P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 18-03-15, 07:35 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - March 21st, '15

Since 2002


































"It's a larger problem on the right: Everybody is scared of Fox. Fox is their route to a high-profile public image and in some cases stardom. Just to be on a Fox show is a big deal. And I think that's a problem on the right, Fox's monopoly on star-making power." – Mickey Kaus


"We ship [boxes] to an address that's has nothing to do with the customer, and then you have no idea who ultimately it is going to." – Cisco






































March 21st, 2015




Windows 10 Peer-to-Peer Downloading to Help Torrents, File-Sharing Sites

Microsoft is now leveraging the benefits of peer-to-peer or BitTorrent-style distribution for its upcoming Windows 10 to potentially help making the updating and downloading process easy and less agonizing. This new option allows users to enable "updates from more than one place," with the ability to download apps and OS updates from multiple sources.

The Verge reported a leaked build of Windows 10 indicating Microsoft will use peer-to-peer technology for its Windows Update.

In the past, Microsoft has invested heavily in its own Windows Update servers, which steer clear from patches to home and business users. But it seems very limited. Thus, peer-to-peer or BitTorrent-style distribution is seen to be the best option to speed up Windows updates and ease of delivery.

According to the same report, the downloading apps and updates enable user to download "from multiple sources to get them more quickly." They can then choose to get apps and updates from other PCs on a local network, and from other computers on the Internet.

In the same note above, the use of peer-to-peer distribution could possibly help Torrents and other file-sharing sites in downloading apps and updates.

As reported, P2P technology - the center of BitTorrent - lets a user get parts of a file, such songs or videos, or even software, from various sources such as a local network, and other computers on the Internet. In turn, he or she can share what one already has with other peers.

However, Geek debunked that Microsoft is not fully embracing the torrent, after it has added peer-to-peer update and app delivery to Windows 10. However, this functionality will be reserved for Windows Update and the Windows Store app.

The Verge also noted that Microsoft in 2013 acquired Pando Networks, whose peer-to-peer file sharing technology is similar to BitTorrent. Aside from Microsoft, it was previously reported that Facebook has used BitTorrent system to deploy across its thousand of servers.

Microsoft has not commented on the leak or the planned feature, and neither has the functionality arrived in the public Windows 10 Technology Preview.
http://www.vcpost.com/articles/49973...ring-sites.htm





Strike Search - A Modern Approach to BitTorrent Searching
Andrew Sampson

Introducing: http://getstrike.net/torrents/

It’s that time of the year again, spring, where I attempt to create a new product that will help make everyone happier. This year I decided with my new found love for hoarding mass amounts of data, that i’d create something I thought was very much needed; a modern torrent search engine.

When I say modern I’m not just referring to aesthetics, anyone can make a web 2.0 page with all the latest trends. What I mean is a search engine that does all the hard work for you, one that knows you don’t want 6700 junk torrents with a “similar” string in them, one that can realize that tv show you just looked up has a new episode and should give it to you first, one that can tell you all the relevant information you need to know about it, quickly without redirecting you a billion times.

But that is simply the start of what I’m trying to deliver with Strike Search, Strike itself is a compilation of various FOSS I’ve created to help make a better Home Theater, this search had to allow the end user to quickly get their desired torrent on any device. There is no need for word clouds or similar torrents, you as the user know what you’re looking for. Its the engines job to figure out the best result.

From the start I knew this would be a completely non-profit project, so sorry to all users, but there won’t be any hot singles in your area or fake download buttons filled with malware. I wanted to offer the cleanest experience I could for users, that is to say, while also keeping them safe.

Which brings us to privacy, our policy is straight forward, as all should be.

Any information that is logged is discarded within 24 hours, logged information is simply for engine learning reasons, nothing more, a local cache of common terms to help with the directing of results. Similar to stopwords.

For all the developers out there, I haven’t forgotten about you, similar to my last major project Netflix Roulette where I attempted to create an alternative to the Netflix API, I’ve designed a robust API here for developers who need to seek information on torrents. You’ll be able to find a full write up on it over here: http://getstrike.net/api/

But lets go over a few key points of features it offers.

If you just want to get the information of a single torrent based on its hash do the following

http://getstrike.net/api/torrents/in...CCACA97DA14C04

You will receive the following JSON output

Code:
[{"results":1,"statuscode":200,"responsetime":0.0012},[{"torrent_hash":"B425907E5755031BDA4A8D1B6DCCACA97DA14C04","torrent_title":"Arch Linux 2015.01.01 (x86\/x64)","torrent_category":"Applications","sub_category":"","seeds":645,"leeches":13,"file_count":1,"size":"587 MB","upload_date":"Jan  6, 2015","uploader_username":"The_Doctor-","file_info":[{"file_names":["archlinux-2015.01.01-dual.iso"],"file_lengths":[615514112]}]}]]
Now if you require more torrents, simply place a comma and continue adding more hashes, the maximum is 50 a query. Duplicates are removed automatically by the API.

Go ahead and send this query

http://getstrike.net/api/torrents/in...FB38B888B9ECC9

You will receive yet another json object, this one containing two torrent arrays

Code:
[{"results":2,"statuscode":200,"responsetime":0.0013},[{"torrent_hash":"5d4fd5a64e436a831383773f85fb38b888b9ecc9","torrent_title":"FreeBSD 7.1 i386.DVD.iso","torrent_category":"Applications","sub_category":"","seeds":7,"leeches":0,"file_count":1,"size":"2.09 GB","upload_date":"Jan  5, 2009","uploader_username":"eauvision","file_info":[{"file_names":["7.1-RELEASE-i386-dvd1\\7.1-RELEASE-i386-dvd1.iso"],"file_lengths":[2239475712]}]},{"torrent_hash":"B425907E5755031BDA4A8D1B6DCCACA97DA14C04","torrent_title":"Arch Linux 2015.01.01 (x86\/x64)","torrent_category":"Applications","sub_category":"","seeds":645,"leeches":13,"file_count":1,"size":"587 MB","upload_date":"Jan  6, 2015","uploader_username":"The_Doctor-","file_info":[{"file_names":["archlinux-2015.01.01-dual.iso"],"file_lengths":[615514112]}]}]]
If you want more information on the API head over to http://getstrike.net/api/

Thats about all I can say, you can try out Strike Search here

http://getstrike.net/torrents/





Why Copyright Trolling in Canada Doesn’t Pay: Assessing the Fallout From the Voltage – TekSavvy Case
Michael Geist

The Canadian media featured extensive coverage over the weekend of the federal court decision that opens the door to TekSavvy disclosing the names and addresses of thousands of subscribers and establishes new safeguards against copyright trolling in Canada. While some focused on the copyright trolling issues, others emphasized the disclosure of the names and the possibility of lawsuits.

What comes next is anyone’s guess – Voltage indicates that it plans to pursue the case – but the economics of suing thousands of Canadians for downloading a movie for personal purposes may not make sense given current Canadian law. This post examines the law and estimated costs of pursuing file sharing litigation against individuals, concluding that the combination of copyright reform, the Voltage decision, likely damage awards, and litigation costs will force would-be plaintiffs to reconsider their strategies.

Start with the likely damage award if a case went to court. The maximum liability for an individual for non-commercial infringement in Canada is $5,000 for all infringements. With nothing more than IP addresses, there is unlikely to be any evidence of commercial intent or benefits (going for a commercial claim would require far more evidence and expensive litigation). While $5,000 is the cap, the actual number is likely to be far lower as the law sets a minimum award of $100. The law provides some additional guidance for judges:

in the case of infringements for noncommercial purposes, the need for an award to be proportionate to the infringements, in consideration of the hardship the award may cause to the defendant, whether the infringement was for private purposes or not, and the impact of the infringements on the plaintiff.

I would argue that the actual number is likely to be at the low-end of the scale for a first-time case. These are non-commercial cases involving movies with a market value for consumers of around $15 to $25 with some selling for under $10. Moreover, the impact of the infringements on the plaintiff are also low since Voltage chose relatively low-profile movies (see page 9), some of which had minimal earnings (for example, Puncture earned $68,945 worldwide). Contrary to some reports, the Hurt Locker is not one of the films in this case.

Perhaps the best comparable is the New Zealand copyright tribunal three strikes cases which have awarded actual market value for the copyright work (eg. $2.39 for a song) and added tribunal and application fees, a deterrence fee, and a portion of the cost of obtaining the user’s information. Tribunal and application fees would not apply to a demand letter in Canada. The deterrent fee has been as low as zero with others around $100 per infringement. There is often also a fee for obtaining the name and address, typically at about $50 for three notices.

Since Canadian demand letters would not involve tribunal or application fees, a reasonable number is going to be very close to the $100 minimum for a first-time, non-commercial infringement with no other warnings or notices. The federal court hinted at this last week, noting that “damages against individual subscribers even on a generous consideration of the Copyright Act damage provisions may be miniscule compared to the cost, time and effort in pursuing a claim against the subscriber.”

As discussed in my post on the case, the decision establishes a system of court oversight for the demand letters as the contents will be approved by the parties (including CIPPIC) and the case management judge. The letter must also “clearly state in bold type that no court has yet made a determination that such subscriber has infringed or is liable in any way for payment of damages.” With a full review of the letter, a court is unlikely to grant its approval if the demands are viewed as excessive. Indeed, it seems likely that the court will require settlement demands that are consistent with likely damage awards.

Even if Voltage were successful in convincing a court to award ten times the marketplace value of a $15 movie – $150 – the economics do not make sense. Assuming Voltage manages to convince 75% of recipients to settle for the $150 demand, the campaign would generate $225,000 in revenue. Yet that must be offset by paying the TekSavvy costs before any names are released (which alone were estimated at $200,000 at the federal court hearing), covering their own costs (assume a matching $200,000 to collect the IP addresses, retain experts, and fund the litigation), and dealing with thousands of demand letter recipients (if each letter costs $30 in time and money that adds another $45,000).

Under this scenario, Voltage will have settled three quarters of its cases for ten times the market value of a $15 movie and will have lost hundreds of thousands of dollars in the process. In fact, even if the demands were doubled to $300 per subscriber, the case will still just break even. Moreover, there are still the remaining 25% of recipients who have not responded, many of whom may believe they have (in the words of the federal court) “perfectly good defences to the alleged infringement.” If Voltage pursues them in court, the costs of the litigation (the federal court ruled all follow-on cases will be subject to case management) will far outstrip any likely award as every court case is a money loser. If Voltage does not fight in court, the decision to only send demand letters will be used as evidence of copyright trolling in any future case and the federal court ruled that “improper motive” (ie. demand letters without intent to litigate) could be enough to deny future motions for subscriber information.

In sum, file sharing lawsuits against individuals in Canada do not make economic sense if the goal is to profit from the litigation (the Voltage case is different from earlier industry-backed lawsuits that were geared toward deterring file sharing). First, since Canadian law points to very low damage awards and court oversight will make it difficult to demand anything beyond the likely damage awards, settlements may not even cover costs. Second, some cases will require litigation and every case that goes to court will result in losses for the rights holder. Third, failure to litigate those cases will make it difficult to obtain future court orders for subscriber information since those litigants will be suspected of copyright trolling.
http://www.michaelgeist.ca/2014/02/c...oll-economics/





Inside the 'Notorious' Canadian Internet Company Targeted by the US Government
Jordan Pearson

For the last two decades, Tucows has tried to remain one of the good guys on the internet. To the US government, however, they’re ‘notorious.’

Since its start in the 90s, the Canadian company has morphed from a freeware download site to a legitimate mobile carrier. The office of the US Trade Representative also recently listed them as a "notorious market" for illegal goods and accused the company of shielding bad actors online. How did Tucows get here, and will it keep trying to fight the good fight as it grows larger?

Tucows started out sharing free software in the 1993 on its founder’s personal website. In 1995, it merged with a Toronto-based internet service provider. Since then, it’s risen to prominence as one of the largest domain name registrars in the world, and in 2012 launched a scrappy startup mobile carrier in the US called Ting, which piggybacks on the Sprint network and is lauded by its customers for its transparent, pay-for-what-you-use pricing.

Now, Tucows is going head to head with the biggest telecommunication companies in America by bringing Ting-branded gigabit fiber internet to the municipalities that want it. So far, that’s amounted to two networks, one in Charlottesville, Virginia, and one Westminster, Maryland.

Basically, the company has done it all when it comes to the internet business—from software downloads to actual infrastructure—and it’s paying off, if its cavernous Toronto warehouse office is any indication.

When I visited Tucows’ headquarters, it was adorned by massive hanging banners displaying the logos of the company’s brands. A lot of them say “Ting.” As I strolled through the offices, a fresh crop of Ting representatives was being trained to deal with customer complaints, which the company handles on an individual basis. There’s no computerized voice asking you to pick from a bevy of numbered options when you call Tucows. Apparently, they have a huge backlog of customer voicemails to get through.

At the end of my office walkabout, I sat down with Tucows CEO Elliot Noss and Graeme Bunton, the company’s manager of public policy, in Noss’s cozy office. A big, old, shaggy dog lazed about next to Noss in stark contrast to the low-key hustle of the rest of the building.

“We were always very much in that service provider space,” Noss said of the company’s long and winding history. “We took a lot of what we did in retail spaces, and we just applied it to mobile. For us, there’s real commonality across all of those businesses. And underneath all of it is a deep love and respect for the internet.”

To be sure, one of the most curious things about Tucows is its apparent commitment to a free and open internet. Tucows’s website declares its support for pro-net neutrality organizations like Fight for the Future. The company has also spoken out against mass surveillance, raised money for digital rights group Electronic Frontier Foundation (EFF), and participated in the EFF’s 2014 day of action against mass surveillance. Bunton was an original member of the Toronto-based digital rights think tank Citizen Lab.

“Who are the world’s most prolific hackers right now? They are a huge array of cybercriminals, and a huge array of state actors; it’s like the political spectrum is a circle and it’s bent upon itself,” said Noss. “The internet is not broken. It is amazingly self-healing, and what it needs, and what we need, is more openness, more transparency, and more honesty, and not more secrecy and more control.”

This ostensible focus on internet freedom hasn’t exactly fostered a cozy relationship with US regulators. As previously mentioned, Tucows landed on the US Trade Representative’s annual list of notorious markets due to the company’s practice of not responding to takedown requests from companies alleging that Tucows registers domains for sites selling illegal goods. This is despite the fact that a domain name registrar has essentially no say in the content of the websites on its roster, Bunton told me.

“We get a ton of spurious complaints,” said Bunton. “So, we take a very careful and considerate approach to every complaint we get, and that doesn’t make everyone happy all the time.”

Tucows has faced legal troubles before. In one notable case, Renner, a Brazilian retailer, filed an internal ICANN dispute against Tucows for buying the domain name renner.com, along with 30,000 others in a wholesale domain sale. Renner claimed that Tucows had purchased the domain name in bad faith—cybersquatting, basically. Tucows responded by taking the issue to open court in Ontario, a case which resulted in a legal first: the judge decided, for jurisdictional reasons, that domain names are personal property in the province and ruled in Tucows’ favour.

“When you file a [dispute], you’re limited in the amount of evidence you can bring and there’s no downside to taking that action,” Noss explained. “If you wanted an extremely valuable domain name, and it’s worth $200,000 to you, and it costs $5,000 to do a [dispute], then you might as well try your luck. We were trying to take away their lottery ticket to a cheap domain name.”

At this point, you might be wondering why Tucows, despite being a Canada-based company, hasn’t tried its hand at bringing Ting mobile or Ting gigabit fiber internet to Canada. After all, as any Canadian knows, despising our respective telecommunications companies of choice is part of what keeps our country together. We all hate the weather, and we all hate our internet and mobile providers.

For gigabit fiber internet, Noss suggested the reason is cultural. While net neutrality turned into a heated national debate in the US and the role of security agencies in surveilling the populace is a political flashpoint, Canadians appear miserable but comfortable when it comes to these issues despite high prices and low speeds.

“There’s effectively no municipal broadband movement in Canada,” Noss said. “There were enough opportunities in places that actually wanted it, and that’s where we focused our attention. People are pounding on our doors from all over the US. We have not had one inbound request from Canada.”

As for mobile, Noss said that the regulations in place regarding the mobile spectrum—frequency bands reserved for cellular use and auctioned off to the highest bidder—don’t do enough to allow new carriers to break into the Canadian telecom oligopoly of Rogers, Bell, and Telus.

Although the Canadian government has set caps on the amount of spectrum a single telecom can hold and reserves a certain amount of spectrum for newcomers in auctions, a large number of spectrum licenses still go to the biggest players.

An investigation into the issues surrounding new entrants to the mobile market is currently underway by the Canadian Radio-television and Telecommunications Commission, and aspiring mobile carriers like Tucows are thirsty to become service providers in Canada. But it could be years before any resulting mandate goes into effect, Noss said.

The other option, Noss said would be to become a mobile virtual network operator, which involves paying a bigger mobile company to access and use its network and then charging customers separate retail rates. In the US, Ting mobile was able to piggyback on the Sprint network at a cost low enough to actually make a profit. Noss said that every major Canadian telecommunications company he’s asked has not even offered Tucows a price for sharing their networks.

If Tucows ever gets the break it needs to get a foothold in Canada, Bunton said that the company would continue to be a benevolent actor in a world of terrible corporations who’ve partnered with security agencies to fork over user data.

This may indeed be the case, but this is also coming from a private company angling for a slice of a market dominated by big players. At the end of the day, Tucows is playing the same game as its larger competitors. “Trust us, not Comcast,” the company seems to say.

Tucows certainly talks the talk, and up until now have walked it, too. But if the company becomes the major player it wants to be one day, it's going to be subject to the pressures faced by bigger companies when the feds come knocking for customer information. Will Tucows be able to hold the line?

“There seems to be something in the DNA of the company that cares about a free and open internet—that’s core to the company, and we will hold to that going forward,” Bunton said after sighing and reminding me that it’s been a long time since he was at Citizen Lab. “I can’t imagine being in a world where we’re rolling over.”

Noss leaned forward in his seat. “The only thing I’d add to that is that we always do have to obey laws, and sometimes there are limits,” he said. “Being creative in the way that you deal with those situations is important and often constrained.”

Noss said that in five years, he expects Ting mobile and gigabit fiber internet to be the company’s bread and butter, completing the transition from software distributor in the 90s to full-on internet service provider in the 21st century. “And,” Noss said, “hopefully we will have done a little bit in Canada.”

Bunton guffawed.

“I would phrase that differently," he said. "Nothing seems to change in Canada."
http://motherboard.vice.com/read/ins...-us-government





Inside Popcorn Time, the Piracy Party Hollywood Can’t Stop
Andy Greenberg

Popcorn Time was an instant hit when it launched just over a year ago: The video streaming service made BitTorrent piracy as easy as Netflix, but with far more content and none of those pesky monthly payments. Hollywood quickly intervened, pressuring Popcorn Time’s Argentinian developers to walk away from their creation. But anonymous coders soon relaunched the copyright-flouting software. Today, Popcorn Time is growing at a rate that has likely surpassed the original, and the people behind it say they’re working on changes designed to make the service virtually impervious to law enforcement.

As Popcorn Time celebrated the first anniversary of its rebirth, WIRED chatted via email and instant message with a software developer from Popcorn-Time.se, one of the most popular of several reincarnations of Popcorn Time. (The anonymous developer asked us to use Popcorn Time’s smiling popcorn-box mascot “Pochoclin” as a pseudonym.) Popcorn Time’s masked spokesperson says the streaming movie and TV app is flourishing—in defiance of many of the world’s most powerful copyright holders and EURid, the domain registrar that seized the original site’s web domain last year.

Popcorn-Time.se, Pochoclin says, has millions of users and is growing at the mind-bending rate of 100,000 downloads per day. He or she also hinted that its forthcoming switch to a peer-to-peer architecture will make the service far harder for copyright cops to attack. “We’re at the threshold of one of the most exciting times since we started this project,” Pochoclin writes. “Making all our data available via p2p will mean that Popcorn Time will no longer rely on domains and centralized servers but only on its user base.”

“After everything we went through,” Pochoclin said, “this will be our sweetest revenge and our biggest victory.”

When Popcorn-Time.se started responding to WIRED’s questions in November, Pochoclin said the reborn project already had 4 million users. But it had taken a serious hit a few months earlier, when Brussels-based domain registrar EURid revoked its website domain, Time4Popcorn.eu. At its new Swedish domain, it’s only recently returned to that earlier adoption rate. (Pochoclin wouldn’t reveal its current user base for fear of drawing more attention from law enforcement or copyright holders.) “[EURid’s domain seizure] was just a small setback … a small but painful kick to the balls,” the spokesperson says. “We’ve grown this project tremendously since we picked it up … The numbers just keep rising.”

For any other year-old startup, those numbers would seem ludicrous. But Popcorn Time is giving away Hollywood’s most valuable content for free, and making that piracy easier than ever. Download Popcorn Time’s app and in seconds you’re offered a slick menu of streaming TV shows and movies at least as easy to navigate as Netflix or Hulu—but with higher-quality video and hundreds of recent movies and TV shows paid services don’t offer.

Popcorn Time isn’t a new kind of piracy so much as an inviting new front-end interface for the BitTorrent underground. The software collects and organizes popular files from existing BitTorrent sources like the Pirate Bay, Kickass Torrents, Isohunt, and YTS. “We’re like Google,” Pochoclin says, “scraping for new content all over the internet.” By integrating its own video player and prioritizing its downloads from the first chunk of the video file to the last, it makes those sites’ files immediately streamable. With Popcorn Time, the complexity of BitTorrent search engines, trackers, clients, seeds, decompression, playback, and storage is reduced to a single click. That’s made this BitTorrent-for-dummies the virtually undisputed future of video piracy.

Pochoclin says Popcorn-Time.se offers this streaming service pro bono. It doesn’t charge for downloads, and neither its app nor its website display ads. “We just did it for the love of this project,” Pochoclin writes. “It was something we believed in. And once it started taking off … as it did from the start, all the love that we were getting from Popcorn Time users made us just keep on going without really stopping to think where this road is taking us.”

That road, it seems, points toward a collision course with the Hollywood’s copyright lawyers. Documents revealed in last year’s Sony hack revealed that the Motion Picture Association of America boasted of a “major victory” in pressuring Popcorn Time’s original developers to scupper the service. The MPAA declined to comment on any measures it’s taking against the new Popcorn Time. In a January 20 letter to shareholders, Netflix CEO Reed Hastings wrote that “piracy continues to be one of our biggest competitors,” and referred to Popcorn Time by name, calling a graph showing its rising Google searches “sobering.” Neither Netflix nor Hulu responded to WIRED’s requests for comment.

Pochoclin says the service doesn’t do anything illegal: It merely organizes preexisting BitTorrent files hosted on other sites. “It’s all automated and all working on existing open source technologies and existing websites online. Therefore, it’s legal. Or better … not illegal,” Pochoclin says. “We all live in a free society, where what is not forbidden is allowed.”

That’s not a defense that’s likely to succeed in an American court. An MPAA spokesperson pointed out in an email to WIRED that previous software like Napster, Grokster, isoHunt, and Limewire didn’t directly host content either, but courts ruled that all of them were infringing on copyrights. Even though it merely helps users stream video files made available elsewhere, Popcorn Time could be accused of “contributory liability,” says University of Richmond intellectual property law professor Jim Gibson. A service whose primary, intended function is aiding copyright infringement doesn’t need to host any files to be illegal. “If they know that they’re actually facilitating the downloading or streaming of copyrighted movies and they continue to do it, they’re in trouble,” Gibson says.

With legal threats looming, Popcorn-Time.se is working on new defenses. In about a month, the group says it plans to launch a version of the app that will update its TV and movie content with the same peer-to-peer BitTorrent protocol that it uses to stream movies, pulling data from other users rather than a central server. That means that even if its domain or other central infrastructure is taken down, Popcorn Time would still function. In a second upcoming phase, Popcorn-Time.se says it will have the ability to update the app itself via peer-to-peer downloads, using cryptographic signatures to ensure no malicious code propagates through its network. When those updates are in place, Pochoclin says, “only our users will decide whether we live or die … This way, Popcorn Time will be unstoppable.”

But even if the service itself does develop an invincible peer-to-peer architecture, Popcorn Time’s developers may be personally vulnerable to a lawsuit or even criminal charges. The Swedish founders of the Pirate Bay, for instance, were successfully prosecuted for running the massively popular BitTorrent website, and the United States is seeking the extradition of Megaupload founder Kim Dotcom from New Zealand to face criminal copyright infringement charges.

For now, Popcorn Time’s developers depend on their unnamed web hosting company to ensure their anonymity, which is hardly a bulletproof strategy. “We’re anonymous but not in hiding,” Pochoclin says. “We guess our hosting company does know who we are. But they’re not supposed to give our information out to anyone. And it’s good enough for us.”

With Popcorn Time’s popularity skyrocketing, it may soon find out whether those defenses are good enough to hold off a horde of MPAA lawyers, too. Pochoclin may be cute. But he’s made some powerful enemies.
http://www.wired.com/2015/03/inside-...ood-cant-stop/





Popular File-Sharing Site YTS Torrent aka YIFY Eludes Domain Suspension By Moving From YTS.re To YTS.to
Erik Pineda

Popular movie file provider YTS, formerly known as YIFY, moved its domain from YTS.re to YTS.to in order to elude an impeding crackdown on its global operations. YTS has been tagged by the U.S. government as a pirate site for hosting movie titles, mostly American-produced.

According to Torrent Freaks, YTS or YIFY was forced to transfer from its French-hosted domain name following a warning from domain registry FRNIC that its YTS.re domain name is subject for suspension. Succumbing to pressures from authorities, FRNIC warned YTS that the suspension order will take effect March 2015.

Pre-emptive fix

The YIFY team quickly sprang into action and moved the YTS domain, a group representative told Torrent Freaks. “We got a warning from FRNIC that the domain is frozen and will be suspended by the end of March,” the report quoted the YTS admin as saying.

The incident was labelled by the group as minor and vowed that its operation will continue without issues. YIFY also thanked FRNIC for issuing its suspension notice in advance, allowing the group to smoothly migrate from one domain to another.

YTS added that it somehow expected the issue, conceding that it is understandable for domain registries to cave in to pressures in order to avoid legal complications. “I don’t blame them for caving into threats. After all, 10 to 50 USD per year is not enough to warrant the hassle of dealing with lawyers and 3rd party law enforcement bodies. It’s easier and cheaper to just drop the client,” the group said.

Mounting pressure

YIFY points to the usual suspects as the source of growing heat after them but the group brushed aside the likelihood of them going the same way as The Pirate Bay. The Pirate Bay went offline December 2014 after its server site was raided by Swedish authorities. But the site successfully resumed operation last month though its functions remain limited.

In moving the domain name, YTS has advised that some adjustments will be made but navigating though its site will work in the same way as before.

YTS or YIFY has gained notoriety in recent years for offering torrent files that allow users to share and download movie titles, mostly coming from Hollywood, in 720p, 1080p and 3D format. The files are relatively small that further drive up the traffic generated by the site.

Authorities have warned that downloading or sharing of copyrighted materials – movies, music, eBooks and software – is illegal. Sites like The Pirate Bay and YTS or YIFY have been accused of hosting such activities.
http://au.ibtimes.com/popular-file-s...-ytsto-1431621





Mexico Offered Sony $20M in Tax Breaks for List of James Bond Demands, Including No Mexican Villain
Selena Hill

More than 100,000 people have been killed in Mexico since 2006 in the country's brutal drug war, which continues to perpetuate gross gang- and drug-based violence and corruption. However, while it is critical that the country invest capital into curtailing the failed war on drugs, Mexican officials decided to allocate $20 million to MGM and Sony to help clean up the country's tarnished image.

A new report published by TaxAnalysts.com revealed that MGM and Sony producers received up to $20 million in tax incentive in order to depict positive aspects of Mexico in the latest James Bond film, titled "Spectre." In return, Mexican demanded changes to the movie's script and cast that would present the country in a positive light in wake of recent acts of violence that has sparked international outrage, reports The Telegraph.

Included in Mexico's list of demands was the request that the villain be played by a non-Mexican actor, for the assassination target to be changed from the mayor of Mexico City to be an international official and that Mexican police were replaced by a "special force." In addition, officials also requested that a "known Mexican actress" be casted to play the "Bond girl." According to the Los Angeles Times, Mexican actress Stephanie Sigman of the hit "Miss Bala" was announced as "Bond girl" Estrella.

Initially, Mexico was supposed to be featured only in the first few minutes of the movie. However the Mexican government was willing to give Sony $14 million in exchange for those changes. An additional $6 million offered to producers to replace a cage fighting scene with footage of Mexico's popular Day of the Dead holiday and highlighting Mexico City's "modern" skyline.

The report also states that then-Sony Chair Amy Pascal advised the filmmakers to "add whatever travelogue footage we need in Mexico to get the extra money."

According to Taxanalysts, information from the report about "Spectre," which is due out this year, was fetched from leaked documents at Sony hacked by North Korea.
http://www.latinpost.com/articles/42...an-villain.htm





Sales of Streaming Music Top CDs in Flat Year for Industry
Ben Sisario

The American market for recorded music was flat in 2014, but income from streaming services like Spotify and Pandora has quickly grown to become a major part of the business, eclipsing CD sales for the first time, according to a report released Wednesday by the Recording Industry Association of America.

The association, a trade group that represents the major record companies, said that recorded music generated $6.97 billion in 2014, down less than 0.5 percent from the year before, when revenue was slightly more than $7 billion.

Overall revenue from recorded music, after falling from a high of $14.6 billion in 1999 — when CDs were the dominant format — has remained relatively stable for the last several years, hovering around $7 billion, according to the recording industry association. But within that total, the sources of income have changed significantly as consumers have increasingly shifted their purchasing habits online.

In 2010, for example, when 253 million CDs were sold, sales of physical formats, like CDs and vinyl LPs, made up about 52 percent of total music revenue; downloads represented 32 percent, and streaming about 6.6 percent. (Ringtones and other miscellaneous income made up the rest.) By last year, the number of CDs sold had fallen to 144 million, and the split between formats was evening out: Physical formats were 32 percent of revenue, digital downloads 37 percent and streaming 27 percent.

The finer details of the industry association’s report, which is compiled from data supplied by the record companies, show how quickly the shifts are happening. In 2014, downloads of singles and albums generated about $2.6 billion, down 8.5 percent from the year before. CD sales were down 12.6 percent to $1.85 billion. (Vinyl records, a growing niche, were worth $321 million, up 50 percent.)

In aggregate, the various kinds of streaming outlets generated $1.87 billion, up nearly 29 percent from the year before — and, for the first time, slightly more than the total for CDs. That figure includes not only paid subscription outlets like Spotify, Rdio and Rhapsody, but also Internet radio services like Pandora, which does not let users pick exactly what songs they will hear, and outlets like YouTube and Spotify’s free tier, which let users pick specific songs and are generally supported by advertising.
http://www.nytimes.com/2015/03/19/bu...-industry.html





New Figures Reveal that Metallica's Finances Are in the Red: They're Losing Money Due to 'Disastrous Decisions'
Art

Despite regularly headlining some of the world's biggest festivals, playing on every continent and having their fingers in as many pies as a rotund Grandmother, Metallica are currently losing money.

A string of terrible financial decisions have cost them according to authors Paul Brannigan and Ian Winwood in their new book, 'Into The Black'.

“Since 2010 it’s likely that Metallica have lost more money than they’ve made.”

The pair explained to literary website The Weeklings: "By their own admission, the two stagings of the Orion festival were disastrous financially, and the shambles that was the Through The Never movie cost $32 million and will only recoup a fraction of that amount.

"Factor in HQ staff salaries, crew retainers and assorted running costs associated with maintaining an entertainment corporation and you can easily understand why the band – of necessity now rather than by choice – are driven to tour Europe every summer."

"Through The Never film project was a horrible misjudgement, a misguided attempt to breathe new life into a decade-old idea," they say. "As the film spiraled horribly over-budget it’s hard not to imagine that at least one band member – and let’s be honest, we’re talking about James Hetfield here – thinking ‘What the fuck have we got ourselves into?’ Quite how that ‘script’ ever got the green light is an unfathomable mystery."

Still, trying to picture a hard-up Lars Ulrich is more difficult than drawing God.

Feel like flying even closer to the earth-shatteringly shameful, funny and irreverant in the music world? Then 'like' us on Facebook by clicking HERE.

We strive to support new music, are the quickest to report on music news, give free festival tickets and post things even more dreadful than Chad Kroeger in shades on a day-to-day basis. We're independent and enjoy exercising our freedom of speech... And freedom of skullduggery. There's nothing better than skullduggery.
http://www.supajam.com/news/story/Ne...rous-decitions





Samuel Charters, Foundational Scholar of the Blues, Dies at 85
Larry Rohter

Samuel Charters, whose books and field research helped detonate the blues and folk music revival of the 1960s and 1970s, died on Wednesday at his home in Arsta, Sweden. He was 85.

The cause was myelodysplastic syndrome, a type of bone marrow cancer, his daughter Mallay Occhiogrosso said.

When Mr. Charters’s first book, “The Country Blues,” was published at the tail end of the 1950s, the rural Southern blues of the pre-World War II period was a largely ignored genre. His book immediately caused a sensation among college students and aspiring folk performers, like Bob Dylan, who would later become pop stars — a small but ultimately influential group. The book, which remains in print to this day, created a tradition of blues scholarship to which Mr. Charters would continue to contribute with books like “The Roots of the Blues” and “The Legacy of the Blues.”

“In retrospect, we can mark the publication of ‘The Country Blues’ in the fall of 1959 as a signal event in the history of the music,” the music historian Ted Gioia wrote in his book “The Delta Blues” (2008). As “the first extended history of traditional blues music,” Mr. Gioia said, it was “a moment of recognition and legitimation, but even more of proselytization, introducing a whole generation to the neglected riches of an art form.”

Released in tandem with “The Country Blues” was an album of the same name containing 14 songs, little known and almost impossible to find at the time, recorded in the 1920s and 1930s by artists like Robert Johnson, Sleepy John Estes, Blind Willie McTell and Bukka White. Mr. Dylan’s first album, recorded in 1961, included a version of Mr. White’s “Fixin’ to Die,” and within a decade other songs by the singers and guitarists Mr. Charters had highlighted were staples in the repertoires of blues and rock bands like the Allman Brothers, Canned Heat, Cream and the Rolling Stones.

Equally important, the aura of mystery Mr. Charters created around his subjects — where had they disappeared to? were they even alive? — encouraged readers to go out into the field themselves. Over the next five years, John Fahey, Alan Wilson, Henry Vestine, Dick Waterman and other disciples tracked down vanished names like Mr. White, Mr. Estes, Skip James and Son House, whose careers were thus revived and whose song catalogs were injected into folk and pop music.

“I always had the feeling that there were so few of us, and the work so vast,” Mr. Charters told Matthew Ismail, the author of the 2011 book “Blues Discovery.” “That’s why I wrote the books as I did, to romanticize the glamour of looking for old blues singers. I was saying, ‘Help! This job is really big, and I really need lots of help!’ I really exaggerated this, but it worked. My God, I came back from a year in Europe and I found kids doing research in the South.”

Mr. Charters had himself earlier succumbed to the lure of field work, and he would continue to travel on four continents in pursuit of overlooked music and artists for the next 50 years. In 1958, he had gone to the Bahamas to record the guitarist Joseph Spence (who would influence the Grateful Dead, Taj Mahal and others), and a year later he helped revive the career of the Texas guitarist Lightnin’ Hopkins.

Throughout the 1960s, as the audience for the blues expanded exponentially, Mr. Charters continued to write about the music and to produce blues-based records for Folkways, Prestige, Vanguard and other labels. “The Poetry of the Blues,” with evocative photographs by his wife, Ann Charters, was published in 1963, and “The Bluesmen” appeared in 1967; during that same period he also wrote two books about jazz, “Jazz New Orleans” and, with Leonard Kunstadt, “Jazz: A History of the New York Scene.”

By the mid-1960s, Mr. Charters had broadened his focus to include contemporary electric blues, producing an influential three-record anthology of new recordings called “Chicago: The Blues Today!” Songs from that collection, as well as from albums Mr. Charters produced for Junior Wells, Buddy Guy, James Cotton and Charlie Musselwhite, were soon covered by rock groups like Led Zeppelin and Steppenwolf and remained rock standards through the decades that followed.

Samuel Barclay Charters IV was born into comfortable circumstances in Pittsburgh on Aug. 1, 1929, and grew up there and in Sacramento, Calif. In autobiographical writings and interviews, he would recall a childhood immersed in jazz and classical music. He dated his interest in the blues to first hearing Bessie Smith’s recording of “Nobody Knows You When You’re Down and Out” when he was about 8 years old.

After serving in the Army during the Korean War, he spent time in New Orleans, where he played clarinet, banjo and washboard in bands and studied with the jazz clarinetist George Lewis while also researching that city’s rich musical history. He then went back to California, where he earned a degree in economics from the University of California, Berkeley, before returning to the field.

After the initial impact of “The Country Blues,” which would be inducted into the Blues Hall of Fame in 1991, Mr. Charters resumed performing music, more for the sheer fun of it than as a livelihood. He played with Dave Van Ronk in the Ragtime Jug Stompers and then formed a duo called the New Strangers with the guitarist Danny Kalb, later of the Blues Project.

By the mid-1960s, Mr. Charters had also been drawn to the psychedelic music emerging in the San Francisco area. He produced the first four albums by Country Joe & the Fish, including the satirical “I-Feel-Like-I’m-Fixin’-to-Die Rag,” one of the best-known protest songs of the Vietnam War era.

Mr. Charters had long been involved in the civil rights movement and left-wing causes, and the Vietnam War infuriated him. He moved to Sweden with his family in 1970 and later acquired Swedish citizenship, eventually settling into a pattern of shuttling between Stockholm and Storrs, where his wife, now retired, taught American literature for many years at the University of Connecticut.

After leaving the United States, Mr. Charters published several collections of poetry, including “Things to Do Around Piccadilly” and “What Paths, What Journeys,” and wrote novels, among them “Louisiana Black” and “Elvis Presley Calls His Mother After the Ed Sullivan Show.” He also translated works from Swedish by authors including the poet Tomas Transtromer, who in 2011 won the Nobel Prize in Literature, and wrote a book in Swedish, “Spelmannen,” about Swedish fiddlers.

In addition, Mr. Charters wrote two books with his wife, an expert on the literature of the Beat Generation as well as a pianist and photographer: a biography of the Russian poet Vladimir Mayakovsky and “Brother Souls: John Clellon Holmes, Jack Kerouac and the Beat Generation.”

He also continued to write extensively about jazz and blues until the end of his life. His book “A Language of Song: Journeys in the Musical World of the African Diaspora,” a series of essays on the evolution of music in places like the Caribbean, Brazil and the Georgia Sea Islands, was published in 2009. Two other books, “Songs of Sorrow,” a biography of Lucy McKim Garrison, who in the mid-19th century compiled the first book of American slave songs, and “The Harry Bright Dances,” a novel about roots music set in Oklahoma, are scheduled for publication next month.

Besides his wife and his daughter, a psychiatrist, Mr. Charters is survived by a son from an earlier marriage, Samuel, a naval architect, and another daughter, Nora Charters, a photographer. Beginning in 2000, Mr. and Mrs. Charters donated much of their vast collection of recordings, sheet music, books, photographs and other documents to the University of Connecticut.

“For me, the writing about black music was my way of fighting racism,” Mr. Charters said in his interview with Mr. Ismail. “That’s why my work is not academic, that is why it is absolutely nothing but popularization: I wanted people to hear black music.”
http://www.nytimes.com/2015/03/19/ar...ies-at-85.html





The Dark Web’s Top Drug Market, Evolution, Just Vanished
Andy Greenberg

In the 18 months since the Silk Road online black market for narcotics was taken down by a swarm of three-letter agencies, a site known as Evolution has taken its place at the top of the dark web drug trade. Now Evolution, too, has suddenly dropped off the face of the internet. But unlike its Silk Road predecessor, there’s no indication that law enforcement took down the newer black market. Instead, it’s simply, mysteriously vanished—with rumors swirling that its own administrators may have run off with many millions of dollars of its users’ drug money.

Over the past weekend, the massive anonymous market known as Evolution halted withdrawals of bitcoin from its website, telling users that it was dealing with technical difficulties. Then on Tuesday evening, both its market and user forum went offline, with no opportunity for drug buyers and sellers to pull out the funds they had stored in their Evolution accounts. The result has been a wave of panic that’s shaken the online black market economy as much as any of the law enforcement drug busts of the last two years.

Late Tuesday, a Reddit user named NSWGreat who had earlier self-described as an Evolution drug dealer and “public relations” staffer —he or she had even hosted an “ask me anything” session about the job days earlier—wrote a post to Reddit’s darknet markets forum that claimed to confirm Evolution’s administrators had in fact shut down the site’s back end too, and escaped with users’ money; NSWGreat described confronting Evolution’s two pseudonymous owners, Verto and Kimble, who he or she says then admitted they were closing the market and stealing its funds. “I am so sorry, but Verto and Kimble have f–ked us all. I have over $20,000 in escrow myself from sales,” NSWGreat wrote. “I’m sorry for everyone’s loses, I’m gutted and speechless. I feel so betrayed.”

“Don’t do this to us Evo staff please,” another user pleaded in a response on Reddit. “I owe money and I can’t pay if this is true. My lifes in danger. Please don’t be true please”

If Evolution’s owners did in fact steal their users’ funds stored on the site—a theory that’s still not confirmed—it’s not clear just how much they would have profited. But given the size of Evolution’s market, with nearly 20,000 drug product listings as well as thousands more items ranging from weapons to stolen credit cards, the sum could easily be millions or even tens of millions of dollars worth of bitcoin. For comparison, the FBI seized $3.6 million worth of bitcoin from the original Silk Road at the time of its October 2013 takedown, when the site was still significantly smaller than Evolution.

For other dark web markets, technical glitches and long downtime would be routine, rather than a sign of a major scam. But since it first appeared online just over a year ago, Evolution had developed a reputation for professionalism and reliability. According to the site Dark Net Stats, the site had a 97% uptime rate, far higher than competing markets like Agora or the now-defunct Silk Road 2. The site gained users’ trust by offering a feature known as “multi-signature transactions,” designed to prevent exactly the sort of bitcoin theft its administrators are now accused of. (That system, would require at least two out of three parties in a transaction—the buyer, the seller, and Evolution’s administrators—to sign off on a deal. But due to its complexity, buyers rarely used the feature.) That relative sophistication, along with the seizure of several smaller competitors in a string of law enforcement busts late last year, contributed to Evolution’s rising position over the last year as the go-to online black market.

But Evolution also distinguished itself from other markets by its far looser sense of morality. While other sites followed the original Silk Road’s ethos of selling only victimless contraband, Evolution also trafficked in stolen identity information. Its founder known as Verto had previously run a site known as the Tor Carder Forum, another invite-only dark web site devoted exclusively to credit card fraud. Given that criminal mindset, it may be no surprise that the site’s owners might have eventually become willing to steal from their own users, too. As one user wrote on Reddit’s dark net market forum, “[I’m] really… surprised Evo went out like this, but I mean from former carders and fraudsters; would you expect anything less?”

Others pointed out that competing black markets like Agora, which briefly held the top spot as the most popular dark web market before Evolution, will likely absorb the refugees from Evolution’s vanished market. But even so, the Evolution staffers’ theft of millions of dollars from their users—if it’s confirmed—would put a temporary but serious dent in the internet’s underground drug economy. “I am guessing [Evolution’s owners] have new identities and a nice remote beachside mansion all lined up, probably there already,” one user wrote on Reddit. “Damn, sounds like a movie, except real people lost real money.”
http://www.wired.com/2015/03/evoluti...scam-dark-web/





Australia’s Brandis Prepares to Introduce Site-Blocking Legislation
Allie Coyne

The federal government plans to introduce legislation next week allowing content owners to apply for court orders to force internet service providers to block overseas file-sharing websites.

The Copyright Amendment (Online Infringement) Bill - led by Attorney-General George Brandis - was today cleared for introduction into parliament by the Coalition.

A spokesperson for Brandis confirmed the bill would be introduced next week, and was expected to be referred to the Senate Legal and Constitutional Affairs Legislation Committee for review.

"There will be adequate time for consultation and for people to make submissions throughout this process," the spokesperson said.

The bill - the text of which is yet to be made public - will facilitate the blocking of overseas websites used for downloading and uploading copyright infringing content.

John Stanton, CEO of telco industry body the Communications Alliance, said it was "disappointing" that the industry had not been consulted on the bill prior to its impending introduction.

Simon Bush, head of the Australian Home Entertainment Distributors Association, confirmed rights holders had also not seen a copy of the draft legislation, but said both parties was aware it was coming.

The draft legislation forms part of the Government's crackdown on copyright infringement, announced last year.

Last December the ISP industry was given four months to develop a code for tackling online copyright infringement or risk having one forced upon it through legislation.

The Government at the same time said it would also amend the Copyright Act to enable rights holders to apply for a court order requiring ISPs to block access to non-Australian websites that had been proven to provide access to infringing content.

"The power will only apply to websites outside Australia as rights holders are not prevented from taking direct action against websites operated within Australia," the Government said at the time.

Brandis and Communications Minister Malcolm Turnbull at the time said such an approach was the "least burdensome and most flexible way" to address online copyright infringement.

They claimed rights holders had made efforts to improve content availability and affordability in recent times, but Australians were still downloading content without paying.

Turnbull also at the time conceded that shutting down overseas file-sharing websites could result in a game of whack-a-mole - evident through the reappearance of The Pirate Bay under a different domain after the file-sharing site was pulled down in a Swedish raid.

"If you are asking me is it possible for .. The Pirate Bay to then move to another IP address or another URL, of course that is true," Turnbull said at the time.

"There's no silver bullet here. There's a whole range of solutions and tools both on the side of the ISPs and on the side of the rights owners that will materially mitigate copyright infringement."

The site-blocking scheme has been likened to online censorship by critics including consumer advocate group Choice and Pirate Party Australia, who argue it will create a filter that will allow the content industry to hit consumers with disproportionate penalties.

Time running out for copyright code

ISPs and content owners have only several weeks left to reach agreement on the most contentious element of the industry code to tackle copyright infringement: cost.

Last month the two parties said they had come to agreement on the foundations for the three-strikes scheme, but were still working through who should foot the bill for its operation.

Stanton today told iTnews the parties were inching closer to resolution on the issue.

He said the "chasm" that had existed between the two parties during similar discussions in 2012 was now more of a "ravine" the ISP industry was hoping it could jump over.
http://www.itnews.com.au/News/401763...this-week.aspx





France Is Trying — and Mostly Failing — to Block Websites Accused of Promoting Terrorism
Pierre Longeray

France has attempted to block access to five websites, the first time the government has used a provision of legislation passed in November 2014 that authorizes officials to ban — without obtaining a court order — sites that promote terrorism.

The first site to be blocked was islamic-news.info, a pro-jihad site described by Radio France Internationale (RFI) journalist David Thomson as having "very little influence." Octave Klava, the director of the site's hosting company OVH, tweeted Monday that he had not been forewarned of the official blocking.

Pq personne ne nous a notifié LCEN pour fermer le site— Octave Klaba / Oles (@olesovhcom) March 16, 2015

As of Tuesday, the four other sites banned by the government were still accessible from French browsers, raising questions over the measure's efficacy. Speaking at a press conference Monday, a spokesman for the French interior ministry explained that the application of the law was still being "fine tuned." Contacted Tuesday by VICE News, the interior ministry declined to answer further questions about the blocked sites.

One of the blacklisted sites is Jihad Zone, an English-language website that publishes al Qaeda's magazine Inspire, as well as videos by the Islamic State (IS) and the al Nusra Front, a militant group operating in Syria and Lebanon. The site also dispenses advice on learning Arabic. On March 5, the site's editor announced that he would be taking a short leave of absence and that the site would be on a temporary hiatus.

AFP also listed al-Hayat Media Center, which publishes IS propaganda, as another blocked site. Several people have since pointed out that al-Hayat doesn't have a website — only a Twitter account — and that the blocked site belongs to an independent IS sympathizer.

The third site targeted by French authorities is Jihadmin, which publishes the propaganda videos of several militant organizations and doesn't claim allegiance to any particular group.

The fourth banned site is an Arabic-language website called "Islamic State in Iraq and the Levant," an amateur-looking blog with only three posts dating back to October 2014.

French magazine Télérama revealed Monday that as many as 50 additional sites could be taken down in the coming weeks.

The measure that allows the sites to be blocked was one of several counterterrorism laws adopted by the French parliament in November 2014 as the country reacted to becoming the largest Western contributor of jihadists to extremist groups in Iraq and Syria.

The website ban marks the second practical application the new counterterrorism legislation, which also permits officials to stop suspected jihadists from leaving the country. In February, three men and three women had their passports confiscated.

The internet has been in the French government's line of fire since November, two months before the January terror attacks that left 17 people dead in Paris. French Interior Minister Bernard Cazeneuve estimated in November that "90 percent of those who join terrorist groups in Iraq and Syria leave because of propaganda put out on the internet," a figure that has since been contested. Several reports have suggested that the recent wave of homegrown militants actually became radicalized in French prisons.

Previously, requests to block sites had to be authorized by a judge. Today, the police can make the decision without a judge's stamp of approval. The new measure mirrors the 2011 "Loppsi 2" law, which authorizes officials to block sites that host child pornography.

In theory, officials are supposed to notify the hosts or publishers of a request to remove their sites. If the sites have not been taken down within 24 hours, or if the host companies refuse to comply with the order, authorities can go directly to internet service providers to request that they block access.

Free speech advocates have denounced the method of "administrative blocking" as arbitrary, inefficient, and infringing on civil liberties. In response to these accusations, the government appointed magistrate Alexandre Linden, of the National Commission of IT and Liberties (Commission Nationale de l'Informatique et des Libertés — CNIL), France's data protection authority, to monitor the blocking requests filed by law enforcement officers and other authorities.

Critics have also decried the futility of the measure, since there are many ways to circumvent such bans. The sites are only blocked in France, and software that makes users appear to be from another country is easily accessible.
https://news.vice.com/article/france...ting-terrorism





Facebook Report Shows Slight Rise in Government Requests for Data

Facebook Inc recorded a slight increase in government requests for account data in the second half of 2014, according to its Global Government Requests Report, which includes information about content removal.

Requests for account data increased to 35,051 in the second half of 2014 from 34,946 in the first half, with requests from countries such as India rising and those from others including United States and Germany falling, the report by the world's largest Internet social network showed.

Facebook said it restricted 9,707 pieces of content for violating local laws, 11 percent more than in the first half, with access restricted to 5,832 pieces in India and 3,624 in Turkey.

"We will continue to scrutinize each government request and push back when we find deficiencies. We will also continue to push governments around the world to reform their surveillance practices in a way that maintains the safety and security of their people while ensuring their rights and freedoms are protected," Monika Bickert, Facebook's head of global policy management wrote in a blog post.

Bickert said Facebook challenges requests that appear to be "unreasonable" or "overbroad" and if a country requests content be removed because it is illegal, Facebook may restrict access only in that country.

The technology industry has pushed for greater transparency on government data requests, seeking to shake off concerns about their involvement in vast, surreptitious surveillance programs revealed by former spy agency contractor Edward Snowden.

Facebook, Microsoft, Yahoo and Google last year began publishing details about the number of government requests for data they receive.

Facebook on Sunday also updated its community standards to tell users what types of posts are not allowed on the service, providing guidance on policies related to self-injury, dangerous organizations, bullying and harassment, criminal activity, sexual violence and exploitation.

(Reporting by Shivam Srivastava and Supriya Kurane in Bengaluru; Editing by Anupama Dwivedi)
http://uk.reuters.com/article/2015/0...0MC0RX20150316





Premiere: A Pop Album All About Facebook and the NSA
Angela Watercutter

As his stage name, Big Data, might suggest, producer Alan Wilkis’s sound is heavily influenced by our tech-laden world. And on his extremely catchy debut album, he goes all-in with songs inspired by Edward Snowden, the Internet of Things, and even Facebook’s mood experiments.

“With each song on 2.0, I set out to explore a specific issue or moment in technology,” Wilkis says. “And lyrically they are often voiced from the perspective of the ‘bad guy’ in the narrative.”

How so? Well for the Snowden-themed song, “Snowed In,” the thoughts and statements of the NSA are “in the tone of a spurned or betrayed ex-lover,” Wilkis says. And the Internet of Things track frames our relationship with gadgets as being romantic but “verging on extreme codependence.”

To give all those narratives a voice, Wilkis assembled a roster of collaborators that includes Weezer’s Rivers Cuomo and WIRED favorite Twin Shadow. “I had the immense privilege of collaborating with a host of incredible vocalists on 2.0,” he says, “and at the end of the day I just hope these songs make you smile, dance, and think a bit.”

Check out 2.0 below. The album drops March 24.
http://www.wired.com/2015/03/big-data-album-premiere/





Ex-NSA Researcher Says that Apple’s Insecure App-Downloads Enable Windows-Style ‘Dylib’ Exploits
Martin Anderson

A former NSA and NASA security researcher claims to have identified techniques which enable the same kind of shared-library exploits in Apple’s OSX operating system that have plagued the Windows OS for over 15 years. Speaking to Threatpost at the CanSecWest conference in Vancouver, Patrick Wardle, who is the director of research for Security-as-a-Service provider Synack, contends that OSX’s ‘dylib’ libraries can be substituted for malicious versions, providing the same exploit functionality as the DLL (Dynamic Linked Library) has been providing to Windows’ hackers for many years.

“DLL hijacking has haunted Windows for a while” said Wardle. “it’s been abused by malware by a number of malicious adversaries. It’s a fairly widespread attack…I wondered if it was similar on OS X and I found an attack similar to that. Under the hood, there are technical differences, but it provides the same capabilities. Given you have a vulnerable app on OS X, you can abuse it the same way it’s abused on Windows,”

Dynamic libraries are shared components provided deep within the operating system as a common resource for programmers to utilise. In Mac OSX the extension for such files is .dylib (Dynamic Library), and in Windows .DLL (Dynamic Linked Library). One of the most common examples of a shared library is one which provides graphical or video driver functionality, a facility which may find a shared library in use by a messaging application, a video component of a non-videocentric application, or even a GUI customisation. Shared libraries cannot be executed as standalone applications in either platform, but are instead loaded at application runtime, at which point they share scope with the host application.

Wardle has developed a process where malicious OSX dylib files can bypass OSX’s otherwise quite ‘draconian’ Gatekeeper software, which checks the validity of developer certificates against hashes stored and verified by the Apple App Store. GateKeeper’s page at Apple promises “The Developer ID allows Gatekeeper to block apps created by malware developers and verify that apps haven't been tampered with since they were signed. If an app was developed by an unknown developer—one with no Developer ID—or tampered with, Gatekeeper can block the app from being installed,”

Discussing the exploit, which he will demonstrate on the 19th at CanSecWest, Wardle told Forbes:

“When the injected legitimate application is launched the unsigned malicious dylib is loaded or executed (even if the user sets his machine to accept ‘only all apps from the Mac App Store’) before the app’s main code. At this point the dylib can do anything. I see it a) kicking off the legitimate application that the user was downloading so nothing seems amiss, and b) installing the implant component which will then complete the rest of the attack, persistently infecting the user’s computer.”

It’s not a point-and-click exploit – the attacker will need to get on the same network as the target Mac, either through a breach or by sharing the same public Wi-Fi access point, and then inject a vulnerable but legitimate application and make some purely cosmetic changes to the appearance of the .dmg (virtual installer disk) file when mounted.

Wardle created a Python routine to check for susceptible applications on his own OSX-based machine, and found about 150 exploitable vectors, including Dropbox, Apple’s iCloud and Microsoft Word and Excel – all of which employ system-trusted shared libraries.

Apple's Xcode vulnerable to dylib attack vector

Interestingly, OSX's developer environment Xcode is one of the vulnerable applications identified. Xcode was identified by ex-NSA whistleblower Edward Snowden last week as a high-priority hacking target for the NSA, since it is an application that creates other applications; but since Xcode's provenance is so hard to interfere with, the possibility of hacking it puzzled many commenters when the news emerged last week.

Once running, the infected dylib components are completely resistant to attack or detection by the currently available anti-virus or anti-malware products available, since they are ‘pre-approved’ processes.
Insecure app downloads

Since Gatekeeper has such a formidable reputation, software downloads via the Apple App Store are sent without encryption. Forbes took this observation to a number of OSX security vendors; F-Secure promised to ‘correct the situation’, stating that if it is not possible to ‘force’ https downloads, that they would at least ensure that such downloads are ‘linked that way’.

Apparently unwilling to address Wardle’s bypass of Gatekeeper’s Developer ID check, Avast responded that https was ‘not required’: “HTTPS gives you principally two benefits over HTTP, the one being encrypted communication and the other peer verification. When downloading the DMG, there is nothing that makes sense to encrypt; there is no private information involved. And the peer verification is not necessary,”

Wardle countered that his exploit does not alter the original downloaded application, but is merely using a loophole in the installation procedure to ‘stow away’ rogue dylib files. “no application signatures are broken,” he said. “which is why the attack succeeds,”. Wardle notes, however, that proprietary (Apple-created) OSX apps, which are available via Apple’s Mac App Store, are not susceptible to his injection technique.

Wardle will reveal a new app later in the week which can search for and identify malicious dylibs, and verify if the user has an attack history.
http://thestack.com/patrick-wardle-o...ability-170315





Hertz Puts Cameras In its Rental Cars, Says it has No Plans to Use Them
Kashmir Hill

This week I got an angry email from a friend who had just rented a car from Hertz: “Did you know Hertz is putting cameras in rental cars!? This is bullsh*t. I wonder if it says they can tape me in my Hertz contract.” He sent along this photo of a camera peeping at him from out of his “NeverLost,” a navigational device that the company has started putting in many of its cars:

“I even felt weird about singing in the car by myself,” he said. A Googling expedition revealed that my friend was not the first person driven to disturbance by the in-car surveillance system. A Yelp user was revved up about it. Disgruntled renters on travel forums like MilePoint and FlyerTalk want Hertz to put the brakes on “spy cams.” A loyal Hertz customer who rented a car in Chicago said it might make them never want to rent with Hertz again:

The system can’t be turned off from what I could tell. Further investigation revealed that the camera can see the entire inside of the car. I know rental car companies have been tracking the speed and movements of their vehicles for years but putting a camera inside the cabin of the vehicle is taking their need for information a little TOO FAR. I find this to be completely UNACCEPTABLE. In fact, if I get another car from Hertz with a camera in it, I will move our business from Hertz completely.

Hertz has offered the NeverLost navigational device for years, but it only added the built-in camera feature (which includes audio and video) to its latest version of the device — NeverLost 6 — in mid-2014. “Approximately a quarter of our vehicles across the country have a NeverLost unit and slightly more than half of those vehicles have the NeverLost 6 model installed,” Hertz spokesperson Evelin Imperatrice said by email. In other words, one in 8 Hertz cars has a camera inside — but Imperatrice says that, for now, they are inactive. “We do not have adequate bandwidth capabilities to the car to support streaming video at this time,” she said.

So why is Hertz creeping out customers with cameras it’s not using? “Hertz added the camera as a feature of the NeverLost 6 in the event it was decided, in the future, to activate live agent connectivity to customers by video. In that plan the customer would have needed to turn on the camera by pushing a button (while stationary),” Imperatrice explained. “The camera feature has not been launched, cannot be operated and we have no current plans to do so.”

The device is often included as a free perk for Hertz’s “Gold” members, meaning Hertz is taking the risk of creeping out its most loyal customers with the camera eye in the car. When asked whether customers were informed there would be a camera in the car, or told under what circumstance it would be activated, Imperatrice again emphasized that the cameras had never been used. “The camera on our NeverLost 6 devices has never been active (hence, it is never on) and we have no current plans to activate the camera in the future,” she said by email.

In a 2013 blog post titled “Peace of Mind,” a developer involved in a Hertz hackathon wrote about using the in-car camera along with other sensors in the car to detect an accident and immediately get a customer a new vehicle. In the post, he included two screen shots of a live call, but Hertz spokesperson Imperatrice said everything done for the hackathon event was “essentially a mock-up.” “Even the video that appears to be from inside the car was not from a NeverLost,” she said.

The feature certainly makes sense as a customer service offering in the event of car troubles. It’d be nice to be able to talk to an agent on camera after a fender-bender or while stranded on the side of a road. But at the same time, you could imagine camera mission creep, such as Hertz using it to capture video of what a trouble renter is up to in the vehicle, or to see who is really driving the car, or to snoop on a singing — or snuggling — driver. The fact that customers aren’t notified about the camera and when it would be used is troubling.

Not notifying customers that they might be on candid camera is generally frowned upon legally. In 2012, the Federal Trade Commission cracked down on a rent-to-own company that failed to warn customers that it had put spyware on their laptops so that it could turn on the built-in cameras if they failed to make payments. (During its investigation, the FTC discovered the company had taken photos of users having sex.) On the automotive front, Chevrolet put a “nanny cam” in its new Corvette last year so that paranoid owners could monitor valets, but GM had to immediately warn new car owners not to use the feature because it is is legally problematic to spy on people in your car without their knowing about it.

When Hertz put its new NeverLost technology on display at the Consumer Electronics Show in Las Vegas later year, a representative bragged that the device offered “a rich set of services our competitors don’t currently have.” Those competitors may now be glad they don’t have it.
http://fusion.net/story/61741/hertz-...n-rental-cars/





Chevy Malibu 'Teen Driver' Tech Will Snitch if You Speed
Angela Moscaritolo

General Motors wants to help curb teen crashes with a new system that lets parents monitor their kids' driving habits—even when mom and dad aren't actually in the car.

Dubbed Teen Drive, the new system will debut in the 2016 Chevy Malibu, offering a bunch of features designed to encourage safe driving. It will, for instance, mute the radio or any device paired with the car when front seat occupants aren't wearing their seatbelts, and give audible and visual warnings when the vehicle is traveling faster than preset speeds.

It doesn't end there. Brace yourself, teens, because you might not like this next part too much. The new system also lets parents view a readout of how you drove the car, including how fast you went, how far you drove, and whether any active safety features (like over-speed warnings) were engaged.

Parents can also set the radio system's maximum volume to a lower level, and select a maximum speed between 40 and 75 miles per hour, which, if exceeded, will trigger warnings.

In its announcement, GM cited stats from the Insurance Institute for Highway Safety indicating that the fatal crash rate per mile driven for 16-19-year-olds is nearly three times the rate for drivers ages 20 and over.

"We developed this system so parents could use it as a teaching tool with their kids—they can discuss and reinforce safe driving habits," General Motors safety engineer MaryAnn Beebe said in a statement. "As a mother of two, I know anything that has the potential of keeping one's family safer is of great value to parents."

The new technology will be available for the 2016 Malibu as a standard feature in the Premier vehicle and optional with the LT model. The 2016 Malibu will debut at the New York Auto Show next month and is expected to go on sale at the end of the year.
http://www.pcmag.com/article2/0,2817,2478543,00.asp





Hello Barbie's Listening Ability 'Creepy', Privacy Group Says

WiFi-enabled 'smart' doll can record child's playtime conversations

A new "smart" Barbie doll's eavesdropping and data-gathering functions have privacy advocates crying foul.

Toymaker Mattel bills Hello Barbie as the world's first "interactive doll" due to its ability to record children's playtime conversations and even respond once the encrypted audio is transmitted to a cloud server, much in the way that Apple's Siri voice assistant works.

But the microphone-equipped Barbie's new WiFi features are striking some concerned parents as a "creepy" new development.

The Campaign for a Commercial-Free Childhood launched a petition last week to halt the release of the toy, which is scheduled to reach U.S. shelves in the fall and retail for $74.99 US.

About 5,200 signatures have been collected so far for the child privacy advocacy group's online petition.
Girls wanted 'conversation with Barbie'

"Kids using 'Hello Barbie' won't only be talking to a doll, they'll be talking directly to a toy conglomerate whose only interest in them is financial," Susan Linn, the organization’s executive director, said in a statement. "It's creepy—and creates a host of dangers for children and families."

In an online video, a Mattel presenter at the 2015 Toy Fair in New York says the new doll fulfills the top request that Mattel receives from girls: to have a two-way dialogue.

"They want to have a conversation with Barbie," she said, adding that Hello Barbie will be "the very first fashion doll that has continuous learning, so that she can have a unique relationship with each girl."

Hello Barbie, which is still in prototype form, can initiate storytelling and listen, learn and adapt according to a child's playtime preferences.

Asked, "What should I be when I grow up?" during a demo, the doll responded: "Well, you told me you like being on stage. So how about a dancer? Or a politician? Or a dancing politician?"

Its listening function is activated only when a button on Barbie's belt buckle is pressed.

Mattel says Hello Barbie's talkback abilities should only be enabled once parents have given consent by signing into an app, creating an online account and agreeing to allowing data capture.
http://www.cbc.ca/news/technology/he...says-1.2996755





Pew: Nearly One-Third Of Americans Hide Information Online
Aarti Shahani

Almost a third of Americans have taken steps to hide or shield their information online since Edward Snowden publicized National Security Agency surveillance practices.

But as a country, we're deeply divided — nearly 50-50 — over whether to be concerned about massive government surveillance. And while there are signs that privacy is a partisan issue, it's not partisan in the way you might think.

All that is according to the latest privacy study by the Pew Research Center.

Privacy Market Has Grown — To Critical Mass?

Among the Americans who've heard about the NSA revelations (not everyone has — which is a whole other story!), 25 percent say they've changed how they use online technology "a great deal" or "somewhat."

Respondents say things like: "I don't search some things that I might have before" and "Can't joke about stuff that could be taken as a threat."

Sound familiar?

People have changed the privacy settings on their Facebook and Twitter accounts. They've uninstalled mobile apps that are data-moochers. They've used search engines that depart from the norm and do not keep a running tab on every site you visit. And some respondents report taking the dramatic step of talking — face to face, in the physical world — to avoid having a digital trail of communication.

While one-quarter is not the majority, it is eye-grabbing. The Pew study indicates that the niche market for privacy tools may go mainstream. Companies like Wickr and Dstrux offer self-destructing tools for email and social media posts, with the promise of "zero digital footprint." Abine Blur let's you shop online without revealing your personal email and credit card number. These are hardly household names, but that could change.

Tools Are Hard To Get

The problem with privacy tools, as reflected in the Pew study, is that they're hard for the average person to use.

For example, search engines that don't record search history, like DuckDuckGo, have been around for years. But only 10 percent of respondents say they've used one, and 13 percent don't know these browsers exist.

While people say they'd like to do more, they also say things like: "I do not feel expert enough to know what to do to protect myself, and to know that the protection chosen is effective. Technology changes very fast."

Clearly there's lot of work for tech entrepreneurs to do, in terms of marketing their goods and designing them to be more user-friendly.

What Kind Of Partisan Issue Is This?

Politically, we are a nation divided over the government's blanket surveillance of American citizens. Just over half of respondents say they're concerned. Just under half say: not really.

But here's an interesting tidbit: Republicans and those who lean Republican are more likely than those in the Democrats camp to say they are losing confidence that surveillance programs serve the public interest (70 percent vs. 55 percent).

This could reflect feelings about President Obama, or a more enduring libertarian streak in the GOP.

It'll be interesting to see how public sentiment shapes up in one emerging debate: While the public and private sectors are both amassing stockpiles of data on us, they are starting to butt heads over encryption. Companies like Yahoo want to encrypt more, to regain consumer trust; and government officials say that gets in the way of intelligence-gathering.
http://www.npr.org/blogs/alltechcons...ne?snowingthem





A Clever Way to Tell Which of Your Emails Are Being Tracked
Brian Barrett

While you’ve likely never heard of companies like Yeswear, Bananatag, and Streak, they almost certainly know a good deal about you. Specifically, they know when you’ve opened an email sent by one of their clients, where you are, what sort of device you’re on, and whether you’ve clicked a link, all without your awareness or consent.

That sort of email tracking is more common than you might think. A Chrome extension called Ugly Mail shows you who’s guilty of doing it to your inbox.

Sonny Tulyaganov, Ugly Mail’s creator, says he was inspired to write the “tiny script” when a friend told him about Streak, an email-tracking service whose Chrome extension has upwards of 300,000 users. Tulyaganov was appalled.

“[Streak] allowed users track emails, see when, where and what device were used to view email,” he recalled to WIRED. “I tried it out and found it very disturbing, so decided to see who is actually tracking emails in my inbox.” Once the idea for Ugly Mail was born, it only took a few hours to make it a reality.

The reason it was so easy to create is that the kind of tracking it monitors is itself a simple procedure. Marketers—or anyone who’s inspired to snoop—simply insert a transparent 1×1 image into an email. When that email is opened, the image pings the server it originated from with information like the time, your location, and the device you’re using. It’s a read receipt on steroids that you never signed up for.

Pixel tracking is a long-established practice, and there’s nothing remotely illegal or even particularly discouraged about it; Google even has a support page dedicated to guiding advertisers through the process. That doesn’t make it any less unsettling to see just how closely your inbox activity is being monitored.

Using Ugly Mail is as simple as the service is effective. Once you’ve installed it, the code identifies emails that include tracking pixels from any of the three services mentioned above. Those messages will appear in your inbox with an eye icon next to the subject heading, letting you know that once clicked, it will alert the sender. Tulyaganov also confirmed to WIRED that Ugly Mail also doesn’t store, save, or transmit any data from your Gmail account or computer; everything takes place on the user’s end.

Ugly Mail appears to work as advertised in our test, but it has its limitations. It’s only built for Gmail (sorry… Outlookers?) and is only available for Chrome, although Tulyaganov says that Firefox and Safari versions are in the works. And while it’s effective against Yeswear, Bananatag, and Streak, those are just three pixel-tracking providers in a sea of sneaking marketers. Tulyaganov has indicated that Ugly Mail will continue to add more tracking services to its list, but it’s not clear yet how long that might take. The onrush of users after receiving top billing on Product Hunt may help speed up the process.

If you’d like take take the extra step of just blocking pixel tracking altogether, another Chrome extension called PixelBlock—also referenced on Product Hunt—automatically prevents all attempts, instead of Ugly Mail’s more passive strategy of simply informing you that they’re happening.

Pixel tracking isn’t going away any time soon, and Ugly Mail is an imperfect way to prevent it. But it still offers a valuable glimpse at the marketing machinations we’re all exposed to every day, whether we’re aware of them or not.
http://www.wired.com/2015/03/ugly-mail/





BlackBerry Unveils Security-Focused Tablet

Device developed together with Samsung and IBM
Ben Dummett and Archibald Preuschat

BlackBerry Ltd. unveiled a new high-security tablet on Saturday as part of its continuing efforts to expand its base with business and government customers.

The new device, developed with Samsung Electronics Co. and International Business Machines Corp., should be available as early as this summer, and will sell for about $2,380, BlackBerry said.

It marks the second time the Canadian smartphone maker has tried to enter the tablet market.

In 2011 BlackBerry introduced the PlayBook tablet as part of the previous management’s attempt to compete with Apple Inc., Samsung and others in the consumer market. The PlayBook stumbled out of the gate, criticized as lacking core features, and the company ended up writing down hundreds of millions of dollars in unsold inventory.

BlackBerry commands little of the global mobile-device market, but businesses still consider it the gold standard of mobile security, a feature governments place a priority on to guard against hackers as they conduct more business over wireless networks.

BlackBerry’s Secusmart unit developed the new SecuTablet, based on Samsung’s Galaxy Tab S 10.5. It incorporates Secusmart’s encryption technology, which is already used by the German and Canadian governments, among others, to counter eavesdropping. IBM technology allows the tablet to securely separate work applications from personal ones on the device.

Hans-Christoph Quelle, Secusmart’s chief executive, said the new device is also easy to use. “Every user familiar with an Android tablet won’t have any problems,” he told The Wall Street Journal on the sidelines of the CeBIT technology fair here, where the device was introduced.

The new tablet also underscores efforts by BlackBerry’s Chief Executive John Chen, who took the helm in November 2013, to reignite growth by acquiring new technology through niche acquisitions and by forming partnerships to gain access to a larger potential customer base.

BlackBerry bought closely held Secusmart last year for an undisclosed amount to gain access to its encryption technology and its relationships with governments.

The new tablet also builds on BlackBerry’s partnership with Samsung.

In November, the companies agreed to sell each other’s mobile-security software. Then earlier this month, BlackBerry said Samsung would incorporate its anti-eavesdropping mobile-encryption and mobile billing technologies into Samsung smartphones installed with the South Korean company’s Knox security platform.
http://www.wsj.com/article_email/bla...NzEyNDgxNzQwWj





BlackBerry Launches $2,300 Tablet
Peter Sayer

BlackBerry is returning to the tablet market—this time with the help of Samsung Electronics, IBM and Secusmart, the German encryption specialist BlackBerry bought last year.

This is not the PlayBook 2 that BlackBerry was rumored to be working on last year, but the SecuTablet, developed by Secusmart and IBM for a German government department.

The SecuTablet is a Samsung Galaxy Tab S 10.5 LTE 16GB bundled with some software from IBM and SecuSmart’s special MicroSD card, which combines a number of cryptographic chips to protect data in motion and at rest. Samsung’s Knox secure boot technology ensures that the OS on the tablet has not been tampered with, while IBM’s contribution to the security chain is to “wrap” certain apps in an additional layer of code that intercepts and encrypts key data flows using the Secusmart hardware.

Secusmart managing director Hans-Christoph Quelle hopes that before year-end the German federal IT security agency, BSI, will grant the Knox-Secusmart combination a security rating corresponding to Nato Restricted.

“The project was started long before BlackBerry acquired Secusmart,” said Quelle, now a senior vice president at BlackBerry.

The deal raised questions at the highest level within BlackBerry, IBM and the government department about whether to continue, he said, particularly with IBM’s recent announcement of an alliance with Apple to deliver enterprise apps.

The tablet project survived the acquisition, not least because, with its smartphone market share shrinking, BlackBerry is keen to sell its security services across as many platforms as possible. BlackBerry announced plans last November to extend support for its management software to Samsung devices, and at Mobile World Congress in Barcelona last month it said it would release versions of Secusmart’s Secusuite voice and data encryption system, and its own WorkLife by BlackBerry management tool, for Samsung Knox devices.

Organizations deploying the SecuTablet will be able to set policies controlling what apps can run on the devices, and whether those apps must be wrapped, said IBM Germany spokesman Stefan Hefter. The wrapping process—in which an app is downloaded from a public app store, bundled with additional libraries that encrypt its network traffic and intercept Android “intents” for actions such as cutting or pasting data, then uploaded to a private app store—ensures that corporate data can be protected at rest, in motion and in use, he said. For instance, it can prevent data from a secure email being copied and pasted into the Facebook app running on the same device—yet allow it to be pasted into a secure collaboration environment, or any other app forming part of the same “federation”, he said.

Secusmart will sell the device in Germany, while IBM will sell it elsewhere. Although initially developed for government use, Quelle hopes IBM’s enterprise customers will also be interested.

Naturally, this level of security doesn’t come cheap: An unmodified Samsung Galaxy Tab S 10.5 retails for around $500, but the SecuTablet will cost around €2,250 ($2,380) including the Secusmart MicroSD encryption card, the necessary app-wrapping and management software, and a year’s maintenance contract, he said.
http://www.pcworld.com/article/28970...re-tablet.html





US Customs Quietly Launches Facial Recognition Experiment at DC Airport
Lorenzo Franceschi-Bicchierai

The next time you come back from overseas and flash your American passport at Washington, DC’s Dulles airport, customs officers might take a picture of you and use facial recognition technology to figure out if you really are who you say you are.

On March 11, the Customs and Border Protection (CBP) quietly rolled out a new facial recognition pilot program to help custom officers catch “imposters,” or people using a passport that isn't theirs, an agency spokesperson confirmed to Motherboard on Wednesday.

The pilot is part of a larger effort to modernize US customs practices with the use of new technologies as part of the Apex Air Entry and Exit Re-Engineering (AEER) Project. And it’s only the first of at least three experiments labeled “Targeted Biometric Operations,” according to a previously undisclosed CBP presentation obtained by Motherboard.

The goal of the pilot program, called “1:1 Facial Recognition Air Entry Pilot,” is to figure out if facial recognition can be a useful tool in catching these imposters, but civil liberties activists worry this is the first step to create a database of law-abiding Americans’ mugshots, which could create unforeseen privacy risks.

“Here we have a program where individuals are not suspected of wrongdoing and are engaged in routine behavior,” Jake Laperruque, a fellow at the Center for Democracy and Technology told Motherboard. “And they are being required to submit a piece of biometric data that could identify them later and that’s going to be retained.”

“That’s definitely a dark road to be going down with a lot of potential for abuse,” he added.

As part of the program, customs officers will have the ability to randomly select Americans coming back from abroad and take a picture of them. The ones that get chosen as high-tech lab rats can not opt out, according to CBP’s Privacy Impact Assessment (PIA), a document published last week to notify Americans of the program and its potential privacy implications.

The officer will compare the photograph taken with that stored inside the person’s passport chip, using a facial recognition algorithm developed by CBP. The software will then give “a match confidence score” determining how similar the two pictures are. At that point, the officer will have discretion to take further actions if the score flags that there’s something wrong. But, CBP notes, the facial recognition technology won’t be the only basis for admitting a traveler into the US or for “secondary inspection.”

CBP is not providing a lot of details about the program. And the agency spokesperson did not respond to a series of detailed questions from Motherboard, but instead sent a single statement.

But slides from a presentation held on March 10 at CBP headquarters, which were leaked to Motherboard by one of the attendants, give us a glimpse of how the program works.

The overall pilot is expected to last 19 months, but CBP will only collect pictures for 60 or 90 days (this is unclear because the assessment says 60 days while the leaked slides say 90 days). After that, presumably, CBP will move on to an “analysis phase” for the remainder of the program.

CBP expects the facial recognition process to be extremely quick. Another slide of the presentation says it will only take between 5 to 7 seconds to snap a picture of the traveler, open the picture stored in her passport, and process the photo.

In the public document, CBP explained that the program will include several measures to quell privacy concerns.

First, the pictures won’t be tied to the person’s identity, as they will be stored in a database tagged only with the time and date they were taken at, according to CBP. But, potentially, this same technology could be used to tie identities to photographs. And critics say there are good reason to be wary, as the government has made misleading claims about security technologies before.. In 2010, a privacy watchdog found out that the infamous TSA full-body scanners could actually store and send images, contrary to the TSA’s claims.

After the 19 months the program is expected to last, CBP promises it will delete the images from the server, unless the pictures become part of a criminal investigation.

Moreover, CBP promises that it won’t share this picture with anyone else outside of the Department of Homeland Security (DHS), its parent agency.

“The technology is a stand-alone system and will not communicate with any other parties, databases or systems,” the CBP spokesperson told Motherboard. “CBP remains committed to protecting the privacy of all travelers.”

Privacy advocates, however, are not convinced.

Dave Maass, an investigative researcher at the Electronic Frontier Foundation, a San Francisco-based digital rights advocacy group, says that the concern is over what happens when the pilot ends.

“Today, it's testing at the border, tomorrow it could be facial recognition deployed in public places,” Maass told Motherboard. “Today, the photos taken are being kept segregated from other departments and agencies, tomorrow they could be shared for a whole host of other purposes.”

In other words, is there a risk of mission creep?

Ralph Gross, a facial recognition expert at the Carnegie Mellon University Robotics Institute, says that while the program’s privacy safeguards make it “fairly limited,” CBP is not really making a good case for why this program is needed in the first place.

What the experiment does, he argues, is to automate something that customs agents already do, which is comparing your face to the picture on your passport.

“Why are they doing that in the first place?” Gross tells Motherboard. “Do they feel that border agents aren’t good at spotting imposters?”

That’s the key question. Are passport imposters that much of a problem?

The Government Accountability Office (GAO) estimated last year that the State Department issued 13,500 passports to people using the Social Security number, though not the name, of a deceased person. But it’s unclear how many actual cases of passport imposters CBP encounters every year.

“CBP regularly identifies instances in which imposters attempt to enter the United States,” the CBP spokesperson said, without providing more details or specific numbers.

It’s also unclear how effective this facial recognition technology actually is. CBP says its laboratory tests were successful, but has not provided any data to back it up.

“The results of the lab testing are not available for public release,” the CBP spokesperson said.

While CBP has yet to answer these questions, the program is already underway, undeterred.
http://motherboard.vice.com/read/us-...-at-dc-airport





New Zealand Customs Downplays Password Plan

Proposed new powers would let Customs demand passwords for electronic devices.
Tom Pullar-Strecker

Customs boss Carolyn Tremain has told MPs the department would only request travellers hand over passwords to their electronic devices if it had a reason to be suspicious about what was on them.

The department unleashed a furore last week when it said in a discussion paper that it should be given unrestricted power to force people to divulge passwords to their smartphones and computers at the border.

That would be without Customs officials having to show they had any grounds for suspicion.

Although the proposed power would let Customs request passwords from any traveller or do random checks on electronic devices, Tremain told a parliamentary select committee that was not its intention.

Instead, the department would only use the power if it was acting on "some intelligence or observation of abnormal behaviour", she said.

"The reality is we have 11 million people crossing the border and a limited amount of resources which we are always going to prioritise by taking a risk-assessment approach. We are not saying every 10th person would be inspected."

Customs has said the new powers would be useful in helping detect objectionable material and evidence of other offending, such as drugs offences, as well as to verify people's travel plans, since travel documents are increasingly stored electronically on devices.

Customs said its counterparts in Australia, Canada, the United States and Britain had equivalent powers, though the department has so far been unable to substantiate that.

Tremain's comments, made during and after she appeared in front of a select committee for Customs' annual review, appeared to open the door for a possible compromise on the password issue, which has alarmed civil libertarians.

However, Council for Civil Liberties spokesman Thomas Beagle said its concerns were more "technical" in nature and he doubted the power Customs was seeking could be implemented in an acceptable way.

Under Customs' proposal, refusing to hand over a password or a key to decrypt files on an electronic device could result in a three month jail sentence, but serious criminals would still refuse, he said.

There were circumstances in which innocent passengers might not always know the keys to decrypt information on a device, for example if they were shared with family members, he said.

Tremain said passwords would not be requested by the first Customs official travellers came into contact with and would only be requested if travellers had been pulled aside for "secondary checks". That was something that could potentially be stipulated in the planned overhaul of the Customs and Excise Act, she said.

Tremain said Customs would welcome feedback on whether it should have to demonstrate grounds for suspicion before requiring people disclose passwords or decryption keys.

"If that is what the community thinks is right then that will be considered through the select committee process along with the reasons, from an enforcement perspective, Customs might want it to be different," she said.
http://www.stuff.co.nz/technology/di...-password-plan





Yahoo Shows Off Password-Free Logins and New Encrypted Email Technology
Dante D'Orazio

Passwords are terrible: they're inefficient and they're often insecure, too. Many leading tech companies have embraced two-factor authentication as a more secure option, but they're optional and only those particularly concerned about their digital identities take the time to set it up.

That's why Yahoo is taking a new approach, called "on demand" passwords. Like two-step authentication, you'll be sent a unique time-sensitive code through an app or a text message to your phone when you want to log in. But there's a key step missing: you won't have to type in your primary password first. That's right, with "on demand" passwords, you won't have a permanent password tied to your account that's required every time you log in. Some might even call it "one-step" authentication. When you try to sign in, you'll see a "send my password" button instead of a traditional password text box if you enable the system. The new sign-on method is available now.

Yahoo VP Dylan Casey called the feature "the first step to eliminating passwords," according to CNET. While that may be true, there's no denying that "on demand" passwords are inherently less secure than systems that employ two-step authentication, which Yahoo already offers as an optional feature to its users. But if "on demand" can hit the sweet spot between convenience and security, it might just be able to convince people to leave their old passwords behind. Of course, if your phone falls into the wrong hands, your accounts will be easily compromised.

This isn't the first time a company has looked into eliminating the password. The world's largest tech companies are working to find the successor to the dated password — and many are turning to biometric readers like fingerprint or eye scanners for a solution.

Yahoo Mail has never been known for its security standards, but the company is working to turn that around. Alongside "on demand," Yahoo also showed off a working version of its new end-to-end encryption system at South by Southwest today. The system is designed to make it far easier to encrypt emails, and it's built off of a Google-made Chrome extension that's still in the alpha stage. In a video demo (below), Yahoo compared its method to traditional methods, which are not particularly user-friendly.

Unfortunately, the system won't be automatically enabled for every email — in an interview with The Washington Post, Yahoo security chief Alex Stamos says he expects users to employ the security measure just for particularly sensitive emails. According to The Wall Street Journal, the system will still leave information like the recipient, subject line, and timestamp unencrypted, but the message contents will only be visible to the sender and receiver. Yahoo expects to have end-to-end encryption online by the end of the year.
http://www.theverge.com/2015/3/15/82...mail-sxsw-2015





Cisco Posts Kit to Empty Houses to Dodge NSA Chop Shops

Kit sent to SmallCo of Nowheresville to avoid NSA interception profiles
Darren Pauli

Cisco will ship boxes to vacant addresses in a bid to foil the NSA, security chief John Stewart says.

The dead drop shipments help to foil a Snowden-revealed operation whereby the NSA would intercept networking kit and install backdoors before boxen reached customers.

The interception campaign was revealed last May.

Speaking at a Cisco Live press panel in Melbourne today, Stewart says the Borg will ship to fake identities for its most sensitive customers, in the hope that the NSA's interceptions are targeted.

"We ship [boxes] to an address that's has nothing to do with the customer, and then you have no idea who ultimately it is going to," Stewart says.

"When customers are truly worried ... it causes other issues to make [interception] more difficult in that [agencies] don't quite know where that router is going so its very hard to target - you'd have to target all of them.

There is always going to be inherent risk."

Stewart says some customers drive up to a distributor and pick up hardware at the door.

He says nothing could guarantee protection against the NSA, however. "If you had a machine in an airtight area ... I stop the controls by which I mitigate risk when I ship it," he says, adding that hardware technologies can make malicious tampering "incredibly hard".

Cisco has poked around its routers for possible spy chips, but to date has not found anything because it necessarily does not know what NSA taps may look like, according to Stewart.

After the hacking campaign Borg boss John Chambers wrote a letter to US President Barack Obama saying the spying would undermine the global tech industry.

Data retention

Fellow panelist Mike Burgess, chief security officer for Australia's dominant telco Telstra, says the carrier is confident it will be able to secure the swelling pools of data the nation's government will force it to collect under soon-to-be-enacted data retention laws.

The former officer with Australian sigint agency the Defence Signals Directorate said the swelling data pools will turn companies into honeypots for hackers, and staff with access to the databases as prime targets for phishing campaigns.

He was unsure how much data retention will cost the telco, but insisted that it will impose a monetary overhead and rejected claims it can be covered without much expense under existing security controls.

The impending overheads prompted telcos to write to Federal Attorney General George Brandis and Communications Minister Malcolm Turnbull requesting government coin.

Stewart points out that hacking groups are likely with sufficient time and effort be successful at targeting systems such as data retention databases.

"If a truly dedicated team is coming after you for a very long period of time, then the probability of them succeeding goes up," he says.

Telcos should not focus on the financial cost of protecting those databases and instead ensure that acceptable risk levels are met, he says. Checkbox compliance should be all but binned.
http://www.theregister.co.uk/2015/03...=1426694168077





At Least 700,000 Routers Given to Customers by ISPs are Vulnerable to Hacking
Lucian Constantin

More than 700,000 ADSL routers provided to customers by ISPs around the world contain serious flaws that allow remote hackers to take control of them.

Most of the routers have a “directory traversal” flaw in a firmware component called webproc.cgi that allows hackers to extract sensitive configuration data, including administrative credentials. The flaw isn’t new and has been reported by multiple researchers since 2011 in various router models.

Security researcher Kyle Lovett came across the flaw a few months ago in some ADSL routers he was analyzing in his spare time. He investigated further and unearthed hundreds of thousands of vulnerable devices from different manufacturers that had been distributed by ISPs to Internet subscribers in a dozen countries.

The directory traversal vulnerability can be used by unauthenticated attackers to extract a sensitive file called config.xml, which is on most of the affected routers and contains their configuration settings.

The file also contains the password hashes for the administrator and other accounts on the device; the username and password for the user’s ISP connection (PPPoE); the client and server credentials for the TR-069 remote management protocol used by some ISPs; and the password for the configured wireless network, if the device has Wi-Fi capabilities.

According to Lovett, the hashing algorithm used by the routers is weak so the password hashes can easily be cracked. Attackers could then log in as administrator and change a router’s DNS settings.

By controlling the DNS servers the routers use, attackers can direct users to rogue servers when they try to access legitimate websites. Large-scale DNS hijacking attacks against routers, known as router pharming, have become common over the past two years.

On some devices, downloading the config.xml file doesn’t even require a directory traversal flaw; just knowing the correct URL to its location is enough, Lovett said.

Many of the routers have additional flaws. For example, around 60 percent have a hidden support account with an easy-to-guess hard-coded password that’s shared by all of them. Some devices don’t have the directory traversal flaw but have this backdoor account, Lovett said.

For about a quarter of the routers, it’s also possible to remotely get a snapshot of their active memory, known as a memory dump. This is bad because the memory of such devices can contain sensitive information about the Internet traffic that passes through them, including credentials for various websites in plain text.

By analyzing several memory dumps, Lovett found signs that the routers were already being probed by attackers, mostly from IP addresses in China.

Most of the vulnerable devices he identified are ADSL modems with router functionality that were supplied by ISPs to customers in Colombia, India, Argentina, Thailand, Moldova, Iran, Peru, Chile, Egypt, China and Italy. A few were also found in the U.S. and other countries, but they appeared to be off-the-shelf devices, not distributed by ISPs.

Lovett found the vulnerable routers through Internet scans and by using SHODAN, a specialized search engine for Internet-connected devices. According to him, 700,000 is a conservative estimate and only covers devices that can be targeted remotely because they have their Web-based administration interfaces exposed to the Internet.

There are likely many more devices that have the same flaws, but are not configured for remote management. Those can be attacked from within local networks, from example by malware or through cross-site request forgery (CSRF), a technique for hijacking a user’s browser to perform unauthorized actions.

The affected device models include ZTE H108N and H108NV2.1; D-Link 2750E, 2730U and 2730E; Sitecom WLM-3600, WLR-6100 and WLR-4100; FiberHome HG110; Planet ADN-4101; Digisol DG-BG4011N; and Observa Telecom BHS_RTA_R1A. Other vulnerable devices had been branded for specific ISPs and their real make or model number couldn’t be determined.

However, Lovett found one commonality: the vast majority of affected routers were running firmware developed by a Chinese company called Shenzhen Gongjin Electronics, that also does business under the T&W trademark.

Shenzhen Gongjin Electronics is an OEM (original equipment manufacturer) and ODM (original design manufacturer) for networking and telecommunications products. It manufactures devices based on its own specifications, as well on the specifications of other companies.

According to a search on WikiDevi, an online database of computer hardware, Shenzhen Gongjin Electronics is listed as manufacturer for networking devices from a large number of vendors, including D-Link, Asus, Alcatel-Lucent, Belkin, ZyXEL and Netgear. It’s not clear how many of the listed devices also run firmware developed by the company that might contain the vulnerabilities identified by Lovett.

It’s also unclear if Shenzhen Gongjin Electronics is aware of the flaws or if it has already distributed patched versions of the firmware to its partners.

The company did not respond to a request for comment and according to Lovett, his attempts to notify the company went unanswered as well.

The researcher also notified the affected device vendors that he managed to identify, as well as the United States Computer Emergency Readiness Team (US-CERT).

He disclosed some of his findings Wednesday at a security conference in the U.K. as part of a larger presentation about vulnerable SOHO embedded devices -- routers, network attached storage appliances, IP cameras, etc. The talk was focused on research which found that over 25 million SOHO devices are exposed to attacks from the Internet because of default credentials and other well known vulnerabilities.
http://www.itworld.com/article/28997...o-hacking.html





FBI’s Plan to Expand Hacking Power Advances Despite Privacy Fears

Google had warned that the rule change represents a “monumental” constitutional concern.
Dustin Volz

A judicial advisory panel Monday quietly approved a rule change that will broaden the FBI's hacking authority despite fears raised by Google that the amended language represents a "monumental" constitutional concern.

The Judicial Conference Advisory Committee on Criminal Rules voted 11-1 to modify an arcane federal rule to allow judges more flexibility in how they approve search warrants for electronic data, according to a Justice Department spokesman.

Known as Rule 41, the existing provision generally allows judges to approve search warrants only for material within the geographic bounds of their judicial district.

But the rule change, as requested by the department, would allow judges to grant warrants for remote searches of computers located outside their district or when the location is unknown.

The government has defended the maneuver as a necessary update of protocol intended to modernize criminal procedure to address the increasingly complex digital realities of the 21st century. The FBI wants the expanded authority, which would allow it to more easily infiltrate computer networks to install malicious tracking software. This way, investigators can better monitor suspected criminals who use technology to conceal their identity.

But the plan has been widely opposed by privacy advocates, such as the American Civil Liberties Union, as well as some technologists, who say it amounts to a substantial rewriting of the rule and not just a procedural tweak. Such a change could threaten the Fourth Amendment's protections against unreasonable search and seizures, they warn, and possibly allow the FBI to violate the sovereignty of foreign nations. The rule change also could let the agency simultaneously target millions of computers at once, even potentially those belonging to users who aren't suspected of any wrongdoing.

Google weighed in last month with public comments that warned that the tweak "raises a number of monumental and highly complex constitutional, legal and geopolitical concerns that should be left to Congress to decide."

In an unusual move, Justice Department lawyers rebutted Google's concerns, saying the search giant was misreading the proposal and that it would not result in any search or seizures not "already permitted under current law."

The judicial advisory committee's vote is only the first of several stamps of approval required within the federal judicial branch before the the rule change can formally take place—a process that will likely take over a year. The proposal is now subject to review by the Standing Committee on Rules of Practice and Procedure, which normally can approve amendments at its June meeting. The Judicial Conference is next in line to approve the rule, a move that would likely occur in September.

The Supreme Court would have until May 1, 2016 to review and accept the amendment, which Congress would then have seven months to reject, modify or defer. Absent any congressional action, the rule would take place on Dec. 1, 2016.

Privacy groups vowed to continue fighting the rule change as it winds its way through the additional layers of review.

"Although presented as a minor procedural update, the proposal threatens to expand the government's ability to use malware and so-called 'zero-day exploits' without imposing necessary protections," said ACLU attorney Nathan Freed Wessler in a statement. "The current proposal fails to strike the right balance between safeguarding privacy and Internet security and allowing the government to investigate crimes."

Drew Mitnick, policy counsel with digital rights group Access, said the policy "should only be considered through an open and accountable legislative process."

Google did not immediately respond to a request for comment.
http://www.nationaljournal.com/tech/...fears-20150316





Why The Canadian Anti-Terrorism Bill is Really an Anti-Privacy Bill: Bill C-51′s Evisceration of Privacy Protection
Michael Geist

“The first and main concern is the privacy issue…since the information is to be shared by different levels of government and different governmental bodies. There is a risk that privacy can be compromised. The more information is transferred and shared, the greater the risk of security of the information.”

Nearly twenty years ago, that was Stephen Harper, then a Reform Party MP warning against the privacy implications of an electronic voter registry and the fear that information sharing within government raised significant privacy concerns. Today, there is a very different Stephen Harper, who as Prime Minister is fast-tracking a bill that eviscerates privacy protections within the public sector and is even blocking the Privacy Commissioner of Canada from appearing as a witness at the committee studying the bill. Much of the focus on Bill C-51 has related to oversight: the government implausibly claims that it increases oversight (it does not), the Liberals say they support the bill but would like better oversight, and much of the NDP criticism has also centered on oversight. Yet with respect to privacy and Bill C-51, lack of oversight is only a part of the problem.

Last month, I wrote about the disastrous privacy consequences of the bill. The focal point was Bill C-51′s Security of Canada Information Sharing Act (SCISA), a bill within the bill, that goes far further than sharing information related to terrorist activity. It does so in three simple steps. First, the bill permits information sharing across government for an incredibly wide range of purposes, most of which have nothing to do with terrorism. The government has tried to justify the provisions on the grounds that Canadians would support sharing information for national security purposes, but the bill allows sharing for reasons that would surprise and disturb most Canadians. Second, the scope of sharing is remarkably broad, covering 17 government institutions with the prospect of cabinet expansion to other departments as well as further disclosure “to any person, for any purpose.” Third, oversight is indeed a problem as the Privacy Act is already outdated and effectively neutered by the bill.

Professors Craig Forcese and Kent Roach offer a detailed examination of the privacy implications of the massive expansion of government sharing of information. In recent weeks, all privacy commissioners from across the country have spoken out. For example, Privacy Commissioner of Canada Daniel Therrien, appointed by the government less than a year ago and described as an expert by Prime Minister Harper, rightly slams the bill:

the scale of information sharing being proposed is unprecedented, the scope of the new powers conferred by the Act is excessive, particularly as these powers affect ordinary Canadians, and the safeguards protecting against unreasonable loss of privacy are seriously deficient. While the potential to know virtually everything about everyone may well identify some new threats, the loss of privacy is clearly excessive. All Canadians would be caught in this web.

The end result?

As a result of SCISA, 17 government institutions involved in national security would have virtually limitless powers to monitor and, with the assistance of Big Data analytics, to profile ordinary Canadians, with a view to identifying security threats among them. In a country governed by the rule of law, it should not be left for national security agencies to determine the limits of their powers. Generally, the law should prescribe clear and reasonable standards for the sharing, collection, use and retention of personal information, and compliance with these standards should be subject to independent and effective review mechanisms, including the courts.

The Privacy Commissioner – who the government is now blocking from appearing before the committee studying the bill – offers many recommended reforms that would address overbroad sharing and build in much-needed oversight and safeguards.

All provincial privacy commissioners have offered a similar analysis, jointly calling on the government to withdraw the information sharing aspects of the bill. They also warn of routine surveillance of large portions of the population:

It could be used to authorize, in effect, surveillance across governments in Canada, and abroad, for virtually unlimited purposes. Such a state of affairs would be inconsistent with the rule of law in our democratic state and contrary to the expectations of Canadians.

David Flaherty’s examination of the history of the Privacy Act in Canada emphasized the weakness of the law well before Bill C-51. He noted that it is already regarded as “highly inadequate for the needs of the 21st century.” Yet rather than address decades-old issues with the Privacy Act, the government is proposing to eviscerate it by opening the door to widespread sharing of information across government departments and beyond with few limits or safeguards. Indeed, Bill C-51′s information sharing provisions likely represent the most significant reduction in public sector privacy protection in Canadian history.
http://www.michaelgeist.ca/2015/03/w...nment-privacy/





Why the Idea That a Big Cyber Attack Could Create a Huge Tech Armageddon Is Pure BS
Bill Blunden

Over the past several years, mainstream news outlets have conveyed a litany of cyber doomsday scenarios on behalf of ostensibly credible public officials. Breathless intimations of the End Times. The stuff of Hollywood screenplays. However a recent statement by the U.S. intelligence community pours a bucket of cold water over all of this.

It turns out that all the talk of cyber Armageddon was a load of bunkum. An elaborate propaganda campaign which only serves as a pretext to sacrifice our civil liberties and channel an ocean of cash to the defense industry.

Looking back the parade of scare stories is hard to miss. For example, in late 2012 Secretary of Defense Leon Panetta [3] warned of a “cyber-Pearl Harbor.” Former White House cybersecurity official Paul B. Kurtz [4] likewise spoke of a threat which he referred to as a “cyber Katrina.” Former NSA director Mike McConnell claimed that a veritable Cyberwar [5] was on and chided [6] the public “are we going to wait for the cyber equivalent of the collapse of the World Trade Centers?"

Yet another NSA director, Keith Alexander [7], described cyberattacks as constituting “the greatest transfer of wealth in history.” And finally, Vanity Fair magazine published a hyperbolic article [8] titled “A Declaration of Cyberwar” wherein the NSA’s Stuxnet attack against Iranian nuclear enrichment facilities was likened to a cyber “Hiroshima.”

Yet the 2015 Worldwide Threat Assessment of the U.S. intelligence community submitted recently to the Senate Armed Services Committee has explicitly conceded [9] that the risk of “cyber Armageddon” is at best “remote.” In other words, it’s entirely safe to ignore the hyperbolic bluster of the Cult of Cyberwar [10]. Despite what we’ve been told the Emperor is naked.

What society has witnessed is what’s known in the public relations business as threat inflation. It’s a messaging tool that’s grounded in human emotion. Faced with ominous prophecies by trusted public servants the average person seldom pauses to consider the likelihood of ulterior motives or perform a formal quantitative risk assessment. Most people tacitly cede to the speakers’ authority —given that most speakers are, or were, high-ranking officials— and accept their graphic worst-case scenarios at face value.

The American public saw threat inflation back in the 1950s when American leadership hyperventilated over the imaginary Missile Gap [11]. We saw it once again before the invasion of Iraq [12] when President Bush spoke of a nuclear “smoking gun that could come in the form of a mushroom cloud.” And after reading through the various cyber metaphors described earlier it’s hard not to recognize the fingerprints of threat inflation at work.

The goal of threat inflation is to stir up anxiety, to foment a profound sense of apprehension so that the public is receptive to marketing pitches emerging from the defense industry. Studies conducted by accredited research psychologists demonstrate that anxious people will choose to be safe rather than sorry. In the throes of an alleged crisis, anxious people aren’t necessarily particular about the solution as long as it’s presented as a remedial measure; they don’t care much about the ultimate cost or the civil liberties they relinquish. They’re willing to pay a steep price to feel safe again.

So it is that American intelligence services have raised a global panopticon and in doing so engaged in clandestine subversion programs that span entire sectors of the economy. Speaking to the public our leaders justify [13] mass surveillance in terms of protecting the American public against terrorists. Speaking to each other intelligence officers disparage [14] iPhone users as "zombies" who pay for their own monitoring. This sharp contrast underscores an insight provided by whistleblower Ed Snowden in an open letter [15] to Brazil. In particular Snowden stated that “These programs were never about terrorism: they’re about economic spying, social control, and diplomatic manipulation. They’re about power.”

This process, of capitalizing on deftly manufactured emotional responses, has been called securitization and it puts the economic and political imperatives of corporate interests [16] before our own. An allegedly existential threat like cyber Armageddon can presumably justify any cost in the throes of a crisis mentality. This is exactly what powerful groups are betting on.

But just because there are several types of insurance doesn’t mean consumers should go out and buy all of them. Prudent buyers won’t pay any price to be safe, they purchase coverage strategically. There are prices that clear-headed people won’t pay. Something to remember when the term “national security” appears in public debate.

Bill Blunden is the author of several books, including “The Rootkit Arsenal” and “Behold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” He is the lead investigator at Below Gotham Labs.
http://www.alternet.org/print/news-a...geddon-pure-bs





UK Spies Claim Broad Powers to Hack Worldwide

Admit to using vulnerabilities for intelligence gathering.
Juha Saarinen

The British government has defended the surveillance activites of its spy agencies, claiming they have broad powers to spy on any person's communications and computers around the world in secret, even when the targets are not under suspicion.

The statement follows a complaint filed against the Government Communications Headquarters (GHCQ), the British signals intelligence agency, last June by a coalition of internet providers in Europe and Korea along with human rights lobby group Privacy International.

The complaint is currently being investigated by the UK's Investigatory Powers Tribunal (IPT), and the British government has now taken the unusual step of releasing an open response [pdf], defending GCHQ and the agency's actions.

While GCHQ won't acknowledge any one operation in particular as per its "neither confirm nor deny" policy, the agency said it may conduct computer network exploitation (CNE) attacks to obtain intelligence when it believes national interest is at stake.

The open response from GCHQ's lawyers states the agency could embark upon operations similar to those conducted by criminals and hackers:

"CNE operations vary in complexity. At the lower end of the scale, an individual may use someone’s login credentials to gain access to information," the response reads.

"More complex operations may involve exploiting vulnerabilities in software in order to gain control of devices or networks to remotely extract information, monitor the user of the device or take control of the device or network.

"These types of operations can be carried out illegally by hackers or criminals. In limited and carefully controlled circumstances, and for legitimate purposes, these types of operations may also be carried out lawfully by certain public authorities."

The circumstances under which CNE operations are considered helpful to obtain intelligence on individuals deemed as criminals or harmful to national security are broad.

Wanted communications that are not in the course of their transmission and therefore cannot be intercepted can lead to CNE attacks being used by GCHQ, ditto if there is no communications service provider to serve an interception warrant upon.

Furthermore, CNE operations may be used if "a more comprehensive set of the target's communications or data of intelligence interest is required than can be obtained through other means," the open response stated.

Despite former United States National Security Agency contractor Edward Snowden's document leaks to the contrary, lawyers acting for GCHQ vehemently deny that the agency is involved in indiscriminate mass surveillance, and called the allegations "extreme" and "disproportionate."

The open response also states that one of GCHQ's functions by law is "to monitor or interfere with electromagnetic, acoustic and other emissions" in order to glean information.

GCHQ also operates within a legal framework that gives it powers to target unknown people, irrespective of their intelligence interest in Britain.

Domestic spying is subject to warrants, but the warrants do not need to identify targets of surveillance or CNE operations. Nor is it necessary to specify if the target is suspected of, or has committed an offense, the open response claimed.

Information gleaned through hacking could also be disclosed outside GCHQ to unspecified organisations.

Although GCHQ insisted that its operations and activities must remain secret in order to be effective, it took the unusual step of disclosing the draft equipment interference code of practice (EI Code).

The draft EI Code, which had until now been kept secret, sets out practices, procedures and safeguards around intelligence agencies electronic information gathering.

It was published in February this year by the UK Home Office and is now subject to public consultation.
http://www.itnews.com.au/News/401848...worldwide.aspx





ICE Deems Drone Program "Isn't News"

Media status denied on the grounds that program isn't of "current interest to the public"

Kicking off Sunshine Week, MuckRock will be examining how ICE and government agencies across the country measure up on the mechanics of transparency.

For three weeks in 2003, the Bureau of Immigration and Customs Enforcement evaluated the Predator drone as a tool for monitoring the border. Twelve years later, even as a scathing inspector general loudly questions the millions spent on border drones, records officials at ICE can’t puzzle out the news value in releasing reports from this early study.

Operation Safeguard ran from October 29 through November 12, 2003 along the US-Mexico border. This brief evaluation by ICE thus predated a similar study conducted by Customs and Border Protection agents in summer 2004.

As a smattering of references were all I could find regarding this milestone of domestic drone deployment, in January I submitted a Freedom of Information Act request to ICE for basic documents from Operation Safeguard. The agency’s response has been baffling.

In its February 5 acknowledgement, the ICE FOIA team deemed mine to be a “non-commercial” request, correctly determining that I have no commercial interest in the documents, but incorrectly determining that I do not qualify as a journalist.

For documents that may require some tracking down, this is more than a matter of journalistic pride - under FOIA fee provisions, a “non-commercial” requester is allotted two hours of search time and 100 pages of duplication for free, whereas media requesters do not pay for any search time.

When I responded with links to the dozens of articles I have written about unmanned aerial vehicles, ICE showed enviable perseverance to its original classification.

A March 3 letter signed by an ICE lawyer cites a statutory definition of “news”: “information that is about current events or that would be of current interest to the public.”

After pointing out that the operation in question took place in 2003, the letter concludes that I “failed to adequately prove that any specific information regarding Operation Safeguard is of current interest to the public.”

Granted, in recent weeks the Homeland Security inspector general has gone on national television twice — CSPAN and CNN — to question whether drones’ efficacy justify the considerable budget outlay.

But case closed, as far as ICE is concerned: documents from the infancy of border surveillance drones are not newsworthy.

What’s more, by the agency’s estimation a “plethora of documentation” is already available online regarding Operation Safeguard.

Having conducted my own online search ahead of submitting the FOIA request, I know foremost that studies from the Congressional Research Service refer to Operation Safeguard primarily in footnotes. Such CRS reports are conveniently posted on the Federation of American Scientists website.

What’s more, Senator Cantwell pressed for drones along the northern border in 2006 by vaguely citing Operation Safeguard’s findings.

But the Center for International Policy came to the most critical finding of all in surveying domestic drones in April 2013: “Unfortunately, Congress never reviewed the results of Operation Safeguard pilot project.”

Such a bounty is enviable, but is no substitute for the documents themselves. And while ICE may not see much news value in the origins of a program currently under intense scrutiny, someone somewhere just might.

Read the full denial on the request page, or embedded below:
https://www.muckrock.com/news/archiv...nt-newsworthy/





White House Office to Delete its FOIA Regulations
Gregory Korte

The White House is removing a federal regulation that subjects its Office of Administration to the Freedom of Information Act, making official a policy under Presidents Bush and Obama to reject requests for records to that office.

The White House said the cleanup of FOIA regulations is consistent with court rulings that hold that the office is not subject to the transparency law. The office handles, among other things, White House record-keeping duties like the archiving of e-mails.

But the timing of the move raised eyebrows among transparency advocates, coming on National Freedom of Information Day and during a national debate over the preservation of Obama administration records. It's also Sunshine Week, an effort by news organizations and watchdog groups to highlight issues of government transparency.

"The irony of this being Sunshine Week is not lost on me," said Anne Weismann of the liberal Citizens for Responsibility and Ethics in Washington, or CREW.

"It is completely out of step with the president's supposed commitment to transparency," she said. "That is a critical office, especially if you want to know, for example, how the White House is dealing with e-mail."
http://www.usatoday.com/story/news/p...d/24844253////





Sheriff Must Air Phone-Tracking Details

Cell device data cannot be withheld, judge says
James Staas

A state judge Tuesday ordered the Erie County Sheriff’s Office to release information about its acquisition and use of cellphone-tracking devices to monitor users and their locations.

State Supreme Court Justice Patrick H. NeMoyer issued the order in response to a legal action filed by the New York Civil Liberties Union after the Sheriff’s Office denied its request under the Freedom of Information Law for records on the devices known as Stingrays.

NYCLU staff attorney Mariko Hirose, lead counsel on the case, welcomed the ruling. “The court today has confirmed that law enforcement cannot hide behind a shroud of secrecy while it is invading the privacy of those it has sworn to protect and serve,” she said.

“The public has a right to know how, when and why this technology is being deployed. They deserve to know what safeguards and privacy protections, if any, are in place to govern its use.”

Erie County Attorney Michael A. Siragusa said Sheriff Timothy B. Howard will review the 24-page ruling with outside counsel to determine the next step.

The NYCLU filed the information request in June, a month after Howard acknowledged to county legislators that specially trained deputies have been using Stingrays since 2008. He told them that it was up to the courts and not legislators to provide oversight on use of the devices.

Howard said the devices are used only for tracking a person’s movements, not for checking content of phone communications. He said that use of the devices in criminal investigations is always part of a judicial review.

The Sheriff’s Office denied the NYCLU’s information request in July. The civil liberties group filed an appeal but got no response in the required 10 business days.

The NYCLU filed the legal action in November, seeking records on the Stingrays, including invoices, contracts, loan agreements and communications; policies and guidelines governing their use, the number of investigations in which they were used and the number that resulted in prosecutions; and any court applications for authorization to use Stingrays or other cellphone-tracking devices.

“The Sheriff’s Office has spent more than $350,000 since 2008 on this surveillance equipment – it is ridiculous for them to suggest they have no paperwork or records on the matter,” Hirose said at the time.

She also questioned the sheriff’s contention that the information the NYCLU was seeking could reveal criminal investigative techniques or endanger the life or safety of a person. She said the information “will enhance the public’s understanding of the sheriff’s use of Stingrays.”

The NYCLU said the surveillance devices were developed for military use and are about the size of a briefcase. It said the devices mimic cellphone towers and surreptitiously prompt cellphones in their vicinity to deliver data to them.

The NYCLU said the devices raise “significant privacy concerns” under the Fourth Amendment to the U.S. Constitution and provisions of the State Constitution, both of which prohibit unreasonable searches and seizures.

In legal papers filed in January, the Sheriff’s Office said the information sought is exempt from disclosure under the Freedom of Information Law because it would improperly reveal criminal investigative techniques.

The FBI also opposed the request, contending that disclosing the information “would allow criminal defendants, criminal enterprises, or foreign powers, should they gain access to the items, to determine law enforcement’s techniques, procedures, limitations and capabilities in this area.”

NeMoyer noted that when the Sheriff’s Office filed its papers in January, it also disclosed some records that the NYCLU was seeking but that they contained many redactions.

As a result, NeMoyer ordered the sheriff to turn over unredacted copies of:

• Purchase orders “of a Kingfish system, a Stingray system, and the proprietary software for each, as well as training classes, from the Harris Corp. (a Florida-based electronics firm) on three different dates in 2008 and 2012 for a total price of about $350,000.”

• Copies of a June 5, 2012, letter from a Harris representative to the sheriff, which advertised the equipment and software in question, and a June 29, 2012, letter from an FBI agent to the Sheriff’s Office, setting out a “non-disclosure agreement” as a condition of the sheriff acquiring and using the Stingray system.

• Reports on the office’s use of the Stingray system between May 1, 2010, and Oct. 3, 2014, to track cellphones.

NeMoyer said that he reviewed the reports and that most of them “set forth or suggest that the cellular tracking was carried out for the purpose of criminal investigation, i.e., to locate a suspect or fugitive or even a crime victim.”

He said that only one report mentions obtaining a judicial order for the cellular tracking.

The judge noted that at least two reports indicate the use of cellular tracking “to locate a missing person or a potentially suicidal person.”

In those cases, he said, identifying information about the individuals involved should be redacted.

The judge awarded the NYCLU reasonable attorneys’ fees and other costs that it incurred in the proceeding.
http://www.buffalonews.com/city-regi...tails-20150317





‘Top Gear’ Hits Rock Bottom
Kenan Malik

The middle-aged presenter of a British TV show about cars has been suspended by the BBC for allegedly hitting his producer during a “fracas.”

Big deal, you might think; hardly global news. Except that, for many people, the suspension last week of Jeremy Clarkson, the controversial presenter of the BBC’s “Top Gear” program, is a big deal. Nearly a million people have signed an online petition demanding that the BBC reinstate Mr. Clarkson. The story dominated news in Britain, and made headlines across the world — and here I am writing about it for The New York Times.

But then “Top Gear” is a very peculiar cultural phenomenon. What began in 1977 as a regional show about cars and road safety is today the BBC’s greatest global export. Boasting a worldwide audience of 350 million, ranged across 214 territories, it is the most watched factual program on Earth. It generates £20 million (about $30 million) in profits for the corporation every year.

It is a show about cars in which the cars are almost incidental. The essence of “Top Gear” lies in childish pranks, “politically incorrect” jokes, smutty comments and laddish banter. The reputation of the show has been enhanced — or diminished, depending upon your point of view — by a series of controversies over the years, ranging from schoolboy stunts to racial slurs.

Mr. Clarkson has, variously: crashed a pickup into a tree to test the truck’s strength, damaging both; been accused of despoiling Botswana’s pristine Makgadikgadi salt pans by driving across them; been chased out of Argentina by an angry crowd after touring in a car with the registration plate H982 FKL, supposedly a provocative reference to the 1982 Falklands War; driven around an Indian slum in a Jaguar fitted with a toilet “because everyone who comes here gets the trots” (a British colloquialism for diarrhea); caused outrage by giving the Nazi salute in a segment about German cars; and sung the nursery rhyme “Eeny, meeny, miny, moe,” appearing to include the line “Catch a nigger by the toe” (the segment was cut from the broadcast).

Mr. Clarkson, who joined the program in 1988 to give it, as a BBC report put it, “a more abrasive edge,” has come to define the show’s ethos. For some, Clarkson is an irreverent, controversial rebel. For others, he is a chauvinist bigot.

In reality, he is neither. He is more like the schoolboy who has never grown up — the one who stands behind the teacher in the playground pulling faces or ties a firecracker to a cat’s tail.

There is a long English tradition of this kind of adolescent humor, from saucy seaside postcards to comedians like Benny Hill. In the past, when sex was the great taboo, it was innuendo that felt naughty. Today, it is more likely to be political incorrectness. This is not because there is anything transgressive about telling jokes depicting Germans as Nazis or making racial slurs about Asians, but because struggles over appropriate language have become a form of cultural warfare.

Rules about acceptable speech have, over the past three decades, become increasingly significant forms of social regulation. From bans on hate speech to the policing of offensive language, the management of how people talk to each other has become an important means of supervising social relations and establishing moral boundaries. The fact that codes of speech are enforced in this way has led many to push back against them.

This is not simply a case of left vs. right or liberals vs. conservatives. Certainly, political correctness has come to be associated with the left, and many liberals have come to view the appropriate use of language as key to social change. But many conservatives are equally censorious and keen to use speech codes as a way of regulating social relations.

In this struggle over speech, those who protest against restrictions are often characterized as bigots who want the freedom to use racist, misogynistic or homophobic language. But many free speech campaigners, myself included, view the right to freedom of expression as central to the struggle against bigotry. And then there are those who feel marginalized and voiceless, and express their estrangement from mainstream institutions by rejecting what they see as the liberal consensus.

Few of the 350 million people who watch “Top Gear” across the globe, or the almost one million who have signed the petition for Mr. Clarkson’s reinstatement, are likely to be either bigots or free speech advocates. But many chafe at the imposition of rules about what is culturally appropriate. That may explain how a show with a very English kind of puerile humor has gained a global audience.

What should be unsettling is not so much Mr. Clarkson’s transgressions as the fact that a multimillionaire who counts Britain’s prime minister among his close friends should be seen as an outsider or rebel. It is a sad reflection on the contemporary world that rebelliousness has, for so many, been reduced to racist slurs and schoolboy pranks.

Equally sad is that so many others should expend such energy and rage railing at Mr. Clarkson. A Guardian editorial likened him to an “ogre.” The “Top Gear” presenter may be a jerk, certainly; but an ogre?

In the left-leaning magazine The New Statesman, one feminist critic wrote that “if every signatory to this petition were boiled down for biofuel, the world would be a cleaner, smarter place.” There is sufficient blind contempt there to suggest a promising future as a “Top Gear” scriptwriter.

The task of challenging bigotry has been diminished to the policing of language. The task of challenging conformism has been reduced to infantile jokes. It’s not just “Top Gear” that these days seems adolescent.
http://www.nytimes.com/2015/03/18/op...ck-bottom.html





Mickey Kaus Quits Daily Caller after Tucker Carlson Pulls Critical Fox News Column
Dylan Byers

The blogger Mickey Kaus has quit his job at The Daily Caller after the conservative site's editor-in-chief, Tucker Carlson, pulled a critical column about Fox News from the site, Kaus told the On Media blog on Tuesday.

"It's pretty simple," Kaus said in an interview, "I wrote a piece attacking Fox for not being the opposition on immigration and amnesty -- for filling up the airwaves with reports on ISIS and terrorism, and not fulfilling their responsibility of being the opposition on amnesty and immigration.... I posted it at 6:30 in the morning. When I got up, Tucker had taken it down. He said, 'We can't trash Fox on the site. I work there.'"

Carlson, who co-founded The Daily Caller in 2010, is a conservative contributor to Fox News and the host of its weekend edition of "Fox & Friends."

Kaus says when he told Carlson he needed to be able to write about Fox, Carlson told him it was a hard-and-fast rule, and non-negotiable.

"He said it was a rule, and he wouldn't be able to change that rule. So I told him I quit," Kaus explained. "I just don't see how you can put out a publication with that kind of giant no-go area. It's not like we're owned by Joe's Muffler Shop, so we just can't write about Joe's Muffler shop."

Reached via email, Carlson told On Media: "Mickey is a great guy, and one of the few truly independent thinkers anywhere. I'm sorry to see him go."

Kaus will now publish his columns exclusively on Kausfiles, a blog that was previously featured on Slate. But he said that Fox News' influence over The Daily Caller was indicative of a larger problem in conservative media.

"It's a larger problem on the right: Everybody is scared of Fox," he said. "Fox is their route to a high-profile public image and in some cases stardom. Just to be on a Fox show is a big deal. And I think that's a problem on the right, Fox's monopoly on star-making power."
http://www.politico.com/blogs/media/...on-204135.html





People Who Use Firefox or Chrome Are Better Employees

Yet another reason to shun Internet Explorer
Joe Pinsker

There was a time when the browser you used was nothing more than a matter of taste or subtle self-expression. Safari was for Apple purists, Chrome for the fleet of foot, Firefox for the universally compatible, and Internet Explorer for the masochistic. But in the end, they all ended up doing more or less the same thing, just with marginally different visual styles and at marginally different speeds.

But in the world of Big Data, everything means something. Cornerstone OnDemand, a company that sells software that helps employers recruit and retain workers, analyzed data on about 50,000 people who took its 45-minute online job assessment (which is like a thorough personality test) and then were successfully hired at a firm using its software. These candidates ended up working customer-service and sales jobs for companies in industries such as telecommunications, retail, and hospitality.

Cornerstone’s researchers found that people who took the test on a non-default browser, such as Firefox or Chrome, ended up staying at their jobs about 15 percent longer than those who stuck with Safari or Internet Explorer. They performed better on the job as well. (These statistics were roughly the same for both Mac and PC users.)

Michael Housman, the chief analytics officer at Cornerstone, said that while the company’s research hasn’t identified anything to suggest causality, he does have a theory as to why this correlation exists. “I think that the fact that you took the time to install Firefox on your computer shows us something about you. It shows that you’re someone who is an informed consumer,” he told Freakonomics Radio. “You’ve made an active choice to do something that wasn’t default.”

Why would a company care about something so seemingly trivial as the browser a candidate chooses to use? Call centers are estimated to suffer from a turnover rate of about 45 percent annually, and it can cost thousands of dollars to hire new employees. Because of that, companies are eager to find any proxy for talent and dedication that they can.

That said, Housman notes that browser choice isn’t something that Cornerstone’s clients consider when hiring—that’d be seen as too intrusive. They do, however, track other variables that correlate with high rates of employee retention. Giving employees raises can help, but their positive effects dissolve after about a month. More important is getting along with one's boss, which is more responsible for getting people to stick around than all of the other variables combined.

As correlations like “Chrome users are better employees” bob up from a sea of data, it’s important that they don’t start to generate the same rigid biases that Big Data is partially dampening—rejecting an applicant with the “wrong” browser would be silly. But still, some correlations deserve swift and immediate judgment: Housman also told me that his data set revealed that people who use “boozy” or “sexy” in their email addresses make for worse employees. But we didn't need Big Data to figure that out.
http://www.theatlantic.com/business/...loyees/387781/





This App Lets You Piggyback Facebook's Free Internet to Access Any Site
Lorenzo Franceschi-Bicchierai

In countries like Zambia, Tanzania, or Kenya, where very few have access to the Internet, Facebook is bringing its own version of the net: Internet.org, an app that gives mobile users free access to certain sites such as Google, Wikipedia and, of course, Facebook.

While the initiative has clearly positive goals, it’s also been criticized as an “imperialistic” push for Facebook colonies, where novice Internet.org users will grow up thinking their restricted version of the web is the real internet.

To fight against that possibility, a 20-year-old developer from Paraguay is working on an app that tunnels the “regular” internet through Facebook Messenger, one of the services free to use on Internet.org’s app. This allows Internet.org users to establish a link to the outside, unrestricted internet, circumventing restrictions.

Matias Insaurralde has been working on this project since 2013, with the simple goal of giving his fellow countrymen (Paraguay is an Internet.org testbed) as well as others, the chance to escape the walled garden of Internet.org.

“I hope to provide an alternative access to the Internet (or the rest of it)—or at least raise concern about the disadvantages of this type of campaigns,” Insaurralde tells Motherboard. “Giving access to just a few sites in a country that historically had bad connectivity and very high costs sounds like a bad joke.”

Paraguay is one of the worst countries in the world in terms of internet access. According to the country’s government, 37 percent of the population had access to the Internet in 2013, and only around 50 percent are expected to have it by the end of 2015.

But access is expensive. In 2012, according to a study, the average price of a 1mbps connection (which is 10 times slower than the average broadband connection in the US) cost $40 a month in Paraguay, the highest price in South America after Bolivia.

With this app, Insaurralde hopes to help change that.

The app, called Facebook Tunnel, is still in the prototype stage, but Insaurralde says he tested it with his own smartphone and Internet.org app—and it works. All he needs now, he says, is to port the app from Linux to other platforms and make a working client.

The app essentially takes advantage of Facebook Messenger’s protocol, establishing a link between an Internet.org user with limited Internet access, and someone who has an unrestricted internet connection. The person with the unfettered internet connection routes his access to the other person with limited access, acting as a proxy.

“You could establish a list of friends, or select friends, who will allow you to browse the internet through them—like trusted people,” Insaurralde tells Motherboard.

This is not a completely novel idea. Apps like Lantern or Google’s uProxy use a similar approach to help people that live in countries with heavy internet censorship, such as China or Iran, to establish a peer-to-peer connection with someone on the outside world who acts as proxy to the unrestricted Internet.

It might take a few months, Insaurralde says, but ever since his project got some attention on the programming forum Hacker News over the weekend, he has received many emails from people offering to help.

Adam Fisk, the lead developer of Lantern, tells Motherboard that this is a feasible project that can help against the restrictions of Internet.org, which is “a terrifying combination of opening access while doing it in the most walled-garden way imaginable.”

“It's the filter bubble to an extreme, with Wikipedia sprinkled on top,” he tells Motherboard.

While it could technically work, Fisk notes that Facebook Tunnel “would be slow and would rely on the person on the other end running the software.” And the big qustion, he says, is whether someone using Internet.org even knows someone “on the other side” who could provide unrestricted internet access.

The success of this project, however, will ultimately depend on whether Internet.org and its local partnering providers will turn a blind eye to people using this app, according to Insaurralde. Internet.org did not answer to Motherboard’s request for comment.

“If I happen to build an easy and flexible tool for non-technical users, it could become massive,” he says. “And they will work hard to stop it.”

For Josh Levy, the advocacy director at Access, a digital rights group, that would be a mistake.

"We'd hate to see ISPs and Facebook police these workarounds, which would show that they care less about users' access to the internet and more about the terms of the deals, open internet be damned," Levy told Motherboard.

If they do, Internet.org users will be back to square one, with their free internet connection in the Facebook walled digital garden.
http://motherboard.vice.com/read/thi...ccess-any-site





The Gigabit Age Is Upon Us

Editor’s note: Will Barkis co-runs Orange Silicon Valley’s GigaStudio, a consumer apps program to benefit consumers with super-fast networks. He served as Director of Mozilla’s Gigabit Community Fund and has worked at the National Science Foundation, where he collaborated with the White House to launch the U.S. Ignite next-generation apps initiative.

Society has entered a time in which technology enables us to be constantly connected, not only with one another, but also to devices and platforms. But we want faster ways to access and share information. Current connections aren’t enough yet. Gigabit networks are emerging as a transformative technology that provides rich connectivity and opens up a world of immersive experiences with blink-of-an-eye responsiveness, always-on reliability and more.

Here in the U.S., the shift to ultra-fast broadband is quickly gaining momentum thanks to both increased competition and community leadership. Communities are beginning to see economic opportunities increase, which accelerates job growth and offers a host of new public benefits. Local and national civic leaders are also calling for even faster broadband and access while municipalities, ISPs, citizens and Internet advocates demand action and funding for new gigabit infrastructure projects.

Behold, the Gigabit Age is upon us. Like the Stone, Bronze, and Silicon Ages, gigabit networks will facilitate the creation of new and better tools, applications and case studies — all ultimately empowering us to do new and better things.

Competition is accelerating speeds to gigabit

Until recently, the U.S. has had slower Internet than other advanced countries, but that’s rapidly changing. Over the last two years, Comcast has doubled speeds across its tiers to 50, 105 and 150 Mbps in most markets and Time Warner Cable has increased its Internet speeds 50 percent each year. In fact, average broadband speeds in the U.S. now exceed 30 Mbps.

New marketplace entrants are turning the conversation to gigabit. Google sparked the imagination of 1,100 U.S. cities when it sought to bring its Google Fiber technology to a community. It now offers service in three metropolitan areas and announced expansion to four more with five additional metros in negotiations. A growing number of small and medium-sized providers including Sonic.net and Consolidated Communications now offer gigabit services in select markets. Incumbents are responding with expanded ultra-fast services. AT&T will deploy its GigaPower service to 100 potential new markets soon while Comcast trademarked “TrueGig” and is exploring a gigabit offering. Verizon’s FiOS network is currently available to nearly 20 million households and continues to add customers.

Communities are benefiting from gigabit

Communities are driving the move to gigabit, as well. Chattanooga, Tenn., has transformed itself into America’s first “Gig City” and envisions “gigabit as the electricity of the 21st century.” Over 250 municipalities have been similarly inspired and have deployed fiber to at least 50 percent of all households. These communities see this as essential infrastructure and an opportunity to drive economic development and public benefit for their citizens.

Investment in gigabit infrastructure is having a measurable impact on economic development and job growth. Entrepreneurship is flourishing in gigabit communities like the Kansas City and Chattanooga and gigabit cities are becoming fertile tech ecosystems. A Fiber to the Home Council study of 55 fiber communities found a 1.1 percent increase in GDP while a Cisco study found direct and indirect GDP increases of 1.1 percent and 3.5 percent, employment growth of 1.1 percent and significant improvement on key indicators of general public welfare.

Civic leaders push for ultra-fast infrastructure

As fiber communities experience economic benefits, civic leaders are putting political muscle behind the opportunity. Local leaders in 50-plus cities representing 20 million Americans have joined the Next Century Cities initiative. The US Ignite initiative, launched at the White House in 2012, has grown to include more than 35 cities and 65 research universities working together to develop next-generation gigabit applications. Mayors in small- and medium-sized cities see ultra-fast networks as a great equalizer.

On the national level, the FCC has redefined “broadband” as 25 Mbps. President Obama wants the U.S. to have “the fastest Internet” and has taken a series of steps to support gigabit-level broadband as outlined in a speech in Cedar Falls. Both the president and FCC Chairman Tom Wheeler have also called for increased competition in ultra-fast broadband, and the FCC took action on Feb. 26 preempting two state laws restricting municipal fiber deployments.

Building the tools of the Gigabit Age

Today, Internet users want more from their communication and information technologies. Tomorrow, they’ll demand even more. Ultimately, people want rich, natural experiences created by reliable applications that are always available.

The transformative aspects of the Gigabit Age are the human experiences they will enable: blink-of-an-eye/finish-your-sentence responsiveness (latency), real-world-quality resolution (bandwidth), empowerment to create (symmetrical download/upload) and always-on connectivity (Quality-of-Service).

As the movement to gigabit builds momentum, we are already starting to see the possibilities: a better Internet experience with no waiting; an improved television experience with affordable, high-resolution 4K displays; immersive gaming using compute resources in the cloud; and more realistic videoconferencing.

But the truly transformative experiences have yet to be created. The bedrock services we will use every day — the telephone of tomorrow, the email of the future, the Facebook of fiber — don’t exist yet. Gigabit will enable new types of applications across many industries based on enhanced presence, real-world-quality communication, intelligent systems and natural-feeling experiences. These applications will improve our lives and allow us to do more, saving time, money, energy and ultimately helping us to find more human ways to connect.
http://techcrunch.com/2015/03/17/the...ge-is-upon-us/





GOP: The FCC’s Inspector General Has Launched an Investigation Into Net Neutrality
Brian Fung

The Federal Communications Commission's internal watchdog has opened an investigation into the agency's effort to draw up aggressive new rules for Internet providers, according to a top Republican lawmaker.

Rep. Jason Chaffetz (R-Utah), who heads the House Oversight Committee, said Tuesday that the FCC Inspector General had launched an investigation "in the last couple days."

"I didn't know about it 'til I walked up here," Chaffetz told reporters Tuesday.

The probe, said Chaffetz, will focus on the FCC's rulemaking process leading up to the agency's recent, historic vote to apply strict rules on Internet providers. Republicans have accused the FCC of improperly collaborating with the White House on the so-called "net neutrality" rules, which ban providers of high-speed Internet access such as Verizon and Time Warner Cable from blocking Web sites they don’t like or auctioning off faster traffic speeds to the highest bidders.

Responding to questions from Chaffetz and the top Democrat on the committee, Rep. Elijah Cummings (Md.), FCC Chairman Tom Wheeler said he was not aware of an investigation by David Hunt, the FCC inspector general. But, Wheeler said, he would "of course" cooperate with any investigation.

The FCC declined to comment. The FCC inspector general also declined to comment.

It's a surprising twist in an issue that many analysts believe will be resolved through litigation. Internet providers are widely expected to sue the FCC in an attempt to overturn the agency's new regulation. But an investigation by the FCC inspector general could dramatically complicate things.
http://www.washingtonpost.com/blogs/...et-neutrality/





The Pirate Party is Now Measured as the Biggest Political Party In Iceland

The Pirate Party now measures as the largest political party in Iceland, according to a new survey from the Icelandic market and research company MMR which regularly surveys the support for the political parties in Iceland.

Support for political parties and the government was surveyed in the period between the 13thand 18th of March. The results show that The Pirate Party has gained increased support.

Now, support for The Pirate Party totals 23.9%, compared to their previous 12.8% in the last MMR survey a month ago. Further, support for the Independence Party (Sjálfstæðisflokkurinn)—who measured largest last time — dropped to 23.4% from their previous 25.5%. Hence, the two parties differ by a mere 0.5 percentage points, which is not a substantial difference; but all the same, The Pirate Party, founded in 2012, shows the most support of all parties.

Support for The Social Democratic Alliance (Samfylkingin) is now measured 15.5%, compared to their previous 14.5%. Support for The Progressive Party (Framsóknarflokkurinn) is now measured 11.0%, compared to their previous 15.0%.

Support for The Green Party (Vinstri Grænir) is now measured 10.8%, compared to their previous 12.9%. Support for Bright Future (Björt framtíð) is now measured 10.3%, compared to their previous 15.0%. Support for other parties measures below 2%.

Rejecting corruption and hubris

"To be completely honest: I don’t know why we enjoy so much trust, we are all just as surprised, thankful and take this as a sign of mistrust towards conventional politics,” says Birgitta Jonsdottir, the captain of the Pirate Party. In addition, she refers to surveys having shown that the people’s trust in politicians is below zero.

“Traditional politics have not shown progress and people are tired of waiting for change. It is good that people are rejecting corruption and hubris.

“We take this with humility. This must be a clear message to the government, especially to The Independence Party (Sjálfstæðisflokkurinn) and their arbitrary governance.”

Last Friday Fréttablaðið published the results of their independent survey of the total votes if parliamentary elections were to take place now. In that survey the Pirate Party measured with about 22% of of the total votes. That made the Pirates the second largest political party in Iceland.

According to the MMR´s survey the Pirate Party and the Independence Party (Sjálfstæðisflokkurinn) would get 16 members of the Parliament each, The Social Democratic Alliance (Samfylkingin) 10, The Left Green Party (Vinstri grænir) 7, Bright Future (Björt framtíð) 7 and The Progressive Party (Framsóknarflokkurinn) 7.

„I didn´t really expect this to happen within a decade of the first party founding. That's kind of cool. No actually, it's bloody awesome,“ says Rick Falkvinge, the political evangelist for the global pirate movement, in a comment on Reddit about the news of the Pirate Party in Iceland.

„My deepest congratulations to the PPIS for all the hard work you've put in to get to this point. I was at the party when you were first elected to Parliament on April 27, 2013, and wrote about it then; I hope to attend the next election victory party as well and write of your accomplishments again. Much love, and much inspiration received from your efforts, strides, and successes.“

Let's take that again: The Icelandic Pirate Party is now the _largest political party_ on Iceland. congrats! http://t.co/c60lmVLti6
— Rick Falkvinge (@Falkvinge) March 19, 2015
http://www.visir.is/the-pirate-party.../2015150318848

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

March 14th, March 7th, February 28th, February 21st

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 02:04 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)