search giant only revealed the warrants last month, having been served them in March 2012. In the letter, WikiLeaks says it is “astonished and disturbed” that Google waited more than two and a half years to notify its subscribers, potentially depriving them of their ability to protect their rights to “privacy, association and freedom from illegal searches”.

The letter, written by WikiLeaks’ New York-based lawyer, Michael Ratner of the Center For Constitutional Rights, asks Google to list all the materials it provided to the FBI. Ratner also asks whether the California-based company did anything to challenge the warrants and whether it has received any further data demands it has yet to divulge.

The war on leaks has gone way too far when journalists' emails are under surveillance | Trevor Timm

Google revealed to WikiLeaks on Christmas Eve – a traditionally quiet news period – that it had responded to a Justice Department order to hand over a catch-all dragnet of digital data including all emails and IP addresses relating to the three staffers. The subjects of the warrants were the investigations editor of WikiLeaks, the British citizen Sarah Harrison; the spokesperson for the organisation, Kristinn Hrafnsson; and Joseph Farrell, one of its senior editors.

When it notified the WikiLeaks employees last month, Google said it had been unable to say anything about the warrants earlier as a gag order had been imposed. Google said the non-disclosure orders had subsequently been lifted, though it did not specify when.

Harrison, who also heads the Courage Foundation, told the Guardian she was distressed by the thought of government officials gaining access to her private emails. “Knowing that the FBI read the words I wrote to console my mother over a death in the family makes me feel sick,” she said.

She accused Google of helping the US government conceal “the invasion of privacy into a British journalist’s personal email address. Neither Google nor the US government are living up to their own laws or rhetoric in privacy or press protections”.

The court orders cast a data net so wide as to ensnare virtually all digital communications originating from or sent to the three. Google was told to hand over the contents of all their emails, including those sent and received, all draft correspondence and deleted emails. The source and destination addresses of each email, its date and time, and size and length were also included in the dragnet.

The FBI also demanded all records relating to the internet accounts used by the three, including telephone numbers and IP addresses, details of the time and duration of their online activities, and alternative email addresses. Even the credit card or bank account numbers associated with the accounts had to be revealed.

Alexander Abdo, a staff attorney and privacy expert at the American Civil Liberties Union, said the warrants were “shockingly broad” in their catch-all wording.

“This is basically ‘Hand over anything you’ve got on this person’,” he said. “That’s troubling as it’s hard to distinguish what WikiLeaks did in its disclosures from what major newspapers do every single day in speaking to government officials and publishing still-secret information.”

Google has not revealed precisely which documents it handed over by the deadline of April 2012. But it has told the three individuals that it provided “responsive documents pursuant to the Electronic Communications Privacy Act”.

Google told the Guardian it does not talk about individual cases, to “help protect all our users”. A spokesperson for the company said: “We follow the law like any other company.

“When we receive a subpoena or court order, we check to see if it meets both the letter and the spirit of the law before complying. And if it doesn’t we can object or ask that the request is narrowed. We have a track record of advocating on behalf of our users.”

The data grab is believed to be part of an ongoing criminal investigation into WikiLeaks that was launched in 2010 jointly by the US departments of Justice, Defense and State. The investigation followed WikiLeaks’ publication, initially in participation with international news organisations including the Guardian, of hundreds of thousands of US secrets that had been passed to the organisation by the army private Chelsea Manning.

The vast stash of leaked documents including embassy cables, war logs from Afghanistan and Iraq, and a video of an Apache helicopter attack that killed civilians in Baghdad.

The warrants were issued by a federal judge in the eastern district of Virginia – the jurisdiction in which a grand jury was set up under the criminal investigation into WikiLeaks. The investigation was confirmed to be still active and ongoing as recently as May last year.

Testimony given during the prosecution of Manning indicated that at least seven “founders, owners or managers or WikiLeaks” were put under the FBI spotlight in the wake of Manning’s disclosures. Manning was sentenced to 35 years in military prison for crimes related to the leaks and is currently being held in Fort Leavenworth, Kansas.

The WikiLeaks warrants cite alleged violations of the 1917 Espionage Act and the Computer Fraud and Abuse Act – the same statutes used to prosecute Manning. The data seizures were approved by a federal magistrate judge, John Anderson, who a year later issued the arrest warrant for the former National Security Agency contractor Edward Snowden.

Julian Assange, WikiLeaks’ founder and editor-in-chief, said the search warrants were part of a “serious, and seriously wrong attempt to build an alleged ‘conspiracy’ case against me and my staff”. He said that in his view the real conspiracy was “Google rolling over yet again to help the US government violate the constitution – by taking over journalists’ private emails in response to give-us-everything warrants”.

The FBI warrants will be presented to the United Nations human rights council in Geneva on Monday by the Spanish judge Baltasar Garzón, who is director of Assange’s defence team. Assange remains in asylum in the Ecuadorian embassy in London, facing extradition to Sweden following sexual assault and rape allegations that he denies and for which he has never been charged.

Google’s behaviour stands in stark contrast to Twitter, which has challenged similar US government demands. In its letter to the search giant, WikiLeaks notes that “Twitter challenged the government so it could notify its subscribers of the orders, and prevailed”.

In Twitter’s case, the Justice Department demanded access to the social-media accounts of Birgitta Jonsdottir, an Icelandic MP and former Wikileaks volunteer who was part of the team that released the secret Apache helicopter footage.

Twitter informed Jonsdottir that the US government had asked for access to her messages, allowing her to mount a legal campaign to stop them. In July 2012 an appeals court ruled against Jonsdottir and two other defendants, allowing the Justice Department to keep secret information about its attempts to obtain their information without a warrant.

All the major tech companies now disclose how many requests they receive from US authorities for users’ information but it is extremely rare for them to divulge specific targets of those investigations and in most cases they are limited in what they can disclose.

In the first six months of 2014, Google received close to 32,000 data requests from governments, an increase of 15% compared with the second half of 2013, and two-and-a-half times more than when Google first started publishing it’s semi-annual Transparency Report, in 2009.
http://www.theguardian.com/technolog...-us-government





C.I.A. Officer in Leak Case, Jeffrey Sterling, Is Convicted of Espionage
Matt Apuzzo

Jeffrey A. Sterling, a former Central Intelligence Agency officer, was convicted of espionage charges Monday, for telling a journalist for The New York Times about a secret operation to disrupt Iran’s nuclear program.

The conviction is a significant victory for the Obama administration, which has led an unprecedented crackdown on officials who speak to journalists about security matters without the administration’s approval. Prosecutors prevailed after a yearslong fight in which the journalist, James Risen, refused to identify his sources.

The case revolved around a C.I.A. operation in which a former Russian scientist provided Iran with intentionally flawed nuclear component schematics. Mr. Risen revealed the operation in his 2006 book “State of War,” describing it as a mismanaged, potentially reckless mission that may have inadvertently aided the Iranian nuclear program.

Liberal advocacy groups have hailed Mr. Sterling as a whistle-blower for taking his concerns about the program to the Senate Intelligence Committee in early 2003, a time when dissenting voices in the C.I.A. were hushed as the country prepared for war in Iraq. The Justice Department and C.I.A., however, deny that characterization. They said the Iran operation was not mismanaged and said Mr. Sterling went to Congress and then the news media as a way to settle personal grievances.

Mr. Sterling managed the Iranian operation. The Justice Department had no direct proof that Mr. Sterling provided the information to Mr. Risen, but prosecutors stitched together a strong circumstantial case. They described Mr. Sterling, who is black, as bitter and frustrated about what he believed was workplace discrimination. Telephone records and emails showed that Mr. Sterling and Mr. Risen talked frequently, and prosecutors argued that only Mr. Sterling had the information, the motive and the opportunity to leak it.

“The defendant put his own selfishness and his own vindictiveness ahead of the American people,” Eric G. Olshan, a federal prosecutor, said during closing arguments Thursday. “For what? He hated the C.I.A. and he wanted to settle the score.”

The trial was part Washington spectacle, part cloak and dagger. Former Secretary of State Condoleezza Rice testified, as did C.I.A. operatives who gave only their first names and last initials, with their faces shielded behind seven-foot-high partitions. A scientist was referred to only by his code name, Merlin. His wife was Mrs. Merlin.

Officials revealed their preferred strategies for persuading reporters not to run sensitive stories. Also revealed was that, at the C.I.A.’s office in New York, employees could easily walk out with classified documents and never be searched.

Mr. Sterling’s lawyers said the government’s case was based entirely on suspicion. “The government has great lawyers. It has a great theory. It just made a great argument,” said Barry J. Pollack, a defense lawyer. “What the government lacks is evidence.”

Mr. Sterling’s lawyers argued that it was just as likely that Mr. Risen learned about the operation from Capitol Hill staffers, then pieced together details from other sources at the C.I. A and from the Russian scientist himself. Mr. Pollack acknowledged that Mr. Sterling had a relationship with Mr. Risen, but said they talked only about Mr. Sterling’s discrimination lawsuit against the C.I.A. Mr. Risen probably asked about Merlin and the Iranian operation, Mr. Pollack said, but Mr. Sterling did not provide any information.

Mr. Sterling is the latest in a string of former officials and contractors that the Obama administration has charged with discussing national security matters with reporters. Most, however, have pleaded guilty and avoided a trial. Of those, John Kiriakou a former C.I.A. officer, is in federal prison, as are two former government contractors, Donald Sachtleben and Stephen Kim. Thomas A. Drake, a former National Security Agency official, cut a deal on minor charges and avoided serving time.

The only other trial was the court-martial of Chelsea Manning, the Army private formerly known as Bradley Manning, who was convicted and sentenced to prison for providing a trove of government documents to WikiLeaks.

The most prominent leak case, however, remains open. Edward J. Snowden, a former N.S.A. contractor who downloaded and provided journalists with thousands of that agency’s documents, has fled to Russia to avoid criminal charges. Those documents revealed a domestic surveillance program in which the N.S.A. monitored the phone records of every American.

While the administration has defended the crackdown, Attorney General Eric H. Holder Jr. said he believed it went too far at times when it targeted journalists. Under Mr. Holder, prosecutors seized phone records from The Associated Press, labeled one Fox News reporter a potential criminal co-conspirator for inquiring about classified information and tried to force another to testify before a grand jury.

Mr. Risen’s lengthy fight to avoid testifying about his sources turned the case into a rallying point for news organizations who said the Justice Department had made it harder to cover national security beyond what it released in news statements and sanctioned leaks, such as those that told a glowing story about the mission to kill Osama bin Laden. Less favorable stories, such as those revealing warrantless wiretapping or secret prisons, led to criminal investigations.

The Supreme Court ultimately declined to hear Mr. Risen’s case, meaning he would have been forced to testify, and if he refused, he could have been put in jail. But Mr. Holder, in a reversal, said prosecutors would not force him to reveal his sources. With that option off the table, prosecutors opted not to call Mr. Risen to testify during the trial.
http://www.nytimes.com/2015/01/27/us...espionage.html





Former Head of GCHQ Warns Of 'Ethically Worse' Kinds Of Spying If Unbreakable Encryption Is Allowed
Glyn Moody

In their attempts to kill off strong encryption once and for all, top officials of the intelligence services are coming out with increasingly hyperbolic statements about why this should be done. Here's another, this time from a former head of GCHQ, Sir David Omand:

Sir David, who was director of GCHQ from 1996-97, said: "One of the results of Snowden is that companies are now heavily encrypting [communications] end to end.

"Intelligence agencies are not going to give up trying to get the bad guys. They will have to get closer to the bad guys. I predict we will see more close access work."


According to The Bureau of Investigative Journalism, which reported his words from a talk he gave earlier this week, by this he meant things like physical observation, bugging rooms, and breaking into phones or computers. Omand went on:

"You can say that will be more targeted but in terms of intrusion into personal privacy -- collateral intrusion into privacy -- we are likely to end up in an ethically worse position than we were before."

That's remarkable for its implied threat: if you don't let us ban or backdoor strong encryption, we're going to start breaking into your homes. And it's striking that Omand regards eavesdropping on all the Internet traffic flowing in to and out of the UK, or collecting thousands of sexually-explicit webcam pictures, as less reprehensible than a tightly-targeted operation against a few suspects. His framing also implies that he thinks those pesky civil liberties groups will protest more about the latter than the former. In fact, what defenders of privacy and liberty generally want is simply a proportionate response with judicial oversight -- something that is straightforward with targeted "close access" work, but impossible with the blanket surveillance currently employed.

The good news here is that Omand has indirectly confirmed that the current strategy of rolling out strong encryption as widely as possible is the right one. Provided it is not derailed by any government moves to weaken crypto, it will increase the cost of online surveillance, and force intelligence services to return to targeted spying -- which is what they should have done in the first place.
https://www.techdirt.com/articles/20...-allowed.shtml





Law Enforcement Wants Popular Police-Tracking App Disabled
Eileen Sullivan

Law enforcement is concerned that the popular Waze mobile traffic app by Google Inc., which provides real-time road conditions, can also be used to hunt and harm police.

Waze is a combination of GPS navigation and social networking. Fifty million users in 200 countries turn to the free service for warnings about nearby congestion, car accidents, speed traps, traffic cameras, construction zones, potholes, stalled vehicles or unsafe weather conditions.

Waze users mark police - who are generally working in public spaces - on maps without much distinction other than "visible" or "hidden." Users see a police icon, but it's not immediately clear whether police are there for a speed trap, a sobriety check or a lunch break.

To some in law enforcement, this feature amounts to a stalking app for people who want to harm police. They want Google to disable that feature.

The growing concern is the latest twist in Google's complicated relationship with government and law enforcement. It places the Internet giant, again, at the center of an ongoing global debate about public safety, consumer rights and privacy.

Los Angeles Police Chief Charlie Beck complained in a letter to Google's chief executive on Dec. 30 that Waze could be "misused by those with criminal intent to endanger police officers and the community."

The Los Angeles Police Department did not immediately respond to questions about whether Google addressed Beck's concerns.

Google purchased Waze for $966 million in 2013.

There are no known connections between any attack on police and Waze, although Beck said Waze was used in the killing of two New York Police Department officers on Dec. 20. The Instagram account of the gunman in that case included a screenshot from Waze along with other messages threatening police.

Investigators do not believe the shooter, Ismaaiyl Brinsley, used Waze to ambush the NYPD officers, in part because police say Brinsley tossed his cellphone more than two miles from where he shot the officers. In his letter to Google, Beck said that Brinsley had been using the Waze app to track police since early December.

"I am confident your company did not intend the Waze app to be a means to allow those who wish to commit crimes to use the unwitting Waze community as their lookouts for the location of police officers," Beck wrote.

Some officers, like Sheriff Mike Brown of Bedford County, Virginia, think it's only a matter of time before Waze is used to hunt and harm police.

"The police community needs to coordinate an effort to have the owner, Google, act like the responsible corporate citizen they have always been and remove this feature from the application even before any litigation or statutory action," said Brown, who raised the issue at a National Sheriffs' Association meeting in Washington January 23.

Google declined to comment and directed questions to a Waze spokeswoman, Julie Mossler, who said the company thinks deeply about safety and security. She said Waze works with the New York Police Department and others around the world by sharing information.

"These relationships keep citizens safe, promote faster emergency response and help alleviate traffic congestion," Mossler said.

The NYPD did not respond to questions about Waze.

Google has a complicated relationship with government and law enforcement. The company worked closely with the Obama administration to defend itself against hacking by China's government, and it is regularly compelled to turn over to police worldwide copies of emails or other information about its customers. Last year, after disclosures that the National Security Agency had illicitly broken into Google's overseas Internet communication lines, Google and other technology companies rolled out encryption for users, which the U.S. government said could hamper law enforcement investigations. Also last year, Google and other companies sued the U.S. to allow them to more fully disclose to customers details about how much information they were required to hand over each year.

Nuala O'Connor, head of the Center for Democracy and Technology, a Washington civil liberties group, said it would not be appropriate for Google to disable the police-reporting feature.

"I do not think it is legitimate to ask a person-to-person communication to cease simply because it reports on publicly visible law enforcement," she said.

O'Connor said a bigger concern among privacy advocates is how much information about customers Waze shares with law enforcement, since the service necessarily monitors their location continually as long as it's turned on.

This is not the first time law enforcement has raised concerns with these types of apps. In 2011, four U.S. senators asked Apple to remove all applications that alert users to drunken driving checkpoints. Apple's current guidelines for developers state that the company will not accept apps with information about drunken driving checkpoints unless the checkpoints are published by law enforcement agencies, an Apple spokeswoman said.

---

Associated Press writers Tami Abdollah in Los Angeles, Colleen Long in New York and Michael Liedtke in San Francisco contributed to this report.
http://hosted.ap.org/dynamic/stories...01-26-03-07-22





DEA Cameras Tracking Hundreds of Millions of Car Journeys Across the US
Martyn Williams

A U.S. Drug Enforcement Administration program to keep tabs on cars close to the U.S.-Mexican border has been gradually expanded nationwide and is regularly used by other law enforcement agencies in their hunt for suspects.

The extent of the system, which is said to contain hundreds of millions of records on motorists and their journeys, was disclosed in documents obtained by the American Civil Liberties Union as part of a Freedom of Information Act request. Much of the information disclosed to the ACLU was undated, making it difficult to understand the growth of the network, which is different from the cameras used to collect traffic tolls on expressways.

One of the undated documents said more than 100 cameras had been deployed in at least California, Arizona, New Mexico, Texas, Florida, Georgia, and New Jersey. The cameras snap each vehicle that passes, recording its license plate, the direction of travel and the time. Some cameras also snap a picture of the driver and passengers.

It was set up in 2008 and was opened to other law enforcement agencies in May 2009. Two years after it was launched, the system helped the DEA seize 98 kilograms of cocaine, 8,336 kilograms of marijuana and collect US$866,380. Its use was also expanded to the hunt for cars being driven by suspects in child abductions, rapes and other crimes.

But it’s unclear if there is any court oversight of the network. The ACLU said that any federal, state or local law enforcement agent that had been vetted by the DEA could conduct queries on the database.

Records on cars that don’t generate a “hit” in law enforcement investigations are said to be stored for six months—a period the ACLU said was “far too long.”

“The government should not collect or retain information revealing the movements of millions of people accused of no crime,” it said. “But even that long retention period is only meaningful if it comes with strict rules limiting data use, sharing, and access. Like its retention policy, the DEA should make these policies public.”
http://www.itworld.com/article/28759...ss-the-us.html





EFF’s Game Plan for Ending Global Mass Surveillance
Rainey Reitman

We have a problem when it comes to stopping mass surveillance.

The entity that’s conducting the most extreme and far-reaching surveillance against most of the world’s communications—the National Security Agency—is bound by United States law.

That’s good news for Americans. U.S. law and the Constitution protect American citizens and legal residents from warrantless surveillance. That means we have a very strong legal case to challenge mass surveillance conducted domestically or that sweeps in Americans’ communications.

Similarly, the United States Congress is elected by American voters. That means Congressional representatives are beholden to the American people for their jobs, so public pressure from constituents can help influence future laws that might check some of the NSA’s most egregious practices.

But what about everyone else? What about the 96% of the world’s population who are citizens of other countries, living outside U.S. borders. They don't get a vote in Congress. And current American legal protections generally only protect citizens, legal residents, or those physically located within the United States. So what can EFF do to protect the billions of people outside the United States who are victims of the NSA’s spying?

For years, we’ve been working on a strategy to end mass surveillance of digital communications of innocent people worldwide. Today we’re laying out the plan, so you can understand how all the pieces fit together—that is, how U.S. advocacy and policy efforts connect to the international fight and vice versa. Decide for yourself where you can get involved to make the biggest difference.

This plan isn’t for the next two weeks or three months. It’s a multi-year battle that may need to be revised many times as we better understand the tools and authorities of entities engaged in mass surveillance and as more disclosures by whistleblowers help shine light on surveillance abuses.

If you’d like an overview of how U.S. surveillance law works, check out our addendum.
Intro: Mass Surveillance by NSA, GCHQ and Others

The National Security Agency is working to collect as much as possible about the digital lives of people worldwide. As the Washington Post reported, a former senior U.S. intelligence official characterized former NSA Director Gen. Keith Alexander’s approach to surveillance as “Collect it all, tag it, store it… And whatever it is you want, you go searching for it.”

The NSA can’t do this alone. It relies on a network of international partners who help collect information worldwide, especially the intelligence agencies of Australia, Canada, New Zealand, and the United Kingdom (collectively known, along with the United States, as the “Five Eyes.”) In addition, the United States has relationships (including various levels of intelligence data sharing and assistance) with Belgium, Denmark, France, Germany, Israel, Italy, Japan, the Netherlands, Norway, Singapore, Spain, South Korea, Sweden, and potentially a number of other countries worldwide. There are also other countries—like Russia, China, and others—engaging in surveillance of digital communications without sharing that data with the NSA. Some of those governments, including the U.S. government, are spending billions of dollars to develop spying capabilities that they use aggressively against innocent people around the world. Some of them may do so with even less oversight and even fewer legal restrictions.

Although whistleblowers and journalists have focused attention on the staggering powers and ambitions of the likes of the NSA and GCHQ, we should never assume that other governments lack the desire to join them. Agencies everywhere are hungry for our data and working to expand their reach. Read about international surveillance law reform and fighting back through user-side encryption.

We focus here on the NSA because we know the most about its activities and we have the most legal and political tools for holding it to account. Of course, we need to know much more about surveillance practices of other agencies in the U.S. and abroad and expand our work together with our partners around the world to confront surveillance as a worldwide epidemic.

Mass surveillance is facilitated by technology companies, especially large ones. These companies often have insufficient or even sloppy security practices that make mass surveillance easier, and in some cases may be actively assisting the NSA in sweeping up data on hundreds of millions of people (for example, AT&T). In other cases, tech companies may be legally compelled to provide access to their servers to the NSA (or they may choose to fight that access). Read more about how tech companies can harden their systems against surveillance.

The NSA relies on several laws as well as a presidential order to justify its continued mass surveillance. Laws passed by Congress as well as orders from the U.S. President can curtail surveillance by the NSA, and the Supreme Court of the United States also has authority to put the brakes on surveillance.

The Game Plan

Given that the American legal system doesn’t adequately protect the rights of people overseas, what can we do in the immediate future to protect Internet users who may not be Americans?

Here’s the game plan for right now. Note that these are not consecutive steps; we’re working on them concurrently.

1. Pressure technology companies to harden their systems against NSA surveillance

To date, there are unanswered questions about the degree to which U.S. technology companies are actively assisting the NSA.

In some cases, we know that tech companies are doing a lot to help the NSA get access to data. AT&T is a clear example of this. Thanks to whistleblower evidence, we know AT&T has a secret room at its Folsom Street facility in San Francisco where a fiber optic splitter creates a copy of the Internet traffic that passes through AT&T’s networks. That splitter routes data directly to the NSA.

Some companies have taken things a step further and deliberately weakened or sabotaged their own products to "enable" NSA spying. We don't know who's done this or what they've done, but the NSA documents make clear that it's happening. It's the height of betrayal of the public, and it could conceivably be taking place with the help even of some companies that are loudly complaining about government spying.

So what do we know about major tech companies, like Google, Facebook, Yahoo, and Microsoft? Here we have mixed reports. Documents provided by Edward Snowden and published in the Guardian and the Washington Post name nine U.S. companies—Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, and Apple—as participants in the NSA’s PRISM program. The documents indicate that the NSA has access to servers at each of these companies, and implies that these companies are complicit in the surveillance of their users.

The companies, in turn, have strongly denied these allegations, and have even formed a lobby group calling on governments to "limit surveillance to specific, known users for lawful purposes, and should not undertake bulk data collection of Internet communications."

While a start, that’s a far cry from the role companies could be playing. Tech companies also have the ability to harden their systems to make mass surveillance more difficult, and to roll out features that allow users to easily encrypt their communications so that they are so completely secure that even their service providers can’t read them. Perhaps most importantly, technology companies must categorically resist attempts to insert backdoors into their hardware or software.

There's also an important legal issue that can't be ignored. Tech companies are in a unique position to know about surveillance requests that are kept secret from the press and the public. These companies may have the best chance to fight back on behalf of their users in court (as Yahoo has done).

What’s more, tech companies literally spend millions of dollars to lobby for laws in Washington and enjoy incredible access to and influence over U.S. lawmakers. Often, companies spend that money trying to derail potential regulation. Instead, these companies could be heavily prioritizing positive surveillance reform bills.

So how do we get tech companies to start fighting surveillance in court, hardening their systems against surveillance, pushing back against the administration, and lobbying for real reform? We’re focused on transparency—uncovering everything we can about the degree to which big tech companies are actively helping the government—and public pressure. That means highlighting ways that companies are fighting surveillance and calling out companies that fail to stand up for user privacy.

It’s why we’re proud to support the Reset the Net campaign, designed to get companies big and small to take steps to protect user data. It's also why we're working to make what companies do and don't do in this area more visible. Campaigns like HTTPS Everywhere and our work on email transport encryption, as well as scorecards like Who Has Your Back are designed to poke and prod these companies to do more to protect all their users, and get them to publicly commit to steps that the public can objectively check.

We also need to cultivate a sense of responsibility on the part of all those who are building products to which the public entrusts its most sensitive and private data. The people who create our computing devices, network equipment, software environments, and so on, need to be very clear about their responsibility to the users who have chosen to trust them. They need to refuse to create backdoors and they need to fix any existing backdoors they become aware of. And they need to understand that they themselves, unfortunately, are going to be targets for governments that will try to penetrate, subvert, and coerce the technology world in order to expand their spying capabilities. They have a grave responsibility to users worldwide and we must use public pressure to ensure they live up to that responsibility.

2. Create a global movement that encourages user-side encryption

Getting tech giants to safeguard our digital lives and changing laws and policies might be slow going, but anybody could start using encryption in a matter of minutes. From encrypted chat to encrypted email, from secure web browsing to secure document transfers, encryption is a powerful way to make mass surveillance significantly more difficult.

However, encryption can be tricky, especially if you don’t have a team of engineers to walk you through it the way we do at EFF. With that in mind, we’ve created Surveillance Self Defense, an in-depth resource that explains encryption to folks who may want to safeguard their data but have little or no idea how to do it.

We’ve already translated the materials into Spanish and Arabic, and we’re working on even more translations.

We’ll continue to expand these materials and translate them into as many languages as possible, while also doing a public campaign to make sure as many people as possible read them.

Again, the more people worldwide understand the threat and the more they understand how to protect themselves—and just as importantly, what they should expect in the way of support from companies and governments—the more we can agitate for the changes we need online to fend off the dragnet collection of data.

3. Encourage the creation of secure communication tools that are easier to use

Many of the tools that are using security best practices are, frankly, hard to use for everyday people. The ones that are easiest to use often don’t adopt the security practices that make them resilient to surveillance.

We want to see this problem fixed so that people don’t have to trade usability for security. We’re rolling out a multi-stage Campaign for Secure and Usable Crypto, and we kicked it off with a Secure Messaging Scorecard. The Secure Messaging Scorecard is only looking at a few criteria for security, and the next phases of the project will home in on more challenging security and usability objectives.

The goal? Encouraging the development of new technologies that will be secure and easy for everyday people to use, while also pushing bigger companies to adopt security best practices.

4. Reform Executive Order 12333

Most people haven’t even heard of it, but Executive Order 12333 is the primary authority the NSA uses to engage in the surveillance of people outside the U.S. While Congress is considering much-needed reforms to the Patriot Act, there’s been almost no debate about Executive Order 12333.

This executive order was created by a stroke of the pen from President Ronald Reagan in 1981. President Obama could undo the worst parts of this executive order just as easily, by issuing a presidential order banning mass surveillance of people regardless of their nationality.

We’ve already launched the first phase of our campaign to reform Executive Order 12333.

5. Develop guiding legal principles around surveillance and privacy with the help of scholars and legal experts worldwide

The campaign got started well before the Snowden leaks began. It began with a rigorous policy document called the International Principles on the Application of Human Rights to Communications Surveillance, which features 13 guiding principles about limiting surveillance. Written by academics and legal experts from across the globe, the principles have now been endorsed by over 417 NGOs and 350,000 individuals worldwide, and have been the basis for a pro-privacy resolution successfully passed by the United Nations.

The 13 Principles, as they're also known, are also meant to work both locally and globally. By giving politicians and activists the context for why mass surveillance is a violation of established international human rights law, they make it clear that legalizing mass surveillance—a path promoted by the Five Eyes countries—is the wrong way forward. The 13 Principles are our way of making sure that the global norm for human rights in the context of communication surveillance isn't the warped viewpoint of NSA and its four closest allies, but that of 50 years of human rights standards showing mass surveillance to be unnecessary and disproportionate.

6. Cultivate partners worldwide who can champion surveillance reform on the local level, and offer them support and promotion

Katitza Rodriguez, EFF’s International Rights Director, is rarely in our San Francisco office. That’s because the majority of her time is spent traveling from country to country, meeting with advocacy groups on the ground throughout Latin America and parts of Europe to fight for surveillance law reform. Katitza and the rest of EFF’s international team assist these groups in working to build country-specific plans to end mass surveillance at home and abroad.

The goal is to engage activists and lawyers worldwide who can use the 13 Principles and the legal analyses we’ve prepared to support them at the national level to fight against the on-going trend of increased surveillance powers. For example, we teamed up with activists in Australia, Mexico, and Paraguay to help fight data retention mandates in those countries, including speaking in the Paraguayan National Congress.

EFF is especially focused on countries that are known to share intelligence data with the United States and on trying to understand the politics of surveillance behind those data sharing agreements and surveillance law proposals.

We’ve been sharing with and learning from groups across the world a range of different tactics, strategies, and legal methods that can be helpful in uncovering and combating unchecked surveillance. Our partners are starting to develop their own national surveillance law strategies, working out a localized version of the Who Has Your Back campaign, evaluating strategic litigation, and educating the general public of the danger of mass surveillance.

In certain locales, these battles are politically and socially difficult, in particular in places where a culture of fear has permeated the society. We’ve seen anti-surveillance advocates wrongly painted as allies of pedophiles or terrorists. In at least one of the countries we’re working in, anonymity is forbidden in its constitution. For some of our partners, promoting a rational debate about checking government power abuses can risk their very freedom, with activists facing jail time or even more serious consequences for speaking out.

Establishing a bottom-up counter-surveillance law movement—even if it's one based on common sense and the entire history of modern democracies—isn't easy. It’s a titanic task that needs the involvement of advocates around the world with different tactics and strategies that are complementary. This is why we’ve also been working to make connections between activists in different countries, with case studies like the Counter-Surveillance Success Stories, and highlighting individuals who are proud to stand up and say "I Fight Surveillance." We’re also teaming up with partners, such as Panoptykon Foundation, to share the strategies and tactics they used in Europe with local groups in Latin America and vice-versa. We're working closely with groups in the Middle East and North Africa, such as 7iber and SMEX, to track, report on, and coordinate responses to state surveillance in these regions.

All of this has helped inform the work we've done in venues like the United Nations, the Office of the High Commissioner on Human Rights, and the Inter-American Commission on Human Rights, where EFF and our allies are helping—with great success—the legal minds there wrap their heads around this new age of state violations of the right to privacy and free expression.

Meanwhile, back in Washington...

7. Stop NSA overreach through impact litigation and new U.S. laws

Executive Order 12333 may be the presidential command that sets the agenda for mass surveillance, but U.S. law also plays a huge role. The NSA claims (often wrongly) that certain U.S. laws allow surveillance of all Internet users, with almost zero oversight of its spying on non-U.S. persons. There's the FISA Amendments Act, which the NSA believes allows it to spy on groups of people instead of with directed warrants and scoop up all of the Internet traffic it can, and grants it carte blanche to target anyone overseas on the grounds that they are potentially relevant to America's "foreign interests." And then there's the Patriot Act, which has been loosely interpreted by the NSA to permit the dragnet surveillance of phone records.

EFF Legal Team

Fighting these laws is the bread and butter of our domestic legal team. Our lawsuits, like Jewel v. NSA, aim to demonstrate that warrantless surveillance is illegal and unconstitutional. Our grassroots advocacy is dedicated to showing American lawmakers exactly how U.S. law is broken, what must be done to fix it, and the powerful movement of people working for change.

You can read more details about American law in our addendum below, but here's the upshot: we have to fix the law if we're to stop these secret agencies spying on the world. And we have to make sure that no new tricks are being planned.

That means chipping away at the culture of secrecy that lies at the heart of this mess.

8. Bring transparency to surveillance laws and practices

One of the greatest challenges we face in attempting to end mass surveillance is that we don’t know what we don’t know. Thanks to whistleblower evidence, statements by certain public officials, and years of aggressive litigation under the Freedom of Information Act, we’ve confirmed that the NSA is engaged in mass surveillance of our communications and that it is primarily relying on three legal authorities to justify this surveillance.

But what if the NSA is relying on seven other legal authorities? What if there are other forms of surveillance we have not yet heard about? What if the NSA is partnering with other entities (different countries or different branches of the U.S. government) to collect data in ways we can’t imagine?

It’s extremely difficult to reform the world of surveillance when we don’t have a full picture of what the government is doing and how it’s legally justifying those actions.

With that in mind, we are working to fight for more transparency by:

• Working to reform the broken classification system, which keeps the government’s actions hidden from public oversight.

• Using Freedom of Information Act requests and lawsuits to gain access to government documents that detail surveillance practices (and their legal justifications).

• Helping allies, like Germany and Brazil, to put pressure on the United States to justify its surveillance practices.

• Educating people about the value of whistleblowers and the important role they play in combating secrecy. This includes advocacy for organizations and platforms like Wikileaks that defend and promote the work of whistleblowers. It also includes highlighting the important contributions provided by whistleblowers like Mark Klein, Bill Binney, Thomas Drake, Edward Snowden, and others.

Global Solutions for a Global Problem

Mass surveillance affects people worldwide, reaching everywhere that the Internet reaches (and many places that it doesn’t!). But laws and court systems are divvied up by jurisdictional lines that don’t make sense for the Internet today. This means we need a range of tactics that include impact litigation, technological solutions, and policy changes both in the United States and across the globe.

This game plan is designed to give you insight into how U.S. laws and policies affect people worldwide, and how we can work to protect people outside of America’s borders.

We're up against more than just a few elements in the American administration here. We're up against a growing despondency about digital privacy, and we're up against the desire of spooks, autocrats, and corporations jockeying for intelligence contracts in every nation, all of whom want to shore up these surveillance powers for themselves. But we work side-by-side with hundreds of other organizations around the world and thousands of supporters in nearly every country. We have the amazing power of technology to protect privacy, organize opposition, and speak up against such damning violations of human rights.

We’re continuing to refine our plan, but we wanted to help our friends understand our thinking so you can understand how each of our smaller campaigns fit into the ultimate objective: secure, private communications for people worldwide.

It's what we’re doing to fight surveillance. But what can you do?

You can join your local digital rights organization, of which there are now hundreds, in almost every nation (and if there isn't one in yours, ask us for advice on starting one). You can pressure companies to increase your protection against government espionage and support companies that make a stand. You can sign our petition about Executive Order 12333 and help spread the word to others. You can use encryption to protect yourself and raise the cost of mass surveillance, and you can teach your friends and colleagues to use it too. You can personally refuse to cooperate with surveillance and promote privacy protections inside institutions you're a part of. You can tell your friends and colleagues the real risks we are running and how we can turn this mess around.

And whether you're in the United States or not, you can support our plan by becoming a member of EFF.

Addendum: Laws & Presidential Orders We Need to Change

One of the best ways to end mass surveillance by the NSA is to change the United States law to make clear that warrantless surveillance is illegal. However, that’s a little challenging. The NSA is relying on a patchwork of different laws and executive orders to justify its surveillance powers.

Here are a few we know we need to change. Note that there are other parts of U.S. law that may need revision (including provisions such as the Pen Register Trap and Trace and National Security Letters), but this is where we're focusing our energies currently as the primary known authorities used to justify mass surveillance:

Section 215 of the Patriot Act, Known as the "Business Records" Section

What it does: The section of the law basically says that the government can compel the production of any "tangible things" that are “relevant" to an investigation.

Why you should care: The NSA relies on this authority to collect, in bulk, the phone records of millions of Americans. There are suggestions it's also being used to collect other types of records, like financial records or credit card records, in bulk as well.

How we can stop it: There are a few ways to fix Section 215. One way is to pass a reform bill, such as the USA FREEDOM Act, which would make clear that using Section 215 to conduct bulk collection is illegal. The USA FREEDOM Act failed to pass in the Senate in 2014, which means it would need to be reintroduced in 2015.

However, there’s an even easier way to defeat this provision of the law. This controversial section of the Patriot Act expires every few years and must be reauthorized by Congress. It’s up for renewal in June 2015, which means Congress must successfully reauthorize the section or it will cease to be a law. We’re going to be mounting a huge campaign to call on Congress not to reauthorize the bill.

We also have three legal cases challenging surveillance conducted under Section 215: Jewel v NSA, Smith v Obama, and First Unitarian Church of Los Angeles v. NSA.

Section 702 of the FISA Amendments Act

What it does: This section of law is designed to allow the NSA to conduct warrantless surveillance within the U.S. when the intended target is overseas.

Why you should care: The NSA relies on this law to support PRISM, which compels Internet service providers like Google, Apple, and Facebook to produce its users communications. The NSA's upstream surveillance—which includes tapping into fiber optic cables of AT&T and other telecommunications providers—also relies on this provision. Through these two surveillance options, the NSA "targets" subjects for surveillance. But even when the NSA is "targeting" specific foreign intelligence subjects overseas, they’re "incidentally" collecting communications on millions of people, including both Americans and innocent people abroad.

How we can stop it: Currently, there aren’t any reform bills that show promise. We’re working on educating the public and Congress about the Section 702 and the FISA Amendments Act. In 2017, this authority will be up for reauthorization. We’ll be planning a big campaign to demolish this invasive and oft-abused surveillance authority.

Executive Order 12333

What it does: Executive orders are legally binding orders given by the President of the United States which direct how government agencies should operate. Executive Order 12333 covers "most of what the NSA does" and is "the primary authority under which the country’s intelligence agencies conduct the majority of their operations."

Why you should care: Executive Order 12333 is the primary authority the NSA uses to conduct its surveillance operations—including mass surveillance programs—overseas. Reforming mass surveillance requires reforming the NSA's authority under EO 12333.

How we can stop it: Executive Order 12333 was created by a presidential order, and so a presidential order could undo all of this damage. That’s why we’re pressuring President Obama to issue a new executive order affirming the privacy rights of people worldwide and ending mass surveillance.

The Funding Hack

While passing a bill through Congress is extremely challenging, another (somewhat more controversial) method of ending this surveillance is through the budget system. Every year, Congress must approve the defense budget. This frequently becomes a contentious battle with numerous amendments introduced and debated. We may see an amendment that tackles some form of surveillance.
https://www.eff.org/deeplinks/2015/0...s-surveillance





EFF Wins Battle Over Secret Legal Opinions on Government Spying

Department of Justice to Release Analysis of Law Enforcement and Intelligence Agency Access to Census Records

The Electronic Frontier Foundation (EFF) has won its four-year Freedom of Information Act lawsuit over secret legal interpretations of a controversial section of the Patriot Act, including legal analysis of law enforcement and intelligence agency access to census records.

The U.S. Department of Justice today filed a motion to dismiss its appeal of a ruling over legal opinions about Section 215 of the Patriot Act, the controversial provision of law relied on by the NSA to collect the call records of millions of Americans. As a result of the dismissal, the Justice Department will be forced to release a previously undisclosed opinion from the Office of Legal Counsel (OLC) concerning access by law enforcement and intelligence agencies to census data under Section 215.

"The public trusts that information disclosed for the census won't wind up in the hands of law enforcement or intelligence agencies," Staff Attorney Mark Rumold said. "The public has a right to know what the Office of Legal Counsel's conclusions were on this topic, and we're happy to have vindicated that important right."

In October 2011—the 10th anniversary of the signing of USA Patriot Act—EFF sued the Justice Department to gain access to all "secret interpretations" of Section 215. At earlier stages in the litigation, the Justice Department had refused to publicly disclose even the number of documents that were at issue in the case, claiming the information was classified.

In June 2013, the lawsuit took a dramatic turn after The Guardian published an order from the Foreign Intelligence Surveillance Court authorizing the bulk collection of call records data of Verizon customers. That disclosure helped EFF secure the release of hundreds of pages of legal opinions, including multiple opinions of the Foreign Intelligence Surveillance Court excoriating the NSA for disregarding the court's orders.

However, the Justice Department continued to fight for secrecy for the legal opinion over access to census data under Section 215. Last August, a federal district court judge ordered the government to disclose the OLC opinion.

"The Justice Department has made a wise decision in dismissing the appeal," Rumold said. "We filed this suit nearly four years ago to inform the public about the way the government was using Section 215. We're well overdue to have a fully informed, public debate about this provision of law, and hopefully the disclosure of this opinion will help move the public debate forward."

Although the motion for dismissal was filed today, the government has not provided EFF with the opinion. After receiving the document, EFF will also make it available through its website.

For more information on the case visit: https://www.eff.org/foia/section-215-usa-patriot-act
https://www.eff.org/press/releases/e...ernment-spying





45 Percent Of Americans Think Online Privacy Is More Important Than National Security

As online trust remains at a three year low, US Internet users say more transparency from companies is key to reducing concern
Press release

The latest edition of the annual TRUSTe Consumer Confidence Index shows that online privacy is a hot button issue for Americans with 92 percent concerned about their privacy when using the internet and 42 percent are more concerned than a year ago. Most surprisingly, when presented with the statement 'Personal online privacy is not as important as national security', 45 percent disagreed. As online trust remains at a three year low, the business impact is significant with 77 percent moderating their online behavior over the last 12 months due to privacy concerns.

The top cause of concern is the possibility of companies sharing personal data with other companies (38 percent), ahead of online security threats such as the Heartbleed bug (36 percent) and Government surveillance through programs such as the NSA's PRISM (28 percent).

Among those who worry about their privacy, 37 percent said companies being more transparent about how they are collecting and using data and more active in enforcement of measures to protect privacy online were the best ways to lower their concerns. Last week, President Obama announced a package of measures in his State of the Union address to enhance consumers' security and improve privacy online; 27 percent say that Governments passing more legislation to protect their personal information online would help alleviate their concerns.

The TRUSTe 2015 US Consumer Confidence Privacy Index, is based on data from two online surveys conducted by Ipsos with around 1,000 US Internet users between November 28 and January 15. The research was commissioned by TRUSTe, the leading data privacy management company and released to coincide with Data Privacy Day #DPD2015. The full findings will be presented during the first exclusive Roundtable event of the TRUSTe Privacy Insight Series today in San Francisco CA. Comparable research was also conducted in Great Britain.

Chris Babel CEO, TRUSTe commented:

"With the highest number of data breaches on record in 2014, it is hardly surprising that the privacy and security of online data is a hot button issue for Americans and a growing concern. But with frequent terrorist threats reported on the news it is surprising that so many people consider their personal privacy more important than countering that threat.

"Governments tread a fine line between balancing national security and consumer privacy rights; for businesses the stakes are high too. In an increasingly interconnected world, lack of trust can limit growth and strangle innovation as companies are deprived of the data they need to drive sales.

"These findings show the scale of the impact as 3 out of 4 Americans who are concerned about their privacy have modified their online behavior in the last year meaning less data, fewer clicks and lost sales. The message is simple: don't wait for legislation or the next data breach – act now to get your privacy strategy in order and rebuild trust with your customers."

Detailed findings from 2015 US Consumer Confidence Privacy Research:

Overall, the research found that consumer online privacy concerns remain extremely high with 92 percent of American internet users worrying to some extent about their privacy online – the same percentage as in January 2014. 44 percent said they were frequently or always concerned and 42 percent agreed they were more concerned than one year ago.

When those who worry about their privacy online were asked what had contributed most to this feeling, 38 percent said companies sharing their personal information with other companies, while 36 percent were concerned about recent security threats such as the Heartbleed bug. 28 percent listed government surveillance programs such as the NSA's PRISM as a reason for their increased concern – a slight increase over the previous year.

In general, consumer trust remains low. Just over half of American Internet users (55 percent) agreed that they trust most companies with their personal information online. This is the same percentage as in 2014 having fallen from 57 percent in January 2013 and 59 percent in January 2012. The business impact of this is growing, as 91 percent say they avoid doing business with companies they do not believe protect their privacy.

Concern about online privacy has a negative impact on business. In the last 12 months, 77 percent of those who worry about their online privacy moderated their online activity due to their concerns:

• 57 percent have not clicked on an online ad
• 51 percent withheld some personal information they were asked for
• 35 percent have not downloaded an app/product
• 25 percent stopped an online transaction before completing it
• 9 percent deleted an online account

86 percent have taken active steps to protect their privacy in the last 12 months but around half (49 percent) say they still don't think they dedicate enough time to this. In the last year:

• 63 percent say that they have deleted cookies
• 44 percent have changed their privacy settings on their browser or social media sites
• 23 percent have read the privacy policy on a website or app
• 25 percent have turned off location tracking on their smartphone
• 10 percent have opted out of behavioral ads

Businesses can take steps to rebuild trust. Of those who worry about their privacy online, almost half (47 percent) say that providing clear procedures for removing personal information could improve the extent to which companies that handle personal data are trusted. 31 percent would like companies to ask for permission before using cookies and offer notice and ways to opt out of targeted ads. 30 percent would like information on how their personal information is used and easy opportunities to stop being contacted by third parties. 21 percent would like privacy policies to be written in language that is easy to understand.

The 2015 Privacy Insight Series Roundtable in San Francisco is just one of a number of events in which TRUSTe is participating, speaking or sponsoring in support of Data Privacy Day 2014 #DPD15. Data Privacy Day is an international day of awareness designed to educate people on privacy issues and how to safeguard personal information. TRUSTe has been named as a Data Privacy Day Champion by the National Cyber Security Alliance.

About TRUSTe

TRUSTe is the leading global Data Privacy Management (DPM) company and powers privacy compliance and trust by enabling businesses to safely collect and use customer data across their customer, employee, and vendor channels. Our SaaS-based DPM Platform gives users control over all phases of data privacy management from conducting assessments and implementing compliance controls to managing ongoing monitoring. Our DPM Services, including assessments and certifications, are delivered by an expert team of privacy professionals. Thousands of companies worldwide rely on TRUSTe to minimize compliance risk and protect their brand. http://www.truste.com

Research Methodology

The 2015 US Consumer Confidence Privacy Index research was conducted by Ipsos using an online survey among a representative sample of 1,000 adults aged 18-75 in the US between November 28 and December 5 2014. Among these, 904 were aware of activities related to data privacy, 861 were aware of activities that could be done to protect online privacy, while 978 said they ever worry about their privacy online.

Ipsos carried out an additional online survey among a representative quota sample of 993 adults age 18-75 in the US January 12-15. Survey data for both studies were weighted by age, gender, region and working status to known population proportions.

Comparison data for the US for the previous three years is drawn from research conducted online by Harris Interactive on behalf of TRUSTe from December 11-13, 2013 among 2,019 U.S. adults age 18 and older, from January 7-9, 2013 among 2,166 U.S. adults age 18 and older and from January 17-21, 2012 among 2,415 U.S. adults age 18 and older. These surveys can be accessed here and form part of TRUSTe's ongoing consumer privacy research program.
http://www.prnewswire.com/news-relea...300026808.html





Libreboot X200 Laptop Now FSF-Certified to Respect Your Freedom

The Free Software Foundation (FSF) today awarded Respects Your Freedom (RYF) certification to the Libreboot X200 laptop. The RYF certification mark means that the product meets the FSF's standards in regard to users' freedom, control over the product, and privacy.

This is the second Libreboot laptop from Gluglug (a project of Minifree, Ltd.) to achieve RYF certification, the first being the Libreboot X60 in December 2013. The Libreboot X200 offers many improvements over the Libreboot X60, including a faster CPU, faster graphics, 64-bit GNU/Linux support (on all models), support for more RAM, higher screen resolution, and more. The Libreboot X200 can be purchased from Gluglug at http://shop.gluglug.org.uk/product/libreboot-x200/.

The Libreboot X200 is a refurbished and updated laptop based on the Lenovo ThinkPad X200. In order to produce a laptop that achieved the Free Software Foundation's certification guidelines, the developers at Gluglug had to replace the low-level firmware as well as the operating system. Microsoft Windows was replaced with the FSF-endorsed Trisquel GNU/Linux operating system, which includes the GNOME 3 desktop environment. The free software boot system of Libreboot and the GNU GRUB 2 bootloader were adapted to replace the stock proprietary firmware, which included a BIOS, Intel's Management Engine system, and Intel's Active Management Technology (AMT) firmware.

The FSF has previously written about Intel's ME and AMT, calling attention to how this proprietary software introduces a fundamental security flaw -- a back door -- into a person's machine that allows a perpetrator to remotely access the computer over a network. It enables powering the computer on and off, configuring and upgrading the BIOS, wiping the hard drives, reinstalling the operating system, and more. While there is a BIOS option to ostensibly disable AMT, because the BIOS itself is proprietary, the user has no means to verify whether this is sufficient. The functionality provided by the ME/AMT could be a very useful security and recovery measure, but only if the user has control over the software and the ability to install modified versions of it.

"The ME and its extension, AMT, are serious security issues on modern Intel hardware and one of the main obstacles preventing most Intel based systems from being liberated by users. On most systems, it is extremely difficult to remove, and nearly impossible to replace. Libreboot X200 is the first system where it has actually been removed, permanently," said Gluglug Founder and CEO, Francis Rowe.

"This is a huge accomplishment, but unfortunately, it is not known if the work they have done to remove the ME and AMT from this device will be applicable to newer Intel-based laptops. It is incredibly frustrating to think that free software developers may have to invest even more time and energy into figuring out how to simply remove proprietary firmware without rendering the hardware nonfunctional. On top of that, the firmware in question poses a serious security threat to its users -- and the organizations who employ them. We call on Intel to work with us to enable removal of ME and AMT for users who don't want it on their machines," said FSF's executive director, John Sullivan.

In order to remove the ME, AMT, and other proprietary firmware from the laptop, the Libreboot developers had to first reverse engineer Intel's firmware. They then created a small software utility to produce a free firmware image that conforms to Intel's specifications. Finally, to install their firmware on the device, they used special hardware (an SPI flasher) that they directly connected to a small chip on the motherboard itself. After many months of work, the Libreboot developers managed to completely overwrite the proprietary firmware with Libreboot and GNU GRUB 2. Those who purchase a Libreboot X200 from Gluglug will receive a laptop that has had all of this work already done to it and will be able to update or install new firmware to their device without needing to make use of any special hardware or complicated procedures.

To learn more about the Respects Your Freedom hardware certification, including details on the certification of the Libreboot X200, visit http://www.fsf.org/ryf. Hardware sellers interested in applying for certification can consult http://www.fsf.org/resources/hw/endorsement/criteria.
https://www.fsf.org/news/libreboot-x...t-your-freedom





New Rules in China Upset Western Tech Companies
Paul Mozur

The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars’ worth of business in China.

The new rules, laid out in a 22-page document approved at the end of last year, are the first in a series of policies expected to be unveiled in the coming months that Beijing says are intended to strengthen cybersecurity in critical Chinese industries. As copies have spread in the past month, the regulations have heightened concern among foreign companies that the authorities are trying to force them out of one of the largest and fastest-growing markets.

In a letter sent Wednesday to a top-level Communist Party committee on cybersecurity, led by President Xi Jinping, foreign business groups objected to the new policies and complained that they amounted to protectionism.

The groups, which include the U.S. Chamber of Commerce, called for “urgent discussion and dialogue” about what they said was a “growing trend” toward policies that cite cybersecurity in requiring companies to use only technology products and services that are developed and controlled by Chinese companies.

The letter is the latest salvo in an intensifying tit-for-tat between China and the United States over online security and technology policy. While the United States has accused Chinese military personnel of hacking and stealing from American companies, China has pointed to recent disclosures of United States snooping in foreign countries as a reason to get rid of American technology as quickly as possible.

Although it is unclear to what extent the new rules result from security concerns, and to what extent they are cover for building up the Chinese tech industry, the Chinese regulations go far beyond measures taken by most other countries, lending some credibility to industry claims that they are protectionist. Beijing also has long used the Internet to keep tabs on its citizens and ensure the Communist Party’s hold on power.

Chinese companies must also follow the new regulations, though they will find it easier since for most, their core customers are in China.

China’s Internet filters have increasingly created a world with two Internets, a Chinese one and a global one. The new policies could further split the tech world, forcing hardware and software makers to sell either to China or the United States, or to create significantly different products for the two countries.

While the Obama administration will almost certainly complain that the new rules are protectionist in nature, the Chinese will be able to make a case that they differ only in degree from Washington’s own requirements.

The United States has made it virtually impossible for Huawei, a major Chinese maker of computer servers and cellphones, to sell its products in the United States, arguing that its equipment could have “back doors” for the Chinese government.

The documents released by Edward J. Snowden, the former National Security Agency contractor, revealed a major effort by the agency to enter Huawei’s systems, both to figure out who controls the company and to create back doors that the United States could exploit.

Recent calls by the director of the Federal Bureau of Investigation, James B. Comey, to assure that the United States has a key to decrypt information stored on iPhones and other devices will doubtless be used by the Chinese to argue that all governments need access to sensitive computer systems.

For multinationals, the Chinese market is simply too big to ignore. China is expected to spend $465 billion in 2015 on information and communications technology, according to the research firm IDC, which says the expansion of China’s tech market will account for 43 percent of worldwide tech sector growth.

Analysts said new Chinese policies like the bank rules and an antiterrorism law that is still in draft form would make doing business increasingly difficult in China for foreign hardware and software companies.

“I think they’re obviously targeting foreign vendors that are operating in China,” said Matthew Cheung, a researcher at the analytics firm Gartner. “They are promoting the local technologies so that local providers who have the capabilities to provide systems to these enterprises can get more market share.”

For instance, the bank rules say 75 percent of technology products used by Chinese institutions must be classified as “secure and controllable” by 2019.

Though analysts say “secure and controllable” — a phrase that peppers several new Chinese technology policies — may be open to interpretation, a chart attached to the banking regulations shows the troubles foreign companies could have in winning that classification for their products.

For most computing and networking equipment, the chart says, source code must be turned over to Chinese officials. But many foreign companies would be unwilling to disclose code because of concerns about intellectual property, security and, in some cases, United States export law.

The chart also calls for companies that want to sell to banks to set up research and development centers in China, obtain permits for workers servicing technology equipment and build “ports” to allow Chinese officials to manage and monitor data processed by their hardware.

The draft antiterrorism law pushes even further, calling for companies to store all data related to Chinese users on servers in China, create methods for monitoring content for terror threats and provide keys to encryption to public security authorities.

“Banking is the first industry where we are aware a black-and-white regulatory document was issued,” said Jeffrey Yao, a vice president for enterprise research at IDC. “In some other industries, if you talk to the customers, many of them get the pressure to adopt the local brands, but in most of the cases they are via internal communications from the top officers.”

Some of America’s largest tech companies could be hurt by the rules, including Apple, which is making a big push into the country. Apple has used new encryption methods in the iPhone 6 that are based on a complicated mathematical algorithm tied to a code unique to each phone. Apple says it has no access to the codes, but under the proposed antiterrorism law, it would be required to provide a key so that the Chinese government could decrypt data stored on iPhones.

A growing number of American technology executives have complained about new barriers to access to the Chinese market. John T. Chambers, the chief executive of the network equipment maker Cisco Systems, has raised the issue, as have executives at the chip maker Qualcomm. This week, Microsoft’s chief executive, Satya Nadella, said his company was working through “geopolitical issues” regarding China.

In the letter, the Western companies voiced concerns about a broader “cybersecurity review regime” under which the Chinese government would assess the “security and controllability” of hardware, software and technology services sold in China, through audits and other checks. More details about the checks will be sent in February to the Central Leading Group for Cyberspace Affairs, the committee led by the Chinese president, according to a recent report by Xinhua, the state-run news agency.

The committee, which was created after the disclosures by Mr. Snowden, is leading the charge in consolidating and streamlining online security efforts in China. Analysts said it had most likely presided over or given tacit support to the new policies.

The leadership committee is said to be also trying to wean the country from its reliance on foreign technology, a longstanding goal that has gained urgency after Mr. Snowden’s revelations.

Zuo Xiaodong, vice president of the China Information Security Research Institute, said the new policies and the broader push for indigenous innovation were not intended to eliminate foreign companies from the market.

“We’re under the yoke of others. If the others stop services, what do we do?” he said, noting that many Chinese companies and local governments had to scramble when Microsoft discontinued its support of Windows XP. “From a security perspective, that simply wasn’t acceptable. We’re breaking away from these types of circumstances."

Even if Beijing wants it to, the banking industry cannot immediately do away with all foreign hardware makers, Mr. Yao of IDC said. Banks purchase billions of dollars’ worth of hardware and software to manage transactions, and Chinese companies cannot yet produce some of the higher-end servers and mainframes they rely on.

Mr. Yao said 90 percent of high-end servers and mainframes in China were still produced by multinationals. Still, Chinese companies are catching up at the lower end.

“For all enterprise hardware, local brands represented 21.3 percent revenue share in 2010 in P.R.C. market and we expect in 2014 that number will reach 43.1 percent,” he said, using the abbreviation for the People’s Republic of China. “That’s a huge jump.”

David E. Sanger contributed reporting from Washington.
http://www.nytimes.com/2015/01/29/te...companies.html





China Further Tightens Grip on the Internet
Andrew Jacobs

Jing Yuechen, the founder of an Internet start-up here in the Chinese capital, has no interest in overthrowing the Communist Party. But these days she finds herself cursing the nation’s smothering cyberpolice as she tries — and fails — to browse photo-sharing websites like Flickr and struggles to stay in touch with the Facebook friends she has made during trips to France, India and Singapore.

Gmail has become almost impossible to use here, and in recent weeks the authorities have gummed up Astrill, the software Ms. Jing and countless others depended on to circumvent the Internet restrictions that Western security analysts refer to as the Great Firewall.

By interfering with Astrill and several other popular virtual private networks, or V.P.N.’s, the government has complicated the lives of Chinese astronomers seeking the latest scientific data from abroad, graphic designers shopping for clip art on Shutterstock and students submitting online applications to American universities.

“If it was legal to protest and throw rotten eggs on the street, I’d definitely be up for that,” Ms. Jing, 25, said.

China has long had some of the world’s most onerous Internet restrictions. But until now, the authorities had effectively tolerated the proliferation of V.P.N.’s as a lifeline for millions of people, from archaeologists to foreign investors, who rely heavily on less-fettered access to the Internet.

But earlier this week, after a number of V.P.N. companies, including StrongVPN and Golden Frog, complained that the Chinese government had disrupted their services with unprecedented sophistication, a senior official for the first time acknowledged its hand in the attacks and implicitly promised more of the same.

The move to disable some of the most widely used V.P.N.’s has provoked a torrent of outrage among video artists, entrepreneurs and professors who complain that in its quest for so-called “Internet sovereignty” — Beijing’s euphemism for online filtering — the Communist Party is stifling the innovation and productivity needed to revive the Chinese economy at a time of slowing growth.

“I need to stay tuned into the rest of the world,” said Henry Yang, 25, the international news editor of a state-owned media company who uses Facebook to follow American broadcasters. “I feel like we’re like frogs being slowly boiled in a pot.”

Multinational companies are also alarmed by the growing online constraints. Especially worrisome, they say, are new regulations that would force foreign technology and telecom companies to give the government “back doors” to their hardware and software and require them to store data within China.

Like their Chinese counterparts, Western business owners have been complaining about their inability to gain access to many Google services since the summer. A few weeks ago, China cut off the ability to receive Gmail on smartphones through third-party email services like Apple Mail or Microsoft Outlook.

The recent disabling of several widely used V.P.N.’s has made it difficult for company employees to use collaborative programs like Google Docs, although some people have found workarounds — for the time being.

“One unfortunate result of excessive control over email and Internet traffic is the slowing down of legitimate commerce, and that is not something in China’s best interest,” said James Zimmerman, chairman of the American Chamber of Commerce in China. “In order to attract and promote world-class commercial enterprises, the government needs to encourage the use of the Internet as a crucial medium for the sharing of information and ideas to promote economic growth and development.”

Chinese authorities have long had the ability to interfere with V.P.N.’s, but their interest in disrupting such programs has mounted alongside the government’s drive for so-called cyber sovereignty, especially since President Xi Jinping came to power two years ago. Lu Wei, the propaganda official Mr. Xi appointed as Internet czar, has been unapologetic in promoting the notion that China has the right to block a wide array of online content.

A co-founder of Greatfire.org, which tracks online censorship in China, suggested the government had decided that soaring V.P.N. use among ordinary Chinese warranted a more aggressive attack on such software.

“This is just a further, logical step,” said the co-founder, who requested anonymity to avoid government scrutiny. “The authorities are hellbent on establishing cyber sovereignty in China. If you look at what has taken place since last summer it is quite astounding.”

Government officials have denied any role in blocking Google and they have dismissed accusations that Chinese authorities were behind a “man-in-the-middle” attack on Outlook two weeks ago as well as other hacking incidents involving Yahoo and Apple.

But such claims have by and large fallen on deaf ears, especially given Beijing’s strident campaign against the “hostile foreign forces” it says are seeking to undermine the country through the Internet.

On Tuesday, however, a senior official at the Ministry of Industry and Information Technology acknowledged that the government was targeting V.P.N.’s to foster the “healthy development” of the nation’s Internet and he announced that such software was essentially illegal in China. “The country needs new methods to tackle new problems,” Wen Ku, a director at the ministry, said at a news conference, according to People’s Daily.

In recent weeks, a number of Chinese academics have gone online to express their frustrations, particularly over their inability to reach Google Scholar, a search engine that provides links to millions of scholarly papers from around the world.

“It’s like we’re living in the Middle Ages,” Zhang Qian, a naval historian, complained on the microblog service Sina Weibo.

In an essay that has been circulating on social media, one biologist described how the unending scramble to find ways around website blockages was sapping colleagues’ energy.

“It’s completely ridiculous,” he wrote of the wasted hours spent researching and downloading V.P.N. software that works. “For a nation that professes to respect science and wants to promote scientific learning, such barriers suggest little respect for the people actually engaged in science.”

It is not just scientists who have come to depend on an unabridged Internet for their work. Cheng Qingsong, a prominent film critic, complained that it was more and more difficult to stream foreign movies. Andrew Wang, a professor of translation at Beijing Language and Culture University, worried that his students would be unable carry out assignments that require them to watch English-language videos on YouTube, which has long been blocked here.

The vast majority of Chinese Internet users, especially those not fluent in English and other foreign languages, have little interest in vaulting the digital firewall. But those who require access to an unfiltered Internet are the very people Beijing has been counting on to transform the nation’s low-end manufacturing economy into one fueled by entrepreneurial innovation.

Illustrating such contradictions, the central government this week announced a series of programs that seek to lure more international business talent by easing visa requirements and through other incentives.

“We have to focus on the nation’s strategic goals and attract high-level talent to start innovative businesses in China,” said Zhang Jianguo, director of the State Administration of Foreign Experts Affairs, who bemoaned the nation’s shortage of scientists and technology entrepreneurs.

Those goals, however, will not be helped by the assaults on Internet access, critics say. Avery Goldstein, a professor of contemporary Chinese studies at the University of Pennsylvania, said the growing online constraints would not only dissuade expatriates from relocating here, but could also compel ambitious young Chinese studying abroad to look elsewhere for jobs.

“If they aren’t able to get the information to do their jobs, the best of the best might simply decide not to go home,” he said.

For those who have already returned to China and who crave membership in an increasingly globalized world, the prospect of making do with a circumscribed Internet is dispiriting. Coupled with the unrelenting air pollution and the crackdown on political dissent, a number of Chinese said the blocking of V.P.N.’s could push them over the edge.

“It’s as if we’re shutting down half our brains,” said Chin-Chin Wu, an artist who spent almost a decade in Paris and who promotes her work online. “I think that the day that information from the outside world becomes completely inaccessible in China, a lot of people will choose to leave.”

Chen Jiehao contributed research.
http://www.nytimes.com/2015/01/30/wo...et-access.html





The War on Leaks has Gone Way Too Far when Journalists' Emails are Under Surveillance

The US government’s demands for the private emails of WikiLeaks staffers is outrageous. Disliking Julian Assange is a disgraceful reason for anyone to stay silent
Trevor Timm

The outrageous legal attack on WikiLeaks and its staffers, who are exercising their First Amendment rights to publish classified information in the public interest—just like virtually every other major news organization in this country—is an attack on freedom of the press itself, and it’s shocking that more people aren’t raising their voices (and pens, and keyboards) in protest.

In the past four years, WikiLeaks has had their Twitter accounts secretly spied on, been forced to forfeit most of their funding after credit card companies unilaterally cut them off, had the FBI place an informant inside their news organization, watched their supporters hauled before a grand jury, and been the victim of the UK spy agency GCHQ hacking of their website and spying on their readers.

WikiLeaks demands answers after Google hands staff emails to US government

Now we’ve learned that, as The Guardian reported on Sunday, the Justice Department got a warrant in 2012 to seize the contents – plus the metadata on emails received, sent, drafted and deleted – of three WikiLeaks’ staffers personal Gmail accounts, which was inexplicably kept secret from them for almost two and a half years.

The warrant for WikiLeaks staffers’ email is likely connected to the grand jury the government convened in 2010 to investigate the WikiLeaks’ publication of leaked State Department cables, along with the Afghan and Iraq war logs. As The Guardian reports:

The warrants were issued by a federal judge in the Eastern District of Virginia – the same jurisdiction in which a grand jury was set up under the criminal investigation into WikiLeaks. The investigation was confirmed to be still active and ongoing as recently as May last year. [Emphasis mine.]

Most journalists and press freedom groups have been inexplicably quiet about the Justice Department’s treatment of WikiLeaks and its staffers ever since, despite the fact that there has been a (justified) backlash against the rest of the Justice Department’s attempt to subpoena reporters’ phone call records and spy on their emails. But almost all of the tactics used against WikiLeaks by the Justice Department in their war on leaks were also used against mainstream news organizations.

For example, after the Washington Post revealed in 2013 the Justice Department had gotten a warrant for the personal Gmail account of Fox News reporter James Rosen in 2010 without his knowledge by explicitly accusing him of being an espionage “co-conspirator” (for have the audacity to arrange to confidentially speak with a source), journalists and privacy advocates understandably reacted in shock and outrage.

WikiLeaks staffers faced virtually the same tactics: they had their Gmail seized by the government in secret, they didn’t find out for years after the fact (so they had no way to challenge it) and, according to WikiLeaks’ lawyers, the warrant specifically indicates the Justice Department is investigating WikiLeaks for “conspiracy to commit espionage.”

Former New York Times general counsel James Goodale wrote in 2011 how ridiculous and dangerous a charge like ‘conspiracy to commit espionage’ was, whether it was directed at WikiLeaks or the New York Times:

Charging Assange with “conspiracy to commit espionage” would set a precedent with a charge that more accurately could be characterized as “conspiracy to commit journalism.”

Unfortunately the news world has never rallied around WikiLeaks’ First Amendment rights they way they should – sometimes even refusing to acknowledge they are a journalism organization, perhaps because they dare to do things a little differently than the mainstream media, or because WikiLeaks tweets provocative political opinions, or because they think its founder, Julian Assange, is an unsympathetic figure.

Those are all disgraceful excuses to ignore the government’s overreach: the rights of news organizations everywhere are under just as much threat whether the government reads the private emails of staffers at WikiLeaks, Fox News or the Associated Press. In the eyes of the law, the organizations are virtually indistinguishable, as legal scholars from across the political spectrum have documented for years.

At the same time WikiLeaks’s legal troubles have been largely brushed off by the journalism world, the Justice Department has continued to treat them with contempt, ignoring their own guidelines for issuing search warrants and subpoenas to journalists publishing leaked materials and pressing ahead with all-out surveillance of a news publisher. Just imagine if the FBI placed a paid informant inside the New York Times: there would be protests on the steps of the Justice Department the next day.

Years after they first started publishing, the WikiLeaks State Department cables still remain critical to journalists all over the world (they featured prominently in the New York Times front-page obituary of King Abdullah of Saudi Arabia just this week, for instance). Yet the vast criminal investigation into WikiLeaks for publishing them at all has received scant condemnation, despite the clear dangers.

And, despite the ongoing legal pressure, WikiLeaks has continued to publish important documents in the public interest. In 2014, they published draft texts of the Trans-Pacific Partnership, a trade agreement that has been vigorously opposed by a variety of public interest groups because of the extreme secrecy around the treaty’s negotiations. And in December, they published a secret CIA study showing the negative effects of the US government’s policy of targeted killing in Afghanistan and other places.

The Justice Department in the past few months has commendably seemed to retreat, at least temporarily, from its much-maligned assault on journalism. They dropped their efforts to force New York Times reporter James Risen to reveal his sources at ex-CIA officer Jeffrey Sterling’s just-completed trial, and strengthened their media guidelines after negotiations with news organizations. Now would be a good time to officially drop its WikiLeaks investigation,too – since if WikiLeaks is prosecuted, the New York Times or the Guardian could be next, as they’ve all published classified information from WikiLeaks and Edward Snowden (and countless other sources) too .

It shouldn’t be the government’s job to decide who is enough of a journalist in their minds to qualify for the constitutional and legal protections that can and should be afforded to all of them – since it’s clear that, when they do, almost nobody qualifies, whether it’s James Risen, James Rosen or Julian Assange.

[Full disclosure: it’s very likely some of my emails were caught up in the Justice Department’s WikiLeaks dragnet, as the Freedom of the Press Foundation – the organization at which I work – was founded the same year as the warrant was issued. We were in close contact with WikiLeaks at that time, as we started crowd-funding donations for them after the payment processors extrajudicially blocked from 95% of their donation stream, despite them not being charged with a crime. They still haven’t been.]
http://www.theguardian.com/commentis...r-surveillance





AP's 'Robot Journalists' Are Writing Their Own Stories Now
Ross Miller

Minutes after Apple released its record-breaking quarterly earnings this week, the Associated Press published (by way of CNBC, Yahoo, and others) "Apple tops Street 1Q forecasts." It's a story without a byline, or rather, without a human byline — a financial story written and published by an automated system well-versed in the AP Style Guide. The AP implemented the system six months ago and now publishes 3,000 such stories every quarter — and that number is poised to grow.

Quarterly earnings are a necessity for business reporting — and it can be both monotonous and stressful, demanding a combination of accuracy and speed. That's one of the reasons why last summer the AP partnered with Automated Insights to begin automating quarterly earnings reports using their Wordsmith platform.

You wouldn't necessarily know it at first blush. Sure, maybe reading it in the context of this story it's apparent, but otherwise it feels like a pretty standard, if a tad dry, AP news item. The obvious tell doesn't come until the end of an article: "This story was generated by Automated Insights." According to AI's public relations manager James Kotecki, the Wordsmith platform generates millions of articles per week; other partners include Allstate, Comcast, and Yahoo, whose fantasy football reports are automated. Kotecki estimates the company's system can produce 2,000 articles per second if need be.

""I wouldn't expect a good journalist to not be skeptical.""

Philana Patterson, an assistant business editor at the AP tasked with implementing the system, tells us there was some skepticism from the staff at first. "I wouldn't expect a good journalist to not be skeptical," she said. Patterson tells us that when the program first began in July, every automated story had a human touch, with errors logged and sent to Automated Insights to make the necessary tweaks. Full automation began in October, when stories "went out to the wire without human intervention." Both the AP and Automated Insights tell us that no jobs have been lost due to the new service. We're also told the automated system is now logging in fewer errors than the human-produced equivalents from years past.

"Ten times as many reports every quarter — and no jobs cut"

Before this program was implemented, the AP estimates it was doing quarterly earnings coverage for about 300 companies. Now it automates 3,000 such reports each quarter. Of those, 120 will have an added human touch, either by updating the original story or doing a separate follow-up piece. One such company is Apple; as Patterson notes, that automated Apple story freed up reporter Brandon Bailey to focus on this angled, more nuanced report contextualizing the company's earnings along with quotes from Apple executives. Others include Google, Coca-Cola, and American Airlines. 180 more are monitored to see if a follow-up is needed.

Then there are ten companies that aren't automated at all due to the nuance of their reports — companies like Citigroup and Wells Fargo. Patterson says all these lists are re-evaluated and updated every quarter.

Since the partnership began, elements like business descriptions and forward-looking guidance has been added to the platform's skill list. The next step is expansion — more than 1,000 Canadian companies plus a few elsewhere around the world. Patterson also told us the AP is starting to look at other uses outside of earnings reports.

Robots should only be referred to by gender-neutral pronouns, no matter how sexy they may be.
— Fake AP Stylebook (@FakeAPStylebook) October 27, 2009

So no, computers are not taking journalists' jobs — not yet, at any rate. Instead, they're freeing up writers to think more critically about the bigger picture. "One of the things we really wanted reporters to be able to do was when earnings came out to not have to focus on the initial numbers," said Patterson. "That's the goal, to write smarter pieces and more interesting stories."
http://www.theverge.com/2015/1/29/79...cial-reporting





A Note on the Removal of Individual Notices in the Chilling Effects Database from General Search Engine Search Results
Chilling Effects Team

Recently, some people (including writers for Torrent Freak and Tech Dirt) noticed that the Chilling Effects website had disappeared from Google search results. This was entirely unintentional and was attributable to a mistake that occurred while we implemented a more limited removal of individual notice pages from search engine search results. Our intent was for the Chilling Effects home page, Search page, About page, and other informational pages to remain in search engine results. But, individual pages for takedown notices archived in the Chilling Effects database would not – for the time being, at least – show up in general search engine searches for terms that appear on those pages.

Searches conducted via some search engines – e.g., Bing, DuckDuckgo, and Ixquick – now simply omit individual notice pages from results, as intended. We are working to fix the issue with Google search results as quickly as possible.

The decision to de-index even the site’s notice pages is not a decision that the Chilling Effects team made lightly. We want to take this opportunity to explain the decision, clarify the record, and welcome further input from the broader research community as we think through the project’s next steps.

As frequent visitors to the Chilling Effects website are aware, the project serves as a searchable archive of requests for removal of various categories of information from online platforms, including search engines, media hosts, and social networking sites. Although copyright takedown notices (sent pursuant to the Digital Millennium Copyright Act, as embodied in Section 512 of the United States Copyright Act) form a large part of our corpus, the Chilling Effects database also incorporates a wide range of other types of removal requests. These include claims of trademark infringement, requests to remove links to allegedly defamatory content, notices seeking the removal of private or sensitive personal information, court orders, and notices originating from outside of the legal jurisdiction of the United States. We also see a number of requests that do not lend themselves to any easy categorization. Many of these non-DMCA notices are far more likely to have been sent by individuals than by corporate entities.

The sheer volume of notices received and archived by Chilling Effects has increased significantly over time. We now typically receive between two and three thousand notices per day.

Last fall saw the most significant overhaul of the Chilling Effects website’s user interface and backend infrastructure since the project began more than a decade ago. With the launch of the new website, we saw a significant uptick in public attention on the project and an increased presence of individual notice pages in search engines.

The project has always sought to consider the interests of all participants in the Internet's information ecosystem: those who post content online, hosts and other intermediaries, and those who request information removal, as well as readers and researchers seeing information about what materials have been removed and why. It is not our intention to stigmatize individuals or to make judgments on the removal requests in the Chilling Effects database, individually. Thus, we make good faith efforts to redact personally identifying information from notices, where that information is not critical to understanding the complaint and its provenance. Now, as ever, we seek to best allocate scarce resources to further the long-term goals of the effort, which have not changed.

Given increased public attention on the project, the wide variety of notices and types of claims that we catalog, and the sheer number of notices included in Chilling Effects’ database, we decided to take the interim step of de-indexing the site’s individual notice pages from search engines’ search results. Now that we have taken this step, we are hard at work building new tools and workflows that will allow us to better achieve the balance we are constantly seeking to strike between our dual missions of transparency and educating the public (on the one hand) and the strongly-felt concerns of those who send takedown notices (on the other).

To be clear:

• The decision to de-index individual notices was not an act of censorship, nor was it taken in response to any particular criticism of Chilling Effects by senders of takedown notices or otherwise. It was an entirely internal decision that the Chilling Effects team reached in an effort to manage scarce resources and balance competing interests. All of the same data is available on the Chilling Effects site as before.

• The Chilling Effects website itself continues to be accessible via search results from most major search engines and will (we hope) shortly appear in Google search results as well.

• A Google search results page that omits a particular result in response to a takedown notice still links directly to that notice, using the familiar language:

“In response to a complaint we received under the US Digital Millennium Copyright Act, we have removed 1 result(s) from this page. If you wish, you may read the DMCA complaint that caused the removal(s) at ChillingEffects.org.

• Google’s Transparency Report still links directly to Chilling Effects notices.

• All individual notices in the Chilling Effects database are still accessible via the Chilling Effects website.

• All individual notices in the Chilling Effects database remain fully searchable through the Chilling Effects search tool.

Again, the decision to de-list individual notices from search engine search results was a decision that Chilling Effects took very seriously, and it is not necessarily a permanent decision. We look forward to a continuing dialog with our users as we continue to enhance the Chilling Effects database and contribute to valuable research on the ecosystem of requests to remove web content. Researchers whose needs are not addressed by these measures should let us know how the database can serve them better.
https://www.chillingeffects.org/blog_entries/741





What the Cyber Language in the State of the Union Means to You
Patrick Tucker

On Tuesday night, President Barack Obama appeared before the American people and again acknowledged digital data theft and data destruction as one of the most important issues facing the nation. “No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, especially our kids. We are making sure our government integrates intelligence to combat cyber threats, just as we have done to combat terrorism. And tonight, I urge this Congress to finally pass the legislation we need to better meet the evolving threat of cyber-attacks, combat identity theft, and protect our children’s information.”

It was a rallying cry for greater “cyber security.” But according to many security experts, “security” and the specific cyber-security proposal the president unveiled last week could be a pretext for expanded, unchecked surveillance that may not actually make the nation safer. The ideas in the proposal face no strong political resistance especially since the information collection organism would not be the government itself but rather private companies reporting user information to the government.

The Post-Snowden Era

What prompted the inclusion of cyber security in the address? The president has been restrained in his discussions of what some consider to be the most significant cyber attack on a U.S. entity in recent memory, the Sony hack. (Sony Pictures is a sub unit of Sony America and is still ultimately part of the Sony parent company, which is Japanese.) Obama called the hack an act of “cyber vandalism” not tantamount to war.

But in the days leading up to the State of the Union address, the Obama administration released a cyber security proposal, which will be sent to Congress, that speaks directly to the Sony incident. The key component of the proposal is, indeed, “integration.” Specifically, it affords private companies liability protection to share information with the Homeland Security Department’s National Cybersecurity and Communications Integration Center.

The chief of the NSA’s Tailored Access Division Robert Joyce, has described the Sony hack as a key moment that will fundamentally change the way the United States deals with the murky threat posed by shadowy enemies with laptops. It was, in popular if clichéd Washington, D.C. parlance, “a game changer.” Joyce was not alone in that assessment.

“We had seen cyber attacks but we’ve never seen a nation-state…destroy data,” former Rep. Michael Rogers, R-Mich., told a group at the Bipartisan Policy Center in Washington, D.C. last week. It was that willful destruction of data, as opposed to simply theft, that elevated the Sony hack to an incident more urgent than any of the recent high profile attacks that had affected major corporations, which were aimed primarily at the theft of data for narrow, mercantile purposes.

Rogers, a seven-term congressman, has indicated he would be leaving the House for greener (sounding) pastures in radio. But during his tenure, where he served as the head of the House Intelligence Committee, he earned a reputation as one the National Security Agency’s most stalwart allies at the agency’s moment of greatest shame.

The bill that perhaps best characterized that reputation, H.R. 3523, the Cyber Intelligence Sharing and Protection Act, or CISPA, never actually became law, having stalled in the Senate after passing the House. It would have granted liability protections to corporations that would then be able to share that information with the government, specifically the Department of Homeland Security, DHS.

It was an idea that predates Rogers and CISPA—in 2008, the Bush White House put out National Security Presidential Directive – 54 that outlined the U.S. interest in information sharing in the name of cybersecurity. But it was Rogers who refined it and pushed to enshrine it in legislation.

CISPA would give companies the freedom to share user data with DHS where the info could then go to virtually any other law enforcement agency for use in any investigation related to crimes from drug trafficking to copyright infringement. It sent a clear message to some of America’s biggest companies: “We need you to do our spying for us.”

Privacy advocates argued that the bill’s language was too broad. It would allow every company from Google to Apple to Facebook to share information on their users with the government outside of the parameters of the Electronics Communications Privacy Act as well as the Wiretap Act.

In April 2012, the president vowed that if the bill made it to his desk, he would veto it: “Cybersecurity and privacy are not mutually exclusive. Moreover, information sharing, while an essential component of comprehensive legislation, is not alone enough to protect the Nation’s core critical infrastructure from cyber threats. Accordingly, the Administration strongly opposes H.R. 3523, the Cyber Intelligence Sharing and Protection Act, in its current form.”

Anonymous…Or Something Like It

Last week, Americans watched much of that resolve whither away. The proposal that the president rolled out shares a lot in common with CISPA with one exception, it purports to anonymize data. But the White House proposal would still allow for the sharing of user data with the government outside of privacy laws.

What sort of information does the new proposal promise to share, or rather integrate? In a call with reporters, a White House official said that the information would “primarily” not be content.

Shareable information does include anything that falls under the category of cyber threat indicator, which includes any data relating to “malicious reconnaissance, including communications that reasonably appear to be transmitted for the purpose of gathering technical information related to a cyber threat,” which could mean everything from attempting to access restricted files to—possibly—asking fairly routine questions about how a site runs or what a company does with user data.

“The White House proposal relies heavily on privacy guidelines that are currently unwritten. What these guidelines say and when they are applied will be critical to protecting Internet users. Privacy protections and use restrictions must be in effect before information sharing occurs,” Harley Geiger, the senior counsel for the Center for Democracy and Technology said in a press release following the announcement.

Other privacy advocates were quick to call the proposal unnecessary, as companies can already share information related to threats with the government (but within the parameters of the Privacy Act). More disturbing for many in the technology community was a provision in the legislation to amend RICO laws in a way that could charge hackers, computer scientists, or just curious users with felonies just for finding—or searching for—security errors in web sites or services.

Jeff Moss, the founder of the famous Black Hat and DEF CON conference, expressed such concern to Defense One. Every year Black Hat and DEF CON bring together thousands of hackers from around the world to showcase their research into cyber vulnerabilities. The events together comprise the one of the best forums to expose such vulnerabilities.

“I do worry about its chilling effects if enacted into law. Unless there is a carve out for research, the liability for clicking on links to security tools alone is worrying…even more so if RICO style laws are applied due to their broad nature and potential for abuse by aggressive prosecutors. We have had many decades to get used to prosecuting organized crime, but prosecuting technical computer crime is newer and harder to explain to juries. In that regard clear and easy to understand ‘red lines’ while more simplistic might be a better place to start,” said Moss.

In other words, the legislation could actually make the Internet less secure by criminalizing research into vulnerabilities.

Mark Jaycox, of the Electronic Frontier Foundation, concurred that provisions in the legislation may “chill the computer security research that is a central part of our best defense against computer crime.” Jaycox writes that the legislation could make you a felon for “sharing your HBO GO password.” He adds that “the expansion of the definition may impact researchers who commonly scan public websites to detect potential vulnerabilities. These researchers should not have to face a felony charge if a prosecutor thinks they should have known the site prohibited scanning.”

The single section that makes the White House proposal somewhat more palatable than CISPA is the provision demanding that user data “establish a process to anonymize and safeguard information.”

But anonymization may offer false reassurance. In fact, researchers have shown that anonymization is data is something of a joke. In a 2013 paper published in the Nature Scientific Reports, MIT researchers Yves-Alexandre de Montjoye and César A. Hidalgo, discuss an experiment where they took a random sample of 1.5 million cell users over 15 months and found that, when locational cell phone data is anonymized, just four data points—information created by the anonymous user—was enough to effectively reveal the users’ identity 95 percent of the time.

“I agree, 100 percent. The way the data comes in, there isn’t a whole lot of benefit. Why make a law that says anonymize it,” said Robert Twitchell, CEO of Dispersive Technologies.

One of the key benefits of sharing cyber information with other investigative bodies is affixing attribution, which permanent anonymization would undermine.

Moreover, the information that the public shares with DHS, if it is in fact related to some future cybersecurity event, would likely be shared with the NSA. According to the White House, that sharing, or integration, would be “as close to real time as possible.”

How do we know that the NSA would be one of—if not the—main recipient? Remember when the Federal Bureau of Investigation expressed a high degree of confidence that the attack could be attributed to North Korea? You could be forgiven for thinking that it was, in fact, the FBI that reached that conclusion. But according to recently revealed documents, the NSA did the work.

As David Sanger and Martin Fackler report in The New York Times, the NSA was accessing North Korean networks, communications and cyber operations for years prior to the Sony hack. That’s what allowed the United States to so quickly attribute the attacks to North Korea, though many still claim the U.S. is overlooking evidence of an inside job. But it wasn’t enough to allow them to actually stop the attack.

Not every law maker agrees that the Sony hack serves as justification for an information sharing bill, especially one that could put people’s privacy in danger. Rep. Zoe Lofgren, D-Calif., who represents parts of San Jose (Silicon Valley) told The Hill: “I fear we may have taken the wrong lesson from these recent high-profile attacks. These attacks were not the result of a missed opportunity to share information, but rather caused by substantial and obvious security failures and a culture of treating cyber security as an afterthought.”

At the Bipartisan Policy Center event, former Central Intelligence Agency director Michael Hayden bullishly predicted that some form of information sharing would pass this year. Both political and public concerns about privacy and overreaching agencies have given way to worries about lost data and remotely hijacked infrastructure. “We are entering the post-Snowden era,” he claimed.

Rogers himself was more cautious but he acknowledged that the involvement of the president in passing cyber-sharing legislation was a “significant change,” possibly enough to push something through.

Rep. Will Hurd, R-Texas, told Defense One that the president’s comments during the State of the Union suggest a softening on CISPA. “I‘m hoping that the president’s comments suggest he’s not going to veto CISPA. I think this is an area that the President and Congress can work together.” Hurd, a former CIA operative, is considered a rising star specifically on issues related to cyber security.

Hurd, however, has also expressed some hesitation about some of the more hawkish elements of the proposal. In discussing the potential changes in RICO law, he was dim on any proposal that might harm cyber security research. “We don’t want to limit that. I think Black Hat is a very helpful forum where you have all of this research, they’re looking at the cutting edge procedures in this space. It’s a great forum for understanding where it’s going on. This is one of those areas where reasonable people can be reasonable people.”

Following the event at the Bipartisan Policy Center, Rogers loitered for a bit to glad-hand friends and fans who wished him well in his new career. As he got on to an elevator, Defense One asked him if he felt at all validated that the president’s proposal so closely resembled Rogers’s bill, the one that the president had vowed to veto. Rogers looked off into the distance and smiled wistfully. “Success has many fathers,” he said as the doors closed in front of him.
http://www.defenseone.com/technology...ns-you/103425/





I Was Arrested for Learning a Foreign Language. Today, I Have Some Closure.
Nick George

Five years ago, the Philadelphia police thought that carrying Arabic-language flashcards was enough to warrant the arrest of an innocent traveler. A settlement reached today in a lawsuit I brought against the police department makes it clear that it is not.

Travelling by plane can be a long and grueling process under the best of circumstances. This makes it a good time for monotonous tasks, like trying to iron out some vocab for a language you're learning at college.

In August 2009, I was planning to fly through the Philadelphia airport to start my senior year at Pomona College in California. I was carrying a set of English-Arabic flashcards that I had put together for one of my classes, as well as a book critical of U.S. foreign policy (written by a former secretary of commerce under President Reagan– not exactly a radical treatise). It should go without saying that this is perfectly innocuous, First Amendment-protected activity.

Turns out, it doesn't.

At the metal detector at airport security, Transportation Security Administration agents asked me to empty my pockets. I took the set of flashcards from my pocket and handed them to the officers. After I cleared the metal detector, they asked me to step aside for additional screening. One of them started rifling through the cards, and another took the book out of my carry-on. The minutes ticked by, and I got more confused about why I was being detained and more concerned that I would miss my flight. One of them called a supervisor.

After a half-hour delay at the security line, the supervisor showed up, and things turned from annoying to surreal. After looking at the book and flashcards, the supervisor asked me: "Do you know who did 9/11?" Taken totally aback, I answered: "Osama Bin Laden." Then she asked me if I knew what language Osama Bin Laden spoke. "Arabic," I replied. "So do you see why these cards are suspicious?" she finished.

Imagine going from being in line at the airport to having a TSA supervisor imply you had some connection with the worst act of terrorism ever committed against your country – all over the course of a few minutes.

She was in mid-sentence talking to me when a Philadelphia police officer appeared behind me and ordered me to put my hands behind my back. He cuffed my hands, grabbed my arms, and, in full view of the rest of the passengers, walked me through the entire Philadelphia airport and into the police substation.

No one informed me of my rights, and no one would tell me why I was being not just searched but arrested by police, when I was in violation of no law. I had never been arrested, and no one knew I was there.

The police officer left me in a cell at the police station for several more hours. He did not uncuff my hands from behind my back. He did not tell me what I was being held for. He did not tell me how long I would be there. After about two hours I asked to go to the bathroom, and on the way back I again asked why I was being held. He answered me with the same attitude the TSA agent had shown me: "I dunno, what'd you do?"

It's that attitude that is so problematic. Even after searching my luggage without probable cause of a crime and finding nothing out of the ordinary, TSA agents and the police felt they had the authority to detain and then arrest me, purely on ignorant assumptions about a language spoken by 295 million people worldwide.

That's why this lawsuit is important: to make it clear that arbitrary arrests are illegal, even at the airport. In addition to some modest damages, the settlement we signed requires the Philadelphia Police Department to amend its policies to make this clear. As law enforcement officers, they will be periodically instructed that they have an independent duty to establish probable cause before arrest, and cannot simply clap in cuffs anyone the TSA calls suspicious.

Again, this seems like it should go without saying. Maybe now it will. I'm very grateful to the ACLU for helping me get here. And I hope the Philadelphia police have gotten the message.
https://www.aclu.org/blog/free-speec...ign-language-t





New Broadband Users Shun UK Porn Filters, Ofcom Finds
Joe Miller

The vast majority of new broadband customers in the UK are opting out of "child friendly" filters when prompted to install them by service providers.

The industry watchdog Ofcom found fewer than one in seven households installed the feature, which is offered by BT, Sky, TalkTalk and Virgin Media.

The filters block pornographic websites, as well as pages promoting self-harm or drug taking.

The default option was implemented at the behest of the UK government.

In July 2013, Prime Minister David Cameron announced the major UK internet service providers (ISPs) had agreed to offer "unavoidable choice" parental control filters, which block legal pornography and other adult subjects "by default".

New subscribers are offered the filter at the point of sign-up, and must actively choose to disable the parental control service.

However, the Ofcom report found users had overwhelmingly opted-out of the filter.

Of the four main ISPs, all of whom now offer a filter at the point of sign-up, TalkTalk was the only company to persuade more than 10% of people to subscribe.

The percentage of customers taking up the option for each service provider are as follows:

Virgin Media - 4%
BT - 5%
Sky - 8%
TalkTalk - 36%

All new subscribers to the ISPs were offered the "unavoidable choice" option, with the exception of Virgin Media, which only presented the feature to 35% of customers.

While BT and Sky launched filter services towards the end of 2013, TalkTalk's HomeSafe option has been in place since May 2011.

Virgin Media launched its filter, Web Safe, in February 2014, past the deadline set by the UK government.

Virgin shortfall

The report also found that around 65% of new Virgin Media customers were not being offered the choice of family-friendly network level filtering, "primarily as a result of actions taken by installation engineers".

"The majority of new Virgin Media installations involve an engineer visit. Virgin Media believes that in many cases the engineer runs the broadband activation process and bypasses or ignores the filtering choice," Ofcom said.

"It has recognised that this is a failure in process and indicated it is taking steps to address this gap."

Tom Mockridge, Virgin Media's chief executive, said: "Ofcom's report clearly highlighted where Virgin Media has fallen short in meeting our original commitments.

"We take our responsibility to help families stay safe online very seriously and have taken immediate action to improve how we meet our commitments to government."
http://www.bbc.co.uk/news/technology-28440067





Verizon’s Mobile ‘Supercookies’ Seen as Threat to Privacy
Natasha Singer and Brian X. Chen

For the last several months, cybersecurity experts have been warning Verizon Wireless that it was putting the privacy of its customers at risk. The computer codes the company uses to tag and follow its mobile subscribers around the web, they said, could make those consumers vulnerable to covert tracking and profiling.

It looks as if there was reason to worry.

This month Jonathan Mayer, a lawyer and computer science graduate student at Stanford University, reported on his blog that Turn, an advertising software company, was using Verizon’s unique customer codes to regenerate its own tracking tags after consumers had chosen to delete what is called a cookie — a little bit of code that can stick with your web browser after you have visited a site. In effect, Turn found a way to keep tracking visitors even after they tried to delete their digital footprints.

The episode shined a spotlight on a privacy issue that is particularly pronounced at Verizon. The company’s customer codes, called unique ID headers, have troubled some data security and privacy experts who say Verizon has introduced a persistent, hidden tracking mechanism into apps and browsers that third parties could easily exploit.

While Internet users can choose to delete their regular cookies, Verizon Wireless users cannot delete the company’s so-called supercookies.

“Verizon is not in a position to control how others use its header,” Mr. Mayer said. “There’s no doubt that this particular approach does introduce new privacy problems.”

Websites, digital advertising networks and online analytics services have for years placed bits of code in people’s browsers to follow their online activities and show them advertising tailored to their interests. Verizon uses its customer tags to put subscribers into advertising categories, among other things.

In a recent interview, Praveen Atreya, a Verizon technology director who helped develop the technology behind the mobile marketing program, said the company’s unique header was not intended for use by other companies to remember its subscribers or recover information about them.

Indeed, after a report on the practice by ProPublica, Turn announced it would suspend its use of Verizon’s ID codes to regenerate tracking cookies and reconsider its use of the technique.

“We feel this practice is legal,” Max Ochoa, Turn’s chief privacy officer, said in a phone interview. “But given people’s concerns, as soon as we get the new codes rolled out, we will suspend this practice.”

Telecommunications companies had long avoided selling information about their customers’ activities because a federal law classified them as “common carriers,” akin to public utilities; the category is subject to strict data-privacy rules.

But in 2007, the Federal Communications Commission decided that the privacy regulations governing telephone communications need not apply to the wireless Internet service provided by phone carriers.

Online behemoths like Facebook and Yahoo, along with consumer database marketers like Acxiom and BlueKai, already enabled advertisers to target narrow customer segments, like 30-something men who earn more than $200,000 and are in the market for luxury cars. But the F.C.C.’s ruling paved the way for wireless providers to do likewise.

Verizon is now at the forefront of telecommunications companies selling intelligence about their customers to advertisers. AT&T experimented last year with a similar ad-targeting program, which involved inserting a unique numeric code into a subscriber’s web requests. But after scrutiny in the news media, AT&T said it was halting its program, at least until it came up with a better approach.

The ad-targeting experiments by Verizon and AT&T are striking examples of the data-mining opportunities open to phone carriers now that they have become the nexus of the information universe, providing a connection to the Internet for people anywhere they go, at any time.

Verizon’s marketing efforts are part of a high-frequency digital ad trading system called real-time bidding, in which many kinds of players track and analyze users’ online activities to identify the characteristics of those who would be most receptive to certain ads.

A Verizon service called Relevant Mobile Advertising, for instance, combines details obtained from information resellers like Acxiom and Experian with the wireless carrier’s own data to classify its mobile subscribers by gender, income, interests or other criteria; the company allows its subscribers to opt out of receiving ads customized through this program.

Another service, called Verizon Selects — which consumers can opt in to in exchange for reward points — segments subscribers based on their web browsing and use of apps.

Verizon says its customer categorization programs offer an advantage to advertisers because the company has a direct relationship with subscribers and it can understand their general location based on the places from which they make calls or send texts. The services use a unique alphanumeric code for each subscriber, rather than real names or contact information, to group them into ad clusters. Mr. Atreya, the Verizon director, says the company changes these customer codes every few days.

“The intent was to provide a safe vehicle for us to be able to share information with our partners in the web ecosystem,” Mr. Atreya said.

Verizon uses these ID tags to sell intelligence about its subscribers. Turn, a Verizon customer that works on behalf of advertisers or their agencies, can sync its own alphanumeric tracking codes with those Verizon tags.

Advertisers place orders with Turn to show ads to a specific audience, such as young suburban mothers or surfers who live near beaches. When Turn’s system sees tags identifying users in those consumer clusters, it can place bids in electronic auctions to show those groups digital ads. Turn’s system sees one million such bid opportunities a minute.

“Verizon is one of many data partners,” said Paul Alfieri, Turn’s senior vice president for marketing. “It’s up to the advertisers to say, ‘We’re willing to pay for 10 data vendors to get that needle in a haystack,’ or ‘No data vendors.’ ”

The controversy over Verizon’s supercookie only worsened after Mr. Mayer at Stanford reported that Turn had been using the carrier’s customer codes for an additional purpose: to regenerate its own tracking cookies after users had deleted them.

Mr. Atreya said he had not been consulted.

“They did not talk to me. If they did, I would not have been satisfied,” Mr. Atreya said.

Verizon was still evaluating its ad-targeting system, he said. He added that the company was considering allowing its subscribers to opt out of being tagged with its undeletable customer codes.

Some leading data-privacy and security experts contend that Verizon’s use of unique and persistent customer ID tags makes its subscribers vulnerable to covert online tracking by third parties.

Harold Feld, a senior vice president at Public Knowledge, a nonprofit group that focuses on information policy, said Verizon’s use of supercookies highlighted the need for stronger privacy laws regulating wireless Internet services.

The practice has given ammunition to supporters of net neutrality — the idea that the Internet should be a level playing field for companies of all sizes — who have lobbied the F.C.C. to reclassify broadband providers as common carriers.

If that happens, it could prohibit carriers like Verizon from selling intelligence about its customers for ad-targeting purposes.

“Stuff like this is worse than what Google or Facebook or anyone else does,” Mr. Feld said. “I can avoid Google and Facebook, in theory at least. But if the network operator is going to spy on me, there is nothing I can do about it.”
http://www.nytimes.com/2015/01/26/te...o-privacy.html





Verizon Wireless to Allow Complete Opt Out of Mobile ‘Supercookies’
Brian X. Chen and Natasha Singer

Verizon Wireless, which has been under fire by privacy advocates since late last year, has decided to make a major revision to its mobile ad-targeting program. Users who do not want to be tracked with an identifier that Verizon uses for ad-targeting purposes will soon be able to completely opt out, the company said on Friday.

In the past, Verizon allowed users to opt out of the marketing side of the program, but they had no option to disable being tagged with its undeletable customer codes, which critics dubbed “supercookies.” Some security researchers quickly illustrated that third parties, like advertisers, could easily exploit Verizon’s persistent tracking to continually follow a user’s web browsing activities.

In a recent interview, Praveen Atreya, a Verizon director who helped develop the technology behind the mobile marketing program, said the company was considering allowing its subscribers to opt out of being tagged with its undeletable customer codes. On Friday, Verizon confirmed this decision.

Debi Lewis, a Verizon spokeswoman, issued this statement:

Verizon takes customer privacy seriously and it is a central consideration as we develop new products and services. As the mobile advertising ecosystem evolves, and our advertising business grows, delivering solutions with best-in-class privacy protections remains our focus.

We listen to our customers and provide them the ability to opt out of our advertising programs. We have begun working to expand the opt-out to include the identifier referred to as the UIDH, and expect that to be available soon. As a reminder, Verizon never shares customer information with third parties as part of our advertising programs.


The about-face from Verizon comes less than a day after four Democratic members of the Senate’s powerful Committee on Commerce, Science and Transportation sent a letter to Lowell C. McAdam, the chief executive of Verizon, criticizing the company’s data security and privacy practices and demanding an explanation.

“While Verizon allows customers to affirmatively prohibit the sharing of information collected by these supercookies, it does not allow customers to remove the supercookies altogether, doing nothing to stop third parties from exploiting their existence,” the senators wrote in the letter. “Because of the threats to consumer privacy, AT&T wisely discontinued the use of similar mobile trackers, while Verizon has chosen to carry on.”

Also this month, the Electronic Frontier Foundation, a digital rights group in San Francisco, started a consumer petition asking federal agencies to penalize Verizon and Turn, a digital marketing software company that works with Verizon, for failing to fully disclose their tracking practices to consumers. More than 2,000 people have since signed the petition.

“The telecom giant did not properly disclose the nature of the tracking header,” the text of the petition said. “They do not allow customers to opt-out of the tracking, and their current explanation of its use is deceptive at best.”

But even if Verizon now allows subscribers to opt-out of having their online activities tracked using a unique customer code, that option may not satisfy privacy advocates who say consumers are unlikely to understand the implications of default tracking. Some say Verizon should have the feature turned off by default and require people to voluntarily switch it on.

“What they really should be doing is opt-in,” said Nate Cardozo, a staff lawyer at the Electronic Frontier Foundation.

But whether Verizon ultimately gives its subscribers the choice to opt out or opt in, cyber-security experts say Verizon will still have to grapple with a basic issue: how to prevent third parties from hijacking its unique customer codes for their own purposes.
http://bits.blogs.nytimes.com/2015/0...-supercookies/





Decades Of Failed Promises From Verizon: It Promises Fiber To Get Tax Breaks... Then Never Delivers
Mike Masnick

A decade ago, we wrote about how Verizon had made an agreement in Pennsylvania in 1994 that it would wire up the state with fiber optic cables to every home in exchange for tax breaks equalling $2.1 billion. In exchange for such a massive tax break, Verizon promised that all homes and businesses would have access to 45Mbps symmetrical fiber by 2015. By 2004, the deal was that 50% of all homes were supposed to have that. In reality, 0% did, and some people started asking for their money back. That never happened, and it appeared that Verizon learned a valuable lesson: it can flat out lie to governments, promise 100% fiber coverage in exchange for subsidies, then not deliver, and no one will do a damn thing about it.

Because here we are about a decade later, and basically the same damn thing has happened in New York City. At least this time, Verizon actually had a fiber service to offer -- the well-known FiOS -- which it "promised" to cover 100% of NYC by 2014. Back when that was announced in 2008, Karl Bode at BroadbandReports correctly warned that you should take that promise with a large grain of salt, both because of Verizon's past failures to live up to promises, as well as the loopholes hidden in the agreement.

It looks like he was right on both accounts. As the account (linked above) at the Verge notes, the language actually is that Verizon just needs to "pass all households," which is interpreted loosely:

There were a lot of caveats in the contract, however. Verizon is only required to "pass all households," a vague term that means the fiber need to extend "to a point from which the building can be connected to the network." Verizon is not obligated to make that connection, however. As a result, the company is now claiming around 75 percent accessibility, even though the number of New Yorkers who can actually sign up for FiOS is probably much lower. A study by public advocate Bill de Blasio concluded that just 51 percent of households in New York have fiber access. The city and Verizon dispute these figures.

Verizon is blaming landlords, but as the Verge points out, when someone made a big stink on the radio recently about the lack of FiOS in his apartment, Verizon contacted him the very next day, and had service at his apartment within 3 weeks. The simple fact is that Verizon has been trying its damnest to get out of the wired business altogether. Back when Ivan Seidenberg was in charge, he made a giant bet on fiber, which is why Verizon became such a national leader in broadband with FiOS -- a service that people really seem to love. However, Wall Street has always hated it, because it's capital intensive, and Wall St. recognizes that without any real competition in the broadband space, Verizon can avoid investing in such infrastructure upgrades, and just swim in larger profits while America's broadband infrastructure suffers and falls further and further behind other countries. Once Seidenberg left, the beancounters quickly took over and looked for ways to stop all that investment. Why invest in the future if there are no competitors to push you to do so?

The fact that Verizon had made this big deal with NYC? Well, Verizon knows it doesn't need to care because it doesn't appear that the NYC government cares at all. The most telling part of the article at the Verge is this tidbit:

The city seems satisfied with how Verizon has held up its end of the bargain. When asked whether Verizon had met its contract obligations, the mayor’s office first asked The Verge what Verizon had said, then referred us to DOITT [the Department of Information Technology and Telecommunications], which actually has the contract. DOITT referred us to the mayor’s office. When told that the mayor wasn’t commenting, DOITT suggested we speak with Verizon. When pressed, a spokesperson said, "We just don’t have anything to add here."

Nice work, Verizon: you've fleeced yet another place.
https://www.techdirt.com/articles/20...delivers.shtml





The FCC has Changed the Definition of Broadband

The minimum broadband download speeds now begin at 25Mbps, up from 4Mbps
Micah Singleton

As part of its 2015 Broadband Progress Report, the Federal Communications Commission has voted to change the definition of broadband by raising the minimum download speeds needed from 4Mbps to 25Mbps, and the minimum upload speed from 1Mbps to 3Mbps, which effectively triples the number of US households without broadband access. Currently, 6.3 percent of US households don’t have access to broadband under the previous 4Mpbs/1Mbps threshold, while another 13.1 percent don't have access to broadband under the new 25Mbps downstream threshold.

FCC Commissioner Tom Wheeler was vehement in his support for the new broadband standard. "When 80 percent of Americans can access 25-3, that's a standard. We have a problem that 20 percent can't. We have a responsibility to that 20 percent," Commissioner Wheeler said.

"We are never satisfied with the status quo. We want better. We continue to push the limit, and that is notable when it comes to technology," FCC Commissioner Mignon Clyburn said. "As consumers adopt and demand more from their platforms and devices, the need for broadband will increase, requiring robust networks to be in place in order to keep up. What is crystal clear to me is that the broadband speeds of yesteryear are woefully inadequate today and beyond."

FCC Commissioner Jessica Rosenworcel wants to increase the minimum broadband standards far past the new 25Mbps download threshold, up to 100Mbps. "We invented the internet. We can do audacious things if we set big goals, and I think our new threshold, frankly, should be 100Mbps. I think anything short of that shortchanges our children, our future, and our new digital economy," Commissioner Rosenworcel said.

Taking his argument against changing the broadband standard into deep space, FCC Commissioner Michael O'Rielly said "the report notes that 4K TV requires 25Mbps, but 4K TV is still relatively new and is not expected to be widely adopted for years to come. While the statute directs us to look at advanced capability, this stretches the concept to an untenable extreme. Some people, for example, believe probably incorrectly that we are on a path to interplanetary teleportation. Should we include the estimated bandwidth for that as well?"

Changing the national broadband standards to 25Mbps down and 3Mbps up is a bold move for the FCC, which has faced opposition from cable providers which are staunchly against this measure, as it essentially removed DSL services from the broadband discussion. While cable and fiber optic services can easily meet the new standards, DSL — which is delivered over telephone lines — generally never reach the new download threshold.

"Current DSL offerings won't be considered broadband under new rules"

Companies like AT&T and Verizon, which employ DSL services to a notable number of their users — 4 million of AT&T’s 16 million broadband subscribers and 2.6 million of Verizon’s 9.2 million subscribers have DSL. AT&T’s fastest DSL offerings only reach 6Mbps down, while Verizon’s DSL speeds top out at 15Mbps, and that won’t be increasing, at least on Verizon’s end. Speaking to Ars Technica, a Verizon spokesperson said "we currently do not have any plans to enhance that." As you would expect, cable companies weren’t too happy about the new rule.

In a letter sent to the FCC last week, the National Cable & Telecommunications Association (NCTA) made known its objections to any changes to current broadband standards, stating that examples used by supporters of raising the broadband standards "dramatically exaggerate the amount of bandwidth needed by the typical broadband user." Netflix is one of those supporters pushing for a higher broadband standards, as faster broadband speeds are needed to stream its 4K content, and will increase its potential for more subscribers. But right now, Netflix’s interests and the public’s interests are aligned — everyone wants faster broadband internet except for the people who have to provide the service.

The NCTA told the FCC that 25Mbps down isn't needed for 4K streaming — the number Netflix recommends for anyone streaming its Ultra HD content — and that users aren't even interested in higher quality content yet. "Netflix, for instance, bases its call for a 25 Mbps download threshold on what it believes consumers need for streaming 4K and Ultra HD video content — despite the fact that only a tiny fraction of consumers use their broadband connections in this manner," the NCTA said. "...The consensus among others in the industry that 25 Mbps is significantly more bandwidth than is needed for 4K streaming."

While you may not need a minimum download speed of 25Mbps to stream 4K content, it wouldn't hurt, and standing pat with subpar US broadband capabilities just isn't a viable option at this point. With the US currently ranked 25th in the world in broadband speeds, the FCC's decision will force cable providers to step up speeds for everyone, something that probably would have happened with even a little competition in the broadband market.
http://www.theverge.com/2015/1/29/79...oadband-25mbps





Exclusive: Politicians are Supporting Comcast's TWC Merger With Letters Ghostwritten by Comcast

Documents reveal the cozy relationship between lobbyists, officials, and the FCC
Spencer Woodman

On August 21st, 2014, Mayor Jere Wood of Roswell, Georgia, sent a letter to the Federal Communications Commission expressing emphatic support for Comcast’s controversial effort to merge with Time Warner Cable. Not only did the mayor’s letter express personal excitement for the gargantuan deal — which critics say will create a monopoly that will harm millions of consumers — but it also claimed that the entire town of Roswell adored Comcast. "When Comcast makes a promise to act, it is comforting to know that they will always follow through," Wood's letter explained. "This is the type of attitude that makes Roswell proud to be involved with such a company," the letter asserts, "our residents are happy with the services it has provided and continues to provide each day.”

Yet Wood’s letter made one key omission: Neither Wood nor anyone representing Roswell’s residents wrote his letter to the FCC. Instead, a vice president of external affairs at Comcast authored the missive word for word in Mayor Wood's voice. According to email correspondence obtained through a public records request, the Republican mayor’s office apparently added one sign-off sentence and his signature to the corporate PR document, then sent it to federal regulators on the official letterhead of Roswell, Georgia.

The letter was part of what Comcast called an "outpouring of thoughtful and positive comments" in support of the proposed mega-merger, which is now entering the final stages of federal review. Comcast asserted that the numerous letters sent by local officials expressing support for the merger displayed its broad grassroots backing. "We are especially gratified for the support of mayors and other local officials," Comcast boasted in an August 25th release, "underscoring the powerful benefits of this transaction for their cities, constituents, and customers."

Yet email records obtained by The Verge indicate that these letters are far from grassroots.

For instance, a letter sent to the FCC by a town councilman from the small community of Jupiter, Florida, was in fact largely orchestrated by some of the biggest players in corporate telecom. Not only do records show that a Comcast official sent the councilman the exact wording of the letter he would submit to the FCC, but also that finishing touches were put on the letter by a former FCC official named Rosemary Harold, who is now a partner at one of the nation’s foremost telecom law firms in Washington, DC. Comcast has enlisted Harold to help persuade her former agency to approve the proposed merger.

Working through a contact at the local chamber of commerce, Comcast furnished Roswell Mayor Jere Wood with a draft of his letter to the FCC. After adding one sign-off sentence and his signature, Wood submitted the letter to federal regulators. "Your are the best," the local chamber of commerce representative replies after Wood’s assistant notifies him that the letter has made it to the FCC.

More prominent officials with histories of receiving campaign money from Comcast — like Oregon's Democratic Secretary of State Kate Brown — also recently sent personal letters to the FCC supporting the merger.

Records obtained by The Verge show that Secretary of State Brown's letter to the agency was almost wholly written by a Comcast Government Affairs specialist. After a conversation with Brown’s staff, the Comcast official sent Brown a letter he had prewritten for her that even included her typed sign-off, name, and title. Brown’s office sent the Comcast document — containing just three sentences with new or altered language — to the FCC emblazoned with the official seal of the State of Oregon.

Since 2008, Comcast has contributed nearly $10,000 to Brown's two campaigns for secretary of state. Neither Comcast nor the state of Oregon made any attempt tell the public of the corporation’s role in authoring Brown’s letter. Brown’s communications director told The Verge that Brown was too busy to be interviewed. (Neither Wood nor Todd Wodraska, the councilman from Jupiter, Florida, accepted requests to speak to The Verge about the letters they sent the FCC. Rosemary Harold did not respond to multiple interview requests.)

On the evening of the FCC’s filing deadline, a Comcast Government Affairs director sent a draft of a letter to a city councilman in Jupiter, Florida, written in his voice. After the councilman requested the letter in PDF form, the Comcast employee sent the draft —identical to the first version — to former FCC official and telecom attorney Rosemary Harold, who polished it. Later that evening, when notified of the letter's successful filing, a Comcast vice president of Government and Regulatory Affairs & Community Investment emailed the councilman: "Thanks! Please pardon any spelling errors, I am all thumbs!"

Although Comcast is well-known for having one of corporate America’s most sophisticated armies of lobbyists, the records obtained by The Verge shed new light on just how intimate of a role these actors play in shaping what the public — and federal regulators — hear about the company from supportive government officials. A portion of Brown’s letter that was written by Comcast even provides the FCC with a case study on the company’s charitable activity at a local Portland high school. "We are proud of Roosevelt High School, which leads the way in promoting digital literacy," the letter reads. "Since 2012, every student has been assigned an iPad, and the school has been a trailblazer for instant online access to curriculums and educational tools." In the case of the Jupiter letter, the DC telecom attorney seems to have added the councilman's typed signature.

Many of the letters sent to the FCC by state and local officials bear striking resemblance to those of Brown, Wodraska, and Wood. The letters are often quick to point to Comcast’s spending on local infrastructure and its record of philanthropy. Chicago's Mayor Rahm Emanuel and the governors of Pennsylvania, North Carolina, Hawaii, Colorado, Maryland, and Vermont all wrote letters to the FCC regarding the merger that cite both Comcast’s Internet Essentials program — which discounts internet services to low-income customers — and past or future local investments by the company.

Critics say Comcast’s charitable giving itself has been used to buy public support. Last year, The New York Times, in partnership with the Center for Public Integrity, reported that many of the civic groups and business associations that had written letters supporting Comcast’s position to the FCC during its last major merger deal had also received money from Comcast’s charitable foundation. According to The Center for Responsive Politics, Comcast has enrolled the help of well over a hundred registered lobbyists as of last year, including former Democratic US Representative Blanche Lincoln.

After a conversation with Oregon Secretary of State Kate Brown, a Comcast Government Affairs official sent Brown a draft of her letter supporting the merger. After making changes to three sentences of Comcast's language, Brown’s staff sent the letter to the FCC.

Former FCC Chairman Michael Copps says that, although he could often distinguish between genuine and manufactured comments sent to the agency, letters sent by local and state officials carry weight. "When a mayor of a town or a town councilman or a legislator writes in — we look at that, and if someone is of a mind already to approve something like this they might say: ‘ah-ha, see!’" says Copps, who is now an advisor at Common Cause and opposes the merger. "These letters can be consequential, there’s no question about that."

In response to a list of questions from The Verge, Comcast emphasized that it did not have final say in the substance of the letters. "We reached out to policy makers, community leaders, business groups and others across the country to detail the public interest benefits of our transaction with Time Warner Cable," Sena Fitzmaurice, a Comcast spokesperson, said in an email. "When such leaders indicate they’d like to support our transaction in public filings, we’ve provided them with information on the transaction. All filings are ultimately decided upon by the filers, not Comcast."

If the FCC follows the recommendations of the letters and approves the merger, American consumers could see big changes to their broadband and cable TV services. Critics argue that the merger would give Comcast a dangerous grip on an estimated 50 percent of the United States’ high-speed broadband market, which already lacks the sort of fierce market competition that helps drive down prices and ensure quality service. The merger would hand Comcast a level of market power, according to critics, that would allow the company to jack up already-rising cable prices while making it a gatekeeper over which movies, news, and music Americans can access. Last month, a coalition of industry groups intensified opposition to the merger for fear that it will give Comcast too much leverage over things like programming choices and local advertising. And earlier this month, a conservative political action committee joined the anti-merger movement, which had hitherto been associated with more progressive-leaning figures like Senator Al Franken (D-MN).

Comcast argues that the merger will provide a greater economy of scale for it to reduce its costs and intensify its infrastructure investments in things like faster connections. One letter, signed by more than 50 mayors and largely orchestrated by Michael Nutter, the mayor of Comcast’s hometown of Philadelphia, argues the merger poses no threat to telecom competition because Comcast and Time Warner do not already compete in US cable markets. The letter also contends that the merger will in fact improve the telecom market by creating "a larger competitor in the marketplace that should bring new choices to our citizens."

For the FCC to green-light the merger, Comcast must prove that the deal would serve the public interest — no doubt a key driver of Comcast’s focus on appearing to have support from public officials. Critics say that, despite all the letters and lobbying, Comcast has yet to provide convincing evidence for this basic standard of approval.

"I think they have failed to meet their burden of persuasion that this will make life better for the average American consumer," says Tim Wu, a law professor at Columbia University who has written extensively about the telecom industry. "What does the average American consumer care about? They care about prices being too high. Comcast could have said this merger will lower prices and committed itself to lower prices but it has made no sign that it will do this."

Wu, who reviewed the documents obtained by The Verge, said that the new information "confirms the impression that evidence that the merger is in the ‘public interest’ is simply being manufactured."

"It’s sort of become an amusement park where the fake stuff outnumbers the real stuff," Wu says. "The fact is a lot of telecom issues are pretty obscure, they often don’t get the public very excited. So what do you do? You buy it."
http://www.theverge.com/2015/1/26/78...s-ghostwritten





The Net Neutrality Debate Also Affects SMS
Nic Denholm

Editor’s note: Nic Denholm is a content consultant for SMS marketing platform FireText.

Net neutrality was one of last year’s biggest tech stories. The one that went mainstream after John Oliver poked fun at it and beseeched his viewers to flood the FCC’s comments page with tirades against a two-tiered Internet (which caused the site to crash).

So far, the main focus of the debate has been whether ISPs should be allowed to discriminate between the various data they deliver. The main opponents of a tiered Internet are companies like Netflix and YouTube, which deliver high volumes of rich content to their audience and don’t want to have to start charging customers more (in the case of the former) or upping their advertising (in the case of the latter).

Unsurprisingly, audiences are on their side, leaving the broadband providers and a few libertarian politicians in the opposing corner fighting what should be a losing battle. I say “should” because even overwhelming public opposition was not enough to prevent a D.C. Court of Appeals overturning a previous ruling requiring ISPs to treat all traffic equally.

Despite the attention, huge swathes of the American population still have no clue what “net neutrality” refers to. According to a recent Pew poll, some 40 percent of Americans either don’t understand the concept or they’ve flat out never heard of it.

Even fewer understand the relationship between net neutrality and SMS. HeyWire Business, a Cambridge, Mass., tech firm that provides text message services to businesses, learned of that relationship the hard way. Until April 3 of last year, HeyWire was merrily going about their business, giving businesses a way to receive text messages via toll-free 800 numbers. Then everything stopped. No error messages, no warning – just thousands of errant texts failing to reach their destination.

The company contacted Verizon, which informed them of a new set of fees and regulations to adhere to if they were to continue expecting delivery of text messages. HeyWire claim Verizon has unfair control over how they operate – something they view as a breach of net neutrality.

At this point, those 125 million Americans with no interest in net neutrality aren’t getting any more interested. It’s complicated. Complications are boring. With that in mind, here’s a brief explanation as to why SMS and broadband provision are lumped in together by carriers:

Basically, mobile services are divided into two distinct elements: voice and Internet. The voice element is protected under the Communications Act of 1934. Internet-based services are not. For the purposes of prizing more money out of users, service providers have decided to stick SMS messaging under the Internet banner. Because they can.

Carriers essentially have the right to deliver text messages as they see fit, at whatever price they can get away with. That means they can not only charge extortionate premiums, but also police content to decide what people see. This is worrying for neutrality campaigners.

The FCC is currently considering net neutrality regulations for home and business broadband. Democrats are pushing a bill to ban paid prioritization allowing preferential treatment for premium payers. A vote is set for Feb 26. Advocates of a fair, open Internet are hoping for an outcome that will prevent the big carriers from running roughshod over their customers.

In light of the experiences of HeyWire and other companies, SMS messaging should be added to the cause.
http://techcrunch.com/2015/01/25/the...o-affects-sms/





Cablevision to Launch WiFi Phone Service for Data-Hungry Users
Malathi Nayak

Cablevision System Corp said on Monday it would launch in February a wireless Internet phone service to give users an alternative to pricier data plans from cellular companies such as AT&T and Verizon.

The "Freewheel" phone service, which runs on any WiFi connection, is an attempt by Cablevision to retain and potentially add subscribers at a time when cable companies are losing out to lower-priced, bundled TV and Internet services from telecom firms.

Cablevision said the phone service was the first of its kind to be launched by a cable company and aims to tap users seeking to download unlimited amounts of data on their mobile phones using WiFi, which is less expensive than a cellular connection.

Such services could pose a challenge to traditional telecom carriers. Currently, carrier Republic Wireless and Massachusetts-based startup Scratch Wireless offer users similar services that use WiFi to control data costs.

"There has been a dramatic shift in how consumers use their mobile devices: today, it's all about data, and WiFi is now preferred and clearly superior to cellular," Kristin Dolan, chief operating officer of Cablevision, said in the statement.

Cablevision, controlled by New York's Dolan family, has been investing in its "Optimum" WiFi network since 2007, setting up over 1.1 million WiFi hotspots or access points in New York, New Jersey and Connecticut.

Cablevision's WiFi phone service will be offered at $29.95 per month and $9.95 per month for subscribers of its "Optimum Online" service. It will be available exclusively on the Motorola Moto G smartphone that users will have to purchase, the company said.

The $180 Android phone will be sold to "Freewheel" users without a contract at a discounted price of $99.95, it added.

(Reporting by Malathi Nayak)
http://www.reuters.com/article/2015/...0KZ09O20150126





FCC Calls Blocking of Personal Wi-Fi Hotspots "Disturbing Trend"

Vows that no more Marriott-like Wi-Fi blocking schemes will be tolerated
Bob Brown

The FCC on Tuesday warned that it will no longer tolerate hotels, convention centers or others intentionally interfering with personal Wi-Fi hotspots.

This issue grabbed headlines last fall when Marriott International was fined $600K for blocking customer Wi-Fi hotspots, presumably to encourage the guests to pay for pricey Internet access from the hotel.

Marriott later asked the FCC for permission to block some Wi-Fi hotspots, citing security and performance issues related to its own Wi-Fi networks, but has since backed off that pursuit. Guests, as well as tech companies such as Google and Microsoft, came out in opposition to hotels blocking Wi-Fi hotspots.

In its strongly worded warning today, the FCC said it will "aggressively" investigate and act upon "unlawful intentional interference." Its Enforcement Bureau is investigating several complaints.

Not only did the FCC warn hotels and convention centers, but also network providers serving such establishments. It also emphasized that the sale of wireless jamming tools is prohibited.

If you suspect interference is taking place, you should contact the FCC here or call 888-CALL-FCC.
http://www.networkworld.com/article/...ing-trend.html





Cuban Youth Build Secret Computer Network Despite Wi-Fi Ban
Michael Weissenstein

Cut off from the Internet, young Cubans have quietly linked thousands of computers into a hidden network that stretches miles across Havana, letting them chat with friends, play games and download hit movies in a mini-replica of the online world that most can't access.

Home Internet connections are banned for all but a handful of Cubans, and the government charges nearly a quarter of a month's salary for an hour online in government-run hotels and Internet centers. As a result, most people on the island live offline, complaining about their lack of access to information and contact with friends and family abroad.

A small minority have covertly engineered a partial solution by pooling funds to create a private network of more than 9,000 computers with small, inexpensive but powerful hidden Wi-Fi antennas and Ethernet cables strung over streets and rooftops spanning the entire city. Disconnected from the real Internet, the network is limited, local and built with equipment commercially available around the world, with no help from any outside government, organizers say.

Hundreds are online at any moment pretending to be orcs or U.S. soldiers in multiplayer online games such as "World of Warcraft" or "Call of Duty." They trade jokes and photos in chat rooms and organize real-world events like house parties or trips to the beach.

"We really need Internet because there's so much information online, but at least this satisfies you a little bit because you feel like, `I'm connected with a bunch of people, talking to them, sharing files," said Rafael Antonio Broche Moreno, a 22-year-old electrical engineer who helped build the network known as SNet, short for streetnet.

Cuba's status as one of the world's least-wired countries is central to the new relationship Washington is trying to forge with Havana. As part of a new policy seeking broader engagement, the Obama administration hopes that encouraging wider U.S. technology sales to the island will widen Internet access and help increase Cubans' independence from the state and lay the groundwork for political reform.

Cuban officials say Internet access is limited largely because the U.S. trade embargo has prevented advanced U.S. technology from reaching Cuba and starved the government of the cash it needs to buy equipment from other nations. But the government says that while it is open to buying telecommunications equipment from the U.S., it sees no possibility of changing its broader system in exchange for normal relations with the U.S.

Outside observers and many Cubans blame the lack of Internet on the government's desire to control the populace and to use disproportionately high cellphone and Internet charges as a source of cash for other government agencies.

Cuba prohibits the use of Wi-Fi equipment without a license from the Ministry of Communications, making SNet technically illegal. Broche Moreno said he believes the law gives authorities latitude to allow networks like SNet to operate. He described a sort of tacit understanding with officials that lets SNet run unmolested as long as it respects Cuban law - its hundreds of nodes are informally monitored by volunteer administrators who make sure users don't share pornography, discuss politics or link SNet to illicit connections to the real Internet.

"We aren't anonymous because the country has to know that this type of network exists. They have to protect the country and they know that 9,000 users can be put to any purpose," he said. "We don't mess with anybody. All we want to do is play games, share healthy ideas. We don't try to influence the government or what's happening in Cuba ... We do the right thing and they let us keep at it."

Users who break rules can be blocked from the network by their peers for as a little as a day for minor infractions such as slowing down SNet with file-sharing outside prescribed hours, with lifetime bans for violations like distributing pornography.

"Users show a lot of respect for preserving the network, because it's the only one they have," Broche Moreno said. "But me and the other administrators are watching things to make sure the network does what it's meant for."

The Cuban government did not respond to a request for comment on the network.

Before Obama moved to restore full diplomatic ties with Cuba, the U.S. made several attempts to leverage technology against the Cuban government. Contractor Alan Gross was sentenced to 15 years in prison after a U.S. Agency for International Development contractor sent him to Cuba to set up satellite Internet connections. He was freed after five years as part of the deal last month that paved the way for Obama's new Cuba policy.

A separate USAID contractor tried to build a text message-based social network called Zunzuneo whose brief existence was revealed in an Associated Press investigation last year.

Joining SNet requires resources out of reach of many people in a country where the average salary hovers around $25 a month.

Humberto Vinas, 25, studied medical technology and accounting before finding a relatively well-paying job in the kitchen of a bar. He and nine friends shared an SNet node for several months, running hundreds of feet of Ethernet cable over neighbors' roofs until one demanded they take it down, disconnecting most from the network.

"I miss SNet a lot," he said sadly. "You can find out about soccer scores. It allows you to do so much, right from your home."

Cubans have one of the hemisphere's highest average levels of education and years of practice at improvising solutions to scarcity, allowing many to access and share information despite enormous barriers. For as little as a dollar a week or less, many Cubans receive what's known as "the package," weekly deliveries of pirated TV shows, movies, magazines and instructional texts and videos saved on USB memory drives.

There is no obvious indication the U.S. or any other foreign government or group had anything to do with the creation of SNet, making it by far the most impressive example of Cuba's homemade telecommunications engineering.

The network is a series of connected nodes, powerful home computers with extra-strong Wi-Fi antennas that communicate with each other across relatively long distances and distribute signals to a smaller network of perhaps a dozen other computers in the immediate vicinity.

SNet started as a handful of connected users around 2001 and stayed that way for a decade. More than 9,000 computers have connected over the past five years, and about 2,000 users connect on an average day.

Many use SNet to get access to popular TV shows and movies. The system also stores a copy of Wikipedia. It's not necessarily current, but is routinely refreshed by users with true Internet access. There's also a homegrown version of a social network that functions similarly to Facebook.

Because most data passes from computer to computer in SNet, everything takes place much faster than on the achingly slow and expensive connections available from government servers that pass all information through central points.

Broche Moreno estimated it costs about $200 to equip a group of computers with the antennas and cables needed to become a new node, meaning the cost of networking all the computers in SNet could be as little as $200,000. Similar but smaller networks exist in other Cuban cities and provinces.

"It's proof that it can be done," said Alien Garcia, a 30-year-old systems engineer who publishes a magazine on information technology that's distributed by email and storage devices. "If I as a private citizen can put up a network with far less income than a government, a country should be able to do it, too, no?"

---

Associated Press writer Anne-Marie Garcia contributed to this report.
http://hosted.ap.org/dynamic/stories...MPLATE=DEFAULT





The New Space Race: One Man's Mission to Build a Galactic Internet
Ashlee Vance

Greg Wyler is friendly and gregarious and talks about his business plans with a fervor that borders on the religious. He’s also frenetic and hard to pin down. So when the technology entrepreneur, who’s based in Sewall’s Point, Fla., suggested our interview take place in Puerto Rico, I accepted. He and his family had chartered a jet and planned to stop in San Juan on their way to St. Bart’s. While his wife and kids had lunch on the plane, we’d chat in the airport about the ambitious satellite company he’s starting. “Bring a cheese pizza and a sausage one,” he texted. “The kids will love you!” Ten minutes later: “And a Diet Coke.”

For weeks, people who knew Wyler kept telling me he’s an out-there, creative thinker who can come across as disorganized and impulsive. Roll with it, they’d say, because he’s a genius. So it wasn’t a total surprise when he texted again to cancel—they’d departed later than expected—and I found myself alone in a San Juan hotel with two pizzas and a Diet Coke. “So sorry, tried,” he wrote. “It’s been a busy morning …”

For a guy who can’t seem to keep a schedule, Wyler, 45, has had a remarkable run launching a series of companies, each more daring than the last. After making a fortune designing and selling computer parts in his 20s, he decided to dedicate his life to connecting the unconnected. He founded a telecommunications startup that laid fiber-optic cables throughout Rwanda, then a satellite company to bring high-speed, affordable Internet service to islands and other remote locales. Now he’s starting a third venture, OneWeb, with engineering headquarters in Silicon Valley, that aspires to create an elaborate array of low-orbit satellites to bring Internet access to everyone on earth.

In tech-conference speak, what Wyler’s been doing for the past dozen years is connecting “the other 3 billion.” This is the half of the world’s population that for various reasons is not online. Companies such as Google and Facebook have received a lot of attention for their philanthropic plans to bring the Internet to the developing world. Mark Zuckerberg, for example, invited Time to follow him around rural India for a story about his evolution as a philanthropist and business leader, though he provided few specifics on what Facebook intends to do for India’s poor. And Elon Musk—he of Tesla Motors, SpaceX, and the Hyperloop—has received a wave of press, and $1 billion in capital from Google and Fidelity—after unveiling his own space Internet plan.

Wyler is more of a fringe character, and he’s been preaching since well before it was cool that Internet access ought to be a human right. He’s probably the only person alive who’s done the manual labor on the ground and the big, architectural thinking up above to know just how messy wiring the entire planet will get. And with OneWeb, Wyler may receive his due. It’s hard to ignore an Internet delivered from the heavens.

“People handed me the Zuckerberg article, and other people called me after it came out,” he says after we finally link up. “This is great. He has a much bigger pedestal than I do. I’ve been trying to get people to understand that connectivity is a fundamental layer for societal and economic growth.” Then, being as polite as possible, he adds: “The other thing that’s great is that I know our system works.”

Wyler smiles a lot. That, combined with his exaggerated features—out-there chin, puffy cheeks—make him look like a caricature by a sidewalk artist. He talks quickly and incessantly and prefers to walk while talking. He grew up near Boston, the son of a prominent, aggressive insurance litigator and a doting mom. When he felt like it, Wyler did well in class, but his mind often wandered, and his grades fluctuated between A’s and “complete averageness.” He’s capable of extreme focus if a subject interests him, which is what happened in high school when he got into computers and cars. He taught himself how to use computer-aided design (CAD) software, which had a multiplier effect on his innate ability to imagine complex devices. Soon enough, he was designing things. One of his first ideas was a radical fuel-injection system for a Ford Mustang. He found the name of Ford’s head of engineering in a technical journal and called him out of the blue. “We talked cars, and it was this eye-opening experience that, OK, there is this whole other world out there,” Wyler says. “Pre-Internet it was hard to find people that were as passionately and deeply interested in arcane topics.”

After high school, Wyler bounced from Xavier University in Cincinnati to North Adams State College in western Massachusetts. He studied finance and computer science and then went to law school at the Illinois Institute of Technology in Chicago. It was there, in 1992, that he hit on his first really big business idea: a new take on the heat sink, the hunk of metal that draws heat away from a PC’s main processor. He started a company, called No Overhead Computers, and built custom PCs while refining his heat-sink design. He eventually developed a PC that could run without needing one of the big, noisy fans that were ubiquitous in computers of the time.

In 1994, Wyler created a company called Silent Systems to sell his heat sink. “He didn’t call me once a day, he called me three to five times a day,” says Jim Rappaport, the director of the New Boston Fund, whom Wyler pursued as a potential investor. “He’s indefatigable.” Rappaport relented, and Wyler wowed him with a demonstration of the Silent Systems machine vs. an IBM PC. They went into business together. Wyler commuted between Chicago and Boston, finishing law school while he built up the company. He often worked 36 hours straight, fashioning a kind of cubicle cave that blocked out all light so he could concentrate on his computer screen. After five years, Silent Systems managed to create the best heat sink in the PC industry, at a cost of 50¢ per unit, about 80 percent cheaper than its rivals. Silent Systems later secured Dell, Hewlett-Packard, and others as customers and was eventually acquired by electronics maker Molex for about $100 million. Wyler, still in his mid-20s, was a multimillionaire. Flush with cash, he dabbled in real estate and hit it big with a couple of quick-strike tech investments during the dot-com boom. Then everything changed.

On Oct. 1, 2002, Wyler drove to his mother’s house in Winchester, Mass. Susann hadn’t been answering his phone calls, and he felt something was wrong. He arrived to find the front door open and the house silent. He made his way through the house and into the garage, where he found his mother’s body soaked in blood and her head crushed. Someone had bludgeoned her to death.

For Wyler, there was no mystery in what had happened. When the police arrived, he blurted out to a detective, “He did it. My father finally killed my mother,” according to an exposé on the crime in Boston Magazine. In the article, Wyler described his childhood battles with his father, Geoffrey, and leaving home as a teenager to live with his grandparents. He alleged that his father had a history of physically and psychologically abusing his mother, that his parents’ relationship had severely worsened in the year before the murder as Susann filed for divorce, and that Geoffrey had recently decided to sue Greg for a piece of the Silent Systems windfall—all possible reasons for a confrontation. Geoffrey Wyler has denied the accusations that he abused Susann.

“Someone went into my mother’s house, beat her to death, and left without taking a single thing,” Wyler told the magazine. “It all points in one direction, and one direction only.” The police never accused his father of any crime, and to this day, no one has been charged. Geoffrey Wyler declined to comment.

A payload of four O3b satellites getting prepped for launch.Source: USAFA payload of four O3b satellites getting prepped for launch.

Today, Greg Wyler avoids talking about the murder. When it comes up, he says only that the event helped set his life on a different course. “My mom’s death played a role in my thinking about doing something more, something greater,” he says. “I decided that whatever I did next had to have a mission.”

In late 2002, while attending a friend’s wedding in Boston, Wyler met Theogene Rudasingwa, then the chief of staff to Rwandan President Paul Kagame. The two hit it off, and Wyler sensed that he’d found his mission: Help a post-genocide Rwanda modernize. He began thinking up ways to connect more of its schools to the Internet, then he started dreaming about turning the country into a technology hub. “The mindset in the world at the time was that Internet infrastructure was not a high priority,” Wyler says. “I thought that was wrong. When you have good Internet access, you have economic growth.”

About a year after his mother’s murder and the chance wedding encounter, Wyler founded Terracom, a telecommunications company whose business plan was to bring cell phone and Internet service to Rwandans. He managed the company from the U.S. but made frequent trips to Africa. Workers—including Wyler, on occasion—dug trenches to lay hundreds of miles of fiber-optic cable and set up Africa’s first 3G cellular network. Terracom’s service ran faster and cost less than the government-backed RwandaTel and, after a year in business, had more subscribers. In 2005, Terracom acquired RwandaTel for $20 million.

For a while, President Kagame lauded Wyler’s work as the centerpiece of a broad modernization plan. But the merger of the two companies became a management nightmare. “RwandaTel was hugely overstaffed, had horrible equipment, and was a total disaster,” says John Dick, a major investor in Terracom and board member of Liberty Global, a London-based cable company with $20 billion in annual revenue. Wyler and Dick asked the Chinese telecommunications-equipment maker Huawei Technologies to help design a more efficient, more economical system, but the venture continued to struggle, and some members of the Rwandan government grumbled about Wyler managing the business from afar. “It was obvious that the resulting company needed to be owned by Rwanda,” Dick says. In 2007 the Rwandan government bought the merged company. “I think we made a lot of progress, but there were some political aspects that became hard to manage,” Wyler says. “It became easier to sell the assets, and by then I wasn’t even involved.”

Wyler says he checked out not because of disinterest but because of a technical limitation Terracom couldn’t solve. The biggest bottleneck of Terracom’s fiber network was where it connected with the global Internet. Data could zip around Rwanda, but getting it in or out of the country required slow, expensive satellite connections. Wyler figured that many countries must be in a similar predicament, and his mission expanded. He decided to start a company that would go beyond bringing just one country online—he’d connect countries to the rest of the world.

It takes an hour to drive from the Félix Eboué Airport in Cayenne, French Guiana, to the coastal town of Kourou. There isn’t much to see along the way, mostly Amazonian rain forest with its million shades of green. Every now and then, a billboard appears that advertises rockets or rocket parts from Arianespace, Airbus, or some other European aerospace company. In Kourou, you take a left to enter the Guiana Space Centre, one of the busiest spaceports in the world.

The only reason to build a spaceport in a jungle is physics. Kourou is about 300 miles north of the equator, which lessens the fuel needed for a rocket to place an object in an equatorial orbit, where the earth’s rotational speed is fastest and distance to orbit is shortest. Because of the savings, a rocket launched from Kourou can carry payloads with 20 percent to 35 percent more mass than the same rocket launched from other major spaceports.

European nations worked together to build the facility, which occupies 270 square miles along the Atlantic Ocean. This location provides the added bonus that if a rocket malfunctions, there’s plenty of room to blow it up over the sea. The spaceport has multiple launchpads, massive assembly buildings, liquid oxygen and kerosene production centers, and mission control rooms. Since hunting is not allowed in the area, there are also plenty of things a rocket company doesn’t need, such as sloths and monkeys in the trees and fat snakes lazing by the side of the road.

On Dec. 18 hundreds of locals file into the main mission control center to watch the launch of a Russian-made Soyuz rocket. Launch days in French Guiana are a principal form of entertainment, and women in high heels and sundresses, along with military men in uniform, pack the theater area of mission control to watch and listen to the play-by-play from an announcer at the front of the room. The Soyuz’s payload is four satellites belonging to O3b, a startup founded by Wyler in 2007. It’s the company’s third launch; the plan is to position the satellites with eight others already in orbit in a ring around the equator.

It’s long been possible to get the Internet via satellite, with service about as speedy and responsive as an early-1990s modem. Data are transmitted back and forth between terrestrial antennas and satellites in geosynchronous orbits about 22,000 miles up. At that distance, it takes more than 500 milliseconds for the signal to get to a satellite and back. While a half-second might not sound like much, it’s enough to make Skype, FaceTime, games, and any modern cloud-based application torturous.

Wyler’s gamble is to place O3b’s satellites in what’s known as a medium-earth orbit, which is about 5,000 miles into space. At that distance, data can travel up and back in about 150 milliseconds, a performance comparable to fiber-optic cable. There’s a trade-off: The lower the satellite, the less earth it can see. So O3b is putting up an unusually large number of satellites, 12 so far, with more to come. The cost to launch four satellites—each the size of a large restaurant-grade refrigerator—runs about $300 million, and the company has raised more than $1.3 billion to date from the likes of Google, HSBC, and SES, one of the world’s largest satellite operators.

The December launch went off with only a couple of minor hitches. For about 30 minutes, the Russian team leader had a phone to each ear, and O3b Chief Executive Officer Steve Collar paced around the theater because the satellites went quiet. But the machines ultimately came to life as planned, and O3b’s full complement of satellites started sending down 120 Internet beams that the company can direct at will. Each beam creates a coverage area of 400 miles in diameter: Anyone within that circle can get the Internet at fiber speed. Typically, a telecommunications company will sign a deal with O3b for a beam, put up a 14-foot antenna to receive the signal, and then distribute the bandwidth to its business and consumer customers via cellular towers and cables.

The arrival of O3b’s service has been a boon for islands throughout the Pacific. The Cook Islands, for example, used to rely on geostationary satellite connections. Movies wouldn’t stream, online games didn’t work, and when a hospital tried to have a video call with a specialist in New Zealand, the picture was delayed and pixelated. “The service is reliable, but it’s slow and very expensive,” says Jules Maher, the former CEO of Telecom Cook Islands, the sole telecommunications provider. Maher looked into an undersea fiber cable to connect the main island to Tahiti, but the price was crippling. “There are only 10,000 residents on the main island, and the cost would be $30 million, so it was hard to see how we would ever get a return on the investment.”

Maher’s company has been an O3b customer since March. He’s impressed. “Businesses are paying 10 percent of what they used to pay and getting 12 times the speed,” he says. The service is already having an effect on demographics—some of the younger Cook Islanders are opting to stay at home rather than go to New Zealand or Australia for school, in part because they can now take classes online. They’re losing the sense that, if they stay, the world will pass them by. “No one wants to feel like they’re in a backwater,” says Maher. Telcos in Papua New Guinea, the Democratic Republic of the Congo, American Samoa, Malaysia, and Afghanistan are among the 35 customers O3b has signed up.

O3b is also finding eager customers among cruise lines and offshore oil rigs. Cruise ships typically charge 75¢ to $1 per minute for geostationary Internet access. “You have to take out a loan to stay on the Internet, and I am only partially kidding,” says Bill Martin, the chief information officer for Royal Caribbean Cruises. Royal Caribbean now has beams from O3b following three of its ships and is giving passengers free access as an enticement over rival cruise lines. Martin rattles off anecdotes of people streaming a movie while on the treadmill, catching a college football game while grabbing a drink, and Snapchatting while onboard—they now have all their usual obsessions and time wasters at sea. “The younger generation does not want to be disconnected,” he says. “This is an incredible edge for us.” The amount of bandwidth going to just one Royal Caribbean ship surpasses that reaching all the rest of the cruise ships on the ocean combined.

With the 12 satellites up and running, O3b has moved from doing trials throughout 2014 to launching its full commercial service in December. Prices for the service fluctuate depending on what its telco customers charge their subscribers, but most often consumers end up paying about the same price as they would for a fiber connection. In a matter of months, O3b has emerged as the largest Internet service provider in the Pacific, and it should break even by the middle of the year on $100 million in annual revenue, according to the company. “We can launch more than 100 satellites into the constellation,” says CEO Collar. “And as we launch more satellites, our network becomes more efficient, the price goes down.”

A couple of weeks after the O3b launch, Wyler is saying—with a straight face—how exhilarating it feels to be doing a startup in a garage. The garage in question is attached to his West Coast home, a mansion in Atherton, Calif., the toniest of all the Silicon Valley towns. The whole first floor of the spread is the temporary headquarters of OneWeb, his newest company.

There’s a handful of mechanical engineers in the living room, some communications experts in the dining room, and a couple of satellite specialists at the kitchen table. Ethernet cables run all over the floor. In the garage, there’s a workshop with a 3D printer and what looks like a 15-foot-long barbecue spit. Engineers use it to assemble what will become a 280-pound satellite. For break time, there’s a putting green and a boccie ball court on the property. (The company’s legal name is WorldVu, although it will operate under the OneWeb brand.)

OneWeb is a supercharged version of O3b. Instead of dozens of satellites, Wyler plans to put up hundreds—648, to start with. The satellites will be in a low-earth orbit 750 miles up, much closer than even O3b’s machines. Engineers expect data to travel between space and the surface in 20 milliseconds, which would provide a state-of-the-art Internet service capable of handling any application. While sitting by the fireplace in his guesthouse, Wyler holds a gray, semispherical object about the size of a car tire. It’s a OneWeb rooftop antenna. Unlike a typical satellite TV dish, which requires an installer to aim the dish carefully to get reception, Wyler says, his device just has to be put on the roof, round side up. OneWeb will have so many satellites, he explains, you’d have a hard time not getting a signal. So where O3b requires large, specialized antennas run by telcos, OneWeb will offer this simple device for use by individuals and public and commercial buildings, such as schools, stores, and hospitals. It will act as a kind of local Internet hub connecting with nearby devices via Wi-Fi or a cellular signal.

“You don’t have to buy an antenna,” Wyler says. “You just have to be near a school or a health center, and your phone or tablet will log on.” He expects the antennas to start at about $200 each and promises they’ll be durable and easy to use. “This thing can sit in the mud for months on end, it’s waterproof, and it has no buttons,” he says. “You should not need any words to figure out how to turn this on.”

There will certainly be some overlap between OneWeb and O3b, but Wyler sees them as complementary services that cater to different markets. O3b will be more business-to-business, offering large amounts of bandwidth to countries, telcos, and large ships. If a ship is within range, O3b can give it capacity that would be difficult for OneWeb to match. OneWeb, though, will have much broader coverage and serve both business customers and consumers. Wyler remains a large shareholder in O3b.

On another level, OneWeb could function as a global Internet backup system. If a bunch of fiber cables get cut and a region loses its Internet connection, OneWeb can pick up the traffic. The network should also deliver much faster Internet service to airplanes, and it would be of great use in a natural disaster when terrestrial communication systems are suddenly wiped out. OneWeb could theoretically drop off dozens of its antennas, point them skyward, and establish instant Internet for emergency workers and others.

Wyler says he’s not trying to compete as a global telecommunications company. He’d prefer to stay in the wholesale end of the business, selling antennas and satellite service to existing telcos around the world, who would then resell the antennas and the Internet service that comes with them. The telcos, and not OneWeb, will set the price on the service. “We hope to see prices that are affordable to the consumer,” he says.

A lot can go wrong before OneWeb’s network is complete. A couple of companies—Teledesic and SkyBridge—tried 10-plus years ago to build similar networks and burned through billions of dollars before failing and scaring investors away from the idea for years. Wyler and others argue that these efforts were ahead of their time, and that the underlying technology has improved enough to make the idea, with a couple of architectural tweaks, feasible again. OneWeb says it will be able to cover an area the size of India with three satellites. The machines, though, are always on the move in a gridlike pattern. As such, the venture must develop ways to pass a communication signal from one satellite to the next and run millions of calculations every minute to figure out how to best divvy up bandwidth among all the people tapping into one satellite.

Only a handful of companies build satellites, and they’re usually one-offs designed for a specific purpose. OneWeb will need one of these manufacturers to produce its machines at scale. It will also need to work with most of the major rocket-launch companies to meet its unprecedented goal of sending up a new satellite every 20 days. “This is the biggest thing that has ever been done in the satellite industry,” says David Bettinger, who left his job as chief technology officer at IDirect, a satellite communications company, to join Wyler. “It takes a Greg to do something like this.”

Wyler, who’s put in $6 million of his own money so far, expects it will take more than $2 billion to get OneWeb going. The company has lined up Virgin Group and Qualcomm as investors, with each putting in “tens of millions,” according to Virgin founder Richard Branson, who’s joined the OneWeb board. “We have the capacity to put up nearly 2,500 satellites,” Branson says. “If we have our figures right, this will be a highly profitable business that also encompasses charity and delivers a much-needed service.”

Wyler hopes to have OneWeb up and running by 2018. In the meantime, rivals will be expanding their efforts to connect the rest of the world. Google had at one point looked to fund OneWeb and make it part of the company’s broad Internet connection efforts, but Wyler and Google CEO Larry Page decided to part ways, Branson says. Google is charging ahead with its own plan, Project Loon, in which giant weather balloons rigged with communications gear will float above remote areas to create a wireless network. Facebook has a number of schemes, too, and has been exploring everything from drones and lasers to more cleverly placed cell towers in rural areas to bridge gaps in Internet connectivity.

The biggest challenge may come from Musk, who used to crash in Wyler’s guesthouse and has just announced plans to create his own version of an Internet space network. Musk’s plan is to build thousands of satellites at a SpaceX factory, launch them with his own rockets, and use them to handle much of the world’s Internet traffic. “We want a satellite that is an order of magnitude more sophisticated than what Greg wants,” he says. “I think there should be two competing systems.”

Branson counters that Wyler’s the only person to have thought through all of the technical issues and acquired the international wireless spectrum rights to provide Internet service from space. “I don’t think Elon can do a competing thing,” says Branson, who’s friends with both men. “If Elon wants to get into this area, the logical thing for him would be to tie up with us.”

During a walk-and-talk interview with Wyler in Atherton, the conversation turns to his reputation as brilliant but flighty. “I am a shepherd,” he says, explaining that he’s good at figuring how things will work, assembling the right team, attracting investors, and setting the machine in motion. With OneWeb, Wyler might stick around longer than he has at past ventures. Once he gets it working, assuming no catastrophes happen, he’ll complete the mission he gave himself after his mother died. “This is the second Internet,” he says. “It will be there for everybody.”
http://www.businessweek.com/articles...oogle-facebook





WSJ: Google Fiber is Coming to Atlanta, Nashville and North Carolina
Richard Lawler

Rumors broke over the weekend that Google might bring its gigabit internet Fiber connection to Charlotte and Raleigh-Durham, NC next, but it's not stopping there. The Tennesseean reports Nashville has an announcement planned, while the Wall Street Journal lists all of those cities plus Atlanta, based on anonymous sources. Atlanta would represent the biggest metro area for Google Fiber yet, and the WSJ mentions that media in the area have been invited to a launch event tomorrow. All four cities were already on Google's "Future of Fiber" list so there's no shockers here, but still -- pretend like you're surprised (and not jealous) when the announcement is made, it's only polite.
http://www.engadget.com/2015/01/26/g...fiber-rollout/





BT Confirm UK Rollout of 1000Mbps G.Fast Ultrafast Broadband from 2016/17
Mark Jackson

The national telecoms operator, BT, has today delivered an earlier than expected surprise by announcing their intention to deploy the next generation hybrid-fibre G.fast (ITU G.9701) broadband technology across the United Kingdom from 2016/17, with “most homes” told to expect speeds of ‘up to’ 500Mbps (Megabits per second) and there’s also a “premium” option for up to 1000Mbps (the premium may come via FTTP).

At present most of BT’s national deployment is dominated by their hybrid Fibre-to-the-Cabinet (FTTC) broadband technology, which delivers download speeds of up to 80Mbps by running a fibre optic cable to your local street cabinet and then using VDSL2 over the remaining / existing copper line from the cabinet to your home.

Existing FTTC is most effective for properties that exist up to 400 metres away from their street cabinet, although the service has been known to reach 2000 metres; albeit with significantly slower sub-superfast speeds (i.e. well below the Government’s definition of 24Mbps+).

By comparison G.fast works in a similar way, except that it requires significantly more radio spectrum (FTTC = 17MHz vs G.fast 17-106MHz+) and must thus operate over a much shorter run of copper cable (ideally less than 250 metres). As a result the high capacity fibre optic line has to be taken even closer to homes, usually as far as a smaller remote node or distribution point (FTTdp / FTTrN) that can be built on top of a telegraph pole, inside a street cabinet or possibly even put underground.

This extra work is costly and complex, but also means that BT doesn’t need to dig up your garden or run a new physical line into your home, which would be hugely time consuming and even more expensive. The downside is that depending upon copper lines, even a small amount, means that service speeds may be significantly slower for those at the furthest reaches of G.fast (how slow will very much depended upon BT’s chosen deployment methodology).

BT conducted a field trial of mock-up G.fast technology earlier this year (full details here and here) and on the shortest 19 metre copper line they managed to achieve aggregated speeds of around 1000Mbps (Megabits per second), which equated to 231Mbps upload and 786Mbps download. By comparison the “long” 66 metre line produced 200Mbps upload and 696Mbps download.
BT’s G.Fast Trial Plans

As part of today’s announcement BT has confirmed that their Openreach division will begin “widespread deployment” of G.fast sometime in 2016/17, but this will subject to the results of two pilots that are to be run before.

The two pilots will start this Summer 2015 in Huntingdon (Cambridgeshire) and Gosforth (Newcastle). Around 4,000 homes and businesses will be able to participate in the pilots, which will explore what speeds can be delivered using G.fast at scale.

BT is likely to deploy G.fast from various points in the network, with the pilots allowing it to assess various rollout options. It is also planning to develop a premium fibre broadband service for those residential and business customers who want even faster broadband, of up to 1Gbps.

Gavin Patterson, BT’s CEO, said:

“BT is a world leader when it comes to fibre innovation and we are excited about the next stage in our story. We believe G.fast is the key to unlocking ultrafast speeds and we are prepared to upgrade large parts of our network should the pilots prove successful. That upgrade will depend however on there continuing to be a stable regulatory environment that supports investment.

The UK is ahead of its major European neighbours when it comes to broadband and we need to stay ahead as customer demands evolve. G.fast will allow us to do that by building on the investment we have made in fibre to date. It will transform the UK broadband landscape from superfast to ultrafast in the quickest possible timeframe.”

Meanwhile BT’s FTTC dominated deployment of “superfast” (24Mbps+) capable broadband technology, with a few pockets of 330Mbps capable pure fibre optic FTTP, is continuing and its network now passes almost 22 million homes and businesses. The current roll-out forms part of the Government’s intention to make superfast speeds available to 95% of the UK by 2017.

As for the G.fast plan, its deployment is expected to complete by 2020 (assuming all goes well with the trials), although crucially we don’t yet know precisely what proportion of the UK will receive the service. It’s also worth noting that G.fast performance also suffers significantly when it has to coexist in an environment with VDSL2 (FTTC), although we won’t know what kind of impact this will have until BT has established a clear methodology for how it will deploy G.fast.

In terms of cost, G.fast isn’t cheap and might cost as much as several billion pounds to roll-out, but again this will depend upon BT’s chosen deployment methodology and how much of the UK will be covered. The operator spent around £2bn pushing FTTC out to third thirds of the UK and we anticipate that something similar may be required for G.fast, but more information is required.

The other big question is whether this roll-out will have any impact upon the deployment of Vectoring technology, which is needed to tackle the crosstalk interference issue that has been causing a performance loss of up to 20-30% on some FTTC lines.

UPDATE 8:38am

In chatting with BT’s we’ve been told that the operator believes G.fast should be able to deliver speeds of up to 500Mbps within a decade. But crucially the operator said that the 1000Mbps premium service is “likely to be delivered” via pure fibre optic Fibre-to-the-Premises (FTTP) technology and possibly not G.fast, which wasn’t mentioned in their press update.

However BT said that it was still early days and suggested that no decision had been made on this, not least because G.fast can do 1Gbps in some circumstances and they’re “continuing to push the boundaries” of that technology.

So in other words, the “premium” service might be done via G.fast, but the current direction is for it to be achieved through an FTTP upgrade (at present FTTP can only do 330Mbps on BT’s platform).
http://www.ispreview.co.uk/index.php...band-2020.html





U.S. Wireless Spectrum Auction Raises Record $44.9 Billion
Alina Selyukh and Malathi Nayak

The U.S. Federal Communications Commission raised a record $44.9 billion in the auction of so-called AWS-3 airwaves that closed on Thursday, marking the highest point yet in the wireless industry's appetite for more spectrum.

Wireless carriers Verizon Communications Inc, AT&T Inc and T-Mobile US Inc, satellite TV provider Dish Network Corp and others vied for new slices of airwaves to satisfy the growing consumer demand for streaming video and other data-guzzling applications.

Regulators will disclose the winners of the auctioned spectrum licenses in the coming days.

The auction presented the largest opportunity for companies to buy new wireless spectrum since 2008. But it shattered the expectations of analysts and the FCC, barreling past the reserve price of $10.1 billion in the first week of bidding and more than doubling the haul of the biggest previous auction.

"By their actions, wireless carriers have demonstrated the importance of new spectrum," FCC Chairman Tom Wheeler told reporters on Thursday as he received congratulations from lawmakers and industry executives.

The proceeds will pay for a new $7 billion public safety network and boost the Treasury's coffers. Wheeler cited one forecast that the new spectrum might boost U.S. GDP by billions and add tens of thousands of new jobs.

The auction will also be important to Dish, which already owns similar airwaves whose value will now be crystallized for the first time. Its shares had hit an all-time peak during the course of the auction and rose 3.1 percent to $73.75 on Thursday afternoon.

The FCC now looks to 2016, when it plans to hold its largest and most complex auction yet of the low-frequency airwaves which are highly coveted for their strength and reach. Sprint Corp, which sat out the AWS-3 auction, is expected to join other bidders in that planned auction.

Investors have worried that AT&T and Verizon may have overspent in the AWS-3 auction, but analysts argue that more spectrum will help carriers expand their network capacity as they tackle intense competition in the near saturated wireless market.

Based on their debt-raising patterns, AT&T may have purchased more than Verizon, said Jonathan Chaplin, an analyst at New Street Research. He expects AT&T to pay between $20 billion to $22 billion and Verizon to spend in the range of $14 billion to $16 billion in the auction.

Canada's government plans to auction off similar AWS-3 airwaves in March.

(Reporting by Alina Selyukh in Washington and Malathi Nayak in San Francisco; Editing by G Crosse and Paul Simao)
http://www.reuters.com/article/2015/...0L227B20150129





T-Mobile, AT&T and Verizon Win Spectrum in FCC Auction That Raised $41.3 Billion
Fried

The Federal Communications Commission revealed the list of winning bidders in its spectrum auction on Friday, with AT&T, Verizon and T-Mobile among the 31 bidders that paid more than $41.3 billion.

AT&T spent $18.2 billion, Verizon won $10.4 billion worth of bids, while T-Mobile’s winning bids totaled just under $1.8 billion. Two entities tied to Dish Network had winning bids of a combined $13.3 billion. Less than $1.2 billion went to other entities.

Because of certain discounts and incentives, that’s slightly less than the nearly $45 billion in total bids that were placed before the auction closed Thursday. Still, it’s more than double the reserve price set by the government and well ahead of what many wireless industry watchers were expecting.

Companies were bidding on the right to use certain frequencies for wireless airwaves. The government sets aside some spectrum for its own use, auctions off other parts to broadcasters and wireless carriers and also leaves some bands open and unregulated for things such as Wi-Fi. As demand for high-speed data has grown, so has the need for carriers to bolster the amount of spectrum on which they provide service.

“Improving consumer access to wireless broadband is a priority of mine, and has been a priority of the commission over the past five years,” FCC Chairman Tom Wheeler said in a statement. “Now, an additional 65 megahertz of spectrum is available to improve wireless connectivity across the country and accelerate the mobile revolution that is driving economic growth and improving the lives of the American people. The results of this auction confirm the strong market demand for more spectrum.”

Verizon Wireless, AT&T and T-Mobile US all chose to take part in the auction, with Sprint opting to sit out. Dish Network itself did not bid; however, two of the winning entities — Northstar Wireless and SNR Wireless LicenseCo — have been previously linked to Dish.

“Because of the FCC’s anti-collusion rules, however, we are not able to discuss further at this time,” Dish said.

Dish is the big wild card in the wireless market. Even before this auction the satellite TV service had amassed a huge treasure trove of airwave licenses, but the company has yet to reveal a plan for its holdings. It’s likely Dish is looking to expand its offerings beyond TV to compete with cable companies, which already sell as many as four different services, including wireless. Dish made a bid for Sprint, but ended up losing out to SoftBank and has been quiet ever since, though it is seen as one potential buyer for T-Mobile US at some point.

The list of winning bids stretches over 95 pages, but Northstar, SNR, AT&T and Verizon appear frequently, with T-Mobile having won a lesser number of licenses. The FCC auction parcels things out on a market-by-market basis with multiple winning bids in each region.
http://recode.net/2015/01/30/fcc-say...-41-3-billion/





“No Fast Lanes and Slow Lanes”: CRTC Rules Bell’s Mobile TV Service Violates Telecommunications Act
Michael Geist

The CRTC has issued a major new decision with implications for net neutrality, ruling that Bell and Videotron violated the Telecommunications Act by granting their own wireless television services an undue preference by exempting them from data charges. The Commission grounded the decision in net neutrality concerns, stating the Bell and Videotron services “may end up inhibiting the introduction and growth of other mobile TV services accessed over the Internet, which reduces innovation and consumer choice.”

The case arose from a complaint filed by Ben Klass, a graduate student, who noted that Bell offers a $5 per month mobile TV service that allows users to watch dozens of Bell-owned or licensed television channels for ten hours without affecting their data cap. By comparison, users accessing the same online video through a third-party service such as Netflix would be on the hook for a far more expensive data plan since all of the data usage would count against their monthly cap. Videotron was later added to the case, based on similar concerns with its mobile television service.

Bell raised several arguments in response, claiming that the mobile television services were subject broadcast regulation, not telecom regulation and that, in any event, the offering was good for consumers and should be encouraged.

The CRTC ruled that mobile television services effectively invoke both broadcast and telecom regulation, since a data connection is required to access the service. Indeed, it agreed with Klass that “from a subscriber’s perspective, the mobile TV services are accessed and delivered under conditions that are substantially similar to those of other Internet-originated telecommunications services.” That aspect of the decision is important, since it ensures that providers will not avoid the regulatory features of the Telecommunications Act by arguing that the services should be treated solely as broadcast.

Given the application of telecom regulation, the Commission examined whether the Bell and Videotron approach violated the rules undue preferences, which prohibit carriers from granting themselves an undue or unreasonable preference. It concluded that it did:

the Commission finds that the preference given in relation to the transport of Bell Mobility’s and Videotron’s mobile TV services to subscribers’ mobile devices, and the corresponding disadvantage in relation to the transport of other audiovisual content services available over the Internet, will grow and will have a material impact on consumers, and other audiovisual content services in particular.

The decision was clearly grounded with net neutrality principles in mind. CRTC Chair Jean-Pierre Blais, speaking just prior to the release of the decision, stated that there would be “no fast and slow lanes”, adding:

At its core, this decision isn’t so much about Bell or Vidéotron. It’s about all of us and our ability to access content equally and fairly, in an open market that favours innovation and choice. The CRTC always wants to ensure #– and this decision supports this goal #– that Canadians have fair and reasonable access to content. That everyone can access the bridges without restrictions. We also want to ensure that abuses of power in the system do not go unchecked.

It may be tempting for large vertically integrated companies to offer certain perks to their customers, and innovation in its purest form is to be applauded. By all means, we at the CRTC want broadcasters to move television forward by creating new and exciting ways to view content. But when the impetus to innovate steps on the toes of the principle of fair and open access to content, we will intervene. We’ve got to keep the lanes of our bridges unobstructed so that everyone can cross.

Yet despite the ringing endorsement of the principles of net neutrality, it should be noted that the decision did not apply the CRTC’s Internet traffic management practices (ITMPs). The ITMPs, which are frequently referred to as the net neutrality rules, were viewed as inapplicable, with the Commission ruling that Bell and Videotron were not using an ITMP as part of the service (though Videotron did at one point in time and later dropped it).

That distinction is important, since it suggests that the ITMPs may be more limited in scope than some had anticipated. Given that the CRTC found that the services still violated the rules under the Telecommunications Act, it points an evolving net neutrality framework in Canada that includes analysis of both the ITMPs and the principles of undue preference.
http://www.michaelgeist.ca/2015/01/c...es-slow-lanes/





Conference Calls a Waste of Time? In 1915, This One Made History
Stephen Lawson

These days, making a call across the U.S. is so easy that people often don’t even know they’re talking coast to coast. But 100 years ago Sunday, it took a hackathon, a new technology and an international exposition to make it happen.

The first commercial transcontinental phone line opened on Jan. 25, 1915, with a call from New York to the site of San Francisco’s Panama-Pacific International Exposition. Alexander Graham Bell made the call to his assistant, Thomas Watson. Just 39 years earlier, Bell had talked to Watson on the first ever phone call, in Boston, just after Bell had patented the telephone.

By 1915, the American Telephone and Telegraph Co. network spanned the continent with a single copper circuit 6,800 miles (11,000 kilometers) long that could carry exactly one call at a time. There were already 8.6 million phones served by AT&T, but hearing someone’s voice from the other side of the continent was astounding, like being able to go to the moon, said Anthea Hartig, executive director of the California Historical Society.

It was a fitting event leading up to the exposition, which celebrated the completion of the Panama Canal and the latest technological and cultural achievements of the day. Like other big fairs of the day, it was also a theme park of popular attractions and opulent architecture, and it drew almost 19 million visitors.

Where Bell and Watson’s first call in 1876 had been a private experiment, their talk across the country in 1915 was a major public event. It represented a huge technological achievement that had been set into motion seven years earlier. In 1909, AT&T president Theodore Vail had pledged to start transcontinental phone service in time for the opening of the exposition—without knowing how to do it.

At the time, the phone network reached only as far west as Denver. Between that point and the phones on the West Coast lay much of the Rockies, the vast deserts of Utah and Nevada, and the Sierra Nevada. Crews had to install poles and string wires across the whole region using horse-drawn wagons and early automobiles. In winter, they would face 20-foot snow drifts in the Sierra.

But new technology was needed, too.

“The biggest challenge was amplifying sound so it could be transported 3,400 miles,” said AT&T Archivist Bill Caughlin. That called for more powerful amplifiers all along the line from New York to San Francisco.

Engineers throughout AT&T competed to solve the problem, just as developers often take each other on at hackathons today. And just as it often happens in Silicon Valley, it was a consultant—inventor and radio pioneer Lee De Forest—who contributed the key idea. His three-element vacuum tube formed the basis of the carrier’s new amplifiers, used first for the transcontinental line and later for all of AT&T’s repeaters for years to come.

In addition to cutting-edge electronics, there were more down-to-earth concerns. AT&T employees had so much ground to cover that they developed a new kind of machine so they could dig holes for telephone poles faster.

By June 1914, the more than 730,000 pounds (331,000 kilograms) of copper had been strung out across the network and engineers started making test calls. But commercial service didn’t begin until after the Jan. 25, 1915, ceremonial call. When it did, a three-minute call cost $20.70, the equivalent of nearly $485 today.

If they’d been paying, the participants on that first call would have racked up quite a bill. After Bell and Watson talked, a string of dignitaries including the mayors of San Francisco and New York went on the line. Vail called in from his summer home in Jekyll Island, Georgia, where a special private line had been set up because an injured leg prevented him from going to headquarters in New York. Then U.S. President Woodrow Wilson came on the line from the White House.

It took about 10 minutes just to connect a transcontinental call, because the connection had to be set up step by step with a switchboard operator in each city along the way. The ceremonial call on Jan. 25 took three and a half hours, from 4:30 p.m. to 8:00 p.m. New York time. Then Boston joined in for more conversations—even one in Cantonese, between the founder of a Chinese telephone exchange in San Francisco and a Southern Pacific Railroad official in Boston.

Later that evening, the line was opened to paying customers. The first call was made by Fred Thompson, at the Stewart Hotel in San Francisco, to his mother, Margaret Thompson, at the Bensonhurst Hotel in Brooklyn. They reported that it sounded just like a local call.

But the transcontinental phone line remained a spectacle throughout the exposition, which ran from Feb. 20 to Sept. 4, 1915. AT&T opened a pavilion where visitors could pick up a phone and hear sounds from across the continent, including musical performances and the Atlantic Ocean.

So, even a century ago, people went to one of the great spectacles of the age and just stared at their phones.
http://www.networkworld.com/article/...e-history.html





Speed Kills

Has digital technology destroyed leisure?
Rebecca Tuhus-Dubrow

Not long ago, while crashing with my parents for a few days, I had the opportunity to sift through a wicker box stuffed with memorabilia from my youth: cards, letters, notes scribbled furtively in class. I’m not that old—the historical period in question was the 1990s—but the exercise felt like stepping back into an ancient era. There were letters from old flames, grandparents and, disproportionately, my childhood best friend; creased paper and smudged ink, the occasional drawing, inside jokes that still made me laugh. An erstwhile sentimentalist, I had saved paper fragments with the scrawled names of people I could no longer place (who was Sharon?) and their phone numbers (most of which, quaintly, had no area codes). For several evenings, until I’d touched and devoured every last scrap, the box seduced me away from my usual nighttime dabbling in work and diversion.

Pressed for Time
The Acceleration of Life in Digital Capitalism.
By Judy Wajcman.

Throughout the hours that I spent with this paper archive, my experience of time seemed to change. I was fully absorbed in each old document I encountered. I was also reminded of a period of my life when I had a very different relationship with time: I would kill entire afternoons scribbling bad poems in my journal, or napping to the tunes on obsessively curated mix tapes.

Now, I can nod along to the refrains about how quickly time passes, how busy life is. What changed? Was it just that then I was a kid, and now I have a kid? Time no longer seems unlimited: then I had possibilities; now I have responsibilities. Is it because I was blessed (or so it seems to me) to be in the last generation to grow up without the intrusions and distractions of the Internet and cellphones? Or maybe I’m just misremembering it all through a haze of nostalgia. (It may even be possible—though unlikely—that the ’90s were not objectively the greatest decade for music and culture in my lifetime, but merely the time when I happened to be 16. Unlikely, but theoretically possible.)

On a larger social scale, we have been observing similar patterns and asking similar questions for some time. Why are we so busy, and why do we have so little time? Is it because our gadgets and gizmos have accelerated the pace of life? Much as I have had to assume the obligations of adulthood, do we all shoulder greater burdens now than we did before hyper-globalization and the shriveling of the welfare state? Or are we just engaging in collective nostalgia for a simpler time that never really existed and that, in fact, we don’t even really want to inhabit?

* * *

These are some of the questions Judy Wajcman takes up in her bracing, if not altogether convincing, new book, Pressed for Time. The title is somewhat misleading, for Wajcman’s argument complicates the prevailing idea that we have less time than ever and that technology is to blame. She is impatient with unsupported assumptions about how people spend time. She points out that people’s experience of time is heterogeneous, and that those who dominate public discussion of the issue tend to generalize based on their own experience. (The underemployed, for instance, may not be so busy; the notion of acceleration may not resonate for care workers, because the pace of care is inherently slow.) She also points out that theorists on the subject have seldom drawn on empirical research regarding “time practices.”

In her slender but dense book, Wajcman aims to remedy all of these failings. She tries to talk about time in more precise and rigorous language, some of which is jargony but often useful nonetheless. For instance, we all have twenty-four hours in a day; what we really want is not more time but “temporal sovereignty,” the ability to choose how we spend our time. Shunning abstract formulations, she aims to take a closer look at the texture of our experience of time.

Wajcman, an Australia native and a sociology professor at the London School of Economics, is an important figure in the field known as science and technology studies (STS). Its presiding conviction is that “all technologies are inherently social in that they are designed, produced, used and governed by people.” Much of this book summarizes, and sometimes critiques, the insights from her field. Though Wajcman frowns upon muddled thinking and unempirical claims, her bête noire is what she calls “techno-determinism”: the notion that technology operates as an independent force influencing society from the outside. Instead, she sees a “dialectical process of promise, resistance, improvisation, and accommodation.”

In addition to her suspicion of oversimplification, Wajcman delights in paradox and complexity. She points out that for all the focus on hypermobility, human bodies are increasingly stationary, sitting in front of screens and steering wheels. Similarly, “increase in speed increases the potential for gridlock.” Cars promise liberation and exhilaration, but the more cars are on the road, the less they can fulfill that promise: “The irony is that a horse and buggy could cross downtown Los Angeles or London almost as fast in 1900 as an automobile can make this trip at 5 p.m. today.”

More such examples pepper the book. Her points aren’t jaw-droppingly counterintuitive; rather, they tend to crystallize nuances or contradictions of which we are vaguely aware from our own daily life but that rarely get articulated. Many of these observations come from her colleagues, whom she cites. The ideas might be familiar to specialists in STS, but fresher to lay readers.

* * *

Wajcman approaches her subject rather like a mystery: Why do we sense that life has gotten faster and that we have less time? In fact, several surveys indicate that working hours have not increased for most people and that we have more leisure time than before. And yet, survey data also support the notion that our subjective experience of time is more harried than in the past. From 1965 to 2005, the percentage of Americans reporting that they always feel rushed climbed from 25 percent to 35 percent, and nearly half now say they almost never have enough time on their hands.

What’s going on? Wajcman identifies several intertwining changes that affect not necessarily the quantity but rather the quality of available time, making it feel more disorganized and fragmented. One factor is the dissolution of standard schedules. The 9-to-5 office or factory job, as the most obvious example, has given way to irregular hours, extended hours, working from home and so on. As Wajcman puts it, “collective social practices, derived from institutionally stable temporal rhythms, have been eroded.” This shift makes it challenging “to mesh work schedules with the social activities of friends and family…. More negotiations, more decisions, and more effort are required to perform the necessities of daily life.”

At the same time, we have the rise of the dual-earner household. Dad isn’t coming home at 5:30 anymore, and in any case Mom wouldn’t be there waiting to serve him a cocktail. (This may never have been true for most families; now the image is more dusty relic than sitcom cliché.) Both partners are likely to have schedules that vary from the old standard in different ways. We’ve also seen a concurrent change in culture for children and adolescents, although Wajcman doesn’t delve into the well-worn territory of the “over-scheduled child.” Thus, coordinating activities becomes an activity in its own right. This is to say nothing of the rise in single-parent families, which, for obvious reasons, suffer from their own distinctive time pressures.

And then there’s technology, which Wajcman acknowledges has wrought changes. But she insists they are not as simple as we sometimes claim. When examining the effect of technology on the pace of life, she finds another paradox, another mystery. “But hang on a moment. Weren’t modern machines supposed to save, and thereby free up, more time?” It is by no means inevitable that technological advances should accelerate the pace of life; on the contrary, once you think about it, the opposite result seems more intuitive.

And yet the connection is not necessarily off the mark. What happens, of course, is that the introduction of technology into our lives changes our expectations. Consider the washing machine. Wajcman begins one chapter with a provocative epigraph, a quote from economist Ha-Joon Chang: “The washing machine has changed the world more than the Internet has.” This assertion appeals to Wajcman, because it suggests the importance of an ordinary household artifact and of housework, both of which are typically overlooked. Still, she also questions how much time the washing machine and comparable appliances really save. Instead, she finds, the introduction of the washing machine changed the culture so that people had higher standards for cleanliness. At the same time, household labor (for women) began to be valorized. “In other words, it may be that appliances are being used to increase output rather than to reduce the time spent on housework.”

Similarly, with the advent of e-mail, texting and social media, our expectations of response time changes. Because it is possible to communicate instantaneously, we expect immediate responses. Instead of (or in addition to) using the devices to save time, we use them to communicate more—to increase our “output” of communication.

Wajcman finds some truth in the charge that technology is playing a role in the felt acceleration of life. But her analysis of the empirical research on time use leads her to challenge other assumptions often taken for granted. We fear that constant connectivity means the encroachment of work into the home and family life. While this issue certainly exists, Wajcman finds that cellphones are primarily social tools, and they allow people to communicate with friends and family during work hours. In part, this communication enables people to make plans and coordinate schedules, thereby saving time: “by allowing some of the concerns of family and personal life to be handled during the working day, they might even be deployed to reduce time pressure.”

She agrees with the popular perception that boundaries between work and home are blurring. But she doesn’t exactly lament this development. Indeed, she points out that the division between work and home, public and private, was a creation of industrialization, which perhaps reached its apex in 1950s American suburbia and is not necessarily an ideal to be preserved.

Likewise, she discusses the dissolution of other boundaries in her chapter on texting. She conducted her own study on the texting practices of teens in Australia. In contrast to the common complaint that teens are not fully present during family time, she proposes: “Perhaps, in a distinctive manner, young people are now able to concurrently experience family time and time with friends.” In the same vein, Wajcman recalls seeing, at a nursing home, a daughter with one arm slung around her elderly mother, the other tapping on her smartphone. Though Wajcman acknowledges an initial negative judgment of this scene, she quickly reconsidered. The elderly mother was clearly not very aware of her surroundings and was likely comforted by her daughter’s presence. The daughter was able to provide this solace while engaging in other activities. (She could also have been reading a book or magazine.) Is this really to be condemned?

* * *

My guess is that many of us instinctively disapprove of the multitasking daughter, as well as the teens texting during dinner time—and also that most of us have done similar things ourselves. As our constant lamentations about our love of speed suggest, what we really feel is profound ambivalence. One of the most valuable contributions of Wajcman’s book is to explore that ambivalence.

One intriguing theory posits a connection between speed and social progress. “Our common sense notion of ‘modern’ denotes a historical process of steady advance and improvement in human material well-being, occasioned by technological innovation,” Wajcman writes. She cites one of her colleagues as arguing that progress depends on “impatience with the way things are…. Change thus comes to be valorized over continuity…the speed of change becomes a self-evident good.” As experienced in everyday life, sometimes speed itself may be alluring. But not always: it may be, instead, a matter of a “cultural ‘bargain’ with modernity.” We may love speed or hate it (or both), but either way, we see it as intimately related to the benefits of modern life that we are reluctant to relinquish.

Please support our journalism. Get a digital subscription for just $9.50!

Wajcman devotes less attention to why we might rue speed. But by the same token, modernity and technology have always been associated not just with social progress but also with destruction and violence. Speed is arguably synonymous with modernity, and as Marshall Berman argues in his classic book All That Is Solid Melts Into Air, ambivalence has always been the dominant—and appropriate—response to modernity.

There is also a more specific class dimension to the pace of daily life. As opposed to the “leisure class” of yore, intense work and what Barbara Ehrenreich has dubbed “conspicuous busyness” are associated with high status. (Fat, of course, was once a status marker, until ordinary people got fat; perhaps as the proles won shorter working hours, something analogous happened to leisure.) It may be that some of us claim to be busier than we are—or that, if we find ourselves with time, we rush to fill it. Thus, unscheduled time may itself lead to feelings of stress rather than relaxation. If you aren’t very busy—or, preferably, “crazy busy”—you must not be very important. When we complain about how busy we are, it may be sincere, but it is also a kind of humblebrag.

Yet Wajcman recognizes that fast-paced, busy lives may provide us with genuine satisfactions, even as they leave us frazzled: “action-packed lives,” she writes, can be “both stressful and affirming.” Similarly, our current time practices stem from certain societal changes that we can’t or wouldn’t want to roll back. At their root, we find some feminist triumphs: more women pursue professional success, while more men invest more time in parenthood. Though these victories are partial (Wajcman notes that women tend to feel more harried and more compelled to multitask than men), this is a sign of progress. But both professional achievement and parenting take time—lots of time. (We should also keep in mind the single working mother for whom a hectic schedule is a necessity, not a lifstyle choice.)

This ambivalence and the reasons for it—the fact that we welcome progress, increased convenience and the sheer excitement of speed in different forms—are so deeply entangled with detrimental effects (the stress and feelings of disaffection that come with living a mediated life, the actual physical danger of speed in some cases) that the phenomenon is interesting to analyze but difficult to address. Accordingly, the prescriptive portion of Wajcman’s book is considerably weaker than the descriptive part. She makes a few gestures at drawing out the implications of her analysis: “the process of technical innovation and design needs to be opened up to reflect a broader range of societal realities and concerns.” But she does not elaborate on how we might carry out this rather vague idea. And in fact, much of her analysis seems to imply that we are doing just fine. In her zeal to challenge dogmatic condemnations, she sometimes errs too much on the side of uncritical celebration. She shows that we are not passive victims of technological innovation, but rather use our gadgets creatively to maintain intimacy. She demonstrates fairly convincingly that we aren’t doing as badly as we think, but she doesn’t leave us with a sense of how we might do better still.

This lacuna is all the more striking because her discussion of ICTs (information and communications technologies) is almost exclusively about the C. She discusses e-mail, cellphones and texting, but says almost nothing about our consumption of information, in particular media and social media, which combines elements of I and C, and which has become such a dominant part of the landscape. In both the news and social media, speed has had costs: as news outlets rush to churn out content, that content becomes increasingly sloppy and shallow. She also doesn’t acknowledge that our gadgets and social-media sites are operated by corporations that stand to profit from our addictions to them.

* * *

We don’t have less time than ever; on the contrary, life expectancy has steadily increased. What we have, at this latest point so far in human history, is more of so much else—more people, more books, more cultural products of every kind, in addition to the staggering volume of online content. We feel ever more acutely the mismatch between available time and all the possible ways we could spend it. Population growth has overlooked effects: even if Steven Pinker is right that per capita violence has declined, something horrible is always happening to someone, and thanks to our ICTs, we’re going to hear about it in “real time.” This fosters a sense of relentless drama, of the world spiraling out of control, and chronic low-grade anxiety.

And yet, despite the ostensible constant novelty—new information, new communication, new techno-toys—there is a numbing sameness to the experience of daily life for many of us. Too much of life is spent in the same essential way: clicking and typing and scrolling, liking and tweeting, assimilating the latest horrors from the news. And this relates back to the speed of time’s passage. True experiential variety, the social scientists tell us, is what gives life the feeling of passing more slowly—getting out of our routines, having adventures. It’s when the days pass by in a barely distinguishable blur that we look back and think, “Where did the time go?”

When Wajcman critiques technological determinism, she emphasizes that social practices shape the use of technology. This sounds empowering, but it can also be oppressive. As a late adopter, I can attest to the social pressure that eventually makes it an effective necessity to buy the big, new tech product or participate in the latest hot social-media site. Yet with every social act, and however infinitesimally, we either buttress or erode a social norm, or begin to establish a new one. A universal slowdown or a global unplugging is neither desirable nor achievable; but, as Wajcman stresses, a more reflective relationship with time and technology is. Last week, I sent dozens of e-mails, but I also wrote a letter to my best friend, in pencil, on paper. I texted my husband at work, but I responded to a text message from my downstairs neighbor by ringing her doorbell. These things take more time, but they also give us memories that enrich it. Some of us are lucky to have more sovereignty over time than we think. http://www.thenation.com/article/194921/speed-kills





Are Smart Drugs Driving Silicon Valley?

Smart Drugs: What Silicon Valley's on
Laurie Segall and Erica Fink

Open the refrigerator in entrepreneur Dave Asprey's home and you may as well be at a pharmacy.

Every morning he downs a cocktail of about 15 pills, along with his trademark Bulletproof Coffee, which is designed to increase focus. He also squirts a dark-colored goop down his throat called Unfair Advantage, a product he says helps his body metabolize food more efficiently.

He spews names you probably have never heard before: Piracetam, Aniracetam, CILTEP, Methyl, Cobalamin.

Asprey's morning dose is a mix of what's referred to as smart drugs, a broad term for compounds that may increase cognitive function. He also describes many of them as nootropics, which generally refer to natural supplements or nutrients. The terms are often used interchangeably.

The wide umbrella includes everything from fish oil to prescription-only medications like Modafinil, a narcolepsy drug that healthy people sometimes use for the off-label purpose of working all night long.

While many smart drugs are natural and legal, others require prescriptions and are acquired illegally for non-medical usage.

Each one has a different benefit, Asprey, 41, says. One may help bolster memory, another will help you focus. One of his pills helps improve vision, and another promises more energy. They all have the same goal -- to help you maximize your potential.

The idea: mix and match enough of them to find the killer combo; the winning blend is what's known as a "stack." Asprey's stack is ever evolving as he experiments with different ingredients.

After selling his first company for millions, Asprey realized that he was unhealthy and decided to focus on losing weight and maximizing his brainpower.

"When I weighed 300 pounds, I was having really bad problems with brain fog," he said. "As an entrepreneur, that's a problem. I fixed that."

Asprey says he spent 15 years and over $300,000 to "hack his own biology." Along with supplements, he also uses techniques to exercise his brain -- he claims to have increased his IQ by 20 points. His health podcast has been downloaded more than 6 million times.

He now markets and sells some of the supplements he takes. Many of his customers are in Silicon Valley, where the competition is fierce and there's pressure to perform.

With limited research on long-term effects of smart drugs, much of the experimentation is controversial. But that doesn't stop people, according to Tim Ferriss, a Valley entrepreneur and investor.

"Just like an Olympic athlete who's willing to do almost anything, even if it shortens your life by five years, to get a gold medal, you're going to think about what pills and potions you can take," Ferriss said. "In many people's minds, the difference between completely failing ... and making a billion dollars, is right here," he explained, pointing to his head.

Ferriss is a leader in the quantified-self movement, a group focused on tracking and manipulating what's going on inside their bodies. He says he's tried every class of drugs you can imagine, describing himself as a human guinea pig.

While nootropics are gaining steam, entrepreneurs are capitalizing.

Y Combinator, a prominent Silicon Valley accelerator, received a number of applications from entrepreneurs looking to create their own nootropics companies.

"There's clearly consumer demand," Y Combinator president Sam Altman told CNNMoney. "We haven't funded one, we're still getting to understand the space."

There are still many unknowns -- as new stacks crop up, there are reports of new side effects. Online communities on sites like Reddit are filled with discussions of personal experimentation with different nootropics.

"I think that people should follow the Hippocratic oath with themselves: Do no harm," Ferris says. "Rule number one, if you don't know what the side effect is, you're playing in really dangerous waters."

Ferriss warns against taking a handful of smart drugs in the morning.

"It's hard enough to understand the long-term consequences of a newly developed single drug...let alone if you take two, three, or four different drugs together," he said.

Asprey maintains his daily stack is his key to success and continues to live and sell the Bulletproof lifestyle.

"It feels almost seamless, like I just got upgraded...That's a gift," Asprey said.
http://money.cnn.com/2015/01/25/tech...ugs/index.html





The Internet of Gas Station Tank Gauges
HD Moore

Automated tank gauges (ATGs) are used to monitor fuel tank inventory levels, track deliveries, raise alarms that indicate problems with the tank or gauge (such as a fuel spill), and to perform leak tests in accordance with environmental regulatory compliance. ATGs are used by nearly every fueling station in the United States and tens of thousands of systems internationally.

Many ATGs can be programmed and monitored through a built-in serial port, a plug-in serial port, a fax/modem, or a TCP/IP circuit board. In order to monitor these systems remotely, many operators use a TCP/IP card or a third-party serial port server to map the ATG serial interface to an internet-facing TCP port. The most common configuration is to map these to TCP port 10001. Although some systems have the capability to password protect the serial interfaces, this is not commonly implemented.

Approximately 5,800 ATGs were found to be exposed to the internet without a password. Over 5,300 of these ATGs are located in the United States, which works out to about 3 percent of the approximately 150,000 [1] fueling stations in the country.

An attacker with access to the serial port interface of an ATG may be able to shut down the station by spoofing the reported fuel level, generating false alarms, and locking the monitoring service out of the system. Tank gauge malfunctions are considered a serious issue due to the regulatory and safety issues that may apply.

Who is affected?

An Internet-wide scan on January 10th, 2015 [3] identified approximately 5,800 ATGs with TCP port 10001 exposed to the internet and no password set. The majority of these systems belong to retail gas stations, truck stops, and convenience stores. A number of major brands and franchises were represented in the dataset. An unknown number of ATGs are exposed through modem access. The majority of the ATGs appear to be manufactured by Vedeer-Root, one of the largest vendors in this space, and were identified on IP ranges associated with consumer broadband services. The graphs below indicate the top 10 states with exposed ATGs followed by a breakdown of ATGs by ISP.

How serious is this?

ATGs are designed to detect leaks and other problems with fuel tanks. In our opinion, remote access to the control port of an ATG could provide an attacker with the ability to reconfigure alarm thresholds, reset the system, and otherwise disrupt the operation of the fuel tank. An attack may be able to prevent the use of the fuel tank entirely by changing access settings and simulating false conditions, triggering a manual shutdown. Theoretically, an attacker could shut down over 5,300 fueling stations in the United States with little effort.

How was the issue discovered?

Jack Chadowitz, founder of Kachoolie, a BostonBase Inc. spin off, reached out to Rapid7 on January 9th, 2015 [3] after reading about Rapid7's previous research into publicly exposed serial port servers. Mr. Chadowitz became aware of the ATG vulnerabilities through his work in the industry and developed a web-based portal to test the exposure as well as a secure alternative solution. Mr. Chadowitz asked Rapid7 for assistance investigating the issue at a global level. On January 10th, Rapid7 conducted an internet-wide scan for exposed ATGs with TCP port 10001 exposed to the internet. Rapid7 sent a Get In-Tank Inventory Report request (I20100) to every IPv4 address [2] that had TCP port 10001 open. The response to this request included the station name, address, number of tanks, tank levels, and fuel types.

Is this being exploited in the wild? How exploitable is it?

To the best of our knowledge this issue is not being exploited in the wild. However, it would be difficult to tell the difference between an intentional attack and a system failure. Public documentation from Vedeer-Root provides detailed instructions on how to manipulate ATGs using the serial interface, which also applies to the TCP/IP interface on port 10001. No special tools are necessary to interact with exposed ATGs.

What can be done to mitigate or remediate?

Operators should consider using a VPN gateway or other dedicated hardware interface to connect their ATGs with their monitoring service. Less-secure alternatives including applying source IP address filters or setting a password on each serial port.
https://community.rapid7.com/communi...uges?hn-repost





D-Link Routers Vulnerable to DNS Hijacking
Zeljka Zorz

At least one and likely more D-Link routers as well as those of other manufacturers using the same firmware are vulnerable to remote changing of DNS settings and, effectively, traffic hijacking, a Bulgarian security researcher has discovered.

Todor Donev, a member of the Ethical Hacker research team, says that the vulnerability is found in the ZynOS firmware of the device, D-Link's DSL-2740R ADSL modem/wireless router.

The firmware in question is implemented in many networking equipment manufactured by D-Link, TP-Link Technologies and ZTE, he noted for Computerworld.

The flaw allows attackers to access the device's Web administration interface without authentication, and through it to modify the DNS settings, which could allow them to redirect users to malware-laden and phishing sites and prevent them to visit legitimate sites for OS and software updates (including security software).

Donev hasn't notified D-Link of this flaw, but has released exploit code for the flaw in a security advisory.

The flaw can be exploited remotely if the device's interface is exposed to the Internet - and many are, to allow legitimate remote administration.
http://www.net-security.org/secworld.php?id=17888





An Airgap Won’t Secure Your Computer Anymore
P. H. Madore

Security professionals have said for years that the only way to make a computer truly secure is for it to not be connected to any other computers, a method called airgapping. Then, any attack would have to happen physically, with the attacker actually entering the room and accessing the computer that way, which is incredibly unlikely. In the case of computers containing highly sensitive information, additional, physical security can always be added in the form of security guards, cameras, and so on.

Researchers at Georgia Institute of Technology have uncovered a vulnerability in all computers, however, which can be exploited regardless of an air gap. It’s a vulnerability which you’d never suspect, and it’s one that’s hard to fight against. All CPUs emit electromagnetic signals when they are performing tasks, and the first thing these researchers discovered was that binary ones and zeroes emit different levels. The second thing they discovered is that electromagnetic radiation is also emitted by the voltage fluctuations and that it can be read from up to six meters away. These signals, by the way, are known as side-channels, and they are well-documented in the cryptography field.

The Least Traditional Attack You’ve Ever Seen

Side channels are a powerful class of attacks that circumvent traditional security protections and access controls. Unlike traditional attacks that exploit vulnerabilities in what the system does, side channel attacks allow information to be obtained by observing how the system does it, reads their white paper.

The researchers, whose names are Robert Callan, Alenka Zajic, and Milos Prvulovic, have developed software which allows them to overcome the two main problems of this type of attack: multiple weak signals and determining what is of interest and what is not, such as keystrokes. In this video, Milos demonstrates that the keystrokes can be decoded in real time from across the room.

The white paper tries very hard to impress the importance of this vulnerability. An attacker who knows what they are looking for can do a great deal of damage using technology like this. They note that a vulnerability rating has been proposed recently, but that the proposal doesn’t do much in the way of providing developers of future technologies with a roadmap of improvement.

The current state of the art is the recently proposed Side-Channel Vulnerability Factor (SVF), which measures how the side channel signal correlates with high-level execution patterns (e.g. program phase transitions). While this metric allows overall assessment of the “leakiness” of a particular system and application over a given side channel, it provides limited insight to 1) computer architects about which architectural and microarchitectural features are the strongest leakers, and to 2) software developers about how to reduce the side channel leakiness of their code.

Nothing New Under the Sun

Elsewhere, in Israel, a similar process has been developed for except it runs on a cell phone, called the AirHopper. This was done back in October to challenge a policy of letting people bring their mobile phones on secure sites as long as they locked them up in a locker before beginning work. The Israeli researchers proved that they could get data from computers that were connected to no standard network by using side-channels.

With the foundations laid for this sort of compromise, one can only assume that it will be developed by governments and bad actors alike in order to further spy on communications of everyday people as well as gain access to incredibly sensitive data.

Farraday Cage Remedy

Conceivably, rooms containing computers or the computer cases themselves could be augmented with Farraday cages that would prevent this sort of close-range monitoring because the signals wouldn’t make it past the cage. Doing this on your home PC might seem overkill now. But as the technique gains wider usage and the technology which enables it is improved, a revival of wardriving could happen in highly populated areas, this time with the intention of stealing passwords and other sensitive data. One thing is for sure: the future of computer security will have to account for this new, universal vulnerability in some way.
https://hacked.com/airgap-wont-secure-computer-anymore/





How to Hack an ADT Alarm System
Brian Rhodes

This report explains the key steps in hacking an alarm system, like ADT, as was presented in a Defcon 22 presentation.

The risk of such a hack has become major news as a class action lawsuit was filed against ADT recently, claiming that ADT could be 'easily hacked'.

Summary According to the Defcon 22 presentation, the most straightforward way to hack / disable an alarm system is to:

• Find out the frequency the alarm system transmitter uses from publicly available FCC documentation.
• Get a software defined radio, set it to that frequency to jam it.
• Periodically, for very short periods of time, stop jamming to overcome / trick anti-jamming functionality in the system.


For those interested in reading the original research, see Logan Lamb's Defcon 22 whitepaper and presentation.

Finding Frequencies

The hack relies on knowing which unencrypted wireless frequencies are used by intrusion alarms. Specifically, the frequency band used by individual types of sensors and devices. In the US, commercially sold wireless devices are issued licenses by the FCC and the specific frequency they use for communication is public record.

For example, Honeywell's license catalog includes over 300 license applications since late 2011. The record includes frequency information for devices like:

• Ademco Panel (~433.92 MHz)
• Tuxedo Touch Panel (WiFi: 2412.0 - 2462.0 MHz)
• Various Motion Sensors (~310 Mhz - 350 MHz) (eg: PIR1, PIR2)
• Keypads (344.94 MHz)
• Door and Window Sensors (315.0 MHz)

Indeed, even 'proprietary' systems sold to major alarm companies carry public FCC filings, like this ADT keypad and the entire wireless 2GIG catalog.

A quick search of most major alarm companies return records, including

• UTC (GE, Tyco, ADT) (310.0 MHz to ~990 MHz)
• Vivint (~905.0 MHz)
• Napco (~319.0 MHz - 320.0 MHz )
• Sensormatic (~550.0 MHz - 927.25 MHz)

See the full list of companies with FCC applications on file here.

To exploit this weakness, the main challenge is knowing which system / transceiver the site being targeted uses. This would be easiest for inside jobs, but possibly quite hard going after a facility one has never been in. In any case, prominently displaying window stickers or yard signs could actually assist a hacker into zeroing in on a specific range of frequencies:

Software Defined Radio

The equipment needed to search out, monitor, and jam these frequencies are commonly classified as 'SDRs' or 'Software Defined Radios' and are widely available. The primary function of these devices is to scan a range of radio bandwidth for activity on known frequencies. Using USB connected scanner cards and laptops, an entire spectrum of wireless traffic is visable:

The specific type of SDR demoed in the Defcon hack is profiled in the video clip below:

Once wireless alarm activity is observed, exploiting it is straightforward. For example, this Vivint Motion Detector is shown to operate at 345.0 MHz. Disrupting normal communication with the wireless control panel requires overpowering or jamming alarm signal from that sensor using the same setup.

Overcoming Anti-Jam Protection

Some alarm systems are equipped with anti-jamming features that monitor for this tactic. The cyber-researchers found that if the jamming is turned off for a fraction of a second, and right back on that it would still stop the system from triggering its anti-jam alert while still blocking real alerts from being sent when an intrusion occurs. In general, panel RF Jamming features must be enabled by the installer.

For example, the researchers defeated Honeywell's protection by running a jam for 20 seconds, turning it off for one second, then rerunning the jamming routine. (See Defcon Whitepaper Section 4.3.2) This process effectively defeated the panel's anti-jamming protection. Another exploit for 2GIG/Vivint panels modified the process by turning the jam on for 50 seconds, but turning it off for 0.2 seconds.

The specific parameters of an anti-jam process vary according to panel type, but researchers found the protection could be defeated with trial and error in test systems.

Not a Cheap Hack

The equipment cyber-researchers used to pull off the exploits are quite expensive. The pricing for the requisite SDR with ample power ranges between $1000 and $4000 USD, and require a high level of technical experience to deploy effectively.

The Defcon researcher reported his setup cost more than $2000, a cost that will certainly be out of reach or tolerance for many 'smash & grab' criminals.

While SDRs are easy to get and inexpensively available online, like this $15 example from Amazon, their effectiveness has not been evaluated. The whitepaper only reflects results achieved by using moderately expensive, professional gear.

Other Advanced but More Complex Exploits

The equipment and basic process of this exploit can be modified into other methods for tricking alarm systems. For example, the basic jamming attack might also be used to spoof the (non-alarming) presence of supervised alarm sensors if exact device details are known. However, such an attack would likely require significant time investment not typical of random 'smash and grab' robberies. These are explained in more detail in Logan Lamb's Defcon 22 whitepaper.
http://ipvm.com/report/hack-adt-alarm-system





'Anonymized' Credit Card Data Not So Anonymous, Study Shows
Seth Borenstein and Jack Gillum

Credit card data isn't quite as anonymous as promised, a new study says.

Scientists showed they can identify you with more than 90 percent accuracy by looking at just four purchases, three if the price is included - and this is after companies "anonymized" the transaction records, saying they wiped away names and other personal details. The study out of the Massachusetts Institute of Technology, published Thursday in the journal Science, examined three months of credit card records for 1.1 million people.

"We are showing that the privacy we are told that we have isn't real," study co-author Alex "Sandy" Pentland of MIT said in an email. His research found that adding just a glimmer of information about a person from an outside source was enough to identify him or her in the trove of financial transactions they studied.

Companies routinely strip away personal identifiers from credit card data when they share information with outsiders, saying the data is now safe because it is "anonymized." But the MIT researchers showed that anonymized isn't quite the same as anonymous.
Drawing upon a sea of data in an unnamed developed country, the researchers pieced together available information to see how easily they could identify somebody. They looked at information from 10,000 shops, with each data piece time-stamped to calculate how many pieces of data it would take on average to find somebody, said study lead author Yves-Alexandre de Montjoye, also of MIT.

In this case the experts needed only four pieces, three if price is involved.

As an example, the researchers wrote about looking at data from September 23 and 24 and who went to a bakery one day and a restaurant the other. Searching through the data set, they found there could be only person who fits the bill - they called him Scott. The study said, "and we now know all of his other transactions, such as the fact that he went shopping for shoes and groceries on 23 September, and how much he spent."

It's easier to identify women, but the research couldn't explain why, de Montjoye said.

The study shows that when we think we have privacy when our data is collected, it's really just an "illusion," said Eugene Spafford, director of Purdue University's Center for Education and Research in Information Assurance and Security. Spafford, who wasn't part of the study, said it makes "one wonder what our expectation of privacy should be anymore."

"It is not surprising to those of us who spend our time doing privacy research," said outside expert Lorrie Faith Cranor, director of the CyLab Usable Privacy and Security Laboratory at Carnegie Mellon University. "But I expect it would be surprising to most people, including companies who may be routinely releasing de-identified transaction data, thinking it is safe to do so."

Credit card companies and industry officials either declined comment or did not respond to requests for comment.

The once-obscure concept of metadata - or basic transactional information - grew mainstream in recent years following revelations by former National Security Agency contractor Edward Snowden. Those disclosures from once-top secret U.S. government documents revealed that the NSA was collecting the records of digital communications from millions of Americans not suspected of a crime.

The use of so-called "big data" has been a lucrative prospect for private companies aiming to cash in on the trove of personal information about their consumers. Retail purchases, online web browsing activity and a host of other digital breadcrumbs can provide firms with a wealth of data about you - which is then used in sophisticated advertising and marketing campaigns. And big data-mining was used extensively in the 2012 president election to win over voters or seek out prospective donors.

"While government surveillance has been getting a lot of press, and certainly the revelations warrant such scrutiny, a large number of corporations have been quietly expanding their use of data," said privacy consultant and author Rebecca Herold. Studies like this show "how metadata can be used to pinpoint specific individuals. This also raises the question of how such data would be used within insurance actuarial calculations, insurance claims and adjustments, loan and mortgage application considerations, divorce proceedings."

---

Online:

Journal Science: http://www.sciencemag.org
http://hosted.ap.org/dynamic/stories...01-29-14-03-28





How Big Data Could Limit Super Bowl Sticker Shock

By helping visitors find low-cost lodging in Phoenix for the big game.
Alex Salkever

Andrew Kitchell is from Seattle and is the co-founder of PriceMethod, a startup that helps AirBnB and HomeAway hosts price their properties. His co-founder Joe Fraiman is from Boston. They both follow football and pondered going to the Super Bowl, but were floored by the high prices for accommodations—even though their business is all about supply and demand, which gives them a certain insight into the impact of 100,000 people abruptly descending on a city in search of an affordable place to stay.

So Kitchell and Fraiman flipped their methodology around and built a simple tool to help Super Bowl attendees find cheaper last minute lodging. They took the same Big Data harvesting and categorization infrastructure they had built and, on a dime, put a new UI on the results to make it easier for the public to search for cheap accommodations—the exact opposite of their normal business helping peer-to-peer property owners charge what the market will bear.

I caught up with Kitchell to talk with him about their Super Bowl findings and how PriceMethod crawls data and builds data models that can give property owners the same pricing tools as big hotel chains. Here's a lightly edited version of our conversation.

Leveling The Playing Field

ReadWrite: So where did the idea come from?

Andrew Kitchell: We are a data science-focused team of Y Combinator alums, and usually we help Airbnb and HomeAway listings with data-driven pricing. However, my co-founder is from Boston, and I'm from Seattle, so we thought this would be a fun time to use our data to help our fellow football fans.

RW: Tell us a little bit about how PriceMethod works.

AK: We’re trying to level the playing field for P2P (peer-to-peer) accommodations versus traditional big hotels. To do that, we need to have a good picture of the entire market including hotels and other accommodation sources.

As a base we collect data from Airbnb and HomeAway, the two biggest P2P accommodation networks. We do that several times per day. Additionally, we collect hotel price and occupancy data from multiple sources across the Internet. Primarily, we use hotel data to build a predictive pricing model for local demand. We assume that hotels, because they have very strong predictive pricing tools, are already baking in good assumptions for local demand based on their own algorithms and historical data.

We also use vacation rental and P2P property data to build a reactive pricing model. This adjusts prices based on how local demand translates into actual bookings within a neighborhood, inventory type. You need that in the P2P market because it is still somewhat unpredictable.

RW: How do you account for things like the price of inventory taken off the market?

AK: For scraped hotel and vacation rental or P2P listings, we infer the "booked price" for any day from the last observed price. We collect data from channels throughout the day, so we will observe and record any booking within, at most, 24 hours. With a linked account, we can get perfect access to booking data. However, as a first step, we can use the last observed price to inform a robust model.

How To Build A Pricing Model

RW: Your team has some deep experience in building pricing models for big financial firms in commodities and other trading markets. How do you build your pricing models for the P2P accommodations markets?

AK: Our current pricing model consists of four components. First, we base price recommendations on the average market value of similar listings. Then we make a local adjustment due to the popularity of any given neighborhood. This adjusts and improves our base pricing model.

We then apply a time-sensitive model model informed by the booking curve of the local market, taking into account time periods expected for local bookings. Lastly, we look at demand driven changes depending on the local availability of vacation rentals and hotels.

Q: So how is the Super Bowl different in terms of pricing?

A: By our calculation, at least 75% of the P2P and vacation rental market is underpriced for the Super Bowl. We're seeing some amazing price increases for informed owners, and our favorite example of how the rest of the accommodations market is moving is captured by the fact that someone is selling a basic room for 20x their normal rate.

For the Super Bowl, we wanted to determine how hosts could price their home during a period of exceptional demand. So we actually skewed our model to analyze how much experienced P2P hosts—those with more reviews and more future bookings—were increasing prices, and how booked out these listings were at their raised prices. In some cases, owners are increasing their prices up to 15 times their normal rates, so we were able to observe bookings at this homes to discern the efficacy of these increases.

For hosts during the Super Bowl, we used this analysis to recommend a reasonable range of price increases for other homes. For travelers attending the Super Bowl, we used this same process to determine which homes were priced best in comparison to their potential value.

Let's Talk Nerdy

RW: What does your tech stack look like?

AK: It’s a Rails stack with a PostGres database and Reddis for caching. The whole thing is sitting on top of Amazon Web Services so we can spin up as many nodes as we need to do our crawls. We use Mechanize for a lot of our crawling and are using a combination of APIs, mobile APIs and standard Web data to fuel our system. AWS makes it very easy to get up and running. It’s almost a no brainer. It has so many tools and for the cost and the power, it’s quite amazing.

RW: For vacation rental owners that use you, how much more money can they expect to make?

AK: Our initial numbers show we are increasing their revenue by 20% to 40%. Those numbers will get better as we have a large set of customers. We can’t disclose numbers right now but this is a huge, multi-billion dollar market that is poorly addressed right now. AirBnB is adding thousands of listings per day. We’re bootstrapping right now and are going to raise money in a few months. But we’re confident the market is there.
http://readwrite.com/2015/01/29/supe...ethod-big-data





The Pirate Bay is Back
Jack

Longtime torrent site The Pirate Bay, absent for months, returned to https://thepiratebay.se this week.

Welcome back mateys.

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

January 24th, January 17th, January 10th, January 3rd

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 12:40 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)