Peer-To-Peer News - The Week In Review - October 22nd, '11

[JackSpratts]

Since 2002


































"What will me and my poor iPad do? I’m so sorry DC! Because it is not like I can download all those comics for free, oh wait yes I can, and now I guess I will and maybe I will download every comic DC produces while I am at it!" – NinjaZilla



































October 22nd, 2011




File-Sharing Admins Jailed For Linking To Copyright Works
enigmax

The administrators of two file-sharing sites have been sentenced to fines and a year in jail for linking to copyright works. Breaking a long run of operators being acquitted for similar activities, a Spanish court decided that the act of linking constituted a for-profit “public communication”. The lawyer for one of the defendants has denounced the decision, saying that it can only be understood in “political terms”.

In common with many similar sites, FenixP2P.com and MP3-es.com carried no content of their own, but instead linked to other locations where content was hosted. A negative ruling against their operators seemed unlikely as Spanish courts have continually acquitted defendants running similar sites.

It therefore comes as a quite shock to hear that the Provincial Court of Vizcaya has sentenced the operators of both sites not only to fines, but a year in jail.

After originally being acquitted, an appeal in the case was brought by ADES (Spanish Association of Distributors and Publishers of Entertainment Software) and Promusicae, the well-known recording industry outfit.

While the court agreed that neither site actually hosted any infringing content, it noted that the defendants organized and made available links which enabled free downloads of copyright works, from which they intended to profit via advertising.

Crucially, the Court of Vizcaya viewed linking very differently to other courts handling similar cases in the past, when it described the act as “communicating to the public” and not an exchange between individuals.

Lawyer for FenixP2P, Carlos Sanchez Almeida, says the decision is completely wrong and can only be viewed as a political statement.

“FenixP2P was a P2P links page that all courts have declared exempt from criminal liability in recent years,” he explained.

“Given the general atmosphere in the country after the internet campaign against the Sinde Law, a statement like this can only be understood in political terms.

“The Provincial Court of Vizcaya did not hear directly from experts and witnesses, in violation of the principles of contradiction and immediacy,” he added.

Almeida says he is considering his response to the decision, possibly to include an appeal to the Constitutional Court and even the European Court of Human Rights.
https://torrentfreak.com/file-sharin...-works-111018/





Hyperlinking Doesn't Constitute Defamation, Canadian High Court Rules
Kirk Makin

The Supreme Court of Canada has erected a shield to protect those who post internet links to defamatory sites.

The Court was unanimous in ruling that anyone whose site supplies hyperlinks that lead to another site has not published it for the purposes of libel and defamation law.

The decision effectively gives the benefit of the doubt to internet posters who may be unaware that a site they link to could contain defamatory material about another party.

However, if a post linking to another site itself contains defamatory material, the poster may be liable in a defamation action.

The Court ruled against Wayne Crookes, owner of West Coast Title Search Ltd., who sued Jon Newton, an internet blogger, over allegations that he provided hyperlinks to material that defamed Mr. Crookes and the Green Party.

“Making reference to the existence and/or location of content by hyperlink or otherwise, without more, is not publication of that content,” Madam Justice Rosalie Abella wrote.

“Only when a hyperlinker presents content from the hyperlinked material in a way that actually repeats the defamatory content, should that content be considered ‘published’ by the hyperlinker.”

Dean Jobb, a journalism professor at University of King’s College, applauded the ruling for protecting a core purpose of the internet: the ability of users to share links to material posted online.

Those sharing the material often have not fully reviewed the material and may not even agree with it, said Prof. Jobb, author of Media Law for Canadian Journalists.

“The court recognizes that simply posting a link to material that may be libellous is a far cry from publishing or repeating the libel, let alone endorsing what has been said in the linked post,” he said.

“This is an important contribution to freedom of expression on the Internet.”

Judge Abella said that the ruling will promote free expression and “respect the realities of the Internet” while at the same time giving plaintiffs a genuine opportunity to vindicate their reputations.
https://www.theglobeandmail.com/news...rticle2206256/





Record-Breaking File-Sharing Trial Heard in Sweden
enigmax

Today, a court in Sweden has heard the case against a woman accused of sharing 45,000 music tracks online. Even in the home of The Pirate Bay the sheer scale is a record-breaker, and the prosecution has already hinted at a jail sentence. The defense, however, will be hoping for a much better outcome. Pirate Party founder Rick Falkvinge was there to see it all.

As the spiritual home and birthplace of The Pirate Bay, it was perhaps inevitable that Sweden would feel the heat from the entertainment industries in a way few other countries have.

Relentless pressure from Hollywood and the US recording industry has ensured that a steady stream of Swedish citizens have been hauled up in court for an activity that in recent years has simply been a part of their culture.

Today a court heard the case against an individual accused of sharing around 45,000 music tracks online, a record-breaking amount for Sweden.

“The copyright industry keeps harassing ordinary citizens, in this case a 58-year-old Swedish woman,” Pirate Party founder Rick Falkvinge told TorrentFreak.

The accusations stem from the woman’s alleged file-sharing activities back in October 2007.

Rick, a regular TorrentFreak contributor, was at the hearing and reported back on this important case. He believes that the prosecution and copyright holders will use this case to set an increased level of punishment for file-sharers.

From the courtroom Rick reported that interest in the case was high and the public seating area filled to capacity.

Prosecutor Fredrik Ingblad claimed that the defendant is guilty of sharing thousands of tracks either deliberately or through criminal negligence.

Although the defendant denied these charges, she did admit to having downloaded some tracks. But the important question remained – was she aware that the tracks she downloaded were subsequently being shared?

“Looking at the panel of four judges, the outlook appears bleak,” Rick explained.

“Estimating their ages, the four appear aged 75, 45, 40 (the law judge) and 60. In particular, the older lay judge looks puzzled and absolutely lost in space when the prosecutor explains sharing, hubs and DC++ [Direct Connect].”

The prosecution’s claim, that 45,000 tracks were being shared, was apparently agreed to by the defense, an admission described as a “major fuck up” by Rick. Indeed, it later transpired that the prosecution only had evidence to show that “about 50″ tracks had been shared.

It appears that a search of the defendant’s house took place a full year after IFPI carried out its initial investigation and it failed to turn up any of the music tracks in question. However, a Direct Connect client was found complete with logs which are said to contain data matching that from IFPI’s investigation.

The defense stated its case quickly. The seized computer carrying the logs does not belong to the defendant, and the defendant does not have the technical knowledge to know that sharing of music had taken place, despite installing the Direct Connect software and despite holding the job of a systems administrator.

The defense went on to remind the court that the accused had not acted with intent nor been criminally negligent, and that the prosecution had not shown anything to the contrary.

“It is interesting that the defense tries the ‘no active consent to sharing’ defense that was successfully used in the Göteborg trial against the 15-year-old who was ratted out by his headmaster,” Rick told us.

“Just as Denmark has established that ‘open wireless’ is a silver bullet against the copyright industry, perhaps this can become an equally strong defense until the laws are changed to stop these goons.”

After initially talking along the lines of a five months prison sentence, the prosecutor settled for a conditional sentence and an income-based fine. Nevertheless, that could be substantial – the biggest conviction previously related to the sharing of around 3,000 tracks.

“Seeing the inertia in the system gives us a feel for how long it will take to reverse this corporativist trend,” says Rick.

“This trial was for events that transpired in 2007. Four years ago. If we learn from today, it will have effects on trials that take place in 2015. Hopefully, there will be Pirate Parties in parliaments in several countries by then, starting to reverse this madness.”

The verdict will be delivered in two weeks.
https://torrentfreak.com/record-brea...sweden-111017/





West Yorkshire Police Accused Of Copyright Theft
Steve McCaskill

Forensic telecoms expert claims West Yorkshire Police stole its software and sold copyright data on

West Yorkshire Police goes to the High Court today, accused of copyright theft by a firm that specialises in analysing mobile phone data.

Forensic Telecommunications services (FTS) claims the police force illegally used and sold copyright data from a commercial mobile phone forensics application it had been using in high profile cases.

Pulling data from phones

FTS specialises in extracting and analysing data from mobile phones – even where the SIM card is absent. Its software has been used in a number of security and terrorism cases, most notably the investigation and successful prosecution of the UK’s largest ever robbery when £53m was stolen from a Securitas depot in Kent in 2006.

FTS software was used to analyse some 300 mobile phones. forensic access to mobile phone data is a touchy subject, and has caused issues with mobile vendor RIM. IT equipment generally – and storage devices in particular - is a source of forensic data that police are increasingly tapping.

FTS alleges that West Yorkshire Police used material from its software package Hex, which allows investigators to extract data from mobile phones including call registries, deleted texts and identify SIM cards that have been used, even if the phone has been burnt or stamped on.

The claim was filed at the end of May 2009 and accuses West Yorkshire Police of taking copyright data from Hex’s manuals to develop its own mobile phone forensics application.

FTS says that these lists were the product of “extensive research within the R&D department” and had been continually updated since development of Hex began in 2003. FTS says that these lists are not available in the public domain.

Biting the hand that feeds

Hex was released in 2006 and FTS became aware that West Yorkshire Police was developing its own software called CLIVE in the summer of that year. The claim alleges that CLIVE replicated errors found in the lists used for Hex in a “tell-tale sign of copying.”

FTS raised these concerns with West Yorkshire Police in late 2006, but the force went on to repeat alleged infringement in 2007 when it updated the software, now named OLIVE, and made it commercially available.

Managing Director Shaun Hipgrave told BBC’s Today programme, “West Yorkshire Police, working out of their high-tech crime unit had access to a vital list that is part of our software. The license holder was there legitimately working on behalf of a case. We say that West Yorkshire Police copied that list.”

FTS says that the license was the security services who took FTS’ software and these lists into West Yorkshire Police’s high-tech crime unit where they were working on a joint counter-terrorism investigation, Operation Praline.

Hipgrave commented, “The police are our customers and are we biting the hand that feeds us? We felt we’ve got no choice because we are a small company who are innovative and provide this kind of software in the fight against terrorism and crime and our intellectual property and our copyright is absolutely integral to that and we have to protect it.”

In a statement to the BBC, West Yorkshire Police said it strongly refutes FTS’ claim and that they are going to challenge it in the High Court today.
http://www.eweekeurope.co.uk/news/we...ht-theft-42849





Govt Redacts ISP Anti-Piracy Consultation Text
Renai LeMay

The Federal Government has quietly deleted a controversial section of text published in a consultation paper last Friday that proposed a “streamlined” legal process to aid anti-piracy organisations such as Movie Rights Group and AFACT to target individuals allegedly downloading copyrighted material online.

Last Friday, October 14, the Department of the Attorney-General published a consultation paper regarding digital copyright regulation. The original paper, available in full here (PDF), contained two discrete sections. The first dealt with a proposal to revise the scope of ‘safe harbour’ regulations to better protect organisations which host others’ content online.

However, it was the second section of the paper which garnered more attention, due to its included proposal aimed at “streamlining” the process whereby content owners can force ISPs to divulge details of their customers in copyright infringement matters. This is the process currently being used by a new company, Movie Rights Group, to seek the details of some 9,000 Australians who have allegedly infringed its clients’ copyright online.

“Widespread unauthorised downloading and use of file-sharing applications has made it increasingly difficult for copyright owners to successfully commercialise their property in the digital environment,” the paper stated. “The difficulty of identifying persons engaged in infringing activities has also made it very difficult for copyright owners to protect and enforce their rights.” The release of the paper was accompanied by a speech by Attorney-General Robert McClelland to an event held by the Australian Copyright Council.

However, the entire page of text dealing with the proposed streamlined process has been deleted from a revised consultation paper posted on the Attorney-General’s website. Several minor additions have also been made to the text. The new copy of the consultation paper can be found online here (PDF). Comment will be sought from the Attorney-General’s Department this morning as to why the consultation paper was substantially modified without notice to the public.

The publication of the paper had already attracted significant criticism from digital rights groups such as Electronic Frontiers Australia and the Australian branch of the Pirate Party. Following the redaction revealed tonight, the Pirate Party further criticised the Government over the matter.

“This is an unacceptably opaque attack on our civil liberties,” said the Pirate Party Australia in a statement tonight, referring to the redaction, “and only further highlights the Government’s continual attempts to limit the public’s involvement in any governmental decision-making.” The party plans to submit a response addressing the issues raised in the original consultation paper.

The Department of the Attorney-General is currently engaged in closed door talks between the ISP and content industries, with the aim of brokering some kind of industry solution to the issue of online copyright infringement. However, little information has been released regarding the talks so far, and the department has refused at least one Freedom of Information request regarding minutes of the talks — stating no such document exists.

“Not only are we seeing a clandestine process that excludes civil society and the public at a critical juncture in the development of policy, we are now seeing a deliberate attempt to suppress contributions from them,” said Rodney Serkowski, President of Pirate Party Australia. “Perhaps this is because the outcomes of the ‘consultative process’ are predetermined, and the facade of ‘open government’ has to be maintained. Now that we have raised serious issues, like the streamlined invasion of privacy, the process of consultation has been heavily restricted.”

“Of course, this could only be administrative incompetence, but the previous actions of the Attorney-General’s Department do not lend themselves to this explanation,” added Serkowski.

On Friday, before the new redacted version of the consultation paper appeared, EFA board member Kimberley Heitman said the consultation paper was worth public comment, and his organisation would respond. “Obviously the expansion of the safe harbour definition will be advantageous for Internet businesses other than carriers, and a summary procedure for identifying end-users has been long desired by big media companies,” Heitman said.

“The Government should step back, however, and understand that this consultation paper illustrates how flawed its consultation process to date has been. There are no consumer issues for discussion, only law reform for business interests. For example, why is there no attempt to deal with the causes of unauthorised downloading, which include restrictive trade practices and industry indifference to minority markets? Why is there no acknowledgement that in a broadband environment, IP addresses are shared?”

“There is much more to public consultation than telling the public that the Government has signed a secretive trade agreement or has done a deal with private industry. Department of Communications: Learn how to communicate!”

Pirate Party Australia acting secretary Brandan Molloy said his “favourite part” of the original version of the consultation paper was its citation of a report recently commissioned by the Australian Federation Against Copyright Theft, which represents film and TV studios in anti-piracy efforts. The report, dubbed the Economic Consequences of Movie Piracy (Australia) and available online (PDF) came under heavy attack earlier this year from groups such as the EFA, which cited at the time what it saw as its flawed methodology for tracking lost sales.

“It is disappointing that our Government continues to base their opinions on such flawed data, and will now simply continue to do so behind closed doors,” said Molloy.

update: The following statement has been received from the Attorney-General’s Department:

The Safe Harbour consultation paper is currently on the AGD website. Comments are due by 22 November 2011.

The Department is currently working on a number of copyright policy issues relevant to the digital environment. A draft document which incorporated other issues not included in the Safe Harbour review was mistakenly posted on the Departmental website. It was removed as soon as the error came to light. A clarification will be posted on the website.

We believe that the ongoing departmental convened discussions between ISPs and content owners is currently the most appropriate forum to address these issues.
http://delimiter.com.au/2011/10/17/g...ultation-text/





Free Justin Bieber! (Why Streaming Shouldn’t be a Felony)
Ernesto

U.S. authorities have demanded the extradition of Justin Bieber, the Canadian singer who turned blatant copyright infringements into a profitable career. The teen star is accused of streaming unauthorized songs to millions of people without compensating the copyright holders and now faces a 5 year prison sentence.

Yes, the intro to this article is fiction, but it could easily become reality if some U.S. lawmakers have their way.

In March, the White House published a white paper with several recommendations on how to make copyright law compliant with the digital age. Among other things, it suggested classifying unauthorized streaming of copyrighted material as a felony with a maximum prison sentence of 5 years.

These proposals were turned into a bill that Senators Amy Klobuchar, John Cornyn and Christopher Coons officially introduced in May. Simply said, the bill (S. 978) will make the “streaming” of copyrighted works a similar offense as “downloading” already is. On the surface this might sound logical, but in reality the implications could be disastrous.

If signed into law, hundreds of thousands of people who uploaded videos to YouTube could get into trouble. In short, everyone who shares a video which contains copyrighted material, a cover of a popular song for example, will face a maximum of 5 years in jail if the “felony streaming” bill becomes law. Justin Bieber included.

Launched today, the “Free Bieber” campaign hooks into this provoking image, and asks the public to tell Congress to vote ‘no’ to the bill. The campaign is organized by the non-profit organization Fight for the Future, which aims to counter the influential lobby of the entertainment industries.

“The main problem with the law is since copyright law is so expansive, it applies to lots of completely harmless and common things: like singing a song, dancing to background music, or posting a video of a kids’ school play, for example,” Tiffiniy Cheng, Director of Fight for the Future told TorrentFreak.

“Bieber got famous by posting unauthorized covers of popular R&B songs to YouTube. The fact that they were posted to advance his music career and the number of views on these videos means they blow past the (very low) threshold for what counts as a felony,” Cheng says.

The law requires only 10 YouTube views (performances) and a hypothetical “fair market value” of $5000. This, bundled with some commercial aspect such as running ads (or using the videos to advance one’s career), and a potential jail sentence awaits.

With the “Free Bieber” campaign, Fight for the Future hopes to bring these implications to the attention of the public.

“We think that a larger audience needs to understand the implications of this bill, and visualizing and talking about what it would be like for Justin to be in jail for this should make it completely clear,” Cheng said.

“What’s genuinely troubling is that this bill applies to a massive slice of social media activity. And if you doubt that the RIAA and MPAA would push the government to go after teenage Facebook users, remember: these are the same people who used $7,000-per-song civil penalties designed to punish large-scale commercial piracy to sue 14-year-old P2P users and their families,” she added.

Some supporters of the bill have indeed argued that YouTube users have nothing to worry about, and that the bill is mainly aimed at site owners who stream millions of copyrighted songs, movies and TV-shows. Although this sounds believable, the question would then be why the bill itself doesn’t make this distinction.

And is this new law really needed in the first place? Are current laws not sufficient?

Earlier this year the authorities arrested the owner of Channelsurfing.net, a website where links to external sports streams were listed. The site itself did not offer any streams, it merely linked to streams that were offered by third-party sites.

For linking to streams the 32-year old Brian McCarthy from Texas charged with criminal copyright infringement for “reproduction and distribution” of copyrighted material, and without the new bill he still faces 5 years in prison.

The above raises enough questions to ask Congress to take a good look at the necessity and implications of “felony streaming” bill (S. 978).
https://torrentfreak.com/free-justin-bieber-111019/





Google Boots FrostWire From Android Market, But Why?
Ernesto

Without any explanation Google has suspended the FrostWire file-sharing application from the Android market. The timing of the removal is both remarkable and unfortunate. Google’s decision follows the news that FrostWire had settled its dispute with the Federal Trade Commission (FTC) over privacy concerns.

With more than a million installs FrostWire is one of the most popular file-sharing applications on the Android platform. But despite this success Google has decided to pull the app from the Android market place.

FrostWire’s Angel Leon tells TorrentFreak that his company was not informed why FrostWire was suspended, but the first thought is that it has something to do with the recent settlement his company reached with the FTC.

Just before the weekend several news outlets reported that FrostWire and the FTC had settled their court case over privacy concerns. The government agency, which aims to protect the rights of consumers, alleged that FrostWire was disregarding users’ privacy by sharing files by default.

FrostWire agreed that this was a valid concern and based on pointers from the trade commission, updated its desktop and Android applications. These updates were actually carried out months ago, meaning that since then the application was no longer a concern for the FTC, hence the settlement.

“We fixed the app ages ago, and probably 99.9% of the userbase is actually running 0.6.3 (one generation over), so there shouldn’t be a hint of worry in regards to the FTC Complaints,” Leon said.

However, some reports in the media made it seem like FrostWire was still breaching users’ privacy, and this may have triggered Google’s decision to boot the app from the Android market.

Angel Leon notes that the worst part of it all is the lack of communication on Google’s part. Aside from a notice that the application had been suspended, the FrostWire team has received no information. It could be that the removal is totally unrelated to the FTC issue, but without a word from Google that’s impossible to confirm.

“It’s just plain wrong that you get suspended without ANY explanation or ANY notice, specially an app for which people have said they bought an Android for, and which has been installed on over 1 million devices during the last 12 months,” Leon says.

Attempts from both the developers and TorrentFreak to contact Google about the issue remained unanswered thus far, so there is no other option for FrostWire than to wait.

For now the FrostWire Android app can still be downloaded via the FrostWire website. However, the number of shared files has dropped dramatically since this setting was disabled by default.

In the coming weeks the FrostWire team will turn the Android app into a (more usable) BitTorrent client, as they’ve already done with the desktop version. The source of this new client will be released under a GPL license as soon as the first version is released.

Let’s hope that by then FrostWire will have been allowed back into the Android market.
https://torrentfreak.com/google-boot...ut-why-111018/





Amazon Signs Up Authors, Writing Publishers Out of Deal
David Streitfeld

Amazon.com has taught readers that they do not need bookstores. Now it is encouraging writers to cast aside their publishers.

Amazon will publish 122 books this fall in an array of genres, in both physical and e-book form. It is a striking acceleration of the retailer’s fledging publishing program that will place Amazon squarely in competition with the New York houses that are also its most prominent suppliers.

It has set up a flagship line run by a publishing veteran, Laurence Kirshbaum, to bring out brand-name fiction and nonfiction. It signed its first deal with the self-help author Tim Ferriss. Last week it announced a memoir by the actress and director Penny Marshall, for which it paid $800,000, a person with direct knowledge of the deal said.

Publishers say Amazon is aggressively wooing some of their top authors. And the company is gnawing away at the services that publishers, critics and agents used to provide.

Several large publishers declined to speak on the record about Amazon’s efforts. “Publishers are terrified and don’t know what to do,” said Dennis Loy Johnson of Melville House, who is known for speaking his mind.

“Everyone’s afraid of Amazon,” said Richard Curtis, a longtime agent who is also an e-book publisher. “If you’re a bookstore, Amazon has been in competition with you for some time. If you’re a publisher, one day you wake up and Amazon is competing with you too. And if you’re an agent, Amazon may be stealing your lunch because it is offering authors the opportunity to publish directly and cut you out.

“It’s an old strategy: divide and conquer,” Mr. Curtis said.

Amazon executives, interviewed at the company’s headquarters here, declined to say how many editors the company employed, or how many books it had under contract. But they played down Amazon’s power and said publishers were in love with their own demise.

“It’s always the end of the world,” said Russell Grandinetti, one of Amazon’s top executives. “You could set your watch on it arriving.”

He pointed out, though, that the landscape was in some ways changing for the first time since Gutenberg invented the modern book nearly 600 years ago. “The only really necessary people in the publishing process now are the writer and reader,” he said. “Everyone who stands between those two has both risk and opportunity.”

Amazon has started giving all authors, whether it publishes them or not, direct access to highly coveted Nielsen BookScan sales data, which records how many physical books they are selling in individual markets like Milwaukee or New Orleans. It is introducing the sort of one-on-one communication between authors and their fans that used to happen only on book tours. It made an obscure German historical novel a runaway best seller without a single professional reviewer weighing in.

Publishers caught a glimpse of a future they fear has no role for them late last month when Amazon introduced the Kindle Fire, a tablet for books and other media sold by Amazon. Jeffrey P. Bezos, the company’s chief executive, referred several times to Kindle as “an end-to-end service,” conjuring up a world in which Amazon develops, promotes and delivers the product.

For a sense of how rattled publishers are by Amazon’s foray into their business, consider the case of Kiana Davenport, a Hawaiian writer whose career abruptly derailed last month.

In 2010 Ms. Davenport signed with Riverhead Books, a division of Penguin, for “The Chinese Soldier’s Daughter,” a Civil War love story. She received a $20,000 advance for the book, which was supposed to come out next summer.

If writers have one message drilled into them these days, it is this: hustle yourself. So Ms. Davenport took off the shelf several award-winning short stories she had written 20 years ago and packaged them in an e-book, “Cannibal Nights,” available on Amazon.

When Penguin found out, it went “ballistic,” Ms. Davenport wrote on her blog, accusing her of breaking her contractual promise to avoid competing with it. It wanted “Cannibal Nights” removed from sale and all mentions of it deleted from the Internet.

Ms. Davenport refused, so Penguin canceled her novel and is suing her to recover the advance.

“They’re trying to set an example: If you self-publish and distribute with Amazon, you do so at your own risk,” said Jan Constantine, a lawyer with the Authors Guild who has represented Ms. Davenport.

The writer knows her crime: “Sleeping with the enemy.” Penguin declined to comment.

If some writers are suffering collateral damage, others are benefiting from this new setup. Laurel Saville was locked out by the old system, when New York publishers were the gatekeepers. “I got lots and lots of praise but no takers,” said Ms. Saville, 48, a business writer who lives in Little Falls, N.Y.

Two years ago she decided to pay for the publication of her memoir about her mother’s descent from California beauty queen to street person to murder victim. She spent about $2,200, which yielded sales of 600 copies. Not horrible but far from earth-shaking.

Last fall, Ms. Saville paid $100 to be included in a Publishers Weekly list of self-published writers. The magazine ended up reviewing her memoir, giving it a mixed notice that nevertheless caught the attention of Amazon editors. They sent Ms. Saville an e-mail offering to republish the book. It got an editorial once-over, a new cover and a new title: “Unraveling Anne.” It will be published next month.

Ms. Saville did not get any money upfront, as she would have if a traditional publisher had picked up her memoir. In essence, Amazon has become her partner.

“I assume they want to make a lot of money off the book, which is encouraging to me,” said Ms. Saville, who negotiated her deal without an agent.

Her contract has a clause that forbids her from discussing the details, which is not traditional in publishing. The publicity plans for the book are also secret.

Can Amazon secretly create its own best sellers? “The Hangman’s Daughter” was an e-book hit. Amazon bought the rights to the historical novel by a first-time writer, Oliver Pötzsch, and had it translated from German. It has now sold 250,000 digital copies.

“The great and fascinating thing about Amazon’s publishing program is that there can be these grass-roots phenomena,” said Bruce Nichols of Houghton Mifflin Harcourt, which republished the novel this summer.

Ms. Saville no longer even contemplates a career with a traditional publisher. “They had their shot,” she said. She is now writing a novel. “My hope is Amazon will think it’s wonderful and we’ll go happily off into the publishing sunset,” she said.
https://www.nytimes.com/2011/10/17/t...ublishing.html





In a Battle of the E-Readers, Booksellers Spurn Superheroes
David Streitfeld

The tablet wars have begun. Superheroes are the prize — or perhaps the victim.

Amazon, seeking to make its coming Kindle Fire tablet as appealing as possible, negotiated a deal with DC Comics for the exclusive digital rights to a hundred popular graphic novels. Among the series: Superman, Batman, Green Lantern, the Sandman and Watchmen.

Barnes & Noble, with a tablet of its own to nurture, did not like this one bit. Two weeks ago it removed all the copies of the physical volumes from its 1,300 stores, saying it would not carry any book if it were denied the right to sell the digital version.

Books-a-Million, the third-largest bookseller with 231 stores, followed suit last week, making the same argument.

Booksellers of all sorts used to pride themselves on never removing any book from their shelves, but that tradition — born in battles over censorship — is fading as competitive struggles increase. Last year, in a sort of foretaste of the present conflict, Amazon temporarily removed the “buy” buttons for the publisher Macmillan as part of a struggle over e-book pricing.

This time, the stakes are once again high. The two chains are desperate to avoid becoming showrooms for Amazon’s digital warehouse, which would quickly send them to the bookstore graveyard like their former colleague Borders. DC Comics must stay relevant in a world where many of its young male fans read everything on mobile devices — not the most congenial medium for comics. And Amazon must preserve and extend its dominance.

In online comics forums and other places where the issue is being debated, everyone is unhappy with someone. Amazon is being accused by some of throwing its considerable weight around to the detriment of readers and the larger culture. DC Comics is being criticized by others of placing greed over its fans. Barnes & Noble is alternatively being accused of throwing its own weight around and of cutting off its nose to spite its face. Even the comics’ writers are getting some heat.

As Amazon seeks over the next few years to expand its tablet line, these collisions over content are likely to become routine. “It looks like content providers and online purveyors have a few more rounds to go before the Wild West is tamed,” said Lorraine Shanley, a publishing consultant.

DC Comics, a division of Warner Brothers, says it is being misunderstood. But on its own Web site, it said the books would be available “exclusively to Amazon’s newly announced Kindle Fire,” with no qualification. Even the possibility that fans could have access to the books on their iPads through the Kindle app seemed disallowed.

DC now says the books will be available on other e-readers through the Kindle app. “Just because we’re starting with Amazon, this is not the be-all and end-all of our digital strategy and distribution,” said Jim Lee, co-publisher of DC Entertainment, the parent company of DC Comics. He added, however, “We are not at liberty to discuss exactly when” the comics would be available on other e-readers, citing the company’s nondisclosure agreement with Amazon.

Amazon declined to comment about the deal.

DC executives seemed surprised at the speed with which they had alienated some of their devout fans. Some threatened piracy, like NinjaZilla, a poster on a comics forum who wrote: “What will me and my poor iPad do? I’m so sorry DC! Because it is not like I can download all those comics for free, oh wait yes I can, and now I guess I will and maybe I will download every comic DC produces while I am at it!”

Mr. Lee said, “We say to our fans, have a little patience.”

A lot of patience might be required. DC says it took two years of work with Amazon to complete the process of converting the comics into something that could be read and appreciated on the Kindle Fire.

Independent bookstores, which are rarely offered exclusives by publishers, argue that they are bad for consumers.

“A competitive retail market where products are available from lots of different places creates greater choice and a competitive pricing environment,” said Oren Teicher, chief executive of the American Booksellers Association. “Choice is better than no choice.”

Some readers certainly feel that way. Neil Gaiman, the author of the Sandman series, wrote on his blog that he got a “strange deluge of hate mail” after posting on Twitter about the dispute. A sample letter: “I was very excited when I heard that Sandman was coming out as an e-book, but was heartbroken when it was announced that I and my kids won’t have it on our readers.”

Mr. Gaiman, who said he knew nothing about the Amazon deal until it was announced, was critical of Barnes & Noble. “As the author of 12 percent of the books in question, I couldn’t understand why Barnes & Noble’s reaction to Amazon getting a digital exclusive was to effectively give Amazon and the independent stores a physical exclusive as well, and then to publicize that,” he wrote in an e-mail.

“On the other hand,” he added, “they’ve made their point, and other publishers will think twice before giving exclusives.”

The newsletter Publishers Lunch said Mr. Gaiman, the best-selling and award-winning author of “The Graveyard Book” and other fantasies, was among those invited to the second annual Campfire, organized by Jeffrey P. Bezos, Amazon’s chief executive. The secret event, where leading writers and intellectuals gather for three days of fun and discussion, was reportedly held last weekend in Santa Fe, N.M. Mr. Gaiman declined to say if he was there. Amazon had no comment.

The issue of availability has also surfaced with one of the biggest authors, J. K. Rowling. For the first time, the Harry Potter books will be available as e-books, but only through her own site, Pottermore. A Barnes & Noble spokeswoman said “that case is not the same,” and that it would continue selling the Potter books.

One group is watching the tablet war with a certain detached amusement: comic book stores.

“This fight between Amazon and Barnes & Noble is like the tide or a storm or an earthquake,” said Jack Rems, owner of the Escapist Comic Bookstore in Berkeley, Calif. “Nothing I can do about it.”

Well, there is one thing. Escapist is offering 20 percent off all the DC titles that the chains removed. Mr. Rems said he hoped the deal would bring some new business in the door.
https://www.nytimes.com/2011/10/19/t...l-with-dc.html





The Default Choice, So Hard to Resist
Steve Lohr

IN the wide-open Web, choice and competition are said to be merely “one click away,” to use Google’s favorite phrase. But in practice, the power of digital distribution channels, default product settings and traditional human behavior often matters most.

In a Senate hearing last month about Google, Jeremy Stoppelman, the chief executive of Yelp, pointed to that reality in his testimony. “If competition really were just ‘one click away,’ as Google suggests,” he said, “why have they invested so heavily to be the default choice on Web browsers and mobile phones?”

“Clearly,” he added, “they are not taking any chances.”

Indeed, Google made a big bet early in its history: In 2002, it reached a deal with AOL, guaranteeing a payment of $50 million to come from advertising revenue if AOL made Google its automatic first-choice search engine — the one shown to users by default. Today, Google pays an estimated $100 million a year to Mozilla, coming from shared ad revenue, to be the default search engine on Mozilla’s popular Firefox Web browser in the United States and other countries. Google has many such arrangements with Web sites.

Most economists agree that Google’s default deals aren’t anticompetitive. Rivals like Bing, the general search engine from Microsoft, and partial competitors like Yelp, an online review and listing service for local businesses, have their own Web sites and other paths of distribution. Choice, in theory, is one click away.

But most people, of course, never make that single click. Defaults win.

The role of defaults in steering decisions is by no means confined to the online world. For behavioral economists, psychologists and marketers, defaults are part of a rich field of study that explores “decision architecture” — how a choice is presented or framed. The field has been popularized by the 2008 book “Nudge,” by Richard H. Thaler, an economist at the University of Chicago and a frequent contributor to the Sunday Business section, and Cass R. Sunstein, a Harvard Law School professor who is now on leave and is working for the Obama administration. Nudges are default choices.

In decision-making, examples of the default preference abound: Workers are far more likely to save in retirement plans if enrollment is the automatic option. And the percentage of pregnant women tested for H.I.V. in some African nations where AIDS is widespread has surged since the test became a regular prenatal procedure and women had to opt out if they didn’t want it.

A study published in 2003 showed that while large majorities of Americans approved of organ donations, only about a quarter consented to donate their own. By contrast, nearly all Austrians, French and Portuguese consent to donate theirs. The default explains the difference. In the United States, people must choose to become an organ donor. In much of Europe, people must choose not to donate.

Defaults, according to economists and psychologists, frame how a person is presented with a choice. But they say there are other forces that make the default path hard to resist. One is natural human inertia, or laziness, that favors making the quick, easy choice instead of exerting the mental energy to make a different one. Another, they say, is that most people perceive a default as an authoritative recommendation.

“All those work, and that is why defaults are so powerful,” says Eric J. Johnson, a professor at the Columbia Business School and co-director of the university’s Center for Decision Sciences.

THE default values built into product designs can be particularly potent in the infinitely malleable medium of software, and on the Internet, where a software product or service can be constantly fine-tuned.

“Computing allows you to slice and dice choices in so many ways,” says Ben Shneiderman, a computer scientist at the University of Maryland. “Those design choices also shape our social, cultural and economic choices in ways most people don’t appreciate or understand.”

Default design choices play a central role in the debate over the privacy issues raised by marketers’ tracking of online consumer behavior. The Federal Trade Commission is considering what rules should limit how much online personal information marketers can collect, hold and pass along to other marketers — and whether those rules should be government regulations or self-regulatory guidelines.

Privacy advocates want tighter curbs on gathering online behavioral data, and want marketers to have to ask consumers to collect and share their information, presumably in exchange for discount offers or extra services. Advertisers want a fairly free hand to track online behavior, and to cut back only if consumers choose to opt out.

New research by a team at Carnegie Mellon University suggests the difficulty that ordinary users have in changing the default settings on Internet browsers or in configuring software tools for greater online privacy. The project, called “Why Johnny Can’t Opt Out,” has just been completed and the results have not yet been published. Forty-five people of various backgrounds and ages in the Pittsburgh area were recruited for the study.

To qualify as research subjects, they had to be frequent Internet users and express an interest in learning about protecting their privacy online. Each was interviewed for 90 minutes, and each watched a video showing how online behavioral advertising works.

Then, each person was given a laptop computer and told to set privacy settings as he or she preferred, using one of nine online tools. The tools included the privacy options on browsers like Mozilla Firefox and Microsoft’s Internet Explorer, and online programs like Ghostery and Adblock Plus, as well as Consumer Choice from the Digital Advertising Alliance.

The privacy tools typically proved too complicated and confusing to serve the needs of rank-and-file Internet users.

“The settings they chose didn’t block as much as they thought they were blocking, often blocking nothing,” says Lorrie Faith Cranor, a computer scientist at Carnegie Mellon who led the research.

Ms. Cranor says the research points to the need to simplify privacy software to few choices. “If you turn it on, it should be pretty privacy-protective,” she says. “The defaults are crucial.”
https://www.nytimes.com/2011/10/16/t...ne-or-not.html





From a Single Hashtag, a Protest Circled the World
Ben Berkowitz

It all started innocuously enough with a July 13 blog post urging people to #OccupyWallStreet, as though such a thing (Twitter hashtag and all) were possible.

It turns out, with enough momentum and a keen sense of how to use social media, it actually is.

The Occupy movement, decentralized and leaderless, has mobilized thousands of people around the world almost exclusively via the Internet. To a large degree through Twitter, and also with platforms like Facebook and Meetup, crowds have connected and gathered.

As with any movement, a spark is needed to start word spreading. SocialFlow, a social media marketing company, did an analysis for Reuters of the history of the Occupy hashtag on Twitter and the ways it spread and took root.

The first apparent mention was that July 13 blog post by activist group Adbusters (r.reuters.com/suc54s) but the idea was slow to get traction.

The next Twitter mention was on July 20 (r.reuters.com/tuc54s) from a Costa Rican film producer named Francisco Guerrero, linking to a blog post on a site called Wake Up from Your Slumber that reiterated the Adbusters call to action (r.reuters.com/vuc54s).

The site, founded in 2006 "to expose America's fraudulent monetary system and the evil of charging interest on money loaned," is a reference to the biblical verse Romans 13:11 that reads in part: "The hour has come for you to wake up from your slumber, because our salvation is nearer now than when we first believed."

Guerrero's post was retweeted once and then there was silence until two July 23 tweets -- one from the Spanish user Gurzbo (r.reuters.com/wuc54s) and one from a retired high school chemistry teacher in Long Island, New York named Cindy tweeting as gemswinc. (r.reuters.com/xuc54s)

Gurzbo's post was not passed along by anyone but Cindy's was, by eight people, including a Delaware-based opponent of the Federal Reserve, a vegan information rights supporter, a Washington-based environmentalist and an Alabama-based progressive blogger.

Again, there was relative silence for nearly two weeks, until LazyBookworm tweeted the Occupy hashtag again on August 5. (r.reuters.com/zuc54s) That got seven retweets, largely from a crowd of organic food supporters and poets.

Hashtag Revolt

The notion of Occupy Wall Street was out there but it was not gaining much attention -- until, of course, it did, suddenly and with force.

Social media experts trace the expansion to hyper-local tweeters, people who cover the pulse of communities at a level of detail not even local papers can match.

In New York, credit goes to the Twitter account of Newyorkist, whose more than 11,000 tweets chronicle the city in block-by-block detail. His was one of the first well-followed accounts to mention the protests in mid-September.

Trendistic, which tracks hashtag trends on Twitter, shows that OccupyWallStreet first showed up in any volume around 11 p.m. on September 16, the evening before the occupation of lower Manhattan's Zuccotti Park began. Within 24 hours, the tag represented nearly 1 of every 500 uses of a hashtag.

The first two weeks of the movement were slow, media coverage was slim and little happened beyond the taking of the concrete park itself. But then a demonstration on the Brooklyn Bridge prompted hundreds of arrests and the spark was ignited.

On October 1, #OccupyBoston started to show up on Twitter. Within a couple of weeks, #OccupyDenver and #OccupySD and others appeared.

The Occupy Wall Street page on Facebook started on September 19 with a YouTube video of the early protests. By September 22, it reached critical mass.

"Newcomers today, welcome! Feel free to post. Advertise your own pages of resistance. Network until it works," read one posting meant to inspire protests elsewhere.

For young activists around the world, who grew up with the Internet and the smartphone, Facebook and Twitter have become crucial in expanding the movement.

They are pioneering platforms like Vibe that lets people anonymously share text, photos and video over short distances for brief periods of time -- perfect for use at rallies.

"No one owns a (Twitter) hashtag, it has no leadership, it has no organization, it has no creed but it's quite appropriate to the architecture of the net. This is a distributed revolt," said Jeff Jarvis, a journalism professor at City University of New York and author of the well-known blog BuzzMachine.

Some reports say the protesters have raised as much as $300,000 in donations to cover everything from pizza to video equipment but others put the figure much lower.

The Alliance for Global Justice, which calls itself "the fiscal sponsor for Occupy Wall Street," has raised $23,200 via WePay.com.

Occupy Everywhere

As of Monday afternoon, Facebook listed no fewer than 125 Occupy-related pages, from New York to Tulsa and all points in between. Roughly 1 in every 500 hashtags used on Twitter on Monday, all around the world, was the movement's own #OWS.

The websites keep proliferating -- We Are the 99 Percent, Parents for Occupy Wall Street and Occupy Together, even the parody Occupy Sesame Street (concerned mostly with the plight of monsters living in garbage cans).

Online streaming video has also been a huge resource for the protesters, using cheap cameras and high-speed wireless Internet access.

Supporters, opponents and the merely curious got the chance last Saturday to watch the Occupy Wall Street protesters decide whether to occupy a major public park, Washington Square Park, in the Greenwich Village area.

They saw warnings the police were about to arrive in riot gear and with horses, vans and buses to take away protesters if there were mass arrests. Local media reported about 10 arrests among the 3,000 or so people in the park.

As the seconds to a possible confrontation ticked down, the tension led to various reactions from those watching online.

"Anyone arrested is a political prisoner," said one.

"Here comes Czar Bloomberg's Cossacks," said another, in reference to New York Mayor Mike Bloomberg and the appearance of the mounted police.

There were "we are watching" messages of support from cities across the United States and some who found it the best entertainment going on a Saturday night.

"So much more exciting than a TV show" was one comment.

(Reporting by Ben Berkowitz; Additional reporting by Martin Howell and Anthony DeRosa in New York; Editing by John O'Callaghan)
http://www.reuters.com/article/2011/...79G6E420111018





Andrew Breitbart's Pathetic Attempt to Smear Occupy Wall St.
Mark Howard

The last time Andrew Breitbart got any significant notice in the media was when he publicized the Twitter sexting of former congressman Anthony Weiner. It was a particularly repulsive bit of gossipy sensationalism that furthered no public interest, but ruined a man’s career (and possibly his family), just to satisfy Breitbart’s craving for attention and his obsession with destroying what he calls “the institutional left.”

That was four months ago and Breitbart must be getting antsy about having been ignored by the press ever since. Friday on his BigGoverment web site he has published an article asking his readers to comb through thousands of emails that he says are from OccupyWallStreet organizers. He claims to have acquired them from a “private cyber security researcher.” Breitbart provides links to download these emails so that his minions can scour them for evidence of “links to socialist, anarchist, and possibly even jihadist organizations.”

It’s not bad enough that right-wing media have attempted to portray the Occupy Movement as dirty hippies, lazy freeloaders, ignorant dupes, leftist traitors, godless heathens, diabolical Marxists, violent revolutionaries, and White House plants, Breitbart is adding Al-Qaeda terrorists to this list. If it wasn’t so dangerously provocative it would be moderately humorous. But Breitbart’s accusations are irresponsible and his activities may be illegal. The first paragraph of the story says…

Breitbart: “In keeping with the new media notion of crowdsourcing–enthusiastically embraced by the mainstream media when trawling through Sarah Palin’s emails–Big Government will be providing readers later today with links to a document drop consisting of thousands of emails.”

The correlation Breitbart draws between these emails and those of Sarah Palin is entirely inapplicable.Palin’s emails as governor of Alaska were released through a lawful process that requires communications by government officials to be available to the public. Both the state of Alaska and Palin’s attorneys had an opportunity to examine the emails for any privacy concerns and neither expressed any objection to their release.

Breitbart, however, is publishing emails that were expressly created by individuals for their personal use. They were private communications amongst people who did not grant their publication and were not advised of it. The emails were literally stolen by a hacker who admits that he gained access to them through deception and misrepresentation (social engineering). And Breitbart is now complicit in the crime by publishing the ill-gotten goods with full knowledge of their origins.

Anyone familiar with Breitbart’s Legacy of Sleaze will not be surprised by this latest atrocity. He previously was best known for unfairly smearing ACORN, Shirley Sherrod, and others, with videos that were deliberately edited to produce a false and negative impression.

It should be noted that, thus far, none of the emails that Breitbart or his lackeys have reviewed contain anything remotely embarrassing. That, however, hasn’t stopped him from lifting words like“destabalization” and “unrest” out of context to suggest something more devious than the public protesting that is protected by the Constitution. Breitbart will surely employ such tactics to demonize the movement, just as he did with his attacks on ACORN, etc. It’s hard-coded in his deviant nature.

Even if there are some unsavory comments sprinkled amongst the thousands of emails, they could not plausibly be attributed to the Occupy Movement as a whole because the movement has no leader or authoritative spokesperson. It would just be one person’s opinion. The possibility that someone in a group of passionate dissidents wrote something offensive is not inconceivable. But it is also not official doctrine and cannot honestly be represented as such. The key word there being “honestly.” If Breitbart finds something controversial he will no doubt try to tarnish the movement with the indiscreet remarks of a single, marginally associated individual.

In the telling of this story it must not be forgotten that the emails being reviewed by Breitbart & Co. were obtained in manner that is at least immoral. And this isn’t the only example of such despicable, and possibly unlawful, behavior on the part of right-wing activists.

Patrick Howell, an assistant editor for the uber-conservative American Spectator magazine, admitted to infiltrating OccupyDC for the purpose of undermining it. He then attempted to lead a group of protesters into storming the National Air and Space Museum in Washington. The protesters, being much smarter than Howell, did not play along. Howell stormed the museum alone and was pepper-sprayed by security.

Mark Williams, former spokesman for Tea Party Express, told his radio listeners that he was planning tosabotage union rallies with the intention of making them look “greedy and goonish.” And he beseeched his listeners to do the same. Williams was the one-time spokesperson for the Tea Party Express, but was dismissed for publishing a virulently racist article on his blog.

Mike Vanderboegh, a militiaman from Alabama, encouraged his followers to break the windows of Democratic offices with rocks and baseball bats. More recently Vanderboegh published a Photoshopped picture of Attorney General Eric Holder in a Nazi uniform.

Rush Limbaugh delivered a radio sermon in which he called for riots at the Democratic National Convention. The rant was titled “Screw the World! Riot in Denver!” He was specific in describing his objective as “burning cars, protests, fires, literal riots, and all of that.”

This illustrates just how afraid the right is of the 99% of Americans who are waking up to the injustice and corruption of the 1%. They are increasingly fearful that their free ride is over. When people like Rush Limbaugh call the Wall Street protesters “human debris;” when Glenn Beck asserts that they “will come for you and drag you into the streets and kill you;” it is all too clear that they have lost control of their senses. They are so deranged by fear that there is no limit to the absurdity of their claims and actions.

It also illustrates the sort of desperation that leaves the likes of Breitbart clinging to the hope that he can find damning rhetoric that he can misrepresent in emails that were illicitly acquired. And it isn’t going to end any time soon. This is something that progressives and occupiers are going to have to be aware of as the struggle proceeds. Vigilance of the conservative whack jobs and their media accomplices must be an ongoing focus of the campaign for economic justice.
http://www.alternet.org/story/152745...cupy_wall_s t.





A Day in the Life of Privacy
Jon-Louis Heimerl

Everyday we Make Compromises in the Face of Privacy, and None of us Have as Much Privacy as we Want.

As soon as I woke up this morning my privacy was compromised. My Android phone has GPS enabled so that the phone, and any widget on it, can determine my geolocation. I am pretty careful about checking the permissions on the widgets I install, but not everyone is, and even I am capable of making errors. My daughter was once checking permissions on a screen saver and found that the “coarse location” was one of the permissions requested. Can you imagine a single valid reason that a screen saver would need your location?

Neither could I.

Go Google “TaintDroid” for all the gory details, but a joint study by Intel Labs, Penn State, and Duke University reviewed 30 “popular” widgets. 15 of those widgets were found to gather and send users’ geolocation information to remote advertising servers, and seven sent phone identifier information, including the phone number and SIM card serial numbers to developers. A small sample size, but the percentages are staggering.

After breakfast, it was time for me to travel so I got in my car and drove downtown. Simple enough, right? Except for my car’s OnStar system. Although I let the free subscription run out after my first year, according to OnStar they are working out details to monitor the system even if I am no longer a subscriber. As it is, OnStar has the ability to track geolocation of my car at any time, as well as gather diagnostic information, including the speeds at which I have been driving my vehicle. According to OnStar they can share that information with law enforcement, credit card processors, and others – apparently I agreed to this when I signed my initial OnStar agreement. Hmm. I must have missed that paragraph. You can opt out of all data collection, but you have to contact OnStar directly yourself.

As I got downtown, I drove through an intersection that was monitored by a red-light camera. I am not sure that I like the idea of automated systems taking my picture, but since the light was green it theoretically did not take any pictures of me. But, these are the same types of cameras that reported a photograph of a friend running a red light, while that friend was actually out of town and his car was parked at the airport parking garage. Just sayin’…

I got downtown way easier than I had thought – thinking “better 30 minutes early than a minute late” had gotten me there 45 minutes before my meeting, so I stopped for coffee first. I opened my iPad at the coffee shop, and checked up on email and local news. I chuckled about the fact that the coffee shop had four wireless networks available. Although I knew that the one labeled “free internet access” was not the shop’s wireless network, I wondered how many of the other 20 or so people in the coffee shop had picked that one since it was the first one in the list of available networks. I connected to email via https session. If you have not read anything about wireshark (or fireshark for Firefox) you should. A person with malevolent intent can use wireshark to sniff your wireless packets, and grab cookies and other information from out of the air. You could, for instance, be logged onto Facebook, and they can sniff your authentication cookies, and use your Facebook account, effectively impersonating you, and Facebook would have no idea. That is, unless you have enabled “secure browsing,” so you can connect to Facebook through an https connection. Did you know, the “s” means that it is encrypted, and thus protected from sniffing? Enable this at account settings/security/secure browsing after you log onto Facebook.

I then drove into the parking garage, and found it interesting that they had a camera mounted above the ticket dispenser. From that angle and distance they could get clear images of both my license plate and my face as I took the ticket. Deep down I know this shouldn’t mean anything, but it made me feel like I should be covering my license and face.

The company I met with was using facial recognition for authentication to access their high security areas. I thought it was pretty cool, but it made me think of other facial recognition tools like Recognizr or AugmentedID by the Astonishing Tribe, or the MORIS system used by law enforcement. MORIS (Mobile Offender Recognition and Identification System) uses fingerprint and facial recognition software on an iPhone in conjunction with a fingerprint reader and the iPhone’s camera to identify someone in law enforcement databases. AugmentedID will let you take a picture of someone with your phone, and the app will search its database for a matching face. It seems like this is only a small step away from being able to search Facebook and other Social Media for matching photos, potentially matching a stranger to their social accounts, identifying the person by name, all based on a picture. This is coming—it’s only a matter of time. Stalker heaven is on its way.

Facebook Geolocation PrivacyAfter my meeting, I stopped at the store and picked up the newest X-Men movie that had just come out on blu-ray. During the purchase, the clerk asked for my zip code. Ostensibly, the purpose of the zip code would be to help authorize my credit card, but in reality, the zip code is most likely used in combination with my identifying information from my credit card, and matched with my name/address and my purchase. Maybe they are not using my credit card details, but that doesn’t mean they aren’t pulling my name off the card. The retailer then has this information available for additional marketing efforts, including targeted ads, as well as selling the information to other retailers. Now, if the consumer’s name is “Bill Smith” the retailer may have a hard time finding that address, but with a name like mine it is a piece of cake. Personally, I politely declined to give up my zip code – all three times I was asked for it. For reference, in California it is now illegal for a retailer to ask for your zip code with most credit card purchases.

Then I stopped for groceries since we did not have everything for supper (coffee blackened steak with Cabernet reduction and rosemary-thyme roasted potatoes). I paid for everything on the fingerprint reader at the register that is tied to my credit card information on file at the store. So, yes, the grocery store has my credit card information and records of all my grocery purchases, along with my name and address.

Now, if I had an iPhone, I might worry about the detailed geolocation data that Apple is storing on my device – for as long as a year originally, but limited to a week in an update. The issue is that the device still gathers and stores the information locally. By all appearances, the information never leaves the phone, and is only used by your phone, on your phone. But that assumes we don’t have any Apple Apps looking for this information and passing it on like we already know is done by some Android widgets.

After groceries, I stopped for a drink, and my friend checked us in with Foursquare. Easy enough, he updated his location with his own phone. The good news about Foursquare is that it does not actively track your location. You have to explicitly “check-in”. Now, that didn’t stop him from checking in with me. It made me wonder if law enforcement officials watch things like Foursquare to help identify parties that may include considerable consumption of alcoholic beverages. I think I would. Since I was behind the wheel, I enjoyed my soda and drove home – drinking and driving is not my thing:

Jon H. in Minneapolis

Not enjoying my stay @ Hennepin County lockup

Facebook did away with “Places” but they still support location services with features that let you share “Where you’ve been,” “Where you are now,” and “Where you’re going.” By default, Facebook locations are turned on for all posts, but you can turn them off at any time. Using geolocation features like those from Foursquare and Facebook are completely voluntary, and you have control over whether you share anything at all. You are in control, but you have to exercise that control, since you can also define who has access to see your location information. If you leave your viewable information as “Public”, be aware that anyone who has access to your posts can see where you are, as in “not home.” At this point you should go check out PleaseRobMe.com, if you have not done so already.

My friend also checked me in with Facebook. Note that, by default, your Facebook account is configured to allow someone else to post your location. You can limit this by turning on “Profile (Timeline) Review.” This will let you approve or reject posts in which you have been tagged before they go on your timeline. Unfortunately, I had not changed my settings since Facebook’s latest update, so, yes, I also had my location posted up on Facebook as well, that I was at a pub with a senior employee of my one of my company’s competitors – like I really wanted that obvious. While, technically, sharing my geolocation information is voluntary, the only reason I really shared it was because I had not yet changed the default settings.

Some of my privacy concerns are small, and some are larger. Some are personal preference. My point is that everyday, all day, we make compromises in the face of privacy, and that, in reality, probably none of us have as much privacy as we want.

And, by the way, the coffee-blackened steak was delicious.
https://www.securityweek.com/day-life-privacy





EU Parliament Debates Installing A Black Box On Your Computer
BSOD

EU MEP Tiziano Motti (Italy), wants everything you do online to be logged and saved, for the sake of the children. Like a black box installed on every computer. He proposes an early warning system of criminal activity, specifically whenever an image of sexually abused children is detected, an alarm, goes to the authorities to be able to see who uploaded it.

MEP Lars Christian Engstrom (Sweden) did not take so favorably to the proposal, and responded with this:

If it were China, North Korea or Saudi Arabia who had proposed this, what would we say then? It's scary in a democratic Europe to even hear a politician suggest such a thing. It is so absurd that I really hope we never have to discuss it seriously in Parliament.

Tiziano Motti was a politician who just over a year ago managed to get a majority of European Members of Parliament to support the proposal to expand the data storage directive to Google searches. The purpose was to protect children from pedophiles - the same excuse he is using now.

His proposal involves a technology called Logbox. And just as with an aircraft's black box, Logbox is installed on computers, laptops, smartphones, and e-readers because yes, all that can be connected to the internet.

Former Piratbyran founder and current telecomix hactivist Marcin de Kaminski says:

The proposal claims to be based on users' rights and claims they are protected, that they should feel safe. He writes at the beginning that he did not want to create a new Big Brother Society. But then the whole document is about just that.

Marcin says (marcink on irc) that Motti has not analyzed through his proposal properly.

For him, the Internet is a tool to "save the children". But he does not realize that he might ruin the lot.

Although Mottis' current proposal is not directly linked to the Data Retention Directive, he believes it is safe, Marcin is skeptical at best.
http://activepolitic.com:82/News/201...ompute r.html





UK Committee Suggests Libel Rules For Websites
Steve McCaskill

A parliamentary committee suggests websites should be required to remove anonymous libels

A joint Parliamentary committee has said that websites should have protection from defamation cases if they respond swiftly to allegedly libellous comments from anonymous posters.

It says that websites which identify authors and publish complaints alongside comments should get legal protection.

Hidden identity

The recommendation is part of a wider review into the UK’s defamation laws aimed at promoting free speech and reducing the “unacceptably” high costs of libel cases. Currently, websites are liable for defamatory statements made by their users and if they fail to remove a comment which prompts a complaint, they risk becoming the “primary publisher” of the statement.

The committee proposes a “notice and takedown procedure” whereby complaints are displayed alongside the offending comments and the complainant can then apply for a takedown order at a court, as long as the author is identified. If a website does not comply, then they should be treated as the publisher of the comment.

However anonymous comments should still be immediately removed from the website unless the author volunteers their identity. Conversely, websites can apply for a “leave-up” order if they believe an anonymous comment is on a matter of “significant” public interest.
Anonymity “discourages responsibility”

The committee has criticised anonymous comments saying that although they may “encourage free speech”, they “discourage responsibility” and hopes that such reforms would lead to a general recognition that such posts are unreliable.

However Mumsnet co-founder Justine Roberts told the BBC that many of its users rely on using user names as opposed to their real name as it provides them with the freedom to speak honestly about difficult subjects.

The site currently receives about ten complaints a month, a figure it fears would increase should the committee’s recommendations be enforced.

The Committee has also proposed the introduction of a “single publication rule” which would give potential claimants only one year from the allegedly defamatory material’s date of publication to launch libel action. Currently this year-long window of opportunity restarts every time an article is downloaded or accessed from the internet.

The report is published amid a backdrop of an ongoing debate about libel laws in the UK. In May, the British High Court issued an injunction to Facebook and Twitter that prevented them from publishing damaging information online and in August, Atos Healthcare, the company responsible for doling out government incapacity benefit, began threatening legal action against websites and forums which aggregated patient’s experiences, accusing them of libel.
http://www.eweekeurope.co.uk/news/pa...otection-43069





Germans Condemn Police Use of Spyware
Nicholas Kulish

A group that calls itself the Chaos Computer Club prompted a public outcry here recently when it discovered that German state investigators were using spying software capable of turning a computer’s webcam and microphone into a sophisticated surveillance device.

The club, a German hacking organization, announced last Saturday it had analyzed the hard drives of people who had been investigated and discovered that they were infected with a Trojan horse program that gave the police the ability to log keystrokes, capture screenshots and activate cameras and microphones. The software exceeded the powers prescribed to the police by Germany’s Federal Constitutional Court.

The public condemnation was swift and strong, renewing a national debate into how far the government can intrude into digital privacy. The Frankfurter Allgemeine Zeitung, a major newspaper, called the revelation a “worst-case scenario for data security.” Germany’s justice minister, Sabine Leutheusser-Schnarrenberger, demanded an inquiry into the matter, saying that citizens “must be protected from snooping with strict state control mechanisms.”

Peter Schaar, the federal commissioner for data protection, called for Parliament to enact legislation to put an end to the “gray area” between lawful and unlawful searches and surveillance on computers.

“In my opinion, this kind of infiltration through software is a deeper intrusion and a greater risk than simply listening in on a phone line,” Mr. Schaar said in an interview. “The Bundestag has to decide to what extent something like this is allowed and to what extent it is restricted,” Mr. Schaar said, referring to the German Parliament.

Germans are particularly sensitive to questions of privacy and data collection as a result of their experiences under the Nazi dictatorship, where personal details could be a matter of life and death. As a result, the country has some of the strongest data protection laws in the world, elevating an individual’s right to privacy above any perceived public right to know.

“Now Germans are beginning to recognize that this is a core problem of all people,” said Bernd Schlömer, the vice chairman of Germany’s Pirate Party, a new party that recently won 8.9 percent of the vote in Berlin’s state elections and emphasizes Internet freedom and online privacy issues. He compared the awakening toward the significance of online privacy to the growing awareness of environmental problems in the 1960s and ’70s.

In 2007, Germany’s Interior Ministry announced that it had developed software that could scan the hard drives of terrorism suspects. The Federal Constitutional Court responded the next year with a ruling that limited such incursions and guaranteed “confidentiality and integrity in information technology systems.”

Federal investigators said that they were not using this software, but several states, including Lower Saxony and Baden-Württemberg admitted that they had employed it.

“In essence it is about how we fight crime in a digital age,” said Dieter Wiefelspütz, an expert on domestic security with the left-leaning Social Democrats. Far-reaching computer surveillance “shouldn’t be used for car thieves but instead for the most serious crimes. That has to be considered in the laws,” he said.

Officials in Bavaria have said they had used the spying software to monitor suspects’ e-mails and phone calls over the Internet and have captured tens of thousands of screenshots in cases involving theft, fraud and illegal performance-enhancing drugs.

Officials have denied employing the software’s capability of seizing control of computers’ cameras and microphones, technology that evokes action films.

The debate in Germany is evidence of the degree to which technology has permeated everyday lives, where friendships are made and nurtured on social-networking sites, and photographs and diaries are stored on hard drives. Privacy advocates argue that the difference between what authorities can glean from a telephone conversation and what can be discovered on a computer is as broad as the distance between what one says out loud and what one is thinking to oneself.

“Our private data are our stored thoughts,” Mr. Schlömer said.

Security experts say the German debate over police surveillance of computers and the demands for legislation restricting the practice will increasingly be necessary across the globe as the kinds of communication captured through wiretaps shift more and more to encrypted programs like Skype.

But the software discovered by the hacker group, dubbed “State Trojan” or “R2D2,” after a line of code including the Star Wars robot’s name, can do more than eavesdrop on phone calls. It was the ability to remotely control computers that led to charges from leading politicians that the state had crossed into Orwellian territory.

“People have some idea of the risks they face online from criminals,” said Mikko H. Hypponen, the chief research officer at F-Secure Corporation, an Internet security firm based in Helsinki, Finland. “I don’t think they really know exactly the same methods are used against them by governments, that Germany, France, the United States could be doing this.”

Analysts, as well as the hackers who discovered the software, said the programming was amateurish. “We were surprised by how bad the quality of the code was,” said Frank Rieger, a spokesman for the Chaos Computer Club. A team of about 10 people analyzed the software for the group before they announced the results.

The hackers said that the program also left the computers open to further malicious attacks, the equivalent of the police’s leaving the back door of a house open after searching it.

Still, the program falls short of what the most sophisticated hackers, organized criminals and other thieves of credit card and banking information have at their disposal.

Victor Homola contributed reporting.
https://www.nytimes.com/2011/10/15/w...-software.html





German Federal Trojan Eavesdrops on 15 Applications, Experts Find

The R2D2 surveillance Trojan also has support for 64-bit Windows systems
Lucian Constantin

A Trojan used by German law enforcement authorities to intercept Internet phone calls is capable of monitoring traffic from 15 programs, including browsers and instant messaging applications.

The discovery was made by malware analysts from antivirus vendor Kaspersky Lab, who took apart the so-called lawful surveillance software, dubbed 0zapftis, Bundestrojaner or R2D2 by the security community. The Trojan was initially analyzed by famous German hacker collective the Chaos Computer Club (CCC), which determined that Skype is one of its targets.

The Trojan's installer deploys five components, each with a different purpose, and Kaspersky has analyzed all of them, said Tillmann Werner, a security researcher with Kaspersky in Germany.

"Amongst the new things we found in there are two rather interesting ones: Firstly, this version is not only capable of running on 32 bit systems; it also includes support for 64 bit versions of Windows," he said. "Secondly, the list of target processes to monitor is longer than the one mentioned in the CCC report. The number of applications infected by the various components is 15 in total."

The list of targeted applications includes major browsers, including Internet Explorer, Firefox and Opera, as well programs with VoIP and data encryption functionality, including ICQ, MSN Messenger, Yahoo Messenger, Skype, Low-Rate VoIP, CounterPath X-Lite and Paltalk.

On 32-bit Windows systems the Trojan uses a kernel-mode rootkit that monitors targeted processes and injects rogue libraries into them. However, on 64-bit platforms, the system driver is much more basic and only serves as an interface to modify registry entries or the file system.

Furthermore, it is signed with a certificate that isn't trusted under Windows by default. This means that deploying the Trojan requires user confirmation, which might not necessarily be a problem for authorities, because they reportedly install it during border searches or similar interventions.

Kaspersky said its products detected the Trojan installer heuristically even before a sample was analyzed and signatures were added for it. However, those tools may not help if outsiders can manually add an exception in the program. Computer users can prevent outsiders from doing this by using a password to protect their antivirus configurations, and most products offer this option.
http://www.itworld.com/security/2147...s-experts-find





Säpo Wants More Power to Spy on the Internet

Swedish security service Säpo and national police investigators want to see new legislation that will make it easier for them to carry out surveillance on the internet.

Both Säpo and the National Bureau of Investigation (Rikskriminalpolisen) want to be better able to use the internet to reveal terror plans and other serious crimes.

Options under discussion are the ability to infiltrate discussion groups and carry out surveillance using false identities, the Dagens Nyheter (DN) newspaper reports.

“After Anders Behring Breivik's och Taimour Abdulwahab's terror attacks, we have to ask the question if the virtual world can trigger people to commit heinous crimes. If it can, we have to be there. We have to patrol the net,” Säpo head Anders Danielsson told the newspaper.

Both attacks have prompted Swedish police and Säpo to review their surveillance methods so they can more easily identify individuals who lack an economic motive and have no criminal history, yet are nevertheless prepared to commit violent acts.

An inquiry into possible changes is expected to be completed by the end of the year and may result in Säpo asking the government to update Swedish legislation.

The challenge, according to Danielsson, is coming up with an effective way to patrol the internet.

“We have the virtual world where we must be self-critical and pose the question: How can we, in a democratic way, keep tabs on what's happening there?” he said.

“Should the police be on Facebook so that people can turn there in the same way they can approach a police officer on the street? Someone may want to say something about talk of strange or unpleasant things in a Facebook group. How can we create that possibility? Should we infiltrate the internet? Then we're into legal questions? Can we do that?”

Danielsson added that the issues involved with how Swedish law enforcement patrols the internet are not only legal, but also ethical and moral.

In addition, privacy concerns must also be taken into account.

“A quesiton which always comes up, if we take Breivik as an example, is how long the state should go in finding a person who has very evil intentions? Should we check everyone who buys fertilizer? There are plenty of legitmate reasons for buying it,” he told DN.

“In a democratic society, can we not offer some guarantees that we can prevent this type of perpetrator?”
http://www.thelocal.se/36852/20111020/





Court Orders French Cop-Watching Site Blocked
Eric Pfanner

A court here has ruled that French Internet service providers must block access to a Web site that shows pictures and videos of police officers arresting suspects, taunting protesters and allegedly committing acts of violence against members of ethnic minorities.

Law enforcement officials, who had denounced the site as an incitement to violence against the police, welcomed the decision.

“The judges have analyzed the situation perfectly — this site being a threat to the integrity of the police — and made the right decision,” Jean-Claude Delage, secretary general of the police union, Alliance Police Nationale, told Agence France-Presse.

But free speech advocates reacted with alarm, saying the ruling, issued Friday, reflected a French tendency to restrict Internet freedoms.

The site, called Copwatch Nord Paris I-D-F, is an offshoot of the so-called cop-watching groups that appeared in the United States in the 1990s. In the United States, the courts have generally ruled that filming the police is protected by free speech guarantees in the U.S. Constitution.

In France, there is no equivalent to the First Amendment to the U.S. Constitution, which bars Congress from making any law “abridging the freedom of speech, or of the press.” President Nicolas Sarkozy has called for the development of a “civilized Internet,” promoting stricter law enforcement in the digital sphere, in areas ranging from protecting copyright to preventing the spread of child pornography.

“This court order illustrates an obvious will by the French government to control and censor citizens’ new online public sphere,” said Jérémie Zimmermann, spokesman for La Quadrature du Net, a Paris-based organization that campaigns against restrictions on the Internet.

The police had said they were particularly concerned about portions of the site showing identifiable photos of police officers, along with personal data — including some cases in which officers are said to express far-right sympathies on social networks.

The initial complaint against the site was filed by a Paris police officer who said he had received a bullet in his mailbox after his picture had appeared on the site. He was joined by other officers.

The case was then taken up by Claude Guéant, the French interior minister. He had asked the court to issue an order blocking only certain pages of the site — those showing the most sensitive personal information. But Internet service providers argued that this would be impossible, given that they had been unable to identify the host of the site or its creators.

The French Association of Internet Access and Service Providers said it was relieved that it had not been asked to try to “filter” the site in this way. It said that while it did not want to encourage the blocking of sites, it did not object as long as the judicial process had been followed.

“As long as the necessary safeguards are respected, members will be happy to comply with the judicial decision,” said Nicolas d’Arcy, legal adviser to the association.

Cop watching is not exactly new; in 1991, the beating of a black motorist, Rodney King, by Los Angeles police officers was videotaped by a bystander with a camcorder. The acquittal of three of the officers a year later led to widespread rioting in the city.

In Berkeley, California, an organization claiming to be “the original Copwatch group” had already been set up in 1990. From there, the movement spread to other U.S. cities, adopting the Web and other tools as digital technology advanced. Eventually, it crossed the Atlantic to Britain and, now, France.

A report by Amnesty International in 2009 was sharply critical of the French record on police brutality, as well as the authorities’ response. “Allegations of beatings, racial abuse, excessive force and even unlawful killings by French police are rarely investigated effectively and those responsible are seldom brought to justice,” the report said.

The police union said violence against police officers had been on the rise, too. On Friday, for example, an officer was killed in the city of Bourges by a knife-wielding assailant, the police said.

The “I-D-F” in the name of the French site is short for “Île-de-France,” the region that includes Paris and its suburbs, the scene of frequent tension between the police and young members of ethnic minority groups.

The court ordered that the site be blocked immediately, but it was still accessible late Friday.
https://www.nytimes.com/2011/10/17/t...e-blocked.html





Aging ‘Privacy’ Law Leaves Cloud E-Mail Open to Cops
David Kravets

President Ronald Reagan signed sweeping privacy legislation in 1986 that has morphed into a government backdoor to acquire Americans' online communications

Twenty-five years ago Friday, President Ronald Reagan signed legislation that for the first time provided Americans with sweeping digital-privacy protections.

The law came at a time when e-mail was used mostly by nerdy scientists, when phones without wires hardly worked as you stepped out into the backyard, and when the World Wide Web didn’t exist. Four presidencies later, the Electronic Communications Privacy Act has aged dramatically, providing little protection for citizens from the government’s prying eyes — despite the law’s language remaining little changed.

The silver anniversary of ECPA has prompted the nation’s biggest tech companies and prominent civil liberties groups to lobby for updates to what was once the nation’s leading “privacy” legislation protecting Americans’ electronic communications from warrantless searches and seizures.

Without such a change, the police will continue to be able to get Americans’ e-mail, or their documents stored online that are more than 6 months old, without having to acquire a judge’s permission, as long as the authorities promise it is “relevant” to a criminal investigation.

Yet there appears to be little government willpower to alter course. Apathy and outright opposition are keeping a giant swath of Americans’ electronic communications exposed to warrantless government surveillance.

It wasn’t always that way.

In the beginning, ECPA protected Americans’ e-mail from warrantless surveillance — despite ECPA allowing the government to access e-mail without a court warrant if it was 6 months or older and stored on a third-party’s server. The tech world now refers to these servers as “the cloud,” and others just think of Hotmail, Yahoo Mail, Facebook and Gmail.

ECPA was adopted at a time when e-mail, for example, wasn’t stored on servers for a long time. Instead, e-mail was held there briefly before recipients downloaded it to their inbox on software running on their own computer.

During the Reagan administration, e-mail more than six months old was assumed abandoned, and that’s why the law allowed the government to get it without a warrant. At the time, there wasn’t much of any e-mail for the authorities to acquire because a consumer’s hard drive — not the cloud — hosted their inbox.

But technology has evolved dramatically following EPCA’s passage. E-mail often remains stored on cloud servers indefinitely, in gigabytes upon gigabytes. That means the authorities may access gigs of e-mails, or other cloud-stored content, without warrants if it’s older than six months. The law, believe it or not, still considers as abandoned any e-mail or other files housed on servers for more than 6 months.

In the age of online services such as Gmail, Dropbox, Salesforce.com and Facebook — just to name the big ones, that assumption is both outdated and dangerous.

Congress had enough foresight in the Reagan years to set privacy rules for electronic communications, regardless of how primitive those communications tools seem in retrospect. Now those same rules grant the authorities vast surveillance powers against the public, and there appears to be near-unanimous congressional support for that.

Legislation that would require police to get warrants to access any cloud data was proposed five months ago by Sen. Patrick Leahy (D-Vermont), the powerful Judiciary Committee chair.

The Obama administration has blasted Leahy’s proposal. And SB1011 has yet to obtain a single co-sponsor. Leahy, in marking ECPA’s anniversary, announced Thursday he would bring the bill to his committee for a vote by year’s end, despite it being doomed for lack of Republican or administration support.

“Since the Electronic Communications Privacy Act was first enacted in 1986, ECPA has been one of our nation’s premier privacy laws,” Leahy said in a statement. “But, today, this law is significantly outdated and outpaced by rapid changes in technology and the changing mission of our law enforcement agencies after Sept. 11. Updating this law to reflect the realities of our time is essential to ensuring that our federal privacy laws keep pace with new technologies and the new threats to our security.”

The bill is likely to clear the Democratic-controlled Judiciary Committee. But the measure’s chance of ultimately landing on an unreceptive president’s desk are slim, given the de facto filibuster Senate Republicans are using to fight any legislation they didn’t write.

And we’re not just talking about protecting e-mail privacy, either.

ECPA allows the government to obtain, without a warrant, any content stored in the cloud — such as files in a Dropbox account, if it’s older than six months. It goes without saying that there was no such thing as cloud-storage services available for the average Joe Sixpack when Reagan was president. Now those services have become mainstream, yet the Reagan-era law applies.

For instance, Apple’s new iCloud storage service came out last week. In another six months, consumers’ data stored on iCloud will begin to be up for grabs and become accessible to the government via its subpoena power, absent a court warrant.

And that’s how the administration wants it.

James A. Baker, associate deputy attorney general, said so during an April public hearing on Leahy’s proposal.

Congress should recognize the collateral consequences to criminal law enforcement and the national security of the United States if ECPA were to provide only one means — a probable cause warrant — for compelling disclosure of all stored content. For example, in order to obtain a search warrant for a particular e-mail account, law enforcement has to establish probable cause to believe that evidence will be found in that particular account. In some cases, this link can be hard to establish.

How often the authorities request cloud-stored e-mail or data without a warrant is unclear, as neither the feds nor companies that hold such data are willing to share it. A coalition called Digital Due Process, which includes civil rights groups and some of the biggest players affected by ECPA, such as Dropbox, AOL, Microsoft and Google, want the law changed to protect their customers’ privacy.

“A single e-mail is subject to multiple different legal standards in its life-cycle, from the moment it is being typed to the moment it is opened by the recipient to the time it is stored with the e-mail service provider,” the group said. “To take another example, a document on a desktop computer is protected by the warrant requirement of the Fourth Amendment, but the ECPA says that the same document stored with a service provider may not be subject to the warrant requirement.”

A federal appeals court ruled last year, however, that warrants for e-mail stored in the cloud for more than six months required a warrant. The 6th U.S. Circuit Court of Appeals ruling, however, only applies to Kentucky, Michigan, Ohio and Tennessee.

The 6th Circuit case centered on Steven Warshak, founder of an Ohio herbal-supplement company that marketed male-enhancement tablets. As part of a fraud investigation, the government obtained thousands of his e-mails from his ISP without a warrant. He appealed his 25-year conviction on those and other grounds, and prevailed.

“The Fourth Amendment must keep pace with the inexorable march of technological progress, or its guarantees will wither and perish,” the appellate court ruled.

The government did not appeal to the Supreme Court, meaning the circuit’s decision does not set nationwide, binding precedent.

Given that neither Congress nor the administration is moving in the direction of allocating more civil liberties, especially in the aftermath of 9/11, it might be wise not to hold one’s breath waiting for change. That’s a fact understand all too well in Washington.

Consider that it took 19 years of lobbying by the American Civil Liberties Union and others to pass legislation President Barack Obama signed last year narrowing the sentencing disparity between crack and cocaine convictions.

When it comes to lobbying for ECPA reform, Chris Calabrese, the ACLU’s legislative counsel, said “we’re in it for the long haul” and referred to the two decades the organization pushed for the drug-sentencing change.

“That kind of gives you the time frame we’re willing to work in,” he said. “It’s not what we want. We can’t control these things. We just do the best we can.”
http://www.wired.com/threatlevel/201...s-twenty-five/





Facebook Accused of Violating US Wiretap Law

'Like' cookies tracked users, even when logged out
Dan Goodin

A Mississippi woman has accused Facebook of violating federal wiretap statutes by tracking her internet browsing history even when she wasn't logged onto the social networking site.

In a lawsuit filed on Wednesday in federal court in the northern district of Mississippi, Brooke Rutledge of Lafayette County, Mississippi, also asserted claims for breach of contract, unjust enrichment, trespassing, and invasion of privacy.

The complaint, which seeks class-action status so other users can join, comes three weeks after Australian blogger Nik Cubrilovic published evidence that Facebook “Like” buttons scattered across the web allowed Facebook to track users' browsing habits even when they were signed out of their accounts.

“Leading up to September 23, 2011, Facebook tracked, collected, and stored its users' wire or electronic communications, including but not limited to portions of their internet browsing history even when the users were not logged-in to Facebook,” the 17-page complaint stated. “Plaintiff did not give consent or otherwise authorize Facebook to intercept, track, collect, and store her wire or electronic communications, including but not limited to her internet browsing history when not logged-in to Facebook.”

The complaint claims the behavior violated provisions of Facebook's own privacy policy that state: “If you're logged out or don't have a Facebook account and visit a website with the Like button or another social plugin, your browser sends us a more limited set of information. For example, because you're not logged in to Facebook, we don't receive your User ID.”

But according to Cubrilovic Facebook cookies containing unique identifiers remain on a user's hard drive and are sent back to the social network each time he visits a third-party site containing a Facebook Like icon.

“Even when you are logged out, Facebook still knows and can track every page you visit,” Cubrilovic wrote.

Facebook has since said that many of the cookies Cubrilovic referred to are intended to foil spam and phishing attacks and that not all of the data sent back to the social networking site is logged.

Wednesday's complaint is the latest to seek redress for alleged privacy violations that result from cookies and other files that websites use to track the browsing habits of their visitors. In the past 18 months, Disney, Microsoft, McDonalds, and others have all been sued, often for using technologies that respawn tracking cookies even after users have deleted them. Many of them have been tossed out of court because plaintiffs couldn't quantify monetary damages that resulted from the practice.

Facebook representatives didn't respond to an email seeking comment for this post.
http://www.theregister.co.uk/2011/10...cking_lawsuit/





HOW TO: Spy on the Webcams of Your Website Visitors
Feross Aboukhadijeh

I discovered a vulnerability in Adobe Flash that allows any website to turn on your webcam and microphone without your knowledge or consent to spy on you.

It works in all versions of Adobe Flash that I tested. I’ve confirmed that it works in the Firefox and Safari for Mac browsers. Use one of those if you check out the live demo. There’s a weird CSS opacity bug in most other browsers (Chrome for Mac and most browsers on Windows/Linux).

Clickjacking + Adobe Flash = Sad Times!

This attack works by using a neat variation of the normal clickjacking technique that spammers and other bad people are using in the wild right now. For the uninitiated:

Clickjacking is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages.
— Wikipedia

Combine clickjacking with the Adobe Flash Player Setting Manager page and you have a recipe for some sad times.

Background

I took a computer security class (Stanford’s CS 155) last quarter and really enjoyed this research paper on framebusting and clickjacking. After reading it, I checked out a few popular sites to see if it was possible to clickjack them. After a couple hours, I had no success.

But, then I stumbled upon this blog post entitled “Malicious camera spying using ClickJacking” where the author shows how to clickjack the Adobe Flash Settings Manager page to enable users’ webcams. He accomplishes this by putting the whole settings page into an iframe and making it invisible. Then, unsuspecting users play a little game and unwittingly enable their webcams. Adobe quickly added framebusting code to the Settings Manager page (why wasn’t it there in the first place?), and the attack stopped working.

But alas, the same attack is actually still possible.

How my attack works

Instead of iframing the whole settings page (which contains the framebusting code), I just iframe the settings SWF file. This let me bypass the framebusting JavaScript code, since we don’t load the whole page — just the remote .SWF file. I was really surprised to find out that this actually works!

I’ve seen a bunch of clickjacking attacks in the wild, but I’ve never seen any attacks where the attacker iframes a SWF file from a remote domain to clickjack it — let alone a .SWF file as important as one that controls access to your webcam and mic!

The problem here is the Flash Player Setting Manager, this inheritance from Macromedia might be the Flash Player security Achilles heel.

— Guya.net

I built a quick proof-of-concept demo to show how it works.

Important: The demo is only guaranteed to work in Firefox and Safari for Mac. Right now, it doesn’t work in most other browsers since you can’t change the opacity or the z-index of an iframed swf file. However, I discovered a workaround that involves multiple iframes, but haven’t implemented it yet since it’s a bit complicated. But, I’m pretty sure that it’s possible to make it work everywhere, given enough time.

The code is also available on Github.

I should also mention that my demo builds heavily off of the ideas and work done by the dude who runs this blog (I couldn’t find his name).

Also: If you’re a bit leery about running the demo… I promise I’m not saving the webcam video. I just display it back to you so you can see that it works. However, if an attacker used this technique, they would almost certainly NOT show you any sign that your cam is on. You’re only hope of finding out that something’s up is your webcam indicator light (if you have one).

Why release this?

I reported this vulnerability to Adobe a few weeks ago through the Stanford Security Lab. It’s been a few weeks and I haven’t heard anything from Adobe yet. I think it’s worth sharing it with the world now, so that Adobe pays attention and fixes it more quickly.

Although every browser and OS is theoretically susceptible to this attack, the process to activate the webcam requires multiple highly targeted clicks, which is difficult for an attacker to pull off. I’m not sure how useful this technique would actually be in the wild, but I hope that Adobe fixes it soon so we don’t have to find out.

Further reading

If you want to learn more about clickjacking and framebusting, you should read the excellent Busting Frame Busting: a Study of Clickjacking Vulnerabilities on Popular Sites (PDF) paper by Gustav Rydstedt, Elie Bursztein, Dan Boneh, and Collin Jackson.
http://www.feross.org/webcam-spy/





Skype Flaw Can Reveal Users' Identity, Location, Filesharing Habits
Matthew DeCarlo

Security researchers have revealed vulnerability that could allow an attacker to identify a person, track their location and monitor their filesharing habits. In a paper titled "I Know Where You are and What You are Sharing: Exploiting P2P Communications to Invade Users' Privacy," the experts draw attention to real-time communication applications such as Skype.

The group discovered how to call Skype users without them realizing, allowing the caller to secretly nab someone's IP address. This is accomplished by blocking certain packets and quickly terminating the call before the recipient is alerted. It can performed even if the victim is connected behind an NAT firewall or if they specifically block calls from non-contacts.

An IP address can be geolocated with relative precision and many users connect from mobile devices, so an attacker could perform that stealth call and track someone's rough whereabouts over any given duration. The researchers tracked one volunteer from a New York university to Chicago, back to the school and Brooklyn lodging, then to his home in France.

Once you have someone's Skype identity, it's generally not hard to find them on other social platforms such as Facebook or LinkedIn. Among other things, this could reveal more details about your location. "If we had followed the mobility of the Facebook friends of this user as well, we likely would have determined who he was visiting and when," the authors said.

One could easily discover a victim's name, age, address, profession, employer and more. The researchers specifically noted that this could be abused by marketers to create an inexpensive profile database on targets. They estimated that it would cost a marketer $500 a week or less to track 10,000 users -- but the flaw has deeper implications than that.

In an experiment, the researchers scanned the top 50,000 BitTorrent files and linked 400 Skype users to downloads. Again, Skype users often share their full contact details, including their name and location. We doubt this information would (could?) be used by copyright regulators in court, but plenty of unsavory individuals would surely take advantage.

"We believe this could be used by various people to stalk, blackmail, or defraud Internet users in general and P2P filesharing users in particular," said Keith Ross of the Polytechnic Institute of NYU. "These findings have real security implications for the hundreds of millions of people around the world who use VoIP or P2P file-sharing services."

"A hacker anywhere in the world could easily track the whereabouts and filesharing habits of a Skype user -- from private citizens to celebrities and politicians." The researchers notified Skype about the issue nearly a year ago but it hasn't been resolved. They plan to present their paper at the Internet Measurement Conference 2011 in Berlin on November 2.
http://www.techspot.com/news/45945-s...ng-habits.html





Android Chief Says Your Phone Should Not Be Your Assistant

Andy Rubin thinks there is a lot of potential for phones to be more useful companions, but says he is not interested in turning Android devices into personal assistants.

“I don’t believe that your phone should be an assistant,” the Android chief said in an interview on Wednesday just after appearing on stage at AsiaD. “Your phone is a tool for communicating. You shouldn’t be communicating with the phone; you should be communicating with somebody on the other side of the phone.”

Of course, several million people have already gone out and bought the iPhone 4S, which has as one of its chief selling points the voice-controlled assistant known as Siri.

Rubin said the jury is still out on whether people will take to talking to their phones to control them.

“To some degree it is natural for you to talk to your phone,” Rubin said, but historically that has meant talking to another person. As for talking to your phone without actually trying to connect to another person, Rubin says he’s not so sure. “We’ll see how pervasive it gets.”

Rubin noted that one of his Android co-founders, Rich Miner, had a cellphone speech company called Wildfire, while General Magic also pursued the idea.

“This isn’t a new notion,” he said. “In projecting the future, I think Apple did a good job of figuring out when the technology was ready to be consumer-grade.”
http://allthingsd.com/20111019/andro...our-assistant/





BlackBerry Outage Made Roads Safer, Police Claim
Graham Cluley

Driving with BlackBerryAccording to media reports, police in the United Arab Emirates have given a surprising explanation for a dramatic fall in traffic accidents last week: drivers' BlackBerrys weren't working.

It's claimed that last week's worldwide BlackBerry outage, which frustrated business people around the world who were unable to communicate with their colleagues, had one positive result - less texting and reading of emails by people who should have been concentrating on driving instead.

Road traffic accidents in Abu Dhabi are said to have dropped by 40%, and there was a 20% reduction in Dubai in the past week.

According to The National newspaper, Lt Gen Dahi Khalfan Tamim, the chief of Dubai Police, and Brig Gen Hussein Al Harethi, the director of the Abu Dhabi Police traffic department, both linked the drop to the service disruption experienced by BlackBerry users.

"Absolutely nothing has happened in the past week in terms of killings on the road and we're really glad about that," Brig Gen Al Harethi told the newspaper. "People are slowly starting to realise the dangers of using their phone while driving. The roads became much safer when BlackBerry stopped working."

There may be another explanation for the reduction in mobile-phone related traffic accidents in the UAE, however.

Theyab AwanaAt the end of last month, popular UAE footballer Theyab Awana was killed in a high speed crash near Abu Dhabi, and it was claimed that he was sending a message on his BlackBerry when he hit a lorry.

The football star's father, Awana Ahmad Al Mosabi, made an emotional plea to people not to use smartphones while driving, and a Facebook campaign against the use of BlackBerry Messenger while driving has grown in popularity.

Of course, texting messages or reading emails while you are in charge of a motor vehicle is insane. You aren't just putting yourself at risk, you're putting other innocent travellers in peril as well.

If you need any convincing, here's a shocking video that was made to highlight the danger. Please note: the video is graphic and may be upsetting to some people.

Whether you believe the police are right that the BlackBerry outage contributed to the reduction in road traffic accidents or not, please don't text and drive.
http://nakedsecurity.sophos.com/2011...-police-claim/





NoScript Anywhere Released, Supports Firefox Mobile on Android Devices
Dennis Fisher

The new version of NoScript, the popular browser add-on that blocks JavaScript and other embedded objects from running on Web pages, is out in alpha form and it can now run on Android-based smartphones, giving users protection against script-based attacks on their mobile devices.

The release of NoScript Anywhere includes a variety of new features, but it's the support for Firefox Mobile that is the big attraction. The add-on for Android devices is meant to mimic the desktop version, giving users the ability to set permissions for each individual site and use a default policy for restricting content. NoScript also now includes an anti-clickjacking feature and an anti-XSS filter designed to protect users from cross-site scripting attacks. The new version also works on Maemo-based phones and tablets.

"The mobile-focused UI is focused on making 'normal' usage as easy as it is now in NoScript at least, whereas more advanced options (per-site granular permissions, hierachical permissions depending on the hosting page and so on) will be available in the desktop UI and synchronizable with mobile device via Firefox Sync," the release notes for the add-on say.

JavaScript and other kinds of embedded content on Web pages often is used by attackers in various attack scenarios to either redirect users to a malicious site or to exploit a vulnerability in the user's browser to install malware. Often, these attacks are executed by compromising a group of legitimate Web sites and then placing malicious JavaScript on the site. That code will then automatically redirect users to another site where malware is hosted. This is the kind of technique that's being used in many of the mass SQL injection attacks that have been going on for a couple of years now.

NoScript by default will block JavaScript on any site that users visit, but they have the ability to set granular permissions for each individual site to allow scripts on certain pages. Users of the new version, which now can be installed without restarting the browser, can take these permissions even further.

"Furthermore, while the in-page permission UI has been greatly simplified and optimized for touchscreen consumption, NoScript for Mobile In-Page Permissions UI the underlying engine has been redesigned to allow deep per-site customization at the single permission level (e.g. making Flash permanently work by default on site X but not on site Y, even if JavaScript is allowed on both, or causing restrictions on a certain embedded object to depend on its parent page’s address)," NoScript developer Giorgio Maone wrote in a blog post about the release of NoScript Anywhere.
https://threatpost.com/en_us/blogs/n...devices-101711





Ballmer Slams Android as 'Cheap,' Doomed, as Android Lengthens its Lead by Two Big Steps

Ice Cream Sandwich is cool; NSA/Army Android mod will outsrip Blackberry security
Kevin Fogarty

Microsoft's Steve Ballmer picked the wrong day to try to build up the image of market trailer Windows Phone 7 by trash-talking Android for what he called its overly complex interface, the "cheap" phones it runs on and its inevitable domination by an upcoming wave of marginally improved hardware running Windows Phone.

At the Web. 2.0 Summit in San Francisco this morning, Ballmer said both the phones and interface customers get with Microsoft's phone OS are just better than anything Android offers. It's not his fault he did it on a day Android took another two big steps forward to lengthen its already big lead over Microsoft's offering.

"The biggest advantage we have over Android is that you don’t need to be a computer scientist to use a Windows Phone," Ballmer said. "But the cheapest phones will be Android, and we are going to have to look at bringing the cost of our handsets down."

Which, if I'm translating the FUD correctly into English, that Windows Phone hardware is too expensive and the UI is so overwritten it slows down even the more expensive phones.

It was just poor timing that the CEO of the company with the most underperforming smartphone operating system would slam the market leader on the same day Google announced yet another widely praised, anxiously anticipated update of its OS for what Ballmer called "cheap" phones.

Mostly unnoticed but still significant was the announcement today that Google, the National Security Agency (NSA) and George Mason Univ. are building a hardened kernel for Android that will make it secure enough to be used for sensitive government and military communications.

Security has never been Windows' strong suit, but Android has taken over as the target of choice for malware writers and hackers looking for easy, largely unsecured targets.

Antivirus and security apps are filtering into the market, but even the Android Market hasn't mastered the relatively minor art of not downloading malware onto its customers.

Under the Army's Connecting Soldiers to Digital Applications (CSDA) program, however, a hardened version of Android 3.0 is two stages of security certification away from being accepted as a secure cell-phone option for the military, according to Government Computer News.

The hardened version uses Secure Sockets Layer certification to help confirm the identity of the user, the phone and the network over which the message is sent.

The hardened version of Android is being tested now for certification under the Federal Information Processing Standard 140-2, which sets cryptographic standards for devices being used for communication of anything with a security rating lower than Classified.

After that it only needs SSL certificates to authenticate users and devices, and the hardened version will be off to the races – or off to the battlefield, depending on your preferences.

The push for secure Android came partly from the military, which is interested in replacing insecure, often unreliable radios with cell phones for basic communications. Extra pressure came from the White House, which the Obama Administration has been trying to convert from Blackberry to Android devices almost since Obama took office, according to GCN.

The hardened kernel will be more secure than Blackberry is now, but it won't be Ice Cream Sandwich – the purposely trivializing nickname for Android version 4.0, which Google announced this morning in Hong Kong.

The new version supports software-only GPS controls, rather than requiring capacitive buttons, a faster camera and secure Near Field Communications (NFC) for applications such as Google Wallet.

The first device it was demo'ed to run on is the Galaxy Nexus, which comes with a 1.2-Ghz dual-core processor, high-def Super AMOLED 4.65-inch display with 1280x780 resolution for full video, a 5 megapixel camera with no shutter lag and 1080p HD video recording.

It also comes with a phone-locking system based on facial recognition, offline search for Gmail and Android Beam, the NFC function it hopes will be used by more apps than just Google Wallet.

The package was enough to impress ITWorld Open Discussion blogger Brian Proffitt, if not Steve Ballmer.

The SDK and more information is available here, in case you're interested.

Ballmer said the new line of Windows Phones will be out in time for Christmas and will beat both Apple and Android on its merits. Microsoft is also beating Google in the cloud applications market, he said – a lead that will only increase after Windows 8 ships, Ballmer said.

Despite Microsoft's own solid record in attempts to warp reality, Steve Jobs was always praised as the king of reality modification and emitter of a personal reality distortion field.

Now that he's gone, it's good to see Ballmer trying to carry on the tradition, albeit in a way that's more difficult to use and less elegant than Jobs always managed.
http://www.itworld.com/mobile-wirele...-two-big-steps





Georgia Tech Turns iPhone Into spiPhone
Michael Terrazas

It’s a pattern that no doubt repeats itself daily in hundreds of millions of offices around the world: People sit down, turn on their computers, set their mobile phones on their desks and begin to work. What if a hacker could use that phone to track what the person was typing on the keyboard just inches away?

A research team at Georgia Tech has discovered how to do exactly that, using a smartphone accelerometer—the internal device that detects when and how the phone is tilted—to sense keyboard vibrations and decipher complete sentences with up to 80 percent accuracy. The procedure is not easy, they say, but is definitely possible with the latest generations of smartphones.

“We first tried our experiments with an iPhone 3GS, and the results were difficult to read,” said Patrick Traynor, assistant professor in Georgia Tech’s School of Computer Science. “But then we tried an iPhone 4, which has an added gyroscope to clean up the accelerometer noise, and the results were much better. We believe that most smartphones made in the past two years are sophisticated enough to launch this attack.”

Previously, Traynor said, researchers have accomplished similar results using microphones, but a microphone is a much more sensitive instrument than an accelerometer. A typical smartphone’s microphone samples vibration roughly 44,000 times per second, while even newer phones’ accelerometers sample just 100 times per second—two full orders of magnitude less often. Plus, manufacturers have installed security around a phone’s microphone; the phone’s operating system is programmed to ask users whether to give new applications access to most built-in sensors, including the microphone. Accelerometers typically are not protected in this way.

The technique works through probability and by detecting pairs of keystrokes, rather than individual keys (which still is too difficult to accomplish reliably, Traynor said). It models “keyboard events” in pairs, then determines whether the pair of keys pressed is on the left versus right side of the keyboard, and whether they are close together or far apart. After the system has determined these characteristics for each pair of keys depressed, it compares the results against a preloaded dictionary, each word of which has been broken down along similar measurements (i.e., are the letters left/right, near/far on a standard QWERTY keyboard). Finally, the technique only works reliably on words of three or more letters.

For example, take the word “canoe,” which when typed breaks down into four keystroke pairs: “C-A, A-N, N-O and O-E.” Those pairs then translate into the detection system’s code as follows: Left-Left-Near, Left-Right-Far, Right-Right-Far and Right-Left-Far, or LLN-LRF-RRF-RLF. This code is then compared to the preloaded dictionary and yields “canoe” as the statistically probable typed word. Working with dictionaries comprising about 58,000 words, the system reached word-recovery rates as high as 80 percent.
“The way we see this attack working is that you, the phone’s owner, would request or be asked to download an innocuous-looking application, which doesn’t ask you for the use of any suspicious phone sensors,” said Henry Carter, a PhD student in computer science and one of the study’s co-authors. “Then the keyboard-detection malware is turned on, and the next time you place your phone next to the keyboard and start typing, it starts listening.”

Mitigation strategies for this vulnerability are pretty simple and straightforward, Traynor said. First, since the study found an effective range of just three inches from a keyboard, phone users can simply leave their phones in their purses or pockets, or just move them further away from the keyboard. But a fix that puts less onus on users is to add a layer of security for phone accelerometers.

“The sampling rate for accelerometers is already pretty low, and if you cut it in half, you start to approach theoretical limitations that prevent eavesdropping. The malware simply does not have the data to work with,” Traynor said. “But most phone applications can still function even with that lower accelerometer rate. So manufacturers could set that as the default rate, and if someone downloads an application like a game that needs the higher sampling rate, that would prompt a permission question to the user to reset the accelerometer.”

In the meantime, Traynor said, users shouldn’t be paranoid that hackers are tracking their keystrokes through their iPhones.

“The likelihood of someone falling victim to an attack like this right now is pretty low,” he said. “This was really hard to do. But could people do it if they really wanted to? We think yes.”

The finding is reported in the paper, “(sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers,” and will be presented Thursday, Oct. 20, at the 18th ACM Conference on Computer and Communications Security in Chicago. In addition to Carter, Traynor’s coauthors include Georgia Tech graduate student Arunabh Verman and Philip Marquardt of the MIT Lincoln Laboratory.
http://www.gatech.edu/newsroom/release.html?nid=71506





Verizon Wireless Now Collecting Your Web, Location, App Data
Sara Yin

For the last month, Verizon Wireless has been notifying customers through email of a major change to its default privacy setting: it will begin collecting your Web browsing history, cell phone location and app usage, for third-party marketing purposes.

You can opt out of such surveillance, although Verizon has promised not to share any identifiable information with these third-party companies.

If you stay opted in, you'll eventually start seeing more personalized ads while surfing on your mobile devices, or even when using Verizon FiOS Internet, DSL, or other dial-up services, said Verizon Wireless spokesman Jeffrey Nelson.

The revisions all have to do with a new targeted advertising service that Verizon is offering other companies. The Verizon Online relevant ads program is two-fold. First, it produces business and marketing reports, and second, Verizon aims to sell more targeted ad space.

"For the business and marketing reports offered by Verizon Wireless, records about Web sites visited, cell phone locations and other consumer data will be combined (or aggregated) to compile reports that provide businesses with insights about their customers," Nelson said. "For example, these insights may include the demographics (age ranges, gender, etc.) and interests (such as 'pet lovers' or 'tennis enthusiasts') of visitors to a Web site, or commuters who might pass an outdoor billboard. These aggregate reports could be used by Web publishers to help provide content that is more appealing to users, or to help advertisers better select the ads they will display on outdoor billboards or at other venues."

As for those who are concerned about Verizon collecting their data on an opt-out basis, Nelson said "protecting data and safeguarding privacy are high priorities at Verizon."

Similar information is already collected by Google, Facebook, AOL, and others. Didn't get an email from Verizon? Check your inbox for a message sent by "Verizon Notification" with subject line, "Service Update - Manage Your On-Line Preferences."

You can read about all the changes on Verizon's Web site, or check out Verizon's chart on the changes below. The Web form to opt out is also available online, or you can call Verizon at 1-866-211-0874.
http://www.pcmag.com/article2/0,2817,2394625,00.asp





New Malicious Program by Creators of Stuxnet Is Suspected
John Markoff

The designers of Stuxnet, the computer worm that was used to vandalize an Iranian nuclear site, may have struck again, security researchers say.

Stuxnet, which infected tens of thousands of computers in 155 countries last year, created an international sensation when experts reported that it was designed as an American-Israeli project to sabotage Siemens Corporation computers used in uranium enrichment at the Natanz site.

The researchers say the new malicious program, which they call Duqu, is intended to steal digital information that may be needed to mount another Stuxnet-like attack.

The researchers, at Symantec, announced the discovery on the company’s Web site on Tuesday, saying they had determined that the new program was written by programmers who must have had access to Stuxnet’s source code, the original programming instructions.

“Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party,” the Symantec researchers said. “The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility.”

They said the Duqu program was found in Europe in a narrowly limited group of organizations, “including those involved in the manufacturing of industrial control systems.”

In contrast to Stuxnet, Duqu has been found in only a handful of organizations to date. The program is designed to last 36 days and then remove itself from the system it infected.

Like Stuxnet, Duqu tries to prove its authenticity by using a stolen digital certificate, this one apparently taken from a Taiwanese company. Symantec officials were able to revoke the security certificate after it was discovered stolen because the company owns the VeriSign authentication service that controls the certificate infrastructure.

The Symantec posting, and a related technical paper, raised a new mystery of its own. The company said it had been alerted to the new malware by a “research lab with strong international connections,” but declined to identify it further or say whether it was governmental or private.

According to Vikram Thakur of Symantec, the organization decided not to come forward because it wanted to protect the identity of the victim organization. The technical paper did include this comment from the team that apparently discovered the malware: “As we are in academia, we have limited resources to analyze malware behavior.”

Mr. Thakur added that in the two days since Symantec had received its initial malware sample, the security firm had received other variants of the program, which also appear to be aimed at makers of industrial control equipment.

The researchers identify a wide variety of similarities between Duqu and Stuxnet and said that the new program could not have been written without having access to the original programmer’s instructions. It has been previously noted that Stuxnet had both an attack capability as well as the ability to spy on the computers it infiltrated.

Security researchers have argued that the Stuxnet attackers were able to gather valuable intelligence information about the Iranian nuclear program as well as damage the control equipment at Natanz.

The Symantec researchers said they had not been able to determine how the Duqu code reached its target. Stuxnet used a wide range of system vulnerabilities, leading to speculation that it could have been written only by an organization with the resources of a national intelligence agency. Mr. Thakur said of Duqu, “This is extremely sophisticated, this is cutting edge.”
https://www.nytimes.com/2011/10/19/t...ive-again.html





Catching the Next WikiLeaker
Eli Lake

A year after the most expansive leak of classified information in U.S. history, the intelligence community is deploying refined big-brother software to monitor the spies’ lifeblood: their computer networks.

It is like a scene out of the television show 24. An intelligence officer is surfing a top-secret government file that is out of his normal work portfolio. A computer program alerts a “data analyst,” who then monitors the officer’s computer activity. If the officer acts like a potential leaker, sending an encrypted email or using an unregistered thumb drive, the analyst might push a button and watch a screen video of the officer’s last hour of work. Once a case is made that a leak might be imminent, it is checkmate: the agent is thwarted.

That is the kind of scenario Ryan Szedelo, the manager for Raytheon’s SureView software, is describing this week for intelligence professionals in San Antonio shopping for new gizmos at the annual GEOINT conference. The government is already beginning to use the software and others like it in a concerted effort to clamp down on secret leaks.

“SureView is designed to capture the next Bradley Manning,” Szedelo said of the Army private who uploaded hundreds of thousands of classified documents from the military’s secret Internet protocol router network (SIPRnet) onto a remote server affiliated with WikiLeaks.

With his secret clearance, Manning had access not only to the raw intelligence reports in Iraq, but also to aircraft videos, analysis from the field in Afghanistan, and candid diplomatic cables from U.S. embassies all over the world.

“Had SureView been on Bradley Manning’s machine, no one would know who Bradley Manning is today,” Szedelo said in an interview.

SureView is a type of auditing software that specializes in “behavior-based internal monitoring.” It is designed to identify and catch what is known in the counterintelligence trade as the “insider threat,” a trusted user who is willing to steal the secrets he or she is obliged to protect.

Until very recently, WikiLeaks had many leaders of the U.S. intelligence community willing to pull back the kind of intelligence sharing started in earnest after the Sept. 11, 2001, attacks. Last October, Director of National Intelligence James Clapper said at a speech in Washington that “the WikiLeaks episode represents what I would consider a big yellow flag.” He added, “I think it is going to have a very chilling effect on the need to share.”
wikileaks-security-lake

Protesters advocating the release of Bradley Manning on March 20, 2010, in Quantico, Va., Evelyn Hockstein, The Washington Post / Getty Images

Today Clapper is taking a different tone. This week at GEOINT, the annual trade show for the intelligence industry, Clapper said one of his top priorities was to merge intelligence collection with intelligence analysis, a process that by definition would require much more sharing among the 16 U.S. intelligence agencies under his direction.

What has changed in the last year is the technology to catch the next big leaker.

“The trick is, can we allow robust sharing for analytical and operational purposes and protect the information at the same time?” House Intelligence Committee Chairman Mike Rogers (R-Mich.) said in an interview. “I argue yes, there are lots of ways to do it.”

Rogers said he favors something called “smart access,” where an intelligence analyst not only would be monitored but would have to be cleared or authenticated to enter specific servers outside his or her purview. “These are just trip wires. I prefer you have to knock on the door to get in—you should need to be authenticated to get into the next level.”

The intelligence community has had auditing software for years. SureView came on the market in 2002. But the programs were buggy and often prone to false positives, alerting a network administrator too often to routine behavior. In the last year, according to three U.S. intelligence officials who asked not to be named, the software has become more automated and easier to apply to larger databases.

“The technology has gotten substantially better in the last year,” said Jeffrey Harris, a former head of the National Reconnaissance Office, the intelligence agency responsible for launching spy satellites. “The problem with audit files was it took an army of people to understand them. Now we have rule-driven systems and expert systems that help us reason through the data.”

Charles Allen, who served as the first intelligence chief for the Department of Homeland Security, said the base where Manning was stationed in Iraq did have auditing software in place that could have caught him, but it was not yet implemented. “In the future, military intelligence units in the war zones and elsewhere will ensure there is a strong audit capability,” he said.

Allen has a point. Earlier this month, President Obama signed a new executive order on protecting classified information. The order created a new “insider threat task force” inside the intelligence community, chaired by the attorney general and the director of national intelligence.

The new directive from the White House is driven in part by new technology. The budget for this kind of counterintelligence software is still secret, but judging from the trade-room floor, it’s a major draw for the U.S. government. The Science Applications International Corporation (SAIC) is offering a software system called Checkmate to detect external threats. A companion product still in development for the internal threat is called Inmate.

This kind of auditing software is one growth area in a new era of shrinking intelligence budgets, Lynn Dugle, president of Raytheon Intelligence and Information Systems, told The Daily Beast. “We absolutely think there will be growth in the insider threat–internal monitoring market,” she said.

Trevor Timm, an activist for the Electronic Frontier Foundation who closely watches the legal issues raised by WikiLeaks, said: “The government has every right to secure their own networks, but if they want to really stop leaks, they need to stop classifying so much information that is not really secret.” Timm added: “The government classified a staggering 77 million documents last year, a 40 percent increase on the year before. And a recent report to Congress showed 4.2 million people have classified security clearances. That’s more than the city of Los Angeles. As long as the government won’t address this underlying problem, people will always find ways to leak, no matter the security.”
http://www.thedailybeast.com/article...xt-leaker.html





Confusion Reigns as Government Announces Porn Ban
Stewart Mitchell

BT, Virgin Media, Sky and TalkTalk have all agreed to put blocks on porn reaching consumers, according to various reports in the national press, with several reports suggesting that consumers will be forced to opt-in if they want to view adult content.

Those reports have been dismissed by the ISPs, who claim customers will be asked to make a choice over whether they want filtering on their connection or not. Adult content blocks will not be implemented by default.

What the big four ISPs are actually doing

The ISPs will use a variety of a measures to attempt to prevent children from accessing inappropriate content. Some will offer network-level filtering, which prevents any computer or device on the home network from accessing adult content; others will use PC-based software that doesn't protect smartphones or tablets connected to the home Wi-Fi.

While there has been a swelling tide of conservatism in recent months, with MP Claire Perry and the Bailey Report seeking further protection for children, campaigners believe the plans could stray into censorship and warn the industry must guard against heavy-handedness.

"There is a world of difference between offering sensible child safety, and trying to persuade adults to live with layers of censorship,” said Jim Killock, executive director of the Open Rights Group.

"The devil is therefore in the detail, and how 'options' are presented. Will adults be asked if they need parental controls, or if they want to switch adult content on? We will oppose anything designed to induce adults to live with censorware, which would inevitably deny them access to commentary, health and medical advice."

PC Pro has been told that the Government plans would involve only new subscribers being offered parental controls when they are connected, which would be acceptable to campaigners, but there are fears the plans could involve retrospective options, too.

“If it turns out to be more like adults being asked if they want to turn porn on, then that's very different,” Killock said. “You are asking people to opt in to censorship, and how does one adult in a house decide what's right for others – suddenly people can't access legitimate contents about issues such as health, sexuality and whatever else it's decided should be censored.

“ISPs need to keep this to child safety and if it presented as that, then it may be quite acceptable, but if the Government is pushing it as an option to turn porn on or off then that is a completely different discussion,” Killock said.
http://www.pcpro.co.uk/news/broadban...unces-porn-ban





Britain's Broadband Censors: a Bunch of Students
Nicole Kobie

A small team of students decides what content should be blacklisted by several of Britain's leading ISPs, McAfee has admitted.

McAfee creates blacklists of online content, categorising sites into pornography, gambling or 30 other definitions, in order to let ISPs block them.

BT and Sky use McAfee's lists for their parental controls, which a new Government-sponsored code of conduct requires them to offer to all customers. The system is already used by tens of thousands of users around the world, McAfee said.

However, there's no way to view the list of sites that are blocked and appeals are at the discretion of McAfee, meaning incorrectly categorised sites could be wrongfully blocked. And, despite the inherent subjectivity in labelling pornography and the like, the categorisation of such websites is left to a small team with little training.

The overall process is mostly automated, with McAfee's system looking for keywords on a site to classify it. "We have crawlers that try to classify websites automatically," Toralv Dirro, a security strategist at McAfee's Avert labs told PC Pro. "If there’s any doubt, we do have a team of people that take a look at a website and correct a classification if it’s necessary.”

The team also looks at more sensitive subjects, such as pornography. “In those cases, it takes a human to take a look at it, to figure out if it’s more hardcore or if it’s more of an erotic website – that’s really something that automation couldn’t do reliably.”

Rating team

The team responsible for covering McAfee's customers worldwide is made up of between five to ten people. "I think it’s a fairly popular job for students," Dirro said. "The training is basically going through a number of websites and the various ratings so they get a basic idea. I’m not quite sure how exactly they work, but it would normally be one person who does a rating and one person who double checks it."

“You could probably start rating websites after one day of seeing various categories," he said. "It’s really not that difficult.”

However, he admits the very sites the small team is asked to judge are those that are the most subjective. “Drawing the line between erotic and hardcore pornography is probably the most difficult," he said. "Another thing is websites that go into extreme left or right side [politically], but still do news or something like that."

"So that can be difficult to differentiate between a normal website and one categorised as hate or something like that," Dirro said. "There is very often a grey zone. That is why we have that team of people and their judgement to do that."

"With pornography, it also depends on the cultural aspect, what you think pornography is," Dirro admitted. "In the Middle East, people think completely differently about what pornography is than the UK, for example. So there are several categories, such as hardcore pornography or erotic websites."

Dirro admitted there can be difficulties when a mainstream site features material that could be deemed pornographic to some people.

“Maybe they had pornographic or erotic stuff on their site, which for example could happen with a newspaper site, if they have the 'Page 3' picture of a woman on the front page, then it may suddenly be rated as erotic," Dirro noted. "But then when the picture vanishes, it could be rated as a normal site.”

Normally, the entire site would be banned, not only the offending page. However larger sites such as The Sun have "markers" to prevent them from being slotted into a category and subsequently blocked.

"If it’s a small news site with erotic content on it, this could be one of the cases where it’s wrongly classified, and we’d have to go and fix it.”

Appeals

The lists aren't made public, and McAfee doesn't notify sites when they're added, so it's difficult to know which are blocked unless you're using the service.

"The list is constantly changed and updated... there's no way you can obtain the complete list from us," Dirro said, adding McAfee would never publish the full list for intellectual property reasons. "If you published that list, anyone could just take it and use it and create their own products. For this reason alone it simply won’t happen that we release that list."

A site owner could contact McAfee and ask if it's been put in any categories, but it's not easy to get the full picture. "We're not the only company that offers that kind of rating, so then they'd have to send an email to what, 50 companies on the planet? 100?"

If a site has been wrongly categorised, which Dirro admitted does happen, the site owner can open a ticket with support to get it changed. If McAfee refuses to change it, there's "not really much” that a site can do, Dirro admitted. End users can add manual exclusions to access a site if they want to see one that's been blocked, however.

Dirro said he's "not aware" of any legal action taken against McAfee because of a site being categorised incorrectly.
http://www.pcpro.co.uk/news/broadban...ch-of-students





23 Swedish Women Guilty in Child Porn Case

All 23 women on trial for possessing and distributing child pornography were convicted by a Swedish court on Tuesday, along with a 43-year-old man believed to be the mastermind behind the network.

The Falu District Court in central Sweden sentenced the 43-year-old Lars Skoglund from Borlänge to one year in prison for aggravated child pornography crimes.

The court handed the women, who are aged between 38 and 70, suspended sentences and ordered them to pay fines ranging from 2,500 kronor to 18,000 kronor ($375 to $2,691).

The verdict comes almost a year to the day that police conducted raids at several locations across the country, arresting more than 20 women.

The raids came following the arrest of Skoglund last September, who was in the possession of 1,181 still shots and 40 films featuring child pornography.

Skoglund then came in contact with the women via internet chat rooms and gradually convinced them to accept files containing child pornography.

The images and films depict children being raped in various ways by adults. In some instances, the children were tied up.

Internet chat messages sent between the women and Skoglund achieve with “good measure” the need to prove that the women chose to accept the images from Skoglund, the court found.

In assessing the severity of the crimes, the court also took into consideration that most of the women, while capable of taking responsibility for their actions, were nevertheless "psychologically unstable".

According to the court, Skoglund “took advantage of their poor mental states and desire for human contact”.

The women, several of whom had short-lived sexual relationships with Skoglund, did not have large quantities of the illicit material in their possession and thus were charged with lower level crimes.

The court added that, had the women never met Skoglund, most of them would have never come into contact with child pornography.

"If Lars Skoglund had not led their conversations onto the subject of child sex, most of these women would probably never have come into contact with child pornography," the court found.

Prosecutors had argued Skoglund should be sentenced to a year in prison and that the women should receive conditional sentences.

“I agree that there should be stiff penalties, but it's a question of judicial policy where the minimum level should be,” prosecutor Niclas Eltenius told the TT news agency before the verdict was announced.

The case has received a great deal of attention in Sweden and abroad because all but one of the defendants were women.
http://www.thelocal.se/36812/20111018/





Parents Urged Again to Limit TV for Youngest
Benedict Carey

Parents of infants and toddlers should limit the time their children spend in front of televisions, computers, self-described educational games and even grown-up shows playing in the background, the American Academy of Pediatrics warned on Tuesday. Video screen time provides no educational benefits for children under age 2 and leaves less room for activities that do, like interacting with other people and playing, the group said.

The recommendation, announced at the group’s annual convention in Boston, is less stringent than its first such warning, in 1999, which called on parents of young children to all but ban television watching for children under 2 and to fill out a “media history” for doctor’s office visits. But it also makes clear that there is no such thing as an educational program for such young children, and that leaving the TV on as background noise, as many households do, distracts both children and adults.

“We felt it was time to revisit this issue because video screens are everywhere now, and the message is much more relevant today that it was a decade ago,” said Dr. Ari Brown, a pediatrician in Austin, Tex., and the lead author of the academy’s policy, which appears in the current issue of the journal Pediatrics.

Dr. Brown said the new policy was less restrictive because “the Academy took a lot of flak for the first one, from parents, from industry, and even from pediatricians asking, ‘What planet do you live on?’ ” The recommendations are an attempt to be more realistic, given that, between TVs, computers, iPads and smartphones, households may have 10 or more screens.

The worry that electronic entertainment is harmful to development goes back at least to the advent of radio and has steadily escalated through the age of “Gilligan’s Island” and 24-hour cable TV to today, when nearly every child old enough to speak is plugged in to something while their parents juggle iPads and texts. So far, there is no evidence that exposure to any of these gadgets causes long-term developmental problems, experts say.

Still, recent research makes it clear that young children learn a lot more efficiently from real interactions — with people and things — than from situations appearing on video screens. “We know that some learning can take place from media” for school-age children, said Georgene Troseth, a psychologist at Peabody College at Vanderbilt University, “but it’s a lot lower, and it takes a lot longer.”

Unlike school-age children, infants and toddlers “just have no idea what’s going on” no matter how well done a video is, Dr. Troseth said.

The new report strongly warns parents against putting a TV in a very young child’s room and advises them to be mindful of how much their own use of media is distracting from playtime. In some surveys between 40 and 60 percent of households report having a TV on for much of the day — which distracts both children and adults, research suggests.

“What we know from recent research on language development is that the more language that comes in — from real people — the more language the child understands and produces later on,” said Kathryn Hirsh-Pasek, a professor of psychology at Temple University.

After the academy’s recommendation was announced, the video industry said parents, not professional organizations, were the best judges. Dan Hewitt, a spokesman for the Entertainment Software Association, said in an e-mail that the group has a “long and recognized record of educating parents about video game content and emphasizing the importance of parental awareness and engagement.”

“We believe that parents should be actively involved in determining the media diets of their children,” he said.

Few parents of small children trying to get through a day can resist plunking the youngsters down in front of the screen now and then, if only so they can take a shower — or check their e-mail.

“We try very hard not to do that, but because both me and my husband work, if we’re at home and have to take a work call, then yes, I’ll try to put her in front of ‘Sesame Street’ for an hour,” Kristin Gagnier, a postgraduate student in Philadelphia, said of her 2-year-old daughter. “But she only stays engaged for about 20 minutes.”

In one survey, 90 percent of parents said their children under 2 watched some from of media, whether a TV show like “Yo Gabba Gabba!” or a favorite iPhone app. While some studies find correlations between overall media exposure and problems with attention and language, no one has determined for certain which comes first.

The new report from the pediatrics association estimates that for every hour a child under 2 spends in front of a screen, he or she spends about 50 minutes less interacting with a parent, and about 10 percent less time in creative play. It recommends that doctors discuss setting “media limits” for babies and toddlers with parents, though it does not specify how much time is too much.

“As always, the children who are most at risk are exactly the very many children in our society who have the fewest resources,” Alison Gopnik, a psychologist at the University of California, said in an e-mail.
https://www.nytimes.com/2011/10/19/health/19babies.html





Future Phones May Rewire and Reinvent Themselves
Dawinderpal Sahota

Researchers at Northwestern University in the US are using nanomaterials to create devices that can rewire themselves

Future mobile devices may be able to reconfigure themselves to meet new demands, #according to researchers that have developed a nanomaterial that can “steer” electrical currents. The discovery could lead to the development of smartphones and devices that can reconfigure their internal ‘wiring’ and evolve into an entirely different and new device, to reflect the changing needs of consumers.

With smartphones getting smaller and smaller, the materials from which the circuits are constructed begin to lose their properties and are more likely to be controlled by quantum mechanical phenomena, according to the research team from Northwestern University in Michigan. As devices reach this physical barrier, scientists have begun building circuits in three dimensions, by stacking components on top of one another. This technique was pioneered by Intel earlier this year.

However, the team said that it has taken a fundamentally different approach be making reconfigurable electronic materials that can rearrange themselves to meet different computational needs at different times.

The team is aiming to create a single device able to reconfigure itself into a resistor, a rectifier, a diode and a transistor based on signals from a computer. The multi-dimensional circuitry could be reconfigured into new electronic circuits using a varied input sequence of electrical pulses, the team said.

“Our new steering technology allows use to direct current flow through a piece of continuous material,” said Professor Bartosz Grzybowski, who led the research. “Like redirecting a river, streams of electrons can be steered in multiple directions through a block of the material; even multiple streams flowing in opposing directions at the same time.”

The team’s nanomaterial combines different aspects of silicon- and polymer-based electronics to create a new classification of electronic materials: nanoparticle-based electronics.

“Besides acting as three-dimensional bridges between existing technologies, the reversible nature of this new material could allow a computer to redirect and adapt its own circuitry to what is required at a specific moment in time,” said David Walker, an author of the study and a graduate student in Prof Grzybowski’s research group.

The hybrid material is composed of electrically conductive particles, each five nanometers in width, coated with a special positively charged chemical. The particles are surrounded by a sea of negatively charged atoms that balance out the positive charges fixed on the particles. By applying an electrical charge across the material, the small negative atoms can be moved and reconfigured, but the relatively larger positive particles are not able to move.

By moving this sea of negative atoms around the material, regions of low and high conductance can be modulated; the result is the creation of a directed path that allows electrons to flow through the material. Old paths can be erased and new paths created by pushing and pulling the sea of negative atoms. More complex electrical components, such as diodes and transistors, can be made when multiple types of nanoparticles are used.
http://www.telecoms.com/34884/future...nt-themselves/





Wireless Users Will Get Alerts on Excess Use
Edward Wyatt

Users of cellphones and other wireless devices who are nearing their monthly limit for voice, text or data services will receive alerts when they are in danger of being charged extra, under an agreement reached by carriers and the Federal Communications Commission.

The agreement, which is to be announced Monday, brings together an industry and a regulator that have fought bitterly this year over the F.C.C.’s attempts to police Internet service providers and over the commission’s review of wireless company mergers. The agreement will begin within a year.

Wireless companies have generally opposed the commission’s recent efforts to dictate how they communicate with customers. But the carriers have also been losing good will with people bitter about the sometimes exorbitant charges resulting from overuse of what has become a consumer staple — the cellphone.

Tens of millions of wireless phone users are hit with overage charges each year, the F.C.C. estimates, based on its own studies and work by the Government Accountability Office and private research firms. The new agreement binds all of the members of the industry’s largest trade group, and therefore covers virtually all of the country’s more than 300 million wireless accounts, according to the F.C.C. chairman, Julius Genachowski.

President Obama, Mr. Genachowski and Steve Largent, president of CTIA — the Wireless Association, the trade group that negotiated for the carriers, hailed the agreement. Mr. Largent, a former congressman and N.F.L. player, said the deal fulfilled a government pledge without imposing burdensome regulations.

President Obama, in a statement, said: “I appreciate the mobile phone companies’ willingness to work with my administration and join us in our overall and ongoing efforts to protect American consumers by making sure financial transactions are fair, honest and transparent.”

For 18 months, the F.C.C. has been investigating what it calls bill shock, what consumers experience when they receive their monthly wireless bill to find unexpected charges of hundreds or thousands of dollars for roaming or overuse of voice and data services. In October, it proposed a regulation that will now be delayed while the commission monitors the industry’s voluntary compliance.

Most wireless contracts call for a customer to pay a flat monthly fee for a fixed number of minutes of talk time. Some plans include a set number of text messages, and others, most often for smartphones, tablets like the iPad, or laptop computer air cards, include a certain amount of data use each month.

A customer exceeding those limits will begin incurring charges that are often far more expensive on a per-unit basis than under the monthly allotments. While many carriers offer several ways for consumers to check their usage, those struck by large bills usually had not regularly done so.

Alerting consumers to data limits is particularly relevant with the explosive growth of the iPad and other tablets, which can consume immense amounts of data in downloading music and books, and streaming movies. The F.C.C. has said that the popularity of tablets and the accompanying growth in data use is contributing to overcrowding of the airwaves, with wireless companies finding that they may eventually not be able to accommodate the demand for downloading.

A 2010 study by the F.C.C. found that one in six mobile device users had experienced bill shock, with 23 percent of those users facing unexpected charges of $100 or more. A separate F.C.C. report noted that 20 percent of the bill shock complaints it received during the first half of 2010 were for $1,000 or more in overage charges. Expensive charges can also be incurred for roaming, when a user travels out of a company’s defined area of coverage or, as often occurs, when traveling overseas.

Even so-called unlimited data plans often have a cap limiting downloads each month to a certain number of megabytes — a technical measure that, unlike a number of calls or minutes, cannot easily be tracked by the uninitiated. Last October, the F.C.C. highlighted the case of a 66-year-old retiree in Dover, Mass., who received an $18,000 bill after a promotional no-limit data plan expired without warning.

Alexander Cullison found out the hard way what can happen when a family member is unaware of usage limits and accounting. Mr. Cullison, a retired resident of Fairfax, Va., received a $400 bill one month recently after his son, whose plan had a monthly limit of 250 text messages, sent and received about 2,000 in one billing period. It was then that Mr. Cullison learned that his wireless company counted each message sent and received as separate items, causing them to build up at least twice as fast as expected.

“This is a good resolution,” Mr. Cullison said, “as long as they advise you that you are going to go over your limit before it actually happens.” Under the agreement, carriers will provide alerts when consumers approach and then exceed their limits on voice, data or texting. In addition, users will receive an alert when their phone links to a cellular system in a foreign country. Some carriers already provide similar alerts.

Companies have the option to deliver alerts by text or voice, but they must be free and automatic. Consumers can opt out of the service if they choose. At least two of the four types of alerts must be started by carriers within 12 months, and all alerts must begin within 18 months.

The companies also agreed to publicize tools for consumers to monitor their own usage. The F.C.C. has teamed with the nonprofit Consumers Union to track companies’ compliance.

“Consumers have been telling us about ‘bill shock’ for a long time, and we’ve been pushing for reforms to crack down on the problem,” said Parul P. Desai, policy counsel for Consumers Union. “Ultimately, this is about helping people protect their pocketbooks, so we applaud the F.C.C. and the industry for this effort to do right by consumers.”
https://www.nytimes.com/2011/10/17/t...ill-shock.html





BitTorrent Throttling Internet Providers Exposed
Ernesto

Data published by the Google-backed Measurement Lab gives a unique insight into the BitTorrent throttling practices of ISPs all over the world. It reveals that Comcast was slowing down nearly half of all BitTorrent traffic in the U.S. early 2008, but only 3% last year. In Canada, Rogers has the worst track record as it systematically throttles more than three-quarters of all BitTorrent traffic.

Hundreds of ISPs all over the world limit and restrict BitTorrent traffic on their networks. Unfortunately, most companies are not very open about their network management solutions.

Thanks to data collected by Measurement Lab (M-Lab) the public is now able to take a look at the frequency of these BitTorrent throttling practices. Among other tools, M-Lab runs the Glasnost application developed by the Max Planck Institute.

The interactive data set published yesterday spans a two-year period and this initial release covers the period between April 2008 and May 2010. It includes BitTorrent throttling percentages of ISPs in dozens of countries, divided into three-month periods. Below we discuss a few trends and notable findings.
United States

The BitTorrent throttling practices of Comcast, exposed by Robb Topolski and TorrentFreak in 2007, were in part what led to the Measurement Lab research. After an FCC investigation Comcast was ordered to stop slowing down BitTorrent on a large-scale, and the data shows that the company has kept its word.

Early 2008 Comcast limited nearly half (49%) of all BitTorrent traffic but this was reduced to 3 percent by the first quarter of last year. Cox, another heavy throttler, went from 51 percent to 3 percent in the same time period. The data further shows that in 2010, Clearwire was the only U.S. Internet provider that limited more than 10 percent of all BitTorrent traffic, 17 percent to be precise.

Worst: Clearwire (17%)

Best: Comcast and others (3%)

Canada

In Canada, all large ISPs have admitted to slowing down BitTorrent traffic, and some do so to a great extent. Since the start of the measurements Rogers has continuously throttled more than three-quarter of all BitTorrent traffic, and there are no signs that this will stop.

During the first quarter of 2010 the two other large Canadian ISPs, Bell and Shaw, were throttling 16 and 14 percent respectively. Videotron on the other hand has never slowed down more than 7 percent, and only 3 percent during the last measurement year.

Worst: Rogers (78%)

Best: Videotron (3%)

Great Britain

In Great Britain, TalkTalk used to limit a third of all BitTorrent traffic, but this was reduced significantly by the end of 2009. They now only slow down BitTorrent during peak hours which resulted in a 12 percent throttling rate early 2010. Tiscali and BT Group are exposed as the most heavy throttlers while Virgin Media, O2 and BSkyB have had relatively low percentages throughout the measurement period.

Worst: Tiscali and BT Group (27%)

Best: BSkyB (5%)

Other

A quick look at some other countries shows that in Australia none of the large ISPs were throttling BitTorrent traffic heavily in 2010, and the same can be said for Sweden and France. In The Netherlands UPC used to throttle heavily, but this was no longer the case early 2010.

In Germany, Kabel Deutschland seems to be the poorest choice for BitTorrent users (36%), and in Poland UPC has to be avoided as they limit 87 percent of all BitTorrent traffic.

Those who are interested in seeing how their own ISP performs can take a look at the full dataset at deeppacket.info. The researchers promise to release more recent data in the future, and it will be interesting to see how the various throttling habits of ISPs develop.

For those who have a choice, which us unfortunately not always the case, the data can definitely help to make an informed decision when signing up at a new Internet Provider.
https://torrentfreak.com/bittorrent-...xposed-111020/





Bell to Scale Back Throttling of File-Sharing
CBC News

Bell warned independent ISPs that they might see higher file sharing traffic during peak periods as a result of its network changes.Bell warned independent ISPs that they might see higher file sharing traffic during peak periods as a result of its network changes. CBC

Bell says it may stop slowing downloads and uploads of files shared through peer-to-peer applications by the customers of independent internet service providers.

Earlier this week, Bell sent a letter to its wholesale customers – independent ISPs that rent access to Bell's network in order to connect customers to their own networks – informing them that effective November 2011, new network links in its expanded network may no longer be affected by equipment designed to slow down peer-to-peer traffic during peak periods.

Since 2008, Bell has been selectively slowing down or throttling file sharing applications between the "peak" hours of 4:30 p.m. and 2 a.m., saying that it was necessary to deal with congestion. The company said peer-to-peer traffic is targeted because it is not as time sensitive as other applications, such as video or voice calling.

In this week's letter, Bell said "while congestion still exists, the impact of peer-to-peer file sharing applications on congestion has reduced."

It added that in the future, it may move customers to parts of the network where throttling isn't applied.

While Bell throttles peer-to-peer traffic from both customers of the independent ISPs and its own retail customers, it has not yet said whether its own retail customers will be affected by the changes. As of late afternoon, the company had not yet responded to a request for clarification from CBC News.

Network traffic may jump: Bell

Bell warned independent ISPs that they might see higher file sharing traffic during peak periods as a result of its network changes.

"This may also impact the capacity of your network due to the increase in traffic," the letter said. "As a result, we recommend that you monitor your access to ensure you can meet the network needs of your customers."

Tom Copeland, chair of the Canadian Association of Internet Providers, which represents a number of small ISPs, said he was glad to see Bell's move, even though Bell was somewhat ambiguous about the extent to which it would reduce throttling.

"I think anything that our wholesale providers can do to help us provide better service to Canadians is a great thing," he said Thursday.

He added that independent ISPs had long been opposed to Bell selectively throttling the same kinds of traffic for their customers as for Bell's own retail customers because that made it difficult for independent ISPs to differentiate their services.

It also made it difficult to judge what their real internet traffic would be without that kind of throttling, he said.

"It makes it difficult for us to do any forward planning."

Copeland said independent ISPs are looking forward to the chance to be able to manage their network traffic on their own. "It allows us to, again, differentiate our service."

Open Media, a group that lobbies for an open internet, said it too is "glad to see Bell moving away from the practice of throttling access to online services" – something it calls "anti-competitive."

Net neutrality guidelines

In a blog posting Wednesday, Michael Geist, a University of Ottawa professor who researches internet law, pointed to Bell's admission that peer-to-peer file sharing is no longer a major contributor to network congestion.

He suggested that means that if Bell continues to throttle file sharing traffic from its retail internet customers, it may be violating Canadian internet traffic management guidelines. Those guidelines from the Canadian Radio-Television and Telecommunications Commission, specify that network traffic management "must be designed to address a defined need and nothing more" and should result in as little discrimination or preference for certain types of traffic as possible. He also noted that may also apply to other ISPs that also throttle certain kinds of traffic to manage congestion.

In September, the CRTC issued new guidelines for resolving consumer complaints about throttling. They include timelines that internet providers need to meet when dealing with complaints, a commitment to post the number of complaints online, and possible consequences such as a third-party audit or public hearing for ISPs that don't comply.
http://www.cbc.ca/news/canada/story/...e-sharing.html





Theater Review | 'The Agony and the Ecstasy of Steve Jobs'

Moral Issues Behind iPhone and Its Makers
Charles Isherwood

I hate to tell you this, but your best friend has a dark secret in his past, the kind of shameful history that might just have you looking at him (or her?) a little sheepishly, with a furtive, sidelong glance instead of the former adoring gaze.

I speak not of a human being, mind you, the walking and talking kind of best friend, but of your cherished electronic companion, that stylish helpmate, warm intimate and source of delightful entertainment known as an iPhone. As I look at mine this morning, I can’t help feeling a bit guilty, and a bit betrayed. I fear some of the magic has gone out of our relationship.

This seismic shift in my consciousness came about thanks to Mike Daisey, whose latest theatrical monologue, “The Agony and the Ecstasy of Steve Jobs,” is a mind-clouding, eye-opening exploration of the moral choices we unknowingly or unthinkingly make when we purchase nifty little gadgets like the iPhone and the iPad and the PowerBook.

To be fair, while Mr. Daisey’s particular obsession is the product line of the Apple corporation, the ethical problems he explores are not exclusive to owners of MacBooks and iPods. As he points out in this meditation on our wonderful world of technology and the troubling economic imbalances that underlie it, any number of other electronic gizmos filling up our homes and taking up our time are similarly morally tainted goods.

About half of all consumer electronics sold in the world today are produced at a single mammoth factory campus in Shenzhen, China, according to Mr. Daisey. His illuminating trip to this campus, the sprawling Foxconn Technology plant, forms the dramatic spine of his smart, pointed and often very funny exploration of the rise of Apple and the career and vision of Mr. Jobs, who died this month after a long battle with cancer.

Mr. Daisey has been creating monologues on various subjects — “How Theater Failed America“ and “21 Dog Years” are among his best-known — for more than a decade. His methods are simple. Here he sits, behind a glass-topped table with just a few pages of notes and a glass of water before him, looking like a big boy who never lost all his baby fat. (Or maybe any of it.) His performance style mixes the quiet reflectiveness of Spalding Gray with more histrionic colorings.

In relating his giddy relationship with his Apple products, and impersonating fellow obsessives, Mr. Daisey transforms into a cackling mad scientist of creaky thrillers, and at his most fervid he recalls the jabbering, slightly unhinged aspect of the comic Lewis Black of “The Daily Show With Jon Stewart.” When it comes to discussing the sobering discoveries he made at Foxconn, which employs some 430,000 people in its compound in Shenzhen, Mr. Daisey speaks more gravely and with a charged intensity.

“The Agony and the Ecstasy of Steve Jobs,” which opened on Monday night at the Public Theater in a production directed by Mr. Daisey’s frequent collaborator (and wife) Jean-Michele Gregory, is pretty equally divided between the two heated emotional states of the title. Most of the ecstasy derives from Mr. Daisey’s misty-eyed recounting of his own highly charged relationship with Apple products, which dates back to an early model of an Apple computer that was given to the family by a wealthy uncle, and that was treated with such deference and awe that it was provided its own room.

For Mr. Daisey, as for many others, affection for Apple products evolved into reverence for Mr. Jobs, the Apple co-founder whose identification with the company and its products has been much remarked upon, and worried over, since his illness made news several years ago.

Mr. Daisey has been performing this show since July of last year, and while the death of Mr. Jobs lends the evening a certain eerie timeliness, it also means that many in the audience will be familiar with the life and career of Mr. Jobs from reading obituaries and tributes.

The hippie-meets-tech-geek ethos, the founding of and then ouster from Apple, the triumphant return and the revolutionary series of consumer products that followed: Mr. Daisey covers this material fluently and with amiable humor, mixing obvious hero worship with some pointed skepticism. (Mr. Jobs, he notes, was the kind of imperious guy who divided the world’s population into “geniuses and bozos.”)

But the show is most engrossing, and most disturbing, when Mr. Daisey delves into the grim realities of workers’ lives in Shenzhen, a city that he memorably describes as looking as if “ ‘Blade Runner’ threw up on itself.” Here is where the agony of the title enters the picture.

The Foxconn campus is tightly controlled, its entrance secured by gun-wielding guards. A series of suicides at the plant several years ago made international headlines. When Mr. Daisey’s attempts to visit through official channels were rebuffed, he simply rented a car and a driver and translator, and showed up at the gates to interview workers as they emerged from their shifts.

He had to wait quite a while. As he notes, while the official Chinese workday is 8 hours, the norm at Foxconn is more like 12 and even longer when the introduction of a product is at hand. One worker died after a 34-hour shift. Some of the workers he meets are as young as 13, and because of the repetitive nature of the labor, their hands often become deformed and useless within a decade, rendering them unemployable.

Mr. Daisey does not go all “j’accuse” on Mr. Jobs himself, but he does observe that Apple and other American corporations have been shamefully lax in taking responsibility for the treatment of workers at the overseas plants that manufacture their products. (He does not refer to an investigation Apple made into worker conditions at Foxconn this year.)

But of course the responsibility shouldn’t stop there. The conveniences and pleasures that all these gadgets have brought to our lives have been purchased at the cost of considerable human suffering, of which we remain willfully ignorant or simply choose to ignore.

Mr. Daisey pushes the notes of quiet outrage and guiltmongering perhaps a little too hard in the show’s culminating moments, although he avoids full diatribe mode. But he doesn’t really need to bang the drum so hard; he has made his points clearly and powerfully already. Anyone who sees Mr. Daisey’s show — and anyone with a cellphone and a moral center should — will find it hard to forget the repercussions that our casual purchases can have in the lives of men and women (and children) half a world away.

Uncomfortable reflections along these lines have certainly been springing into my consciousness a lot since I saw it, like psychic pop-up ads that just won’t go away. I can’t seem to find a little box that says “Skip this thought.”

THE AGONY AND THE ECSTASY OF STEVE JOBS

Created and performed by Mike Daisey; directed by Jean-Michele Gregory; sets and lighting by Seth Reiser; production stage manager, Pamela Salling; acting general manager, Steven Showalter; associate artistic director, Mandy Hackett; associate producer, Maria Goyanes; director of production, Ruth E. Sternberg. Presented by the Public Theater, Oskar Eustis, artistic director; Joey Parnes, interim executive director. At the Public Theater, 425 Lafayette Street, at Astor Place, East Village; (212) 967-7555, publictheater.org. Through Nov. 13. Running time: 1 hour 50 minutes.
http://theater.nytimes.com/2011/10/1...bs-review.html





Edgar M. Villchur, a Hi-Fi Innovator, Is Dead at 94
Dennis Hevesi

Edgar M. Villchur, whose invention of a small loudspeaker that could produce deep, rich bass tones opened the high-fidelity music market in the 1950s to millions of everyday listeners, died on Monday at his home in Woodstock, N.Y. He was 94.

His daughter, Miriam Villchur Berg, confirmed the death.

Audiophiles have hailed Mr. Villchur as a seminal figure in the field. In its 50th-anniversary issue in 2006, Hi-Fi News ranked him No. 1 among the “50 Most Important Audio Pioneers.” John Atkinson, the editor of Stereophile magazine, credits him with bringing hi-fi into the home.

“Villchur’s development of what he called the acoustic suspension woofer made it possible for music lovers to buy loudspeakers that were domestically acceptable,” Mr. Atkinson said in a 2009 interview. “A guy’s wife could accept their presence on the bookshelf in the living room.”

Before Mr. Villchur’s invention of the AR-1 loudspeaker in 1954, producing high-fidelity bass tones required speakers large enough to generate the long wavelengths of the deep notes. Some speakers were as large as a refrigerator. In the cabinet, mounted toward the front, would be what hi-fi specialists call the drive unit: a cone-shaped device activated by a magnet and a coil of wire to produce the sound. In the early days of hi-fi, manufacturers were not fully aware of the relationship between the drive unit and the acoustic role played by the cabinet itself, and they sometimes left the rear of the cabinet open.

Mr. Villchur realized that if the cabinet were completely sealed, the air trapped inside would act something like a spring that would control the cone’s vibrations, greatly enhancing the drive unit’s low-frequency performance.

“My measurements showed that my little prototype had better bass and less distortion than anything on the market, yet it was one-quarter the size,” Mr. Villchur said in an interview with Stereophile in 2005. “I thought, ‘This has got to be the future of loudspeakers.’ ”

It was. By 1966, according to Stereo Review magazine, Mr. Villchur’s company, Acoustic Research, was the leader in the nation’s speaker market, with a share of just over 32 percent.

One of Mr. Villchur’s breakthrough speakers was placed on permanent exhibit at the Smithsonian Institution in 1993.

Mr. Villchur also made two other advances that greatly improved high-fidelity performance.

He developed one of the first dome tweeters, a drive unit that produces high frequencies. Before the tweeter, high frequencies were emitted by the woofer, but with very poor sound quality. Instead of the cone, Mr. Villchur (and other innovators working independently of one another) devised small dome-shaped diaphragms that proved optimal for producing high frequencies.

In the early days of the turntable, one of its biggest problems was an effect called rumble: vibrations from the motor and the turntable that were picked up by the needle. Mr. Villchur’s solution was to separate the motor from the turntable and connect the two with a rubber belt, significantly reducing the vibrations.

Even though digital sound has largely replaced vinyl and turntables, Mr. Atkinson said, “Edgar Villchur’s inventions have led to the application of scientific principles that are used in every loudspeaker now on the market.”

Edgar Marion Villchur was born in Manhattan on May 28, 1917, the only child of Mark and Mariam Villchur, who had immigrated from Russia. His father was editor of a Russian-language newspaper, his mother a biologist.

It was his service in World War II that sparked Mr. Villchur’s fascination with sound and electronics. He had graduated from City College in 1938, then earned a master’s degree in education there two years later. But within a year he was drafted into the Army Air Forces and was trained as an electronics technician. For most of the next five years, while rising to captain, he was responsible for his squadron’s radio operations in the Pacific.

After the war Mr. Villchur opened a radio shop in Greenwich Village, making repairs and building custom hi-fi sets. He also taught a course in sound reproduction at New York University.

Mr. Villchur married Rosemary Shafer in 1945. Besides his wife and daughter, he is survived by a son, Mark, of Boston.

The Villchurs moved to Woodstock in 1952. In his basement, Mr. Villchur began testing his notion of a sealed-cabinet loudspeaker. One day in spring 1954, speaking to his acoustics class at N.Y.U, he hinted at his idea. One student, Henry Kloss, stayed after class, eager to learn more. Soon, student and teacher were in Mr. Villchur’s 1938 Buick, headed to Woodstock. In Mr. Villchur’s basement workshop, they listened to the copious low-frequency tones on an LP recorded by the renowned organist E. Power Biggs.

Mr. Kloss had a loft in Cambridge, Mass., where he was already building mail-order cabinets for Baruch-Lang speakers. It became the first headquarters for Acoustic Research. Mr. Kloss, who died in 2002, is credited with designing the production process for the AR-1 speaker and its successors, the AR-2 and the AR-3, which combined Mr. Villchur’s woofer and tweeter models.

Among Mr. Villchur’s duties was promoting the products. In the early 1960s he sponsored “live versus recorded” concerts around the country, including one in a recital room at Carnegie Hall and another at Grand Central Terminal. At the concerts, a string quartet would play a piece of music, then mime it as parts of a recording by the same quartet played through a pair of AR-3 speakers. The listeners were rarely able to detect the switchovers.

Mr. Villchur was president of Acoustic Research until 1967. After being bought by a series of manufacturers, the company went out of business in 2004. Its brand name was bought by the Audiovox Corporation.

Soon after leaving Acoustic Research, Mr. Villchur started the Foundation for Hearing Aid Research in Woodstock, where he developed a prototype of the multichannel compression hearing aid that has become an industry standard.
https://www.nytimes.com/2011/10/18/b...ies-at-94.html





Those Scan Results Are Just an App Away
Anne Eisenberg

EVEN in the vast world of apps, Dr. Patrick J. Gagnon has one with an unusual distinction: it had to be cleared for use by the Food and Drug Administration.

Dr. Gagnon, a radiation oncologist, uses the app when he sees patients in his Fairhaven, Mass., office. He pulls his iPhone out of his pocket, and then he and a patient, side by side, can view images on it and discuss treatment.

“It’s a nice way to go through a scan with a patient,” he said.

The app he uses, called Mobile MIM, made by MIM Software, can turn an iPhone or an iPad into a diagnostic medical instrument. It allows physicians to examine scans and to make diagnoses based on magnetic resonance imaging, computed tomography and other technologies if they are away from their workstations.

Dr. Gagnon says the app will also prove useful when he wants to give physicians at other hospitals rapid access to images for immediate decisions.

Mobile MIM is among a handful of medical apps that the F.D.A. has cleared for diagnostic use. Many others will probably appear as more smartphones and tablets make their way into the pockets of doctors’ white coats or onto their office desks. In preparation, the F.D.A. is working on guidelines for such apps, and in September it conducted a two-day public workshop for feedback.

Only a small subset of the myriad health apps coming to the market will actually need the agency’s regulatory attention, said Bakul Patel, a policy adviser at the Center for Devices and Radiological Health, an F.D.A. unit in Silver Spring, Md.

The focus will be on apps that help with a specific diagnosis, or transform a mobile device into a currently regulated medical device. For example, an app to turn a smartphone into an EKG machine to determine whether a patient is having a heart attack would qualify for a close look.

Mobile MIM was the first medical imaging app to be cleared by the agency. Its maker also sells medical imaging services that are used on workstations.

The app comes in two versions: Mobile MIM, for physicians, and VueMe, for patients. Both are free, though MIM Software charges on a pay-as-you-go basis for storing uploaded scans on its servers, and for letting people view them.

For instance, it costs $1 for a doctor or hospital to upload images of an examination to MIM’s cloud, said Mark Cain, the company’s chief technology officer. Even if the scan has several parts, the charge remains $1.

The charge to view the study when the doctor sends it along to a patient or asks for a second opinion from another physician is $1 on an iPhone and $2 on an iPad. Even though a study may be viewed by several patients and physicians, the charge is usually made only once, Mr. Cain said.

Achieving F.D.A. clearance for the Mobile MIM app took nearly two and a half years, Mr. Cain said. One concern was the ambient lighting under which scans might be read when using the app. Studies are usually read on workstations in the low light of reading rooms, Mr. Patel said. But doctors using their cellphones or tablets on the go might find themselves in places that are far brighter than that.

“You might not have the visual acuity you’d need for a crucial diagnosis that you’d have in a reading room,” Mr. Patel said.

The F.D.A. worked with the company on a way to mitigate this risk. The solution was software that includes an automatic test for poor lighting — users must perceive and tap a small rectangle that appears faintly on the screen. “If you can’t see the rectangle and touch it, you are in an area that is too bright,” Mr. Cain said.

Adjustments like these, Mr. Patel said, will make the devices more usable.

The F.D.A. procedures may slow down some applications’ debuts, said Dr. Iltifat Husain, an emergency medical resident at the Wake Forest University School of Medicine and editor in chief of a Web site that reviews medical apps.

But he is not worried.

“It’s exciting to see the F.D.A. getting involved,” Dr. Husain said. Both from patients and doctors, he added, “there’s a strong demand to understand these new apps.”
https://www.nytimes.com/2011/10/16/b...ed-by-fda.html





More Facebook Friends Linked to Bigger Brain Areas
Ben Hirschler

Scientists have found a direct link between the number of "friends" a person has on Facebook and the size of certain brain regions, raising the possibility that using online social networks might change our brains.

The four brain areas involved are known to play a role in memory, emotional responses and social interactions.

So far, however, it is not possible to say whether having more Facebook connections makes particular parts of the brain larger or whether some people are simply pre-disposed, or "hard-wired," to have more friends.

"The exciting question now is whether these structures change over time -- this will help us answer the question of whether the Internet is changing our brains," said Ryota Kanai of University College London (UCL), one of the researchers involved in the study.

Kanai and colleagues used magnetic resonance imaging (MRI) to study the brains of 125 university students, all of them active users of social media site Facebook, and cross-checked their findings in a further group of 40 students.

They discovered a strong connection between the number of Facebook friends and the amount of "grey matter" in the amygdala, the right superior temporal sulcus, the left middle temporal gyrus and the right entorhinal cortex. Grey matter is the layer of brain tissue where mental processing occurs.

The thickness of grey matter in the amygdala was also linked to the number of real-world friends people had, but the size of the other three regions appeared to be correlated only to online connections.

The students, on average, had around 300 Facebook friends, with the most connected having up to 1,000.

With more than 800 million active users worldwide, Facebook has become a major component of social interaction, especially among the young.

"Online social networks are massively influential, yet we understand very little about the impact they have on our brains. This has led to a lot of unsupported speculation the Internet is somehow bad for us," said Geraint Rees of UCL.

"This shows we can use some of the powerful tools in modern neuroscience to address important questions -- namely, what are the effects of social networks, and online social networks in particular, on my brain."

The study results were published Wednesday in the journal Proceedings of the Royal Society B.

Heidi Johansen-Berg of the University of Oxford, who was not involved in the research, said the findings were intriguing but did not mean Facebook was a short cut to making people brainier.

"If you got yourself 100 new Facebook friends today then your brain would not be bigger tomorrow," she said. "The study cannot tell us whether using the Internet is good or bad for our brains."

(Reporting by Ben Hirschler)
http://www.reuters.com/article/2011/...79H89L20111018





Seagate Wins EU Okay for Samsung Hard Disk Unit Buy

U.S.-based Seagate Technology (STX.O) won EU regulatory approval on Wednesday to buy Samsung Electronics Co's (005930.KS) loss-making hard disk drive unit for $1.4 billion.

Seagate unveiled the acquisition in April as it aimed to boost its market share to 40 percent, with rival Western Digital Corp (WDC.N) and Hitachi Ltd (6501.T) sharing about half the market.

"Although the merger will further consolidate markets that are already highly concentrated, the Commission concluded that the transaction would not significantly impede effective competition in EEA (the European Economic Area) or any substantial part of it," the European Commission, the EU competition watchdog, said in a statement.

The Commission said the Seagate/Samsung deal was assessed independently of Western Digital's proposed acquisition of the hard disk drives and solid state drives businesses of Hitachi Global Storage Technologies, which was notified one day later and is still pending.
http://www.reuters.com/article/2011/...79I2OO20111019





The Impending Hard Drive Shortage -- and Possible Price Hikes

Flooding near Bangkok has taken about 25 percent of the world's hard disk manufacturing capacity offline
Woody Leonhard

If you're going to need hard drives this year or early next year, it would be smart to get your sources locked in now.

Disk manufacturing sites in Thailand -- notably including the largest Western Digital plant -- were shut down due to floods around Bangkok last week and are expected to remain shut for at least several more days. The end to flooding is not in sight, and Western Digital now says it could take five to eight months to bring its plants back online. Thailand is a major manufacturer of hard drives, and the shutdowns have reduced the industry's output by 25 percent.

Western Digital, the largest hard disk manufacturer, makes more than 30 percent of all hard drives in the world. Its plants in Ayutthaya's Bang Pa-In Industrial Estate and Pathum Thani's Navanakorn Industrial Estate together produce about 60 percent the company's disks. Both were shut down last Wednesday. (Western Digital also has a major plant in Malaysia that hasn't been affected by the floods, so some production will likely shift to that plant.)

Fourth-ranked hard-disk manufacturer Toshiba makes more than 10 percent of the world's hard disks, and half of its capacity is in Thailand. Toshiba's plant has also been closed due to flooding.

Key disk component suppliers have also been hit. Nidec, which makes more than 70 percent of all hard drive motors, has temporarily suspended operations at all three of its plants in Thailand, affecting 30 percent of its production capacity. Hutchinson Technologies, which makes drive suspension assemblies, has also suspended operations due to power outages, although it says it will shift operations to its U.S. plant.

Seagate, the second-largest hard disk manufacturer, has two plants in Thailand, but neither is in the flooded parts of the country. Seagate notes that "the hard disk drive component supply chain is being disrupted and it is expected that certain component in the supply chain will be constrained." Translation: Component prices are going up, at least for some parts.

It's not clear whether that will affect the prices you pay. As a testament to adequate supply and lower-than-expected demand, retail prices of hard disks have not taken off: You can still get 1TB and larger SATA drives from popular websites for about the same price now as they were in September. Even if manufactuers hold the line on the product price, it's highly that unlikely disk prices will go down any time soon.
https://www.infoworld.com/t/hard-dri...e-hikes-176453





Retailers Respond to Upcoming HDD Shortage by Limiting Purchases & Hiking Prices
Gav

With Thailand experiencing its worst flooding in generations, component manufacturers have been especially hard hit. The trickle down effect is having a huge impact upon hard drive manufacturers in particular.

Late last week Western Digital announced that their hard drive production facilities in Thailand were shutting down due to the extreme amount of flooding. It seemed like plants were safe from the rising waters but over the weekend things changed. Their facilities in the Navanakorn and Bang Pa industrial areas outside of Bangkok were inundated, likely adding equipment loss estimated in the millions of dollars to an already bleak situation.

Considering Western Digital is currently the largest hard drive manufacturer in the world and nearly 60% of their production volume comes from Thailand, channel shipments were bound to suffer. Even if these plants could get up and running again the infrastructure in Thailand needed to continue production –both in human and materiel terms- has been devastated.

Seagate on the other hand has been operating their own Thai factories at full capacity since the beginning of the disaster and hasn’t reported any flood danger. However, this doesn’t mean they’ve been spared in any way. For them, the issue is a lagging component supply chain which is becoming a bottleneck since many manufacturers of drive heads casings and other internal items have been affected by these floods.

These floods could impact smaller players in the HDD market as well. The bulk of final assembly for companies like Samsung and Hitachi GST may be located in other areas of the globe but like Seagate and Western Digital, many of their primary components will soon be in short supply.

So with hard drive production being affected so heavily, what does that mean for us consumers? We run the possibility of seeing high prices and limited availability at one of the most important times of the year. Indeed, some retailers like Newegg and NCIX have already begun limiting the number of drives a customer can purchase (Newegg is currently at a limit of one drive per customer while NCIX has announced a limit of two) as they gear up for supply shortages and price increases throughout the channel. Speaking of price increases, we have seen a spike of 15% to 30% in the cost of some models over the last 72 hours.

This couldn’t have come at a worse time since Christmas shoppers will see higher prices on everything from notebooks to PVRs. Flash memory isn’t safe from this turbulence either so expect its prices to increase as consumers begin looking for alternatives to HDDs. So gear up folks because the days of cheap storage space are about to end….for a few months at least. Our hearts and prayers go out to the people suffering through this disaster.
http://www.hardwarecanucks.com/news/...hiking-prices/





Tim O’Reilly Says ‘Patent Trolls Could Be the End of Silicon Valley’
Hermione Way

Serial entrepreneur and founder of Web 2.0 Summit Tim O’Reilly says the biggest negative trend in the technology industry is ‘patent trolls‘ who are having a huge impact on preventing innovation. He says companies are spending their time suing each other for the monetry worth for technology they are not deploying themselves.

Tim has been active in this space and in 2001, O’Reilly was involved in a dispute with Amazon.com, leading a protest against Amazon’s one-click patent and, specifically, Amazon’s assertion of that patent against rival barnesandnoble.com. The protest ended with O’Reilly and Amazon.com founder Jeff Bezos visiting Washington D.C. to lobby for patent reform.
http://thenextweb.com/video/2011/10/...ilicon-valley/





Mad About Her: Pauline Kael, Loved and Loathed
Manohla Dargis and A. O. Scott

THE longtime New Yorker film critic Pauline Kael didn’t just write about movies — she made it seem as if they were worth fighting about. Nearly 20 years after her retirement and a decade after her death, she remains an often polarizing figure. On Oct. 27, the Library of America will publish “The Age of Movies: Selected Writings of Pauline Kael,” followed four days later by the publication of “Pauline Kael: A Life in the Dark,” a sometimes surprising biography by Brian Kellow, from Viking. A. O. Scott and Manohla Dargis discuss her work and its legacy.

MANOHLA DARGIS I was talking to a critic friend recently who, with a sigh of regret, mentioned what he characterized as the assault on critical authority. This isn’t a new topic for professional opinionators like us: in the age of Rotten Tomatoes, with its hundreds of reviewers weighing in on new movies, and Yelp, where nonprofessionals thrust their thumbs up or down, the idea that critics don’t have the say they once had has been much discussed during the Great Decline (of critical influence, the publishing industry, the economy). The notion that critics once had power is certainly one of the selling points on the jacket for the Kael biography, which states that during her time at The New Yorker (1968-91) she “became the most widely read, the most influential, the most powerful, and, often enough, the most provocative critic in America.”

A.O. SCOTT I have to say that the idea of critical authority has always struck me as slippery, even chimerical. Authority over whom? Power to do what? The importance of particular critics can’t be quantified in lumens of fame, circulation numbers or box office returns, though by all of these measures Kael, in her heyday, certainly enjoyed unusual prominence. But like every other critic, she was above all a writer, and a writer only really ever has — or cares about — one kind of power, which is the power to engage readers.

I think Kael is remembered not for her particular judgments or ideas, but rather for her voice, for an outsized literary personality that could be enthralling and infuriating, often both. A lot of people read her for the pleasure of disagreement, and the resentment she was able to provoke — in critical targets and rival critics — is surely evidence of power. An awful lot of our colleagues are still, in both senses, mad about her. To reread her is to understand why.

Her sensibility was passionate, abrasive and rarely consistent. Reviewing “Deeper Into Movies,” a 1973 collection of Kael’s reviews and essays, Irving Howe noted that she did not write out of “a secure critical tradition. Its absence allows her a pleasing freedom of improvisation, but makes very hard the achievement of reflective depth or delicate judgment.”

That seems to me both fair and arguable. You will search Kael’s collected work in vain for a theory, a system, or even a consistent set of principles. The Library of America volume is an anthology of hunches, prejudices, preoccupations and reactions. But that is what makes it so lively, and what makes Kael such a thrilling and vexing writer even now, when the particular movies she wrote about have either faded into semi-oblivion or been granted safe passage into the canon. She will not lead you to correct positions, but she is an example of the right way to do criticism, which is with everything you have.

DARGIS Given how badly she comes across in the biography — palling around with filmmakers she reviewed is merely the beginning — she doesn’t set a good example. Her passion for film burned bright and long, but what’s missing, at least in this telling, is an equal passion for, and pleasure in, life beyond the screen. The book is queasily readable, but it reconfirms that Kael’s work no longer speaks to me. I rarely if ever, find myself thinking, gee, I really want to reread her hyperventilated rave of Robert Altman’s “Nashville.” What’s more interesting now is how she continues to function as a player and signifier in certain discussions about ’60s and ’70s American cinema, at least for an earlier generation.

If she still casts a shadow it’s less because of her ideas, pugilistic writing style, ethical lapses and cruelties (and not merely in her reviews), and more because she was writing at a time when movies, their critics and, by extension, the mainstream media had a greater hold on American culture than they do now. In his book “Easy Riders, Raging Bulls” Peter Biskind relates a story from the mid-’80s when Kael turned to Richard Schickel at a meeting of film critics and said, “It isn’t any fun anymore.” Mr. Schickel asked her why and she replied: “Remember how it was in the ’60s and ’70s, when movies were hot, when we were hot? Movies seemed to matter.” The thing is, they did matter and still do, just differently.

One thing that changed was the role of the film critic, who by the mid-’80s no longer had to persuade a skeptical, sometimes hostile general audience that it was necessary to take movies seriously. In 1967, though, Kael had to explain in The New Yorker why and how “Bonnie and Clyde” was important (and in 9,000 words!). She was part of a critical vanguard spreading the new film gospel in reviews, books, talk shows, everywhere. They were true pop cultural figures. The critic Judith Crist even shilled for a feminine-hygiene spray. She later said that she did the ad because Richard Avedon took the photos, she could write most of the text and the ad would reach more than 100 million readers. Also: she got $5,000.

But by the mid-’80s, when Kael was missing the old hotness, Siskel and Ebert were already famous.

SCOTT I think it’s still fun, still hot — though maybe not feminine hygiene hot — and that mourning of lost golden ages is a recipe for reactionary myopia. Still, it certainly helped that Kael was around at a time when movies were newly and contentiously acknowledged as a serious art form while still thriving as a medium of mass entertainment. Perhaps more than any other film critic, she dramatized in her writing a tension between the seductions of pop and the demands of art. (Not that she was alone. Susan Sontag grappled with similar contradictions, as, in their way, did first-generation rock critics like Robert Christgau and Kael’s friend Greil Marcus.)

She’s often characterized as a champion of trashy pleasures, but that’s not quite right. She could be withering about the “Fantasies of the Art-House Audience” but also suspicious of the mindless sensationalism (“jolts for jocks”) that commercial cinema seemed intent on feeding the larger public. As a result, she was accused of snobbery and also of philistinism, and at various points in her oeuvre both charges seem to stick.

One thing I learned from Mr. Kellow’s book was that, in her younger years, Kael (who was born in 1919), was part of an avant-garde literary and artistic scene in San Francisco and New York that included the poet Robert Duncan and, somewhat tangentially, the composer Samuel Barber. But she was impatient with this world. The filmmaker James Broughton, her former lover (and the father of her daughter, Gina James), once wrote: “She deplored little magazines, little theater, little films. She valued the big time, the big number, the big screen.” She was, that is, at once a bohemian rebel and also a rebel against bohemianism, which explains some of the intellectual syncopation of her work — the embrace of the mainstream and the recoil from it, the contradictory desire to find in movies both specialness and universality.

DARGIS Her bohemian background is intriguing, more so than her tenure at The New Yorker. It’s hard not to wonder if her later antipathy toward avant-garde cinema was born out of those early San Francisco years, including her relationship with Broughton. Certainly her outsider identity, as a Californian among other things, remained significant. You quoted Irving Howe as saying that she wasn’t writing from a secure critical tradition, but she didn’t need to. She was writing from the gut, the heart, the heat of the moment, but more crucially, she was writing at a time in cultural history when the lines between high and mass art had broken down, liberating movies and her.

As critics, all we have are our beliefs, ideals, prejudices, blind spots, our reservoirs of historical and personal knowledge, and the strength of our arguments. There are empirical truths that we can say about a movie: it was shot in black and white or color, on film or digital, in widescreen or not, directed by this or that filmmaker. But beyond these absolutes there is only our thinking, opinions, ideologies, methodological approaches and moments in time. That isn’t to say that criticism is a postmodern anything goes; it is to admit that critics are historical actors and that our relationships with movies, as with everything in life, are contingent on those moments. Her moment was exciting. So too is ours.

Movies and criticism have kept moving and it’s worth noting that because of the Internet, there are now more critics than ever and more cinematically knowledgeable ones, too — the diffusion of expertise is one reason that critics no longer have the impact they did. They have an effect — if not the visibility, book contracts or talk-show stints — and what’s out there now is more of a din than the chattering of a water cooler discussion. And there’s an astonishing amount of exciting work coming out of academia. These are boom times for new and old media studies, though you wouldn’t necessarily know that from the entertainment media and its obsessive emphasis on celebrity, the Oscars and the box office.

SCOTT I agree that notwithstanding a certain amount of fluff and noise, we are living in an age of varied and vigorous criticism. And that if a certain cachet and bravura has been lost, quite a bit has been gained in terms of intellectual brio and open debate.

Speaking of which, I confess that I’ve never quite understood the Andrew Sarris-Pauline Kael beef, which supposedly galvanized and polarized the critical world in the ’60s, ’70s and ’80s. The personal animus and coterie vendettas are quite real, of course, and still have some vestigial presence in our profession, but the idea that Mr. Sarris and Kael represent opposed positions does not really stand up to scrutiny.

Though he is famous as the leading American proponent of the “auteur theory,” Mr. Sarris has often pointed out that it is not a theory in the strong, scientific sense (like the theory of evolution or the theory of relativity), but rather a guiding intuition: that a film is a work of art and the principal artist is the director. For all the scorn she heaped on Mr. Sarris, in practice Kael’s habit was to focus on the director, to champion the ones she thought were advancing the art and to rap their knuckles when they fell short of her expectations. And Mr. Sarris, for all his reputation as a formalist, has always been interested in movies as a source of aesthetic pleasure. What their rivalry defined was not a war of ideas but a climate of argument.
https://www.nytimes.com/2011/10/16/m...er-legacy.html





Son Of Sennheiser President Buys Headphones: They're Counterfeit
Janice Podsada

Sennheiser Electronic Corp., a high-end audio maker based in Old Lyme, hopes to knock out scores of websites and unauthorized vendors selling knock-offs — counterfeit versions — of its audio equipment, including headphones and microphones.

In one case, a phony pair of Sennheiser headphones was purchased from an unauthorized dealer by the son of Sennheiser's president. When Jeremy Falcone complained to his father, company president John Falcone, "It was, 'Hey Dad, these headphones I bought sound horrible!'"

Turns out, those horrible-sounding headphones were counterfeit, John Falcone said.

Sennheiser, a German company whose U.S. headquarters located in Old Lyme, filed a dozen federal lawsuits this week in U.S. District Court for the Central District of California. The lawsuits, which allege trademark infringement and other violations, identify more than 100 suspicious web sites and dealers in the U.S. andChina engaged in the sale of counterfeit Sennheiser-branded products.

Falcone said Tuesday that as more pirate websites and unauthorized dealers selling forgeries are identified, "more lawsuits will be forthcoming."

The audio-maker launched the legal barrage after recently experiencing an increase in the number of warranty claims for Sennheiser-branded headphones.

When engineers at the Old Lyme facility looked at Jeremy's purchase and others, they discovered the faulty headphones were counterfeit versions sold by individuals and businesses in New York, Florida, Illinois, Ohio, Virginia, Kentucky and Indiana and China.

The sound quality of the counterfeit headphones is "much" inferior, but visually they look similar to authorized Sennheiser products, John Falcone said.

"There was a slight difference in the color of the cable, but when you open up the counterfeit ones the difference is night and day," Falcone said. "The phony headphones weren't properly soldered or wired."

Depending on the model, Sennhesier headphones sell from about $79 to $199. Websites and vendors offering the counterfeit versions typically price them from $29 to $59.

"If the offer seems too good to be true, it's too good to be true. It's likely they're counterfeit," Falcone said.

The company hopes to send a loud and clear legal message to counterfeiters: "messing with the Sennheiser brand will not be tolerated and will be prosecuted to the full extent of the law," he said.

"We want the crooks to know that we're going to do everything and anything possible to protect our good name."

Experts say the problem of counterfeit audio equipment is widespread and on the rise.

"Anyone in the premium audio market is experiencing it," Falcone said.

Consumers can ensure they're buying Sennheiser products by purchasing them through an authorized dealer.
http://www.courant.com/business/hc-s...,2811374.story
















Until next week,

- js.



















Current Week In Review





Recent WiRs -

October 15th, October 8th, October 1st, September 24th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public." - Hugo Black