P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 29-07-15, 08:07 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - August 1st, '15

Since 2002


































"We are left with a program that spent $3 billion, and we really don’t know what became of it." – Mark Goldstein






































August 1st, 2015




Researchers Claim They’ve Developed a Better, Faster Tor

HORNET, a high-speed onion routing network, could be deployed on routers as part of the Internet.
Sean Gallagher

Tor, the world's largest and most well-known "onion router" network, offers a degree of anonymity that has made it a popular tool of journalists, dissidents, and everyday Internet users who are trying to avoid government or corporate censorship (as well as Internet drug lords and child pornographers). But one thing that it doesn't offer is speed—its complex encrypted "circuits" bring Web browsing and other tasks to a crawl. That means that users seeking to move larger amounts of data have had to rely on virtual private networks—which while they are anonymous, are much less protected than Tor (since VPN providers—and anyone who has access to their logs—can see who users are).

A group of researchers—Chen Chen, Daniele Enrico Asoni, David Barrera, and Adrian Perrig of the Swiss Federal Institute of Technology (ETH) in Zürich and George Danezis of University College London—may have found a new balance between privacy and performance. In a paper published this week, the group described an anonymizing network called HORNET (High-speed Onion Routing at the NETwork layer), an onion-routing network that could become the next generation of Tor. According to the researchers, HORNET moves anonymized Internet traffic at speeds of up to 93 gigabits per second. And because it sheds parts of Tor's network routing management, it can be scaled to support large numbers of users with minimal overhead, they claim.

Like Tor, HORNET encrypts encapsulated network requests in "onions"—with each layer being decrypted by each node passing the traffic along to retrieve instructions on where to next send the data. But HORNET uses two different onion protocols for protecting anonymity of requests to the open internet and a modified version of Tor's "rendezvous point" negotiation for communication with a site concealed within the HORNET network.

When sending a request to a site that isn't protected by HORNET, a more Tor-like "Sphinx" onion protocol is first used to set up the channel. "Each Sphinx packet allows a source node to establish a set of symmetric keys, one for each node on the path through which packets are routed," the researchers explained. Those keys, created via a Diffie-Helman exchange, are used to encrypt the "Forwarding Segment"—the chain of session state information for the stream of data packets that follow. "The [Forwarding Segment] allows its creating node to dynamically retrieve the embedded information (i.e., next hop, shared key, session expiration time), while hiding this information from unauthorized third parties," Chen et al wrote.

For the actual data packets, the sending system collects all of the forwarding segments from each node on the channel to the destination and combines them into what the researchers call an anonymous header (AHDR). "An AHDR grants each node on the path access to the [forwarding segment] it created, without divulging any information about the path except for a node’s previous and next nodes," they explained. The data itself is "onioned", encrypted with the keys for each of the nodes in the channel, until it reaches its destination. The upside of this approach, Chen et al said, is that it drastically reduces the cryptography work required for each packet, as well as the amount of session flow information the network has to manage.

For communications between two nodes that are both anonymized by HORNET—a scenario like Tor's method of connecting users' requests to "hidden services"—the researchers propose an approach that lets any node on the network act as a rendezvous point for communication to keep both the source and destination of traffic hidden from each other. Hidden services select a rendezvous point and set up a session using the Sphinx protocol, then publish an AHDR to a directory that has the encrypted information about how to get from the rendezvous point to the service. When a client goes to connect to a service, it finds the rendezvous point in the directory, along with the AHDR for the trip to the service, and then builds its own connection to the rendezvous point—adding the AHDR provided to get to the service to its own and a header with information for the return trip back.

The upsides of this scheme—in addition to the fact that any node can act as a rendezvous point without having to maintain state information about the connection—are that a service can advertise multiple rendezvous points in a directory, and a client can pick one that is closest in terms of network time. The two ends can also re-negotiate the route traffic takes through a better rendezvous point to improve performance as channels are expired. On the downside, the size of the headers used to communicate between the two is doubled in size,

As implemented in its testing, HORNET's routing nodes can actually be embedded in network routers. The researchers build HORNET infrastructure code into Intel software routers using the Data Plane Development Kit (DPDK). HORNET client code, which included hidden services, was built in Python. "To our knowledge, no other anonymity protocols have been implemented in a router SDK," the researchers wrote.

HORNET, like Tor, is not immune to targeted attacks on anonymity. If an attacker, such as a government agency or law enforcement organization, could control more than one of the nodes along a path selected for a HORNET channel, they would be able to perform "confirmation attacks"—the sort of timing analysis, flow analysis, and packet tagging that other security researchers have demonstrated could be used against Tor. "HORNET cannot prevent such confirmation attacks targeting individual users," the researchers concluded. "However, HORNET raises the bar of deploying such attacks for secretive mass surveillance: the adversary must be capable of controlling a significant percentage of ISPs often residing in multiple geopolitical boundaries, not to mention keeping such massive activity confidential."
http://arstechnica.com/information-t...er-faster-tor/





New File Sharing Site Keybase Promises Better Security Than Dropbox
Paige Edenfield

Everybody should make an effort to better protect themselves (and their information) on a daily basis. Use two-factor authentication. Encrypt emails. Make sure any of the software you download hasn’t been messed with. But it’s such a headache to do all this on the reg.

Enter Keybase, a new file sharing site that’s claiming to offer better protection than Dropbox. Originally, the company started out with the intention to make life easier to encrypt email. Now, they’ve expanded into other areas including Dropbox-style file sharing where they’re hoping to have a significant impact. They’re off to a good start too. Keybase just landed a $10.8 million in funding.

“Encryption shouldn’t be something only a hacker can do,” says Max Krohn, co-founder and co-developer of Keybase. “It should be something that anyone using a workstation in their daily lives should be able to use effectively. You shouldn’t have to understand crypto in order to use these products.”

Keybase will primarily focus on public-key encryption. The basic idea is that you create two keys: a “public key” that can be used to scramble messages in a way that can only be deciphered by using a second “private key.” But your keys can be used for more than just messages. They can be used for signing messages (as a proof of authenticity) and other files too.

The company wants to solve the problem of finding the public key of someone you want to share a message with. As a solution to this problem, Keybase created a central repository for public keys and uses sites like Reddit and Twitter to verify that you are who you say you are. So basically, it’s kind of like a social network in itself for sharing keys.
http://news.filehippo.com/2015/07/ne...urity-dropbox/





Anti-Piracy Champions BREIN Took Down 128 File Sharing Sites in Last Six Months
Andre Yoskowitz

Anti-piracy champions BREIN took down 128 file sharing sites in last six months Dutch anti-piracy firm BREIN put in some serious work during the first half of the year, effectively taking down 128 file sharing sites and also obtaining injunctions against major torrent uploaders.
BREIN's main tactic was pressuring local webhosts to take down "illegal" sites, and 128 were taken down during the first six months of the year. 22 were BitTorrent sites, 37 were streaming video portals and two were cyberlockers that were distributing unauthorized music. The rest of the sites linked to content hosted via Usenet or cyberlockers.

The group, like many other anti-piracy firms have noted, says many pirate sites have tried to hide their locations using Cloudflare but that their locations can be uncovered. "BREIN believes that the services provided by CloudFlare to illegal providers should be discontinued after notification by BREIN," the group added.

Additionally, the firm managed to get 12 ex-parte injunctions so far this year (court orders where the defendant is not present), four against large torrent uploaders, one against a major Usenet uploader, one against "an important moderator" for a major torrent site, two against major eBook pirates and even one against an alleged video game pirate that was modifying consoles.

Finally, the company also sent 1.4 million takedown notices to Google to have allegedly infringing links removed from the search engine.
http://www.afterdawn.com/news/articl...ast-six-months





Music Group Blasts CBS for Promoting Illegal Download Sites
Claire Atkinson

A music group is ripping mad at CBS chief Les Moonves for helping the rip-off artists.

Apple and Google are working to disable illegal download sites, but CBS’ CNET tech site is promoting them, according to an industry-wide music coalition.

The 16-member group, including the influential Recording Industry Association of America and actors’ union SAG-AFTRA, wrote Tuesday to CBS CEO Moonves to ask him to address the issue at his company’s unit.

CBS’ tech Web site has “made various computer, web and mobile applications available that induce users to infringe copyrighted content by ripping the audio or the audio and video from what might be an otherwise legitimate stream,” the letter reads.

The group singles out CNET’s coverage of places to perform illegal stream ripping. Among those that take YouTube’s content are Free YouTube Downloader.

Also, CNET’s Download.com list of top 10 apps includes two video downloaders that convert content to MP3s — Free YouTube Downloader and YTD Video Downloader.

“All of the software indexed on Download.com is legal,” a CBS Interactive spokesman told The Post.

CNET reviewed the sites in December 2014, saying they were a convenient way of storing YouTube videos for online viewing, according to screen-grabs obtained by the group.

At another site, Youtube-MP3.org, users are told: “You do not need an account, the only thing you need is a YouTube URL.”

The services allow consumers to convert songs and videos to their own devices and discourage them from buying products, according to the group.

“Why isn’t CBS doing more to deter this illegal activity?” the group asked in the letter.

The letter also points out that both Apple and, yes, even YouTube owner Google have taken action to protect against YouTube ripper apps.
http://nypost.com/2015/07/29/music-g...ownload-sites/





Filmmakers Fighting “Happy Birthday” Copyright Find their “Smoking Gun”

A 1927 kids' songbook proves "conclusively the song is in the public domain."
Joe Mullin

It's been two years since filmmakers making a documentary about the song "Happy Birthday" filed a lawsuit claiming that the song shouldn't be under copyright. Now, they have filed what they say is "proverbial smoking-gun evidence" that should cause the judge to rule in their favor.

The "smoking gun" is a 1927 version of the "Happy Birthday" lyrics, predating Warner/Chappell's 1935 copyright by eight years. That 1927 songbook, along with other versions located through the plaintiffs' investigations, "conclusively prove that any copyright that may have existed for the song itself... expired decades ago."

If the filmmakers' lawyers are right, it could mean a quick route to victory in a lawsuit that's been both slow-moving and closely watched by copyright reform advocates. Warner/Chappell has built a licensing empire based on "Happy Birthday," which in 1996 was pulling in more than $2 million per year.

Plaintiff Jennifer Nelson's movie is actually called Happy Birthday, and it's about the song. She had to pay Warner/Chappell $1,500 to use the song in her movie, and that didn't sit well with the documentarian. She's seeking to get that money back and also represent a class of plaintiffs who have paid similar licensing fees to Warner/Chappell on a copyright she and her lawyers say is illegitimate.

The 1927 songbook referenced above was found in a batch of 500 documents provided by Warner/Chappell earlier this month. That cache included "approximately 200 pages of documents [Warner/Chappell] claim were 'mistakenly' not produced during discovery, which ended on July 11, 2014, more than one year earlier," Nelson's lawyers write.

The new filing comes as US District Judge George King was just two days away from holding a hearing about whether or not songwriter Patty Hill abandoned her rights to the lyrics. The plaintiffs say that the newly discovered songbook evidence is so strong that the copyright abandonment issue is moot.

"[T]he documents prove conclusively that the song is in the public domain, thus making it unnecessary for the Court to decide the scope or validity of the disputed copyrights, much less whether Patty Hill abandoned any copyright she may have had to the lyrics," they write.

Missing notice

Reading the motion is an exercise in understanding the mind-boggling complexity of music copyright.

In 1927, Chicago music publisher The Cable Company produced the 15th edition of the children's song book called The Everyday Song Book (Graded). It included the "Good Morning" and "Birthday Song," which featured the melody for "Good Morning To You," a song dating back to the 19th century, combined with Patty Hill's lyrics for both "Good Morning" and "Happy Birthday."

Further investigation showed that the song appeared in editions stretching back to 1922, which in the plaintiffs' view "proves conclusively" that "Happy Birthday" entered the public domain no later than that year. The song was printed without a copyright notice unlike other songs in the book. Rather, it included a notice that read "Special permission through courtesy of The Clayton F. Summy Co."

The Summy company is a publisher whom Warner/Chappell has maintained never authorized any pre-1935 publishing of the "Happy Birthday" lyrics.

That important line of text published underneath the song's lyrics was "blurred almost beyond legibility" in the copy that Warner/Chappell handed over in discovery. Plaintiffs' lawyers note that it's "the only line of the entire PDF that is blurred in that manner."

Plaintiffs acquired their own copies of the songbook, including a first edition published in 1916, which didn't have the song, and versions published 1922 and later, which include it without a copyright notice.

That's critical, because under the 1909 Copyright Act which was then in force, a published work had to include the word “Copyright,” the abbreviation "Copr., " or the "©" symbol, or "the published work was interjected irrevocably into the public domain."

The plaintiffs argue that the 1922 publication without proper notice forfeited copyright in the work. Even if the judge overseeing the case doesn't agree with them, however, there's a secondary argument: the copyright for the whole 1922 songbook expired in 1949.

There's even a third line of defense: even if the work had been published in 1922 with proper notice, and even if that copyright had been renewed in 1949 (which the plaintiffs say it wasn't), the song still would have become public domain at midnight on December 31, 1997.

Warner/Chappell hasn't yet responded to the motion. Since a hearing was scheduled for Wednesday, it's likely there will be some further developments in the case later this week.

Warner/Chappell "should admit defeat but they won't because too much money is at stake," plaintiffs' lawyer Randall Newman told The Hollywood Reporter, which first reported the new motion.
http://arstechnica.com/apple/2015/07...r-smoking-gun/





Newegg vs. Patent Trolls: When We Win, You Win
Dennis Kralik

In this latest round of Newegg vs. the patent trolls, Newegg went against a company that claimed its patent covered SSL and RC4 encryption, a common encryption system used by many retailers and websites. This particular patent troll has gone against over 100 other companies, and brought in $45 million in settlements before going after Newegg. We won. Winning against these trolls has become a national pastime for us.

Why is Winning So Important?

Winning these court cases is great for business. It means we don’t have to pay huge settlements that hurt our ability to keep prices low. It also means other vendors are a little safer, as these trolls tend to eat their way up the food chain, picking on the smaller businesses first and then using their winnings to take on the larger ones.

What is a Patent Troll?

These are usually individuals or companies who have purchased very loosely written patents, and try to use it against any store. An example of this is Sovereign who bought the rights to a shopping cart. Every web site uses a shopping cart to keep track of customer products while they shop. So Sovereign filled lawsuits with many retail companies. Incidentally, Newegg beat Sovereign, too. Patents like these are so vague they could apply to thousands of businesses and this is where the problem really becomes an issue for all of us.

Patent trolls are bad for any business out there. They often prey on smaller companies, who would rather pay out than take them on directly in court. These trolls hurt innovation and end up costing everyone. It’s a sad situation as many of these small businesses end up in million dollar lawsuits that force them to close before they can even make it in today’s economy.

But you don’t have to take my word for it, here is what Lee Cheng has to say about this directly:

“Unfortunately, small businesses and even individual developers/entrepreneurs have been threatened and sued too. There are a number of different troll “species,” and bottom feeders literally send thousands of claim letters out or file hundreds of lawsuits. Their math says that it always costs less to give them the money they demand than to mount a legal defense,” Lee Cheng, Newegg CLO.

How Do You Win?

While these cases are costly for us to fight, victory helps us save money. And it helps us provide better deals to you. Every time we score a victory, we all win. #WeWinYouWin Keep your eyes open for our celebratory sale. It starts midnight tonight (7/27/2015)!

Here at Newegg we will continue to fight the good fight to keep everyone safe from these types of trolls, and hope that you will support us along the way.
http://blog.newegg.com/newegg-vs-pat...e-win-you-win/





Why Can't Streaming Services Get Classical Music Right?
Anastasia Tsioulcas

Why is classical music so hard to enjoy on streaming services? In one word, it's metadata. Metadata is the information that coexists with every digital music file: each and every piece of information about a selection of music that a listener might find useful to know, and what makes the information in one file discernible from the next. In the case of classical music, relevant and important metadata includes the name of the piece of music, the composer, the album it's from, the performers, the label that released the recording and the year it was recorded.

If that metadata is wrong, or — as is so often the case — incomplete, then there's a big problem. Call it the "tree falling in a forest" conundrum: If classical recordings can't be found and heard, they functionally cease to exist.

And it's easy to see how things can head south, very fast, when it comes to classical music: We're talking about a genre that, in its broadest strokes, encompasses hundreds of years' worth of music, many thousands of composers and performers, very similar titles (ex: Franz Joseph Haydn's Symphony No. 103 versus his Symphony No. 104), multiple movements within most compositions and innumerable recordings, with each piece of music recorded by many different artists. No wonder the metadata gets complicated.

Let's take one pretty "easy" case as just one example of a common metadata conundrum, based on the artist/song/album paradigm that governs most streaming sites and online stores. Those are the three pieces of metadata that consumers can see or use as search parameters, and even deciding who might qualify as the "artist" isn't clear, to use one example.

Say I want to hear Leonard Bernstein conducting Beethoven's Symphony No. 9. Well, Bernstein recorded this symphony three different times — with the New York Philharmonic, the Vienna Philharmonic and also at a historic performance in 1989 in Berlin shortly after the fall of the Berlin Wall, with members of four different orchestras (the London Symphony Orchestra, the New York Philharmonic, the Kirov Orchestra from then-Leningrad and the Orchestre de Paris).

But let's keep our hypothetical more simple, and assume that we're looking for Bernstein's recording of the Beethoven Ninth with the New York Philharmonic. There are also four vocal soloists on that recording — soprano Martina Arroyo, mezzo-soprano Regina Sarfaty, tenor Nicholas di Virgilio and bass Norman Scott. The performance also includes the Juilliard Chorus, directed by Abraham Kaplan.

In this example, who would be listed as the artist? (Bernstein? Beethoven? The 100-plus players in the New York Philharmonic? Arroyo et al? The Juilliard Chorus or its conductor?) And as soon as some individual plugs in one of those names in the "artist" field as the sole piece of metadata in that category, then the other pieces of information are all too often essentially lost — and won't come up in searches.

To this end, I try a little experiment, searching for some specific pieces of classical music on some of the most popular streaming services. First, I try to look for Mozart's classic operatic comedy The Marriage of Figaro on Spotify. I decide to duck the matter of language in the title — the original, Italian Le Nozze di Figaro versus its English equivalent — by typing just "Mozart" and "Figaro" into the search bar. I get hundreds of results back, but Spotify recommends that I start with the one in which the artist field begins with "Donato Di Stefano."

OK. The track Spotify suggests to me is 4 minutes, 17 seconds long. The full opera runs about three and a half hours in total. So what is Spotify giving me? Ah, yes, the overture. But I only know that by hearing it. If I were a newbie, I'd have no clue. (Then I realize that if I know to hover my mouse on the teeny titling in the lower left, and wait patiently, staring intently at the screen, the word "overture" will eventually crawl by.) The soloists are also listed in a crawl running across the bottom left of the page in the "artist" field. So is the orchestra, the conductor, all the soloists, Mozart himself and the opera's librettist, Lorenzo Da Ponte, who died in 1838. But if I were a newcomer who only recognized Mozart's name, I'd assume, entirely reasonably, that this Mr. Da Ponte sings on this album.

The next "Mozart" and "Figaro" track Spotify suggests is, again, the overture, this time played by the Wiener Philharmoniker — that is, the Vienna Philharmonic, but I have to know enough German to translate it myself — conducted by Erich Kleiber. It's taken from a compilation album called Mozart Hits. Hmm. I like their snappy tempo and the crisp, clean playing. How do I find them performing the whole opera? I have to go searching again, starting from square one — this time looking for "Mozart" plus "Figaro" plus "Kleiber." Aha — there it is. After a bunch of compilations, including Mozart Hits, the full recording it comes up — twice, under two different album covers. (Are they the same recording? Different? How would a neophyte know?) I realize that this is Kleiber's famous 1955 recording featuring bass Cesare Siepi as Figaro ... but, again, there's no way I would learn that from Spotify.

I give up on searching for specifics, and switch over instead to a more passive kind of listening, the way a more casual music fan might choose to use the service. I decide to try out Spotify's classical radio station for some background listening while I work. (First challenge: scrolling through nearly two dozen other "genres & moods" options to wend my way to "classical.")

The first thing I hear is the middle movement of Beethoven's Sonata No. 23, the "Appassionata," a work written for solo piano. But there's no way for me to see that this is just one movement, not the whole piece. There's also no mention of who the pianist is, and the cover is so badly digitized that I have a hard time making it out. Pavel Serebriakov, I think it says: he was a Soviet-era artist, very little known in the West, who taught at the Leningrad Conservatory. Hmm. It's an odd choice, considering that there are probably over 100 (or more) currently-in-print recordings of this piece made by different pianists, many of them very famous. Why is this the one that Spotify has pulled up? There's no indication.

Next up: Pandora. I decide to plug in one of the most popular classical artists of our time, pianist Lang Lang, to create a "station." After I hear Lang Lang play a little Chopin, the next track up is Murray Perahia playing the slow middle movement of Beethoven's Piano Concerto No. 5. I can just make out from the album cover that it's Bernard Haitink who is conducting, but there's no way of figuring out which orchestra I'm hearing. Also, there's no indication on Pandora that I'm listening to only this one movement out of a much larger work — Beethoven's Fifth Piano Concerto has three movements.

This is another enduring headache that vexes all of my streaming adventures. Classical music is generally (though not always) written in movements: Collections of smaller compositions, each quite different in emotion and impact, are juxtaposed together into one larger work. But in every instance, on all the streaming services, one track equals one movement, so I find myself skidding along from emotion to emotion, missing larger compositional arcs. What's on offer is bleeding chunks of music that are missing the rest of their limbs. (And if I buy a symphony or other long work to download, by the way, I'll have to pay for each movement individually, or else buy the whole album.)

Back to my Beethoven woes: Pandora has started in the second movement, smack in the middle of the whole concerto; there's no way to start at the beginning of the piece and hear it the whole way through. Once I'm through Beethoven's supreme yearning and tenderness — and missing the concerto's triumphant and jubilant concluding third movement altogether — I'm thrust into the middle of something else: a slow movement of one of Carl Philipp Emanuel Bach's six symphonies for strings and continuo. Which symphony exactly? Who knows? I have no idea which movement this is, either. Pandora doesn't divulge this information.

Wanting to get away from more languid picks, I type "Stravinsky" into Pandora's search bar, hoping to hear something bracing. It puts me in the middle of his orchestral suite to the ballet "The Firebird." Pandora informs me that it has picked music that "exemplifies the musical style of Igor Stravinsky which features a 20th century ballet score, a tranquil mood, a subdued, expressive aesthetic, an acclaimed work and a well-known composer."

So what about a not well-known composer? After all, one of the delights of streaming is stumbling upon music you don't already know. So I type in "Havergal Brian," a not-very-well-known 20th-century British composer. What Brian lacks in name recognition, he makes up in prolixity: He wrote more than 200 pieces in all, including more than 30 symphonies. Surely, Pandora might have some gems of his to share. In response, Pandora feeds me the last movement of Dvorak's Ninth Symphony, "From The New World." Pandora's Music Genome Project earnestly explains to me that the Dvorak was selected for my "Havergal Brian" station for its qualities of being "an acclaimed work, a well-known composer, a romantic-era style, a symphony orchestra and tonal harmony." It's also one of the most popular classical works ever written. So much for new music discovery.

I decide also to check out the recently added music playlists that Amazon now offers to its Prime members. In 2015, these playlists are like a flashback to the late 1990s, when nearly every classical music label offered easy-to-swallow, mood-driven compilations to serve as aural wallpaper, from The Most Relaxing Classical Album in the World....Ever! to Bach at Bedtime. Amazon's playlists read down like variations on a theme: Among them are "Classical Dreamtime," "Relaxing Classical Music," "Relaxing Classical Piano," "Classical for Yoga," "Classical for Meditation" and "In Flight: Classical" (tag line: "Make relaxing classical music your soundtrack as you take to the skies").

I'm writing as I listen, so I try Amazon's "Mellow Classical for Work" playlist for inspiration. There's no listing of any of the composers anywhere, so the "song" listings read along the lines of: "Quintetto No. 4 In Re Maggiore: 'Fanda...'" (That's it.) I have no clue who the composer is. The playlist also includes a lot of New Age selections that set my teeth on edge, thereby missing the "mellow" target by a pretty big margin.

With that, I head over to iTunes Radio. I choose the contemporary classical station, and am dropped headfirst into the fourteenth section of Steve Reich's "Music for 18 Musicians." Once again, I have no idea who the artists are: I see Steve Reich's name, the name of the piece, the name of the movement, and nothing else. (I sense a theme emerging.) As soon as that track is over, the service feeds me a Ravi Shankar selection called "Meetings Along the Edge." What is this doing here on the contemporary (Western) classical station? Oh, I know — it's one of his collaborations with Philip Glass. How do I happen to know this? Only because I produced the reissues of their work together myself. Otherwise, it would be a complete mystery — there's no mention of Philip Glass anywhere on the page.

Next up, I get a track from a Chanticleer Christmas album. The piece is called "Ave Maria." Who's the composer? Not a clue. I like the vocal textures, but I'd never be able to figure out who wrote it without interrogating Google: I'd need to find a site that lists the specific album that iTunes has shown me — from a vocal group that has recorded no less than eight Christmas projects — that also lists the composers of each track. (Metadata!) And that's a huge pain for something that just caught my ear momentarily.

Frustrated, I go to iTunes' "Best of Classical" channel — and I get five Mozart selections in a row. The last one is an aria from ... The Marriage of Figaro. Sigh. At least I feel like I've come full circle.

The other huge issue, in terms of classical streaming, is sound quality. It stands to reason that picky, "elitist" classical music fans would also be picky about audio standards as well. And while it's entirely true that bit rates don't matter one whit when you're listening through standard-issue earbuds, most of the best-established current services don't emphasize great audio quality. Mahler's epic, sweeping Fifth Symphony, for example, is a watery shadow of itself when I hear it (listening on very good headphones) at 160 kpbs on Spotify's free service. Lossless sound is one of the biggest points of differentiation that Tidal is trying to make for itself, but so far the scope of their classical offerings and the quality of their metadata have been a disappointment.

The problems, then, are obvious. But do the streaming services care about making things better for classical music lovers?

Right now, it seems pretty unlikely. Classical music, as a genre, hovers at about three percent of total market share in the U.S. What's good enough for more than 90 percent of these services' consumer base is, simply, good enough.

Internationally, the need to upgrade streaming options appears to be even less urgent — at least for now. The International Federation of the Phonographic Industry, the organization that represents the interests of the recording industry globally, just released its annual report on digital music in mid-April. Germany is certainly still one of the most important centers for classical music worldwide, and serves as A&R home to staple record labels like Deutsche Grammophon (DG), Sony Masterworks and ECM. The country also remains a huge market for classical music.

According to the 2015 IFPI report, classical, combined with two other genres that tend to appeal to older listeners ("schlager" and German regional folk music) makes up 16 percent of Germany's total market sales. (The figure for classical alone has hovered somewhere between six and eight percent in recent years.) Across all genres in the U.S., the IFPI reports that revenues are now precisely split between 46 percent physical (CDs and vinyl) and 46 percent digital, including downloads and streaming. (The remainder is made up by performance and synch rights.) In Germany, however, physical product still makes up 70 percent of total sales. As such, the desires and evolving habits of American consumers may not be a top priority for the classical music recording industry.

Even so, a few classical-only online stores, both in the United States and elsewhere, have sprung up, advertising precise and easily searchable metadata, and often high-quality audio, among their main selling points. I spoke with Sean Hickey, the vice president of sales and business development for Naxos of America, which distributes more than 600 record labels. (Hickey is also himself an accomplished composer.) Not only does Naxos run two streaming sites of its own, but it also does business with all the music stores and streaming services.

Hickey says that there's a very clear reason why I was running into so much trouble when I was searching for music by particular composers and performers. "On the mainstream platforms," he explains, "searches rely on popularity, not accuracy. A more discerning site would go the other way around."

Hickey adds that some of the biggest names in streaming have courted the idea of doing more to cater to classical listeners — but so far, from his perspective, it's been just talk. "Classical punches way above its weight, percentage-wise, in terms of how popular it is on streaming services like Spotify," he notes. "Some of the most popular Spotify playlists on include classical-centric ones like 'Intense Studying' and 'Peaceful Piano.' And some of them have gotten streamed hundreds of thousands of times." But at the same time, Hickey adds, that doesn't mean that they've made search capabilities on their service any better. "Spotify has made rumblings many times about doing more, and being a lot more specific," he says, "but nothing's been done yet."

In terms of actually having accurate and well-refined metadata in their possession, Hickey says, iTunes is "head and shoulders above everyone else. They have one or two musicologists on staff," he adds, "and their style guide is nearly 60 pages long." (iTunes' requirements for classical music metadata alone takes up seven pages in its October 2013 iteration.)

"But the problem, and the frustration for classical fans," Hickey continues, "is that they don't utilize the strength of all that data. They say that one day it will be as rich or robust as anyone else, including the classical specialist sites — but not yet."

In the meantime, a number of new and already established classical music sites have raced to make their own proprietary streaming services, focused entirely on classical music lovers. They include the popular online store Arkiv Music, which launched its own subscription streaming service last December; Classical Archives, which was originally founded in 1994 as a site for free MIDI versions of classical music, before repositioning itself as a digital download and streaming site; and Classics Online HD LL, which industry giant Naxos soft-launched in November as a consumer-targeted parallel to its Naxos Music Library service, which is aimed primarily at schools, libraries and other institutions. Sony Music Entertainment also launched a very brief-lived and now defunct online download store called Ariama in 2009, but shut its doors within two years of launching. (I was the founding editor for Ariama, and left Ariama in 2011 to join NPR.)

These classical-dedicated sites are a solution for some people — those who know that they exist, for starters, who are willing to fork over the subscription fees — which currently range from $8 to $19.95 a month — and who are willing to open up yet another site or app on their computers or mobile devices. And for the vast majority of music fans — those who aren't knowledgeable about classical per se, but who might be curious and interested in hearing more — classical music remains distant and inaccessible. It's everyone's loss.
http://www.npr.org/sections/therecor...al-music-right





While Its Streaming Service Booms, Netflix Streamlines Old Business
Emily Steel

It was just past sunrise on an early-spring morning at Netflix’s DVD operations here, where metallic arms whirred in a giant glass box and rolling carts holding millions of DVDs lined the walls. The company’s iconic red envelopes buzzed through an assembly line at the other end of the warehouse.

The machine sucked a returned Netflix mailer into the system then proceeded to slice open the envelope, identify and clean the disc inside, check that the DVD worked and reinsert it into the original sleeve. That disc was then returned to the storage carts or shipped out to another customer who had requested the title.

About 3,400 discs zip through the rental return machine each hour, five times as many as when teams of Netflix employees used to process the discs by hand. Called the Amazing Arm by engineers here, the machine symbolizes the way Netflix has managed to maintain a profitable physical DVD operation even as it transforms itself into a global streaming service.

Netflix now counts more than 65 million streaming members in more than 50 countries and plans to expand across the world in the next 18 months. But that breakneck growth comes at a cost: The company expects its streaming business to just break even globally through 2016 as it pours billions of dollars into content and an aggressive expansion.

Helping fuel that expansion is the company’s dwindling, often ignored DVD-by-mail operation, known for envelopes that wind up under sofa cushions and viewed by many as an anachronism in an era of lightning-fast streaming.

Netflix has 5.3 million DVD subscribers, a significant falloff from its peak of about 20 million in 2010; still, the division continues to churn out hundreds of millions of dollars in profit each year. And behind the scenes, engineers are trying to improve customer service and streamline the labor-intensive process of returning, sorting and shipping millions of DVDs each week.

Netflix has not put a life expectancy on its DVD division. Even as its subscriber count shrinks, the group has kept a core base of customers, particularly in rural zones with lackluster Internet service and among people who want access to the breadth of its selection, and executives expect it to stay around. To hold on to those customers — and the profits they bring — Netflix continues to deploy state-of-the-art technologies that help trim costs as well as improve customer service.

“If you cut back on service, you are going to lose your subscriber base,” said Hank Breeggemann, general manager of Netflix’s DVD division, who has worked for the company for 13 years. “Expect us to continue to ship DVDs for the foreseeable future.”

Here at the Fremont hub, Netflix used to employ about 100 people to handle the returning, sorting and shipping of the DVDs. Today, about 25 employees work through the night, largely assisting the machines. Their shifts start at about 2 a.m. By 8 a.m., the discs are out the door and the steady buzz of the machines starts to fade.

“Embrace change — that’s what I’ve learned here at Netflix,” Mr. Breeggemann said. “If you don’t like change, this is the wrong place. Something is going to change every single day.”

If anything, the Netflix story is one of perpetual change. The software executives Reed Hastings and Marc Randolph founded Netflix in 1997 to offer online movie rentals by mail. Netflix introduced streaming in 2007 and plans to be fully global by 2017.

Netflix’s transformation has been rocky at times, but its evolution has become an example of how companies can adapt, tapping their legacy businesses to fuel growth in new areas as the ground underneath them shifts.

Executives said the process was challenging and required juggling two distinct cultures, one with fast-paced growth and the other in long-term decline, as well as managing intense pressure from investors and investing in new initiatives, many of which did not work.

The hurdles are often significant, and few companies make the jump. Only about 10 percent of the companies that appeared on the original Fortune 500 in 1955 remain on the list today.

“That ability to move while the plane is flying from a tailwind to a headwind is challenging, and Reed has done an amazing job of making those changes,” said Tim Armstrong, chief executive of AOL, which for years slogged through a transformation of its own — from a subscription-based Internet service to an ad-supported digital media business. When AOL was sold to Verizon Communications last month, most of its profits still came from its legacy subscription business.

Four years ago, Mr. Hastings, Netflix’s chief executive, said one of his greatest fears was that the company would not make the leap from DVDs to streaming.

At the time, Netflix was suffering a humiliating blow after its disastrous attempt to increase prices and split into two companies — one for its dwindling DVD mailing group and another for streaming. About a million customers canceled their subscriptions, while Netflix’s share price plummeted from $300 to less than $53.

“Most companies that are great at something — like AOL dialup or Borders bookstores — do not become great at new things people want (streaming for us) because they are afraid to hurt their initial business,” Mr. Hastings said in a September 2011 blog post, in the midst of the tumultuous period.

“Eventually these companies realize their error of not focusing enough on the new thing, and then the company fights desperately and hopelessly to recover,” he continued. “Companies rarely die from moving too fast, and they frequently die from moving too slowly.”

Within months, Netflix had publicly abandoned the separation. But behind the scenes, it quietly divided the company in two. The streaming side focused on luring subscribers around the globe and producing original series like the political drama “House of Cards,” while the DVD division focused on managing the subscriber decline of the mail service by making it more efficient. The two groups have separate management teams, headquarters that are about 25 miles apart and different employee incentives.

“What’s interesting is that although the business is in a slow decline, there is still a huge demand there,” Mr. Breeggemann said of the DVD side, noting that Netflix had about 93,000 titles on DVD and next-day delivery service for 92 percent of its subscribers.

At its peak, Netflix operated about 50 distribution centers across the country. Now that number is down to 33. The introduction of automation technologies has allowed the company to process more DVDs and expand service areas. Netflix also has reworked its schedule to sync with new delivery standards at the United States Postal Service.

“Yes, we still do DVDs,” Mr. Breeggemann said with a laugh, responding to a comment that many people were not aware that Netflix still provided discs. “It is a completely different company.”
http://www.nytimes.com/2015/07/27/bu...-business.html





The “Pixel” Plot

How Sony Sanitized the New Adam Sandler Movie to Please Chinese Censors
Clare Baldwin and Kristina Cooke

The Hollywood studio changed “Pixels” for global audiences, removing an attack on the Great Wall and other politically sensitive plot points, internal emails show. The goal: increase the film’s chances of being shown in the huge China market.

That scene is gone from the final version of the sci-fi comedy, starring Adam Sandler and released by Sony Pictures Entertainment this week in the United States. The aliens strike iconic sites elsewhere, smashing the Taj Mahal in India, the Washington Monument and parts of Manhattan.

Sony executives spared the Great Wall because they were anxious to get the movie approved for release in China, a review of internal Sony Pictures emails shows. It is just one of a series of changes aimed at stripping the movie of content that, Sony managers feared, Chinese authorities might have construed as casting their country in a negative light.

Along with the Great Wall scene, out went a scene in which China was mentioned as a potential culprit behind an attack, as well as a reference to a “Communist-conspiracy brother” hacking a mail server – all to increase the chances of getting “Pixels” access to the world’s second-biggest box office.

“Even though breaking a hole on the Great Wall may not be a problem as long as it is part of a worldwide phenomenon, it is actually unnecessary because it will not benefit the China release at all. I would then, recommend not to do it,” Li Chow, chief representative of Sony Pictures in China, wrote in a December 2013 email to senior Sony executives.

Li’s message is one of tens of thousands of confidential Sony emails and documents that were hacked and publicly released late last year. The U.S. government blamed North Korea for the breach. In April, WikiLeaks published the trove of emails, memos and presentations from the Sony hack in an online searchable archive.

“We are not going to comment on stolen emails or internal discussions about specific content decisions,” said a spokesman for Sony Pictures, a unit of Tokyo-based Sony Corp. “There are myriad factors that go into determining what is best for a film’s release, and creating content that has wide global appeal without compromising creative integrity is top among them.”

Chinese government and film-industry officials didn’t respond to requests for comment for this story.

“Pixels” wasn’t the only Sony movie in which the China content was carefully scrutinized. The emails reveal how studio executives discussed ways to make other productions, including the 2014 remake of “RoboCop,” more palatable to Chinese authorities.

In a 2013 email about “RoboCop,” the senior vice president at Sony Pictures Releasing International at the time, Steve Bruno, proposed relocating a multinational weapons conglomerate from China. His solution: Put it in a Southeast Asian country like Vietnam or Cambodia. Ultimately, that change wasn’t made, a viewing of the movie shows. Bruno has since left Sony.

The Sony emails provide a behind-the-scenes picture of the extent to which one of the world’s leading movie studios exercised self-censorship as its executives tried to anticipate how authorities in Beijing might react to their productions. The internal message traffic also illustrates the deepening dependence of Hollywood on audiences in China, where box office receipts jumped by almost a third last year to $4.8 billion, as revenues in the United States and Canada shrank.

Other studios have made changes to movies in a bid to get them approved by Beijing, altering the version that is screened in China. A scene showing a Chinese doctor who helps the main character in “Iron Man 3,” for example, was lengthened in the Chinese version and included popular Chinese actress Fan Bingbing, a comparison of the Chinese and international versions shows. Produced by Marvel Studios, “Iron Man 3” was the second top grossing movie in China in 2013. Marvel declined to comment.

THE LOGIC OF SELF-CENSORSHIP

In the case of “Pixels,” in which the aliens attack Earth in the form of popular video game characters, the Sony emails point to the creation of a single version for all audiences – a China-friendly one. The logic behind Sony’s thinking was explained by Steven O’Dell, president of Sony Pictures Releasing International, in a September 12, 2013 email about “RoboCop.”

“Changing the China elements to another country should be a relatively easy fix,” O’Dell wrote. “There is only downside to leaving the film as it is. Recommendation is to change all versions as if we only change the China version, we set ourselves up for the press to call us out for this when bloggers invariably compare the versions and realize we changed the China setting just to pacify that market.”

Efforts by the U.S. motion-picture industry to woo China come as the ruling Communist Party under President Xi Jinping is engaged in the biggest crackdown on civil society in more than two decades. About a dozen human rights lawyers were taken into police custody this month, and hundreds of dissidents have been detained since Xi took power in late 2012.

As China rises, its efforts to contain civil liberties at home are radiating outward. The removal of scenes from “Pixels” thought to be offensive to Beijing shows how global audiences are effectively being subjected to standards set by China, whose government rejects the kinds of freedoms that have allowed Hollywood to flourish.

“I think the studios have grown pretty savvy,” said Peter Shiao, founder and CEO of Orb Media Group, an independent film studio focused on Hollywood-Chinese co-productions. “For a type of movie, particularly the global blockbusters, they are not going to go and make something that the Chinese would reject for social or political reasons. That is already a truism.”

Sony’s emails were hacked ahead of the release of “The Interview,” a comedy depicting the assassination of North Korean leader Kim Jong-un. When Sony halted the film’s release in response to threats made against movie theaters, U.S. President Barack Obama warned of the dangers of self-censorship. (A Sony spokesman said the studio cancelled the theatrical release “because theater owners refused to show it.”) Ultimately, Sony released the movie.

“If somebody is able to intimidate folks out of releasing a satirical movie, imagine what they start doing when they see a documentary that they don’t like, or news reports that they don’t like,” Obama said at his year-end White House press briefing. “Or even worse, imagine if producers and distributors and others start engaging in self-censorship because they don’t want to offend the sensibilities of somebody whose sensibilities probably need to be offended. That’s not who we are. That’s not what America is about.”

A FAST & FURIOUS GROWTH RATE

For Hollywood studios, the allure of the Chinese box office has become increasingly difficult to resist. While box office receipts in the United States and Canada combined fell five percent last year to $10.4 billion compared with 2013, box office receipts in China jumped 34 percent to $4.8 billion in the same period, according to the Motion Picture Association of America Inc.

China is on course to set a new record this year: Box office receipts were $3.3 billion in the first half of 2015, China’s state-run media reported. Action movie “Fast & Furious 7” was the best ticket seller in China by early June 2015, grossing $383 million – higher than the $351 million in the United States and Canada combined. It was followed by “Avengers: Age of Ultron” and “Jurassic World.”

Last November, the vice president of the China Film Producers’ Association, Wang Fenglin, said the Chinese film market would overtake the United States to become the largest in the world within three years.

The importance of the China market appears to have informed decisions taken by Metro-Goldwyn-Mayer Studios Inc in its 2012 remake of the action movie “Red Dawn.” MGM changed the nationality of the soldiers who invade the United States from Chinese to North Korean in post-production, according to Red Dawn producer Tripp Vinson. MGM did not respond to requests for comment.

To get on the circuit in China, a movie must win the approval of the Film Bureau, which is headed by Zhang Hongsen, a domestic television screenwriter and senior Communist Party member. “Foreign films come to China one after another like aircraft carriers; we are facing great pressure and challenges,” Zhang said last year. “We must make the Chinese film industry bigger and stronger.”

The Film Bureau is part of the State Administration of Press, Publication, Radio, Film and Television (SAPPRFT), which reports directly to China’s cabinet, the State Council. The administration controls state-owned enterprises in the communications field, including China Central Television and China Radio International.

Censorship guidelines are included in a 2001 order issued by the State Council. The order bans content that endangers the unity, sovereignty and territorial integrity of China, harms national honor and disrupts social stability. Harming public morality and national traditions is forbidden.

SAPPRFT guidelines also include bans on material seen as “disparaging of the government” and political figures. The broadening scope of these guidelines can be seen in an email sent last November by Sanford Panitch, who has since joined Sony as President of International Film and Television, to Sony Entertainment CEO Michael Lynton.

The email outlines new measures that were being implemented by SAPPRFT officials: “What is different is now they are clearly making an attempt to try to address other areas not been specified before, decadence, fortune telling, hunting, and most dramatically, sexuality,” Panitch wrote.

Studios also have to work with China Film Group Corp, a state-owned conglomerate that imports and distributes foreign movies. In some cases China Film also acts as an investor. In the emails, Sony executives discussed a co-financing arrangement whereby China Film will cover 10 percent of the budget of “Pixels.” China Film is run by La Peikang, a Communist Party member and the former deputy head of the Film Bureau.

“TOO MUCH MONEY ON THE LINE”

A total of 34 foreign films are allowed into China each year under a revenue-sharing model that gives 25 percent of box office receipts to foreign movie studios. Fourteen of those films must be in “high-tech” formats such as 3D or IMAX.

The censorship process in China can be unpredictable, the Sony emails show. In early 2014, the studio was faced with a demand to remove for Chinese audiences a key but disturbing scene from “RoboCop,” the story of a part-man, part-machine police officer.

“Censorship really hassling us on Robocop…trying to cut out the best and most vital scene where they open up his suit and expose what is left of him as a person,” reads a January 28, 2014 email written by international executive Steven O’Dell. “Hope to get through it with only shortening up the scene a bit. Don’t think we can make a stand on it either way, too much money on the line, cross fingers we don’t have to cut the scene out.”

“Recommendation is to change all versions as if we only change the China version, we set ourselves up for the press to call us out for this….”
Steven O’Dell, president of Sony Pictures Releasing International

The political climate under President Xi may also be playing a role, one email indicates. “As to greater flexibility, I am not so sure about that,” Sony China executive Li Chow wrote in early 2014, commenting on a media report that Beijing was mulling an increase in its foreign film quota. “The present government seems more conservative in all aspects and this is reflected by the repeated cuts to Robocop. Lately, members of the censorship board seem uncertain, fearful and overly careful.”

In the messages in which “Pixels” is discussed, Sony executives grapple with how to gauge the sensitivities of the Chinese authorities.

In a November 1, 2013 email, Li Chow suggested making a number of changes to the script, including the scene in which a hole is smashed in the Great Wall. “This is fine as long as this is shown as part of a big scale world-wide destruction, meaning that it would be good to show several recognizable historical sites in different parts of the world being destroyed,” she wrote.

She also advised altering a scene in which the President of the United States, an ambassador and the head of the CIA speculate that China could be behind an attack using an unknown technology. In the final version, which moviegoers are now getting to see, the officials speculate that Russia, Iran or Google could be to blame.

“China can be mentioned alongside other super powers but they may not like ‘Russia and China don’t have this kind of technology’,” Li wrote in the email. “And in view of recent news on China hacking into government servers, they may object to ‘a communist-conspiracy brother hacked into the mail server...’”

“THE UNWRITTEN RULE”

In mid-December 2013, Li suggested doing away with the Great Wall scene altogether, saying it was “unnecessary.”

Around the same time, the emails show Sony executives also discussed relocating a car-chase scene involving the video-game character Pac-Man from Tokyo to Shanghai, and whether that might help with the release date in China.

Li Chow advised against the change. “As to relocating the Pac-Man action from Tokyo to Shanghai, this is not a good idea because it will involve destruction all over the city and may likely cause some sensitivity,” she wrote in a December 18, 2013 email. “In other words, it is rather hard to say whether it would be a problem because the unwritten rule is that it is acceptable if there is no real intention in destroying a certain building or street and if it is just collateral damage. But where would you draw the line?”

Ultimately, all references to China in the movie were scrubbed. That decision appears to have been made in early 2014. “It looks like Doug is going to heed Li’s advice and get all China references out of Pixels (including not using the Great Wall as one of the set pieces),” international executive O’Dell wrote, referring to then-Columbia Pictures President Doug Belgrad.

The cost of not winning approval to distribute a movie in China is also evident in the Sony emails. In February 2014, a Sony marketing executive circulated an email: “Please note that CAPTAIN PHILLIPS will not be released theatrically in China” – a reference to the movie in which Tom Hanks stars as Captain Richard Phillips, who was taken hostage by Somali pirates in 2009.

Budget discussions about “Captain Phillips,” contained in the emails, show Sony executives had expected to earn $120 million globally from the movie, but that changed when they didn’t get approval for it to be screened in China. “We are short $9M and we won’t be getting into China,” emailed notes from a conference call read. “We need to grab every dollar we can to meet our objectives. It is incumbent on all of us to try to figure out how we can get more money from this picture.”

In a December 2013 email, Rory Bruer, president of worldwide distribution at Sony Pictures, had speculated that “Captain Phillips” was unlikely to be approved by China’s censors. In the film, the U.S. military rescues the ship’s captain. That plot element, Bruer noted, might make Chinese officials squirm.

“The reality of the situation is that China will probably never clear the film for censorship,” wrote Bruer. “Reasons being the big Military machine of the U.S. saving one U.S. citizen. China would never do the same and in no way would want to promote this idea. Also just the political tone of the film is something that they would not feel comfortable with.”

Beijing shows every sign of being comfortable with “Pixels.” This week, Sony had some good news: “Pixels” has been approved for release in China. It opens there on September 15.

Additional reporting by Viola Zhou in Hong Kong, Megha Rajagopalan in Beijing and Piya Sinha-Roy in Los Angeles
http://www.reuters.com/investigates/...rt/china-film/





Cameron Tells Pornography Websites to Restrict Access by Children or Face Closure

PM says he will introduce legislation that could see websites shut down if they fail to bring in effective age-restricted controls
Patrick Wintour

David Cameron is to give pornography websites one last chance to produce an effective voluntary scheme for age-restricted controls on their sites or he will introduce legislation that could see them shut down.

At the election the then culture secretary, Sajid Javid, said the party would act to ensure under-18s were locked out of adult content and the Conservative election Facebook page in April promised legislation to achieve this.

It followed a Childline poll that found nearly one in 10 12-13-year-olds were worried they were addicted to pornography and 18% had seen shocking or upsetting images.

In a consultation to be launched in the autumn, the government will seek views on how best to introduce measures to further restrict under-18s’ access to pornographic websites.

The industry, in the shape of either UK-based websites or internet service providers, will be given an opportunity to develop proposals to block content through payment providers, such as advertisers and other means.

The consultation will also consider the best form of legislation should voluntary agreements not work. A regulatory approach could see primary legislation introduced to make it an offence in the UK to publish pornography online without age verification controls, possibly with a regulator to oversee and enforce controls.

The government recognises the spread of the internet makes it a challenge to find a form of legislation that would cover such sites both in the UK and internationally. The government has raised the prospect of setting up a pornography regulator to oversee the process and fine firms that breach either legislation or the voluntary guidelines.

The top 10 most frequented pornography sites in the UK take 52% of traffic and have next to no controls. Government sources said “all provide free content upfront and none have robust age verification to protect under-18s in place at present, whilst DVDs containing explicit pornographic content are subject to age controls for purchase in licensed sex shops.”

The aim is to ensure that the rules that apply offline apply online, giving parents the peace of mind of knowing that their children can use the internet safely.

Cameron said his government was working “to make the internet a safer place for children, the next step in this campaign is to curb access to harmful pornographic content, which is currently far too widely available.

“I want to see age restrictions put into place or these websites will face being shut down.”

The minister for internet safety and security, Joanna Shields, said: “As a result of our work with industry, more than 90% of UK consumers are offered the choice to easily configure their internet service through family-friendly filters – something we take great pride in having achieved. It’s a gold standard that surpasses those of other countries.

“Whilst great progress has been made, we remain acutely aware of the risks and dangers that young people face online. This is why we are committed to taking action to protect children from harmful content. Companies delivering adult content in the UK must take steps to make sure these sites are behind age verification controls.”

Although these figures are hard to verify, Comscore statistics show that many children in the UK view online pornography. In May 2015, one in five under-18s in the UK visited an adult site and one in 10 UK visitors to adult sites were children. Pornography tops the list of online risks named by children, with more than one in five young people expressing concern about such content, according to Kids Online research in 2013.

At the time the Conservatives first made their proposals, the Mothers’ Union chief executive, Reg Bailey, who was commissioned by Cameron to investigate the commercialisation and sexualisation of childhood, said it was “a really welcome development”.

He said: “A key recommendation of the Letting Children Be Children review ... was to help parents protect children from inappropriate content on the internet, especially pornography.

“Although huge progress has been made, this is a real step forward.”
http://www.theguardian.com/culture/2...ng-pornography





Comcast Killed The Ed Show For Talking About TPP
Farron Cousins

When it comes to coverage of the Trans Pacific Partnership, no one in the corporate media covered the issue more than Ed Schultz on MSNBC’s The Ed Show. When it was announced last week that they were pulling the plug on his program, they effectively killed the only national voice that was talking about the disaster of a trade deal on cable news.

According to Media Matters, between August 1, 2013, and January 31, 2015, Ed Schultz covered the TPP on 71 different segments, not including the time he brought up the issue during the network’s coverage of the State of the Union Address in 2015. The only other host who mentioned the TPP during this same time period was Chris Hayes, who only mentioned it one time in passing on his show. The rest of the network’s personalities remained completely silent on the issue during this 18-month period.

What does this coverage have to do with Ed’s show being cancelled? Alternet’s Ziad Jilani lays it out:

It has to be noted that Comcast, the company that owns MSNBC, is a big supporter of the TPP. Comcast hired a phalanx of lobbyists to spearhead a targeted campaign to push for Trade Promotion Authority, which recently passed. Included among the individuals it was paying was the former chief of staff for former House Majority Leader Eric Cantor (R-VA).

According to the Centre for Research on Globalization, Comcast is one of the few companies that have been brought in behind closed doors – where our elected Representatives don’t even get to go – to help review and consult with leaders about the global trade agreement. Comcast is hungry for the power they would receive from the TPP because it would gut regulations for all industries, so they had to silence the only voice on their new network that had the courage to talk about how horrible the trade deal would be for American citizens.

And it isn’t just that Ed was covering the TPP – it is that other MSNBC hosts are deliberately NOT covering the TPP. For example, former Republican Congressman Joe Scarborough has made no apologies for his lackluster show refusing to cover the issue. After all, with ratings as poor as Joe’s, he can’t afford to rock the boat.

That brings us to the most glaring piece of evidence that shows Comcast canned Ed for political reasons – Ed’s ratings.

MSNBC has been struggling with their ratings for several years, with the last 12 months proving to be exceptionally painful for the network. But they are using the guise of low ratings to cut Ed’s show, which anyone with access to the Internet can prove is not true in a matter of seconds. Ed’s show consistently out-performs shows like Morning Joe, Politics Nation, and usually beats out All In with Chris Hayes and Up with Steve Kornacki. But all of these hosts get to keep their positions with the network because they aren’t challenging the establishment – they tow the corporate line.

Ed’s voice is going to be sorely missed on MSNBC, but with any luck he will be back on our televisions in the very near future. The biggest lesson here is to abandon the corporate-controlled media because they ALWAYS have an agenda, and that agenda now calls into question the integrity of all personalities willing to stay with that network.
http://www.ringoffireradio.com/2015/...ing-about-tpp/





Smoking Gun: MPAA Emails Reveal Plan To Run Anti-Google Smear Campaign Via Today Show And WSJ
Mike Masnick

If you talk to the reporters who work for various big media companies, they insist that they have true editorial independence from the business side of their companies. They insist that the news coverage isn't designed to reflect the business interests of their owners. Of course, most people have always suspected this was bullshit -- and you could see evidence of this in things like the fact that the big TV networks refused to cover the SOPA protests. But -- until now -- there's never necessarily been a smoking gun with evidence of how such business interests influences the editorial side.

Earlier this month, we noted that the Hollywood studios were all resisting subpoenas from Google concerning their super cozy relationship with Mississippi Attorney General Jim Hood, whose highly questionable "investigation" of Google appeared to actually be run by the MPAA and the studios themselves. The entire "investigation" seemed to clearly be an attempt to mislead the public into believing that it was somehow illegal for Google's search engine to find stuff that people didn't like online. A court has already ruled that Hood pretty clearly acted in bad faith to deprive Google of its First Amendment rights. As the case has continued, Google has sought much more detail on just how much of the investigation was run by the MPAA and the studios -- and Hollywood has vigorously resisted, claiming that they really had nothing to do with all of this, which was a laughable assertion.

However, in a filing on Thursday, Google revealed one of the few emails that they have been able to get access to so far, and it's stunning. It's an email between the MPAA and two of Jim Hood's top lawyers in the Mississippi AG's office, discussing the big plan to "hurt" Google. Beyond influencing other Attorneys General (using misleading fake "setups" of searches for "bad" material) and paying for fake anti-Google research, the lawyers from Hood's office flat out admit that they're expecting the MPAA and the major studios to have its media arms run a coordinated propaganda campaign of bogus anti-Google stories:

Media: We want to make sure that the media is at the NAAG meeting. We propose working with MPAA (Vans), Comcast, and NewsCorp (Bill Guidera) to see about working with a PR firm to create an attack on Google (and others who are resisting AG efforts to address online piracy). This PR firm can be funded through a nonprofit dedicated to IP issues. The "live buys" should be available for the media to see, followed by a segment the next day on the Today Show (David green can help with this). After the Today Show segment, you want to have a large investor of Google (George can help us determine that) come forward and say that Google needs to change its behavior/demand reform. Next, you want NewsCorp to develop and place an editorial in the WSJ emphasizing that Google's stock will lose value in the face of a sustained attack by AGs and noting some of the possible causes of action we have developed.

In other words, Jim Hood and the MPAA were out and out planning a coordinated media attack on Google using the editorial properties that supposedly claim to have editorial independence from the business side. Notice that with the WSJ piece, they flat out admit that the editorial will be based on the ideas that "we" have developed. If you work for the WSJ, your editorial independence just got shot down. Remember when CBS stepped in and interfered editorially with CNET for giving an award to Dish at the same time that CBS was in a legal fight over that same device? That resulted in reporters quitting.

This is worse.

This is an out and out case where the MPAA is admitting to a plan whereby it will use mainstream media properties to run bogus and misleading stories to "attack" Google, to further the MPAA's (believed, but misleadingly so) business interests. Is this really how the Today Show and the WSJ pick their editorial topics?

The "plan" goes even further after that, getting the MPAA to find (and almost certainly pay for) a lawyer to work with the "shareholder" previously identified to file legal filings against Google.

Following the media blitz, you want Bill Guidera and Rick Smotkin to work with the PR firm to identify a lawyer specializing in SEC matters to work with a stockholder. This lawyer should be able to the [sic] identify the appropriate regulatory filing to be made against Google.

As Google notes in its legal filing about this email, the "plan" states that if this effort fails, then the next step will be to file the subpoena (technically a CID or "civil investigatory demand") on Google, written by the MPAA but signed by Hood. As Google points out, this makes it pretty clear (1) that the MPAA, studios and Hood were working hand in hand in all of this and (2) that the subpoena had no legitimate purpose behind it, but rather was the final step in a coordinated media campaign to pressure Google to change the way its search engine works. It's pretty damning:

The document thus shows that the CID was not the foundation of a legitimate investigation—rather, it was a “final step” that would be issued only “if necessary” to further pressure Google to capitulate to the demands of AG Hood and his supporters.

The court has yet to rule on what else Hollywood needs to turn over, but just from what's coming out already, serious questions are being raised (1) about Jim Hood and his office and what they were up to as well as (2) the editorial independence of the media arms of the MPAA studios, including both NBCUniversal ("the Today Show") and NewsCorp. (the Wall Street Journal).
https://www.techdirt.com/articles/20...shtml#comments





Technology Is Magic, Just Ask The Washington Post
Jon Evans

Most people don’t understand how technology works. When they flip a light switch, or tap their phone, what happens next is essentially magic to them. Oh, they may be able to handwave a bit about electrons and volts and microprocessors and radio waves and packet-switched networks, but they’re just mouthing the words. They don’t actually understand any of those things. They’ve never done the math.

Which is fine! Not everyone can or should be an engineer. And as Arthur C. Clarke once said, “Any sufficiently advanced technology is indistinguishable from magic.” Our collective network of pocket supercomputers, communicating almost instantaneously across the globe, comes pretty close to “sufficiently advanced” on its good days.

But “technology is magic” is a dangerous meme. It makes non-engineers begin to believe that technology really can do anything its wizard-engineers desire. It causes them to not understand that they don’t understand. And so it leads to Very Serious People making risibly embarrassing–and potentially dangerous–mistakes.

Last week the editorial board of the Washington Post reiterated their demand that Apple, Google, etc., compromise the security of their users’ communications by building in back doors for law enforcement. This is a terrible, terrible idea, as I’ve mentioned before. But hey, don’t listen to me: listen to Whitfield Diffie, Ron Rivest, Bruce Schneier, and a whole Justice League of infosec legends, who write:

We have found that the damage that could be caused by law enforcement exceptional access requirements would be even greater today than it would have been 20 years ago […] Exceptional access would force Internet system developers to reverse forward secrecy design practices that seek to minimize the impact on user privacy when systems are breached […] new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws [and] raises difficult problems about how such an environment would be governed and how to ensure that such systems would respect human rights and the rule of law.

As Elissa Shevinsky writes in the [i]Christian Science Monitor[i]: “Law enforcement’s argument today is just as flawed now as it was in the 1990s. We cannot bend software or cryptography to our will. Technology is science, not magic.”

Worst of all, any attempt to enforce this kind of magical thinking will still not prevent genuine bad guys from using strong encryption without back doors. That genie is long out of the bottle, widely available, and open-source. We’d get all of the multitudinous problems associated with built-in back doors, and few-to-none of the alleged benefits.

So how did the Very Serious People of the Washington Post editorial board respond to this chorus of “no, bad, terrible, stupid, stop it!” from people who actually know what they’re talking about? Why, by doubling down on their ignorance—

There are legitimate and valid counter arguments from software engineers, privacy advocates and companies that make the smartphones and software […] They say that a compromise isn’t possible, since one crack in encryption — even if for a good actor, like the police — is still a crack that could be exploited by a bad actor […] We urged Apple and Google, paragons of innovation, to create a kind of secure golden key that could unlock encrypted devices, under a court order, when needed. The tech sector does not seem so inclined.

With all due respect to the WaPo’s editorial board–which is to say, very little–that is breathtakingly dumb. They acknowledge that engineers say that it is not possible to do the thing that they want, and that their arguments are “legitimate and valid” — and then, in the very next breath, they try to reframe that as ‘the engineers refuse to do it.’

It does not even seem to cross their collective mind that they simply cannot have what they want, that no “secure golden key” can or will exist. Engineering is all about tradeoffs. Security, or “golden key” back door: pick one. You can’t have both. That bird won’t fly. It is mythical nonsense.

But that kind of engineering analysis doesn’t mean anything to people who don’t understand technology, who think that it’s magic. Magic, after all, has no limitations–and to the Washington Post’s editorial board, there is apparently no meaningful distinction between technology and magic.

Who, you might ask, are the members of this august body? Here you go. If any of them has the slightest hint of a technical background, their biographies hide it well1. And yet they are happy to pontificate stentorian nonsense on a subject where they are effectively illiterate. I’m torn between horror that important decision-makers might actually take their collective opinion at all seriously, and sheer embarrassment on their behalf.

If you don’t understand how technology works — especially a technical subgenre as complex and dense as encryption and information security — then don’t write about it. Don’t even have an opinion about what is and isn’t possible; just accept that you don’t know. But if you must opine, then please, at least don’t pretend technology is magic. That attitude isn’t just wrong, it’s actually dangerous.
http://techcrunch.com/2015/07/25/tec...shington-post/





French Constitutional Court Approves New Powers for Intelligence Services

Decision clears final hurdle for a law which was accelerated after January terror spree in Paris
Sam Schechner and Matthew Dalton

France’s top constitutional court mostly upheld a new French surveillance law that would give intelligence services broad new powers to spy in France and abroad.

The court-backed provisions of the law allow a wide range of new surveillance techniques meant for the Internet age, including the collection of “metadata” about online traffic and the use of software that can monitor every keystroke on a computer. The court said intelligence services can use these tools without approval of a judge, though the government must still seek permission from an independent body created to oversee surveillance activities.

The court, known as the Constitutional Council, did strike down a provision of the law that would allow emergency surveillance without the approval of the prime minister or another minister in the government.

This measure is “evidently a disproportionate violation of the right to respect for private life and the confidentiality of communication,” the council said.

The decision, announced late Thursday, clears the final hurdle for a law that was accelerated this spring in the wake of the January terror spree in Paris that left 17 dead, but has raised alarm bells among technology companies and civil liberties groups, which liken it to a French version of the U.S. Patriot Act.

French officials say they need authorization to use new spy tools, such as fake cellular towers that collect phone information, to counter a growing domestic terror threat posed by groups such as Islamic State. But amid opposition to the law, President François Hollande submitted it to the Constitutional Council for review before enacting it.

Opponents say the law undermines privacy and civil liberties because it allows a wide range of surveillance activities without prior approval by a judge. Earlier this month, several groups submitted their own brief to the council, arguing that some of the terminology of the law is so vague as to permit any kind of surveillance, and asking for the removal of several provisions permitting surveillance hacking and other surveillance tools.

Technology and telecom firms have in particular bristled at a provision in the law that could require them to install equipment—which in the debate have been called “black boxes”—that would comb Internet traffic for signs of terrorist activity. Opponents say such algorithmic detection amounts to mass surveillance, a contention French government officials deny.

“Black boxes and algorithms will create permanent surveillance,” said Sen. Cécile Cukierman of the Communist party during a debate in June, citing both George Orwell’s novel “1984” and French theorist Michel Foucault.

In addition to the “black box” provision, the court approved other elements of the law that had been opposed by some legislators and civil liberties groups, such as one that allows intelligence services to obtain from telecommunications companies real-time access to Internet connection data of suspected terrorists. The court also endorsed new powers for intelligence services to bug suspects’ cars and homes to collect images, sound and data.

Another point of contention is the use of devices to spoof cellphone towers, which can be used to track targets and their associates. But such devices can scoop up information on otherwise innocent people nearby.

The law is the second expansion of French surveillance powers passed since 2013, when the government broadened its powers to search Internet metadata. The new law overhauls the entire legal framework for France’s surveillance operations from the ground up for the first time since the 1990s. In some cases, the new law legalizes practices that intelligence officials say are already being used.

The law’s proponents say it creates a new layer of oversight to keep intelligence services in check, more than in the past. A new oversight board, whose chief would be appointed by the government but approved by the legislature, would have the right to give advice on surveillance methods and targets. The board would also be able to challenge intelligence services in administrative court.
http://www.wsj.com/article_email/fre...NzI0NjgyNzY1Wj





N.S.A. Will Not Be Allowed to Keep Old Phone Records
Charlie Savage

Analysts at the National Security Agency will no longer be permitted to search a database holding five years of Americans’ domestic calling records after Nov. 29, the Obama administration said on Monday.

Legislation enacted in June barred the N.S.A. from collecting Americans’ calling records after 180 days, but did not say what would happen to the data already gathered. Under a new system laid out by the USA Freedom Act, the government will not hold the bulk data, which is used to analyze links between callers in search of terrorism suspects.

Earlier this month, the Office of the Director of National Intelligence declined to say whether the government would keep using the data collected under the old procedures or would purge it after the new system is in place.

On Monday, the intelligence office said in a statement that N.S.A. analysts would lose access to the old database after Nov. 29, but that N.S.A. technicians would still be able to view the historical records for an additional three months. That will allow them to compare the data to the calling records produced under the new system, the statement said. After those three months, that access will cease, too.

The N.S.A. said that it planned to then purge the records, but that it must wait for a resolution to lawsuits challenging the program. A court has ordered the N.S.A. to preserve records relevant to the litigation.

“The telephony metadata preserved solely because of preservation obligations in pending civil litigation will not be used or accessed for any other purpose, and, as soon as possible, N.S.A. will destroy” those records, the agency said.

After Congress enacted the Freedom Act, the Obama administration gained approval from the Foreign Intelligence Surveillance Court to keep the old bulk phone records program going during the transition. The American Civil Liberties Union has asked a federal appeals court to partially block the program, but the court has not issued a ruling.

The intelligence court’s rules have required the N.S.A. to purge the data after five years on a rolling basis. The bulk call-data program dates to October 2001, and was revealed in June 2013 in leaks by the former N.S.A. contractor Edward J. Snowden.
http://www.nytimes.com/2015/07/28/us...e-records.html





Major Flaw In Android Phones Would Let Hackers In With Just A Text
Aarti Shahani

Android is the most popular mobile operating system on Earth: About 80 percent of smartphones run on it. And, according to mobile security experts at the firm Zimperium, there's a gaping hole in the software — one that would let hackers break into someone's phone and take over, just by knowing the phone's number.

In this attack, the target would not need to goof up — open an attachment or download a file that's corrupt. The malicious code would take over instantly, the moment you receive a text message.

"This happens even before the sound that you've received a message has even occurred," says Joshua Drake, security researcher with Zimperium and co-author of Android Hacker's Handbook. "That's what makes it so dangerous. [It] could be absolutely silent. You may not even see anything."

Here's how the attack would work: The bad guy creates a short video, hides the malware inside it and texts it to your number. As soon as it's received by the phone, Drake says, "it does its initial processing, which triggers the vulnerability."

The messaging app Hangouts instantly processes videos, to keep them ready in the phone's gallery. That way the user doesn't have to waste time looking. But, Drake says, this setup invites the malware right in.

If you're using the phone's default messaging app, he explains, it's "a tiny bit less dangerous." You would have to view the text message before it processes the attachment. But, to be clear, "it does not require in either case for the targeted user to have to play back the media at all."

Once the attackers get in, Drake says, they'd be able do anything — copy data, delete it, take over your microphone and camera to monitor your every word and move. "It's really up to their imagination what they do once they get in," he says.

There's A Solution, In Theory

According to Zimperium, this set of vulnerabilities affects just about every active Android phone in use. Drake says he discovered it in his lab, and he does not believe that hackers out in the wild are exploiting it. At least not yet.

In correspondence in April and May, he shared his findings with Google, which makes the Android operating system. He even sent along patches to fix the bugs.

"Basically, within 48 hours I had an email telling me that they had accepted all of the patches I sent them, which was great," he says. "You know, that's a very good feeling."

But it goes away very quickly, he says, when you look at how long it'll take his Nexus, my Samsung Galaxy and your LG or ZTE to get those patches. Drake says that as few as 20 percent will get fixed, though the figure may be higher than that, "potentially up to the optimistic number of 50 percent."

Android Partnerships Are Complicated

Just half of affected smartphones is not a very optimistic estimate. And Google agrees with it.

The company declined a recorded interview. But Adrian Ludwig, the lead engineer for Android Security, told NPR the flaw ranks as "high" in their hierarchy of severity; and they've notified partners and already sent a fix to the smartphone makers who use Android.

Whether it gets put into people's phones is not in Google's hands.

Collin Mulliner, senior research scientist at Northeastern University, says, "In this case Google is not the actual one to blame. It's ultimately the manufacturer of your phone, in combination possibly with your carrier."

Android phones are very different from iPhones, for example. Apple runs a closed system. It controls the hardware and software, and it's fairly easy to ship out a major revamp. The company says 85 percent of iPhone users have the latest operating system, iOS8.

According to security firm F-Secure, 99 percent of mobile malware threats in the first quarter of 2014 were designed to run on Android devices.

Google gives its latest version of Android to manufacturers, who then tweak it as they please. Carriers like Verizon and T-Mobile do more tweaking. The blog Android Central has described the challenge of updating the operating system as an "impossible problem." Earlier this year, a hole discovered in the Web-browsing app was left largely unpatched too.

Often, Mulliner says, manufacturers don't have a financial incentive to fix phones already sold.

"If you can save money by not producing updates, you're not going to do that," he says. "Since the market is moving that fast, it sometimes doesn't make sense for the manufacturer to provide an update."

NPR has asked leading phone makers and wireless service providers whether they'll fix the bug. We're waiting for responses and will post them to this page.
http://www.npr.org/sections/alltechc...th-just-a-text





New Flaw Can Render Most Android Phones Unresponsive and Useless

The vulnerability affects more than half of all Android devices, say researchers.
Zack Whittaker

It has not been a great week for Android.

Just days after a new branded bug, dubbed Stagefright, was disclosed in the widely popular mobile software, a new vulnerability threatens to render most Android devices unresponsive to basic tasks.

Discovered by Trend Micro researchers, the security flaw once triggered can put affected devices in a coma-like state, which includes preventing affected phones from making or receiving calls.

An attacker can exploit a flaw through either a malicious app, which the researcher said could have long-term effects on the device, such as crashing the device every time it is turned on.

The researchers said in a blog post, published Wednesday:

The vulnerability lies in the mediaserver service, which is used by Android to index media files that are located on the Android device. This service cannot correctly process a malformed video file using the Matroska container (usually with the .mkv extension). When the process opens a malformed MKV file, the service may crash (and with it, the rest of the operating system).

In doing so, it will render the device mute, meaning no ringtone, message tone, or notification sounds will be heard.

"The user will [have] no idea of an incoming call/message, and cannot even accept a call," and "neither party will hear each other," the blog post read.

The flaw affects devices running Android 4.3 "Jelly Bean" and later, including the latest Android 5.1.1 "Lollipop" update, a range that accounts for more than half of the entire install base.

Researchers said they disclosed the flaw after Google, which develops Android, failed to fix issues which were reported in late May after classifying it as a low-level vulnerability.
http://www.zdnet.com/article/new-and...e-and-useless/





Researchers Hack Air-Gapped Computer With Simple Cell Phone
Kim Zetter

The most sensitive work environments, like nuclear power plants, demand the strictest security. Usually this is achieved by air-gapping computers from the Internet and preventing workers from inserting USB sticks into computers. When the work is classified or involves sensitive trade secrets, companies often also institute strict rules against bringing smartphones into the workspace, as these could easily be turned into unwitting listening devices.

But researchers in Israel have devised a new method for stealing data that bypasses all of these protections—using the GSM network, electromagnetic waves and a basic low-end mobile phone. The researchers are calling the finding a “breakthrough” in extracting data from air-gapped systems and say it serves as a warning to defense companies and others that they need to immediately “change their security guidelines and prohibit employees and visitors from bringing devices capable of intercepting RF signals,” says Yuval Elovici, director of the Cyber Security Research Center at Ben-Gurion University of the Negev, where the research was done.

The attack requires both the targeted computer and the mobile phone to have malware installed on them, but once this is done the attack exploits the natural capabilities of each device to exfiltrate data. Computers, for example, naturally emit electromagnetic radiation during their normal operation, and cell phones by their nature are “agile receivers” of such signals. These two factors combined create an “invitation for attackers seeking to exfiltrate data over a covert channel,” the researchers write in a paper about their findings.

The research builds on a previous attack the academics devised last year using a smartphone to wirelessly extract data from air-gapped computers. But that attack involved radio signals generated by a computer’s video card that get picked up by the FM radio receiver in a smartphone.

The new attack uses a different method for transmitting the data and infiltrates environments where even smartphones are restricted. It works with simple feature phones that often are allowed into sensitive environments where smartphone are not, because they have only voice and text-messaging capabilities and presumably can’t be turned into listening devices by spies. Intel’s manufacturing employees, for example, can only use “basic corporate-owned cell phones with voice and text messaging features” that have no camera, video, or Wi-Fi capability, according to a company white paper citing best practices for its factories. But the new research shows that even these basic Intel phones could present a risk to the company.

“[u]nlike some other recent work in this field, [this attack] exploits components that are virtually guaranteed to be present on any desktop/server computer and cellular phone,” they note in their paper.

Though the attack permits only a small amount of data to be extracted to a nearby phone, it’s enough to allow to exfiltrate passwords or even encryption keys in a minute or two, depending on the length of the password. But an attacker wouldn’t actually need proximity or a phone to siphon data. The researchers found they could also extract much more data from greater distances using a dedicated receiver positioned up to 30 meters away. This means someone with the right hardware could wirelessly exfiltrate data through walls from a parking lot or another building.

Although someone could mitigate the first attack by simply preventing all mobile phones from being brought into a sensitive work environment, to combat an attack using a dedicated receiver 30 meters away would require installing insulated walls or partitions.

The research was conducted by lead researcher Mordechai Guri, along with Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, and Elovici. Guri will present their findings next month at the Usenix Security Symposium in Washington, DC. A paper describing their work has been published on the Usenix site, though it’s currently only available to subscribers. A video demonstrating the attack has also been published online.

Data leaks via electromagnetic emissions are not a new phenomenon. So-called TEMPEST attacks were discussed in an NSA article in 1972. And about 15 years ago, two researchers published papers demonstrating how EMR emissions from a desktop computer could be manipulated through specific commands and software installed on the machine.

The Israeli researchers built on this previous knowledge to develop malware they call GSMem, which exploits this condition by forcing the computer’s memory bus to act as an antenna and transmit data wirelessly to a phone over cellular frequencies. The malware has a tiny footprint and consumes just 4 kilobytes of memory when operating, making it difficult to detect. It also consists of just a series of simple CPU instructions that don’t need to interact with the API, which helps it to hide from security scanners designed to monitor for malicious API activity.

The attack works in combination with a root kit they devised, called the ReceiverHandler, that gets embedded in the baseband firmware of the mobile phone. The GSMem malware could be installed on the computer through physical access or through interdiction methods—that is, in the supply chain while it is enroute from the vendor to the buyer. The root kit could get installed through social engineering, a malicious app or through physical access to the targeted phone.

The Nitty Gritty

When data moves between the CPU and RAM of a computer, radio waves get emitted as a matter of course. Normally the amplitude of these waves wouldn’t be sufficient to transmit messages to a phone, but the researchers found that by generating a continuous stream of data over the multi-channel memory buses on a computer, they could increase the amplitude and use the generated waves to carry binary messages to a receiver.

Multi-channel memory configurations allow data to be simultaneously transferred via two, three, or four data buses. When all these channels are used, the radio emissions from that data exchange can increase by 0.1 to 0.15 dB.

The GSMem malware exploits this process by causing data to be exchanged across all channels to generate sufficient amplitude. But it does so only when it wants to transmit a binary 1. For a binary 0, it allows the computer to emit at its regular strength. The fluctuations in the transmission allow the receiver in the phone to distinguish when a 0 or a 1 is being transmitted.

“A ‘0’ is determined when the amplitude of the signal is that of the bus’s average casual emission,” the researchers write in their paper. “Anything significantly higher than this is interpreted as a binary ‘1’.”

The receiver recognizes the transmission and converts the signals into binary 1s and 0s and ultimately into human-readable data, such as a password or encryption key. It stores the information so that it can later be transmitted via mobile-data or SMS or via Wi-Fi if the attack involves a smartphone.

The receiver knows when a message is being sent because the transmissions are broken down into frames of sequential data, each composed of 12 bits, that include a header containing the sequence “1010.” As soon as the receiver sees the header, it takes note of the amplitude at which the message is being sent, makes some adjustments to sync with that amplitude, then proceeds to translate the emitted data into binary. They say the most difficult part of the research was designing the receiver malware to decode the cellular signals.

For their test, the researchers used a nine-year-old Motorola C123 phone with Calypso baseband chip made by Texas Instruments, which supports 2G network communication, but has no GPRS, Wi-Fi, or mobile data capabilities. They were able to transmit data to the phone at a rate of 1 to 2 bits per second, which was sufficient to transmit 256-bit encryption keys from a workstation.

They tested the attack on three work stations with different Microsoft Windows, Linux, and Ubuntu configurations. The experiments all took place in a space with other active desktop computers running nearby to simulate a realistic work environment in which there might be a lot of electromagnetic noise that the receiver has to contend with to find the signals it needs to decode.

Although the aim of their test was to see if a basic phone could be used to siphon data, a smartphone would presumably produce better results, since such phones have better radio frequency reception. They plan to test smartphones in future research.

But even better than a smartphone would be a dedicated receiver, which the researchers did test. They were able to achieve a transmission rate of 100 to 1,000 bits per second using a dedicated hardware and receiver from up to 30 meters away, instead of a proximity phone. They used GNU-Radio software, a software-defined radio kit, and an Ettus Research Universal Software Radio Peripheral B210.

Although there are limits to the amount of data any of these attacks can siphon, even small bits of data can be useful. In addition to passwords, an attacker could use the technique to siphon the GPS coordinates of sensitive equipment to determine its location—for example, a computer being used to operate a covert nuclear program in a hidden facility. Or it could be used to siphon the RSA private key that the owner of the computer uses to encrypt communications.

“This is not a scenario where you can leak out megabytes of documents, but today sensitive data is usually locked down by smaller amounts of data,” says says Dudu Mimran, CTO of the Cyber Security Research Center. “So if you can get the RSA private key, you’re breaking a lot of things.”
http://www.wired.com/2015/07/researc...le-cell-phone/





Facebook to Scale Up Free Mobile Internet Service to Boost Usage
Aman Shah

Facebook Inc plans to scale up its service to offer free basic Internet on mobile phones, an executive said, after introducing the application in 17 developing countries over the past year.

In a blog post released to mark the first year of the initiative, Facebook said it will open a portal allowing any mobile operator to offer the service under its Internet.org platform. Facebook currently partners with specific operators to launch the service in different countries.

Internet.org has brought over 9 million people online over the past year, Chris Daniels, vice president of product for Internet.org, told Reuters on Monday. Facebook developed the platform with six technology partners to bring an estimated 4.5 billion unconnected people online, mainly in Latin America, Asia and Africa.

It offers pared-down web services for free to users, along with access to Facebook's own social network and messaging services.

Facebook's blog post said that over the past year, the service had bought new users onto mobile networks on average over 50 percent faster and that more than half the people using Internet.org are paying for data to access the wider Internet within 30 days.

"This is really a customer acquisition tool for mobile operators where the benefit to them of offering a very light amount of free data is to bring on more paying subscribers to their networks," Daniels said, speaking over phone from Nairobi, where he is attending a summit.

Facebook was not paying for any of the data being used to access the service, he said.

The Internet.org application, launched in India in February in partnership with Reliance Communications, faced backlash with a number of leading technology and Internet firms pulling out of the service after activists claimed it violated the principles of a neutral Internet.

"I would say India is unique in that respect and very much an outlier. In other markets, Internet.org has been embraced as a pro-connectivity initiative that has garnered a lot of support," Daniels said.

A committee of the telecoms ministry set up to examine the issue of net neutrality earlier this month recommended that collaborations between mobile operators and content providers that enable "gatekeeping" roles should be discouraged.

(Editing by Muralikumar Anantharaman)
http://uk.reuters.com/article/2015/0...0Q10RO20150727





Steady Percentage of Americans Still Do Not Go Online, Study Says
Dino Grandoni

For the first 13 years of the century, Americans embraced the Internet at a whirlwind pace. The percentage of Americans who use the Internet grew to 84 percent in 2013 from 52 percent at the turn of the century, according to data from the Pew Research Center.

But since 2013, the percentage of American adults who go online has remained virtually unchanged, according a new Pew study released on Tuesday. The 15 percent of Americans who still do not use the Internet is essentially the same portion as in 2013.

“A lot of the easy adopters have already been converted,” said Aaron Smith, associate director at the Pew Research Center.

Those Americans who remain offline, Pew found, do so for a number of reasons: the cost of buying a computer and paying a broadband or cellphone bill, the perceived relevance of Internet content or even the physical ability to use devices.

The elderly, for example, face the dual barriers of making less money and having difficulty reading computer text, typing on keyboards and manipulating touch screens.

As a result, age predicts more than anything else whether someone uses the Internet. Thirty-nine percent of Americans 65 and older are still not online, according to Pew.

But those Americans who are not connected to the Internet are also disproportionately black or Hispanic, in part because these groups tend to have lower income and education levels. Some Hispanics may also face the additional barrier of English-language proficiency.

The cost of getting on the Internet was cited by 19 percent of those who did not use it. The people in that situation are caught in a sort of Catch-22. They cannot afford to get access to the Internet, yet access to services like job listings that would help them earn enough to afford Internet access are available largely online.

“Access to technology really mirrors the current wealth gap we see in our country,” said Nicol Turner-Lee, chief researcher at the Multicultural Media, Telecom and Internet Council.

Pew’s Internet adoption rate of 84 percent also includes a number of low-income Americans who are able to go online only with difficulty. They may not have Internet at home, instead getting it at a library or at work.

The federal government often tries to spur Internet service providers and cellular carriers to increase broadband coverage, sometimes compelling them to do so when they seek approval for acquisitions and mergers.

Just last week, when the Federal Communications Commission approved a merger between AT&T and DirecTV, the agency required the company to extend access to high-speed broadband Internet to 12.5 million new customer locations, including schools and libraries.

Still, the Internet holdouts persist.

“There hasn’t been a real effort to address the affordability barrier at the federal level,” said Michael Scurato, policy director of the National Hispanic Media Coalition.

But he and others are optimistic about a new plan by the F.C.C. to expand its Lifeline program, which subsidizes phone service for low-income Americans, to help pay for broadband Internet access as well.

“I think we do a service by reminding people that this thing we think is ubiquitous isn’t actually ubiquitous,” said Mr. Smith, the Pew researcher.
http://bits.blogs.nytimes.com/2015/0...ne-study-says/





Wired to Fail

How a little known agency mishandled several billion dollars of stimulus money trying to expand broadband coverage to rural communities.
Tony Romm

In September 2011, as the U.S. economy continued to sputter in the shadow of the Great Recession, Jonathan Adelstein offered a bold promise on behalf of a tiny federal agency that had long strived to improve the lives of rural Americans.

The administrator of the little-known Rural Utilities Service had just finished announcing $3.5 billion in aid to expand high-speed Internet access to the hardest-to-reach areas of the country. The awards, part of the federal stimulus passed by Congress two years earlier, had been crucial to President Barack Obama’s blueprint for a recovery that would ensure farmers and remote businesses could compete in an increasingly global economy.

“These investments in broadband will connect nearly 7 million rural Americans,” Adelstein pledged in a report to Congress, “along with more than 360,000 businesses and more than 30,000 critical community institutions like schools, health care facilities and public safety agencies, to new or improved service.”

Judged against the agency’s 80-year track record, those numbers didn’t seem unrealistically ambitious. During the Great Depression, after all, RUS had loaned out millions of dollars to string electric lines to distant farms and small towns in parts of the country that private companies refused to serve — a bold and calculated risk that had transformed America in a single generation.

But more recently, RUS has strayed from its rural mission. Even the agency’s staunchest defenders in Congress have learned: When it came to funding broadband projects, RUS never found its footing in the digital age.

Sometimes, RUS funded high-speed Internet in well-wired population centers. Sometimes, it chose not to make any loans at all. Sometimes, RUS broadband projects stumbled, or failed for want of proper management; loans went delinquent and some borrowers defaulted. Yet despite years of costly missteps that left millions of Americans stranded on the wrong side of the digital divide, a stable of friendly lawmakers swallowed their doubts about RUS and made sure the politically protected agency wasn’t cut out of the historic stimulus effort.

It should come as little surprise, then, that four years and four directors later, RUS has failed to deliver on Adelstein’s promise.

A POLITICO investigation has found that roughly half of the nearly 300 projects RUS approved as part of the 2009 Recovery Act have not yet drawn down the full amounts they were awarded. All RUS-funded infrastructure projects were supposed to have completed construction by the end of June, but the agency has declined to say whether these rural networks have been completed. More than 40 of the projects RUS initially approved never got started at all, raising questions about how RUS screened its applicants and made its decisions in the first place.

But a bigger, more critical deadline looms for those broadband projects still underway: If these networks do not draw all their cash by the end of September, they will have to forfeit what remains. In other words, they may altogether squander as much as $277 million in still-untapped federal funds, which can’t be spent elsewhere in other neglected rural communities.

And either way, scores of rural residents who should have benefited from better Internet access — a utility that many consider as essential as electricity — might continue to lack access to the sort of reliable, high-speed service that is common in America’s cities. Even RUS admits it’s not going to provide better service to the 7 million residents it once touted; instead, the number is in the hundreds of thousands.

The checkered performance of RUS offers an all-too-familiar story of an obscure federal agency that has grown despite documented failures, thanks in large part to its political patrons in Congress. The massive infusion of stimulus money, which required RUS to disperse record sums faster than it ever had before, further exposed its weaknesses — troubles that in many ways remain unaddressed, despite repeated warnings — even as RUS continues lending.

“We are left with a program that spent $3 billion,” Mark Goldstein, an investigator at the Government Accountability Office, told POLITICO, “and we really don’t know what became of it.”

* * *

It took a bigger economic crisis, more than eight decades earlier, to bring RUS into existence. The agency, known then as the Rural Electrification Administration, had been a centerpiece in President Franklin Delano Roosevelt’s historic New Deal. But the effort was controversial from the start. Private companies derided the government’s investments in rural energy as “Bolshevik” and “un-American,” but within several years, hundreds of public utilities were operating, and within 20 years, almost all U.S. farms had electricity. The model was so successful that REA shifted shortly after World War II to providing low-interest loans for rural telephone cooperatives.

Dwight D. Eisenhower entered the White House vowing to abolish REA, which he derided as “creeping socialism.” Within two years, however, even he was extolling the agency’s performance, praising its “great advances for rural America.” The program grew under Presidents John F. Kennedy and Lyndon B. Johnson; the latter in 1937 had led the formation of an electricity cooperative in the Texas Hill country. Richard M. Nixon again tried to kill it, arguing that the program had outgrown its usefulness and at that time served only “country clubs and dilettantes.” But an outraged farm bloc in Congress, led by senators such as George McGovern of South Dakota and Hubert Humphrey of Minnesota, forced Nixon to back down.

By the end of the 20th century, REA’s original electricity mission was more or less accomplished. And in 1994, REA and another agriculture program that had backed water and sewer projects were combined to form the Rural Utilities Service. Yet it was late in the Clinton administration that the agency’s portfolio expanded in a way that would be as dramatic — and ultimately, as controversial — as when it began.

Nations like Japan and South Korea had quickly achieved nearly universal and affordable broadband coverage, but the United States was lagging. “Internet access ought to be just as likely as telephone access,” President Bill Clinton said in April 2000. That year, Clinton’s budget included $102 million for a pilot broadband program to be administered by RUS, building on its previous telecom work.

Bolstered by a 2001 Brookings Institution study that estimated widespread adoption of basic broadband could add $500 billion to the U.S. economy, Congress approved permanent funding for the program. In the eyes of allies like Montana Sen. Conrad Burns, robust, widespread Internet access “would be as important to the national destiny as the railroads in the 19th century. … Universal broadband should be the national priority … (the) same way as putting a man on the moon was.” And low-interest federal loans, he believed, were the best way to do it. “The RUS telecom program has never issued a bad loan in over 50 years,” Burns said. “The government has actually made money off of those loans.”

In 2004, President George W. Bush proposed that broadband coverage should be universally available within three years. His support touched a nerve with Iowa’s Sen. Tom Harkin, a powerful Democrat who knew that one of the government’s primary mechanisms for meeting that goal was not up to the task. At a confirmation hearing for James Andrew, who eventually would take over RUS under Bush, Harkin recalled an encounter with the president in which he confided that universal broadband would never happen if RUS didn’t start spending money.

“We put in $2 billion (to the farm bill) to do that,” the senator grumbled to Bush, “but the Department of Agriculture has been dragging its feet.” By making onerous demands on its applicants and keeping them waiting months for approval, Harkin said RUS had managed to leave $1.6 billion on the table.

“I don’t want to sound too cynical,” Harkin told Andrew, “but it almost sounds like the cable companies and the big phone companies have gotten to somebody and said, ‘We don’t want this program to work.’”

Harkin then delivered to Andrew a brief sermon on the mission of RUS: “We were not risk averse when we put telephone lines out to farmsteads and our small towns in America. We knew there was risk in doing that, but we managed it. RUS manages risk. And that is what I am asking in broadband, manage risk. Don’t be so risk averse that you say, ‘We cannot give a loan out there because we want to make 100 percent certain that the company we give it to will not default and will not fail. Some of them will …”

Andrew agreed with the senator, but there were plenty of internal problems plaguing the embattled agency, as a 2005 inspector general’s report revealed.

The spirit of the law always had been for RUS to target its broadband aid to the most remote, neglected rural towns. In the earliest years of the broadband program, administered chiefly at the time by Bush-appointee Hilda Legg, RUS seemed to believe it had a much broader mandate — and it wrote multiple sets of rules that permitted it to provide aid to “any definable tract of land where fewer than 20,000 people live.” That metric essentially allowed areas under development or near larger, suburban areas to receive federal cash.

In the end, the watchdog’s probe found, “64 communities near large cities received loans and grants totaling $103.4 million.” These networks, in a sense, were easier to build: They were located in denser communities, where a lower price tag for buildout and a higher demand for faster service made it easier to recover costs. But they weren’t in the rural, unserved areas where many in Congress wanted RUS to focus its attention.

Federal investigators also calculated that RUS had awarded more than $137 million in loans, despite incomplete or inaccurate applications. About $30 million of its loans “[were] in default due to inadequate servicing,” largely because the agency hadn’t developed strong oversight guidelines for its earliest loans — meaning the cash wasn’t “timely and thoroughly monitored.” And another $6.8 million in canceled broadband loans “was not put to use in a timely fashion and was therefore unavailable for future funding.”

With the election of Obama, broadband expansion gained another prominent champion, one who had been determined to use the federal stimulus to boost Internet investments “so that a small business in a rural town,” he said in a January 2009 speech, “can connect and compete with their counterparts anywhere in the world.”

Fiscal conservatives, already fighting what would become the $800 billion stimulus package, zeroed in on the broadband program, resurrecting the decades-old complaint that it was an improper intrusion by the federal government into the free market. But Harkin, and other prominent lawmakers from farm states, ensured that RUS still received several billion dollars from the American Recovery and Reinvestment Act.

“They’ve been involved in loans and loan guarantees and things like that since 1949,” Harkin said at the time, “so they know how to do these things.”

* * *

Except, RUS didn’t. Miserly and risk averse at times — and unfocused and overly generous at others — the rural regulator arrived at its monumental stimulus task with more questions than answers.

The Obama administration insisted on funding “shovel-ready” projects, but the broadband networks RUS had been asked to support would require considerable time to design, obtain permits to bury lines or hang them from poles, and address environmental concerns. Complicating things, the agency would have to award its billions of dollars without fully knowing what parts of the country needed the most help. An effort to map the communities with the worst high-speed connections, another requirement of the Recovery Act, would take years to complete — a cart-before-the-horse approach that stimulus skeptics ridiculed.

“I just fought and fought because, if you’re going to spend the taxpayers’ money, then you should spend it where nobody else will spend it,” recalled Rep. Greg Walden (R-Ore.) in a recent interview. He offered an amendment during an early markup of the Recovery Act, but Democrats, who felt mapping would slow investment, voted it down.

To top it all, there was another catch: RUS would have to commit to spending all the money by Sept. 30, 2010, and make sure construction on those projects were “substantially complete” no later than two years after getting the funds. The drop-dead deadline would be Sept. 30, 2015: After that, any unspent money would be taken back.

Already shaky on execution, RUS began to tackle its monumental stimulus workload without a full-time administrator. On March 20, 2009, Obama nominated Adelstein, then a Democratic commissioner at the Federal Communications Commission, to lead the rural agency. The nomination came about a month after the Recovery Act became law.

Adelstein, a South Dakotan by birth, could appreciate the agency’s mission. And while serving at the FCC, he had worked closely on a number of initiatives to improve broadband access in unserved rural towns. But some wondered whether Adelstein, a former top aide to Sen. Tom Daschle (D-S.D.), was suited for the immense challenge the stimulus presented. To at least one former official who worked on the law, Adelstein appeared to be “very much a Hill staffer put in the role of a banker, [who] approached it more like a Hill staffer than banker.”

But Adelstein at least knew the stakes. Not only had he worked on the 2002 law that helped usher in a new broadband era for RUS, he heard an earful about it from the lawmakers who decided the fate of his nomination. “I do not think we are ever going to see that kind of money again,” lamented Harkin at a July 2009 hearing, which paved the way for Adelstein’s confirmation that summer. By the time Adelstein took the reins, though, RUS had already started writing the rules for its first stimulus awards. Moreover, he had arrived on the heels of another inspector general investigation, which found — yet again — that RUS “continued to make loans to [broadband] providers in areas with pre-existing service,” while neglecting needier rural towns.

By September 2010, as required, RUS had committed all of its stimulus cash, primarily to 297 infrastructure projects. The agency would also devote millions in additional funding to other efforts, like new satellite Internet services across the country. About a year later, with major work underway, Adelstein made his confident, infamous prediction of the success of his agency’s investments, still citing his team’s “extensive technical skills, program experience and financial expertise gained over 75 years.”
“Once built,” he wrote of the broadband networks, “they will provide the platform for economic development and job creation for years to come.” Adelstein would continue citing those figures into the following year, telling Congress at least twice that RUS and its broadband investments would benefit “7 million rural Americans.”

In truth, projects were beginning to fail.

Quietly, RUS killed 42 broadband infrastructure projects that it had heralded only months earlier. The agency rescinded more than $300 million in loans and grants before a single check was written. In many cases, local officials had struggled to finance their share of their networks, or obtain the permits needed to lay new fiber cables or erect new wireless towers.

RUS only disclosed the misfires after the Government Accountability Office slammed the agency in a scathing June 2014 report. Even then, the full extent of its withdrawn investments did not become public until POLITICO submitted a request under the Freedom of Information Act. All told, the 42 cancellations meant as many as 430,000 residents in rural areas did not benefit from the new or improved connections that Adelstein had championed in the September 2011 report.

There wouldn’t be new, speedy Web for roughly 17,000 homes in Panola County, Mississippi, for example, or improved connections for about 2,000 homes in Franklin County, Indiana. RUS wouldn’t fund a $20 million network that would have helped about 26,000 homes in southwest Virginia, either.

One of RUS’ most mystifying misfires involved KeyOn Communications, based in Omaha, Nebraska. KeyOn submitted dozens of applications for RUS aid, which its CEO once described as a “growth opportunity” for the company. RUS repeatedly said no before approving a proposal for a $10 million wireless project in Nevada. But the award still couldn’t save the company, which had to sell off its assets before any stimulus payments could begin. (The company’s former CEO did not respond to a request for comment.)

RUS has declined repeatedly to discuss on the record why so many projects it had approved failed so quickly. Adelstein — who now runs a wireless infrastructure lobbying group that advocates for telecom reform on Capitol Hill — also declined multiple requests for an interview.

Instead, he explained in a statement shared by his aide: “While there were a few projects that may not have fulfilled expectations, the vast bulk met their goal of providing rural broadband where it otherwise wouldn’t go.” Approached most recently at a congressional hearing last week, Adelstein declined again to speak on the record. “He has made it clear he doesn’t want to interview,” his aide said. “Don’t waste your time.”

But there were serious — and in many ways, familiar — consequences to these sudden collapses. Under stimulus rules, funds committed to canceled projects could not be redistributed after September 2010 to more worthy applicants, the same sort of restriction that prevented scores of other applicants from tapping unused RUS aid in years and programs past. At the height of the economic recovery, it meant thousands of residents in rural areas couldn’t benefit from aid that champions, like Harkin, saw as one of a kind.

And if it wasn’t clear why RUS had approved projects that faltered so soon, it seemed even less clear how other investments — like a multimillion-dollar, ultrafast fiber network in the woods of northeast Minnesota — managed to win an award and barrel ahead, despite the agency’s own doubts.

* * *

Slow and unreliable connections throughout Lake County had long bedeviled small businesses and school principals, knocked out ATMs and, at times, even interfered with emergency services. For an area that relies on mining and tourism, the stimulus offered a rare opportunity to hurdle that digital divide. “If we don’t get this, we might not get high speeds,” Christopher Swanson, one of the project’s first consultants, recalled during a recent interview at a coffee shop in the Minnesota county. “We might not get another opportunity for another 20 years.”

But, he acknowledged to POLITICO, “We didn’t have a shovel-ready project.”

Lake County’s first application had been rejected partly because RUS had concerns about its business plan. But months later, the agency approved Lake County’s second request — a $66 million proposal, mostly in government loans, that was almost twice as much as the first proposal, twice as ambitious and covered an even larger area with about 16,000 residents.

Internal documents from RUS, obtained by POLITICO, reveal that the agency had granted its green light to the project, despite having identified “several items of risk.” In its application, Lake County officials had not properly accounted for the difficulties of burying fiber during the long Minnesota winter, according to RUS, and it had not received the necessary permission to hang its fiber lines on poles owned by local electric utilities. It received the funding anyway. And these troubles would contribute to so many delays that, in late 2014, RUS would temporarily halt federal funding, forcing Lake County officials to first pony up $15 million in local tax dollars — all after promising the network wouldn’t cost the community a dime.

The breakdown was the culmination of years of contention between the Minnesota region and its federal benefactor. Before it had cut the first check to Lake County, RUS unexpectedly rejected the project’s bond financing. This adversarial relationship between RUS and its applicant only confirmed criticism about paperwork and regulatory burdens that Harkin heaped on the agency several years earlier. Minnesota Sen. Al Franken ultimately intervened, complaining in a sharply worded letter to Adelstein that “this is not the kind of service my constituents deserve.” RUS was unmoved, forcing Lake County to come up with $3.5 million of its own money if it wanted to keep the network on track.

A later dispute with Lake County’s lead contractor resulted in a total reshuffling of its leadership, further delaying the project. Potential competitors in the region, like Mediacom, a local cable provider, lobbied hard in Washington against the network, attracting the attention of Republican stimulus skeptics like Florida Rep. Cliff Stearns.

Stearns and his allies on the Energy and Commerce Committee in May 2012 opened a full-fledged probe of the Lake County award. For more than a year, they closely scrutinized the Minnesota network. “Materials reviewed by committee staff also raise questions as to whether RUS adequately considered the financial viability of the Lake County project before committing $66.4 million in government funding,” five members led by the panel’s chairman, Michigan Rep. Fred Upton, wrote in a March 2013 letter.

Despite the agency’s own doubts, RUS that year mounted a vigorous public defense of its investment, according to documents reviewed by POLITICO. At the helm was John Padalino, a longtime leader at USDA who took over RUS after Adelstein’s departure. Writing to House Republicans on the committee that April, Padalino stressed that Lake County had “met all eligibility, financial and technical requirements” to have received its award.

More than a year later, though, RUS still turned against the Minnesota project, leaving it to fend for itself against the very challenges that the rural regulator identified from Day One.

Local officials, once optimistic, now felt betrayed. “Rather than provide assistance to solve anticipated construction challenges, primarily pole attachment issues, RUS responded by unexpectedly ceasing all loan funding,” officials wrote in a December 2014 email to potential subscribers.

Officials for Lake County’s fiber project, known as Lake Connections, said in May they have 300 to 400 subscribers hooked up and an additional 1,500 applications for service — far short of initial projections. They said at the time they didn’t believe they would complete the network by the end of June, an extended construction deadline RUS granted to Lake County and all of its other stimulus investments. And the Minnesota region likely won’t draw all its funds by Sept. 30, meaning the project may have to forfeit as much as $6 million.

But officials are required by law to try to wire the network as it was initially approved — and they’ll have to pay the government back. To do that may mean drawing on more state and local money, as well as a potential new $3.5 million grant from the FCC.
Asked whether the rural regulator had treated his community fairly, Matthew Huddleston, the county’s administrator, strained to be diplomatic during an interview this spring in the county’s government headquarters.

“I understand the challenges of dealing with the federal government. And sometimes it’s slower than we hoped for, and sometimes we don’t get things as fast as we want,” he said. “They’re a large entity, they have a lot going on — it’s been a challenge. But we’re trying to work with them, and to give them everything they ask us for, and to try to keep things moving forward as best we can.”

To improve its relationship with the feds, Lake County even hired a special consultant — Legg, the former RUS administrator, who “has assisted firm clients in obtaining approximately $450 million in broadband stimulus,” according to her own bio.

And as the Minnesota region hits the gas in the final days of the stimulus, the agency’s temperament has again left the state’s congressional representatives peeved. “Large-scale infrastructure projects will always face challenges, no matter who is building them,” Franken said in a statement to POLITICO, “but unfortunately, it seems that the Rural Utilities Service has contributed to some of the challenges faced by communities in Minnesota, and that shouldn’t have been the case.”

* * *

Lake County is not alone in what has become a race against the clock. Roughly 150 of the total, original 297 broadband infrastructure projects approved by RUS have not drawn down their full awards, leaving $277 million in potential investment to possibly be returned to the Treasury. Adding to the headaches, RUS has not determined how many of its awardees completed their projects by the end of June. The agency imposed that deadline, after all, so it had sufficient time to ensure networks were built as proposed — and it’s unclear if it’s been met.

Even more troubling, RUS can’t tell which residents its stimulus dollars served. In May, the agency reported it has delivered new or improved services to 213,000 households and more than 15,000 businesses. But RUS, as it collected that data from awardees, never asked whether those residents live in unserved, neglected rural towns, or areas that had some broadband access before the Recovery Act.

“RUS did not collect information that allowed anyone to evaluate whether or not it reached its goals or what impact it had,” said GAO’s Goldstein.

Either way, it’s a far cry from Adelstein’s original prediction that RUS funding would benefit more than 7 million people in rural America. The number, after all, always had been theoretical; it reflected the number of individuals who might be reached by better broadband, if everything had been built to plan and attracted the maximum number of subscribers.

For years, though, RUS quietly and steadily lowered its estimates. Its latest prediction, made in March 2014, is that it will benefit 728,000 homes within five years. In May, however, the agency stopped putting that number in writing.

The new head of RUS — the agency’s fourth since the stimulus began — insists that RUS is on top of its portfolio. But Brandon McBride, a former congressional staffer for the Senate Agriculture Committee, took over only in March. He declined multiple interview requests, but issued a statement in defense of his embattled agency.

“Because of the strengthened risk management practices instituted by USDA, there has not been a single Recovery Act project default to date,” he said. That could easily change in coming months. The agency’s inspector general told Rep. Kevin Yoder (R-Kan.) in May that 21 loans issued by RUS before the Recovery Act had been in default prior to 2008.

And still, the state of U.S. broadband remains spotty. The country’s national broadband map — completed in 2010, and updated again this year — shows that 50 percent of Americans in rural areas don’t have high-speed Internet in the way the FCC now defines it. The government still is trying to close the gap, and RUS has continued lending, announcing millions of dollars in new awards this year for new networks in Arkansas and New Mexico. But even Secretary of Agriculture Tom Vilsack acknowledged the stakes while announcing the new effort in March.

“Many rural areas still need help and assistance,” he said
http://www.politico.com/story/2015/0...ed-120601.html

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

July 25th, July 18th, July 11th, July 4th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 11:45 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)