P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 12-06-13, 07:46 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - June 15th, '13

Since 2002


































"No, sir, not wittingly." – James R. Clapper






































June 15th, 2013




Chinese National Gets 12 Years for Pirated Software
Jef Feeley

A Chinese national was orderer to serve 12 years in a U.S. prison for selling more than $100 million worth of software pirated from American companies, including Agilent Technologies Inc. (A), from his home in China.

Xiang Li, 36, was sentenced yesterday in federal court in Wilmington, Delaware, after pleading guilty to copyright and wire fraud conspiracy charges in connection with software sales from his China-based website, prosecutors said in a release.

Li and his wife, of Chengdu, China, were accused of running a website called “Crack 99” that sold copies of software for which “access-control mechanisms” had been circumvented, the U.S. said in an unsealed 46-count indictment. The pair was charged with distributing more than 500 copyrighted works to more than 300 buyers in the U.S. and overseas from April 2008 to June 2011. The retail value of the products was more than $100 million, the government said.

Li is the first Chinese citizen to be “apprehended and prosecuted in the U.S. for cybercrimes he engaged in entirely from China,” prosecutors said in court filings.

“It was hard for me to accept that Mr. Li deserved” a 12-year sentence for his actions, Mingli Chen, Li’s lawyer, said in a telephone interview.

Li was arrested by federal agents in June 2011 in Saipan, an island about 120 miles (193 kilometers) northeast of Guam in the western Pacific Ocean, according to court filings.

Undercover Agents

Li agreed to travel there from his home in southwest China to deliver pirated software and 20 gigabytes of proprietary data from a U.S. software company to undercover agents posing as businessmen, according court filings.

The pirated software included programs made by Santa Clara, California-based Agilent and Canonsburg, Pennsylvania-based Ansys (ANSS) Inc., prosecutors said.

An Agilent product intended to speed the design process for electronic equipment was among the software illegally copied by the couple, according to the indictment. The SystemVue 2009 program sells for $45,000.

Xiang Li’s websites listed prices of $20 to $1,200 for products with retail values of several hundred dollars to $3 million, according to the government. He engaged in more than 700 sales of pirated software, prosecutors contended.

Prosecutors had asked U.S. District Judge Leonard Stark in to sentence Li to more than 17 years in prison over the illegal software sales. Li will be deported to China once he serves his prison term, the government said in a statement.

The case is U.S. v. Li, 10-cr-112, U.S. District Court, District of Delaware (Wilmington).
http://www.bloomberg.com/news/2013-0...-software.html





French File Sharing Law Claims Its First Victim
Ian Chant

After sharing a file or two and ignoring warnings from the government to knock it off, an as-yet-unnamed French Internet user has become the first person fined under France’s controversial ‘Hadopi’ law — a statute that gives file sharers “three strikes” before swooping in with draconian measures like hefty fines and disruptions in Internet service. In addition to a fine that could be as much as 600 euros, the individual will reportedly have their Internet service cut for up to two weeks.

It’s also notable that the suspension comes at an odd time, as only last month nine-member panel advised the government to end the Hadopi program. Apparently, France’s file-sharing regulators don’t plan on going down without drawing some blood first, though. The panel said that while direct P2P sharing like torrents had been slightly reduced, overall piracy traffic did not actually decrease, but rather moved to different formats — like online locker sites — that are not monitored by Hadopi.

Hadopi’s first conviction, then, may well also be its last. And the brains behind it may not even get that cold comfort, as the person currently being fined still has time to appeal the ruling.
http://www.geekosystem.com/hadopi-internet-ban/





UK ISPs Secretly Start Blocking Torrent Site Proxies
Ernesto

Several UK Internet providers have quietly added a list of new sites to their secretive anti-piracy blocklists. Following in the footsteps of Sky, the first ISP to initiate a proxy blockade, Virgin, BT and several other providers now restrict access to several torrent site proxies. The surprise isn’t really that proxies have been added to the blocklist, but that the music industry and ISPs are failing to disclose which sites are being banned.

Following High Court orders, six UK ISPs are required to block subscriber access to several of the world’s largest torrent sites.

The blocking orders are intended to deter online piracy and were requested by the music industry group BPI on behalf of a variety of major labels. Thus far they’ve managed to block access to The Pirate Bay, Kat.ph, H33T and Fenopy, and preparations are being made to add many others.

The effectiveness of these initial measures has been called into doubt, as they are relatively easy to bypass. For example, in response to the blockades hundreds of proxy sites popped up, allowing subscribers to reach the prohibited sites via a detour.

However, as of this week these proxies are also covered by the same blocklist they aim to circumvent, without a new court ruling.

The High Court orders give music industry group BPI the authority to add sites to the blocklist without oversight. Until now some small changes have been made, mostly in response to The Pirate Bay’s domain hopping endeavors, but with the latest blocklist update a whole new range of websites is being targeted.

Last week we reported that Sky had started blocking access to several torrent site proxies, and yesterday it became apparent that this was not an isolated incident. TorrentFreak has received numerous emails form Virgin and BT subscribers who are now unable to access many popular proxies, an indication that these are now covered under the BPI’s list of prohibited sites.

Proxies now blocked as well

Although the results may not be the same for all providers, the following sites appear to be blocked (in part) now. All sites in this list provide access to at least one of the torrent sites previously blocked by court order.

- Fp.kleisauke.nl
- Fenopy.5gg.biz
- H33tunblock.info
- H33t.uk.to
- H33tproxy.co
- H33tmirror.co
- Katunblock.com
- Katproxy.com
- Kat.dashitz.com
- Kat.kleisauke.nl
- Katmirror.com
- Kat.5gg.biz
- Kickassunblock.info
- Kickassproxy.info
- Pirateproxy.net
- Proxybay.net
- Malaysiabay.org
- Piratereverse.info
- Pirateproxy.net
- Campeche.zapto.org
- Tpb.rubenstadman.com
- Piratebay.interflective.com
- Dashitz.com
- Tpb.evrl.com

TorrentFreak talked to Drastik, the operator of the most visited Pirate Bay proxy Pirateproxy.net, who says he’s determined to find a good workaround to make his site accessible again in the UK.

“I never thought the BPI would go this far. I have already started setting up new servers for the blocks. However, I think educating people about alternate methods will be better. I have compiled a list of some good methods on a dedicated page,” Drastik says.

“I will continue to move the site to new servers to keep it accessible,” he adds.

Since the High Court order clearly states that ISPs have to disable access to the torrent sites in question (and the proxies provide this), the recent addition of the proxy sites to the list is not necessarily the main concern.

The problem lies with the fact that these changes are being made in secret without any form of oversight. There appears to be no valid reason to keep the list of prohibited sites away from the public eye, but yet the ISPs nor the BPI are prepared to be open about it.

TorrentFreak reached out to the BPI and some of the ISPs for a comment but we have yet to receive a response.

Update: BPI responded after publication and noted that proxies do indeed fall under the court order. The group does not intent to make the list of blocked website public.

“The court orders obtained in relation to The Pirate Bay cover not only the site itself, but also sites which have the sole or predominant purpose of providing access to The Pirate Bay. It would not be right to allow proxy sites flagrantly to circumvent blocks ordered by the High Court. We do not publish the names of proxies and it would not be appropriate for us to do so,” a BPI spokesperson said.
http://torrentfreak.com/uk-isps-secr...roxies-130611/





Kickass Torrents' KAT.ph Domain Seized by Philippine Authorities
Mittal Mandalia

Kickass Torrents’ wasn’t accessible since about yesterday and now it has been confirmed that the domain name of the second largest website just behind The Pirate Bay has indeed been seized by Philippine authorities.

Local record labels and the Philippine Association of the Recording Industry said that the torrent site was doing “irreparable damages” to the music industry and following a formal complaint the authorities resorted to seize of the main domain name. The torrent site hasn’t given up and is operating as usual under a new domain name.

The torrent site’s main domain name KAT.ph ran into trouble yesterday and it was believed that the control of the domain name was no longer with the original owners. The Government of Philippines has confirmed that the domain name has been seized based on formal complaints and copyright grounds. UK courts have already ordered a similar blocked back in March effective the same month.

Philippine Intellectual Property Office issued a 72-hour suspension order of KAT.ph earlier this week. At the time it was declared that the order, which was signed by the IPO Bureau of Legal Affairs, will become final if the domain owners don’t appeal.

There are all the chances that even though the local record labels were the ones who filed a formal complaint US based record labels may be the ones who are applying the actual pressure. Philippines has been on the copyright “watch list” of the US according to the latest Special 301 Report.

“The United States looks to the Philippines to take important steps to address piracy over the Internet, in particular with respect to notorious online markets,” the Office of the United States Trade Representative wrote in its report.
http://paritynews.com/web-news/item/...ne-authorities





Megaupload Founder Kim Dotcom Opens Up About Extradition Fight

Megaupload founder Kim Dotcom has taken a swipe at New Zealand's prime minister, accusing him of trying to curry favour with Hollywood film executives by assisting in his extradition.

The German-born former hacker is fighting extradition to the United States on charges of copyright infringement, money laundering and racketeering.

In an interview with the ABC's The Business, Dotcom opens up about a police raid on his mansion in January and seizure of his assets and files.

Authorities have since been ordered to return the data, including CCTV footage of the raid, which Dotcom uploaded onto the internet on Thursday.

US authorities allege Dotcom's original file-sharing website netted $US175 million and cost copyright owners more than $US500 million by offering pirated content for free.

But he says he has been targeted by the film industry because he is seen as a threat.

"Megaupload is not responsible for the piracy problem," he told The Business.

"It's the old business model of Hollywood that is responsible for it, and they want to keep that model alive at any cost."
Dotcom alleges Megaupload raid was part of deal to film The Hobbit

Dotcom claims he has been kept in "a golden cage" in New Zealand since the United States began extradition proceedings against him 18 months ago.

"[Warner Brothers executives] came here they told [New Zealand prime minister John Key] - 'These Megaupload guys are really giving us a headache. The founder, you know, is moving to New Zealand. Can you help us?' And he did," Dotcom said.

"They came here to New Zealand to negotiate with John Key about shooting The Hobbit movies here."

Dotcom says his website was offered up "on a silver platter" as part of negotiations with executives.

"So before they even shoot the movie, they have a business plan, they send that to all their license holders, they raise the majority of the money for a new movie before a single frame is shot," he said.

"That is a business model with a license to print money. Obviously they don’t want to let that go.

"That is why I am in this situation."

Dotcom also says the staggering scale of online surveillance by US spy agencies has triggered an "explosion" of interest in his latest file-sharing website.

Unlike its predecessor, Dotcom's new site Mega offers secure encryption, which he says protects each user's identity and data.

"More people are now aware of the [United States] government capturing everybody's data," Dotcom said.

"Growth has been exploding. [Mega is] a user-generated encryption. You are the only one holding the keys."
http://www.abc.net.au/news/2013-06-1...ction=business





Birthday Song’s Copyright Leads to a Lawsuit for the Ages
Benjamin Weiser

The song “Happy Birthday to You” is widely credited for being the most performed song in the world. But one of its latest venues may be the federal courthouse in Manhattan, where the only parties may be the litigants to a new legal battle.

The dispute stems from a lawsuit filed on Thursday by a filmmaker in New York who is seeking to have the court declare the popular ditty to be in the public domain, and to block a music company from claiming it owns the copyright to the song and charging licensing fees for its use.

The filmmaker, Jennifer Nelson, was producing a documentary movie, tentatively titled “Happy Birthday,” about the song, the lawsuit said. In one proposed scene, the song was to be performed.

But to use it in the film, she was told she would have to pay $1,500 and enter into a licensing agreement with Warner/Chappell, the publishing arm of the Warner Music Group. Ms. Nelson’s company, Good Morning to You Productions, paid the fee and entered into the agreement, the suit says.

“Before I began my filmmaking career,” Ms. Nelson said in an e-mail forwarded by her lawyer, “I never thought the song was owned by anyone. I thought it belonged to everyone.”

The lawsuit notes that in the late 1800s, two sisters, Mildred J. Hill and Patty Smith Hill, wrote a song with the same melody called “Good Morning to All.” The suit tracks that song’s evolution into the familiar birthday song, and its ownership over more than a century.

But although Warner/Chappell claims ownership of “Happy Birthday to You,” the song was “just a public adaptation” of the original song, one of Ms. Nelson’s lawyers, Mark C. Rifkin, said in a phone interview.

“It’s a song created by the public, it belongs to the public, and it needs to go back to the public,” Mr. Rifkin said.

A spokesman for Warner/Chappell declined to comment on the suit. The company paid $25 million in 1988 to acquire Birchtree Ltd., a small company whose musical holdings included the birthday song.

Mr. Rifkin cited an estimate that Warner/Chappell collected approximately $2 million per year in licensing fees for the song. He added that the suit asks that the firm return all the fees for the song it has collected in the past four years.

The rich history of the song’s evolution and the conclusion that it might be in the public domain closely tracks the findings of Robert Brauneis, a professor at the George Washington University Law School and the author of a 68-page article titled “Copyright and the World’s Most Popular Song.”

In the study, Professor Brauneis said that “it is doubtful that ‘Happy Birthday to You,’ the famous offspring of ‘Good Morning to All,’ is really still under copyright.”

“I believe this song is in the public domain and therefore it is not owned by anyone,” Professor Brauneis said in a phone interview on Thursday. He said “Happy Birthday to You” was “economically significant” in that it “still produces millions of dollars of income in a year,” and that a successful legal challenge “might be a model for challenges to other songs.”

He said that another of Ms. Nelson’s lawyers, Randall S. Newman, had spoken with him about his study, but that he was not a consultant in the lawsuit.

Ms. Nelson is not the first documentarian to confront the issue of paying to use the Happy Birthday song. The filmmaker Steve James paid $5,000 to use the song in the acclaimed 1994 documentary “Hoop Dreams,” in which it is sung at a man’s 18th birthday party.

“It was an important scene,” Mr. James said in a 2005 article in The New York Times, “there was some amazement that Arthur had made it to 18. Of course, we wanted that in.”

Ms. Nelson, asked what she envisioned for her documentary, responded in the e-mail that her film would be about the “song’s history and its future.” The suit seeks to be given class-action status on behalf of all others who have paid licensing fees for it since 2009.
https://www.nytimes.com/2013/06/14/n...copyright.html





Pandora Purchases FM Radio Station Amid Battle With Songwriters
Jennifer Martinez

Pandora announced Tuesday that it purchased an FM radio station in South Dakota, a move intended to allow the online radio station to qualify for the same licensing terms as other Internet radio competitors.

Christopher Harrison, assistant general counsel at Pandora, made the announcement about Pandora’s purchase of KXMZ-FM in an op-ed published in The Hill.

Harrison said the purchase comes in response to the American Society of Composers, Authors and Publishers (ASCAP), a performing rights organization owned and run by songwriters and composers, engaging in "discriminatory treatment" against Pandora.

“We are in the midst of the latest battle, in which ASCAP and its members have abruptly shifted away from 100 years of business practice and attempted to create a new right to ‘withdraw’ from ASCAP the right to license certain songs on what is essentially a case-by-case basis,” the Pandora executive writes.

In the opinion piece, Harrison said Pandora was compelled to purchase the over-the-air radio station so it could qualify for the same license under the same terms as other Internet radio competitors, including Clear Channel-owned iHeartRadio. These stations have a blanket license that allows them to play any music from the ASCAP song catalog.

Additionally, Harrison said Pandora has filed a motion in a New York federal district court against ASCAP for "discriminatory treatment" against the company and other Internet radio services.

The motion—which has not been made public yet—alleges that ASCAP “has violated the terms of its antitrust consent decree with the Department of Justice” and has created an unlevel playing field for Pandora.

In particular, Harrison said the motion describes how ASCAP “refused to provide Pandora a license under the same terms as the iHeartRadio service, for only one reason: iHeartRadio is owned by a terrestrial broadcaster.” A terrestrial broadcaster plays songs over-the-air rather than online.

This move provided the impetus for Pandora to purchase the Rapid City, South Dakota radio station. In effect, Pandora can now qualify for the same blanket license “under the same terms as our competitors,” Harrison said.

These developments mark Pandora’s latest shots across the bow in its ongoing feud with ASCAP. Pandora filed a petition in a New York federal court this past November that asked for the judge to set a reasonable license fee for streaming songs from ASCAP.

ASCAP members write the music and lyrics of songs and include famous names like Duke Ellington, Beyonce, Hans Zimmer and Henry Mancini.

In the opinion piece, Harrison contends ASCAP’s rules were amended to allow individual music publishers to selectively withdraw the media rights for their song catalogs from the organization.

Last year, music publisher Sony/ATV withdrew its media rights from ASCAP, “forcing Pandora to negotiate a direct agreement against a ticking clock” so it could continue to stream songs from the publisher's catalog, according to Harrison.

“During negotiations, ASCAP and the publisher increased the pressure by refusing to provide Pandora the list of tracks that were being withdrawn, exposing Pandora to copyright infringement liability of up to $150,000 per work,” Harrison said.

If Pandora had played a song from the list of tracks that were being withdrawn, the company would be at risk for paying hefty copyright infringement damages, he added.

Pandora negotiated an agreement with Sony/ATV, but Harrison said it “resulted in increased rates.”

“Shortly thereafter, additional major publishers took steps to withdraw their catalogs from ASCAP, again with respect to Pandora,” Harrison said.

Pandora has waged battles against other sectors of the music industry in Washington.

Last year, Pandora actively lobbied for a bill that would modify the royalty-setting rules for Internet radio stations. The bill would have placed Internet radio stations like Pandora on the same royalty standard as cable and satellite radio services— which Pandora believes will lower the royalty fees it pays to recording artists and music labels for streaming the sound recordings of their songs over the Internet.

The Oakland, Calif.-based company has lamented that while its user base continues to grow, it has struggled to maintain profitability because the fees it pays to compensate artists and labels for streaming their songs online are higher than other digital radio services.

The National Association of Music Publishers (NMPA) has argued that songwriters are frustrated with Pandora because roughly four percent of the company’s revenue goes towards compensating them for their music, while over half of its revenue is allocated to paying recording labels and artists. The trade group contends Pandora underpays songwriters relative to the fees it pays to compensate artists and labels for the sound recordings of their songs.

The NMPA blasted Pandora's latest move in its battle with ASCAP.

"This is another sad step in Pandora's escalating war against songwriters," said NMPA CEO David Israelite in an email. "While other digital partners are making voluntary deals, Pandora chooses to sue the very creators who make its business possible."

Earlier this week, Apple said it planned to launch a new "iTunes Radio" streaming service, which has been billed as a competitor to Pandora. Apple successfully struck licensing agreements with Warner Music Group and Universal Music Group for the service, according to Rolling Stone.

For its part, Pandora argues that it just wants to compete on a level playing field with other digital radio services.

“The status quo is a dead end for the vast majority of working musicians and the Internet is driving a sea change that will fundamentally shift the equation away from big industry players towards a more democratic and inclusive industry for both listeners and artists,” Harrison writes in the op-ed. “For this to become reality, Internet radio must be embraced – not discriminated against.”
http://thehill.com/blogs/hillicon-va...tle-with-ascap





BMI Files Suit Against Pandora

Broadcast Music Inc. is seeking a determination of rates for a blanket license for all music played on the streaming service.
Ed Christman

BMI, Broadcast Music Inc., today filed suit at the U.S. Southern District Federal Court in New York, seeking a determination of rates for a blanket license for all music played on Pandora. Billboard broke the news of the impending lawsuit late last night.

The suit was filed on the heels of Pandora buying a small terrestrial radio station in what publishers are referring to as a back-door attempt to pay publishers a lower rate. The BMI lawsuit says that "Pandora's stunt makes a mockery of the performing rights licenses and the rate court process."

Prior to the Pandora maneuver, BMI's suit says it had proposed an increased in Pandora's fees consistent with market rates and Internet streaming music's growth, but also included adjustments to account for the withdrawal of digital rights by some BMI-affiliated publishers. But the suit noted that Pandora commenced a rate proceeding against ASCAP to actually lower its current fees and said it expects Pandora to claim that is no different than commercial broadcast radio, which BMI contends is a wrong assertion.

In October 2012, Pandora terminated its agreement with BMI, which covered rates from 2005 through 2012 and sought a new license beginning on Jan. 1, 2013, but did not detail the nature of its services to be covered by the request or the scope of the license sought, BMI's suit said.

Nevertheless, BMI said it quoted a fee that it deemed reasonable to Pandora in March, which the service rejected. The license in question will cover the period from Jan. 1, 2013, through Dec. 31, 2014.

The suit, filed on behalf of BMI by Milbank Tweed Hadley & McCoy LLP, notes that some publishers have withdrawn their digital rights because they want to obtain market rates for their music, and pointed out that the rate Pandora agreed to pay Sony/ATV represents a 25 percent increase over the rate Pandora paid BMI for 2012.

In moving over to examine Pandora's attempt to acquire KXMZ-FM, a radio station broadcasting in Rapid City, S.D., on June 11, the BMI court document detailed the agreement between BMI and the Radio Music Licensing Committee to give background information as to why Pandora's attempt at lower licensing is inconsistent with the blanket license covered in that agreement. The BMI deal was based on the agreement between RMLC and ASCAP, in which it was agreed that each licensee would pay a royalty of 1.7 percent of their gross revenues, minus a 15% deduction on the fee. In its own deal with RMLC, BMI was willing to accept a lower rate for RMLC's stations' new-media transmissions "because of the significant fees, [on average $150 million per year] paid by terrestrial radio stations to BMI for their broadcasts."

The lawsuit also charged that Pandora's acquisition of the ratio station is "an open and brazen effort to artificially drive down its license fees … for the expressly stated purpose of 'qualifying for the same RMLC license under the terms as our competitors."

Pandora contends that its purchase of that station is sufficient to transform its online music streaming service into a new-media transmission, according to the BMI document. But BMI counters that its radio station license is expressly limited to covering only those new-media transmissions by radio stations with a commercial relationship with the terrestrial radio stations and "does not cover [a] primarily Internet-based music streaming service that happens to own a single radio station in a city with a total population that is less than 0.045 percent of Pandora's online membership."

In a statement sent to Billboard late last night, a Pandora spokesperson said: “Pandora values and respects those who create music and seeks to pay a rate that is fair to all artists, and fairness needs to account both for what artists receive and what Pandora’s competitors are asked to pay. In a good-faith attempt to avoid a protracted disagreement, Pandora offered to pay ASCAP higher rates than it currently pays, but ASCAP refused, choosing instead to enable the publishers to try to extort even higher rates through a scheme of 'selective withdrawals.' At the same time, ASCAP agreed to the lower licensing rates with the RMLC, which was approved by the rate court, and extended these lower rates to virtually all of Pandora's competitors, including iHeartRadio, Pandora's largest competitor. This is not a case of Pandora trying to pay less. It is a case of publishers discriminating against Pandora.”

Pandora points out that Clear Channel's iHeartRadio is a beneficiary of the lower rate, so it feels it is entitled to it as well.
http://www.hollywoodreporter.com/new...pandora-568452





Apple Enters Net Radio’s Busy Field
Brian X. Chen

Apple is known for making some of the finest hardware in the world, but one of its biggest stumbling blocks has been services that rely on an Internet connection.

Apple’s Maps app for iPhones was initially so bad the company apologized. Ping, Apple’s social network for discovering songs, was killed because hardly anyone used it. And iCloud, its service for synchronizing user data across devices, has been criticized for being unreliable, though it has not had as many glitches as its predecessor MobileMe, which had an e-mail blackout that disconnected thousands of customers for days.

Now, Apple is giving online services another try, in an area where it has long been the leader: music. On Monday, at the opening of its annual developers conference in San Francisco, the company is expected to unveil an Internet radio service that will stream songs over a data connection instead of storing them on a device, according to people briefed on the negotiations. The service is expected to be free, but supported by ads.

With its Internet radio service, Apple will be following other online music services, like Pandora, Spotify and Rdio. But it could spread this type of music consumption further into the mainstream, some analysts say.

“The genius of iTunes 10 years ago was that they made the mainstream consumer understand what digital music was, and how it all worked,” said Russ Crupnik, an analyst at NPD Group who studies the digital music market. He said Pandora was mainstream, with 200 million registered users, but it was not a dominant global player, and that a similar service from Apple would expose more people to online radio.

The company is also expected to introduce new Mac notebooks and a redesign of iOS, its software operating system for iPhones and iPads, at the four-day developers conference. The conference includes seminars where software developers can get training on the latest Apple software development tools so they can start making apps.

The new operating system will be the first mobile software system made under the company’s lead hardware designer, Jony Ive. Mr. Ive was put in charge of software design after the company fired Scott Forstall, the former head of mobile software development, amid the flurry of negative news reports surrounding Apple’s mapping software.

Before taking over software design, Mr. Ive made it known in the company that he did not like some of the visual ornamentations in Apple’s mobile software, particularly the use of textures representing physical materials. Under his direction, elements like the yellow-notepad inspired Notes app and the leather borders in the Calendar app for the iPad are expected to be removed from the software. The overall look will be smoother and less ostentatious, according to a person briefed on the company’s plans, who asked not to be named.

For Apple, the expansion into streaming music underscores a competitive issue: one of its chief rivals, Google, has long had robust Internet services, like Gmail and Google Apps, while over the years it has gotten better at designing the software and hardware for its phones and tablets.

But while Apple struggles with Internet services, its stock is down about 37 percent after peaking at a little more than $700 in the fall. The company is still selling tens of millions of iPhones and iPads, but investors are concerned about its growth slowing and profit margins getting tighter. A shift into services like Internet radio could present new opportunities to make money.

But James McQuivey, an analyst at Forrester Research, says he thinks Apple is too late in this game. The company has to present an Internet radio service that is better than what is out there, he said, or people will continue to just buy its hardware and use other companies’ services.

“It’s going to have to innovate,” Mr. McQuivey said. “It can’t just be Pandora with an ‘i’ in front of it or Spotify with an ‘i’ in front of it.”

In the late 1990s, the music industry was in turmoil because many Internet users quickly learned they could download their favorite songs for free instead of paying for albums. Steven P. Jobs, Apple’s late chief, approached the music labels with the idea of a store offering the ability to download songs a la carte for 99 cents a download.

“When we first approached the labels, the online music business was a disaster,” Mr. Jobs was quoted as saying in the book “The Perfect Thing: How the iPod Shuffles Commerce, Culture and Coolness.” “Nobody had ever sold a song for 99 cents. Nobody really ever sold a song. And we walked in, and we said: ‘We want to sell songs à la carte. We want to sell albums, too, but we want to sell songs individually.’ They thought that would be the death of the album.”

In 2003, Apple was the first company to legitimize digital music when it opened the iTunes Store, a legal way for people to download and purchase digital songs. Now digital music has grown far beyond the traditional album. Many companies offer the ability to stream music over a data connection.

Spotify, for example, based in London, lets people search for songs and immediately stream them over the Internet on their smartphones and computers; a free version of the service plays ads every few songs, but paying $5 a month will skip the ads.

Rdio, another music streaming service, costs at least $5 a month to stream songs from a computer, but it has an emphasis on social networking, or discovering music by looking at what friends are listening to.

And Pandora, launched 8 years ago, lets users create their own stations by entering an artist and then automatically playing songs similar to that artist. Its ad-free upgrade is $4 a month.

But online streaming services are not as popular as iTunes, which counts about 500 million customers with their credit cards on file. Apple is still No. 1 in the paid digital music market with a 63 percent share, followed by Amazon at 22 percent, according to NPD Group.

In a study, NPD said it found that 44 million Americans bought at least one song or album download last year, a number that has remained stable despite the growth of Pandora and music streaming services. A separate NPD study found that people who stream music are much more likely to buy music downloads.

When Apple enters online radio, it will be difficult for companies like Spotify and Pandora to compete, said Laurence Isaac Balter, chief market strategist at Oracle Investment Research, which has clients that own Apple shares. He said Apple will be at an advantage because it will have deeper control of the iPhone software and hardware, as well as more data about its own customers, than outside companies would, so that it can make smarter music recommendations for customers. Streaming music will also give customers a chance to listen to music they would otherwise never have heard before, and then perhaps buy the songs in iTunes, Mr. Balter said.

Mr. Balter added that Apple could potentially leverage the user data it gets from streaming radio and expand it into a future Apple television, where people could find video content about their favorite bands or even purchase concert tickets on the bigger screen.

“There’s so much of a white canvas here for Apple to paint on,” Mr. Balter said. “It’s refreshing to see them start to think in this area.”

As Apple expands its product lines to include cheaper products, like the iPad Mini and a rumored cheaper iPhone, its profit margins will decrease. That is when the importance of online services will become even greater for Apple because they will provide more ways to make money, Mr. McQuivey said.

“If Apple doesn’t make this shift to services,” he said, “they won’t be left with a leg to stand on.”
https://www.nytimes.com/2013/06/10/t...ing-radio.html





Weaned on CDs, They’re Reaching for Vinyl
Allan Kozinn

There were always record collectors who disdained the compact disc, arguing that an LP’s grooves yielded warmth and depth that the CD’s digital code could not match.

But the market largely ignored them. Record labels shuttered their LP pressing plants, except for a few that pressed mostly dance music, since vinyl remained the medium of choice for D. J.s.

As it turned out, that early resistance was not futile, thanks largely to an audience of record collectors, many born after CDs were introduced in the 1980s.

These days, every major label and many smaller ones are releasing vinyl, and most major new releases have a vinyl version, leading to a spate of new pressing plants.

When the French electronica duo Daft Punk released “Random Access Memories” in mid-May, 6 percent of its first-week sales — 19,000 out of 339,000 — were on vinyl, according to Nielsen SoundScan, which measures music sales.

Other groups with a predominantly college-age audience have had similar success: the same week, the National sold 7,000 vinyl copies of its latest album, “Trouble Will Find Me,” and 10,000 Vampire Weekend fans opted for the LP version of “Modern Vampires of the City.” When the Front Bottoms, a New Jersey indie band, posted a photo of their players carrying stacks of LP mailing boxes on their Facebook page recently, their label, Bar/None, racked up what Glenn Morrow, who owns the label, described as “phone orders for $2,000 worth of LPs in 10 minutes.”

A growing number of classic albums — including the complete Beatles and early Rolling Stones and Bob Dylan catalogs — have had vinyl reissues in recent years as well.

Michael Fremer, who monitors the LP world on his Web site, Analogplanet.com, said: “None of these companies are pressing records to feel good. They’re doing it because they think they can sell.”

About a dozen pressing plants have sprouted up in the United States, along with the few that survived from the first vinyl era, and they say business is so brisk that they are working to capacity. Thomas Bernich, who started Brooklyn Phono in 2000, says his company makes about 440,000 LPs a year, but a giant like Rainbo Records, in Canoga Park, Calif., turns out 6 million to 7.2 million, said Steve Sheldon, its general manager.

One plant, Quality Record Pressings, in Salina, Kan., opened in 2011 after its owner, Chad Kassem, grew impatient with delays at a larger plant where his own line of blues reissues was being pressed. His company, which runs four presses — acquired used, but modified to run more efficiently — now makes LPs for all the majors, and lists Jimi Hendrix, Eric Clapton and Nirvana reissues among its recent projects. He is currently pressing 900,000 vinyl discs a year.

“We’ve always had more work than we could do,” Mr. Kassem said. “When we had one press, we had enough orders for two. When we had two, we had enough orders for four. We never spent a dollar on advertising, but we’ve been busy from the day we opened.”

There is a limit to how much the vinyl business can expand right now. When it seemed inevitable that CDs would supplant LPs, the companies that made vinyl presses shifted to making other kinds of machinery. The last new press was built in 1982, so relatively recent start-ups like Quality and Brooklyn Phono searched out used presses (the going rate is about $25,000) and reconditioned them. Most plants have deals with local machine shops to make replacement parts.

Some pressing plants have looked into commissioning or building new presses but have found the cost prohibitive — as much as $500,000, said Eric Astor of Furnace MFG in Fairfax, Va. “Since my partner also owns a CD/DVD plant,” Mr. Astor said in an e-mail, “we’ve been testing using the methods used in disc manufacturing to make a new breed of vinyl record, but that R&D is slow going and not looking promising.”

How are LPs selling? That is a matter of dispute. David Bakula, Nielsen SoundScan’s senior vice president of client development and insights, said that his company tracked 4.6 million domestic LP sales last year, an 18 percent increase over 2011, but still only 1.4 percent of the total market, made up mostly of digital downloads (which are increasing) and CDs (for which sales are declining). This year, Mr. Bakula said, vinyl sales are on track to reach about 5.5 million.

But manufacturers, specialist retailers and critics argue that SoundScan’s figures represent only a fraction of actual sales, perhaps as little, Mr. Kassem and Mr. Astor said, as 10 to 15 percent. They say that about 25 million vinyl discs were pressed in the United States last year, and many more in Europe and Asia, including some destined for the American market.

Mr. Bakula countered that manufacturers are speaking of the number of discs made; SoundScan tracks how many were sold. But the manufacturers argue that LPs, unlike CDs, are a one-way sale: labels do not accept returns of unsold copies. Therefore labels and retailers are careful to order only what they think they can sell. Moreover, LP jackets do not consistently carry bar codes — Mr. Kassem, for one, leaves them off his discs because, he said, “they’re ugly” — and therefore cannot be scanned at the cash register. And many shops that sell LPs are independents that do not report to SoundScan, although Mr. Bakula said his company weights its figures to account for that.

There are other measures of the health of the field, including figures from ancillary businesses. Heinz Lichtenegger, whose Vienna-based Audio Tuning company produces the highly regarded Pro-Ject turntable, said in an e-mail that his company sells 8,000 turntables a month. And Mr. Fremer has sold 16,000 copies of a DVD, “21st Century Vinyl,” that shows users how to set up several turntable models.

Vinyl retailers are thriving as well. Mr. Kassem of Quality Record Pressings also runs Acoustic Sounds, which sells LPs as well as turntables and accessories, including cleaning machines and protective sleeves. Music Direct, a Chicago company that owns Mobile Fidelity Sound Lab, a storied audiophile label, has a similarly broad stock, including a selection of turntables that ranges from the $249 Music Hall USB-1 to the $25,000 Avid Acutus. Josh Bizar, the company’s director of sales and marketing, said that Music Direct sold 500,000 LPs and “thousands of turntables” last year.

And the buyers, Mr. Bizar said, are by no means boomer nostalgists.

“When you look at the sales for a group like Daft Punk,” he said, “you’re seeing young kids collecting records like we did when we were young.”

“We never expected the vinyl resurgence to become as crazy as it is,” he said. “But it’s come full circle. We get kids calling us up and telling us why they listen to vinyl, and when we ask them why they don’t listen to CDs, they say, ‘CDs? My dad listens to CDs — why would I do that?’ ”
https://www.nytimes.com/2013/06/10/a...-comeback.html





Kodak’s Problem Child

How the blue-chip company was bankrupted by one of its own innovations
Kenny Suleimanagich

Rochester, New York — The cold hits me as soon as I leave the Amtrak station, stepping into a swirl of snow eddies that etch the low streets in black and white.

The terminal sits just outside the city center. In the short car ride into town, one building stands out to me from all the others. It is an impressive beaux arts landmark with five large letters, glowing in red, resting at the top:

K-O-D-A-K

George Eastman invented casual photography here in the 1880s, made a fortune, and built a small town into a city. Millions of people around the world “pressed the button” and for more than a hundred years, Kodak “took care of the rest.”

At its peak, in 1996, Kodak was rated the fourth-most-valuable global brand. That year, the company had about two-thirds of the global photo market, annual revenues of $16 billion, and a market capitalization of $31 billion. At the time of its peak local employment, in 1982, the company had over 60,000 workers in Rochester, most of whom worked in Kodak Park, as it’s known to employees and locals. The campus, a private city within the city, sprawled over 120 acres with its own power plant and fire department, once stood as a monument of imaging and innovation. Today it still stands, but vastly scaled back from the days when film production was at the core of Kodak’s work.

I traveled here in late January to see firsthand the slow, unstoppable, excruciating decline.

With a bitter blizzard hammering down in upstate New York, a bankruptcy judge had just approved a proposal to resolve a big chunk of Kodak’s $6.8 billion in debt and pave the way for it to emerge from Chapter 11 after more than a year of insolvency. The company expects to finalize the process and exit bankruptcy protection in the third quarter of this year.

I headed to a diner, and was immediately greeted with a banal tableau of defeat — the first of many variations on the theme that unfolded during my visit.

Two middle-aged men sit at the table next to mine. One wears a KODAK PHOTOFINISHING PRODUCTS sweatshirt. He drowns his coffee in cream and spoons in sugar while his friend peruses a headline in the Democrat and Chronicle, a local paper. On the front page is news of the sale of thousands of Kodak’s digital-imaging patents to a consortium led by Apple, Google, and Microsoft. The price is a fraction of the $2 billion that Kodak executives thought the patents would bring, but it will help buy time as the cash-poor company pursues its reorganization plan.

Among other things, Kodak CEO Antonio M. Perez is betting his commercial-printing business on high-volume customers who need a lot of ink, like product-packaging manufacturers. Even if this latest “pivot” is successful — and a lot of people think it’s a stretch — the company would be reduced to helping other people make the boxes used to ship the devices that will take the photographs of the future.

There is a certain tone that former Kodak employees take whenever I asked them about the 1980s and ‘90s, a time within easy memory when Kodak ruled the film-imaging universe. It falls somewhere between baffled and resigned, especially for those whose careers were curtailed by years of fruitless restructuring.

I had come to Rochester to meet Ron Andrews, a chemical engineer who was laid off in 2005 when the company first began to phase out the film-manufacturing business he’d worked on for more than thirty years. The film that he helped refine and develop, Kodachrome, was finally discontinued in 2009. For nearly seventy-two years, Kodachrome was the crown jewel of the color-film portfolio. Photojournalist Steve McCurry used it to shoot the now-iconic June 1985 National Geographic cover, an image of a wide-eyed Afghan girl. Today, it is just another discontinued film stock.

Andrews calls himself a victim of “technological substitutions,” but it is clear that he carries very deep and divided feelings about Kodak, both the company where he had worked since graduating college in the early 1970s and the company that stumbled and had no place for him in the end.

“In retrospect, it was probably a good time to leave,” he recalls when we meet, in the lobby of the Radisson Hotel. “Everybody else was sitting around plotting their endgame.”

Andrews was part of the old school of innovators that first made possible the “Kodak Moment” — optical engineers and mechanics, who built cameras, and chemists, who manipulated molecules that froze light and fixed it in gelatin and paper.

By the late-twentieth century, molecules were at the heart of Kodak’s business, so much so that its chemical division — divested in 1993 — continues as an R & D and earnings powerhouse today, with $8.6 billion in revenues in 2012.

Chemistry was work that Eastman himself, with one foot still planted in the nineteenth century, well understood. Over the span of about a decade, the Kodak founder invented the first practical roll film and then built the first cameras that could reliably use it. Never again would photography be a cumbersome process, the domain of professionals only.

In his original patent, he wrote that his improvements applied to “that class of photographic apparatus known as ‘detective cameras,’ ” — concealed and disguised devices, made possible by a new wave of miniaturization, that were used mostly for a lowbrow entertainment: snapping pictures of people unaware. Cameras equipped with single-use chemical plates were hidden in opera glasses, umbrellas, and other everyday objects, and sharing the surreptitious, random, and sometimes compromising photos that resulted became a popular fad.

Eastman, in other words, was obsessively tinkering with what many people at the time would have considered a cheap novelty or a toy. Like Netflix in its early days, Kodak relied on the U.S. Postal Service: Customers sent their spent cameras to Rochester, where the film was removed, processed, and cut into frames; the resulting negatives and prints, along with the camera, reloaded with a fresh roll of film, were returned to the sender. Suddenly it was easy for anyone to take lots of pictures, and Eastman’s new business became a juggernaut almost overnight.

About ninety years later, another tinkerer in Kodak labs would create an integrated circuit that turned light waves into digital images. It too would be labeled a toy by the few people who saw it. It too would eventually launch a huge new business all but overnight. But this time, Kodak wouldn’t be part of it.

How is it that big, established companies fail to recognize and seize new opportunities? When I first started wondering about this problem and what had happened at Kodak, I e-mailed Raymond Demoulin.

Demoulin started “at the lowest rung” at Kodak in 1954 and eventually rose to become vice president of professional imaging from 1986 through 1993. He has long been identified as an early — though mostly ignored — advocate of the digital-imaging revolution inside the company.

Dubbed “Saint Raymond” — in earnest or ironically, depending on who’s talking — Demoulin retired more than a decade ago. But he’s continued to follow the news at Kodak from a distance, and he has expressed some voluble opinions.

Through Demoulin, Andrews, and several other former Kodak engineers and scientists, I began piecing together an oral history — sourced from the largely overlooked circle of Kodak’s original digital innovators — of what may be one of the greatest gambits in the history of technology to have been declined; whisked away by executives in denial of the impending doom for film photography.

In the course of our correspondence, Demoulin sent me copies of two business reports he’d written going over Kodak’s collapse in a point-by-point analysis.

According to his numbers, a roll of film that cost one dollar to produce was marked up 800 percent, which allowed the company to generate its enormous profits. This drove the company’s growth, he argued, but eventually it turned into a trap when managers, addicted to the revenue, ignored clear signs that the market was shifting to digital and the end of the old way was in sight.

“They were in denial all the way,” he says. “They didn’t want to give up a 90 percent market in film to have a 10 to 20 percent market in consumer electronics.”

Kodak’s worship of film is still alive and well and on display at the George Eastman House Museum. Situated in the picturesque old Park Place neighborhood of Rochester, it stands in stark juxtaposition to the derelict and demolished buildings of Kodak Park. Eastman House has a large collection, covering most of the key photographic advances over more than a century of innovations, many of them by Kodak: the first 16-millimeter movie camera; a plethora of the Brownie and Instamatic models; the device used by NASA to take the first photographs of Earth from outer space.

Two oddballs stand out. One, the Nikon DCS-100, is an old film SLR outfitted with a fat electronic umbilical cord attaching it to a grey box — a storage device that, aside from the tininess of tiny capacity, isn’t that much different in principle from the one in a smartphone today. The other, a Canon, has a built-in attachment serving the same purpose that about doubles its usual size.

They’re examples of the first marketable digital cameras, and Kodak designed them both.

In an early 1980s interview with the Democrat and Chronicle, then CEO Colby Chandler was asked to predict where he saw Kodak in ten, twenty-five, and fifty years. Uncertain, he responded that Kodak’s work had always been with the “miracle of the molecule,” and it would continue to be in the future. In fact, images were already being organized as bits of information and the molecule was, inexorably, on its way out.

The tipping point had come years earlier, in 1975.

That year, Steve Sasson was a 25 year-old electrical engineer working in Kodak’s Photographic Research Laboratory. His assignment was not considered pressing or significant to anyone but himself, his team, and his supervisor: the task was to find a way for captured light to be converted into an electronic signal with a numeric, or digital, value.

For digital imaging, this was the genesis.

To many people at Kodak who were not involved with the project, Sasson’s camera looked more like a device built by a hobbyist, recalls Robert Shanebrook, a retired Kodak employee who worked near the research lab at the time. It was impressive and interesting, they thought, but it was a toy, like their Instamatic plastic cameras. “Electronic photography was certainly paid attention to by some, but many didn’t think much of it,” he recalls.

Analysts have pointed to a number of factors in Kodak’s fall, from general mismanagement to poor financial decisions. Its divestiture of Eastman Chemical stripped billions in cash flow that might have propped it up as it struggled to make the transition to digital. Others point to antitrust suits that hampered the company for decades and opened the door to rivals. Some of those, notably Fuji, were able to manage the analog-to-digital conversion successfully.

To the people in the trenches, like Demoulin, the failure always comes back to the same key error: Kodak, they say, suffered from a fundamental breakdown between, on one side the engineers and tinkerers — many of whom saw the digital future clearly and fought to bring it forth — and on the other the top management, whose interest remained fixed on molecules and the miracle of near-monopoly profits.

Demoulin told me about watching a team in 1980 demonstrate a scanner-printer that converted film images to digital. “That’s when I thought: This digital thing is going to happen,” he recalls. His place at the helm of the professional-imaging division allowed him to autonomously invest in developing a digital still camera, and he says he pursued that vision, despite lukewarm support from the company.

“Very few companies have been successful in straying away from the expertise of its employees,” says Andrews, who works today as a senior engineer at Bausch and Lomb. Many Kodak alumni, like Andrews, found work at smaller tech-based companies that filled the employment vacuum and averted a repeat of Detroit and the automobile industry.

As demand for electronic photography slowly grew through the 1980s, the Electronic Photography Division (EPD) became the catchall for a new generation of Kodak engineers trained not in chemicals, but computer science. Engineers like Bruce Rubin began working at EPD in 1987, when printers and film scanners were being developed to transmit data through telecommunication channels; these devices were part of how the Tiananmen Square photographs were leaked.

But as exciting as the work was, it led to frustration and a disconnect between executives and employees. “One of the things that always drove me crazy,” Rubin remembers, “was when a proposal was denied because either somebody else was doing it, or nobody else was doing it. There was no wiggle room…[unless] Fuji was doing it too.”

Peter Sucy, another computer engineer at Kodak, describes the rarity of computers in the workplace in the late 1980s. “Almost no one had a computer at their desk,” he recalls. When the Macintosh II was announced, packed with new state-of-the-art features, he had to buy one himself. With a $3,000 price tag, it allowed him to do things with images he could not do before, including digital photo editing. Based on those exhilarating experiences, he began making proposals for products that could expand Kodak’s reach in digital platforms.

Sucy’s biggest hurdle, he asserts, was the head of marketing at EPD, who exemplified the disconnect between manager and engineer. “He used an Underwood typewriter to send out weekly missives,” Sucy recalls. “He told my boss to tell me to stop writing computer proposals, because Kodak would never be a computer peripheral company…not on his watch, at least.”

Undeterred, Sucy continued developing products using a clandestine approach, giving them code names that “didn’t sound like computer products.”

The subterfuge helped them bring some experimental products to market, but then they encountered a new problem they hadn’t expected: No matter what they came up with, nothing digital would sell. To consumers, everything was too expensive, and to professionals, the quality was not yet good enough. “It was a difficult thing to market,” Sucy admits, “especially for people who didn’t have any kind of experience marketing this kind of product; people who didn’t really know what it did.”

In the end, being early did not help, because the market simply wasn’t ready. As obvious as the endgame was, Kodak’s leaders were faced with an unwinnable predicament: either keep investing in end-of-life products until the profits dried up — and die over the long run; or switch to stillborn product lines that produced mostly red ink in the ledgers — and die immediately.

Chris Anderson, former editor in chief of Wired and founder of 3D Robotics, a designer of DIY drone kits, has written extensively about business models in the digital age. I asked Anderson about his thoughts on Kodak’s bankruptcy, and told him about the Electronic Photography Division, how the engineers had developed a four-megapixel sensor by the late 1980s. How did Kodak fail to convert such a massive head start into success?

“Who could afford that?” Anderson fired back, unimpressed. “Macs were really expensive. Computing technology couldn’t have kept up until much later.”

When Kodak finally entered consumer photography in force, at the end of the 1990s, it did so as a dominant brand in a growing market. They produced cameras that were forerunners technologically and in 2003 were best sellers — but, crushingly, had to sell them to consumers at a loss of up to sixty dollars apiece.

The company threw its remaining R & D muscle at a dizzying array of digital-imaging technologies and products, notably scanners and printers. Though Kodak was still loaded with cash and patents, it now needed a hit product to push it back into profitability, a situation that led it to attempt ever more desperate strategies. The depressing reality is painfully visible on YouTube. In videos posted of building demolitions in Kodak Park from the late 2000s, chipper executives doggedly proclaim a bright future ahead during festivities attended by crowds of locals who came to witness the creation of rubble and dust.

Not everyone felt like partying.

“As a Kodak retiree who worked in Building 9 as well as many others in Kodak Park…I see no reason to celebrate the destruction of what was once a Fortune 500 company asset,” comments Harry Trulli in an online post about one well-attended blast. “I want to cry when I think of the future of our country.”

Instead of finding new opportunities, Kodak faced even more disruption as the consumer camera market moved into phones, and nimble start-ups pounced on social photo-sharing opportunities. In a matter of months, Instagram went from start-up to Facebook acquisition with a valuation of $1 billion— more than twenty-five times Kodak’s recent market capitalization of about $40 million.

“Even if Kodak went into [digital] wholeheartedly, things would remain the same,” says Anderson. “It’s a fact that they were too early, and inevitably doomed.”
The Kodak Tower

The day I left Rochester, the blizzard was spent and the city was returning to its quotidian hum. From my seat on the train, the Kodak Tower loomed tall in the window overlooking the city, much as it must when it was first built, in 1916. As we pulled away from the station, it blended before long into the newer buildings around it, and disappeared.
https://medium.com/editors-picks/3e1d3fc4a3e





Gatekeepers of Cable TV Try to Stop Intel
Brian Stelter

As Intel tries something audacious — the creation of a virtual cable service that would sell a bundle of television channels to subscribers over the Internet — it is running up against a multibillion-dollar barricade.

That barricade is guarded by Time Warner Cable and other cable and satellite distributors, which are trying to make it difficult — if not impossible — for Intel to go through with its plan. The distributors are using a variety of methods to pressure the owners of cable channels, with whom they have lucrative long-term contracts, not to sign contracts with upstarts like Intel, that way preserving the status quo.

Intel, however, is undeterred, and its executives intend to begin its TV service by the end of the year. They are ready and willing to pay more than existing distributors do for channels. But to date the company has not announced any deals with channel owners.

To Intel, and to some analysts, the behavior by the existing distributors — in some cases giving financial incentives to friendly channel owners, in other cases including punitive measures in contracts — has an anticompetitive whiff. The antitrust division of the Justice Department is looking into the issue as part of a broad investigation into cable and satellite company practices, according to people contacted by the department, who spoke on condition of anonymity because they were not authorized to speak publicly. A department spokeswoman declined to comment.

Public attention about the issue, which gained new life this week during the cable industry’s annual conference here, might also spur the Federal Communications Commission to afford would-be Internet distributors like Intel the same legal protections as those that already exist. The commission has been considering such a change for more than a year.

“The government has to step up and protect these companies, or the incumbents are going to kill them in their cradles,” said Gigi B. Sohn, the president of the public interest group Public Knowledge.

Prospective products like Intel TV, delivered through the broadband Internet infrastructure of Comcast, Time Warner Cable or another provider and sometimes called “over the top TV,” have the potential to radically alter the media marketplace in the United States.

Unlike Netflix, which sells a library of TV episodes and mainly supplements cable, a service like Intel’s — with dozens of channels, big and small, streaming through a modern interface — could cause more consumers to cancel their cable subscriptions. (They would have to keep a broadband subscription, however, unless or until wireless capacity improves.)

It could also stir further innovation within the industry. If Intel’s service ever goes on sale, industry executives predict that others will quickly follow — either because they want to, or they feel they have no choice.

Apple, Microsoft and Sony are often mentioned as possibilities, but the more immediate competition might come from Comcast, Time Warner Cable and other major distributors, which could suddenly compete directly in markets all across the country. Comcast has quietly been working on an “over the top” service for well over a year.

“Suddenly there’d be a whole new world of competition,” said one of the executives, who declined to express support for the “over the top” option for fear of angering the existing distributors.

Most of those companies declined to comment on the record, but some representatives said privately that they are taking common-sense steps to protect their businesses. Each confidential contract between a distributor and a channel owner is different, they said.

Some contracts include clauses that expressly prohibit the channels to be sold to an Internet distributor like Intel, while other contracts merely discourage such competition by including financial incentives or penalties. So-called most favored nation clauses, which are common, exist to ensure that if another distributor receives a cheaper rate for a channel later, that rate applies across the board. Some of these provisions have been in place for years.

But critics said that the contractual language makes it much harder for new companies to enter the marketplace. A Justice Department official said in a presentation last year that “contracts that reference rivals” have the potential to harm competition.

Within the cable industry, the practice of discouraging new Internet distributors has been suspected but not widely documented. The issue attracted new attention on Tuesday during the cable industry’s conference when Richard Greenfield, an analyst at BTIG Research, wrote in a blog post that at least one unnamed distributor had prevented a channel owner from selling to a service like Intel. Whether illegal or not, “it most certainly is bad for consumers, as it limits competition and prevents the emergence of distributors who can provide revolutionary new ways of experiencing” TV, he wrote.

Mr. Greenfield did not name any names, but several channel owners and smaller distributors said Time Warner Cable, the nation’s second-largest cable company after Comcast, had been by far the most aggressive in its dealings with channels. When Comcast acquired NBCUniversal in 2011, it signed a consent decree with the government that prohibited it from trying to block budding Internet distributors. Time Warner Cable declined to elaborate on its practices on Wednesday, but said in a statement that “it is absurd to suggest that, in today’s highly competitive video marketplace, obtaining some level of exclusivity is anticompetitive. Exclusivities and windows are extremely common in the entertainment industry; that’s exactly how entertainment companies compete.” It cited the N.F.L. deal with DirecTV and the Netflix distribution of the former cable show “Arrested Development,” among other examples.

Mr. Greenfield rejected that explanation. “They are not paying for exclusivity,” he said. “They are saying you can sell to X, to Y and Z, but you are forbidden from selling to this new class, called A.”

A spokesman for Intel declined to comment. But this week the company had a suite at a hotel, one block from the cable conference site, and held demonstrations of its service for potential partners. What Intel needs, according to people briefed on their plans, is the support of a critical mass of channels — not the entire universe that Comcast or DirecTV has, but enough to have a viable service. Intel will not introduce the service without that.
https://www.nytimes.com/2013/06/13/b...top-intel.html





U.S. Pushes Agencies to Free Up Spectrum
Edward Wyatt

Three years after President Obama laid out an ambitious plan to double the country’s supply of airwaves for use in high-speed wireless Internet service, the White House on Friday announced efforts intended in part to spur participation by government agencies that have been slow to join the cause.

Without additional airwaves for consumer and business use, administration officials say, the “skyrocketing demand of consumer and broadband business users” for wireless service for smartphones, tablets and other devices will soon outgrow the supply.

For consumers, the initiative could allow cellphone and wireless broadband companies to eventually increase the reliability of their networks, meaning fewer dropped calls and shorter delays in loading video and other large files.

It also could create jobs, the administration says. It cites industry studies reporting that since 2007, more than 500,000 jobs have been created in what is known as the App Economy — the business of creating and selling applications and programs that take advantage of faster Internet speeds and more advanced devices.

The administration said it would invest $40 million in the next year and $60 million more over the next five years to find ways for government agencies to share lightly used airwaves that are under federal control with private wireless communications companies.

Mr. Obama directed federal agencies to make more capacity available by enhancing the efficiency of their spectrum use and to recommend ways of using financial or other incentives to increase sharing of airwaves by government agencies.

“The number of wireless devices is exploding, and that means increasing demands on the spectrum upon which they all rely,” Gene B. Sperling, director of the National Economic Council, said in a White House blog post on Friday. “The federal government helps manage that resource, and we know we can do a better job of unleashing innovation by ensuring more of it is shared, unlicensed for innovations like Wi-Fi, and better used by our departments and agencies.”

One roadblock to that seemingly unlimited growth potential, however, is the reluctance of some parts of the government to part with any of their vast holdings of the nation’s electromagnetic spectrum — the airwaves used by cellphone and wireless communications companies.

In 2010, Mr. Obama directed government agencies to work to free up 500 megahertz of spectrum from federal and private sector sources. Those efforts have been embraced by numerous federal departments, administration officials say.

But a few others, including the Defense Department, have expressed wariness not only at sharing or giving up any of their designated frequencies, but even at revealing the amount and location of airwaves they control. Doing so could compromise national security, Pentagon officials say.

An administration official cited one hypothetical example where an executive department might use a certain frequency for about 12 hours a week of training activities. One agency might be willing to confine its use to prescribed hours, and allow commercial users to share the airwaves at other times, while another department might say it needs the flexibility to be able to use the airwaves at any time.

The Defense Department has said it supports the president’s goals of freeing up spectrum, but noted that an increasingly electronically armed military had its own rising needs for spectrum. The administration emphasized that any new plans to free spectrum should not interfere with “mission-critical capabilities” of military and other government departments.

Nevertheless, the intransigency of some departments has frustrated lawmakers.

“I have long called for a thorough inventory of all public spectrum assets in order to gauge usage and improve efficiency, and have been frustrated by how this debate has dragged out over the past four years,” Senator Mark Warner, a Virginia Democrat, said Friday. “Federal agencies should have the spectrum they need to protect the public, but no one should be warehousing spectrum.”

The Commerce Department has identified more than 300 megahertz of spectrum controlled by the federal government that could be set aside for other uses. The remainder of the 500 megahertz defined as the goal by the administration would come from the so-called incentive auctions that were authorized as part of the 2012 Middle Class Tax Relief and Job Creation Act.

That law provided for the government to share the proceeds of auctions of newly cleared spectrum with television broadcasters who would willingly sell some or all of their spectrum licenses.

Perhaps the most interesting and highly charged recommendation in the president’s directive is one ordering recommendations for incentives that could be used to persuade government departments to share or give up spectrum.

A study released last year by a presidential advisory council on science and technology recommended that the government create a “synthetic” currency that could be used to entice federal agencies. The system would in effect increase an agency’s budget if it gave up or shared its airwaves.

Commissioner Jessica Rosenworcel of the Federal Communications Commission, who has also been advocating such a system since joining the agency in May 2012, about the time the advisory council’s report was released, said federal spectrum policy should be built “on carrots, not sticks.”

“Our traditional three-step process for reallocating federal spectrum — clearing federal users, relocating them, and then auctioning the cleared spectrum for new use — is reaching its limits,” she said. The new initiatives, however, “are a significant step toward meeting the country’s spectrum needs.”
https://www.nytimes.com/2013/06/15/u...eless-use.html





Disruptions: Celebrities’ Product Plugs on Social Media Draw Scrutiny
Nick Bilton

In 1982, Bill Cosby appeared on television showing off a snazzy new computer. “Looking for a powerful home computer?” he said as he waved his hands over a Texas Instruments PC that looks archaic now. “This is the one! With 16k memory, it can take you a long way.”

The commercial made it obvious that Mr. Cosby, a prominent comedian and television star, was being paid to promote the boxy device.

Computers have changed significantly in the decades since. And, to the confusion of consumers, celebrity endorsements have, too.

Today, when celebrities and people with large followings on social networks promote a product or service, it’s often impossible to know if it’s an authentic plug or if they were paid to say nice things about it.

Take Miley Cyrus, the 20-year-old pop star who was traveling around America last week promoting her new album. One morning she posted on Twitter: “Thanks @blackjet for the flight to Silicon Valley!” The details of the arrangement between Blackjet, a Silicon Valley start-up that arranges for private jet travel, and Ms. Cyrus are unclear. But Dean Rotchin, chief executive of BlackJet, said “she was given some consideration for her tweet.” Ms. Cyrus did not respond to a request for comment.

Thanks @blackjet for the flight to Silicon Valley! #wecantstop

— Miley Ray Cyrus (@MileyCyrus) June 3, 2013

Did her 12 million Twitter followers know about the arrangement? It’s unlikely, and that lack of clarity, increasingly common in the social media postings of celebrities, is starting to draw the attention of federal officials.

“In a traditional ad with a celebrity, everyone assumes that they are being paid,” said Mary K. Engle, associate director of the advertising practices division at the Federal Trade Commission. “When it’s not obvious that it is an ad, people should disclose that they are being paid.”

Under F.T.C. guidelines, companies and the celebrities they are sponsoring risk being deceptive by not noting that these endorsements are advertisements, Ms. Engle said. Sometimes, they are breaking federal rules called “Dot Com Disclosures” that require clarity about sponsorships, even on Twitter. People who violate the law can be given warnings or be fined, though the size of the financial penalty isn’t clearly defined.

Some celebrities are unapologetic about promoting their investments anywhere they can. In 2011, Ashton Kutcher was guest editor of an online-only version of Details magazine, where he profiled a dozen companies in which he was an investor or adviser, but did not disclose the investments. At the time, Dan Peres, the editor in chief of Details, said the magazine stood “by how we communicated Ashton’s involvement with some of the companies.” Mr. Kutcher declined to comment.

Mr. Kutcher has also tried to sneak companies in which he invests onto “Two and a Half Men,” the CBS show where he is a lead actor, by placing stickers for the tech outfits Foursquare, Chegg and Flipboard on his character’s laptop. He boasted in an interview at the TechCrunch Disrupt conference that he “pulled it off,” until the network found out and started blurring the back of his laptop during the show.

Mr. Kutcher regularly posts about companies he invests in on Twitter, too. He also uses his Twitter and Facebook heft (he has about 14 million followers on both services) when negotiating with companies he wants to invest in, by noting that he will share the product on these social networks. The F.T.C. declined to comment on any particular instances where celebrities have posted about companies with which they have financial relationships. The agency did say there are “open investigations” into companies that have broken federal rules.

“Like advertorials and infomercials, with Twitter, our view would be that the consumers have a right to know. It gives them that additional information, just like a celebrity endorsing something on TV,” said Andrea C. Levine, director the National Advertising Division, part of the Council of Better Business Bureaus, which reviews advertising claims for accuracy.

“It’s a new day, with a new way, but an old issue,” Ms. Levine said.

According to talent agency employees, who spoke on the condition that they not be named because they are not allowed to divulge private dealings with clients, some A-list celebrities can be paid as much as $20,000 for a Twitter post or Facebook update.

In May, Kim Kardashian posted on Twitter: “Pregnancy lips…. @EOS to the rescue! LOL” with a picture attached of her using EOS lip balm. Ms. Kardashian did not respond to a request for comment.

Last month, the actor Michael Ian Black was more forthcoming and told his two million Twitter followers that Dos Equis had paid him thousands of dollars to share an ad for the beer company.

@planetoffinks No, they wrote it and paid me thousands of dollars to run it.

— Michael Ian Black (@michaelianblack) May 11, 2013

Linda A. Goldstein, a partner and chairwoman of the advertising, marketing and media division at the law firm Manatt, Phelps & Phillips, said that in all of these contexts the advertisers, investors and celebrities had a responsibility to disclose that they have something to gain.

“The message to brands is that you are responsible for the action of your spokespeople, so when you engage them, they should be aware of their obligations,” Ms. Goldstein said. In some cases individuals are breaking the law, she said, and she believes the F.T.C., or another government agency, will eventually bring fines against a celebrity for not disclosing his or her financial relationship.

Although there are no specific rules about the language people must use in an endorsement, Ms. Engle from the F.T.C. suggested using the word “ad” to preface a tweet. “It only takes up two extra characters.”

There is a risk, of course, that today’s celebrities risk angering fans by not disclosing their financial ties. In an interview with InfoWorld magazine in 1982, William Turner, the marketing manager for Texas Instruments’ consumer products group, was asked why he chose Mr. Cosby to represent the company.

“He represents comfort,” Mr. Turner said, “and people trust him.”

Pregnancy lips…. @eos to the rescue! LOL twitpic.com/ctpyjj

— Kim Kardashian (@KimKardashian) May 28, 2013
http://bits.blogs.nytimes.com/2013/0...draw-scrutiny/





'The Purge' Shocks With $36.4 Million Opening
Jake Coyle

The suspense thriller "The Purge" topped the weekend box office with a shocking $36.4 million that doubled industry expectations, according to studio estimates Sunday.

Audiences starved for a horror option flocked to the micro-budget Universal film starring Ethan Hawke. The film's strong opening performance minted another box-office hit for "Paranormal Activity" producer Jason Blum.

Like that horror franchise, "The Purge" was made for relative peanuts — just $3 million — making it an extremely lucrative release for Universal. The studio had expected it to open in the high teens.

"Never did we expect it to open at this level," said Nikki Rocco, head of distribution for Universal. "This result could not have been forecasted by anybody."

There has been a dearth of horror films at the multiplex in recent weeks, which Rocco acknowledged was a major factor for "The Purge." Written and directed by James DeMonaco, "The Purge" is set in a utopic United States in the year 2022, where crime has been eradicated except for one violently cathartic day a year when nearly all mayhem is legal.

The film opened strong with late night screenings Thursday night that alone took in $3.4 million.

"This is exactly the kind of film that stumps all the analysts," said Paul Dergarabedian, an analyst for box-office tracker Hollywood.com. "It proves that R-rated horror films, no matter the budget, always have a place with audiences."

Universal also claimed the second spot at the box office, as the Vin Diesel action flick "Fast & Furious 6" earned $19.8 million in its third week of release. The sixth installment of the street racing series has now earned a total of $202.3 million domestically and $381.7 million internationally.

The Google-promoting comedy "The Internship" opened with $18.1 million, a decent debut for the Fox comedy that reteams "Wedding Crashers" stars Owen Wilson and Vince Vaughn.

But that was good enough only for fourth place behind two hold-overs: "Fast & Furious 6" and Lionsgate's "Now You See Me." The illusionist heist film held strong, earning $19.5 million over the weekend, bringing its cumulative haul to $61.4 million.

After Will Smith's sci-fi adventure "After Earth" bombed in its domestic opening last weekend, coming in third with $27.5 million for Sony, the film found a warmer reception overseas this weekend. It took in $45.5 million internationally after opening in some 60 overseas markets. Domestically, it continued to fare poorly, adding $11.2 million in its second week.

Even with the unexpected success of "The Purge," the box office was still down from last year, when "Madagascar 3" and "Prometheus" both opened. But Superman comes to the rescue next weekend with the debut of Zac Snyder's highly anticipated "Man of Steel" for Warner Bros. Dergarabedian expects the film to open above $100 million.

Estimated ticket sales for Friday through Sunday at U.S. and Canadian theaters, according to Hollywood.com. Where available, latest international numbers are also included. Final domestic figures will be released on Monday.

1. "The Purge," $36.4 million.

2. "Fast & Furious 6," $19.8 million ($45.3 million international).

3. "Now You See Me," $19.5 million ($2 million international).

4. "The Internship," $18.1 million.

5. "Epic," $12.1 million ($12.7 million international).

6. "Star Trek Into Darkness," $11.7 million ($17.6 million international).

7. "After Earth," $11.2 million ($45.5 million international).

8. "The Hangover Part III," $7.4 million ($34.8 million international).

9. "Iron Man 3," $5.8 million ($3.9 million international).

10. "The Great Gatsby," $4.2 million ($13.3 million international).

___

Estimated weekend ticket sales at international theaters (excluding the U.S. and Canada) for films distributed overseas by Hollywood studios, according to Rentrak:

1. "After Earth," $45.5 million.

2. "Fast & Furious 6," $45.3 million.

3. "The Hangover Part III," $34.8 million.

4. "Secretly Greatly," $19 million.

5. "Star Trek Into Darkness," $17.6 million.

6. "The Great Gatsby," $13.3 million.

7. "Epic," $12.7 million.

8. "Iron Man 3," $3.9 million.

9. "G.I. Joe: Retaliation," $2.7 million.

10. "Oblivion," $2.1 million.

___

Universal and Focus are owned by NBC Universal, a unit of Comcast Corp.; Sony, Columbia, Sony Screen Gems and Sony Pictures Classics are units of Sony Corp.; Paramount is owned by Viacom Inc.; Disney, Pixar and Marvel are owned by The Walt Disney Co.; Miramax is owned by Filmyard Holdings LLC; 20th Century Fox and Fox Searchlight are owned by News Corp.; Warner Bros. and New Line are units of Time Warner Inc.; MGM is owned by a group of former creditors including Highland Capital, Anchorage Advisors and Carl Icahn; Lionsgate is owned by Lions Gate Entertainment Corp.; IFC is owned by AMC Networks Inc.; Rogue is owned by Relativity Media LLC.
http://www.newstimes.com/business/ar...ng-4589804.php





Voice-Activated Technology Is Called Safety Risk for Drivers
Matt Richtel and Bill Vlasic

As concerns have intensified about driver distraction from electronic gadgets, automakers have increasingly introduced voice-activated systems that allow drivers to keep their hands on the wheel and eyes on the road. But a new study says that the most advanced of these systems actually create a different, and worse, safety risk, by taking a driver’s mind, if not eyes, off the road.

These systems let drivers use voice commands to dictate a text, send an e-mail and even update a Facebook page. Automakers say the systems not only address safety concerns, but also cater to consumers who increasingly want to stay connected on the Internet while driving.

“What we really have on our hands is a looming public safety crisis with the proliferation of these vehicles,” said Yolanda Cade, a spokeswoman for AAA, whose Foundation for Highway Safety released the study on Wednesday. She characterized the rush to equip cars with Internet-enabled systems as “an arms race.”

The study is among the most exhaustive look to date at the new in-car technology and sets up a potential clash between safety advocates and the auto industry, given that automakers increasingly see profit potential in the new systems.

In some high-end luxury cars, like the BMW 7-series sedan, drivers can dictate e-mails or text messages. And some mainstream models are equipped with options that can translate voice messages into text. The Chevrolet Sonic compact car, for example, has a system that allows drivers to compose texts verbally on an iPhone connected in the vehicle.

More than half of all new cars will integrate some type of voice recognition by 2019, according to the electronics consulting firm IMS Research. The auto companies argue that these systems are safer because they are hands-free.

“We are concerned about any study that suggests that hand-held phones are comparably risky to the hands-free systems we are putting in our vehicles,” said Gloria Bergquist, the vice president for public affairs at the Alliance of Automobile Manufacturers in Washington, adding that carmakers are trying to keep consumers connected without them having to use their hand-held phones while driving.

“It is a connected society, and people want to be connected in their car just as they are in their home or wherever they may be,” she said.

In April, the federal government recommended that automakers voluntarily limit the technology in their cars to keep drivers focused. The federal agency that made the recommendation, the National Highway Traffic Safety Administration, said it would review the latest research .

What makes the use of these speech-to-text systems so risky is that they create a significant cognitive distraction, the researchers found. The brain is so taxed interacting with the system that, even with hands on the wheel and eyes on the road, the driver’s reaction time and ability to process what is happening on the road are impaired.

The research was led by David Strayer, a neuroscientist at the University of Utah who for two decades has applied the principles of attention science to driver behavior. His research has showed, for example, that talking on a phone while driving creates the same level of crash risk as someone with a 0.08 blood-alcohol level, the legal level for intoxication across the country.

In this latest study, he and a team of researchers compared the impact on drivers of different activities, including listening to a book on tape or the radio, and talking on a hand-held phone or hands-free phone.

The researchers compared how the subjects performed when they were not driving with two other conditions: when using a driver simulator and in a car equipped with tools aimed at measuring how well they drove. The researchers used eye-scanning technology to see where driver attention was focused and also measured the electrical activity in the brain.

Mr. Strayer said the results were consistent across all the tests in finding that speech-to-text technology caused a higher level of cognitive distraction than any of the other activities. The research showed, for instance, that the person interacting with speech to text was less likely than in other activities to scan a crosswalk for pedestrians. And that driver showed lowered activity in networks of the brain associated with driving, indicating that those networks were impaired by the interaction with the technology.

Mr. Strayer said that the reason for the heavy load created by the technology was not totally clear. One reason appears to be the amount of effort required to talk to the dashboard, which is greater than talking to a person, who can interrupt and ask for clarification.

With a passenger or even on a phone, the other person says “wait, wait, I didn’t understand,” Mr. Strayer said. “That stuff is gone when you’re trying to compose an e-mail. You have to get your thought in order and lay it out in order.”

Mr. Strayer said the research should give automakers pause. “Look at new cars; they’re enabling sending e-mails, sending text, tweeting, updating Facebook, making movie or dinner reservations with voice commands,” he said. “The assumption is if you’re doing those things with speech-based technology, they’ll be safe. But they’re not.”

But the automakers are not likely to slow down development of the technology unless the law forbids it, said Ronald Montoya, consumer advice editor for Edmunds.com, a research firm.

“They’re not going to pause based on this research,” he said.
https://www.nytimes.com/2013/06/13/b...led-risky.html





Rigging Any Vote-Based Social Website to Keep the “Early Spirit”

A simple but powerful mechanism for tailoring any vote-based social website towards the spirit of the early days, in other words the taste of the initial users who find the site content degrading over time due to new user influx.

Sooner or later, any social website will get complained at by its initial users, for having lost that good old soul of the early days. Back then, the website in question was far more true in spirit and unspoiled by newcoming marauders with their roots in lesser forums out there. These complaints often take the form of “X is slowly turning into Y” or “What has happened to X, it used to be about Z and now all I see is pictures of kittens” and so on.

This phenomenon is commonly observed on vote-based sites, such ones where users post links and everyone gets to upvote or downvote them, creating an ecosystem of allegedly qualitative content filtering. Good links will rise and bad ones will fall. At least that’s what is supposed to happen, but of course good and bad are subjective values. Which is exactly why mentioned type of complaints will increase over time. The larger and more diverse group of users, the less common will the least denominator be for what is considered quality. And so, one group of users will perceive its “high-grade” content sabotaged by some other group’s “low-grade” content.

Interesting enough, the feeling of entitlement to dictate what is to be considered proper content for a given website seems to be in direct relationship to the users’ registration date. Carrying this observation all the way through, the early users will have a mostly consensual view of what the website was like in the “early days”, and how this is also how it should be. Such sentiment may seem conservative, but is merely a logical result of why those users kept coming back to the website in the first place. Had they not liked those days, they would not be around today talking about the same.

So, can a vote-based social website be rigged to please those longing for the early spirit? Yes, it can, and by a very simple mechanism: Weight all votes according to user registration date. The earlier the user became a member, the more significant will their vote be. The system will by definition lean towards what the early users want out of it.

This straight-forward but powerful mechanism could be used for all sorts of websites and in a number of variations. For example, any user could ask for content weighted towards an arbitrary date, like “Show me content to the taste of people who registered in December 2008” or “What do the 1,000 newest users like?” or just “Only count votes from the first 100 users”.

Does anyone already do something like this, or dare try it?
http://alimony.github.io/ideas/riggi...ly-spirit.html





PRISM vs Tor
Mike Perry

By now, just about everybody has heard about the PRISM surveillance program, and many are beginning to speculate on its impact on Tor.

Unfortunately, there still are a lot of gaps to fill in terms of understanding what is really going on, especially in the face of conflicting information between the primary source material and Google, Facebook, and Apple's claims of non-involvement.

This apparent conflict means that it is still hard to pin down exactly how the program impacts Tor, and is leading many to assume worst-case scenarios.

For example, some of the worst-case scenarios include the NSA using weaponized exploits to compromise datacenter equipment at these firms. Less severe, but still extremely worrying possibilities include issuing gag orders to mid or low-level datacenter staff to install backdoors or monitoring equipment without any interaction what-so-ever with the legal and executive staff of the firms themselves.

We're going to save analysis of those speculative and invasive scenarios for when more information becomes available (though we may independently write a future blog post on the dangers of the government use of weaponized exploits).

For now, let's review what Tor can do, what tools go well with Tor to give you defense-in-depth for your communications, and what work needs to be done so we can make it easier to protect communications from instances where the existing centralized communications infrastructure is compromised by the NSA, China, Iran, or by anyone else who manages to get ahold of the keys to the kingdom.

The core Tor software's job is to conceal your identity from your recipient, and to conceal your recipient and your content from observers on your end. By itself, Tor does not protect the actual communications content once it leaves the Tor network. This can make it useful against some forms of metadata analysis, but this also means Tor is best used in combination with other tools.

Through the use of HTTPS-Everywhere in Tor Browser, in many cases we can protect your communications content where parts of the Tor network and/or your recipients' infrastructure are compromised or under surveillance. The EFF has created an excellent interactive graphic to help illustrate and clarify these combined properties.

Through the use of combinations of additional software like TorBirdy and Enigmail, OTR, and Diaspora, Tor can also protect your communications content in cases where the communications infrastructure (Google/Facebook) is compromised.

However, the real interesting use cases for Tor in the face of dragnet surveillance like this is not that Tor can protect your gmail/facebook accounts from analysis (in fact, Tor could never really protect account usage metadata), but that Tor and hidden services are actually a key building block to build systems where it is no longer possible to go to a single party and obtain the full metadata, communications frequency, *or* contents.

Tor hidden services are arbitrary communications endpoints that are resistant to both metadata analysis and surveillance.

A simple (to deploy) example of a hidden service based mechanism to significantly hinder exactly this type of surveillance is an XMPP client that also ships with an XMPP server and a Tor hidden service. Such a P2P communication system (where the clients are themselves the servers) is both end-to-end secure, and does *not* have a single central server where metadata is available. This communication is private, pseudonymous, and does not have involve any single central party or intermediary.

More complex examples would include the use of Diaspora and other decentralized social network protocols with hidden service endpoints.

Despite these compelling use cases and powerful tool combination possibilities, the Tor Project is under no illusion that these more sophisticated configurations are easy, usable, or accessible by the general public.

We recognize that a lot of work needs to be done even for the basic tools like Tor Browser, TorBirdy, EnigMail, and OTR to work seamlessly and securely for most users, let alone complex combinations like XMPP or Diaspora with Hidden Services.

Additionally, hidden services themselves are in need of quite a bit of development assistance just to maintain their originally designed level of security, let alone scaling to support large numbers of endpoints.

Being an Open Source project with limited resources, we welcome contributions from the community to make any of this software work better with Tor, or to help improve the Tor software itself.

If you're not a developer, but you would still like to help us succeed in our mission of securing the world's communications, please donate! It is a rather big job, after all.

We will keep you updated as we learn more about the exact capabilities of this program.
https://blog.torproject.org/blog/prism-vs-tor





Secret to Prism Program: Even Bigger Data Seizure
Stephen Braun, Anne Flaherty, Jack Gillum and Matt Apuzzo

In the months and early years after 9/11, FBI agents began showing up at Microsoft Corp. more frequently than before, armed with court orders demanding information on customers.

Around the world, government spies and eavesdroppers were tracking the email and Internet addresses used by suspected terrorists. Often, those trails led to the world's largest software company and, at the time, largest email provider.

The agents wanted email archives, account information, practically everything, and quickly. Engineers compiled the data, sometimes by hand, and delivered it to the government.

Often there was no easy way to tell if the information belonged to foreigners or Americans. So much data was changing hands that one former Microsoft employee recalls that the engineers were anxious about whether the company should cooperate.

Inside Microsoft, some called it "Hoovering" — not after the vacuum cleaner, but after J. Edgar Hoover, the first FBI director, who gathered dirt on countless Americans.

This frenetic, manual process was the forerunner to Prism, the recently revealed highly classified National Security Agency program that seizes records from Internet companies. As laws changed and technology improved, the government and industry moved toward a streamlined, electronic process, which required less time from the companies and provided the government data in a more standard format.

The revelation of Prism this month by the Washington Post and Guardian newspapers has touched off the latest round in a decade-long debate over what limits to impose on government eavesdropping, which the Obama administration says is essential to keep the nation safe.

But interviews with more than a dozen current and former government and technology officials and outside experts show that, while Prism has attracted the recent attention, the program actually is a relatively small part of a much more expansive and intrusive eavesdropping effort.

Americans who disapprove of the government reading their emails have more to worry about from a different and larger NSA effort that snatches data as it passes through the fiber optic cables that make up the Internet's backbone. That program, which has been known for years, copies Internet traffic as it enters and leaves the United States, then routes it to the NSA for analysis.

Whether by clever choice or coincidence, Prism appears to do what its name suggests. Like a triangular piece of glass, Prism takes large beams of data and helps the government find discrete, manageable strands of information.

The fact that it is productive is not surprising; documents show it is one of the major sources for what ends up in the president's daily briefing. Prism makes sense of the cacophony of the Internet's raw feed. It provides the government with names, addresses, conversation histories and entire archives of email inboxes.

Many of the people interviewed for this report insisted on anonymity because they were not authorized to publicly discuss a classified, continuing effort. But those interviews, along with public statements and the few public documents available, show there are two vital components to Prism's success.

The first is how the government works closely with the companies that keep people perpetually connected to each other and the world. That story line has attracted the most attention so far.

The second and far murkier one is how Prism fits into a larger U.S. wiretapping program in place for years.

___

Deep in the oceans, hundreds of cables carry much of the world's phone and Internet traffic. Since at least the early 1970s, the NSA has been tapping foreign cables. It doesn't need permission. That's its job.

But Internet data doesn't care about borders. Send an email from Pakistan to Afghanistan and it might pass through a mail server in the United States, the same computer that handles messages to and from Americans. The NSA is prohibited from spying on Americans or anyone inside the United States. That's the FBI's job and it requires a warrant.

Despite that prohibition, shortly after the Sept. 11 terrorist attacks, President George W. Bush secretly authorized the NSA to plug into the fiber optic cables that enter and leave the United States, knowing it would give the government unprecedented, warrantless access to Americans' private conversations.

Tapping into those cables allows the NSA access to monitor emails, telephone calls, video chats, websites, bank transactions and more. It takes powerful computers to decrypt, store and analyze all this information, but the information is all there, zipping by at the speed of light.

"You have to assume everything is being collected," said Bruce Schneier, who has been studying and writing about cryptography and computer security for two decades.

The New York Times disclosed the existence of this effort in 2005. In 2006, former AT&T technician Mark Klein revealed that the company had allowed the NSA to install a computer at its San Francisco switching center, a key hub for fiber optic cables.

What followed was the most significant debate over domestic surveillance since the 1975 Church Committee, a special Senate committee led by Sen. Frank Church, D-Idaho, reined in the CIA and FBI for spying on Americans.

Unlike the recent debate over Prism, however, there were no visual aids, no easy-to-follow charts explaining that the government was sweeping up millions of emails and listening to phone calls of people accused of no wrongdoing.

The Bush administration called it the "Terrorist Surveillance Program" and said it was keeping the United States safe.

"This program has produced intelligence for us that has been very valuable in the global war on terror, both in terms of saving lives and breaking up plots directed at the United States," Vice President Dick Cheney said at the time.

The government has said it minimizes all conversations and emails involving Americans. Exactly what that means remains classified. But former U.S. officials familiar with the process say it allows the government to keep the information as long as it is labeled as belonging to an American and stored in a special, restricted part of a computer.

That means Americans' personal emails can live in government computers, but analysts can't access, read or listen to them unless the emails become relevant to a national security investigation.

The government doesn't automatically delete the data, officials said, because an email or phone conversation that seems innocuous today might be significant a year from now.

What's unclear to the public is how long the government keeps the data. That is significant because the U.S. someday will have a new enemy. Two decades from now, the government could have a trove of American emails and phone records it can tap to investigative whatever Congress declares a threat to national security.

The Bush administration shut down its warrantless wiretapping program in 2007 but endorsed a new law, the Protect America Act, which allowed the wiretapping to continue with changes: The NSA generally would have to explain its techniques and targets to a secret court in Washington, but individual warrants would not be required.

Congress approved it, with Sen. Barack Obama, D-Ill., in the midst of a campaign for president, voting against it.

"This administration also puts forward a false choice between the liberties we cherish and the security we provide," Obama said in a speech two days before that vote. "I will provide our intelligence and law enforcement agencies with the tools they need to track and take out the terrorists without undermining our Constitution and our freedom."

___

When the Protect America Act made warrantless wiretapping legal, lawyers and executives at major technology companies knew what was about to happen.

One expert in national security law, who is directly familiar with how Internet companies dealt with the government during that period, recalls conversations in which technology officials worried aloud that the government would trample on Americans' constitutional right against unlawful searches, and that the companies would be called on to help.

The logistics were about to get daunting, too.

For years, the companies had been handling requests from the FBI. Now Congress had given the NSA the authority to take information without warrants. Though the companies didn't know it, the passage of the Protect America Act gave birth to a top-secret NSA program, officially called US-98XN.

It was known as Prism. Though many details are still unknown, it worked like this:

Every year, the attorney general and the director of national intelligence spell out in a classified document how the government plans to gather intelligence on foreigners overseas.

By law, the certification can be broad. The government isn't required to identify specific targets or places.

A federal judge, in a secret order, approves the plan.

With that, the government can issue "directives" to Internet companies to turn over information.

While the court provides the government with broad authority to seize records, the directives themselves typically are specific, said one former associate general counsel at a major Internet company. They identify a specific target or groups of targets. Other company officials recall similar experiences.

All adamantly denied turning over the kind of broad swaths of data that many people believed when the Prism documents were first released.

"We only ever comply with orders for requests about specific accounts or identifiers," Microsoft said in a statement.

Facebook said it received between 9,000 and 10,000 requests for data from all government agencies in the second half of last year. The social media company said fewer than 19,000 users were targeted.

How many of those were related to national security is unclear, and likely classified. The numbers suggest each request typically related to one or two people, not a vast range of users.

Tech company officials were unaware there was a program named Prism. Even former law enforcement and counterterrorism officials who were on the job when the program went live and were aware of its capabilities said this past week that they didn't know what it was called.

What the NSA called Prism, the companies knew as a streamlined system that automated and simplified the "Hoovering" from years earlier, the former assistant general counsel said. The companies, he said, wanted to reduce their workload. The government wanted the data in a structured, consistent format that was easy to search.

Any company in the communications business can expect a visit, said Mike Janke, CEO of Silent Circle, a company that advertises software for secure, encrypted conversations. The government is eager to find easy ways around security.

"They do this every two to three years," said Janke, who said government agents have approached his company but left empty-handed because his computer servers store little information. "They ask for the moon."

That often creates tension between the government and a technology industry with a reputation for having a civil libertarian bent. Companies occasionally argue to limit what the government takes. Yahoo even went to court and lost in a classified ruling in 2008, The New York Times reported Friday.

"The notion that Yahoo gives any federal agency vast or unfettered access to our users' records is categorically false," Ron Bell, the company's general counsel, said recently.

Under Prism, the delivery process varied by company.

Google, for instance, says it makes secure file transfers. Others use contractors or have set up stand-alone systems. Some have set up user interfaces making it easier for the government, according to a security expert familiar with the process.

Every company involved denied the most sensational assertion in the Prism documents: that the NSA pulled data "directly from the servers" of Microsoft, Yahoo, Google, Facebook, AOL and more.

Technology experts and a former government official say that phrasing, taken from a PowerPoint slide describing the program, was likely meant to differentiate Prism's neatly organized, company-provided data from the unstructured information snatched out of the Internet's major pipelines.

In slide made public by the newspapers, NSA analysts were encouraged to use data coming from both Prism and from the fiber-optic cables.

Prism, as its name suggests, helps narrow and focus the stream. If eavesdroppers spot a suspicious email among the torrent of data pouring into the United States, analysts can use information from Internet companies to pinpoint the user.

With Prism, the government gets a user's entire email inbox. Every email, including contacts with American citizens, becomes government property.

Once the NSA has an inbox, it can search its huge archives for information about everyone with whom the target communicated. All those people can be investigated, too.

That's one example of how emails belonging to Americans can become swept up in the hunt.

In that way, Prism helps justify specific, potentially personal searches. But it's the broader operation on the Internet fiber optics cables that actually captures the data, experts agree.

"I'm much more frightened and concerned about real-time monitoring on the Internet backbone," said Wolf Ruzicka, CEO of EastBanc Technologies, a Washington software company. "I cannot think of anything, outside of a face-to-face conversation, that they could not have access to."

One unanswered question, according to a former technology executive at one of the companies involved, is whether the government can use the data from Prism to work backward.

For example, not every company archives instant message conversations, chat room exchanges or videoconferences. But if Prism provided general details, known as metadata, about when a user began chatting, could the government "rewind" its copy of the global Internet stream, find the conversation and replay it in full?

That would take enormous computing, storage and code-breaking power. It's possible the NSA could use supercomputers to decrypt some transmissions, but it's unlikely it would have the ability to do that in volume. In other words, it would help to know what messages to zero in on.

Whether the government has that power and whether it uses Prism this way remains a closely guarded secret.

___

A few months after Obama took office in 2009, the surveillance debate reignited in Congress because the NSA had crossed the line. Eavesdroppers, it turned out, had been using their warrantless wiretap authority to intercept far more emails and phone calls of Americans than they were supposed to.

Obama, no longer opposed to the wiretapping, made unspecified changes to the process. The government said the problems were fixed.

"I came in with a healthy skepticism about these programs," Obama explained recently. "My team evaluated them. We scrubbed them thoroughly. We actually expanded some of the oversight, increased some of the safeguards."

Years after decrying Bush for it, Obama said Americans did have to make tough choices in the name of safety.

"You can't have 100 percent security and also then have 100 percent privacy and zero inconvenience," the president said.

Obama's administration, echoing his predecessor's, credited the surveillance with disrupting several terrorist attacks. Leading figures from the Bush administration who endured criticism during Obama's candidacy have applauded the president for keeping the surveillance intact.

Jason Weinstein, who recently left the Justice Department as head of its cybercrime and intellectual property section, said it's no surprise Obama continued the eavesdropping.

"You can't expect a president to not use a legal tool that Congress has given him to protect the country," he said. "So, Congress has given him the tool. The president's using it. And the courts are saying 'The way you're using it is OK.' That's checks and balances at work."

Schneier, the author and security expert, said it doesn't really matter how Prism works, technically. Just assume the government collects everything, he said.

He said it doesn't matter what the government and the companies say, either. It's spycraft, after all.

"Everyone is playing word games," he said. "No one is telling the truth."

___

Associated Press writers Eileen Sullivan, Peter Svensson, Adam Goldman, Michael Liedtke and Monika Mathur contributed to this report.
http://bigstory.ap.org/article/secre...r-data-seizure





NSA Surveillance May Have Dealt Major Blow To Global Internet Freedom Efforts
Tarun Wadhwa

The internet has never been a perfect tool for advancing democracy and human rights.

Despite the most optimistic techno-utopian projections, the internet has yet to set us free and rid the world of dictators. Critics have been right to warn us of the dangers of a single-minded approach — we should be careful not to overlook the deep historical, economic, and cultural factors that shape the world we live in today. At the same time, it is true that the internet has revolutionized the way we are able to connect with each other. We are no longer limited to our culture and geography, we can now unite around shared interests and values.

As the internet has grown in usage and importance in our daily lives, so too has the difficulty of keeping it “free” from censorship and control. This struggle was important enough to 29-year-old former Booz Allen employee Edward Snowden for him to give up his life, career, and freedom to leak a historic amount of classified information about the shocking size and depth of the American surveillance state. The fallout is just beginning – and as of now, there are far more questions than answers.

One thing has become clear though: the credibility of the idea that the internet can be a positive, freedom-promoting global force is facing its largest challenge to date. And it comes directly from one of its most outspoken supporters: the US government.

Simply put, the US government has failed in its role as the “caretaker” of the internet. Although this was never an official designation, America controls much of the infrastructure, and many of the most popular services online are provided by a handful of American companies. The world is starting to sober up to the fact that much of what they’ve done online in the last decade is now cataloged in a top-secret facility somewhere in the United States.

Reasonable minds can disagree over the necessity of these programs and how to strike the proper balance between security and privacy. These matters aside, what has been the most disturbing part of this entire scandal has to do with the lack of accountability and oversight. Not only were the American people kept in the dark – they were lied to by intelligence officials, misled about possible constitutional violations, and potentially undermined by the very courts that were supposed to protect their rights.

The government has used peculiar interpretations of laws – that they are not even willing to discuss – to defend an invasive collection of personal data beyond anything even the paranoid among us would have thought was possible. And while President Obama “welcomes the debate” over an issue he has worked hard to keep secret, we are now starting to see the usual Washington tactics of political spin, feverish scapegoating, and patriotic grandstanding in lieu of a real discussion.

We should all be extremely concerned about the colossal surveillance infrastructure that is being built in the name of our safety.

In trying to reassure the public, our leaders have told us that these programs are not meant to target us, but instead, foreigners who may pose a threat to our security. But this is merely a decision on how the data is being used today – we are getting into very dangerous territory by hoping for the best intentions of whoever is in power in the future. American history holds many lessons for us here: circumstances can change, the perception of who is a threat can vary with whoever is in office, and we cannot predict what our political situation will look like decades, or even years, from now.

In the court of global public opinion, America may have tarnished its moral authority to question the surveillance practices of other nations – whether it be Russia on monitoring journalists, or China on conducting cyber espionage. Declarations by the State Department that were once statements of principle now ring hollow and hypocritical to some. No nation can rival the American surveillance state, but they no longer need support to build their own massive systems of espionage and oppression.

The costs of surveillance and data storage technologies are plummeting — these will no longer be prohibitive factors. Diplomatic pressures and legal barriers that had also once served as major deterrents will soon fade away. The goal has been to promote internet freedom around the world, but we may have also potentially created a blueprint for how authoritarian governments can store, track, and mine their citizens’ digital lives.
http://www.forbes.com/sites/tarunwad...eedom-efforts/





Boundless Informant: the NSA's Secret Tool to Track Global Surveillance Data

Revealed: The NSA's powerful tool for cataloguing data – including figures on US collection

Boundless Informant: mission outlined in four slides
Read the NSA's frequently asked questions document

Glenn Greenwald and Ewen MacAskill

The National Security Agency has developed a powerful tool for recording and analysing where its intelligence comes from, raising questions about its repeated assurances to Congress that it cannot keep track of all the surveillance it performs on American communications.

The Guardian has acquired top-secret documents about the NSA datamining tool, called Boundless Informant, that details and even maps by country the voluminous amount of information it collects from computer and telephone networks.

The focus of the internal NSA tool is on counting and categorizing the records of communications, known as metadata, rather than the content of an email or instant message.

The Boundless Informant documents show the agency collecting almost 3 billion pieces of intelligence from US computer networks over a 30-day period ending in March 2013. One document says it is designed to give NSA officials answers to questions like, "What type of coverage do we have on country X" in "near real-time by asking the SIGINT [signals intelligence] infrastructure."

An NSA factsheet about the program, acquired by the Guardian, says: "The tool allows users to select a country on a map and view the metadata volume and select details about the collections against that country."

Under the heading "Sample use cases", the factsheet also states the tool shows information including: "How many records (and what type) are collected against a particular country."

A snapshot of the Boundless Informant data, contained in a top secret NSA "global heat map" seen by the Guardian, shows that in March 2013 the agency collected 97bn pieces of intelligence from computer networks worldwide.
boundless heatmap The heat map reveals how much data is being collected from around the world. Note the '2007' date in the image relates to the document from which the interactive map derives its top secret classification, not to the map itself.

Iran was the country where the largest amount of intelligence was gathered, with more than 14bn reports in that period, followed by 13.5bn from Pakistan. Jordan, one of America's closest Arab allies, came third with 12.7bn, Egypt fourth with 7.6bn and India fifth with 6.3bn.

The heatmap gives each nation a color code based on how extensively it is subjected to NSA surveillance. The color scheme ranges from green (least subjected to surveillance) through yellow and orange to red (most surveillance).

The disclosure of the internal Boundless Informant system comes amid a struggle between the NSA and its overseers in the Senate over whether it can track the intelligence it collects on American communications. The NSA's position is that it is not technologically feasible to do so.

At a hearing of the Senate intelligence committee In March this year, Democratic senator Ron Wyden asked James Clapper, the director of national intelligence: "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?"
"No sir," replied Clapper.

Judith Emmel, an NSA spokeswoman, told the Guardian in a response to the latest disclosures: "NSA has consistently reported – including to Congress – that we do not have the ability to determine with certainty the identity or location of all communicants within a given communication. That remains the case."

Other documents seen by the Guardian further demonstrate that the NSA does in fact break down its surveillance intercepts which could allow the agency to determine how many of them are from the US. The level of detail includes individual IP addresses.

IP address is not a perfect proxy for someone's physical location but it is rather close, said Chris Soghoian, the principal technologist with the Speech Privacy and Technology Project of the American Civil Liberties Union. "If you don't take steps to hide it, the IP address provided by your internet provider will certainly tell you what country, state and, typically, city you are in," Soghoian said.

That approximation has implications for the ongoing oversight battle between the intelligence agencies and Congress.

On Friday, in his first public response to the Guardian's disclosures this week on NSA surveillance, Barack Obama said that that congressional oversight was the American peoples' best guarantee that they were not being spied on.

"These are the folks you all vote for as your representatives in Congress and they are being fully briefed on these programs," he said. Obama also insisted that any surveillance was "very narrowly circumscribed".

Senators have expressed their frustration at the NSA's refusal to supply statistics. In a letter to NSA director General Keith Alexander in October last year, senator Wyden and his Democratic colleague on the Senate intelligence committee, Mark Udall, noted that "the intelligence community has stated repeatedly that it is not possible to provide even a rough estimate of how many American communications have been collected under the Fisa Amendments Act, and has even declined to estimate the scale of this collection."

At a congressional hearing in March last year, Alexander denied point-blank that the agency had the figures on how many Americans had their electronic communications collected or reviewed. Asked if he had the capability to get them, Alexander said: "No. No. We do not have the technical insights in the United States." He added that "nor do we do have the equipment in the United States to actually collect that kind of information".

Soon after, the NSA, through the inspector general of the overall US intelligence community, told the senators that making such a determination would jeopardize US intelligence operations – and might itself violate Americans' privacy.

"All that senator Udall and I are asking for is a ballpark estimate of how many Americans have been monitored under this law, and it is disappointing that the inspectors general cannot provide it," Wyden told Wired magazine at the time.

The documents show that the team responsible for Boundless Informant assured its bosses that the tool is on track for upgrades.

The team will "accept user requests for additional functionality or enhancements," according to the FAQ acquired by the Guardian. "Users are also allowed to vote on which functionality or enhancements are most important to them (as well as add comments). The BOUNDLESSINFORMANT team will periodically review all requests and triage according to level of effort (Easy, Medium, Hard) and mission impact (High, Medium, Low)."

Emmel, the NSA spokeswoman, told the Guardian: "Current technology simply does not permit us to positively identify all of the persons or locations associated with a given communication (for example, it may be possible to say with certainty that a communication traversed a particular path within the internet. It is harder to know the ultimate source or destination, or more particularly the identity of the person represented by the TO:, FROM: or CC: field of an e-mail address or the abstraction of an IP address).

"Thus, we apply rigorous training and technological advancements to combine both our automated and manual (human) processes to characterize communications – ensuring protection of the privacy rights of the American people. This is not just our judgment, but that of the relevant inspectors general, who have also reported this."

She added: "The continued publication of these allegations about highly classified issues, and other information taken out of context, makes it impossible to conduct a reasonable discussion on the merits of these programs."

Additional reporting: James Ball in New York and Spencer Ackerman in Washington
http://www.guardian.co.uk/world/2013...bal-datamining





How the U.S. Uses Technology to Mine More Data More Quickly
James Risen and Eric Lichtblau

When American analysts hunting terrorists sought new ways to comb through the troves of phone records, e-mails and other data piling up as digital communications exploded over the past decade, they turned to Silicon Valley computer experts who had developed complex equations to thwart Russian mobsters intent on credit card fraud.

The partnership between the intelligence community and Palantir Technologies, a Palo Alto, Calif., company founded by a group of inventors from PayPal, is just one of many that the National Security Agency and other agencies have forged as they have rushed to unlock the secrets of “Big Data.”

Today, a revolution in software technology that allows for the highly automated and instantaneous analysis of enormous volumes of digital information has transformed the N.S.A., turning it into the virtual landlord of the digital assets of Americans and foreigners alike. The new technology has, for the first time, given America’s spies the ability to track the activities and movements of people almost anywhere in the world without actually watching them or listening to their conversations.

New disclosures that the N.S.A. has secretly acquired the phone records of millions of Americans and access to e-mails, videos and other data of foreigners from nine United States Internet companies have provided a rare glimpse into the growing reach of the nation’s largest spy agency. They have also alarmed the government: on Saturday night, Shawn Turner, a spokesman for the director of national intelligence, said that “a crimes report has been filed by the N.S.A.”

With little public debate, the N.S.A. has been undergoing rapid expansion in order to exploit the mountains of new data being created each day. The government has poured billions of dollars into the agency over the last decade, building a one-million-square-foot fortress in the mountains of Utah, apparently to store huge volumes of personal data indefinitely. It created intercept stations across the country, according to former industry and intelligence officials, and helped build one of the world’s fastest computers to crack the codes that protect information.

While once the flow of data across the Internet appeared too overwhelming for N.S.A. to keep up with, the recent revelations suggest that the agency’s capabilities are now far greater than most outsiders believed. “Five years ago, I would have said they don’t have the capability to monitor a significant amount of Internet traffic,” said Herbert S. Lin, an expert in computer science and telecommunications at the National Research Council. Now, he said, it appears “that they are getting close to that goal.”

On Saturday, it became clear how close: Another N.S.A. document, again cited by The Guardian, showed a “global heat map” that appeared to represent how much data the N.S.A. sweeps up around the world. It showed that in March 2013 there were 97 billion pieces of data collected from networks worldwide; about 14 percent of it was in Iran, much was from Pakistan and about 3 percent came from inside the United States, though some of that might have been foreign data traffic routed through American-based servers.

A Shift in Focus

The agency’s ability to efficiently mine metadata, data about who is calling or e-mailing, has made wiretapping and eavesdropping on communications far less vital, according to data experts. That access to data from companies that Americans depend on daily raises troubling questions about privacy and civil liberties that officials in Washington, insistent on near-total secrecy, have yet to address.

“American laws and American policy view the content of communications as the most private and the most valuable, but that is backwards today,” said Marc Rotenberg, the executive director of the Electronic Privacy Information Center, a Washington group. “The information associated with communications today is often more significant than the communications itself, and the people who do the data mining know that.”

In the 1960s, when the N.S.A. successfully intercepted the primitive car phones used by Soviet leaders driving around Moscow in their Zil limousines, there was no chance the agency would accidentally pick up Americans. Today, if it is scanning for a foreign politician’s Gmail account or hunting for the cellphone number of someone suspected of being a terrorist, the possibilities for what N.S.A. calls “incidental” collection of Americans are far greater.

United States laws restrict wiretapping and eavesdropping on the actual content of the communications of American citizens but offer very little protection to the digital data thrown off by the telephone when a call is made. And they offer virtually no protection to other forms of non-telephone-related data like credit card transactions.

Because of smartphones, tablets, social media sites, e-mail and other forms of digital communications, the world creates 2.5 quintillion bytes of new data daily, according to I.B.M.

The company estimates that 90 percent of the data that now exists in the world has been created in just the last two years. From now until 2020, the digital universe is expected to double every two years, according to a study by the International Data Corporation.

Accompanying that explosive growth has been rapid progress in the ability to sift through the information.

When separate streams of data are integrated into large databases — matching, for example, time and location data from cellphones with credit card purchases or E-ZPass use — intelligence analysts are given a mosaic of a person’s life that would never be available from simply listening to their conversations. Just four data points about the location and time of a mobile phone call, a study published in Nature found, make it possible to identify the caller 95 percent of the time.

“We can find all sorts of correlations and patterns,” said one government computer scientist who spoke on condition of anonymity because he was not authorized to comment publicly. “There have been tremendous advances.”

Secret Programs

When President George W. Bush secretly began the N.S.A.’s warrantless wiretapping program in October 2001, to listen in on the international telephone calls and e-mails of American citizens without court approval, the program was accompanied by large-scale data mining operations.

Those secret programs prompted a showdown in March 2004 between Bush White House officials and a group of top Justice Department and F.B.I. officials in the hospital room of John Ashcroft, then the attorney general. Justice Department lawyers who were willing to go along with warrantless wiretapping argued that the data mining raised greater constitutional concerns.

In 2003, after a Pentagon plan to create a data-mining operation known as the Total Information Awareness program was disclosed, a firestorm of protest forced the Bush administration to back off.

But since then, the intelligence community’s data-mining operations have grown enormously, according to industry and intelligence experts.

The confrontation in Mr. Ashcroft’s hospital room took place just one month after a Harvard undergraduate, Mark Zuckerberg, created Facebook; Twitter would not be founded for two more years. Apple’s iPhone and iPad did not yet exist.

“More and more services like Google and Facebook have become huge central repositories for information,” observed Dan Auerbach, a technology analyst with the Electronic Frontier Foundation. “That’s created a pile of data that is an incredibly attractive target for law enforcement and intelligence agencies.”

The spy agencies have long been among the most demanding customers for advanced computing and data-mining software — and even more so in recent years, according to industry analysts. “They tell you that somewhere there is an American who is going to be blown up,” said a former technology executive, and “the only thing that stands between that and him living is you.”

In 2006, the Bush administration established a program known as the Intelligence Advanced Research Projects Activity, to accelerate the development of intelligence-related technology intended “to provide the United States with an overwhelming intelligence advantage over future adversaries.”

I.B.M.’s Watson, the supercomputing technology that defeated human Jeopardy! champions in 2011, is a prime example of the power of data-intensive artificial intelligence.

Watson-style computing, analysts said, is precisely the technology that would make the ambitious data-collection program of the N.S.A. seem practical. Computers could instantly sift through the mass of Internet communications data, see patterns of suspicious online behavior and thus narrow the hunt for terrorists.

Both the N.S.A. and the Central Intelligence Agency have been testing Watson in the last two years, said a consultant who has advised the government and asked not to be identified because he was not authorized to speak.

Trilaterization

Industry experts say that intelligence and law enforcement agencies also use a new technology, known as trilaterization, that allows tracking of an individual’s location, moment to moment. The data, obtained from cellphone towers, can track the altitude of a person, down to the specific floor in a building. There is even software that exploits the cellphone data seeking to predict a person’s most likely route. “It is extreme Big Brother,” said Alex Fielding, an expert in networking and data centers.

In addition to opening the Utah data center, reportedly scheduled for this year, N.S.A. has secretly enlarged its footprint inside the United States, according to accounts from whistle-blowers in recent years.

In Virginia, a telecommunications consultant reported, Verizon had set up a dedicated fiber-optic line running from New Jersey to Quantico, Va., home to a large military base, allowing government officials to gain access to all communications flowing through the carrier’s operations center.

In Georgia, an N.S.A. official said in interviews, the agency had combed through huge volumes of routine e-mails to and from Americans.

And in San Francisco, a technician at AT& T reported on the existence of a secret room there reserved for the N.S.A. that allowed the spy agency to copy and store millions of domestic and international phone calls routed through that station.

Nothing revealed in recent days suggests that N.S.A. eavesdroppers have violated the law by targeting ordinary Americans. On Friday, President Obama defended the agency’s collection of phone records and other metadata, saying it did not involve listening to conversations or reading the content of e-mails. “Some of the hype we’ve been hearing over the past day or so — nobody has listened to the content of people’s phone calls,” he said.

Mr. Rotenberg, referring to the constitutional limits on search and seizure, said, “It is a bit of a fantasy to think that the government can seize so much information without implicating the Fourth Amendment interests of American citizens.”

Reporting was contributed by David E. Sanger and Scott Shane from Washington, Steve Lohr and James Glanz from New York, and Quentin Hardy from Berkeley, Calif.
https://www.nytimes.com/2013/06/09/u...pagewanted=all





Lawmaker Calls for Renewed Debate Over Patriot Act
Brian Knowlton

An outspoken critic of the government’s electronic surveillance programs, Senator Mark Udall of Colorado, said on Sunday that he was not convinced that a program to collect huge amounts of information about Americans’ phone calls had led to the foiling of any terror plots. He also called for a renewed debate over the Patriot Act, which authorizes much of the data collection.

In making the assertion, Mr. Udall, a Democrat and a member of the House intelligence committee, appeared to be distinguishing the results of that program – which uses metadata associated with phone calls, including numbers called and the duration of conversations – from those of the newly revealed Prism program, which analyzes data collected from foreigners who use Internet services like Facebook and Skype. Several officials have said Prism has been effective.

“It’s unclear to me that we’ve developed any intelligence through the metadata program that has led to the disruption of plots that we couldn’t have developed through other data and other intelligence,” Mr. Udall said on the CNN program “State of the Union.”

Mr. Udall, who for years has criticized electronic data collection by the government as too sweeping, called for a reopening of debate over the Patriot Act and a “fulsome debate” on the limits of government intrusion as it seeks to deter terrorist threats.

Government officials also had sharp words for whoever leaked the documents describing classified surveillance programs to The Guardian and The Washington Post. In an interview with NBC News, James R. Clapper, the director of national intelligence, warned that the revelations could create serious risks to national security.

“I think we’re very, very concerned about it,” he said in the interview, taped on Saturday. “For me, it is literally – not figuratively – literally gut-wrenching to see this happen, because of the huge, grave damage it does to our intelligence capabilities.”

Representative Mike Rogers, chairman of the House intelligence committee, spoke with barely disguised anger about Glenn Greenwald, whose articles in The Guardian newspaper last week described the surveillance programs. He also said that the public needed to know that “the National Security Agency does not listen to Americans’ phone calls, and it is not reading Americans’ e-mails. None of these programs allow that.”

Mr. Greenwald “says that he’s got it all and now is an expert on the program,” Mr. Rogers said on the ABC program “This Week.” “He doesn’t have a clue how this thing works. Neither did the person” – presumably in government – “who released just enough information to literally be dangerous.”

He added, “I absolutely think they should be prosecuted.”

Senator Dianne Feinstein, chairwoman of the Senate intelligence committee, said on the same program that she agreed.

Mr. Greenwald, who appeared earlier on the program, was asked about the criminal report that officials say has been filed in this case by the National Security Agency. Asked whether law enforcement officials had contacted him, he said: “No. And any time they would like to speak to me, I would be more than happy to speak to them, and I will tell them there is this thing called the Constitution.”

Asked about suggestions that the disclosures were reckless, Mr. Greenwald responded, “The only thing we’ve endangered is the reputation of the people in power who are building this massive spying apparatus absent any accountability.”

Ms. Feinstein, a Democrat of California who defends the surveillance programs, cited two declassified cases in which electronic surveillance data had been used – that of David C. Headley, an American who conducted several missions to Mumbai, India, in preparation for a deadly terror attack there, and that of Najibullah Zazi, an Afghan-American who was convicted of seeking to set off backpacks full of explosives in the New York subway. The Mumbai attack was carried out and killed more than 160 people; the subway attack was foiled.

Ms. Feinstein said that she would consider holding hearings about them. “I’m open to doing a hearing every month, if that’s necessary,” she said.

But, she added: “Here’s the rub: The instances where this has produced good – has disrupted plots, prevented terrorist attacks, is all classified, that’s what’s so hard about this.”

Other lawmakers who appeared on the Sunday talk shows were largely supportive of the surveillance programs, often outspokenly so.

Senator John McCain, Republican of Arizona, said that he was not bothered by the surveillance. He said on the CNN program “State of the Union” that the terror threat was growing steadily amid deepening turmoil in the Middle East and North Africa but that further Congressional and executive review of the programs was “entirely appropriate.”
http://thecaucus.blogs.nytimes.com/2...r-patriot-act/





U.S. Agencies Said to Swap Data With Thousands of Firms
Michael Riley

Thousands of technology, finance and manufacturing companies are working closely with U.S. national security agencies, providing sensitive information and in return receiving benefits that include access to classified intelligence, four people familiar with the process said.

These programs, whose participants are known as trusted partners, extend far beyond what was revealed by Edward Snowden, a computer technician who did work for the National Security Agency. The role of private companies has come under intense scrutiny since his disclosure this month that the NSA is collecting millions of U.S. residents’ telephone records and the computer communications of foreigners from Google Inc (GOOG). and other Internet companies under court order.

Many of these same Internet and telecommunications companies voluntarily provide U.S. intelligence organizations with additional data, such as equipment specifications, that don’t involve private communications of their customers, the four people said.

Makers of hardware and software, banks, Internet security providers, satellite telecommunications companies and many other companies also participate in the government programs. In some cases, the information gathered may be used not just to defend the nation but to help infiltrate computers of its adversaries.

Along with the NSA, the Central Intelligence Agency (0112917D), the Federal Bureau of Investigation and branches of the U.S. military have agreements with such companies to gather data that might seem innocuous but could be highly useful in the hands of U.S. intelligence or cyber warfare units, according to the people, who have either worked for the government or are in companies that have these accords.

Microsoft Bugs

Microsoft Corp. (MSFT), the world’s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes.

Redmond, Washington-based Microsoft (MSFT) and other software or Internet security companies have been aware that this type of early alert allowed the U.S. to exploit vulnerabilities in software sold to foreign governments, according to two U.S. officials. Microsoft doesn’t ask and can’t be told how the government uses such tip-offs, said the officials, who asked not to be identified because the matter is confidential.

Frank Shaw, a spokesman for Microsoft, said those releases occur in cooperation with multiple agencies and are designed to be give government “an early start” on risk assessment and mitigation.

Willing Cooperation

Some U.S. telecommunications companies willingly provide intelligence agencies with access to facilities and data offshore that would require a judge’s order if it were done in the U.S., one of the four people said.

In these cases, no oversight is necessary under the Foreign Intelligence Surveillance Act, and companies are providing the information voluntarily.

The extensive cooperation between commercial companies and intelligence agencies is legal and reaches deeply into many aspects of everyday life, though little of it is scrutinized by more than a small number of lawyers, company leaders and spies. Company executives are motivated by a desire to help the national defense as well as to help their own companies, said the people, who are familiar with the agreements.

Most of the arrangements are so sensitive that only a handful of people in a company know of them, and they are sometimes brokered directly between chief executive officers and the heads of the U.S.’s major spy agencies, the people familiar with those programs said.

‘Thank Them’

Michael Hayden, who formerly directed the National Security Agency and the CIA, described the attention paid to important company partners: “If I were the director and had a relationship with a company who was doing things that were not just directed by law but were also valuable to the defense of the Republic, I would go out of my way to thank them and give them a sense as to why this is necessary and useful.”

“You would keep it closely held within the company and there would be very few cleared individuals,” Hayden said.

Cooperation between nine U.S. Internet companies and the NSA’s Special Source Operations unit came to light along with a secret program called Prism. According to a slide deck provided by Snowden, the program gathers e-mails, videos, and other private data of foreign surveillance targets through arrangements that vary by company, overseen by a secret panel of judges.

U.S. intelligence agencies have grown far more dependent on such arrangements as the flow of much of the world’s information has grown exponentially through switches, cables and other network equipment maintained by U.S. companies.

Equipment Specs

In addition to private communications, information about equipment specifications and data needed for the Internet to work -- much of which isn’t subject to oversight because it doesn’t involve private communications -- is valuable to intelligence, U.S. law-enforcement officials and the military.

Typically, a key executive at a company and a small number of technical people cooperate with different agencies and sometimes multiple units within an agency, according to the four people who described the arrangements.

Committing Officer

If necessary, a company executive, known as a “committing officer,” is given documents that guarantee immunity from civil actions resulting from the transfer of data. The companies are provided with regular updates, which may include the broad parameters of how that information is used.

Intel Corp. (INTC)’s McAfee unit, which makes Internet security software, regularly cooperates with the NSA, FBI and the CIA, for example, and is a valuable partner because of its broad view of malicious Internet traffic, including espionage operations by foreign powers, according to one of the four people, who is familiar with the arrangement.

Such a relationship would start with an approach to McAfee’s chief executive, who would then clear specific individuals to work with investigators or provide the requested data, the person said. The public would be surprised at how much help the government seeks, the person said.

McAfee firewalls collect information on hackers who use legitimate servers to do their work, and the company data can be used to pinpoint where attacks begin. The company also has knowledge of the architecture of information networks worldwide, which may be useful to spy agencies who tap into them, the person said.

McAfee’s Data

McAfee (MFE)’s data and analysis doesn’t include information on individuals, said Michael Fey, the company’s world wide chief technology officer.

“We do not share any type of personal information with our government agency partners,” Fey said in an e-mailed statement. “McAfee’s function is to provide security technology, education, and threat intelligence to governments. This threat intelligence includes trending data on emerging new threats, cyber-attack patterns and vector activity, as well as analysis on the integrity of software, system vulnerabilities, and hacker group activity.”

In exchange, leaders of companies are showered with attention and information by the agencies to help maintain the relationship, the person said.

In other cases, companies are given quick warnings about threats that could affect their bottom line, including serious Internet attacks and who is behind them.

China’s Military

Following an attack on his company by Chinese hackers in 2010, Sergey Brin, Google’s co-founder, was provided with highly sensitive government intelligence linking the attack to a specific unit of the People’s Liberation Army, China’s military, according to one of the people, who is familiar with the government’s investigation. Brin was given a temporary classified clearance to sit in on the briefing, the person said.

According to information provided by Snowden, Google, owner of the world’s most popular search engine, had at that point been a Prism participant for more than a year.

Google CEO Larry Page said in a blog posting June 7 that he hadn’t heard of a program called Prism until after Snowden’s disclosures and that the Mountain View, California-based company didn’t allow the U.S. government direct access to its servers or some back-door to its data centers. He said Google provides user data to governments “only in accordance with the law.”

Leslie Miller, a spokeswoman for Google, didn’t provide an immediate response yesterday.

The information provided by Snowden also exposed a secret NSA program known as Blarney. As the program was described in the Washington Post (WPO), the agency gathers metadata on computers and devices that are used to send e-mails or browse the Internet through principal data routes, known as a backbone.

Metadata

That metadata includes which version of the operating system, browser and Java software are being used on millions of devices around the world, information that U.S. spy agencies could use to infiltrate those computers or phones and spy on their users.

“It’s highly offensive information,” said Glenn Chisholm, the former chief information officer for Telstra Corp (TLS)., one of Australia’s largest telecommunications companies, contrasting it to defensive information used to protect computers rather than infiltrate them.

According to Snowden’s information, Blarney’s purpose is “to gain access and exploit foreign intelligence,” the Post said.

It’s unclear whether U.S. Internet service providers gave information to the NSA as part of Blarney, and if so, whether the transfer of that data required a judge’s order.

Less Scrutiny

Stewart Baker, former general counsel for the NSA, said if metadata involved communications between two foreign computers that just happened to be crossing a U.S. fiber optic cable “then the likelihood is it would demand less legal scrutiny than when communications are being extracted one by one.”

Lawmakers who oversee U.S. intelligence agencies may not understand the significance of some of the metadata being collected, said Jacob Olcott, a former cybersecurity assistant for Senator John D. Rockefeller IV of West Virginia, the Democratic chairman of the Senate Commerce Committee.

“That’s what makes this issue of oversight so challenging,” said Olcott, now a principal at Good Harbor Security Risk Management in Washington. “You have a situation where the technology and technical policy is far outpacing the background and expertise of most elected members of Congress or their staffs.”

While companies are offered powerful inducements to cooperate with U.S. intelligence, many executives are motivated by patriotism or a sense they are defending national security, the people familiar with the trusted partner programs said.

Einstein 3

U.S telecommunications, Internet, power companies and others provide U.S. intelligence agencies with details of their systems’ architecture or equipment schematics so the agencies can analyze potential vulnerabilities.

“It’s natural behavior for governments to want to know about the country’s critical infrastructure,” said Chisholm, chief security officer at Irvine, California-based Cylance Inc.

Even strictly defensive systems can have unintended consequences for privacy. Einstein 3, a costly program originally developed by the NSA, is meant to protect government systems from hackers. The program, which has been made public and is being installed, will closely analyze the billions of e-mails sent to government computers every year to see if they contain spy tools or malicious software.

Einstein 3 could also expose the private content of the e-mails under certain circumstances, according to a person familiar with the system, who asked not to be named because he wasn’t authorized to discuss the matter.

AT&T, Verizon

Before they agreed to install the system on their networks, some of the five major Internet companies -- AT&T Inc. (T), Verizon Communications Inc (VZ)., Sprint Nextel Corp. (S), Level 3 Communications Inc (LVLT). and CenturyLink Inc (CTL). -- asked for guarantees that they wouldn’t be held liable under U.S. wiretap laws. Those companies that asked received a letter signed by the U.S. attorney general indicating such exposure didn’t meet the legal definition of a wiretap and granting them immunity from civil lawsuits, the person said.

Mark Siegel, a spokesman for Dallas-based AT&T, the nation’s biggest phone carrier, declined to comment. Edward McFadden, a spokesman for New York-based Verizon, the second-largest phone company, declined to comment.

Scott Sloat, a spokesman for Overland Park, Kansas-based Sprint, and Monica Martinez, a spokeswoman for Broomfield, Colorado-based Level 3, didn’t immediately respond to requests for comment.

Linda Johnson, a spokeswoman for Centurylink, formerly Qwest Corp., said her Monroe, Louisiana-based company participates in the Enhanced Cybersecurity Services program and the Intrusion Prevention Security Services program, which includes Einstein 3. Both programs are managed by the U.S. Department of
Homeland Security.

Beyond that, she said, “CenturyLink does not comment on matters pertaining to national security.”
http://www.bloomberg.com/news/2013-0...-of-firms.html





Edward Snowden: the Whistleblower Behind the NSA Surveillance Revelations

The 29-year-old source behind the biggest intelligence leak in the NSA's history explains his motives, his uncertain future and why he never intended on hiding in the shadows

Q&A with NSA whistleblower Edward Snowden: 'I do not expect to see home again'

Glenn Greenwald, Ewen MacAskill and Laura Poitras in Hong Kong

The individual responsible for one of the most significant leaks in US political history is Edward Snowden, a 29-year-old former technical assistant for the CIA and current employee of the defence contractor Booz Allen Hamilton. Snowden has been working at the National Security Agency for the last four years as an employee of various outside contractors, including Booz Allen and Dell.

The Guardian, after several days of interviews, is revealing his identity at his request. From the moment he decided to disclose numerous top-secret documents to the public, he was determined not to opt for the protection of anonymity. "I have no intention of hiding who I am because I know I have done nothing wrong," he said.

Snowden will go down in history as one of America's most consequential whistleblowers, alongside Daniel Ellsberg and Bradley Manning. He is responsible for handing over material from one of the world's most secretive organisations – the NSA.

In a note accompanying the first set of documents he provided, he wrote: "I understand that I will be made to suffer for my actions," but "I will be satisfied if the federation of secret law, unequal pardon and irresistible executive powers that rule the world that I love are revealed even for an instant."

Despite his determination to be publicly unveiled, he repeatedly insisted that he wants to avoid the media spotlight. "I don't want public attention because I don't want the story to be about me. I want it to be about what the US government is doing."

He does not fear the consequences of going public, he said, only that doing so will distract attention from the issues raised by his disclosures. "I know the media likes to personalise political debates, and I know the government will demonise me."

Despite these fears, he remained hopeful his outing will not divert attention from the substance of his disclosures. "I really want the focus to be on these documents and the debate which I hope this will trigger among citizens around the globe about what kind of world we want to live in." He added: "My sole motive is to inform the public as to that which is done in their name and that which is done against them."

He has had "a very comfortable life" that included a salary of roughly $200,000, a girlfriend with whom he shared a home in Hawaii, a stable career, and a family he loves. "I'm willing to sacrifice all of that because I can't in good conscience allow the US government to destroy privacy, internet freedom and basic liberties for people around the world with this massive surveillance machine they're secretly building."

'I am not afraid, because this is the choice I've made'

Three weeks ago, Snowden made final preparations that resulted in last week's series of blockbuster news stories. At the NSA office in Hawaii where he was working, he copied the last set of documents he intended to disclose.

He then advised his NSA supervisor that he needed to be away from work for "a couple of weeks" in order to receive treatment for epilepsy, a condition he learned he suffers from after a series of seizures last year.

As he packed his bags, he told his girlfriend that he had to be away for a few weeks, though he said he was vague about the reason. "That is not an uncommon occurrence for someone who has spent the last decade working in the intelligence world."

On May 20, he boarded a flight to Hong Kong, where he has remained ever since. He chose the city because "they have a spirited commitment to free speech and the right of political dissent", and because he believed that it was one of the few places in the world that both could and would resist the dictates of the US government.

In the three weeks since he arrived, he has been ensconced in a hotel room. "I've left the room maybe a total of three times during my entire stay," he said. It is a plush hotel and, what with eating meals in his room too, he has run up big bills.

He is deeply worried about being spied on. He lines the door of his hotel room with pillows to prevent eavesdropping. He puts a large red hood over his head and laptop when entering his passwords to prevent any hidden cameras from detecting them.

Though that may sound like paranoia to some, Snowden has good reason for such fears. He worked in the US intelligence world for almost a decade. He knows that the biggest and most secretive surveillance organisation in America, the NSA, along with the most powerful government on the planet, is looking for him.

Since the disclosures began to emerge, he has watched television and monitored the internet, hearing all the threats and vows of prosecution emanating from Washington.

And he knows only too well the sophisticated technology available to them and how easy it will be for them to find him. The NSA police and other law enforcement officers have twice visited his home in Hawaii and already contacted his girlfriend, though he believes that may have been prompted by his absence from work, and not because of suspicions of any connection to the leaks.

"All my options are bad," he said. The US could begin extradition proceedings against him, a potentially problematic, lengthy and unpredictable course for Washington. Or the Chinese government might whisk him away for questioning, viewing him as a useful source of information. Or he might end up being grabbed and bundled into a plane bound for US territory.

"Yes, I could be rendered by the CIA. I could have people come after me. Or any of the third-party partners. They work closely with a number of other nations. Or they could pay off the Triads. Any of their agents or assets," he said.

"We have got a CIA station just up the road – the consulate here in Hong Kong – and I am sure they are going to be busy for the next week. And that is a concern I will live with for the rest of my life, however long that happens to be."

Having watched the Obama administration prosecute whistleblowers at a historically unprecedented rate, he fully expects the US government to attempt to use all its weight to punish him. "I am not afraid," he said calmly, "because this is the choice I've made."

He predicts the government will launch an investigation and "say I have broken the Espionage Act and helped our enemies, but that can be used against anyone who points out how massive and invasive the system has become".

The only time he became emotional during the many hours of interviews was when he pondered the impact his choices would have on his family, many of whom work for the US government. "The only thing I fear is the harmful effects on my family, who I won't be able to help any more. That's what keeps me up at night," he said, his eyes welling up with tears.

'You can't wait around for someone else to act'

Snowden did not always believe the US government posed a threat to his political values. He was brought up originally in Elizabeth City, North Carolina. His family moved later to Maryland, near the NSA headquarters in Fort Meade.

By his own admission, he was not a stellar student. In order to get the credits necessary to obtain a high school diploma, he attended a community college in Maryland, studying computing, but never completed the coursework. (He later obtained his GED.)

In 2003, he enlisted in the US army and began a training program to join the Special Forces. Invoking the same principles that he now cites to justify his leaks, he said: "I wanted to fight in the Iraq war because I felt like I had an obligation as a human being to help free people from oppression".

He recounted how his beliefs about the war's purpose were quickly dispelled. "Most of the people training us seemed pumped up about killing Arabs, not helping anyone," he said. After he broke both his legs in a training accident, he was discharged.

After that, he got his first job in an NSA facility, working as a security guard for one of the agency's covert facilities at the University of Maryland. From there, he went to the CIA, where he worked on IT security. His understanding of the internet and his talent for computer programming enabled him to rise fairly quickly for someone who lacked even a high school diploma.

By 2007, the CIA stationed him with diplomatic cover in Geneva, Switzerland. His responsibility for maintaining computer network security meant he had clearance to access a wide array of classified documents.

That access, along with the almost three years he spent around CIA officers, led him to begin seriously questioning the rightness of what he saw.

He described as formative an incident in which he claimed CIA operatives were attempting to recruit a Swiss banker to obtain secret banking information. Snowden said they achieved this by purposely getting the banker drunk and encouraging him to drive home in his car. When the banker was arrested for drunk driving, the undercover agent seeking to befriend him offered to help, and a bond was formed that led to successful recruitment.

"Much of what I saw in Geneva really disillusioned me about how my government functions and what its impact is in the world," he says. "I realised that I was part of something that was doing far more harm than good."

He said it was during his CIA stint in Geneva that he thought for the first time about exposing government secrets. But, at the time, he chose not to for two reasons.

First, he said: "Most of the secrets the CIA has are about people, not machines and systems, so I didn't feel comfortable with disclosures that I thought could endanger anyone". Secondly, the election of Barack Obama in 2008 gave him hope that there would be real reforms, rendering disclosures unnecessary.

He left the CIA in 2009 in order to take his first job working for a private contractor that assigned him to a functioning NSA facility, stationed on a military base in Japan. It was then, he said, that he "watched as Obama advanced the very policies that I thought would be reined in", and as a result, "I got hardened."

The primary lesson from this experience was that "you can't wait around for someone else to act. I had been looking for leaders, but I realised that leadership is about being the first to act."

Over the next three years, he learned just how all-consuming the NSA's surveillance activities were, claiming "they are intent on making every conversation and every form of behaviour in the world known to them".

He described how he once viewed the internet as "the most important invention in all of human history". As an adolescent, he spent days at a time "speaking to people with all sorts of views that I would never have encountered on my own".

But he believed that the value of the internet, along with basic privacy, is being rapidly destroyed by ubiquitous surveillance. "I don't see myself as a hero," he said, "because what I'm doing is self-interested: I don't want to live in a world where there's no privacy and therefore no room for intellectual exploration and creativity."

Once he reached the conclusion that the NSA's surveillance net would soon be irrevocable, he said it was just a matter of time before he chose to act. "What they're doing" poses "an existential threat to democracy", he said.

A matter of principle

As strong as those beliefs are, there still remains the question: why did he do it? Giving up his freedom and a privileged lifestyle? "There are more important things than money. If I were motivated by money, I could have sold these documents to any number of countries and gotten very rich."

For him, it is a matter of principle. "The government has granted itself power it is not entitled to. There is no public oversight. The result is people like myself have the latitude to go further than they are allowed to," he said.

His allegiance to internet freedom is reflected in the stickers on his laptop: "I support Online Rights: Electronic Frontier Foundation," reads one. Another hails the online organisation offering anonymity, the Tor Project.

Asked by reporters to establish his authenticity to ensure he is not some fantasist, he laid bare, without hesitation, his personal details, from his social security number to his CIA ID and his expired diplomatic passport. There is no shiftiness. Ask him about anything in his personal life and he will answer.

He is quiet, smart, easy-going and self-effacing. A master on computers, he seemed happiest when talking about the technical side of surveillance, at a level of detail comprehensible probably only to fellow communication specialists. But he showed intense passion when talking about the value of privacy and how he felt it was being steadily eroded by the behaviour of the intelligence services.

His manner was calm and relaxed but he has been understandably twitchy since he went into hiding, waiting for the knock on the hotel door. A fire alarm goes off. "That has not happened before," he said, betraying anxiety wondering if was real, a test or a CIA ploy to get him out onto the street.

Strewn about the side of his bed are his suitcase, a plate with the remains of room-service breakfast, and a copy of Angler, the biography of former vice-president Dick Cheney.

Ever since last week's news stories began to appear in the Guardian, Snowden has vigilantly watched TV and read the internet to see the effects of his choices. He seemed satisfied that the debate he longed to provoke was finally taking place.

He lay, propped up against pillows, watching CNN's Wolf Blitzer ask a discussion panel about government intrusion if they had any idea who the leaker was. From 8,000 miles away, the leaker looked on impassively, not even indulging in a wry smile.

Snowden said that he admires both Ellsberg and Manning, but argues that there is one important distinction between himself and the army private, whose trial coincidentally began the week Snowden's leaks began to make news.

"I carefully evaluated every single document I disclosed to ensure that each was legitimately in the public interest," he said. "There are all sorts of documents that would have made a big impact that I didn't turn over, because harming people isn't my goal. Transparency is."

He purposely chose, he said, to give the documents to journalists whose judgment he trusted about what should be public and what should remain concealed.

As for his future, he is vague. He hoped the publicity the leaks have generated will offer him some protection, making it "harder for them to get dirty".

He views his best hope as the possibility of asylum, with Iceland – with its reputation of a champion of internet freedom – at the top of his list. He knows that may prove a wish unfulfilled.

But after the intense political controversy he has already created with just the first week's haul of stories, "I feel satisfied that this was all worth it. I have no regrets."
http://www.guardian.co.uk/world/2013...r-surveillance





For Snowden, a Life of Ambition, Despite the Drifting
John M. Broder and Scott Shane



In 2006, when Edward J. Snowden joined the thousands of computer virtuosos going to work for America’s spy agencies, there were no recent examples of insiders going public as dissidents. But as his doubts about his work for the Central Intelligence Agency and then for the National Security Agency grew, the Obama administration’s campaign against leaks served up one case after another of disillusioned employees refashioning themselves as heroic whistle-blowers.

Instead of merely opting out of surveillance work, Mr. Snowden embraced their example, delivering hundreds of highly classified N.S.A. documents to The Guardian and The Washington Post. His act may have been a spectacular unintended consequence of the leak crackdown itself.

It may also have reflected his own considerable ambition, disguised by his early drifting. From Mr. Snowden’s friends and his own voluminous Web postings emerges a portrait of a talented young man who did not finish high school but bragged online that employers “fight over me.”

“Great minds do not need a university to make them any more credible: they get what they need and quietly blaze their trails into history,” he wrote online at age 20. Mr. Snowden, who has taken refuge in Hong Kong, has studied Mandarin, was deeply interested in martial arts, claimed Buddhism as his religion and once mused that “China is definitely a good option career wise.”

After handing over the documents, he told The Guardian of his admiration for both Pfc. Bradley Manning, who is now on trial for providing 700,000 confidential documents to WikiLeaks, and Daniel Ellsberg, who disclosed the Pentagon Papers in 1971.

“Manning was a classic whistle-blower,” Mr. Snowden, 29, said of Private Manning, 25. “He was inspired by the public good.”

For role models, Mr. Snowden, an introspective man who spent his formative years in the rebellious technogeek counterculture, could look not only to the young Army private, lionized by a global following, but also to dissenters at his own agencies.

From the N.S.A., Mr. Snowden’s most recent employer, there was Thomas A. Drake, who since his 2010 leak prosecution has denounced the agency as Big Brother on the lecture circuit. From the C.I.A., Mr. Snowden’s previous employer, there was John Kiriakou, who rallied supporters with his assertion that his prison term for leaking was payback for speaking out about waterboarding.

If Mr. Snowden wished to draw similar attention, he has succeeded. Along with denunciations in Congress as a traitor and a manhunt by the F.B.I., he has already won public acclaim from a diverse group of sympathizers, from the left-wing filmmaker Michael Moore to the right-wing television host Glenn Beck.

His disclosures have renewed a longstanding concern: that young Internet aficionados whose skills the agencies need for counterterrorism and cyberdefense sometimes bring an anti-authority spirit that does not fit the security bureaucracy.

“There were lots of discussions at N.S.A. and in the intelligence community in general about the acculturation process,” said Joel F. Brenner, a former inspector general of the agency. “They were aware that they were bringing in young people who had to adjust to the culture — and who would change the culture.”

Mr. Brenner said that with such a buildup after the Sept. 11 attacks, “you’re going to have some sloppiness and some mistakes.” It is remarkable, he said, that “disloyalty” of Mr. Snowden’s variety is so rare.

Mr. Snowden’s fascination with computer technology began in high school in Anne Arundel County, Md., near Baltimore, and became a focus of his life after he dropped out in his sophomore year. He socialized with a tight circle of people who were enthralled by the Internet and Japanese anime culture.

“He was a geek like the rest of us,” said one member of the group, who spoke on the condition of anonymity to avoid a flood of media inquiries. “We played video games, watched anime. It was before geek was cool.”

Mr. Snowden lived with his mother, Elizabeth, a court administrator, who was divorced in 2001 from his father, Lonnie Snowden, a Coast Guard officer.

Mr. Snowden and his friends built personal computers from parts ordered over the Internet. They created a Web site called Ryuhana Press, which the former friend was amused to see reported in recent days as a real business. “It was the name of our club,” he said.

His friends persuaded “Edowaado,” as Mr. Snowden called himself, using the Japanese version of “Edward,” to get his high school equivalency diploma. “I don’t think he even studied. He just showed up and passed the G.E.D.,” the friend said.

In 2001, at 17, Mr. Snowden adopted an online persona he called “The One True Hooha” or just “Hooha” at the Web site Ars Technica, a forum for gamers, hackers and hardware tinkerers. His online chatter over the next two years revolved around role-playing video games like Tekken, Final Fantasy, Max Payne and Team Fortress Classic. He discussed his interest in martial arts and his disdain for formal education. He fitfully took classes at Anne Arundel Community College but never earned a degree.

Toward the end of 2003, Mr. Snowden wrote that he was joining the Army, listing Buddhism as his religion (“agnostic is strangely absent,” he noted parenthetically about the military recruitment form). He tried to define a still-evolving belief system. “I feel that religion, adopted purely, is ultimately representative of blindly making someone else’s beliefs your own.”

Mr. Snowden told The Guardian that he signed up for an Army Reserve Special Forces training program to “fight to help free people from oppression” in Iraq. But he said he broke his legs in a training accident and was discharged four months later.

He returned to Maryland and found a job as a security guard at the Center for Advanced Study of Language at the University of Maryland, which has a close relationship with the N.S.A., a 15-mile drive away.

In mid-2006, Mr. Snowden landed an information technology job at the C.I.A. Despite his lack of formal credentials, he secured a top-secret clearance and a coveted posting under State Department cover in Geneva. “I don’t have a degree of ANY type. I don’t even have a high school diploma,” he wrote on Ars Technica in May 2006. But he had no trouble getting work because he was a computer wizard, he said.

In August that year he wrote about a possible path in government service, perhaps involving China. “I’ve already got a basic understanding of Mandarin and the culture, but it just doesn’t seem like as much ‘fun’ as some of the other places,” he wrote.

Mavanee Anderson befriended Mr. Snowden in Geneva, where both had high security clearances and spoke often about their jobs. In an article published Wednesday in The Chattanooga Times Free Press of Tennessee, Ms. Anderson said he spoke of the “stresses and burdens” of his work as a network security specialist and described him as thoughtful and at times brooding.

She said that during the period they worked close to each other, from 2007 through the beginning of 2009, Mr. Snowden “was already experiencing a crisis of conscience of sorts.”

“I think anyone smart enough to be involved in the type of work he does, who is privy to the type of information to which he was privy, will have at least moments like these,” she wrote. “And at some point during that time he left the C.I.A.”

She said that while she understood Mr. Snowden’s motivations for exposing government secrets, she wished he had dealt with his concerns in a different way. “I would have told Ed that he didn’t have to take this burden on himself,” she wrote.

In 2009, Mr. Snowden joined the National Security Agency as a contract employee at a military facility in Japan. He told The Guardian he was disappointed that President Obama “advanced the very policies that I thought would be reined in.”

“I got hardened,” he said.

In 2010, he returned to Ars Technica after a long absence. His new preoccupation was political, not technical. “Society really seems to have developed an unquestioning obedience towards spooky types,” he wrote. “Did we get to where we are today via a slippery slope that was entirely within our control to stop, or was it an relatively instantaneous sea change that sneaked in undetected because of pervasive government secrecy?”

In March last year, Mr. Snowden donated $250 to the presidential campaign of Ron Paul, a libertarian, giving an address in Columbia, Md., and naming Dell as his employer. (A Dell spokesman would not confirm his employment.)

The next month he moved to Hawaii, according to a Twitter post from his girlfriend, Lindsay Mills, who refers to him as “E” and her “man of mystery.” She joined him in Hawaii last June, taking up pole-dancing and acrobatics. Neighbors described the couple as aloof but not unfriendly.

“There was nothing strange, nothing like that,” said Dr. Angel Cunanan, their next-door neighbor in Waipahu. “He said he was a contractor in the military.”

This March, the consulting firm Booz Allen Hamilton hired Mr. Snowden as a systems administrator at the N.S.A.’s Threat Operations Center.

He asked for a medical leave in May to get treatment for epilepsy. On May 20, he left for Hong Kong, carrying four computers, according to The Guardian, and digital copies of the secret documents. On Monday, Booz Allen fired Mr. Snowden, calling his claims to have leaked classified information “shocking.”

The Justice Department is considering an array of charges against Mr. Snowden. For his part, Mr. Snowden told The South China Morning Post last week, “My intention is to ask the courts and people of Hong Kong to decide my fate.”

Reporting was contributed by Ian Lovett from Waipahu, Hawaii; Theo Emery from Ellicott City, Md.; and Steve Lohr and Richard A. Oppel Jr. from New York. Kitty Bennett contributed research.
https://www.nytimes.com/2013/06/16/u...-drifting.html





More Americans See Man Who Leaked NSA Secrets as 'Patriot' Than Traitor: Poll
Andy Sullivan

Roughly one in three Americans say the former security contractor who leaked details of top-secret U.S. surveillance activity is a patriot and should not be prosecuted, according to a Reuters/Ipsos poll released on Wednesday.

Some 23 percent of those surveyed said former National Security Agency contractor Edward Snowden is a traitor while 31 percent said he is a patriot. Another 46 percent said they did not know.

Snowden, 29, revealed last week that the NSA is monitoring a wide swath of telephone and Internet activity as part of its counterterrorism efforts.

"I'm neither traitor nor hero. I'm an American," Snowden told the South China Post, an English-language newspaper in Hong Kong, in an interview published on Wednesday.

U.S. authorities have said they are weighing possible criminal charges against Snowden, who was an employee of Virginia-based consultant Booz Allen Hamilton when he leaked documents indicating the NSA's surveillance of Americans is much broader than had been disclosed publicly.

In the Reuters/Ipsos poll, 35 percent of those surveyed said Snowden should not face charges while 25 percent said he should be prosecuted to the full extent of the law. Another 40 percent said they did not know.

Snowden told the South China Post he intends to stay in Hong Kong and fight any effort to extradite him to the United States to face legal action.

The online survey of 645 Americans was conducted on Tuesday and Wednesday. It has a credibility interval of plus or minus 4.4 percentage points for each result.

Snowden's revelations, first reported by Britain's Guardian newspaper and the Washington Post, have fueled a national discussion over how the United States should balance its national security efforts with Americans' right to privacy in the aftermath of the September 11, 2001, attacks.

The disclosures have sparked a mix of condemnation and praise. Many members of Congress - which for years had received secret briefings on the NSA's surveillance tactics - have been particularly critical of Snowden. House of Representatives Speaker John Boehner, the top Republican in Washington, called Snowden a "traitor" in a television interview, a sentiment echoed by U.S. intelligence officials.

Snowden also has been the focus of several online support campaigns, an indication that his effort to expose the surveillance tactics has resonated with some Americans.

A petition urging President Barack Obama to pardon Snowden for any crimes he may have committed has collected 63,000 signatures on the White House website since it was posted by a reader on Sunday. The White House reviews and responds to any petition that gathers more than 100,000 signatures.

Reuters/Ipsos polling conducted since the leaks were revealed last Thursday have found Americans divided over the merits of the NSA surveillance program.

Some 45 percent of those surveyed say the program is acceptable under some circumstances, while 37 percent say it is completely unacceptable, the polling found. Only 6 percent say they have no objections to the program.

(Editing by David Lindsey and Bill Trott)
http://www.reuters.com/article/2013/...95B1AF20130612





Surveillance: Snowden Doesn’t Rise to Traitor

For several top lawmakers in Washington, Edward Snowden committed the ultimate political crime when he revealed to the world just how broadly and easily the government is collecting phone and Internet records. “He’s a traitor,” said John Boehner, the House speaker. “It’s an act of treason,” said Senator Dianne Feinstein, the chairwoman of the Intelligence Committee.

Among prosecutors and defense lawyers, there’s a name for that kind of hyperbole: overcharging. Whatever his crimes — and he clearly committed some — Mr. Snowden did not commit treason, though the people who have long kept the secrets he revealed are now fulminating with rage.

If Mr. Snowden had really wanted to harm his country, he could have sold the classified documents he stole to a foreign power, say Russia or China or Iran or North Korea. But even that would not constitute treason, which only applies in cases of aiding an enemy with whom the United States is at war.

His harshest critics might argue that by exposing American intelligence practices, he gave aid and comfort to Al Qaeda and its allies, with whom the country remains in a military conflict, thanks to the Authorization for Use of Military Force, which Congress passed after Sept. 11, 2001, and is in force now. It’s unlikely that Qaeda leaders did not already know or suspect surveillance before Mr. Snowden’s disclosures. But treason means more than that, too. In the landmark 1945 case Cramer v. United States, the Supreme Court ruled that one had to provide aid and comfort and also “adhere” to an enemy to be guilty of treason.

“A citizen may take actions which do aid and comfort the enemy,” the court said, “making a speech critical of the government or opposing its measures, profiteering, striking in defense plants or essential work, and the hundred other things which impair our cohesion and diminish our strength — but if there is no adherence to the enemy in this, if there is no intent to betray, there is no treason.”

Clearly, Mr. Snowden did not join a terror cell, or express any hostility toward the United States, when he turned over documents to The Guardian and The Washington Post. (He was also not nearly as reckless as Bradley Manning, the soldier on trial on charges with giving classified materials to WikiLeaks, who seemed not to know or care what secret documents he was exposing.) Mr. Snowden’s goal was to expose and thus stop the intelligence community from what he considered unwarranted intrusions into the lives of ordinary Americans. “My sole motive,” he told The Guardian, “is to inform the public as to that which is done in their name and that which is done against them.”

While that principle is the right one, he should brace himself for the charges and possible punishment that may come in its wake. Most likely, he will be charged with disclosure of classified information under the Espionage Act, which carries a possible 10-year jail term for each count. Mr. Snowden broke the agreement he made to keep these materials secret. He appeared forthright in confessing to the act and can use his testimony, should he be brought to trial, to make the case that he exposed a serious abuse of power (though, technically, he did not blow the whistle on fraud or criminal activity).

That’s what civil disobedience means: accepting the consequences of one’s actions to make a larger point. Mr. Snowden may well be going to jail for exposing practices that should never have been secret in the first place.
https://www.nytimes.com/2013/06/12/o...o-traitor.html





Hong Kong Seen as Likely to Extradite Leaker if U.S. Asks
Keith Bradsher

In choosing Hong Kong as an initial place to take refuge from the United States government, the National Security Agency contractor who has acknowledged leaking documents has selected a jurisdiction where it may be possible to delay extradition but not avoid it, legal and law enforcement experts here said.

The contractor, Edward J. Snowden, was apparently still in Hong Kong at 12:30 p.m. Monday. The Mira Hotel, an elegant boutique hotel on the Kowloon side of Victoria Harbor, said Monday evening that he had stayed at the hotel but checked out at that time.

It was not clear whether Mr. Snowden remained in Hong Kong or left the territory, which is part of China but has a high degree of autonomy. The hotel gave no further information, and the Hong Kong government declined to discuss Mr. Snowden’s whereabouts, citing a policy of not commenting on individual cases.

“All cases will be handled in accordance with the laws of Hong Kong,” the government said in a brief statement.

The United States Consulate in Hong Kong referred questions to the Justice Department in Washington, which has said only that it is in the initial stages of an investigation into the release of information about government programs to monitor telephone and Internet communications.

The Obama administration has said the programs were focused on the communications of people who were not American citizens. But Mr. Snowden asserted in a video interview, released by the Guardian newspaper of Britain on Sunday, that the scale of the surveillance was much broader and involved the recording of a vast array of communications in the United States and elsewhere.

Hong Kong was a British colony before its return to Chinese sovereignty in 1997, and it still follows the legal system it inherited from the British, with broad protections for civil liberties. Mr. Snowden told The Guardian that he had fled here because “they have a spirited commitment to free speech and the right of political dissent.”

But Hong Kong won that reputation mainly as a place where Chinese political dissidents sought refuge from mainland authorities, not people sought by other governments. The Hong Kong authorities have worked closely with law enforcement agencies in the United States for years and have usually accepted requests for extradition under longstanding bilateral agreements, according to Regina Ip, a former secretary of security who is now a member of the territory’s legislature.

“He won’t find Hong Kong a safe harbor,” Ms. Ip said. “Those agreements have been enforced for more than 10 years. If the U.S. submits a request, we would act in accordance with the law.”

Nicholas Bequelin, a researcher with Human Rights Watch who is based in Hong Kong, wondered why Mr. Snowden would have considered the territory a good place to stay after he left Hawaii three weeks ago.

“If he took time to talk with a lawyer, he would have decided somewhere else was a better prospect” to avoid extradition, Mr. Bequelin said. “His explanation of his choice of Hong Kong was a bit off.”

The Hong Kong Police Force would not arrest him unless he broke a Hong Kong law or the United States issued an Interpol notice or sent a warrant, said Stephen Vickers, a former head of the force’s intelligence division who now runs his own risk consulting firm. But he said the police probably began monitoring Mr. Snowden as soon as word spread that he had taken responsibility for the leaks.

The Hong Kong authorities have generally been willing to extradite suspects when the United States sends a warrant, said Jonathan Acton-Bond, a barrister and former magistrate who has represented clients in some of the best-known extradition cases here.

Hong Kong enforces extradition laws more than other jurisdictions in Southeast Asia, Mr. Acton-Bond said. But Hong Kong did not follow Britain’s example after the Sept. 11 attacks of lowering the standard of legal evidence required before approving extradition to the United States. Hong Kong also has legal protections against politically motivated extradition cases, but they have seldom been invoked.

In the video interview with The Guardian, Mr. Snowden said he was considering seeking refuge in Iceland because of that country’s history of protecting Internet freedom. Hong Kong journalists identified the room where the video was recorded as being in the W hotel in Kowloon, near a station of the city’s airport express train. They found journalists for The Guardian checking out of that hotel at lunchtime on Monday.

Mr. Snowden referred in the video to a Central Intelligence Agency station as being “just up the road in the consulate here in Hong Kong” and pointed out the window, whose curtains were drawn. But the hotel is actually across the harbor from the consulate.

Mr. Snowden’s decision to go to Hong Kong introduces a potential complication in Chinese-American relations less than two days after President Obama and President Xi Jinping met in California for a series of wide-ranging discussions. Hong Kong is one of the largest hubs for China’s intelligence agencies, which are widely believed to occupy several floors of a black-glass building in the center of the city.

Mr. Snowden, a 29-year-old computer technician, has said that he had access to lists of all American agents overseas and other information, but that he did not take all of the data. The Washington Post has reported that he gave the newspaper 41 slides from a PowerPoint presentation. After discussing the national security implications of the material with American officials, the newspaper decided to publish only four of them.

While Mr. Snowden — or possibly his personal computer — might be a valuable prize for China’s intelligence agencies, experts were skeptical that China would risk harming relations with the United States by exercising its legal authority to block an extradition request from the Justice Department.

“I don’t think he’s a big enough fish that Beijing would try to intervene to affect the decision of the Hong Kong authorities one way or the other,” said Willy Lam, a specialist in Chinese government decision-making at the Chinese University of Hong Kong.

The most celebrated extradition case here in recent years involved two Pakistanis and an American who were accused of trying to exchange heroin and hashish for Stinger antiaircraft missiles in 2002. They were arrested by Hong Kong police officers working with undercover F.B.I. agents, who were pretending to be selling the missiles. The authorities said the men were planning to give the missiles to Al Qaeda.

The men initially fought extradition, but agreed to it after three months in a Hong Kong jail. Their lawyer, Mr. Acton-Bond, complained that they were kept in solitary confinement for 16 hours a day, housed separately in cells with no other Urdu speakers, and were “compelled to watch Chinese-language television.”

All three later pleaded guilty in a San Diego courtroom and received prison terms of up to 18 years.
https://www.nytimes.com/2013/06/11/w...tradition.html





Has the US Become the Type of Nation From Which You Have to Seek Asylum?
Timothy B. Lee

The whistleblower who disclosed classified documents regarding NSA surveillance to The Washington Post and the Guardian has gone public. He is Edward Snowden, 29, an employee of defense contractor Booz Allen Hamilton.

Rather than face charges in the United States, Snowden has fled to Hong Kong. He plans to seek asylum in a nation with a strong civil liberties record, such as Iceland.

Americans are familiar with stories of dissidents fleeing repressive regimes such as those in China or Iran and seeking asylum in the United States. Snowden is in the opposite position. He’s an American leaving the land of his birth because he fears persecution.

Four decades ago, Daniel Ellsberg surrendered to federal authorities to face charges of violating the Espionage Act. During his trial, he was allowed to go free on bail, giving him a chance to explain his actions to the media. His case was eventually thrown out after it was revealed that the government had wiretapped him illegally.

Bradley Manning, a soldier who released classified documents to WikiLeaks in 2010, has had a very different experience. Manning was held for three years without trial, including 11 months when he was held in de facto solitary confinement. During some of this period, he was forced to sleep naked at night, allegedly as a way to prevent him from committing suicide. The United Nations’ special rapporteur on torture has condemned this as “cruel, inhuman and degrading treatment in violation of Article 16 of the convention against torture.”

Ellsberg has argued that this degrading treatment alone should be grounds for dismissing the charges against Manning. Instead, the government has sought the harshest possible sentence. Even after Manning pleaded guilty to charges that could put him in prison for 20 years, the government has still pushed forward with additional charges, including “aiding the enemy” and violating the Espionage Act, that were intended to be used against foreign spies, not whistleblowers.

The civilian whistleblowers targeted by the Obama administration haven’t received treatment as harsh as Manning’s. But it’s telling that in none of their cases have the courts reached the legal and constitutional merits. The government’s strategy, in leak cases and many others, is to seek the maximum possible charges and then “plea bargain” down to a sentence the government considers more reasonable.

For example, John Kiriakou, who blew the whistle on torture by the CIA, was charged with five counts, each of which carries a maximum sentence of five to 10 years. With those harsh penalties hanging over his head, Kiriakou waived his right to a trial and accepted a sentence of 30 months in prison. Shamai Leibowitz, another leaker, accepted a 20-month sentence under similar circumstances. Another whistleblower had his case thrown out, and two others still have their cases pending.

If Snowden had chosen to stay in the United States, he would have faced a stark choice: accept a multi-year prison sentence for actions he believed to be in the public interest or go to trial and risk decades in prison if the courts were not persuaded by his legal and constitutional arguments. The American activist Aaron Swartz was facing exactly that choice when he committed suicide in January.

Because of the government’s misconduct in the Ellsberg case, the courts never reached the legal and constitutional merits of prosecuting a whistleblower under the Espionage Act. But as he was going to trial, he would have had reason to be optimistic that the courts would see things his way. The Supreme Court had declared warrantless wiretapping unconstitutional in 1967 and refused to block publication of the Pentagon Papers in 1971.

The current Supreme Court is less sympathetic to civil liberties. For example, earlier this year, the justices threw out a constitutional challenge to the FISA Amendments Act because the plaintiffs could not prove that they had personally been targets of surveillance. Because of the documents Snowden released, we now know that the FISA Amendments Act is the basis for the NSA’s PRISM program.

If Snowden had surrendered himself to U.S. authorities, he almost certainly would have faced charges that carry penalties of decades in prison. He might have rationally feared being subject to years of pretrial detention and the kind of degrading treatment Manning faced. And if he had chosen to fight the charges, he would have risked spending decades in prison if he lost.

There’s no question that the United States has stronger protections for free speech and the rule of law than repressive regimes like China or Iran. But it’s also clear that our courts defend constitutional rights less zealously today than they did in Ellsberg’s day. Snowden wasn’t crazy to question whether he’d be treated fairly by the American justice system.
http://www.washingtonpost.com/blogs/...o-seek-asylum/





Icelandic Legislator: I'm Ready To Help NSA Whistleblower Edward Snowden Seek Asylum
Andy Greenberg

When WikiLeaks burst onto the international stage in 2010, the small Nordic nation of Iceland offered it a safe haven. Now American whistleblower Edward Snowden may be seeking that country’s protection, and at least one member of its parliament says she’s ready to help.

On Sunday evening Icelandic member of parliament Birgitta Jonsdottir and Smari McCarthy, executive director of the Icelandic Modern Media Initiative, issued a statement of support for Snowden, the Booz Allen Hamilton staffer who identified himself to the Guardian newspaper as the source of a series of top secret documents outlining the NSA’s massive surveillance of foreigners and Americans.

“Whereas IMMI is based in Iceland, and has worked on protections of privacy, furtherance of government transparency, and the protection of whistleblowers, we feel it is our duty to offer to assist and advise Mr. Snowden to the greatest of our ability,” their statement reads. “We are already working on detailing the legal protocols required to apply for asylum, and will over the course of the week be seeking a meeting with the newly appointed interior minister of Iceland, Mrs. Hanna Birna Kristjánsdóttir, to discuss whether an asylum request can be processed in a swift manner, should such an application be made.”

It’s not yet clear whether Snowden has officially applied for asylum in Iceland. A press contact for the Icelandic Ministry of Interior, which handles asylum requests, said that he hadn’t yet seen an application from Snowden and that the ministry couldn’t comment until one was received.

Snowden, who left his home in Hawaii in May and is taking refuge in a Hong Kong hotel, noted his interest in seeking asylum in Iceland in the Guardian’s interview, telling the newspaper that his ”predisposition is to seek asylum in a country with shared values, The nation that most encompasses this is Iceland,” he said. “They stood up for people over internet freedom.”

The 29-year-old intelligence analyst may have been referring to the Icelandic Modern Media Initiative, a group founded by Jonsdottir and McCarthy that has sought to strengthen Iceland’s protections for media outlets and whistleblowers. That project, which successfully passed a new source protection law in 2011, was propelled in part by Jonsdottir and McCarthy’s participation in WikiLeaks; Both Icelanders helped to publish the leaked Apache helicopter video that revealed the killing of civilians and journalists in Baghdad in April 2010.

“Over the last few days we at the International Modern Media Institute have watched alongside the rest of the world as the US government’s enormous encroachments on privacy and information security have been exposed in the media,” Jonsdottir’s and McCarthy’s statement reads. “These exposures have verified our greatest fears about the state of global intelligence gathering, and yet again highlighted the need for strong privacy protections and government transparency.”

Snowden’s leaked revelations included a top secret order from the FBI sent to Verizon on behalf of the NSA, demanding the call records of every American customer of Verizon Business Network Services, a PowerPoint presentation on an NSA program known as PRISM that boasted of access to the data of Google , Microsoft , Facebook and others, an executive order from President Obama calling for the NSA to draw up a list of cyberattack targets.

Just how much the Icelandic group’s support can protect Snowden remains to be seen. Snowden’s first hurdle may be safely leaving Hong Kong, where he may yet be extradited to the United States. And even in Iceland, a recent election gave new power to the country’s conservative party. Jonsdottir, by contrast, is a member of the left-leaning Pirate Party.

Even WikiLeaks expressed doubts about the politics of its former home. “Snowden out of date on Iceland,” reads a message the group posted to Twitter Sunday afternoon. “New conservative government elected a month ago. Countries must step forward to offer Snowden asylum now.”
http://www.forbes.com/sites/andygree...r-seek-asylum/





Bradley Manning Trial: Is Our Future an Orwellian Nightmare Or Information Anarchy?
Drew Mendelson

At its core, the ongoing military trial of Pfc. Bradley Manning, the admitted conveyer of three-quarters of a million classified U.S. government documents to Wikileaks, is about the evolution of big data into a relentless and almost certainly unstoppable social force. Pfc. Manning, a U.S. Army intelligence analyst arrested in May 2010 and charged with 22 offenses involving the passing of information to Wikileaks, is seen by many as a whistleblower whose actions revealed mendacious covert actions of the U.S. government in the Persian Gulf, Iraq, and elsewhere.

Many consider Manning a hero on the level of Nobel Peace Prize laureates Martin Luther King Jr/ or Polish champion of democracy Lech Walesa. In fact, some 65,000 people already support a petition to award Bradley Manning the Nobel Peace Prize for the way the information he passed to WikiLeaks contributed to withdrawing troops from Iraq. Others see him as a traitor whose leaks have materially aided and abetted enemies of the U.S., noting that among the documents found with Osama bin Laden in his Pakistan hideaway, were a trove of the documents Manning leaked about U.S. actions against Al-Qaeda.

Manning has pled guilty to ten of the charges against him with a maximum sentence of 16 years. But the Obama administration, clearly alarmed at the ease of such a classified info hemorrhage, is continuing to try Manning on the other 12 charges. Wikipedia (which has no connection to Wikileaks) reports that the most remaining serious charge is "aiding the enemy," a capital offense, though prosecutors have said they would not seek the death penalty. Still if convicted on that charge Manning could face life imprisonment.

The Financial Times, which has been covering the trial, comments that "The problems of balancing a free press with keeping secrets is bedeviling the Manning trial, with prosecutors estimating about 30% of proceedings will be shut, to protect classified evidence and the identity of witnesses."

The judge in the court-martial of Pfc. Bradley Manning has said that she will close portions of the trial to the public to protect classified material, a ruling that is likely to frustrate civil liberties groups that have alleged that the case is being shrouded in secrecy.

In civilian court such a closed trial would not be permissible, and an attempt to bar disclosure of secrets might result in a dismissal. But Manning's court-martial is conducted under the Uniform Code of Military Justice, which grants the military judges the discretion to close trials to protect sensitive information. That means Manning could be imprisoned for life without the public knowing precisely why.

So, big data?

In part, the Manning incident only points out the virtual impossibility of protecting secrets in a social cosmos of instantaneous communication and universal access to information. No matter how harsh a punishment the court visits upon Manning, the documents he leaked are out there everywhere in the cloud, impossible to recall. Anybody who has stupidly posted an embarrassing photo on Facebook knows the futility of trying to rebottle that genie.

The emerging kerfuffle over the National Security Agency's surveillance and data mining of most internet communications from foreign nationals, looking for traces of information suggesting communications between terrorists or others threating harm to the U.S., is an example of government worry over this phenomenon. (Paranoia? Maybe, but as the old saw goes, even paranoids have enemies). The fact that China apparently has a sophisticated information espionage operation directed against government and corporate IT systems in the U.S. is similarly a big worry. Many other countries are likely doing similar information espionage and making similar efforts to plug information leaks. (Fast systems today can quickly examine and mine usable information from exabytes of data – an exabyte is a million times the storage contained in your home computer's 1 terabyte hard drive.)

The computing power of the fictional super computer of the TV series Person of Interest — capable of tracking what every human on earth is doing in real time — is probably only a couple of Moore's generations from reality. With that in mind it is clear that Bradley Manning's leaks are only a splash in a much large ocean of issues about the control and dissemination of information in this new age of big data. We are rapidly approaching a time when we will be able to instantaneously discover the details of everything occurring in the world. Sadly, what seems still far away is an equally powerful filter to differentiate between what we need to know and what we need to keep private.

An aphorism attributed to Mark Twain (and others) goes that a lie can travel halfway around the world in the time it takes for truth to get its boots on. Apply that to the flow of information and you might say that embarrassing facts can travel everywhere in the world in less time than it takes for the data cops to know those facts have been stolen.

So, whether Pfc. Bradley Manning is a traitor or a hero to you, he is only among the first of a new breed of information Robin Hoods stealing information from the knowledgeable to give to a world hungry to be informed.
http://www.policymic.com/articles/47...mation-anarchy





The Secret War


General Keith Alexander

INFILTRATION. SABOTAGE. MAYHEM. FOR YEARS FOUR-STAR GENERAL KEITH ALEXANDER HAS BEEN BUILDING A SECRET ARMY CAPABLE OF LAUNCHING DEVASTATING CYBERATTACKS. NOW IT’S READY TO UNLEASH HELL.
James Bamford

Inside Fort Meade, Maryland, a top-secret city bustles. Tens of thousands of people move through more than 50 buildings—the city has its own post office, fire department, and police force. But as if designed by Kafka, it sits among a forest of trees, surrounded by electrified fences and heavily armed guards, protected by antitank barriers, monitored by sensitive motion detectors, and watched by rotating cameras. To block any telltale electromagnetic signals from escaping, the inner walls of the buildings are wrapped in protective copper shielding and the one-way windows are embedded with a fine copper mesh.

This is the undisputed domain of General Keith Alexander, a man few even in Washington would likely recognize. Never before has anyone in America’s intelligence sphere come close to his degree of power, the number of people under his command, the expanse of his rule, the length of his reign, or the depth of his secrecy. A four-star Army general, his authority extends across three domains: He is director of the world’s largest intelligence service, the National Security Agency; chief of the Central Security Service; and commander of the US Cyber Command. As such, he has his own secret military, presiding over the Navy’s 10th Fleet, the 24th Air Force, and the Second Army.

Alexander runs the nation’s cyberwar efforts, an empire he has built over the past eight years by insisting that the US’s inherent vulnerability to digital attacks requires him to amass more and more authority over the data zipping around the globe. In his telling, the threat is so mind-bogglingly huge that the nation has little option but to eventually put the entire civilian Internet under his protection, requiring tweets and emails to pass through his filters, and putting the kill switch under the government’s forefinger. “What we see is an increasing level of activity on the networks,” he said at a recent security conference in Canada. “I am concerned that this is going to break a threshold where the private sector can no longer handle it and the government is going to have to step in.”

In its tightly controlled public relations, the NSA has focused attention on the threat of cyberattack against the US—the vulnerability of critical infrastructure like power plants and water systems, the susceptibility of the military’s command and control structure, the dependence of the economy on the Internet’s smooth functioning. Defense against these threats was the paramount mission trumpeted by NSA brass at congressional hearings and hashed over at security conferences.

But there is a flip side to this equation that is rarely mentioned: The military has for years been developing offensive capabilities, giving it the power not just to defend the US but to assail its foes. Using so-called cyber-kinetic attacks, Alexander and his forces now have the capability to physically destroy an adversary’s equipment and infrastructure, and potentially even to kill. Alexander—who declined to be interviewed for this article—has concluded that such cyberweapons are as crucial to 21st-century warfare as nuclear arms were in the 20th.

And he and his cyberwarriors have already launched their first attack. The cyberweapon that came to be known as Stuxnet was created and built by the NSA in partnership with the CIA and Israeli intelligence in the mid-2000s. The first known piece of malware designed to destroy physical equipment, Stuxnet was aimed at Iran’s nuclear facility in Natanz. By surreptitiously taking control of an industrial control link known as a Scada (Supervisory Control and Data Acquisition) system, the sophisticated worm was able to damage about a thousand centrifuges used to enrich nuclear material.

The success of this sabotage came to light only in June 2010, when the malware spread to outside computers. It was spotted by independent security researchers, who identified telltale signs that the worm was the work of thousands of hours of professional development. Despite headlines around the globe, officials in Washington have never openly acknowledged that the US was behind the attack. It wasn’t until 2012 that anonymous sources within the Obama administration took credit for it in interviews with The New York Times.

But Stuxnet is only the beginning. Alexander’s agency has recruited thousands of computer experts, hackers, and engineering PhDs to expand US offensive capabilities in the digital realm. The Pentagon has requested $4.7 billion for “cyberspace operations,” even as the budget of the CIA and other intelligence agencies could fall by $4.4 billion. It is pouring millions into cyberdefense contractors. And more attacks may be planned.

“We jokingly referred to him as Emperor Alexander, because whatever Keith wants, Keith gets.”

Inside the government, the general is regarded with a mixture of respect and fear, not unlike J. Edgar Hoover, another security figure whose tenure spanned multiple presidencies. “We jokingly referred to him as Emperor Alexander—with good cause, because whatever Keith wants, Keith gets,” says one former senior CIA official who agreed to speak on condition of anonymity. “We would sit back literally in awe of what he was able to get from Congress, from the White House, and at the expense of everybody else.”

Now 61, Alexander has said he plans to retire in 2014; when he does step down he will leave behind an enduring legacy—a position of far-reaching authority and potentially Strangelovian powers at a time when the distinction between cyberwarfare and conventional warfare is beginning to blur. A recent Pentagon report made that point in dramatic terms. It recommended possible deterrents to a cyberattack on the US. Among the options: launching nuclear weapons.

He may be a four-star Army general, but Alexander more closely resembles a head librarian than George Patton. His face is anemic, his lips a neutral horizontal line. Bald halfway back, he has hair the color of strong tea that turns gray on the sides, where it is cut close to the skin, more schoolboy than boot camp. For a time he wore large rimless glasses that seemed to swallow his eyes. Some combat types had a derisive nickname for him: Alexander the Geek.

Born in 1951, the third of five children, Alexander was raised in the small upstate New York hamlet of Onondaga Hill, a suburb of Syracuse. He tossed papers for the Syracuse Post-Standard and ran track at Westhill High School while his father, a former Marine private, was involved in local Republican politics. It was 1970, Richard Nixon was president, and most of the country had by then begun to see the war in Vietnam as a disaster. But Alexander had been accepted at West Point, joining a class that included two other future four-star generals, David Petraeus and Martin Dempsey. Alexander would never get the chance to serve in Vietnam. Just as he stepped off the bus at West Point, the ground war finally began winding down.

In April 1974, just before graduation, he married his high school classmate Deborah Lynn Douglas, who grew up two doors away in Onondaga Hill. The fighting in Vietnam was over, but the Cold War was still bubbling, and Alexander focused his career on the solitary, rarefied world of signals intelligence, bouncing from secret NSA base to secret NSA base, mostly in the US and Germany. He proved a competent administrator, carrying out assignments and adapting to the rapidly changing high tech environment. Along the way he picked up masters degrees in electronic warfare, physics, national security strategy, and business administration. As a result, he quickly rose up the military intelligence ranks, where expertise in advanced technology was at a premium.

In 2001, Alexander was a one-star general in charge of the Army Intelligence and Security Command, the military’s worldwide network of 10,700 spies and eavesdroppers. In March of that year he told his hometown Syracuse newspaper that his job was to discover threats to the country. “We have to stay out in front of our adversary,” Alexander said. “It’s a chess game, and you don’t want to lose this one.” But just six months later, Alexander and the rest of the American intelligence community suffered a devastating defeat when they were surprised by the attacks on 9/11. Following the assault, he ordered his Army intercept operators to begin illegally monitoring the phone calls and email of American citizens who had nothing to do with terrorism, including intimate calls between journalists and their spouses. Congress later gave retroactive immunity to the telecoms that assisted the government.

In 2003 Alexander, a favorite of defense secretary Donald Rumsfeld, was named the Army’s deputy chief of staff for intelligence, the service’s most senior intelligence position. Among the units under his command were the military intelligence teams involved in the human rights abuses at Baghdad’s Abu Ghraib prison. Two years later, Rumsfeld appointed Alexander—now a three-star general—director of the NSA, where he oversaw the illegal, warrantless wiretapping program while deceiving members of the House Intelligence Committee. In a publicly released letter to Alexander shortly after The New York Times exposed the program, US representative Rush Holt, a member of the committee, angrily took him to task for not being forthcoming about the wiretapping: “Your responses make a mockery of congressional oversight.”

Alexander also proved to be militant about secrecy. In 2005 a senior agency employee named Thomas Drake allegedly gave information to The Baltimore Sun showing that a publicly discussed program known as Trailblazer was millions of dollars overbudget, behind schedule, possibly illegal, and a serious threat to privacy. In response, federal prosecutors charged Drake with 10 felony counts, including retaining classified documents and making false statements. He faced up to 35 years in prison—despite the fact that all of the information Drake was alleged to have leaked was not only unclassified and already in the public domain but in fact had been placed there by NSA and Pentagon officials themselves. (As a longtime chronicler of the NSA, I served as a consultant for Drake’s defense team. The investigation went on for four years, after which Drake received no jail time or fine. The judge, Richard D. Bennett, excoriated the prosecutor and NSA officials for dragging their feet. “I find that unconscionable. Unconscionable,” he said during a hearing in 2011. “That’s four years of hell that a citizen goes through. It was not proper. It doesn’t pass the smell test.”)

But while the powers that be were pressing for Drake’s imprisonment, a much more serious challenge was emerging. Stuxnet, the cyberweapon used to attack the Iranian facility in Natanz, was supposed to be untraceable, leaving no return address should the Iranians discover it. Citing anonymous Obama administration officials, The New York Times reported that the malware began replicating itself and migrating to computers in other countries. Cyber#security detectives were thus able to detect and analyze it. By the summer of 2010 some were pointing fingers at the US.

Natanz is a small, dusty town in central Iran known for its plump pears and the burial vault of the 13th-century Sufi sheikh Abd al-Samad. The Natanz nuclear enrichment plant is a vault of a different kind. Tucked in the shadows of the Karkas Mountains, most of it lies deep underground and surrounded by concrete walls 8 feet thick, with another layer of concrete for added security. Its bulbous concrete roof rests beneath more than 70 feet of packed earth. Contained within the bombproof structure are halls the size of soccer pitches, designed to hold thousands of tall, narrow centrifuges. The machines are linked in long cascades that look like tacky decorations from a ’70s discotheque.

To work properly, the centrifuges need strong, lightweight, well-balanced rotors and high-speed bearings. Spin these rotors too slowly and the critical U-235 molecules inside fail to separate; spin them too quickly and the machines self-destruct and may even explode. The operation is so delicate that the computers controlling the rotors’ movement are isolated from the Internet by a so-called air gap that prevents exposure to viruses and other malware.

In 2006, the Department of Defense gave the go-ahead to the NSA to begin work on targeting these centrifuges, according to The New York Times. One of the first steps was to build a map of the Iranian nuclear facility’s computer networks. A group of hackers known as Tailored Access Operations—a highly secret organization within the NSA—took up the challenge.

They set about remotely penetrating communications systems and networks, stealing passwords and data by the terabyte. Teams of “vulnerability analysts” searched hundreds of computers and servers for security holes, according to a former senior CIA official involved in the Stuxnet program. Armed with that intelligence, so-called network exploitation specialists then developed software implants known as beacons, which worked like surveillance drones, mapping out a blueprint of the network and then secretly communicating the data back to the NSA. (Flame, the complex piece of surveillance malware discovered by Russian cybersecurity experts last year, was likely one such beacon.) The surveillance drones worked brilliantly. The NSA was able to extract data about the Iranian networks, listen to and record conversations through computer microphones, even reach into the mobile phones of anyone within Bluetooth range of a compromised machine.

The next step was to create a digital warhead, a task that fell to the CIA Clandestine Service’s Counter-Proliferation Division. According to the senior CIA official, much of this work was outsourced to national labs, notably Sandia in Albuquerque, New Mexico. So by the mid-2000s, the government had developed all the fundamental technology it needed for an attack. But there was still a major problem: The secretive agencies had to find a way to access Iran’s most sensitive and secure computers, the ones protected by the air gap. For that, Alexander and his fellow spies would need outside help.

This is where things get murky. One possible bread crumb trail leads to an Iranian electronics and computer wholesaler named Ali Ashtari, who later confessed that he was recruited as a spy by the Mossad, Israel’s intelligence service. (Israel denied the claim.) Ashtari’s principal customers were the procurement officers for some of Iran’s most sensitive organizations, including the intelligence service and the nuclear enrichment plants. If new computers were needed or routers or switches had to be replaced, Ashtari was the man to see, according to reports from semi-official Iranian news agencies and an account of Ashtari’s trial published by the nonprofit Iran Human Rights Voice.

General Alexander’s Empire

The four-star general presides over a trifecta of intelligence agencies headquartered in Fort Meade, Maryland. Here’s a guide to the alphabet soup of agency and subagency acronyms. — Cameron Bird

NSA

(National Security Agency)

The nation’s largest employer of mathematicians. The Department of Defense created this agency in 1952 to intercept, collect, and decrypt foreign communications. In the past decade, the NSA poured hundreds of millions of dollars into offensive cyberwar R&D.

CSS

(Central Security Service)

Originally envisioned as a fourth branch of the armed services, this organization is now described as a “combat support agency.” It coordinates with the Army, Navy, Coast Guard, Marines, and Air Force to eavesdrop on foreign signals—like tapping into undersea cable or wireless communications.

USCyberCom

(US Cyber Command)

Established by the Department of Defense in 2009 to deter cyberattacks—”proactively.” In March, Alexander gave a hint of the command’s mandate to the House Armed Services Committee: “I would like to be clear that this team, this defend-the-nation team, is not a defensive team.”

CAE

(Centers for Academic Excellence)

Launched in 1998, this NSA initiative seeks to increase the number of college students competent in “information assurance.” Last year the agency accredited four universities to lead the way in training the next generation of cyber operators in “collection, exploitation, and response.”

SCS

(Special Collection Service)

A unit whose existence has never been officially acknowledged by the defense establishment. But according to the accounts of an anonymous CIA official, members of the ultra- top-secret group are involved in covert eavesdropping from US embassies around the world.

JFCC-NW

(Joint Functional Component Command for Network Warfare)

Created in 2005 as part of US Strategic Command, which controls the nation’s nuclear arsenal, it played a lead role in promoting the idea of thwarting Iran’s own nuclear ambitions with a cyberattack. Folded into Cybercom in 2010.

He not only had access to some of Iran’s most sensitive locations, his company had become an electronics purchasing agent for the intelligence, defense, and nuclear development departments. This would have given Mossad enormous opportunities to place worms, back doors, and other malware into the equipment in a wide variety of facilities. Although the Iranians have never explicitly acknowledged it, it stands to reason that this could have been one of the ways Stuxnet got across the air gap.

But by then, Iran had established a new counterintelligence agency dedicated to discovering nuclear spies. Ashtari was likely on their radar because of the increased frequency of his visits to various sensitive locations. He may have let down his guard. “The majority of people we lose as sources—who get wrapped up or executed or imprisoned—are usually those willing to accept more risk than they should,” says the senior CIA official involved with Stuxnet. In 2006, according to Iran Human Rights Voice, Ashtari was quietly arrested at a travel agency after returning from another trip out of the country.

The malware targeting Iran replicated and spread to computers in other countries

In June 2008 he was brought to trial in Branch 15 of the Revolutionary Court, where he confessed, pleaded guilty to the charges, expressed remorse for his actions, and was sentenced to death. On the morning of November 17, in the courtyard of Tehran’s Evin Prison, a noose was placed around Ashtari’s neck, and a crane hauled his struggling body high into the air.

Ashtari may well have been one of the human assets that allowed Stuxnet to cross the air gap. But he was not Israel’s only alleged spy in Iran, and others may also have helped enable malware transfer. “Normally,” says the anonymous CIA official, “what we do is look for multiple bridges, in case a guy gets wrapped up.” Less then two weeks after Ashtari’s execution, the Iranian government arrested three more men, charging them with spying for Israel. And on December 13, 2008, Ali-Akbar Siadat, another importer of electronic goods, was arrested as a spy for the Mossad, according to Iran’s official Islamic Republic News Agency. Unlike Ashtari, who said he had operated alone, Siadat was accused of heading a nationwide spy network employing numerous Iranian agents. But despite their energetic counterintelligence work, the Iranians would not realize for another year and a half that a cyberweapon was targeting their nuclear centrifuges. Once they did, it was only a matter of time until they responded.

Sure enough, in August 2012 a devastating virus was unleashed on Saudi Aramco, the giant Saudi state-owned energy company. The malware infected 30,000 computers, erasing three-quarters of the company’s stored data, destroying everything from documents to email to spreadsheets and leaving in their place an image of a burning American flag, according to The New York Times. Just days later, another large cyberattack hit RasGas, the giant Qatari natural gas company. Then a series of denial-of-service attacks took America’s largest financial institutions offline. Experts blamed all of this activity on Iran, which had created its own cyber command in the wake of the US-led attacks. James Clapper, US director of national intelligence, for the first time declared cyberthreats the greatest danger facing the nation, bumping terrorism down to second place. In May, the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team issued a vague warning that US energy and infrastructure companies should be on the alert for cyberattacks. It was widely reported that this warning came in response to Iranian cyberprobes of industrial control systems. An Iranian diplomat denied any involvement.

The cat-and-mouse game could escalate. “It’s a trajectory,” says James Lewis, a cyber#security expert at the Center for Strategic and International Studies. “The general consensus is that a cyber response alone is pretty worthless. And nobody wants a real war.” Under international law, Iran may have the right to self-defense when hit with destructive cyberattacks. William Lynn, deputy secretary of defense, laid claim to the prerogative of self-defense when he outlined the Pentagon’s cyber operations strategy. “The United States reserves the right,” he said, “under the laws of armed conflict, to respond to serious cyberattacks with a proportional and justified military response at the time and place of our choosing.” Leon Panetta, the former CIA chief who had helped launch the Stuxnet offensive, would later point to Iran’s retaliation as a troubling harbinger. “The collective result of these kinds of attacks could be a cyber Pearl Harbor,” he warned in October 2012, toward the end of his tenure as defense secretary, “an attack that would cause physical destruction and the loss of life.” If Stuxnet was the proof of concept, it also proved that one successful cyberattack begets another. For Alexander, this offered the perfect justification for expanding his empire.

In May 2010, a little more than a year after President Obama took office and only weeks before Stuxnet became public, a new organization to exercise American rule over the increasingly militarized Internet became operational: the US Cyber Command. Keith Alexander, newly promoted to four-star general, was put in charge of it. The forces under his command were now truly formidable—his untold thousands of NSA spies, as well as 14,000 incoming Cyber Command personnel, including Navy, Army, and Air Force troops. Helping Alexander organize and dominate this new arena would be his fellow plebes from West Point’s class of 1974: David Petraeus, the CIA director; and Martin Dempsey, chair of the Joint Chiefs of Staff.

Indeed, dominance has long been their watchword. Alexander’s Navy calls itself the Information Dominance Corps. In 2007, the then secretary of the Air Force pledged to “dominate cyberspace” just as “today, we dominate air and space.” And Alexander’s Army warned, “It is in cyberspace that we must use our strategic vision to dominate the information environment.” The Army is reportedly treating digital weapons as another form of offensive capability, providing frontline troops with the option of requesting “cyber fire support” from Cyber Command in the same way they request air and artillery support.

All these capabilities require a giant expansion of secret facilities. Thousands of hard-hatted construction workers will soon begin erecting cranes, driving backhoes, and emptying cement trucks as they expand the boundaries of NSA’s secret city eastward, increasing its already enormous size by a third. “You could tell that some of the seniors at NSA were truly concerned that cyber was going to engulf them,” says a former senior Cyber Command official, “and I think rightfully so.”

In May, work began on a $3.2 billion facility housed at Fort Meade in Maryland. Known as Site M, the 227-acre complex includes its own 150-megawatt power substation, 14 administrative buildings, 10 parking garages, and chiller and boiler plants. The server building will have 90,000 square feet of raised floor—handy for supercomputers—yet hold only 50 people. Meanwhile, the 531,000-square-foot operations center will house more than 1,300 people. In all, the buildings will have a footprint of 1.8 million square feet. Even more ambitious plans, known as Phase II and III, are on the drawing board. Stretching over the next 16 years, they would quadruple the footprint to 5.8 million square feet, enough for nearly 60 buildings and 40 parking garages, costing $5.2 billion and accommodating 11,000 more cyberwarriors.

In short, despite the sequestration, layoffs, and furloughs in the federal government, it’s a boom time for Alexander. In April, as part of its 2014 budget request, the Pentagon asked Congress for $4.7 billion for increased “cyberspace operations,” nearly $1 billion more than the 2013 allocation. At the same time, budgets for the CIA and other intelligence agencies were cut by almost the same amount, $4.4 billion. A portion of the money going to Alexander will be used to create 13 cyberattack teams.

What’s good for Alexander is good for the fortunes of the cyber-industrial complex, a burgeoning sector made up of many of the same defense contractors who grew rich supplying the wars in Iraq and Afghanistan. With those conflicts now mostly in the rearview mirror, they are looking to Alexander as a kind of savior. After all, the US spends about $30 billion annually on cybersecurity goods and services.

In the past few years, the contractors have embarked on their own cyber building binge parallel to the construction boom at Fort Meade: General Dynamics opened a 28,000-square-foot facility near the NSA; SAIC cut the ribbon on its new seven-story Cyber Innovation Center; the giant CSC unveiled its Virtual Cyber Security Center. And at consulting firm Booz Allen Hamilton, where former NSA director Mike McConnell was hired to lead the cyber effort, the company announced a “cyber-solutions network” that linked together nine cyber-focused facilities. Not to be outdone, Boeing built a new Cyber Engagement Center. Leaving nothing to chance, it also hired retired Army major general Barbara Fast, an old friend of Alexander’s, to run the operation. (She has since moved on.)

Defense contractors have been eager to prove that they understand Alexander’s worldview. “Our Raytheon cyberwarriors play offense and defense,” says one help-wanted site. Consulting and engineering firms such as Invertix and Parsons are among dozens posting online want ads for “computer network exploitation specialists.” And many other companies, some unidentified, are seeking computer and network attackers. “Firm is seeking computer network attack specialists for long-term government contract in King George County, VA,” one recent ad read. Another, from Sunera, a Tampa, Florida, company, said it was hunting for “attack and penetration consultants.”

One of the most secretive of these contractors is Endgame Systems, a startup backed by VCs including Kleiner Perkins Caufield & Byers, Bessemer Venture Partners, and Paladin Capital Group. Established in Atlanta in 2008, Endgame is transparently antitransparent. “We’ve been very careful not to have a public face on our company,” former vice president John M. Farrell wrote to a business associate in an email that appeared in a WikiLeaks dump. “We don’t ever want to see our name in a press release,” added founder Christopher Rouland. True to form, the company declined wired’s interview requests.

Perhaps for good reason: According to news reports, Endgame is developing ways to break into Internet-connected devices through chinks in their antivirus armor. Like safecrackers listening to the click of tumblers through a stethoscope, the “vulnerability researchers” use an extensive array of digital tools to search for hidden weaknesses in commonly used programs and systems, such as Windows and Internet Explorer. And since no one else has ever discovered these unseen cracks, the manufacturers have never developed patches for them.

Endgame hunts for hidden security weaknesses that are ripe for exploitation

Thus, in the parlance of the trade, these vulnerabilities are known as “zero-day exploits,” because it has been zero days since they have been uncovered and fixed. They are the Achilles’ heel of the security business, says a former senior intelligence official involved with cyberwarfare. Those seeking to break into networks and computers are willing to pay millions of dollars to obtain them.

According to Defense News’ C4ISR Journal and Bloomberg Businessweek, Endgame also offers its intelligence clients—agencies like Cyber Command, the NSA, the CIA, and British intelligence—a unique map showing them exactly where their targets are located. Dubbed Bonesaw, the map displays the geolocation and digital address of basically every device connected to the Internet around the world, providing what’s called network situational awareness. The client locates a region on the password-protected web-based map, then picks a country and city— say, Beijing, China. Next the client types in the name of the target organization, such as the Ministry of Public Security’s No. 3 Research Institute, which is responsible for computer security—or simply enters its address, 6 Zhengyi Road. The map will then display what software is running on the computers inside the facility, what types of malware some may contain, and a menu of custom-designed exploits that can be used to secretly gain entry. It can also pinpoint those devices infected with malware, such as the Conficker worm, as well as networks turned into botnets and zombies— the equivalent of a back door left open.

Bonesaw also contains targeting data on US allies, and it is soon to be upgraded with a new version codenamed Velocity, according to C4ISR Journal. It will allow Endgame’s clients to observe in real time as hardware and software connected to the Internet around the world is added, removed, or changed. But such access doesn’t come cheap. One leaked report indicated that annual subscriptions could run as high as $2.5 million for 25 zero-day exploits.

The buying and using of such a subscription by nation-states could be seen as an act of war. “If you are engaged in reconnaissance on an adversary’s systems, you are laying the electronic battlefield and preparing to use it,” wrote Mike Jacobs, a former NSA director for information assurance, in a McAfee report on cyberwarfare. “In my opinion, these activities constitute acts of war, or at least a prelude to future acts of war.” The question is, who else is on the secretive company’s client list? Because there is as of yet no oversight or regulation of the cyberweapons trade, companies in the cyber-industrial complex are free to sell to whomever they wish. “It should be illegal,” says the former senior intelligence official involved in cyber#warfare. “I knew about Endgame when I was in intelligence. The intelligence community didn’t like it, but they’re the largest consumer of that business.”

Thus, in their willingness to pay top dollar for more and better zero-day exploits, the spy agencies are helping drive a lucrative, dangerous, and unregulated cyber arms race, one that has developed its own gray and black markets. The companies trading in this arena can sell their wares to the highest bidder—be they frontmen for criminal hacking groups or terrorist organizations or countries that bankroll terrorists, such as Iran. Ironically, having helped create the market in zero-day exploits and then having launched the world into the era of cyberwar, Alexander now says the possibility of zero-day exploits falling into the wrong hands is his “greatest worry.”

He has reason to be concerned. In May, Alexander discovered that four months earlier someone, or some group or nation, had secretly hacked into a restricted US government database known as the National Inventory of Dams. Maintained by the Army Corps of Engineers, it lists the vulnerabilities for the nation’s dams, including an estimate of the number of people who might be killed should one of them fail. Meanwhile, the 2013 “Report Card for America’s Infrastructure” gave the US a D on its maintenance of dams. There are 13,991 dams in the US that are classified as high-hazard, the report said. A high-hazard dam is defined as one whose failure would cause loss of life. “That’s our concern about what’s coming in cyberspace—a destructive element. It is a question of time,” Alexander said in a talk to a group involved in information operations and cyberwarfare, noting that estimates put the time frame of an attack within two to five years. He made his comments in September 2011.
http://www.wired.com/threatlevel/201...-cyberwar/all/





If the NSA Trusted Edward Snowden With Our Data, Why Should We Trust the NSA?
Farhad Manjoo

Edward Snowden sounds like a thoughtful, patriotic young man, and I’m sure glad he blew the whistle on the NSA’s surveillance programs. But the more I learned about him this afternoon, the angrier I became. Wait, him? The NSA trusted its most sensitive documents to this guy? And now, after it has just proven itself so inept at handling its own information, the agency still wants us to believe that it can securely hold on to all of our data? Oy vey!

According to the Guardian, Snowden is a 29-year-old high-school dropout who trained for the Army Special Forces before an injury forced him to leave the military. His IT credentials are apparently limited to a few “computer” classes he took at a community college in order to get his high-school equivalency degree—courses that he did not complete. His first job at the NSA was as a security guard. Then, amazingly, he moved up the ranks of the United States’ national security infrastructure: The CIA gave him a job in IT security. He was given diplomatic cover in Geneva. He was hired by Booz Allen Hamilton, the government contractor, which paid him $200,000 a year to work on the NSA’s computer systems.

Let’s note what Snowden is not: He isn’t a seasoned FBI or CIA investigator. He isn’t a State Department analyst. He’s not an attorney with a specialty in national security or privacy law.

Instead, he’s the IT guy, and not a very accomplished, experienced one at that. If Snowden had sent his résumé to any of the tech companies that are providing data to the NSA’s PRISM program, I doubt he’d have even gotten an interview. Yes, he could be a computing savant anyway—many well-known techies dropped out of school. But he was given access way beyond what even a supergeek should have gotten. As he tells the Guardian, the NSA let him see “everything.” He was accorded the NSA’s top security clearance, which allowed him to see and to download the agency’s most sensitive documents. But he didn’t just know about the NSA’s surveillance systems—he says he had the ability to use them. “I, sitting at my desk, certainly had the authorities [sic] to wiretap anyone from you or your accountant to a federal judge to even the president if I had a personal email,” he says in a video interview with the paper.

Because Snowden is now in Hong Kong, it’s unclear what the United States can do to him. But watch for officials to tar Snowden—he’ll be called unpatriotic, unprofessional, treasonous, a liar, grandiose, and worse. As in the Bradley Manning case, though, the more badly Snowden is depicted, the more rickety the government’s case for surveillance becomes. After all, they hired him. They gave him unrestricted access to their systems, from court orders to PowerPoint presentations depicting the crown jewels of their surveillance infrastructure. (Also of note: They made a hideous PowerPoint presentation depicting the crown jewels of their surveillance infrastructure—who does that? I’ve been reading a lot of Le Carré lately, and when I saw the PRISM presentation, I remembered how Le Carré’s veteran spy George Smiley endeavored to never write down his big secrets. Now our spies aren’t just writing things down—they’re trying to make their secrets easily presentable to large audiences.)

The worst part about the NSA’s surveillance is not its massive reach. It’s that it operates entirely in secret, so that we have no way of assessing the sophistication of its operation. All we have is the word of our politicians, who tell us that they’ve vetted these systems and that we should blindly trust that the data are being competently safeguarded and aren’t vulnerable to abuse.

Snowden’s leak is thus doubly damaging. The scandal isn’t just that the government is spying on us. It’s also that it’s giving guys like Snowden keys to the spying program. It suggests the worst combination of overreach and amateurishness, of power leveraged by incompetence. The Keystone Cops are listening to us all.
http://www.slate.com/blogs/future_te...and_other.html





Leaker’s Employer Became Wealthy by Maintaining Government Secrets
Binyamin Appelbaum and Eric Lipton

Edward J. Snowden’s employer, Booz Allen Hamilton, has become one of the largest and most profitable corporations in the United States almost exclusively by serving a single client: the government of the United States.

Over the last decade, much of the company’s growth has come from selling expertise, technology and manpower to the National Security Agency and other federal intelligence agencies. Booz Allen earned $1.3 billion, 23 percent of the company’s total revenue, from intelligence work during its most recent fiscal year.

The government has sharply increased spending on high-tech intelligence gathering since 2001, and both the Bush and Obama administrations have chosen to rely on private contractors like Booz Allen for much of the resulting work.

Thousands of people formerly employed by the government, and still approved to deal with classified information, now do essentially the same work for private companies. Mr. Snowden, who revealed on Sunday that he provided the recent leak of national security documents, is among them.

As evidence of the company’s close relationship with government, the Obama administration’s chief intelligence official, James R. Clapper Jr., is a former Booz Allen executive. The official who held that post in the Bush administration, John M. McConnell, now works for Booz Allen.

“The national security apparatus has been more and more privatized and turned over to contractors,” said Danielle Brian, the executive director of the Project on Government Oversight, a nonprofit group that studies federal government contracting. “This is something the public is largely unaware of, how more than a million private contractors are cleared to handle highly sensitive matters.”

It has gone so far, Ms. Brian said, that even the process of granting security clearances is often handled by contractors, allowing companies to grant government security clearances to private sector employees.

Companies like Booz Allen, Lockheed Martin and the Computer Sciences Corporation also engage directly in gathering information and providing analysis and advice to government officials. Booz Allen employees work inside the facilities at the N.S.A., among the most secretive of the intelligence agencies. The company also has several office buildings near the agency’s headquarters in Fort Meade, Md.

The company employs about 25,000 people, almost half of whom hold top secret security clearances, providing “access to information that would cause ‘exceptionally grave damage’ to national security if disclosed to the public,” according to a company securities filing.

In January, Booz Allen announced that it was starting work on a new contract worth perhaps as much as $5.6 billion over five years to provide intelligence analysis services to the Defense Department. Under the deal, Booz Allen employees are being assigned to help military and national security policy makers, the company said.

Representative Peter T. King, a New York Republican and former chairman of the House Homeland Security Committee, said he had no reason to believe that a private contractor was more likely to become a source to reporters than a government official, because both need a security clearance before they can handle top secret information.

“Security is so tight and procedures so strictly enforced, this is really a surprise,” he said of the leaks by Mr. Snowden. “This will have to be fully investigated, inside and out, to find out what happened here. Were there warning signs? Were there issues in his background?”

Stewart A. Baker, who served as general counsel at the N.S.A. in the 1990s and more recently as a top official at the Department of Homeland Security, said he worried that the reliance on outside contractors might, in some ways at least, make the government more vulnerable to leaks.

“Inside the government, there are structures designed to make sure that people understand that they can raise concerns about the lawfulness of particular activities in a variety of established channels,” Mr. Baker said. “You can go to the inspector general or to the Intelligence Committees, and you don’t have to pierce the veil of secrecy to get high-level attention to your concerns without exposing national secrets. It is a little less obvious to employees at a contractor.”

Booz Allen, which notes in securities filings that its business could be damaged by leaks, acknowledged in a statement that Mr. Snowden had been an employee.

The company, based in Virginia, is primarily a technology contractor. It reported revenues of $5.76 billion for the fiscal year ended in March and was No. 436 on Fortune’s list of the 500 largest public companies. The government provided 98 percent of that revenue, the company said.

Its rapid growth, fueled by government investment after the Sept. 11 attacks, led to a 2008 buyout by the Carlyle Group, a private equity firm, followed by a public offering in 2010.

Booz Allen has formed a particularly close relationship with the intelligence agencies, and others besides Mr. Clapper and Mr. McConnell have spent time in the company’s executive offices.

Mr. McConnell has been an advocate for increased federal spending on cybersecurity. He told the CBS News program “60 Minutes” in 2010 that foreign governments had the capacity to bring down the country’s power grid and financial system.

“The United States is not prepared for such an attack,” he said.

The company has also had at least one previous highly publicized problem maintaining data security. In 2011, files maintained by Booz Allen were acquired by the online activist group Anonymous, which claimed to have stolen tens of thousands of encrypted military passwords.

Christopher Drew contributed reporting from New York.
https://www.nytimes.com/2013/06/10/u...contracts.html





Data-Driven Tech Industry Is Shaken by Online Privacy Fears
David Streitfeld and Quentin Hardy

The dreamers, brains and cranks who built the Internet hoped it would be a tool of liberation and knowledge. Last week, an altogether bleaker vision emerged with new revelations of how the United States government is using it as a monitoring and tracking device.

In Silicon Valley, a place not used to second-guessing the bright future it is eternally building, there was a palpable sense of dismay.

“Most of the people who developed the network are bothered by the way it is being misused,” said Les Earnest, a retired Stanford computer scientist who built something that resembled Facebook nine years before the inventor of Facebook was born. “From the beginning we worried about governments getting control. Well, our government has finally found a way to tap in.”

The technology world has always strived to keep Washington at a certain arm’s length. Regulation would snuff out innovation, the entrepreneurs regularly cried. Bureaucrats should keep their hands off things they do not understand, which is just about everything we do out here.

So the first mystifying thing for some here is how the leading companies — including Microsoft, Google, Yahoo, Apple and Facebook — apparently made it easier for the National Security Agency to gain access to their data. Only Twitter seems to have declined.

The companies deny directly working with the government on the project, called Prism. But they have not been exactly eager to talk about how they are working indirectly and where they would draw the line.

Entrepreneurs around Silicon Valley are publicly urging more disclosure.

“The success of any Silicon Valley consumer company is based not only on the value their products bring to users but also on the level of trust they can establish,” said Adriano Farano, co-founder of Watchup, which makes an iPad app that builds personalized newscasts. “What is at stake here is the credibility of our entire ecosystem.”

It is an ecosystem that thrives on personal data. Prism, which collects e-mails, video, voice and stored data, among other forms of Internet information, was exposed at a moment when the very possibility of online privacy seemed to be in doubt.

New technologies like Google Glass are relentlessly pushing into territory that was out of reach until recently. From established behemoths to new start-ups, tech companies are bubbling with plans to collect the most intimate data and use it to sell things.

“We’re pushing our government to protect us, and we’re also busy putting more and more of our information out there for people to look at,” said Christopher Clifton, a Purdue computer scientist who has done extensive work on methods of data collection that preserve privacy. “The fact that some of that data is indeed going to be looked at might be disturbing but it shouldn’t be surprising.”

Edward Snowden, a former Central Intelligence Agency worker who disclosed on Sunday that he was the one who leaked government surveillance documents to The Guardian newspaper, ranks high among the disturbed. In an interview with the newspaper, he called the Internet “the most important invention in all of human history.” But he said that he believed its value was being destroyed by unceasing surveillance.

“I don’t see myself as a hero,” he told the paper, “because what I’m doing is self-interested: I don’t want to live in a world where there’s no privacy and therefore no room for intellectual exploration and creativity.”

President Obama, trying to play down the uproar, said Prism targets only foreign nationals and that it was worth giving up a little privacy for more security.

“I think that’s a dangerous statement,” said Bob Taylor, a computer scientist who played a major role in the 1960s in formulating what would become the Internet. “The government should have told us it was doing this. And that suggests the more fundamental problem: that we’re not in control of our government.”

For some tech luminaries with less than fond feelings for Washington, the disclosures about Prism had special force. This was personal.

Bob Metcalfe, the acclaimed inventor of the standard method of connecting computers in one location, wrote on Twitter that he was less worried about whatever the National Security Agency might be doing “than about how Obama Regime will use their data to suppress political opposition (e.g. me).”

But if Silicon Valley is alarmed about the ways that the personal data now coursing through every byway of the Internet can be misused, it has been a long time coming.

Even as the larger computer makers sold their systems to the government and start-ups of all sorts trafficked in personal information, the companies tried to keep clear of government rules that might cramp their vision — and their profits. They also proved adept at lobbying.

Threats by regulators like Christine Varney, the Internet specialist at the Federal Trade Commission, to impose greater oversight on how personal data was being used online resulted in the formation in 1998 of the Online Privacy Alliance. The industry coalition was credited with turning the debate in the industry’s direction.

Its chief spokeswoman: Ms. Varney, who went through the Washington revolving door and emerged as a champion of industry.

In 1999, Scott McNealy, the chief executive of Sun Microsystems, summed up the valley’s attitude toward personal data in what became a defining comment of the dot-com boom. “You have zero privacy,” he said. “Get over it.”

Mr. McNealy is not retracting that comment, not quite; but like Mr. Metcalfe he is more worried about potential government abuse than he used to be. “Should you be afraid if AT&T has your data? Google?” he asked. “They’re private entities. AT&T can’t hurt me. Jerry Brown and Barack Obama can.” An outspoken critic of the California state government, and Mr. Brown, the governor, Mr. McNealy said his taxes are audited every year.

But arguing that computer makers have some role in creating a surveillance state, he said, “is like blaming gun manufacturers for violence, or a car manufacturer for drunk driving.” The real problem, he said, is: “The scope creep of the government. I think it’s great they’re looking for the next terrorist. Then I wonder if they’re going to arrest me, or snoop on me.”

Microsoft has recently been casting itself as a champion of privacy — at least when Google is involved. Ray Ozzie, the former software chief at Microsoft, was one of those sounding the alarm late last week.

“I hope that people wake up, truly wake up, to what’s happening to society, from both a big brother perspective and little brother perspective,” Mr. Ozzie said at a conference on Nantucket, according to The Boston Globe. But he did not address whatever Microsoft’s role might have been with Prism.

Aaron Levie, the founder of Box.com, a popular file-sharing system, initially joked on Twitter that Prism was simply putting people’s Gmail, Google, Facebook and Skype data all in one place. “The N.S.A. just beat out like 30 start-ups to this idea,” he wrote.

That was funny, because it was true, but also because the interests of the government and Silicon Valley are not necessarily in conflict here.

“The most important issue here is transparency and our lack of visibility around how our data is being used,” Mr. Levie said. “The government and the tech industry clearly will need to come together to create a better model for this.”

In the meantime, some tech leaders have another idea: lie low. Gordon Eubanks, a valley entrepreneur for 30 years, can see both sides of the argument over privacy and security. Until it is resolved, he said, “I’ve just become really careful about what I put out there. I never put online anything about where I live, my family, my pets. I’m even careful about what I ‘like.’ ”
https://www.nytimes.com/2013/06/10/t...pagewanted=all





Government Secrets and the Need for Whistle-Blowers
Bruce Schneier

Yesterday, we learned that the NSA received all calling records from Verizon customers for a three-month period starting in April. That's everything except the voice content: who called who, where they were, how long the call lasted -- for millions of people, both Americans and foreigners. This "metadata" allows the government to track the movements of everyone during that period, and a build a detailed picture of who talks to whom. It's exactly the same data the Justice Department collected about AP journalists.

The Guardian delivered this revelation after receiving a copy of a secret memo about this -- presumably from a whistle-blower. We don't know if the other phone companies handed data to the NSA too. We don't know if this was a one-off demand or a continuously renewed demand; the order started a few days after the Boston bombers were captured by police.

We don't know a lot about how the government spies on us, but we know some things. We know the FBI has issued tens of thousands of ultra-secret National Security Letters to collect all sorts of data on people -- we believe on millions of people -- and has been abusing them to spy on cloud-computer users. We know it can collect a wide array of personal data from the Internet without a warrant. We also know that the FBI has been intercepting cell-phone data, all but voice content, for the past 20 years without a warrant, and can use the microphone on some powered-off cell phones as a room bug -- presumably only with a warrant.

We know that the NSA has many domestic-surveillance and data-mining programs with codenames like Trailblazer, Stellar Wind, and Ragtime -- deliberately using different codenames for similar programs to stymie oversight and conceal what's really going on. We know that the NSA is building an enormous computer facility in Utah to store all this data, as well as faster computer networks to process it all. We know the U.S. Cyber Command employs 4,000 people.

We know that the DHS is also collecting a massive amount of data on people, and that local police departments are running "fusion centers" to collect and analyze this data, and covering up its failures. This is all part of the militarization of the police.

Remember in 2003, when Congress defunded the decidedly creepy Total Information Awareness program? It didn't die; it just changed names and split into many smaller programs. We know that corporations are doing an enormous amount of spying on behalf of the government: all parts.

We know all of this not because the government is honest and forthcoming, but mostly through three backchannels -- inadvertent hints or outright admissions by government officials in hearings and court cases, information gleaned from government documents received under FOIA, and government whistle-blowers.

There's much more we don't know, and often what we know is obsolete. We know quite a bit about the NSA's ECHELON program from a 2000 European investigation, and about the DHS's plans for Total Information Awareness from 2002, but much less about how these programs have evolved. We can make inferences about the NSA's Utah facility based on the theoretical amount of data from various sources, the cost of computation, and the power requirements from the facility, but those are rough guesses at best. For a lot of this, we're completely in the dark.

And that's wrong.

The U.S. government is on a secrecy binge. It overclassifies more information than ever. And we learn, again and again, that our government regularly classifies things not because they need to be secret, but because their release would be embarrassing.

Knowing how the government spies on us is important. Not only because so much of it is illegal -- or, to be as charitable as possible, based on novel interpretations of the law -- but because we have a right to know. Democracy requires an informed citizenry in order to function properly, and transparency and accountability are essential parts of that. That means knowing what our government is doing to us, in our name. That means knowing that the government is operating within the constraints of the law. Otherwise, we're living in a police state.

We need whistle-blowers.

Leaking information without getting caught is difficult. It's almost impossible to maintain privacy in the Internet Age. The WikiLeaks platform seems to have been secure -- Bradley Manning was caught not because of a technological flaw, but because someone he trusted betrayed him -- but the U.S. government seems to have successfully destroyed it as a platform. None of the spin-offs have risen to become viable yet. The New Yorker recently unveiled its Strongbox platform for leaking material, which is still new but looks good. This link contains the best advice on how to leak information to the press via phone, email, or the post office. The National Whistleblowers Center has a page on national-security whistle-blowers and their rights.

Leaking information is also very dangerous. The Obama Administration has embarked on a war on whistle-blowers, pursuing them -- both legally and through intimidation -- further than any previous administration has done. Mark Klein, Thomas Drake, and William Binney have all been persecuted for exposing technical details of our surveillance state. Bradley Manning has been treated cruelly and inhumanly -- and possibly tortured -- for his more-indiscriminate leaking of State Department secrets.

The Obama Administration's actions against the Associated Press, its persecution of Julian Assange, and its unprecedented prosecution of Manning on charges of "aiding the enemy" demonstrate how far it's willing to go to intimidate whistle-blowers -- as well as the journalists who talk to them.

But whistle-blowing is vital, even more broadly than in government spying. It's necessary for good government, and to protect us from abuse of power.

We need details on the full extent of the FBI's spying capabilities. We don't know what information it routinely collects on American citizens, what extra information it collects on those on various watch lists, and what legal justifications it invokes for its actions. We don't know its plans for future data collection. We don't know what scandals and illegal actions -- either past or present -- are currently being covered up.

We also need information about what data the NSA gathers, either domestically or internationally. We don't know how much it collects surreptitiously, and how much it relies on arrangements with various companies. We don't know how much it uses password cracking to get at encrypted data, and how much it exploits existing system vulnerabilities. We don't know whether it deliberately inserts backdoors into systems it wants to monitor, either with or without the permission of the communications-system vendors.

And we need details about the sorts of analysis the organizations perform. We don't know what they quickly cull at the point of collection, and what they store for later analysis -- and how long they store it. We don't know what sort of database profiling they do, how extensive their CCTV and surveillance-drone analysis is, how much they perform behavioral analysis, or how extensively they trace friends of people on their watch lists.

We don't know how big the U.S. surveillance apparatus is today, either in terms of money and people or in terms of how many people are monitored or how much data is collected. Modern technology makes it possible to monitor vastly more people -- yesterday's NSA revelations demonstrate that they could easily surveil everyone -- than could ever be done manually.

Whistle-blowing is the moral response to immoral activity by those in power. What's important here are government programs and methods, not data about individuals. I understand I am asking for people to engage in illegal and dangerous behavior. Do it carefully and do it safely, but -- and I am talking directly to you, person working on one of these secret and probably illegal programs -- do it.

If you see something, say something. There are many people in the U.S. that will appreciate and admire you.

For the rest of us, we can help by protesting this war on whistle-blowers. We need to force our politicians not to punish them -- to investigate the abuses and not the messengers -- and to ensure that those unjustly persecuted can obtain redress.

Our government is putting its own self-interest ahead of the interests of the country. That needs to change.
https://www.schneier.com/blog/archiv...ment_secr.html





Connecting The PRISM Dots: My New Theory
Michael Arrington

The PRISM story firmly changed course yesterday when The Guardian published a video interview with NSA whistleblower Edward Snowden. If you haven’t watched the interview, you should. It’s historic and fascinating.

The media has all but forgotten about just how the NSA gathers all this information from the companies listed in the presentation. After the story first broke, the denials happened. Then the NY Times connected some dots, and there were then further denials (“the government does not have access to Google servers—not directly, or via a back door, or a so-called drop box”). Then Snowden happened.

At this point there are a lot more things we don’t know than we do. But there are still a lot of dots to connect. So I’m watching the Snowden developments out of one eye while I continue to find peace in my soul for the PRISM stories that can’t find a way to merge into one believable narrative.

I’m working from the assumption that every statement by the companies involved is true, or at least arguably true. Besides the fact that I don’t think these people are liars, with all the leaking going on, they just don’t know what other information is going to explode onto the scene, and they have to hedge.

But still, unless you think the original PRISM document is a fake, or so completely muddled in how it explains things that it might as well be, there are some big questions unanswered.

All of the denials and statements admit that the companies turn data over to the government “only in accordance with the law” along with various versions of how the companies review orders before complying.

I’ve spent a good number of hours researching these government orders, and talking to experts, over the last few days. I’m embarrassed to say that this was just not an area that I was particularly interested in, despite all the writing on the wall. To the best of my ability I’ve remedied that and am starting to push forward into some seriously grey area stuff. I am thankful to Wired’s Threat Level blog which has long focused on these issues. David Kravets work has been particularly edifying.

Here’s where we stand. I believe that #3 in my original post is still the most likely truth: “The presentation is real, and the companies are carefully drafting responses so that they aren’t technically lying.”

The government has a variety of tools under FISA and the Patriot Act to get the data they want (which is all of the data). We know a little about how National Security letters work from Google’s willingness to share data around those and the recent judicial challenges.

The Verizon vacuuming of all data over to the NSA, while horrifying, doesn’t apply to internet companies. Those companies must still comply with National Security Letters and FISA order, however.

The NY Times article changes the original allegations from The Guardian and Washington Post. There is no direct access allegation any more. The focus is now on special hardware lockboxes at company datacenters where requested data is moved for pickup by the NSA.

At first glance that sounds like a good idea. The government gets a court order, serves the order onto the company. The company reviews it and then sends the requested data into the lockbox. The NSA gets that data and the transaction is completed.

The only problem with this theory (from the NY Times story) is that Drummond afterwards said it’s not accurate – “not directly, or via a back door, or a so-called drop box.”

So let’s put Google aside for a moment and look at all the internet companies not on the Hot 9 list. Twitter, Amazon, Salesforce, for example. When they get a secret FISA order in they still must comply, without question. But they aren’t on the “direct access” slide. Clearly they are doing things, or not doing things, that make the process of getting their user data more complicated or just slower.

These Super 9 companies, in contrast, are doing something that makes them a headliner in the presentation deck. Twitter didn’t make the cut. Google did.

So again, taking Drummonds statements as true, what is Google doing that’s different than Twitter, and why is that thing making the NSA really happy?

I don’t know, but I have a guess.

My guess is that Google and the others have agreed to receive FISA requests in an automated way, process them in an automated way, and fire off the data in an automated way. That whole process could take a very small amount of time. Milliseconds for small sets of data, easy. Anything beyond that is from any human intervention at Google to read the order and decide whether to accept it. From what I’ve seen, it’s extremely rare for companies to push back on orders, since the secret FISA court always, without exception, tells them to settle down and get that data over to the NSA, pronto.

So Google complies, and the whole thing has been handled “in accordance with the law.” Given how important the Super 9 are to PRISM, it seems clear that responses from queries must come back pretty quickly, almost as fast as a normal search engine, for example.

That tells me there’s a lot of automation going on in a server or two (just don’t call them back doors or drop boxes).

Now here’s something new (to me at least) that also fills in some boxes. The NSA can begin surveillance on a subject for a full week before going to the secret FISA court for an order. In the last year every one of those orders have been granted, so it’s just a formality.

If I had been paying attention in May, David Kravets was already answering the questions I had last weekend. From his article Secretive Spy Court Approved Nearly 2,000 Surveillance Requests in 2012, he says:

The legislation does not require the government to identify the target or facility to be monitored. It can begin surveillance a week before making the request to the secret court, and the surveillance can continue during the appeals process if, in a rare case, the spy court rejects the surveillance application.

See section (g) here for the law behind his statement that the NSA can surveil someone for a week before going to the secret rubber stamp court.

So back to that “in accordance with the law” stuff that the Awesome 9 keep relying on. It appears to be quite legal to begin surveillance a week before getting a secret court order. That gives them time to determine if they’re barking up the wrong tree.

So, sitting around the NSA office one day an analyst has an idea. Like, “Hey, let’s find Republicans in Wyoming who have Facebook or Twitter friends with someone outside of the U.S. And then cross reference that with concealed carry permits. I think these guys might be gun running. Can I get a high five!?

Our guy fills out a form in PRISM, I imagine, with his query. The damn Twitter doesn’t do Prism and needs a more formal order, probably requiring someone to wake up the secret judge and tell him to get that stamp ready. And then they send off the order in a variety of ways and demand a response in 24 hours or something.

Meanwhile things are rocking on Prism. The Verizon data is all locked in and can map out his location over time as a map overlay, easily. Our analyst filled out the form, checked the “FISA approved” box (knowing this is legal because they have a week to go to court), waits a few seconds….and then boom there it is. Lots of data on gun owners in Wyoming with overseas friends. It went through the express line at Google, who noted the FISA approved stamp, and rushed that data right back down the pipe to the NSA.

Hey, bring up those Verizon records and see where this guy’s been. Damn, he goes to the range nearly every day. I wonder if he’s complying with every single Federal and state gun law. Let’s send an agent down to chat with him. And if he gives you any shit just show him this picture of his mistress Verizon sent over. That’ll shut him up.

WAIT! Here’s a frickin video! oh man, I’m sending this to myself. No, hold on guys, I’m doing this. Ok, now, show him this video of himself in a compromised position with his girlfriend and ask if we should sent it to his wife at their home address, it’s right here.

So after a day of looking at pictures of naked girlfriends and wives and ranking the top ten porn searches our perp Googled in the last year, our NSA guys still can figure out how they might stop a major terrorist event. Time to delete this data (which probably means shoving into an archive for later analysis and cross checking). And no bother going to the court on this since the surveillance ended before the week was up.

A few days after that a big package comes in from Twitter with 40,000 printed pages of information. They’ve complied with FISA, with a big middle finger. That stuff gets tossed into the scanning room and forgotten.

My scenario is ridiculous above, but it squares with the slides, it squares with the Snowden interview, and it squares with the many denials we’ve heard.

WE KNOW THIS: These nine companies have done something (we don’t know what) to make the NSA’s lives easier. So easy that agents are told to just focus on these companies (not Twitter or Salesforce or Amazon) for FISA orders.

WE KNOW THIS: The NSA can begin surveillance on someone(s) for a full week before they have to get the rubber stamp from the secret court (which has never said no).

WE KNOW THIS: The NSA routinely talks about mitigation efforts to purge U.S. people data; however, they always talk about these measures being taken after they have control of the data. What they should be doing is proving the data is clean before they grab it. But it’s way more efficient (and also evil) to dragnet everything and then try to cut the good data away from the bad. This is self evident from them taking all call data from all Verizon customers, even calls beginning and terminating in the U.S. They get the data, then make promises to the court that they’ll treat that data appropriately. Huge, Huge, HUGE incentives for misuse here based on efficiency arguments.

I GUESS THIS: The NSA “request” is fired off to Google and others as soon as these guys see a thread to pull, and they mark the request as FISA ordered (they have a week to actually get the order, which will be backdated). Google greenlights it as a legal order and fires over the data. If the data is useful the NSA wakes the secret judge up again to stamp it good. Otherwise they toss the data out and nobody ever talks about it again.

This is the world described to me by people I’ve spoken with who seem to have the best grasp of how FISA orders work, and how they might work in connection with PRISM. It makes sense when you realize that the NSA can order surveillance without court approval for a full week. Since surveillance needs data I assume that Google and the others send that data pronto to comply with the law. I doubt they ever see or hear about the actual FISA order a week later.

There’s a lot of educated speculation here, but if this is mostly right then we’ve got a system that works much like the PRISM slides say – it feels like direct access to a server. There are some things going on in between, like checking a box that the order is FISA compliant, but it seems to me that any request for data under FISA is looked at as a FISA order, as it looks like the companies have no ability to delay or object to the seven day period where surveillance can occur without the actual secret court order.

Thus, under this conspiracy theory, PRISM works just as planned, and just as efficiently, as it was described in the presentation.

Now, the only way for this to stop is for someone in one of these companies to pull an Edward Snowden, download some FISA orders and hop on a plane to Hong Kong. And then call me and I’ll fly over and do a really kick ass interview with you where you can tell the world the rest of the PRISM story. I’ll even start your legal defense fund for you and solicit donations, because you’re going to need it.

You’ll definitely want to plan ahead to avoid the fate of other patriots who tried to do what’s right with government demands. There are usually short trials followed by long prison sentences. See Joseph P. Nacchio as a sad example of a man doing what he thought was right and then being torn apart by the government for saying no to them.

This time it’ll be differen’t, though. Ecador, Iceland, China, they all got your back.
http://uncrunched.com/2013/06/11/con...my-new-theory/





Microsoft Urges Government Transparency On Security Requests

Microsoft Corp on Tuesday urged the U.S. government for greater transparency on requests for data from security agencies.

It follows a demand from Google Inc earlier on Tuesday for permission to publish the total number of government requests for national security information.

"Permitting greater transparency on the aggregate volume and scope of national security requests, including FISA (Foreign Intelligence Surveillance Act) orders, would help the community understand and debate these important issues," Microsoft said in an emailed statement.

"Our recent report went as far as we legally could and the government should take action to allow companies to provide additional transparency".

Both Microsoft and Google, along with other Internet companies, have come under scrutiny following disclosures in The Guardian and Washington Post newspapers of their roles in a National Security Agency data collection program named Prism.

(Reporting by Bill Rigby; Editing by Toni Reinhold)
http://www.reuters.com/article/2013/...95A15N20130611





FISA Court Rejects Catch-22 Secrecy Argument in FOIA Case
Mark Rumold

In the first publicly known victory by a non-government party before the Foreign Intelligence Surveillance Court (FISC), the secret court today granted a motion filed by EFF related to an ongoing Freedom of Information Act lawsuit.

The FISC gave its OK to the public disclosure of an earlier opinion of the FISC—an opinion that declared aspects of the NSA's surveillance under Section 702 of the FISA Amendments Act to be unconstitutional.

Last week, the Department of Justice filed a confusing, head-spinning argument in opposition to our motion, arguing that the FISC's procedural rules operated as a seal, which prevented the executive branch from releasing the opinion. And the court saw right through that claim. In fact, it took EFF longer to figure out how to physically file a motion with the FISC than it did for the FISC to dispatch with the DOJ's arguments.

The victory today was a modest one. The Court didn't order disclosure of its opinion; it just made clear, as EFF had argued, that the FISC's own rules don't serve as an obstacle to disclosure of the opinion. The FISC also clarified that the executive branch cannot rely on the judiciary to hide its surveillance: the only thing obstructing the opinion from the public's review is the executive branch's own claims that it can hide its unconstitutional action behind a veil of classification.

The effect of the Court's decision could be more significant. In earlier arguments, the Department of Justice tried to pin the blame for withholding the opinion in its entirety on the FISC. But, with that argument gone, DOJ should have no choice but to release, at the very minimum, parts of the opinion describing the government's unconstitutional practices.

EFF isn't alone in fighting for the release of these documents. A bipartisan coalition of Senators today announced legislation that would require the Attorney General declassify significant FISC opinions, a move they say would help put an end to "secret law."

The FISC's decision was a welcome move toward greater transparency concerning the NSA's domestic surveillance program. It's now incumbent on the executive branch to provide the public with access to this vitally important document.

You can find the opinion, along with related documents and a motion filed by the ACLU urging the court to release its interpretation of Section 215, on the FISC's recently-created public docket.
https://www.eff.org/deeplinks/2013/0...ing-disclosure





Secret Court Ruling Put Tech Companies in Data Bind
Claire Cain Miller

In a secret court in Washington, Yahoo’s top lawyers made their case. The government had sought help in spying on certain foreign users, without a warrant, and Yahoo had refused, saying the broad requests were unconstitutional.

The judges disagreed. That left Yahoo two choices: Hand over the data or break the law.

So Yahoo became part of the National Security Agency’s secret Internet surveillance program, Prism, according to leaked N.S.A. documents, as did seven other Internet companies.

Like almost all the actions of the secret court, which operates under the Foreign Intelligence Surveillance Act, the details of its disagreement with Yahoo were never made public beyond a heavily redacted court order, one of the few public documents ever to emerge from the court. The name of the company had not been revealed until now. Yahoo’s involvement was confirmed by two people with knowledge of the proceedings. Yahoo declined to comment.

But the decision has had lasting repercussions for the dozens of companies that store troves of their users’ personal information and receive these national security requests — it puts them on notice that they need not even try to test their legality. And despite the murky details, the case offers a glimpse of the push and pull among tech companies and the intelligence and law enforcement agencies that try to tap into the reams of personal data stored on their servers.

It also highlights a paradox of Silicon Valley: while tech companies eagerly vacuum up user data to track their users and sell ever more targeted ads, many also have a libertarian streak ingrained in their corporate cultures that resists sharing that data with the government.

“Even though they have an awful reputation on consumer privacy issues, when it comes to government privacy, they generally tend to put their users first,” said Christopher Soghoian, a senior policy analyst studying technological surveillance at the American Civil Liberties Union. “There’s this libertarian, pro-civil liberties vein that runs through the tech companies.”

Lawyers who handle national security requests for tech companies say they rarely fight in court, but frequently push back privately by negotiating with the government, even if they ultimately have to comply. In addition to Yahoo, which fought disclosures under FISA, other companies, including Google, Twitter, smaller communications providers and a group of librarians, have fought in court elements of National Security Letters, which the F.B.I. uses to secretly collect information about Americans. Last year, the government issued more than 1,850 FISA requests and 15,000 National Security Letters.

“The tech companies try to pick their battles,” said Stephen I. Vladeck, a law professor at American University who has challenged government counterterrorism surveillance. “Behind the scenes, different tech companies show different degrees of cooperativeness or pugnaciousness.”

But Mr. Vladeck added that even if a company resisted, “that may not be enough, because any pushback is secret and at the end of the day, even the most well-intentioned companies are not going to be standing in the shoes of their customers.”

FISA requests can be as broad as seeking court approval to ask a company to turn over information about the online activities of people in a certain country. Between 2008 and 2012, only two of 8,591 applications were rejected, according to data gathered by the Electronic Privacy Information Center, a nonprofit research center in Washington. Without obtaining court approval, intelligence agents can then add more specific requests — like names of individuals and additional Internet services to track — every day for a year.

National Security Letters are limited to the name, address, length of service and toll billing records of a service’s subscribers.

Because national security requests ban recipients from even acknowledging their existence, it is difficult to know exactly how, and how often, the companies cooperate or resist. Small companies are more likely to take the government to court, lawyers said, because they have fewer government relationships and customers, and fewer disincentives to rock the boat. One of the few known challenges to a National Security Letter, for instance, came from a small Internet provider in New York, the Calyx Internet Access Corporation.

The Yahoo ruling, from 2008, shows the company argued that the order violated its users’ Fourth Amendment rights against unreasonable searches and seizures. The court called that worry “overblown.”

“Notwithstanding the parade of horribles trotted out by the petitioner, it has presented no evidence of any actual harm, any egregious risk of error, or any broad potential for abuse,” the court said, adding that the government’s “efforts to protect national security should not be frustrated by the courts.”

One of the most notable challenges to a National Security Letter came from an unidentified electronic communications service provider in San Francisco. In 2011, the company was presented with a letter from the F.B.I., asking for account information of a subscriber for an investigation into “international terrorism or clandestine intelligence activities.”

The company went to court. In March, a Federal District Court judge, Susan Illston, ruled the information request unconstitutional, along with the gag order. The case is under appeal, which is why the company cannot be named.

Google filed a challenge this year against 19 National Security Letters in the same federal court, and in May, Judge Illston ruled against the company. Google was not identified in the case, but its involvement was confirmed by a person briefed on the case.

In 2011, Twitter successfully challenged a silence order on a National Security Letter related to WikiLeaks members.

Other companies are asking for permission to talk about national security requests. Google negotiated with Justice officials to publish the number of letters they received, and were allowed to say they each received between zero and 999 last year, as did Microsoft. The companies, along with Facebook and Twitter, said Tuesday that the government should give them more freedom to disclose national security requests.

The companies comply with a vast majority of nonsecret requests, including subpoenas and search warrants, by providing at least some of the data.

For many of the requests to tech companies, the government relies on a 2008 amendment to FISA. Even though the FISA court requires so-called minimization procedures to limit incidental eavesdropping on people not in the original order, including Americans, the scale of electronic communication is so vast that such information — say, on an e-mail string — is often picked up, lawyers say.

Last year, the FISA court said the minimization rules were unconstitutional, and on Wednesday, ruled that it had no objection to sharing that opinion publicly. It is now up to a federal court.

Nicole Perlroth and Somini Sengupta contributed reporting from San Francisco.
https://www.nytimes.com/2013/06/14/t...data-bind.html





N.S.A. Disclosures Put Awkward Light on Previous Denials
Scott Shane and Jonathan Weisman

For years, intelligence officials have tried to debunk what they called a popular myth about the National Security Agency: that its electronic net routinely sweeps up information about millions of Americans. In speeches and Congressional testimony, they have suggested that the agency’s immense power is focused exclusively on terrorists and other foreign targets, and that it does not invade Americans’ privacy.

But since the disclosures last week showing that the agency does indeed routinely collect data on the phone calls of millions of Americans, Obama administration officials have struggled to explain what now appear to have been misleading past statements. Much of the attention has been focused on testimony by James R. Clapper Jr., the director of national intelligence, to the Senate in March that the N.S.A. was not gathering data on millions of Americans.

When lawmakers returned to the Capitol on Tuesday for the first time since the N.S.A. disclosures, however, the criticism was muted.

In carefully delivered statements, Speaker John A. Boehner of Ohio; Senator Harry Reid of Nevada, the majority leader; and Senator Mitch McConnell of Kentucky, the Republican leader, all said the programs were authorized by law and rigorously overseen by Congress and courts.

In contrast, Senator Ron Wyden of Oregon, a Democrat whose questioning prompted Mr. Clapper’s statement in March, stepped up his criticism of how intelligence officials portrayed the surveillance programs and called for public hearings to address the disclosures. “The American people have the right to expect straight answers from the intelligence leadership to the questions asked by their representatives,” he said in a statement.

And Representative Brad Sherman, Democrat of California, said he had come away from a closed-door briefing by intelligence officials for House members believing that the N.S.A. had too much latitude and too little oversight.

“Right now we have a situation where the executive branch is getting a billion records a day, and we’re told they will not query that data except pursuant to very clear standards,” Mr. Sherman said. “But we don’t have the courts making sure that those standards are always followed.”

Many lawmakers trained their sights on Edward J. Snowden, the intelligence contractor who leaked classified documents to The Guardian and The Washington Post. Mr. Boehner called him a traitor.

Mr. McConnell told reporters: “Given the scope of these programs, it’s understandable that many would be concerned about issues related to privacy. But what’s difficult to understand is the motivation of somebody who intentionally would seek to warn the nation’s enemies of lawful programs created to protect the American people. And I hope that he is prosecuted to the fullest extent of the law.”

The comments of the Senate leaders showed a coordinated effort to squelch any legislative move to rein in the surveillance programs. Mr. Reid took the unusual step of publicly slapping back at fellow senators — including senior Democrats — who have suggested that most lawmakers have been kept in the dark about the issue.

“For senators to complain that they didn’t know this was happening, we had many, many meetings that have been both classified and unclassified that members have been invited to,” Mr. Reid said. “They shouldn’t come and say, ‘I wasn’t aware of this,’ because they’ve had every opportunity.”

Among lawmakers who have expressed concerns in the past, however, the issues have not been laid to rest. When reporters pressed Mr. Wyden on whether Mr. Clapper had lied to him, he stopped short of making that accusation, but made his discontent clear.

“The president has said — correctly, in my view — that strong Congressional oversight is absolutely essential in this area,” he said. “It’s not possible for the Congress to do the kind of vigorous oversight that the president spoke about if you can’t get straight answers.”

At the March Senate hearing, Mr. Wyden asked Mr. Clapper, “Does the N.S.A. collect any type of data at all on millions or hundreds of millions of Americans?”

“No, sir,” Mr. Clapper replied. “Not wittingly.”

Mr. Wyden said on Tuesday that he had sent his question to Mr. Clapper’s office a day before the hearing, and had given his office a chance to correct the misstatement after the hearing, but to no avail.

In an interview on Sunday with NBC News, Mr. Clapper acknowledged that his answer had been problematic, calling it “the least untruthful” answer he could give.

Michael V. Hayden, the former director of both the N.S.A. and the C.I.A., said he considered Mr. Wyden’s question unfair, given the classified subject. “There’s not another country in the world where that question would have been asked and answered in a public session,” he said.

Some other statements of N.S.A. officials appear in retrospect to offer a mistaken impression of the agency’s collection of information about Americans. Mr. Wyden said he had pressed Mr. Clapper on the matter because he had been dissatisfied with what he felt were misleading answers from Gen. Keith B. Alexander, the N.S.A. director. And in a recent speech, the N.S.A.’s general counsel, Rajesh De, sought to debunk what he called “false myths” about the agency, including the idea that “N.S.A. is spying on Americans at home and abroad with questionable or no legal basis.”

While that may be literally true — there is a legal basis — it appears awkward in retrospect that Mr. De’s defense of the agency failed to mention its collection of phone data on Americans.

“It’s a fine line he was treading,” said Matthew M. Aid, an intelligence historian and author of “The Secret Sentry,” a 2009 book on the N.S.A. “But trying to talk around these secret programs just makes matters worse.”

The solution, he said, is for intelligence officials to share more information about what the N.S.A. does and why. “Actually be forthright with the American people,” he said.

Senator Dianne Feinstein of California, chairwoman of the Intelligence Committee, told reporters on Tuesday that she had asked General Alexander to declassify more information about the surveillance programs — like terrorist plots that might have been foiled — to help explain their usefulness.

“If we can get that declassified, we can speak much more clearly,” she said.

Jeremy W. Peters contributed reporting.
https://www.nytimes.com/2013/06/12/u...tatements.html





NSA Chief Drops Hint About ISP Web, E-Mail Surveillance

A secret interpretation of the Patriot Act led to the National Security Agency vacuuming up all of Verizon's phone logs. The NSA may be doing the same for e-mail and Web-browsing logs too.
Declan McCullagh

The head of the National Security Agency hinted Wednesday that logs of Americans' e-mails and Web-site visits may be secretly vacuumed up by the world's most powerful intelligence group.

During a U.S. Senate hearing, NSA director Keith Alexander was asked specifically about whether "e-mail contacts" are ingested under the Obama administration's secret interpretation of the Patriot Act's surveillance powers.

"I don't want to make a mistake" and reveal too much, Alexander said, adding that disclosing details about such surveillance would cause "our country to lose some sort of protection." It would be appropriate, he said, to discuss e-mail and other metadata surveillance in a "classified session" that senators are scheduled to attend Thursday.

Among the small circle of outsiders who closely follow the NSA, the agency's close, long-standing relationship with AT&T, Verizon, and other telecommunications providers is an open secret -- so it would come as little surprise to find they're serving up exabytes of daily e-mail and Web-browsing logs as well. The Wall Street Journal reported last week, citing former government officials, that the NSA "obtains access to data from Internet service providers on Internet use such as data about e-mail or Web site visits."

But Wednesday's exchange between NSA director Alexander and Sen. Mike Johanns, a Nebraska Republican, appears to be the closest the Fort Meade, Md.-based agency has come to addressing the topic in a public setting.

"It would be odd [for the NSA] to focus entirely on telephony logs and exclude Internet traffic," said Julian Sanchez, a research fellow at the Cato Institute in Washington, D.C., who focuses on electronic surveillance topics. "I would assume they're vacuuming up IP logs and perhaps e-mail headers as well."

What prompted Wednesday's Senate exchange was a disclosure last week by the U.K.-based Guardian newspaper of a top-secret order from the U.S. Foreign Intelligence Surveillance Court. It allows the NSA to obtain daily records of all domestic calls made by Verizon customers. Subsequent reports said AT&T and Sprint are also involved.

The Justice Department obtained that order by claiming it was permitted by Section 215 of the Patriot Act, 50 USC 1861, better known as the "business records" portion. Section 215 allows FBI agents to obtain any "tangible thing," including "books, records, papers, documents, and other items," which some of the Patriot Act's supporters have said was never intended to cover every American's phone call logs. (Section 215 orders are far less privacy-protective, and therefore more legally problematic, than traditional search warrants backed by probable cause and signed by a judge.)

In an unusual move, however, the Justice Department has refused to disclose its secret interpretation of Section 215 -- despite complaints from multiple senators -- that would reveal just how far Patriot Act surveillance has extended.

"What I worry is how far you believe this authority extends," Sen. Johanns said to the NSA director during Wednesday's hearing. Alexander replied that Section 215 only covered metadata: "If you want to get the content, you'd have to get a court order."

Under the Justice Department's reasoning, Web-browsing logs and e-mail logs "would seem to be a record, and thus potentially subject to a 215 order," said Kurt Opsahl, a senior staff attorney at the Electronic Frontier Foundation.

Any company running an e-mail server is likely to keep logs of incoming and outgoing messages, which would include metadata but not the content of the communication. While it's less clear which Internet service providers keep logs of customers' visits to Web sites, a document the ACLU obtained in 2010 sheds some light on the topic.

The document, an internal Justice Department chart marked "law enforcement use only," reveals that Verizon Wireless keeps "IP destination information," meaning records of what Internet Protocol addresses are visited, for 90 days. Sprint keeps connection logs for 60 days. T-Mobile, AT&T, and Virgin Mobile do not retain connection logs at all.

Alan Butler, appellate advocacy counsel at the Electronic Privacy Information Center in Washington, D.C., said he believes the Justice Department's use of Section 215 to obtain billions of phone records is illegal. But, he said, the department could nevertheless argue that IP address records should be treated the same as phone numbers:

I think that IP address records would likely be treated the same as call records unless they contain "content" (detailed URIs for specific pages might be considered content). So the FBI could theoretically put forth the same broad relevance argument used to justify this Verizon order.

There's no evidence that Silicon Valley companies, which last week were incorrectly accused of opening their systems to the NSA, would acquiesce to a legally questionable use of Section 215, especially after their willingness to litigate over the legality of "national security letter" requests. In addition, Facebook CEO Mark Zuckerberg and Google CEO Larry Page have offered categorical denials of turning over such a collection of data to the federal government.

James Bamford, in his 2008 book "The Shadow Factory," described Internet service providers' participation in President Bush's now-reshaped warrantless wiretapping program as:

For decades, AT&T and much of the rest of the telecommunications industry have had a very secret, very cozy relationship with the NSA... [NSA Director Michael Hayden] succeeded in gaining the secret cooperation of nearly all of the nation's telecommunications giants for his warrantless eavesdropping program. Within a year, engineers were busy installing highly secret, heavily locked rooms in key AT&T switches, among them Bridgeton, New York City, and the company's major West Coast central office in San Francisco. From then on the data -- including both address information and content -- would flow through the PacketScopes directly to the NSA.

Other reports have suggested that the NSA uses metadata, which would include phone numbers, IP addresses, and e-mail addresses, to determine which person's communications to intercept. Once that task is complete, and legal process is satisfied, the taps at AT&T and other Internet providers would be used to target that person for heightened surveillance.

Heightening speculation about undisclosed NSA surveillance activities was what Rep. Loretta Sanchez (D-Calif.) said after attending a classified briefing Wednesday.

"What we learned in there," Sanchez said, "is significantly more than what is out in the media today."
http://news.cnet.com/8301-13578_3-57...-surveillance/





NSA Revelations Only 'the Tip of the Iceberg,' Says Dem Lawmaker
Daniel Strauss

The federal surveillance programs revealed in media reports are just "the tip of the iceberg," a House Democrat said Wednesday.

Rep. Loretta Sanchez (D-Calif.) said lawmakers learned "significantly more" about the spy programs at the National Security Agency (NSA) during a briefing on Tuesday with counterterrorism officials.

"What we learned in there," Sanchez said, "is significantly more than what is out in the media today."

Lawmakers are barred from revealing the classified information they receive in intelligence briefings, and Sanchez was careful not to specify what members might have learned about the NSA's work.

"I can't speak to what we learned in there, and I don't know if there are other leaks, if there's more information somewhere, if somebody else is going to step up, but I will tell you that I believe it's the tip of the iceberg," she said.

Sanchez's remarks on C-SPAN's "Washington Journal" came a day after House lawmakers were briefed by national security officials on clandestine data collection programs.

The briefing was meant to convince lawmakers that the surveillance programs are legal and necessary in fighting counterterrorism — an argument President Obama and other administration officials have made.

Lawmakers demanded the briefings after revelations last week about the NSA's collection of phone records and Internet data, and Sanchez said lawmakers were "astounded" by what they heard.

"I think it's just broader than most people even realize, and I think that's, in one way, what astounded most of us, too," Sanchez said of the briefing.
http://thehill.com/video/house/30504...n-nsa-briefing





Senate Staffers Told To Pretend Top Secret Documents Are Not Widely Available On Web
Kashmir Hill

The Senate Security Office sent an email around the Hill Friday afternoon asking Senate employees and contractors to try to ignore the fact that top-secret, highly-classified documents are now floating around the Web freely (and, in the case of a terribly designed NSA Powerpoint, getting facelifts.) The email asks security managers to remind Senate employees and contractors that the documents are still technically classified and should be treated as if millions of people haven’t already read them. The email:

Please share with your staff the guidance below.

• Classified information, whether or not posted on public websites, disclosed to the media, or otherwise in the public domain, remains classified and must be treated as such until it is declassified by an appropriate U.S. government authority.


The director of national intelligence has declassified some information in light of the public debate, but the FISA court order, PRISM Powerpoint, NSA brochure, presidential order, as well as the “dozens” of newsworthy documents that Glenn Greenwald still plans to publish remain technically secret even if it’s a secret that anyone with an Internet connection can be let in on.

• Senate employees and contractors shall not, while accessing the web on unclassified government systems, access or download documents that are known or suspected to contain classified information.

Government employees are not supposed to keep classified documents just hanging around on their computers, but at this point, the battle to keep this particular set of documents secure has already been lost thanks to leaker Edward Snowden and his thumb drive. Rules are rules — even if they make little sense in light of current circumstances and seem like a serious impediment for the staffers tasked with supporting senators who need to have a policy debate about the revelations in the leaks.

• Senate employees and contractors who believe they may have inadvertently accessed or downloaded classified information via non-classified Senate systems, should contact the Office of Senate Security for assistance.

So, any staffer that’s been reading the Guardian now needs to call the Senate Security Office. Anyone who doesn’t call should be chastised for not keeping up with relevant news.

The Department of Defense sent around a similar email earlier this week, as reported by Wired. It appears to be standard — if inane — procedure after classified docs go viral. In 2010, U.S. agencies asked unauthorized employees not to access the classified material that came pouring out of Wikileaks in the form of videos and State Department cables. It’s a terrible attempt to chase cats around trying to get them back into bags. And worst of all, puts staffers in the uncomfortable position of breaking protocol by following links on Google News.
http://www.forbes.com/sites/kashmirh...ilable-on-web/





Senators Skip Classified Briefing on NSA Snooping to Catch Flights Home
Alexander Bolton

A recent briefing by senior intelligence officials on surveillance programs failed to attract even half of the Senate, showing the lack of enthusiasm in Congress for learning about classified security programs.

Many senators elected to leave Washington early Thursday afternoon instead of attending a briefing with James Clapper, the Director of National Intelligence, Keith Alexander, the head of the National Security Agency (NSA), and other officials.

The Senate held its last vote of the week a little after noon on Thursday, and many lawmakers were eager to take advantage of the short day and head back to their home states for Father’s Day weekend.

Only 47 of 100 senators attended the 2:30 briefing, leaving dozens of chairs in the secure meeting room empty as Clapper, Alexander and other senior officials told lawmakers about classified programs to monitor millions of telephone calls and broad swaths of Internet activity. The room on the lower level of the Capitol Visitor Center is large enough to fit the entire Senate membership, according to a Senate aide.

The Hill was not provided the names of who did, and who didn't, attend the briefing.

The exodus of colleagues exasperated Senate Intelligence Committee Chairwoman Dianne Feinstein (D-Calif.), who spent a grueling week answering colleagues’ and media questions about the program.

“It’s hard to get this story out. Even now we have this big briefing — we’ve got Alexander, we’ve got the FBI, we’ve got the Justice Department, we have the FISA Court there, we have Clapper there — and people are leaving,” she said.
http://thehill.com/homenews/senate/3...h-flights-home
















Until next week,

- js.



















Current Week In Review





Recent WiRs -

June 8th, June 1st, May25th, May18th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 06:10 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)