P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
Reload this Page Peer-To-Peer News - The Week In Review - November 19th, '11
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 16-11-11, 07:32 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,017
Default Peer-To-Peer News - The Week In Review - November 19th, '11
Since 2002



Volume X, Issue Number I






























"This case shows me that a business model built on litigation and licensing is anything but a sure thing." – Colleen Chien




































November 19th, 2011




Homeland Security Wants Mozilla to Pull “Domain Seizure” Add-On
Ernesto

Homeland Security’s ICE unit is not happy with a Firefox add-on that allows the public to circumvent the domains seizures carried out during the past several months. In an attempt to correct this ‘vulnerability’ in their anti-piracy strategy, ICE have asked Mozilla to pull the add-on from their site. Unfortunately for them Mozilla denied the request, arguing that this type of censorship may threaten the open Internet.

Last month we were the first to draw attention to a nifty Firefox add-on called “MAFIAA Fire.”

The add-on maintains a list of all the domains that ICE (hence the antidote, ‘fire’) has seized and redirects their users to an alternative domain if the sites in question have set one up. The developers told TorrentFreak that they coded it to demonstrate the futility of the domain seizures, which they find objectionable.

Homeland Security’s ICE unit got wind of the add-on and almost immediately took action to have it taken offline. Although the add-on can be hosted anywhere, they asked Mozilla to remove it from their repository just a few days after it first appeared there.

“Recently the US Department of Homeland Security contacted Mozilla and requested that we remove the Mafiaa Fire add-on,” explained Mozilla General Counsel and Vice President of Business Affairs Harvey Anderson. “The ICE Homeland Security Investigations unit alleged that the add-on circumvented a seizure order DHS had obtained against a number of domain names.”

However, where ICE might have expected a swift take down from Mozilla, the legal and business affairs department of the tech company was not planning to honor the request so easily.

“Our approach is to comply with valid court orders, warrants, and legal mandates, but in this case there was no such court order,” Anderson explains.

According to Anderson complying with the request without any additional information would threaten open Internet principles. So, instead of taking the add-on offline they replied to ICE with a set of 11 well-crafted questions.

Interestingly enough, Mozilla never heard from ICE again.

We can only guess how often U.S. authorities try similar mild censorship requests, but if we look at all the companies and services that kicked out Wikileaks last year we have to assume that it’s not the first time. Only a few dare to stand up to such requests, which is a worrying situation.

“One of the fundamental issues here is under what conditions do intermediaries accede to government requests that have a censorship effect and which may threaten the open Internet,” says Anderson.

“Longterm, the challenge is to find better mechanisms that provide both real due process and transparency without infringing upon developer and user freedoms traditionally associated with the Internet,” he adds.

TorrentFreak got in touch with one of the MAFIAA Fire developers, who told us that ICE never contacted them with a takedown request. And although the add-on would still be available on their own website if Mozilla pulled it, he was happy that they chose to put up a fight.

“Hats off to Mozilla for sticking up to them, at first we weren’t sure if Mozilla would even host it due to its controversial nature, but they truly backed up their open source supporting words with actions,” the developer told us.

Indeed, Mozilla deserves to be applauded here for judging ICE’s request by its content, and not by the envelope in which it was sent.

Meanwhile, the MAFIAA Fire team has published a Chrome version of the add-on today. Both add-ons are Open Source and available on the official website, which also has a mirror here to ensure continuity.

Looks like ICE’s request to Mozilla just backFIREd…
https://torrentfreak.com/homeland-se...add-on-110505/





The Privatization of Copyright Lawmaking
Jason Mazzone

Copyright law strikes a balance between private rights and public interests. Not everyone likes the balance the law sets. Copyright owners complain that it does not adequately protect them from infringement of their works. Critics contend that copyright law tilts too far in favor of the interests of copyright owners and does not safeguard the rights of consumers.

Yet because copyright law is public law—enacted by Congress, enforced where appropriate by the President, and interpreted and applied by the courts—there is plenty of opportunity to monitor the effects of the law and to debate the ways in which it should be reformed.

Increasingly, however, copyright law is being privatized. Its meaning and application are determined not by governmental actors but by private parties, and in particular by deep-pocketed copyright owners. Increasingly, the balance between private rights and public interests is set by private lawmaking.

My new book, Copyfraud and Other Abuses of Intellectual Property Law, shows how copyright owners, unhappy with the scope of protections that Congress has given them, routinely grab more rights than they are entitled to under the law. They do this at the expense of consumers and of the public at large.

One example is the widespread use of contractual provisions that enhance the rights of copyright owners. Many works, especially works delivered in digital form, are made available only to people who agree to give to the provider broader rights of ownership than copyright law itself actually confers.

For instance, the Copyright Act protects the right of fair use but in contracts accompanying digital works consumers waive the right to make any use of the work without the copyright owner’s permission. Copyright law permits consumers to give, lend, or sell their copy of a work after they are done using it. However, terms of use imposed by the supplier prohibit any transfer at all.

While copyright law permits reverse engineering of software to develop interoperable products, contractual terms imposed upon the customer prohibit all reverse engineering. Some contracts even require the customer to agree not to contest the content provider’s claim of copyright ownership, raising the possibility that works that are not even protected by copyright are subject to limitations that mirror those available for works that truly are copyrighted.

Beyond altering the content of copyright law, private individuals and entities also play an increasing role in law enforcement. The MPAA supplies investigators to police departments to determine whether DVDs are pirated. Customs agents routinely defer to information supplied by copyright owners in seizing and destroying imported goods. VeriSign, the manager of .com Internet addresses has asked ICANN for permission to shut down domain names when asked to do so by law enforcement without the need for any sort of judicial review.

Recently, White House officials, including Copyright Czar Victoria Espinel, were involved in negotiations between the recording and movie industries and ISPs to interrupt Internet access for users suspected of violating copyright law. These negotiations, which take the form of private agreements between content providers and ISPs, have vast implications for consumers.

The traditional role of courts in determining whether infringement has occurred and punishment should be imposed is also increasingly privatized. Thousands of people targeted by the RIAA for file sharing have paid out penalties not because a court has found infringement but because it has seemed easier just to settle the dispute over the telephone with a credit card number. When this happens, the strength of the copyright owner’s case is never tested.

The Stop Online Piracy Act (SOPA), the companion bill to the Senate’s PROTECT IP Act, would further privatize adjudication and punishment. Title I of that law (dubbed the E-PARASITE Act) creates a “market-based system to protect U.S. customers and prevent U.S. funding of sites dedicated to theft of U.S. property.” It achieves this by empowering copyright owners who have a “good faith belief” that they are being “harmed by the activities” of a website to send a notice to the site’s payment providers (e.g. PayPal) and Internet advertisers to end business with the allegedly offending site.

The payment providers and advertisers that receive the notice must stop transactions with the site. No judicial review is required for the notice to be sent and for the payments and advertising curtailed—only the good faith representation of the copyright owner. Damages are also not available to the site owner unless a claimant “knowingly materially” misrepresented that the law covers the targeted site, a difficult legal test to meet. The owner of the site can issue a counter-notice to restore payment processing and advertising but services need not comply with the counter-notice.

There is also a catch: a site owner who issues a counter-notice automatically consents to being sued in U.S. courts (a strong disincentive for sites based abroad). With few checks at all, SOPA gives copyright owners a sharp tool to disrupt and shut down websites. Based on their past conduct, there is no reason to think that copyright owners will use this tool with any measure of restraint.

Copyright law that is made by private parties evades constitutional constraints that apply to actions undertaken by the government. For example, the Supreme Court has suggested that protections for fair use of copyrighted works may be constitutionally required; if Congress were to suddenly abolish fair use by statute, the change would be immediately challenged as violating the First Amendment. Fair use extinguished through private contract, however, is not easily subjected to constitutional scrutiny.

Likewise, when government agencies conduct investigations, Fourth Amendment limitations on searches and seizures and warrant requirements apply. MPAA–run investigations, by contrast, proceed free from these constitutional restrictions. So, too, before courts may impose fines for infringement or order websites shut down, there must be notice, a hearing, and other procedural requirements that comport with due process. Private adjudication and punishment proceed without any of these protections.

The biggest misperception about SOPA is that it is somehow unprecedented or extraordinary. It is not. SOPA represents just the latest example of copyright law defined and controlled not by the government but by private entities. Copyright owners will deploy SOPA in the same way they have behaved in the past: to extend out their rights. They will disrupt sites that do not infringe a copyright, interfere with fair uses of copyrighted works, and take other steps that evade the limits that the Copyright Act sets on a copyright owner’s actual rights.

Much of what will happen under SOPA will occur out of the public eye and without the possibility of holding anyone accountable. For when copyright law is made and enforced privately, it is hard for the public to know the shape that the law takes and harder still to complain about its operation.
https://torrentfreak.com/the-privati...making-111112/





Copyright Group Tries To Collect From Creative Commons Event
BSOD

GEMA is a company in Germany that helps event organizers aquire performance rights for music. GEMA represents some 60,000 composers, authors and music publishers and the rights of more than a million copyright owners internationally whose works are used in Germany.

In Leipzig, Germany (and also simultaneously in Weimar) an 8 hour dance party was held and played exclusively creative commons music the whole time. The organizer planned this to be the case. Ahead of time he notified the disc jockeys, the public and also GEMA. GEMA told the organizers that to be certain that no rights were infringed, it would need a list of all artists including their full names, place of residency and date of birth. After the event GEMA sent an invoice for 200 euros. Claiming that behind pseudonyms some of their artists may be hidden and produce things that they would not earn anything from.

The event organizer responded by saying that it's impossible to track down that information. Especially with short-lived net-labels and artists that want to stay anonymous. According to German law, you are required to prove that an artist is not with GEMA. So even though GEMA probably does not have rights to any of the music, they are not required to prove that they do.

The law is not without opposition as the German Pirate Party wishes to challenge it.
http://activepolitic.com:82/News/201...s_Event .html





Does Warner Bros. Really Have Exclusive Movie Rights to a Story Posted on Reddit? (Analysis)

Fledging author James Erwin sold Warner Bros. on movie rights to his short story posted on Reddit. But the user agreement for the news community website could raise some thorny intellectual property questions.
Eriq Gardner

In the annals of Hollywood, there have been many tales of writers realizing their dreams by successfully pitching a studio on a film. But these days, with many studios getting sued left and right for allegedly ripping off ideas from writers, executives have become a lot more careful about unsolicited submissions.

Now comes the amazing tale of James Erwin, a largely unknown author who successfully got Warner Bros. to buy movie rights to his story about what would happen if U.S. Marines traveled back in time to fight the Roman Empire. Erwin accomplished this by posting a series of stories entitled "Rome, Sweet Rome" on Reddit.com, an online community that allows users to post links and have discussions with each other.

Warner Bros. aggressively snapped up rights to this story upon seeing it, but does the studio really hold exclusive rights to adapt a film adaptation?

Since selling his pitch, Erwin has abandoned Reddit, telling the ScreenRant website that it's not because he's become too big for his britches but rather because "The Internet is a chaotic, give-and-take place – and that creates nightmares for a lawyered-up industry based on locked-down IP rights."

Erwin might have a legitimate reason to worry about lawyers.

According to Reddit's "User Agreement," those who post on the site agree to certain conditions. Among them:

"you agree that by posting messages, uploading files, inputting data, or engaging in any other form of communication with or through the Website, you grant us a royalty-free, perpetual, non-exclusive, unrestricted, worldwide license to use, reproduce, modify, adapt, translate, enhance, transmit, distribute, publicly perform, display, or sublicense any such communication in any medium (now in existence or hereinafter developed) and for any purpose, including commercial purposes, and to authorize others to do so."

Arguably, this means that Reddit also has the right to take Erwin's story and license it to another studio -- say, Universal or 20th Century Fox.

In addition, although Erwin undoubtedly did much of the hard work in crafting the story himself, during the genesis of "Rome, Sweet Rome," some of Reddit's other users made suggestions to his work that may ultimately shape the final story.

So what exactly did Warner Bros. buy here?

Jerry Birenz, who is listed as the copyright agent for Reddit, says that this raises an "interesting issue" and that by a strict reading of the user agreement, multiple parties might be able to make a claim to a license if they chose to develop Erwin's story.

Birenz wouldn't speak further without getting permission from his client, and executives for Reddit didn't respond to requests for comment. (It's worth pointing out that Reddit is owned by a major publisher -- Condé Nast -- which has shown interest in more robust licensing activity)

Other lawyers also agree there may be room for another studio to ambush Warners' attempt at a film adaptation of a story posted on Reddit. This problem comes up, they say, because many social community sites wants to encourage active sharing and thus maintain permissive licensing arrangements.

"These assignable, nonexclusive licenses are everywhere, and problematic," says Denise Howell, an IP lawyer in California. "Many professional photographers are eschewing photo sharing sites because they need to be able to grant exclusive licenses to their clients."

Howell also points to Twitter, which has been known to be a breeding ground for talent and has led to several development deals for writers in Hollywood.

Twitter used to expressly disclaim rights to user submissions, but it now says, "By submitting, posting or displaying Content on or through the Services, you grant us a worldwide, non-exclusive, royalty-free license (with the right to sublicense) to use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute such Content in any and all media or distribution methods (now known or later developed)."

This is followed up with a "tip" to users that they are authorizing Twitter to make tweets available to everybody, which leads Howell to imagine what might happen if the company tried to sell rights to a creative work based on someone's Twitter account.

"A user could argue this 'tip' actually functions as a limitation on the scope of the license," Howell says, "and that the user reasonably believed the license would function only to enable Twitter to move tweets around its own extended ecosystem."

Perhaps Erwin might try to make a similar case that the scope of Reddit's license is actually limited.

Obviously, Erwin will write a screenplay and get copyright protection over that, but the question remains whether others are free to take the outlines of his story and adapt it.

Presented with Reddit's user agreement, a Warner Bros. spokesman declined to get into any legal analysis except to say it "has obtained exclusive rights to Rome, Sweet Rome."
http://www.hollywoodreporter.com/thr...e-movie-250726





Sweet Sanity: 75% of Americans Say Infringement Fines Should be Under $100
Nate Anderson

New survey data out on American attitudes toward copyright infringement shows that current statutory damage awards of up to $150,000 are supported by almost no one. Indeed, only half of all American adults support any sort of fine for downloading a song or movie, and one-third said there should be no punishment at all.

The data comes from a study out of The American Assembly project at Columbia University. In work that was funded in part by Google, researchers surveyed 2,303 US adults by phone during the month of August on a whole host of copyright-related questions.

We've already covered the admission that 70 percent of those age 18-29 have pirated music or video, though few are hardcore pirates and most also acquire content legally. But what to do about this situation? The survey found that reactions here diverge sharply from current law. Only 52 precent of American adults support punishment at all (another 7 percent say it depends on the situation)—and essentially no one supports any sort of tough punishment.

Fines and warnings are the only two broadly supported remedies for infringement among those who want to impose a penalty. But the supported fines are miniscule, with three-quarters of respondents agreeing that any fine should be less than $100.

Americans support only modest fines

Contrast this with current US law, which provides for statutory damages of up to $150,000 per infringement. These huge amounts aren't mere hypotheticals, either; the few people who have gone to trial for file-sharing were hit with massive fines of up to $80,000 per song, only to have them overturned by appalled judges.

What about Internet disconnection, currently being contemplated by American ISPs under a voluntary "six strike" process many of them have agreed to with content owners? It gets almost no support. Only 16 percent of Americans support it, and that's until the survey noted that "disconnection" would affect an entire household, not just an alleged infringer. As the results writeup puts it, "Informed support for disconnection, accordingly, is under 10 percent."
http://arstechnica.com/tech-policy/n...-under-100.ars





Pirate Party Picks Up New Parliament Seat

Amelia Andersdotter is the best looking member of the Swedish Pirate Party elected in 2009. Originally her votes were not enough to beat fellow pirate Christian Engstrom for a seat on the European Parliament.

Today the EU has redrawn the lines and Twelve countries are to gain one or more MEPs; Spain 4; Austria, France, and Sweden. 18 MEPs total. This will enable Andersdotter, the second Pirate Party politician from Sweden to enter the European Parliament.
http://activepolitic.com:82/News/201...arliament.html





EU Court Comment 'Positive' for File-Sharers
Peter Vinthagen Simpson

Swedish researchers have described comments by an official from the European Court of Justice on Thursday as being positive for file-sharers, while others have claimed that they give support to intellectual property rights legislation.

The EU intellectual property rights directive (IPRED) allows for a court to demand the release of IP information pertaining to a suspected file-sharer, ECJ advocate general said on Thursday.

The statement by Niilo Jääskinen has been taken as an indication that a Swedish court can demand information which may identify a internet service subscriber.

But further comments by Jääskinen, indicating that the information could only be demanded if it had been stored for that specific purpose, have been interpreted by researchers to mean that IPRED would be rendered toothless in practice.

“It is not crystal clear what the advocate general means, but it leans towards that one can’t hand over the information,” according to Daniel Westman, a information law researcher at Stockholm University.

Jääskinen’s comments concern a case referred to the ECJ by the Swedish Supreme Court in September 2010.

The case in question is between five audiobook publishers and the Swedish internet service provider ePhone which had appealed a lower court ruling ordering the firm to hand over information about the users connected to certain IP-addresses.

The firm has refused the request and the case has become regraded in Sweden as a test for the so-called IPRED law which passed into force on April 1st 2009.

The Swedish Publishers’ Association (Svenska Förläggareföreningen - SvF), which is representing the five audiobook publishers, has meanwhile claimed that Jääskinen’s comments are “positive”.

“It is positive, but difficult to interpret with regards to the outcome of the case. It is a little unclear and imprecise how it can be interpreted. But it is very positive that it is now been clarified that the intellectual property rights directive does not run contrary to the legislation,” said Caroline Fellbom Franke at SvF.

Fellbom Franke however recognized that Jääskinen’s additional comments could mean that IPRED legislation in Sweden would become toothless if ePhone and other IPSs were to simply argue that the information was saved for other purposes.

Peter Helle, a lawyer representing ePhone, also interpeted the comments as positive for the firm and for the privacy of internet users.

“As I interpret the advocate general’s comments it is positive for ePhone and for Sweden’s internet users,” he said.

Bo Wigstrand, ePhone’s CEO, described the news as a “success for personal integrity on the internet” and gave him cause to believe that the firm would win their case in the Supreme Court, if the ECJ stands behind the advocate general’s comments.

Solna district court in June 2009 ordered ePhone to reveal who was using the IP-addresses identified as belonging to file sharers who spread some 2,000 audio book titles over the internet.

But ePhone refused, pointing out that a password was required in order to gain access to the works stored on the computer and thus the sound files weren’t publicly accessible and therefore not a case of copyright infringement.

The Court of Appeal (Hovrätten) later upheld ePhone's appeal of the decision, ruling that the publishers were unable to prove whether the audio books on the server really had been available to the public.
http://www.thelocal.se/37412/20111117/





Big In Sweden: Spotify-Crazy Youngsters Are Bellwether For Music Biz
Robert Andrews

Spotify’s early traction in its native Sweden gives the world a glimpse at what a market looks like when strong music subscription services flourish, converting listeners from ownership to access.

Spotify is huge in the land of the midnight sun, and has real market-moving gravity.

According to Swedes And The Internet (PDF), a wide-ranging new consumer survey from Sweden’s Internet Infrastructure Foundation...

• “Just over half (57%) of the Swedish people listen and download music via the Internet.”
• “The percentage of file sharing (21%) have never been greater.”
• “But the proportion who listen to streaming music using Spotify is even greater.”
• “Amongst those aged 16 to 25 years, almost 9 out of 10 (85%) are on Spotify and half (55%) listen daily.”
• “The older people buy CDs and pay per song, while the younger subscribe, share files or listen to Spotify.”
• “If we compare file-sharers with those who do not share files, we find that there is no difference in how often they buy CDs. However, a larger percentage of file sharers pay to download individual songs than those who do not share files.”
• “One in three people (37%) listen to Spotify during a month, which is twice as many as file sharing (18%) and many more than those who buy a CD (9%) or pay per song (4%) during a month.”
• In Sweden, Spotify usage is even running ahead of use of community sites, IM, blog reading and game playing.

Where are all these consumers coming from? Well, Spotify got a head start by launching at home in Sweden in 2008. In October 2009, it signed a deal to bundle its service to subscribers of the Telia broadband, TV and phone provider.

By 2009’s end, national music revenue had grown by 10.2 percent jn Sweden, after a more than four-fold streaming income boom pushed streamers’ share of Swedish music revenue from 17 percent to a whopping 46 percent.

As of November 2011, a whole quarter of Spotify Premium subscribers there were acquired through Telia.

The Swedish office of the global music industry’s umbrella IFPI said anti-piracy legislation implemented at the time was partly responsible for six out of 10 Swedish file sharers stopping the activity.

All of this is remarkable. For years through the 2000s, Sweden was basically the world capital of digital piracy, land of The Pirate Bay and many principled objectors to IP legislation.

Now, legislation coupled with a homegrown, easy-to-use music product is showing everyone a way ahead. But the move from ownership to access models makes it more crucial than ever that the economics of this new model stack up for everyone in the value chain.
http://paidcontent.org/article/419-b...for-music-biz/





200+ Labels Withdraw Their Music From Spotify: Are Its Fortunes Unravelling?
Duncan Geere

Following a study that claims that streaming music is damaging to record sales, a distributor representing more than 200 labels has withdrawn its entire catalogue from Spotify, Napster, Simfy and Rdio.

The study, which was conducted by NPD Group and NARM, came out with results suggesting that subscription services — where you pay a flat fee each month to access a giant jukebox in the sky, rather than owning individual tracks — is discouraging other forms of music purchasing. You can find the further details of that study over at Digital Music News.

That prompted STHoldings, which focuses on techno, grime, dubstep and bass music, to contact the 238 labels that it has on its books to ask if they wanted it to keep distributing content to Spotify or withdraw it. Only four said they wanted to keep their content on Spotify. Interestingly, though almost certainly unrelatedly, Music Ally has noticed that a band signed to one of the labels counts Apple’s director of music for iTunes Europe as one of its members.

A statement from the distributor reads: “As a distributor we have to do what is best for our labels. The majority of which do not want their music on such services because of the poor revenues and the detrimental affect on sales. Add to that the feeling that their music loses its specialness by its exploitation as a low value/free commodity. Quoting one of our labels, ‘Let’s keep the music special, fuck Spotify.’”

We asked Spotify for comment, and a spokesperson told us:

“We have strong support from the music industry, and of course respect the decision of any artist who chooses not to have their music on Spotify for whatever reason. We do however hope that they will change their minds, as the Spotify model is adding, and will continue to add, huge value to the music industry. Right now we have already convinced millions of consumers to pay for music again, to move away from downloading illegally and therefore generate real revenue for the music business.

“In addition, ‘revenue per stream’ totally misses the point when considering the value generated by Spotify. The relevant metrics are: 1) how many people are being monetized by Spotify; 2) who these people are (usually young people previously on pirate services which generate nothing for artists and rightsholders); and 3) how much revenue per user Spotify generates for rightsholders.

Artists can — and do — receive very substantial revenues from Spotify, and as Spotify grows, these revenue streams will naturally continue to grow. Spotify is now the second single largest source of digital music revenue for labels in Europe (IFPI, April 2011) and we’ve driven more than $150 million of revenue to rights holders (ie whoever owns the music, be it artists, publishers or labels) since our launch three years ago.”

Disquiet from musicians and labels over the royalties paid out by Spotify has plagued the music service almost since it first launched. Back in 2009, a storm in a teacup erupted after it was revealed that Lady Gaga got just $167 for more than a million plays. That figure was thoroughly debunked, but the idea behind it has persisted and Spotify hasn’t helped matters by keeping any royalty discussions under a strict veil of secrecy.

Charles Arthur from the Guardian attempted to pierce that veil in late 2009, and the results were a mess of calculations and corrections. A second attemptwasn’t much clearer, and a recent infographic trying to piece things together has been universally condemned by all parties. Recent top-sellers like Coldplay and Adele have actively avoided Spotify for their newest albums, because their management know the record will sell widely regardless and Spotify’s audience isn’t likely to be especially keen on those artists anyway.

Complicating matters is that the four major labels own part of Spotify themselves. 18 percent, according to TechCrunch, which was likely part of the conditions for licensing their catalogue to the streaming service in the first place. Merlin, which represents independent labels owns one percent. It does beg the question — if streaming is so bad for the music industry, then why invest in it?

Meanwhile, even the smallest labels yanking their content is bad news for consumers, because it turns a service that has everything into a service that has “most stuff” — that’s a life-and-death difference to a hardcore music fan. Surveys have suggested that fans are still very wedded to the ownership model and that the chief reason for that is that they have no confidence that their favourite album might not just disappear. If Spotify can’t stem this tide, then that lack of trust might well be what finally does the Swedish streaming service in.

Perhaps, as PaidContent’s Robert Andrews argues, it’s time for some transparency on music streaming rates.
http://www.wired.com/epicenter/2011/...avelling/all/1





Lawsuit Claims Grooveshark Workers Posted 100,000 Pirated Songs
Greg Sandoval

In a copyright lawsuit filed today, Universal Music Group says it has obtained e-mails and other records that show Grooveshark's leaders led an effort to post over 100,000 pirated songs onto the music service, CNET has learned.

"[The business records of Escape Media Group, Grooveshark's parent company,] establish unequivocally," Universal's lawyers wrote in the complaint filed in U.S. District Court in Manhattan, "that the sound recordings illegally copied by Escape's executives and employees, include thousands of well known sound recordings owned by UMG."

The company has long said that it is not liable for copyright violations committed by users because it is an Internet service provider that adheres to the requirements of the Digital Millennium Copyright Act's safe-harbor provisions.

But if Universal's allegations prove true, Grooveshark's DMCA protection could be in jeopardy. The safe harbor only protects service providers from liability for infringing acts committed by users. The law does not protect service providers from their own acts of infringement.

Grooveshark representatives were not immediately available for comment.

Universal Music, the largest of the top four record companies and home to such artists as Lady Gaga, U2 and Elton John, has asked the court to issue a permanent injunction against Grooveshark, which if granted would shut the service down.

The label is also seeking the maximum in monetary damages of $150,000 per infringing act. If at least 1,000 of Universal's songs were infringed, the total in damages could be well into the hundreds of millions.

Universal obtained the documents through the legal discovery process as part of the label's previous copyright suit against Grooveshark. Universal sued Grooveshark in New York state court last year. For that case, Grooveshark was compelled to turn over the database that stores information on uploads.

The label says it found evidence that Samuel Tarantino, Grooveshark's CEO, uploaded at least 1,791 copyrighted songs. Paul Geller, the company's senior vice president allegedly uploaded 3,453 songs and Benjamin Westermann-Clark, another VP, is accused of uploading more than 4,600 pirated songs.

Universal's complaint is likely to generate a lot of attention in the music industry.

One of the problems many artists have with Grooveshark involves takedown notices. One requirement to qualify for safe-harbor protection is that a service provider must quickly remove infringing material once notified by a copyright owner in a takedown notice.

Nonetheless, scores of artists have long complained about the speed with which songs previously flagged for removal reappear on Grooveshark.

In Universal's complaint, the label pointed to the comments section of the blog Digital Music News. In a October 13 story titled "King Crimson Can't Get Their Music Off of Grooveshark," an anonymous writer claimed to be a Grooveshark employee and offered "information from the trenches."

"We are assigned a predetermined amount of weekly uploads to the system and get a small extra bonus if we manage to go above that (not easy)," the person wrote. "The assignments are assumed as direct orders from the top to the bottom, we don't just volunteer to 'enhance' the Grooveshark database."

"And, to confirm the fears of the members of King Crimson," the anonymous poster wrote, "there is no way in hell you can get your stuff down. They are already tagged since you sent in your first complaint. The administration knows that you can't afford to sue for infringement."

Universal did not say in the complaint how it knows the post is legitimate.

The heat has been turned up on Grooveshark in recent months. A Danish anti-piracy group this month has sought court action to block Grooveshark's site in that country.
http://news.cnet.com/8301-31001_3-57...pirated-songs/





For Some, Free Music Is an Investment That Pays Off
Jon Caramanica

What’s the value of a career’s worth of Internet buzz? Approximately 175,000 albums sold in one week — then look out below from there.

On Wednesday the Pittsburgh rapper Mac Miller topped the Billboard album chart with his debut album, “Blue Slide Park“ (Rostrum), selling about 144,000 albums. The week before, the Washington rapper Wale made his debut at No. 2 on the chart (behind Justin Bieber’s Christmas album) with “Ambition“ (Maybach Music Group/Warner Brothers), which sold about 164,000 copies. And last month J. Cole’s first album, “Cole World: The Sideline Story” (Roc Nation), made its bow atop the chart with about 217,000 copies sold in its first week. (All figures are from Nielsen SoundScan.)

First, the good news: A new generation of rappers is actively trying to build a new business model in which releasing oodles of free material online builds a fan base that paves the way for revenue streams: touring, merchandise, even something as old-fashioned as a record deal.

“Blue Slide Park” (Rostrum) is the first independently released album to top the chart since Tha Dogg Pound’s “Dogg Food” (Death Row), in 1995. But Tha Dogg Pound was affiliated with Dr. Dre and Snoop Doggy Dogg, the heavy hitters of the day.

While the Rostrum label has also nurtured the career of Wiz Khalifa, Mac Miller arrives at the top of the chart more or less on his own. The Internet made him as popular as Wale (pronounced wah-LAY), an artist who’s been on two major labels and is affiliated with Rick Ross, and J. Cole, who is signed to Jay-Z’s label. (Being white probably helped Mac Miller too — more on that shortly.)

Each of these artists followed a similar path to arrive at this point: release a string of mixtapes, the free albums that were once native to street corners but are now the preserve of the Internet, and augment them with an active social-media presence, from Twitter to video blogging. (For Wale, this is the second time down the same road: His 2009 major-label debut, “Attention Deficit,” on Allido/Interscope, was a bust.)

That Mac Miller has topped the Billboard album chart maybe says more about the state of record sales than about the popularity of Mac Miller. Certainly, a No. 1 debut isn’t meaningful in and of itself; it may simply indicate that executives were clever enough to pick a release date that wouldn’t compete with Taylor Swift or Lil Wayne or Adele or Jay-Z.

And while these first-week sales numbers are impressive in a tough climate for the traditional record business, they’re numbers that reflect, at best, pent-up demand: proof of concept, if you will, that an artist’s virtual fame can translate to fans spending real-world dollars on a product that they could easily steal (unlike a T-shirt). About 76 percent of Mac Miller’s sales were digital; for Wale and Mr. Cole, working in a major-label system, the numbers were 42 percent and 43 percent; the majority of their sales were hard copy.

But once the loyalists have spent their money, then what? Be mindful of the drop in sales from Week 1 to Week 2 — these artists have so far had only moderate success on radio, which is where albums go to not die. In their second week on sale, Wale and Mr. Cole’s albums each sold just a quarter of their first-week numbers. Without the singles to guarantee them consistent exposure and, by extension, consistent sales, these first-week figures will be a historical blip, a trivia question 20 years from now.

Wale’s single “Lotus Flower Bomb” is No. 7 on the Billboard R&B/hip-hop songs chart this week, and “That Way,” his single with Jeremih and Rick Ross, is No. 5, though it’s probably the least representative song on “Ambition.” The song’s success dates back to the summer, when it was a breakout hit from “Maybach Music Group Presents: Self Made, Vol. 1” (Maybach Music Group/Warner Brothers), a compilation of songs from artists on Rick Ross’s label, released in May. By any measurement it’s a better album than “Ambition,” especially in its judicious use of Wale, the crew’s least characteristic artist.

“Ambition” may be the best Wale release since his 2008 mixtape “The Mixtape About Nothing,” but it’s still chaotic. He’s not the triumphalist that his boss is, and the production here feels too grand for him — he’s a gummy rapper still tentative about his subject matter, his flow patterns and his presence.

Mr. Cole has a pair of hits on the chart too, though they’re lower down. Of these three rappers he’s probably the most charismatic, but “Cole World” feels like a compromise between the confident artist who became a favorite because of his thoughtful mixtapes and someone who understands that those sorts of intricate songs have little to do with success in the nonvirtual world.

Being white, Mac Miller faces a problem Wale and Mr. Cole don’t have: Will radio regard him as a rapper or a pop artist? Which stations will he be played on? Being white essentially doubles his options, and possibly dilutes his message. “Blue Slide Park” is an extremely lighthearted album; Mac Miller isn’t ever not having fun. He toggles between complex rhyme and cheap punch lines, working equally hard at both.

But there are flickers of savvy at work here. “Loitering” has a tremendous, unconventional, guttural beat by Young L, and Mac Miller’s current single, “Party on Fifth Ave.,” is his best to date, a breezy romp that samples “The 900 Number,” one of the great 1980s hip-hop instrumentals.

If there’s a model for surviving this hype spike and finding stability, it’s staring Mac Miller, Wale, Mr. Cole and their peers right in the face, and probably blinding them. Next week Drake will top the album chart, knocking Mac Miller back down to earth; Drake’s expected to sell 600,000 to 700,000 copies of his second album, “Take Care” (Young Money/Cash Money/Universal Republic) this week, which will be one of the biggest debut weeks of the year.

But not that long ago, Drake was just a rapper hoping to transcend the Internet. “So Far Gone,” his breakout 2009 mixtape, was an Internet phenomenon that became something much greater, spawning radio hits and even garnering a pair of Grammy nominations, a first for a mixtape.

Unlike Mac Miller, Wale and Mr. Cole, Drake was a steady presence on radio for months leading up to the release of his 2010 debut album, “Thank Me Later,” which sold approximately 447,000 copies in its first week, and eventually went platinum. Drake had used the Internet as a springboard to the old-fashioned sort of fame.

But even Drake, now part of the establishment, isn’t above continuing to work within the new model. After the singles from “Thank Me Later” dried up, he spent much of last summer stoking the flame for “Take Care” with free songs released on his blog — some of which ended up on the album, and others that now live only in the Internet’s memory. If it ain’t broke, don’t break it.
https://www.nytimes.com/2011/11/19/a...-pays-off.html





How the BBC's HD DRM Plot Was Kept Secret … and Why
Cory Doctorow

The BBC lobbied for DRM to be included on all Freeview HD receivers, offering shows such as Frozen Planet. Photograph: Jason Roberts/BBC

Back in 2009, the BBC approached Ofcom for permission to add "digital rights management" locks to its high-definition broadcasts. The locks would work by scrambling some of the information used to decode video, and in order to get the descrambling key, manufacturers would have to submit to the rules of the DTLA, an offshore consortium led by Intel.

This was a strange request for the BBC to make. There aren't any licence fee payers who put a cheque in the post this year and thought, "Gosh, I wish there was a way I could do less than the law allows with the video my licence fee pays for." The BBC has always eschewed DRM in its Freeview offerings, and other public broadcasters in Europe, the US and Canada eschew DRM. German law prohibits DRM on its public broadcasts, and American law prohibits DRM on all broadcasts, both commercial and non-commercial.

What's more, the DRM scheme proposed by the BBC had three major flaws: first, technical experts believed it would be trivial to defeat; second, the part of the broadcast that the BBC wanted to scramble was shared by closed captions and assistive audio tracks used by disabled people; and finally, the full rules set out by DTLA for its DRM were governed by confidentiality agreements, which meant that UK manufacturers would be ordered to comply with a set of secret rules that the public wasn't allowed to know.

There were other important problems, of course: the proposal violated the EU common market by breaking foreign TV receivers and it meant that popular free/open source receivers and recorders would be frozen out of the UK device market.

The consultation received 459 responses. Of these, 432 of those came from individual licence payers, and 426 opposed the BBC's proposal.

Twenty-six institutions filed 27 responses (Channel 4 responded twice); 17 of them supported the proposal. This includes broadcasters (two different divisions of the BBC, Channel 4, Channel 5 and ITV); a bunch of rightsholder groups such as the Motion Picture Association (run by the US film studios) and Pact; the DTLA itself; and some of manufacturers who license DTLA's technology. The arguments they made were pretty unconvincing, boiling down to "We'd make more money this way," and "Rights-holders may boycott TV if we don't give them this."

The opposing institutions included a coalition of computer science academics, the Royal National Institute of Blind People (RNIB), educators and the Linux Foundation. I wrote comments on behalf of the UK Open Rights Group.

To sum up: the licence fee-paying public overwhelmingly rejected the proposal. So did independent scholars, public interest groups, educators, and disabled rights groups. The vast majority of support came from the BBC (who'd started the whole thing, no surprise there!), broadcasters, and rights-holder groups.

The BBC is a public broadcaster, and its charter sets out the requirement for everything it does to meet a "public value test." Ofcom, the independent regulator that oversees the BBC, is charged with "[making] sure that people in the UK get the best from their communications services and are protected from scams and sharp practices, while ensuring that competition can thrive".

So what did Ofcom do? Naturally, it listened to the public, ignored the uncompetitive rent-seeking proposals from the commercial sector, adhered to EU law, and rejected the proposal.

Well, that's what they did in a parallel universe. In this universe, Ofcom accepted the self-serving arguments of the companies they're meant to be regulating, ignored the public whose interests they were meant to be safeguarding, and gave the BBC what it asked for.

Why did it do this? It's a secret.

But not any more.

BBC tight-lipped

The BBC's comments to Ofcom were released with several redacted sections. These sections were withheld on the basis that they were "commercially sensitive" and couldn't be seen by the general public. Ray Corrigan, one of the Open University academics who signed on to the opposing comments from the computer scientists, filed a freedom of information request to discover what this secret evidence was. After all, there was nothing else particularly compelling in the BBC's proposal, so the really meaty arguments had to be there.

Ofcom rejected the FOI request, saying that the law prohibited it from releasing "commercially sensitive" material. When I asked it whether this meant that anything could be kept out of the public's eye by slapping a "commerically sensitive" label on it, at first they said this was so. But on further questioning, their spokesperson wrote, "we would consider the information on a case-by-case basis and consider the contents of any document to see whether an exemption applies, rather than automatically withholding it because it's marked as 'commercially sensitive'."

Next, Corrigan tried to get the information from the BBC. The BBC also refused to disclose it. I exchanged several emails with a tight-lipped spokesperson. They declined to grant me an interview with Graham Plumb (the BBC's head of distribution technology) or any of his colleagues involved in the submission. They sent this terse statement:

The Ofcom report was submitted in confidence because it contained commercially sensitive information regarding the BBC's negotiations with rights-holders. Such negotiations are standard practice when agreeing commercial contracts. These contracts enable the BBC to provide audiences with a wider choice of programmes than would otherwise be possible.

The spokesperson refused to clarify or expand on this statement.

So, this is weird. Fundamentally, the BBC and Ofcom were claiming that it was in the public's interest to deny the public's wishes, but it wasn't in the public interest to know why this was so.

I started to ask around. One very senior executive with BBC Worldwide (the commercial arm, charged with selling BBC programmes abroad) expressed bafflement: "I don't understand why they want this. It certainly doesn't come from us. We don't need it to sell BBC programming."

Eventually, I got my hands on a copy.
Redactions revealed

Here are the "commercially sensitive" portions of the BBC's Ofcom filing that the public hasn't been allowed to see until now:

1.4. The BBC confirms that it is very unlikely that content which has been directly commissioned by the BBC (alone) would be not be available for broadcast on platforms not supporting content management. However, it should be noted that independent producers frequently retain secondary rights in such content. At some point in the future, a powerful independent producer might insist that it would only accept a commission from the BBC on terms which required the BBC to guarantee that the first (and potentially subsequent) transmissions of this content would be broadcast with content management applied.

Here, the BBC admits that all the content it commissions would be available without DRM. In other words, the stuff that we think of as "BBC programming" (as opposed to joint productions, independent commissions and programmes licensed from abroad) will be available even if the BBC doesn't get its wishes.

It's impossible to see why this would be "commercially sensitive". Why shouldn't the public know that the BBC won't insist on restrictions on the video whose production the licence fee pays for?

The hypothetical business about some independent producer at some future date insisting on DRM is frankly laughable. If an indie doesn't want to sell the BBC a programme it's commissioning on the terms the BBC want, the BBC can commission from another indie – just as it would if an indie wanted to use an actor or writer the BBC didn't like, or wanted more money than the BBC was prepared to spend. Commissioners solicit pitches from indies on set terms, and the speculative, unnamed indie that won't come up to these terms is a pretty unconvincing spectre.

1.5. The BBC wishes to emphasise that in commercial negotiations with right-holders (and co-producers) the BBC normally seeks to obtain the most flexible and least restrictive rights at the best possible price. In general, this flexibility is intended to allow the BBC to show content on one or more occasion(s), sometimes on more than one of the BBC's channels and ideally on both broadcast and non-broadcast platforms (eg the BBC iPlayer). Inevitably, in these negotiations, content rights-holders are seeking to maximise the income from their investment and may seek to increase the price of rights in proportion to the flexibility requested by the BBC.

Again, it's impossible to see why it would be "commercially sensitive" to admit that some rights-holders and partners ask for more money when no DRM is deployed. It's also impossible to see why Ofcom would take this very seriously: the BBC isn't saying that it pays more on no-DRM terms, just that more is asked for. This is anaecdote, not evidence.

1.6. The highest value acquired content, such as first UK free-to-air broadcast rights for popular films or television series, are significantly more likely to be subject to restrictions. For example, in recent negotiations between the BBC and (separately) HBO Enterprises, Sony Pictures Television International, 20th Century Fox International Television and Warner Brothers International Television Distribution, each of these suppliers has separately made it clear that they are unwilling to provide the BBC with linear HD broadcast rights to some high value content unless the BBC undertakes to apply content management controls to all HD format broadcasts of this content.

Aha! At last, the BBC names some names. Unfortunately, these aren't very convincing names.

Fox broadcasts all its HDTV in the US first, where it is prohibited by law from adding DRM. A substantial fraction of Warner and Sony programming also gets broadcast in HD in the US first. These rightsholders may say that they demand DRM, but the fact of the matter is, when they don't have a choice, they broadcast without DRM. If Ofcom doesn't give them that choice, there's no reason to think they'll behave any differently here than they do at home in America.

HBO, on the other hand, is a different story. All HBO content goes out first over DRM-locked cable channels in the USA. If the BBC was going to get new HBO material for broadcast, it's at least credible that HBO would demand DRM.

But the BBC isn't going to get any new HBO content for its broadcast for the next 10 years, because HBO has an exclusive, 10-year deal with Sky.

The exception to this is BBC-HBO co-productions – fundamentally, the BBC is saying that they don't have control over the programmes it pays for with our money. That's embarrassing, but it's hardly "commercially sensitive".

1.7. Whilst this acquired content represent a small proportion of the BBC's HD output, free-to-air television audiences perceive significant value from access to content of this type (for example feature films) from the BBC.

Apparently "people like movies" is "commercially sensitive".

1.8. The proposed launch of a BBC1 HD simulcast later this year is likely to slightly increase the amount of acquired content which is would be subject to HD broadcast limitations on platforms where no content management is present. The BBC very much wants to avoid a situation where it is necessary to blank any acquired content either on BBC1 HD or BBC HD.

[NB The BBC's plan to launch BBC1 HD this autumn is known to Ofcom but remains highly confidential and subject to final sign-off by the BBC Trust].

It's true that this was confidential (the trust approved BBC1 HD earlier this month), but it's not any more. But it's also unnecessary to the BBC's argument: it's possible to say "we foresee acquiring more content" without saying "because we're planning this confidential thing that we don't have permission to do yet".

3.4.1 These approaches include:

(i) Implementing HD broadcast recording and access systems which implement end-to-end content protection using the technologies which have been specified in the DTG D-Book.

(ii) Using professional Freeview HD broadcast receivers combined with their own secure storage and retrieval systems.

(iii) Developing or purchasing from their suppliers secure storage and retrieval systems which integrate direct reception of unencrypted HD video, audio, subtitle and audio description signals with EPG data licensed by the relevant broadcasters.

3.4.3 In respect of the approach outlined in section 3.4.1 (iii), the BBC has suggested that it would be prepared to consider licensing arrangements which would allow libraries, archives and larger educational establishments to make use of EPG data under condition that:

(i) the products and systems using this EPG data together with video, audio, subtitle and audio description recordings would only be made available to educational establishments, libraries, archives and other equivalent organisations;

(ii) the purchasers or users of these products or systems would need to confirm these would only be used for educational, criticism or review, news reporting or other purposes which are permitted under UK legislation; and
(iii) these products and systems would need to incorporate all necessary security controls to prevent the illegitimate copying, distribution or use of HD broadcast recordings for other purposes.

3.4.4 It is the BBC's firm view that the approaches suggested in this section would fully accommodate all current and likely future legitimate usage requirements by even the largest establishments, whilst avoiding compromising the integrity of the HD content management system or requiring any circumvention of this system.

3.4.5 The BBC requests that Ofcom do not publish the specific details relating to these approaches – due to the concern that the above explanation provides information which is helpful to those who may wish to circumvent the content management system.
Here the BBC discusses its plan to accommodate educators, critics and archivists. It plans on establishing a confidential marketplace for more powerful "professional" TV receivers and recorders that can defeat its scrambling system. This bizarre system – creating an entity that would have to manufacture and distribute these devices, after approving the credentials of archivists, critics and scholars – is meant to be kept secret because it makes it clear that it would be easy to defeat the scheme.

So here you have the BBC claiming in one breath that its partners want effective protection from copying, and in the next breath saying that this won't be very effective protection.

Funnily enough, "this will be easy to defeat" is a point that many of the individuals and institutions who formed the majority opposed to this plan made in their statements.

DRM Britain

After I received the redacted material, I approached the BBC and Ofcom again. The BBC refused to answer my emails until I sent copies of the unredacted text to the executives responsible for the memo. Then, a BBC spokesperson again refused to let me speak to anyone responsible, and said:

Sections 1.4 - 1.8 of the BBC's Ofcom consultation response were submitted in confidence because these contain commercially sensitive information regarding the BBC's negotiations with rights holders. Such negotiations are standard practice when agreeing commercial contracts. These contracts enable the BBC to provide audiences with a wider choice of programmes than would otherwise be possible.

In redacting sections 3.4.1 – 3.4.5 of this consultation response the BBC was seeking to avoid publishing any information which would be helpful to individuals who might seek to circumvent Freeview HD's content management controls whilst also recognising that under UK copyright legislation, prescribed libraries and archives (which include the British Library and the British Film Institute) and educational establishments have more extensive rights to reproduce and retain copies of broadcast programmes than do individual viewers who only have a right to record programmes so that they can watch them at a more convenient time (the timeshift exception).

The BBC remains convinced that disclosure of the redacted information included in these sections of its Ofcom response would not be in the public interest.

In other words, "Auntie knows best, so shut up and run along and let us get on with breaking your TV."

Ofcom was equally unhelpful in explaining why any of this material passed muster in its "case by case" evaluation of confidentiality. Rather, it switched back to its statement that it had to take all claims of confidentiality at face value, and freedom of information seekers need not apply when one of the companies it is meant to be regulating tells it to keep mum, no matter how compelling the public interest and how unconvincing the claimed need for confidentiality.

And now we're gearing up for DRM Britain. Our BBC will give privileges to American TV companies that the US government won't give them, and our "independent" regulator won't even tell us why.

In the new DRM world, the rights you've enjoyed to your licence-fee-paid material are now contingent. If you want to save your copies to your computer, transfer them to your tablet or phone, loan them to your neighbours, excerpt them for education, criticism or parody, you're going to have to ask a committee for permission. If your kids want to do these things, they're going to have to seek this permission as well, and if you have the sort of children who aren't comfortable making submissions to regulatory committees, then your children won't be able to do what other children all over the world are accustomed to doing.

British manufacturers who want to make digital television receivers and recorders will have to accord with the secret rules set out by the DTLA, which includes a ban on free/open source software, such as the popular MythTV package.

This package is already in use by many British licence fee payers (some of whom wrote in to Ofcom about it) and DTLA rules it out because it can be modified by its users. Despite the fact that so many British engineers started their journeys by building BBC receivers, there are no user-servicable parts allowed in the new, HD, DRM BBC.

Welcome to DRM Britain. Our BBC will give privileges to American TV companies that the US government won't give them, and our "independent" regulator won't even tell us why.

The author gratefully acknowledges the research contributions of Ray Corrigan and Beth Bernier Pratt
http://www.guardian.co.uk/technology.../14/bbc-hd-drm





Site to Resell Music Files Has Critics
Ben Sisario

Music fans looking to clear out some clutter can always try to sell their old CDs. But can someone resell an old digital music file of “Thriller” that’s languishing on a computer?

A legitimate secondhand marketplace for digital music has never been tried successfully, in part because few people think of reselling anything that is not physical. But last month a new company, ReDigi, opened a system that it calls a legal and secure way for people to get rid of unwanted music files and buy others at a discount.

The service has already drawn concern from music executives and legal scholars, who say it is operating in a gray area of the law. Last Thursday the Recording Industry Association of America, which represents the major record companies, sent ReDigi a cease-and-desist letter, accusing it of copyright infringement.

John Ossenmacher, ReDigi’s chief executive, contends that the service complies with copyright law, and that its technology offers safeguards to allay the industry’s concerns that people might profit from pirated music. “ReDigi is a marketplace that gives users tools to be in compliance with copyright law,” he said. “Before I put a file up for sale ReDigi says you will need to delete them, and if not it won’t take them.”

When a user wants to upload a song for sale, ReDigi analyzes its metadata — a kind of digital fingerprint — to verify that it came from an official store like iTunes or Amazon. (It does not accept files ripped from a CD, or others whose provenance it considers suspect.)

A desktop program then deletes any copies left on a user’s computer, and can detect if that user tries to add copies later.

Songs on the service, which is based in Cambridge, Mass., cost 79 cents, as much as 50 cents less than the price of new tracks at iTunes. ReDigi users also get coupons worth 20 cents for each song upload for sale, effectively reducing the cost of a track to 59 cents. ReDigi’s fee ranges from 5 to 15 percent, a spokeswoman said. The company also plans to open a similar market for e-books, Mr. Ossenmacher said.

Lawyers and executives in music and technology call ReDigi a novel system, but with a number of legal and practical issues that put it at odds with the music industry.

ReDigi says it is legal under the first-sale doctrine, the idea that once someone buys a copyrighted item like a CD or book, that buyer is free to resell it.

But legal scholars say that the law is unclear when it comes to digital goods because transferring a digital file from one party to another usually involves making a copy of it, something generally not allowed under copyright law.

“The real challenge for the first-sale doctrine in the digital environment,” said Mark A. Lemley, a professor at Stanford Law School, “is that courts have generally said that if you’ve gone beyond using your copy, and made a new copy, then you’re outside the scope of the doctrine.”

Jason M. Schultz, an assistant professor of law at the University of California, Berkeley, said there were aspects to the first-sale law that may apply to digital goods, but have been largely untested in the courts.

“When you own something you get to customize it, modify it, move it around — the things that we do all the time with physical property,” Professor Schultz said. “That needs to be applied to digital music here in order to get it off your hard drive, to their service and to the next person.”

The recording industry association’s letter to ReDigi, a copy of which was obtained by The New York Times, says that the company violates copyright by making copies of files, and by providing 30-second samples of songs without licenses. A spokeswoman for ReDigi said on Friday that the company had not received the letter.

Mr. Ossenmacher, who has a background in technology and marketing, with several patents for fluorescent lighting and experience in social networking, said that his company has developed a process it calls an “atomic transaction” that can transfer files between users without copying.

That and other claims have been disputed by music and technology specialists, including Steve Scherf, a founder of CDDB, a system now known as Gracenote, that is widely used by iTunes and other programs to analyze and identify the music on people’s computers.

“I have some serious doubts about their technologies,” Mr. Scherf said in an interview. “There are things in it which as far as I can tell are just hype.”

Mr. Ossenmacher said that ReDigi could tell if a user tried to put a file on their computer after already uploading it for resale. The service can also detect if a song on a connected iPod is another such copy, and would suspend a user’s account if the files were not removed. But he conceded that the service is not foolproof.

“If someone willfully wants to violate copyright law,” he said, “then there may be ways that they can ultimately beat the system.”

ReDigi’s system is not the first attempt at a secondhand digital marketplace. Three years ago a company called Bopaboo announced plans for a similar service, but it was unable to get licenses from record companies, and the project was abandoned.

Mr. Ossenmacher said that ReDigi has offered to pay labels and artists a “gratuity” as a good-will gesture, even though the first-sale rule would make that unnecessary.

The company’s business plan calls for it to take a fraction of every sale on the service. But like many start-up companies in digital music, to turn a profit ReDigi will need to attract large numbers of users.

“If nothing in ReDigi sells,” he said, “we’re dead.”
https://www.nytimes.com/2011/11/15/b...contested.html





RIAA Claims You Do Not Own Your iTunes Music Purchases
Joel Hruska

The Recording Industry Association of America and the Authors Guild don’t normally have much in common, but fresh salvos from both groups underline their continued resistance to modern forms of product distribution — even when said stubbornness harms the consumers who keep both groups in business.

In the RIAA’s case, it’s upset about the business model of ReDigi, a used digital music business that went online in early October. ReDigi’s business model is built on the idea that it can properly identify music files that were legally purchased via iTunes or another download service versus those which were ripped from your own music collection or downloaded illegally. Users can sell legally-downloaded tracks to ReDigi and are awarded the equivalent of store credit for use in the purchase of other digital tracks.

The company’s website describes the process: “The thing that sets ReDigi apart… is our revolutionary patent pending technology that facilitates the “verification” and “hand off” of a digital music file from the seller to the buyer.” When you “hand off,” the file is deleted from your hard drive. Ostensibly this ensures that the file comes from a legitimate source, and that the sold file can not be re-used or re-sold.

The RIAA isn’t buying it. The organization has sent ReDigi a cease-and-desist order [PDF], in which it claims that ReDigi’s software “duplicates the user’s copy of the track, places a watermark on that copy, stores it on ReDigi’s servers, and purportedly deletes the original file from the user’s hard drive or mobile device. Then ReDigi offers for sale the copy it has made to other users of its service.”

According to the RIAA, this constitutes copyright infringement because ReDigi is copying a work without having permission to do so. While ReDigi claims to be protected under the first-sale doctrine, the recording industry claims that first sale only protects the sale of a particular copy of a product. The organization is demanding that ReDigi cease all business operations, make a full accounting of all revenue earned, and quarantine all recordings for inspection.

Do you own a song that you buy, then?

Our preliminary investigation into ReDigi’s service indicates that the company’s music manager is capable of distinguishing between properly authorized tracks downloaded from iTunes versus music files acquired via ripping a legally-owned CD. While this doesn’t guarantee that the software functions flawlessly, it does give credence to ReDigi’s claims to be acting in good faith.

The RIAA’s claim that the phrase “particular copy” invalidates first-sale doctrine is undermined by the fundamental nature of data storage. Once a file is written to a device, any backup process, move procedure, or device synchronization changes the original. Download a song through iTunes, and the version synched with an iPhone is not the original — it’s a copy. Even moving the original file from one location to another is a copy-delete process.

For years, the RIAA and MPAA have argued that purchasing a physical CD or DVD simply grants one a license to use the product rather than ownership of the content. If that’s true, then it follows that access to the content, rather than any particular physical media, should determine whether the first-sale doctrine has been upheld. If ReDigi’s service can accurately prevent users from accessing songs they’ve sold to the service, then the RIAA’s rights have been legally preserved.

Amazonian might

As for the Authors Guild, the organization is unhappy with Amazon’s new lending library. Earlier this month, Amazon announced that Amazon Prime subscribers could “borrow” one free book per month from an initial selection of some 5,000 titles. Most book publishers, however, were unwilling to sign on to the program. Amazon opted to do an end run around the publishers by purchasing a copy of every e-book a reader chooses to borrow. The 12 books an Amazon Prime subscriber borrows over the course of a year, in other words, don’t represent 12 lost sales.

The AG is infuriated by what it sees as a loss of control. It writes: “Amazon’s boilerplate terms specifically contemplate the sale of e-books, not giveaways, subscriptions, or lending” and characterizes the company’s actions as “an exercise of brute economic power.”

The Guild voices some valid concerns, including the fear that publishers might try to prominently position loss leader books in the lending library in order to drive sales of other authors — but this sort of activity is already prohibited by existing clauses and is more an issue between publisher and author than anything that involves Amazon. The e-tailer, in any case, is more interested in reaching agreements with publishers than with simply buying an e-book every time an Amazon Prime user wants to read it.

The dispute between Amazon and the Authors Guild raises very different questions than the RIAA’s attempt to shut down ReDigi, but both battles are rooted in a struggle for control over how digital content is accessed, distributed, and passed on. The AG hasn’t initiated legal action — at least not yet — but the outcome of both disagreements could have a substantial impact on the future of legal content sharing.

This shift in focus from protecting sales channels to creating “used” markets and digital lending is a sign that digital distribution is maturing—at least a little. Secondary markets and public libraries both require large primary markets and relatively low prices in order to function effectively. ReDigi faces specific challenges related to copyright infringement, but Amazon isn’t the only company offering digital lending. Multiple public libraries now offer patrons the ability to download e-books and audiobooks directly to a tablet/smartphone, thus bypassing the entire process of visiting a library and checking out a physical book. It’s hard to view Amazon’s actions as an exercise of “brute economic power” given that libraries now offer identical functions, but the AG’s struggle to do just that emphasizes the disruptions digital distribution continues to create.
http://www.extremetech.com/computing...usic-purchases





Amazon's Kindle Lending Library is Contract Breach, Say US Authors

Authors Guild says online retailer is using 'brute economic power' to push books into scheme without proper permissions
Alison Flood

American authors are up in arms about Amazon's new Kindle lending library, accusing the online retailer of "boldly breaching its contracts" with publishers as it exercises its "brute economic power".

Amazon.com launched its Kindle owners' lending library earlier this month, giving customers with an Amazon Prime membership (which costs $79 a year) the option to borrow one book a month for free, with no due dates.

With more than 5,000 titles available, including Michael Lewis's Liars' Poker, Suzanne Collins's bestselling young adult series The Hunger Games trilogy and Howard Jacobson's Booker-winning novel The Finkler Question, the books, said Amazon in its announcement, come from a range of publishers under a "variety" of terms. The "vast majority" are there following an agreement with the publishers to include the books for a fixed fee, while "in some cases", Amazon said it was purchasing the title under standard wholesale terms each time it is borrowed, "as a no-risk trial to demonstrate to publishers the incremental growth and revenue opportunity that this new service presents".

Literary agents were quick to condemn the project, releasing a statement saying "it is difficult to see how this programme is in the best interests of our clients".

Now authors themselves have also moved to criticise it, with US writers' body the Authors Guild describing it as a "mess", asking if any of the books in the programme are there legitimately and accusing Amazon of launching it to push the Kindle Fire as it fights an "unexpected ebook device battle" with Apple and Barnes & Noble.

The Authors Guild claims that the six largest US trade book publishers, Random House, Simon & Schuster, Penguin, HarperCollins, Hachette, and Macmillan, refused to participate in the lending library, with the next tier of publishers mainly also refusing. "No matter. Amazon simply disregarded these publishers' wishes, and enrolled many of their titles in the programme anyway. Some of these publishers learned of Amazon's unilateral decision as the first news stories about the programme appeared. How can Amazon get away with this? By giving its boilerplate contract with these publishers a tortured reading," said the Guild.

Amazon's belief that it does not need permission to include the books, that it is just required to pay publishers the wholesale price of the titles which are downloaded, is "nonsense", said the Authors Guild. "Publishers did not surrender this level of control to the retailer. Amazon's boilerplate terms specifically contemplate the sale of ebooks, not giveaways, subscriptions, or lending," it said. "Amazon, in other words, appears to be boldly breaching its contracts with these publishers. This is an exercise of brute economic power. Amazon knows it can largely dictate terms to non-Big Six publishers, and it badly wanted to launch this programme with some notable titles."

Publishers who have agreed to participate in the Kindle lending library, meanwhile, "do not have the right to do so without the prior approval of the books' authors", according to the writers' body, which is advising authors whose books are in the programme without their permission to contact their publisher to register their objections.
http://www.guardian.co.uk/books/2011...ntract-authors





Nook Tablet Limits Internal Storage for Non-B&N Purchased Content to 1GB
Brian Heater

Well, this is definitely a bummer. Barnes & Noble has spent a fair amount of time talking up all of the Nook Tablet's internal advantages over the Kindle Fire, a list that includes 16GB of storage to the Fire's 8GB. That particular spec may not be quite as good as it looks on paper, however. It seems that Barnes & Noble is currently limiting internal storage on the Android slate to 1GB of content not downloaded directly from B&N. Bummer, right? Especially for those expecting to store their multimedia content on the device. It's not all bad, though. Keep in mind that, unlike the Fire, the Nook's got a not-so-secret weapon -- expandable memory via a microSD card slot located behind the tablet's distinctive loop. We've reached out to B&N for comment, and we're guessing a firmware update will remedy this PR nightmare in 3... 2... 1....

Update: Barnes & Noble confirmed that the above numbers are correct, but added that future multimedia download plans from third-party vendors will utilize the space currently devoted to B&N content only.
http://www.engadget.com/2011/11/16/n...chased-conten/





American Censorship Day Sees Old Media Ads About New Media Restrictions
James Gaskin

New media giants Google, Facebook, Zynga, and more put a full page ad in the New York Times today to lobby against the SOPA (Stop Online Piracy Act) bill going through Congress. A newspaper ad to protect the Web? Interesting.

As discussed before, SOPA, if passed, will allow anyone who believes they own copyrighted material offered illegally on the Web to demand the material be taken down within five days. If not, the website will be cut off from financial transactions (credit card income etc), advertising networks, and can even be deleted from the DNS servers. Penalties for abuse by the copyright holders, like when Warner Brothers demanded Hotfile.com take down thousands of files not owned or controlled by Warner Brothers? No mention.

While it's good to see Google et al put their concerns on a page of the New York Times, it appears old-fashioned political lobbying by the music and movies companies has completely overwhelmed the technology industry. The sponsors of the bill are touting this as a way to protect jobs, while opponents point out the entire Web economy would never have developed under such restrictions. Worse, if SOPA passes with its vague language, the relatively small amount of music and film jobs (potentially) saved will pale beside the number of jobs lost as the Web (potentially) grinds to a halt.
http://www.itworld.com/it-management...a-restrictions





House Judiciary Committee Refuses To Hear Wider Tech Industry Concerns About SOPA
Mike Masnick



Ever since SOPA was introduced, we'd heard that the eventual House Judiciary Committee hearings on the bill would be an unfairly stacked deck. Despite such wide opposition to the bill, and the fact that this represents a massive change to the regulatory and technological framework of the internet, we'd been told, repeatedly, that the hearings would be set up with three representatives in favor of the bill, and just one against. Apparently, the supporters of the bill are simply too afraid to actually listen to that many concerns and have to surround themselves with "yes men" to think they're doing the right thing.

Turns out that the decks are being even further stacked.

Today, we're hearing that the head of NetCoalition, who many people expected to represent the wider tech and internet industry's significant concerns about SOPA has been denied a seat at the hearings. This is the same group that has been requesting a seat at the negotiating table all along, and has been denied by the MPAA and its supporters. Basically, the decks are being stacked so far in favor of SOPA, that next week's hearing will be a total joke. We're even hearing rumors that it will now be 4 representatives in favor of SOPA, and no one who will represent the wider concerns of the internet industry that's about to be regulated. Instead, the committee is looking for someone who will only raise some specific narrow concerns about the bill.

I guess I have a simple question: just what are Reps. Lamar Smith, John Conyers and Bob Goodlatte afraid of? Are they really so fragile that they can't handle the idea that the wider internet industry is seriously worried about this bill? Must they only hear from those who helped write the bill in the first place? What kind of democracy is that?
http://www.techdirt.com/articles/201...out-sopa.shtml





Chief Sponsor Wavers on Web Censorship Bill in Charged Hearing
David Kravets

House Judiciary Committee Chairman Rep. Lamar Smith, R-Texas, right, accompanied by Senate Judiciary Committee Sen. Patrick Leahy, D-Vt., discuss their efforts to modify the internet's workings to fight copyright and tradmark infringement in a news conference Monday, April 4, 2011,. (AP Photo/J. Scott Applewhite)

Legislation that would prevent Americans from visiting websites the government claims are violating copyright rules had a tumultuous first hearing Wednesday, with its main sponsor unexpectedly expressing reservations over the bill’s scope.

Rep. Lamar Smith (R-Texas), one the chief sponsors of the bill, expressed uncertainty over allowing the Justice Department to obtain court orders demanding that American ISPs prevent users from visiting blacklisted websites. ISPs receiving such orders would have to alter records in the net’s system for looking up website names, known as DNS.

The House bill also allows the Justice Department to order search sites like Google to remove an allegedly “rogue” site from its search results.

“I’m not a technical expert on this,” the chairman of the committee said, adding moments later: “I’m trying to ferret this out.” When he introduced the package last month, however, he pronounced that the bill was needed because “Rogue websites that steal and sell American innovations have operated with impunity.”

In a marathon, 3.5-hour hearing before the 38-member House Judiciary Committee, lawmakers debated among themselves and with a panel of six witnesses, five of which favored the Stop Online Piracy Act. The committee took no immediate action, but it was apparent that the 79-page measure is likely to be amended, in no small part, due to a backlash from the tech community.

Much of the package is similar to a stalled Senate measure known as the Protect IP Act.

Both proposals amount to the holy grail of intellectual-property enforcement that the recording industry, movie studios and their union and guild workforces have been clamoring for since the George W. Bush administration under the theory that online copyright infringement is destroying American jobs.

Smith, who said “everybody in this panel is committed to fighting piracy,” noted commentary from internet security experts concerned over the fallout if the Justice Department begins ordering American internet service providers to stop giving out the correct DNS entry for an infringing website under the .com, .org and .net domains.

Putting false information into the DNS system — the equivalent of the net’s phonebook — would be ineffective, frustrate security initiatives and lead to software workarounds, according to a paper co-signed by security experts Steve Crocker of Shinkuro, David Dagon of Georgia Tech, Dan Kaminsky of DKH, Danny McPherson of Verisign and Paul Vixie of Internet Systems Consortium.

“These actions would threaten the Domain Name System’s ability to provide universal naming, a primary source of the internet’s value as a single, unified, global communications network,” they wrote.

In other words, the bill would break the internet’s universal character and hamper U.S. government-supported efforts to rollout out DNS-SEC, which is intended to prevent hackers from hijacking the net through fake DNS entries.

The bill’s big-pocketed proponents weren’t moved by those arguments.

Michael O’Leary, Motion Picture Association of America vice president, told Smith that, “it’s a concern, but frankly overstated.”

Rep. Zoe Lofgren (D-California) whose district includes Silicon Valley, expressed alarm that Google was the only company invited to testify against the bill. Google was peppered over and again by lawmakers asking why it it doesn’t simply stop rendering infringing sites in search results.

“The search engines are not capable of actually censoring the World Wide Web,” Lofgren said. “We need to go after people committing crimes.”

Katherine Oyama, Google’s policy council, responded at one point:

“We don’t control the World Wide Web,” she said, adding that Google does not know what sites are hosting infringing content unless the rights holder tells Google. When that happens, she said, Google usually stops displaying results pointing to that particular page within six hours.

The MPAA’s O’Leary countered later that, on a Google search, the in-theater-only movie J-Edgar has “a better chance that the Pirate Bay is going to end up ahead of Netflix” on a Google search.

Google, Facebook, LinkedIn, AOL, Yahoo, eBay, Mozilla, the Electronic Frontier Foundation, the American Civil Liberties Union and a host of other groups and companies oppose the measure, saying the bill will break the internet as we know it.

Not all members of the committee said the legislation needed work.

Rep. Bob Goodlatte (R-Virginia) said, “This is a good bill.”

Rep. Mel Watt (D-North Carolina) expressed some reservations, but said legislation was needed.

“Doing nothing is not an option,” he said. “Not only are online privacy and counterfeiting drains on our economy, they expose consumers to fraud, identity theft, confusion and to harm.”

John Clark, the security chief for Pfizer, testified that counterfeit drug sales run rampant on the internet.

“I see counterfeited medicines as attempted murder,” he said.

Troubling to Rep. Maxine Waters (D-California) was how the bill described what sites could be targed, those “dedicated to infringing activity.”

The House bill allows rights holders to demand that online ad services and credit card companies stop working with an allegedly infringing sites. The copyright holder need only allege the site is “dedicated to infringing activity” — as say Viacom alleges about YouTube, and if the ad service or credit card company does not quickly sever ties, they can be held liable. No court approval is needed to send such a letter.

“It imposes harsh, arbitrary sanctions without due process,” Google’s Oyama said.

Smith’s measure also grants the U.S. attorney general sweeping powers to block the distribution of workarounds, such as the MafiaaFire plugin on the Firefox browser, that let users navigate to sites that have been blacklisted or had their domain name seized.

Smith asked witness Maria Pallante, the U.S. Registrar of Copyrights, what she meant by her testimony that if “Congress does nothing,” the “U.S. copyright system will ultimately fail.”

“I don’t think,” Pallante said, “that’s an overstatement.”

It’s not clear how the copyright system is failing given that the Netflix streaming service counts more than 21 million subscribers, accounting for the largest share of peak internet traffic every night; that YouTube is paying millions out to copyright holders; and an increasing number of people get their online music from paid and ad-supported services such as Pandora, Spotify, Rdio, Amazon and iTunes.
http://www.wired.com/threatlevel/201...klisting-bill/





At Web Censorship Hearing, Congress Guns for "Pro-Pirate" Google
Nate Anderson

The House Judiciary Committee today held an important hearing on the Stop Online Piracy Act with a hugely stacked deck of witnesses—Google's lawyer was the only one of the six to object to the bill in a meaningful way. And it wasn't hard to see why. This wasn't a hearing designed to elicit complex thoughts about complex issues of free speech, censorship, and online piracy; despite the objections of the ACLU, dozens of foreign civil rights groups, tech giants like Google and eBay, the Consumer Electronics Association, China scholar Rebecca MacKinnon, hundreds of law professors and lawyers, the hearing was designed to shove the legislation forward and to brand companies who object as siding with "the pirates."

How low was the level of debate? The hearing actually descended to statements like "the First Amendment does not protect stealing goods off trucks" (courtesy of the AFL-CIO's Paul Almeida).

Right from the start, the knives were out for Google. Committee Chairman Lamar Smith (R-TX) made it only halfway through his opening statement before asserting that "one of the companies represented here today has sought to obstruct the Committee’s consideration of bipartisan legislation. Perhaps this should come as no surprise given that Google just settled a federal criminal investigation into the company’s active promotion of rogue websites that pushed illegal prescription and counterfeit drugs on American consumers."

SOPA would require search engines, payment processors, ISPs, and ad networks to block access to "rogue websites" on a judge's order. While critics have raised serious concerns about how this could affect the Internet's domain name system, affect free speech, and sweep in a host of legal sites, the bill's backers suggested that it was really just about money. Google didn't want to stop piracy because it made so much money from it.

"Given Google’s record, their objection to authorizing a court to order a search engine to not steer consumers to foreign rogue sites is more easily understood," Smith said. (Much later in the hearing, a fired-up Zoe Lofgren [D-CA] said that "impugning the motives of the critics rather than engaging in the substance is a mistake" and that she was troubled by the panel's makeup.)

As for the panelists, most portrayed SOPA as eminently reasonable. And hey, if SOPA breaks something as important as the move to the more secure DNSSEC protocol, no problem—we can just rewrite the protocol.

"This argument [that SOPA will harm DNSSEC deployment] conveniently ignores not only the history of the creation of DNSSEC but also the very nature of Internet protocols, which is simply this: when new developments or circumstances require changes to these codes, the codes change," said MPAA's Michael O'Leary. Putting Hollywood in charge of setting Internet protocol standards: what could possibly go wrong?

It was up to Google alone to make the argument that SOPA's definition of "rogue sites" is poor, that its remedies are extreme, and that plenty of legitimate sites could be targeted. One has only to think of YouTube, which even without SOPA is being sued by Viacom for $1 billion and would certainly have been hammered years ago under SOPA's crazy language (sites can be dismantled under SOPA if they take "deliberate actions to avoid confirming a high probability of the use of the US-directed site to carry out acts" of infringement. What does that even mean? And how does it fit with existing robust safe harbors for user-uploaded content sites?)

O'Leary of the MPAA smirkingly took on his (largely absent) opponents by saying that SOPA critics were engaged in hypocritical hyperbole and were pro-piracy—as though the long history of the US content industries had just disappeared down the memory hole (Jack Valenti, anyone? The VCR as Boston Strangler? The reason "Hollywood" is in California at all? Rampant 18th and 19th century book piracy? Attacks on HDTV? Attacks on the DVR? Attacks on MP3 players?)

Not every penalty fits every crime

Groups that weren't invited to speak at the hearing vented afterwards. "This lack of speaking and listening has been a continued frustration and led to such a flawed bill," said CCIA chairman Ed Black. "I’d liken it to killing mosquitoes with an uzi, but at least the uzi hits its target. This bill will fail to actually stop traffic to infringing sites and will Balkanize Internet traffic, sending the real pirates to foreign DNS servers that can’t easily be monitored."

The Consumer Electronics Association, which was apparently denied a chance to participate in the hearing, also pulled no punches. "The bill attempts a radical restructuring of the laws governing the Internet," said CEO Gary Shapiro. "It would undo the legal safe harbors that have allowed a world-leading Internet industry to flourish over the last decade. It would expose legitimate American businesses and innovators to broad and open-ended liability. The result will be more lawsuits, decreased venture capital investment, and fewer new jobs. The significant potential harms of this bill are reflected by the extraordinary coalition arrayed against it. Concerns about SOPA have been raised by Tea Partiers, progressives, computer scientists, human rights advocates, venture capitalists, law professors, independent musicians, and many more. Unfortunately, these voices were not heard at today's hearing."

Over in the Senate, people like Ron Wyden (D-OR) watched the "not entirely fair and balanced" hearing with horror. Wyden, who helped author the key Internet safe harbors that have keep sites like Google, Yahoo, and eBay from being sued out of oblivion for the actions of others, submitted a statement of his own. "We took the opportunity to pass a law that said that neutral parties on the net are not liable for the actions of bad actors," he wrote. "So now, as we again debate Web censorship, let's ask ourselves: what next generation of innovations won't be realized if we backtrack on that principal now? Yes, the Internet needs reasonable laws and bad actors need to be pursued, but the freedoms of billions of individual Internet users should not be sacrificed in the interest of easing that pursuit."

Perhaps the irony in all this is that Hollywood itself emerged from a world of piratical behavior to become a dominant American industry—but draconian IP enforcement could have stagnated the industry for decades. In the same way, today's piracy problems can certainly be dealt with in a much more measured fashion; protecting Hollywood now simply can't be worth killing off the next YouTube. As for the truly bad actors, even Google supports measures to go after their sources of revenue with a court order.
http://arstechnica.com/tech-policy/n...ate-google.ars





A Look At The Testimony Given At Today's SOPA Lovefest Congressional Hearings... With A Surprise From MasterCard
Mike Masnick

We already know that today's SOPA hearings for the House Judiciary Committee are totally stacked in favor of the bill. But with the hearings getting underway, we wanted to dive in and look at what's about to be said. Most of the testimony leaked out yesterday, allowing us to spend some time going through it -- it's all embedded below. However, here's a taste of what's going to be said... with some additional commentary (of course).

First up, the most troubling of all: Maria Pallante, the Register of Copyrights (aka, Head of the US Copyright Office). She should be here to defend the public and to make sure that massive regulatory capture by a couple of stagnant industries doesn't happen. But, that's not how the Copyright Office rolls. Instead, her testimony is basically the US Chamber of Commerce's key talking points (perhaps not a surprise, since the main lobbyist at the US Chamber who's in charge of shepherding this bill into law only recently worked at the US Copyright Office). If you had hoped for some reasoned argument about pushing back on the massive excesses of SOPA and the broad definitions, you're not going to get it from Pallante.

It is my view that if Congress does not continue to provide serious responses to online piracy, the U.S. copyright system will ultimately fail. The premise of copyright law is that the author of a creative work owns and can license to others certain exclusive rights – a premise that has served the nation well since 1790. Congress has repeatedly acted to improve enforcement provisions in copyright law over the years, including in the online environment. SOPA is the next step in ensuring that our law keeps pace with infringers....

[....]

The response provided by SOPA is serious and comprehensive. It requires all key members of the online ecosystem, including service providers, search engines, payment processors, and advertising networks, to play a role in protecting copyright interests – an approach I endorse. Combating online infringement requires focus and commitment. It should be obvious that we cannot have intermediaries working at cross-purposes.

In other words, the successful tech industry should be hindered and shackled because my friends in Hollywood are too clueless to adjust their business models. Really?

SOPA is also measured. It appropriately provides much broader tools and flexibility to the Attorney General than it provides to copyright owners. This is a sound policy choice at this time. The Department of Justice has experience fighting online infringers, will use resources carefully, must exercise prosecutorial discretion in bringing actions, and must plead its case to the court and obtain a court-issued order before proceeding. Put another way, while the copyright industries are extremely important (and certainly a point of pride with respect to the U.S. economy), SOPA recognizes that many sectors rely on, invest in, and contribute to the success of the Internet.

Almost none of that is accurate. It is not measured. It is vague, broad and dangerous. The Justice Department's "experience" going after infringers has been to take down websites with no notice based on false info from copyright holders... and then to threaten those who seek to appeal with criminal charges. This is not "using resources carefully," it's government sponsored censorship.

It is for this reason that SOPA puts only limited tools in the hands of copyright owners, and provides the Attorney General with the sole authority to seek orders against search engines and Internet service providers. This is not to say that we should not continue to assess Internet piracy and the impact of SOPA or whether additional measures or adjustments may be needed. Indeed, SOPA assigns ongoing studies to the Copyright Office and the Intellectual Property Enforcement Coordinator for these very purposes. But I do think SOPA provides the right calibration at this time.

First off, the "limited tools" include the ability to completely cut off funding to any website based solely on accusations. Perhaps I learned a different language from Pallante, but that's hardly "limited."

Furthermore, how the hell can she say that this is "the right calibration," when even she admits this issue has not been studied yet? The bill is completely "shoot first, measure later," with no details on how it's effectiveness -- or harmfulness -- will be measured.

As with any legislation, SOPA deserves and can only benefit from a robust discussion. As the Committee works to further improve and refine the bill, I know it will fully consider a variety of perspectives and suggestions, including from my fellow witnesses. This said, I believe that Congress has a responsibility to protect the exclusive rights of copyright owners, and I urge the Committee to move forward with this in mind.

Yes, a robust discussion that leaves out nearly everyone opposed to the bill, and only allows a single party -- one easily dismissed -- to speak about concerns on the bill. A robust discussion that leaves out public interest groups, despite Copyright's entire purpose being for the benefit of the public. This is a shameful bit of testimony from the Head of the Copyright Office, and one that guarantees her a tarnished legacy in her role.

From there, she goes on to defend the US blacklist of sites the Attorney General decides are dedicated to infringement by (1) repeating the US Chamber's debunked talking points, (2) praising ICE's highly questionable domain seizures, which are currently being litigated (a fact she conveniently ignores) and (3) quoting (of course) Floyd Abrams, leaving out that he was paid by the MPAA to give that opinion. Even worse, she quotes the really questionable part of his claim:

It also bears repeating that injunctions are not at odds with the First Amendment. As noted First Amendment scholar Floyd Abrams has observed, they are "a longstanding, constitutionally sanctioned way to remedy and prevent copyright violations."

This is true, but highly misleading. Injunctions are allowed against those infringing. But that's not what SOPA is about. SOPA is about issuing injunctions on innocent third parties. That's what we're concerned about. And for Pallante to ignore that point is really unfortunate.

She then goes on to defend the private right of action to kill off websites based on a single accusation. She claims, laughably, that because the private right of action only leads to injunctions, rather than monetary rewards, there's little incentive to abuse. Wait. Is Ms. Pallante totally ignorant of the past decade plus of the DMCA? The DMCA takedown process also is basically about blocking content and not about monetary relief, and yet it's widely abused, with some estimates suggesting that over 30% of DMCA takedowns are questionable. The problem with SOPA (totally ignored again) is that unlike the DMCA -- which targets the specific content -- SOPA will kill off entire sites.

Even more stunning: rather than suggesting that such abuses may come from copyright holders sending bogus takedowns, she worries instead that payment processors and ad networks may ignore such takedowns -- and hints that if anything, the bill may need refinement on that front. Whoa. It's like an alternative universe where everything is mirrored. Again, we know what happens. We have the less draconian DMCA already and see how widely it's abused. And we see that those who receive takedowns generally abide by them.

Speaking of the DMCA, she pretends -- totally against the text of the actual bill -- that nothing in SOPA will impact the DMCA. This is hilarious. Why would anyone use the DMCA to take down a specific piece of content when they can now kill off an entire site using SOPA? Amusingly, she points to the fact that payment providers and ad networks face no monetary liability under SOPA... but ignores that just two paragraphs above, she was hinting that perhaps the law should be changed to include such liability to make sure they comply. This is the ultimate in cynical, obnoxious politics. Put in that one clause that makes you able to pretend something is reasonable (no monetary punishment!) and then be ready to remove that the second the bill is in place.

Finally, she talks about how "pleased" she is that SOPA turns streaming into a felony. Apparently Pallante would prefer people no longer stream videos any more. Has she even used the internet? Amusingly, she cites YouTube as an example of a legal source for streaming... ignoring the fact that under SOPA, YouTube likely wouldn't have even existed. It's as if she doesn't even understand the bill she's supporting and what it will do to the technology world.

And people wonder why so many Americans think copyright law is a joke? Perhaps they should look at the Copyright boss.

Next, we've got MPAA VP Michael O'Leary. His testimony is really worthy of having been written in Hollywood, seeing as it kicks off with a tearjerker of a story about the poor, poor stunt coordinator, "who depends on the residual payments he earns to help support his wife and three children between productions." Of course, the rest of the world doesn't get to sit back and get a check for work they did in the past, but actually has to keep working to support their families. Of course, how much do random key grips, stunt coordinators and boom mic operators (the favorites for these multi-millionaires to exploit in this kind of way) really make from residuals? It's a lot less than these kinds of testimonies suggest.

O'Leary continues to pull at heart strings, by trying to rope all sorts of other businesses into the movie and TV industry including (I'm not joking) the dry cleaners that serve the cast and crew on location. Apparently, without movies, dry cleaners go out of business. Think of the poor dry cleaners!

Of course, you could easily counter with thousands of small businesses built on the internet and through technology that will be stifled by SOPA. Ignoring this and pretending that only the movie industry sends money flowing through the economy is ridiculous. Anyone with a bit of common sense should see through the ploy. Unfortunately, this is testimony before Congress.

O'Leary continues to spin yarns. Next up, he suggests that the real reason people use computers, mobile phones or gaming systems is to watch a movie or TV show. This is the way Hollywood has always viewed the internet, by the way. They think it's a broadcast medium, whose main purpose is to supply professionally created content to the masses. That's why SOPA makes sense to them. They don't realize that such uses are pretty far down the chain of reasons why people use the internet. The internet is a communications medium first. But you wouldn't know that to hear O'Leary spin. You see, the internet is really just an "important avenue" for delivering movies and TV shows, and it should be locked down for all other uses, I guess.

Then there's this:

First, it is clear from the language of H.R. 3261 that it is meant to apply only to rogue websites, and not to legitimate platforms. The definitions in the bill are very narrow and rooted in longstanding Supreme Court precedent with which U.S. based sites must already comply.

I'm sorry, but he must have a different copy of the bill. The one I read says that you can be declared a rogue website if the primary functions of your site "enable" or "facilitate" infringement. That applies to pretty much every site that allows any sort of user-generated content.

Later, O'Leary (as he's done in the past) mocks the concerns of the very architects of DNS about how SOPA will create massive online security problems -- a view supported by tons of independent review. We heard rumors that the MPAA was adamant with the Judiciary Committee that DNS blocking had to remain in the bill, and made it clear that they would run cover by mocking those who highlight this as being technically incompetent. That's on display here. O'Leary basically says, "if SOPA breaks your little DNSSEC project, well, just fix it."

Opponents point to the DNSSEC code and claim that it is not compatible with the site blocking or filtering technology envisioned by H.R. 3261. This argument conveniently ignores not only the history of the creation of DNSSEC but also the very nature of Internet protocols, which is simply this: when new developments or circumstances require changes to these codes, the codes change. Any software engineer will tell you that no development process stops at version 1.0. Today is no different.

This level of total ignorance concerning the technology in question should actually be exhibit A for why DNS shouldn't be touched in this bill. This isn't a "fixable" problem. The requirements of SOPA make DNSSEC impossible. That's the point.

Given his level of ignorance of technology, he then doubles down, by insisting that -- contrary to nearly the entire tech industry's claims -- SOPA wouldn't stifle innovation or investment in tech. His "evidence" is the fact that the tech industry has complained about other expansions of copyright in the past.

Except... what he misses is that the complaints in the past were either accurate (plenty of innovation was stifled due to changes in copyright law -- just look how long it took to get from Napster to Spotify, for example) or those complaints helped shape the parts of those laws that mitigated the problems. For example, many of the complaints that people point to concerning the DMCA were what forced the safe harbors to be added to the DMCA. It's pretty obnoxious to point to the complaints that resulted in softening the impact of the DMCA as evidence that we shouldn't complain at all.

And, really, if we're going to be crying "chicken little," O'Leary really shouldn't be the first to throw stones. As we've detailed, it's his industry (and, quite frequently, his employer specifically) who have a much longer and more hyperbolic history of claiming that the sky is falling -- including in his testimony today, where he cites all sorts of ridiculous and debunked stats about how much trouble piracy is causing his industry... an industry that continues to set records at the box office every single year.

Next up, we've got Pfizer's Chief Security Officer, John Clark. He talks about the threats and problems of counterfeit medicines, something that no one denies is a problem. Oh, and his previous job? Working for ICE, of course. Much of his testimony covers case studies of counterfeit drugs rings that were found and prosecuted under existing law. It's not quite clear why we need SOPA since existing law seems to be working. The main complaint is that existing law doesn't punish people enough -- such as a case where someone received "only" 78 months in jail for counterfeit drugs. Nowhere in his testimony does he actually address what's in SOPA. Seriously. All he does is talk about how they need greater punishment for counterfeit drugs. Um, great. So have someone write a bill that actually does that. Not one that has broad powers to shut down legitimate websites around the globe on a whim.

Then we've got Paul Almeida, from the AFL-CIO. The AFL-CIO's involvement is often used to show how this bill "protects workers." Except there's little evidence to actually support that... and don't expect to hear any such evidence from Almeida either. Almeida makes three key points, all of which are misleading or inaccurate. Let's go through them:

First, strengthening protections for U.S. intellectual property helps American workers, jobs, incomes, and benefits. Theft of intellectual property raises unemployment and cuts income.

In the immortal words of the internet: [citation needed]. We've yet to see any credible evidence to support this, and tons of evidence suggesting the exact opposite. Even the very framers of US copyright law made it quite clear that such monopolies should be used rarely and with a light touch, because if they're too strong, they harm American workers, jobs, incomes and benefits.

Second, counterfeit goods endanger workers, both as workers and as consumers.

Except, again, the actual evidence suggests that the rates of counterfeiting are massively exaggerated, as is the "harm" of counterfeiting. Yes, there are some cases where there is definite harm. But those are pretty rare. Many cases of counterfeiting involve people knowingly buying fake products, as an aspirational buy -- with studies showing that many later buy the real products when they can afford them. In such cases, there is no harm. That said, we don't deny there are cases where harm does occur. But if that's the problem, let's write a law that focuses narrowly on that harm. SOPA is not that law.

Even more ridiculous? His "support" for this claim is the story of 18,500 counterfeit smoke detectors distributed in Atlanta. It's no coincidence that one of the major supporters of this bill used that very same story in our own comments recently. Which allowed commenter Josh to totally dismantle the story, and show that it had absolutely nothing to do with "rogue sites," but rather a government duped into buying counterfeit detectors. In other words, this has nothing to do with SOPA. At all.

Okay, let's take it up a notch on the ridiculous scale. Almeida apparently reads Techdirt. But rather than recognizing that the counterfeit smoke detector story has nothing to do with rogue websites, he accuses us of defamation, for mocking firefighters for being pro-SOPA. Well, we stand by our point. Firefighters aren't experts on copyright law or on innovation, and their complaint about bogus smoke detectors? It's got absolutely nothing to do with SOPA. But, thanks for quoting us in a Congressional hearing.

Third, freedom of speech is not the same as lawlessness on the Internet. There is no inconsistency between protecting an open Internet and safeguarding intellectual property.

Totally misleading (to the point of being intellectually dishonest). No one is defending "lawlessness on the Internet." Believe it or not, there's a range between "lawlessness on the Internet" and "putting up tools that lead to massive collateral damage on legitimate sites and speech." No one is saying that stopping infringement hurts free speech. What we're saying is that the overreach of this law will hinder free speech, either blocking it directly or stopping important services that enable free speech.

Moving on... we've got Linda Kirkpatrick from MasterCard. As noted yesterday, Visa is actually officially against these bills, which makes this one at least somewhat interesting, because the story we'd been hearing was that MasterCard was in favor of them. But Kirkpatrick's testimony is actually kind of surprising. While we expected it to be very pro-SOPA... it turns out that she's very concerned about the massive compliance and liability costs of the bill. Kirkpatrick explains how MasterCard works, and goes to great lengths to say it's against the company's policy to use its cards for any transactions that break the law. And it already has an existing anti-piracy policy, which allows law enforcement and rights holders to bring such infringement using its cards to the company's attention. It then explains its investigation and notification policy. This is all very interesting... and basically makes an anti-SOPA point: given that MasterCard already does this, why does it need SOPA? In fact, it's only real comments on SOPA itself are to note that the five day period to respond to the private right of action is way too short for MasterCard to respond appropriately:

Upon receiving a copy of an order or receiving notice from a rights holder, there are many circumstances that may arise which make a five-day window to complete the required actions not workable for a four-party payment network, such as MasterCard. For example, simply identifying the acquirer for an Internet site may take several days depending upon how long it takes for the alleged infringer to submit payments to its acquirer. The process becomes even more complex if the acquirer does not respond or asks for an extension because of local jurisdiction or other issues. Additionally, providing the merchant an opportunity to respond (in the case of a notice from a rights holder) also requires time. Moreover, confirming that a merchant may no longer accept payment from our brand for an infringing product may also take time. MasterCard is committed to begin this process within five days. However, MasterCard urges the Committee not to set an artificial deadline for the performance of a specific action as it may present impossible compliance challenges in some circumstances.

And also that the seven day response to injunctions is too short:

Under the bill, service of a copy of a court order by a rights holder on a payment network provider would trigger an obligation of the payment network provider to file with the court a certification of receipt not later than seven days after service. In MasterCard’s view, this obligation would impose material costs on payment network providers without a commensurate benefit. The process would require additional employee resourcing, the retention of qualified local counsel, and the payment of any applicable court fees. Moreover, the bill provides a rights holder the ability to seek the imposition of monetary sanctions on a payment network provider that does not comply with the court certification process, even though rights holders also have a remedy if a payment network provider does not take the required measures in response to a court order. The certification and sanctions approach is at odds with the cooperative approach that MasterCard and others have taken in their efforts to work together against online intellectual property piracy through the best practices and, in the case of MasterCard, our Anti-Piracy Policy.

She's also worried about the liability that can be placed on payment providers. This is especially interesting, because so many SOPA defenders -- including Pallante -- continually hammer on the fact that there's no additional liability for payment processors. However, MasterCard says that's not clear at all:

...it is important that the bill be clarified regarding the liability protection for payment network providers that receive notice from a rights holder of an allegedly infringing Internet site. While the bill contemplates that a rights holder may pursue a court order against such a site if a payment network provider does not complete certain required actions within the five-day window of time, the bill does not provide that the pursuit of such a court order is a rights holder’s sole remedy in that context. It is vitally important to MasterCard that it not face a claim from a rights holder for failing to take action on a rights holder’s notice when the rights holder has an ability to seek a court order against the allegedly infringing site and has the ability to enforce the bill against a payment network provider that has received a copy of the court order and not fulfilled its obligations under the bill related to the court order.

It actually goes on in this way for a while. Basically, this is the surprise of the hearing. MasterCard was expected to be pro-SOPA, but instead highlights the massive liability and compliance costs that are likely to come from the bill.

So that's the basics of what will be heard at today's hearings. I'm sure we'll be back later on with more details of the questions and discussions. Unfortunately, with the deck so stacked, it's unlikely we'll learn that much new...
http://www.techdirt.com/articles/201...stercard.shtml





UK Internet Blacklist Censors Fileserve File-Hosting Service
Ernesto

UK users of the popular Fileserve file-hosting service are currently unable to download any files as the site is being blocked by the Internet Watch Foundation. Since early this week the blacklist, which aims to disable access to sexual child abuse content, has been preventing users from accessing their personal files and downloading those uploaded by others. Fileserve expects the issue to persist for at least a couple of days.

With hundreds of millions of page views each month, Fileserve is listed among the 10 most-visited file-sharing sites on the Internet. The site allows users to store files in the cloud for personal use or subsequent sharing with the rest of the world.

For the past several days, however, many Fileserve users from the UK have noticed they are unable to download files to their computers using the service.

Initially, users got a standard error message that the download could not be completed, but yesterday users got an updated message telling them that their downloads are being blocked by the Internet Watch Foundation (IWF).

Internet Watch Foundation is a self-regulatory body that maintains a list of URLs that point to sexual child abuse and criminally obscene adult content. This list is used by all major UK Internet providers to prevent their subscribers from accessing these files. Unfortunately, however, the blacklist sometimes takes out legitimate services as well.

Fileserve users who try to download a file now see the following message which suggests that upgrading to a premium account will solve the problem, but TorrentFreak has learned that this is not the case. Premium users are also blocked.

Commenting on the issue, Fileserve confirms that a recent addition to the IWF blacklist is indeed causing problems for UK users. Although Fileserve expects that it will be eventually resolved, the file-hoster doesn’t think this will happen on short notice.

“Once again IWF has put Fileserve into watch list until further investigation from their side is done. It is not expected to be lifted within the next few days. IWF for UK is being very thorough in filtering Fileserve users,” the file-hoster informed one of their users.

“Please be reminded that it is not our will to have our UK users suffer from this, our Tech team are now looking into possible solution in getting around this IWF issue,” they added.

At this point little is known about the origin of the problem. It is clear that IWF has started to block one or more Fileserve URLs, but why all downloads are affected remains unknown. This is not the first time that the IWF blacklist has rendered legitimate content unavailable though.

In 2008 the blacklist censored the Wikipedia entry for the album “The Virgin Killer” from the German band Scorpions. This page was reported to IWF by a member of the public, and only after Wikipedia appealed twice did the IWF board decide to take it off the list.

Early January 2009 Archive.org’s Wayback Machine was entirely blocked by a UK ISP because one of the pages was listed on the IWF blacklist. This time the problem was due to conflicting incoming headers at Archive.org, beyond the control of IWF or the ISP.
The above suggests that Fileserve’s problems don’t necessarily have to result from a reconfigured blacklist.

In a week where Internet Censorship is a hot topic, the above is yet another reason why baking censorship tools into law has to be done wisely. In the case of Fileserve the IWF blacklist has rendered their site completely unusable to hundreds of thousands of UK users, something that may cost them if the problem persists.

TorrentFreak contacted the Internet Watch Foundation for a comment, and we will update this article when a response comes in.
https://torrentfreak.com/uk-internet...ervice-111118/





Universal Music Sues Insurer To Pay For Its Copyright Infringement
Michael Geist

Earlier this year, the four primary members of the Canadian Recording Industry Association (now Music Canada) - Warner Music Canada, Sony BMG Music Canada, EMI Music Canada, and Universal Music Canada - settled the largest copyright class action lawsuit in Canadian history by agreeing to pay over $50 million to compensate for hundreds of thousands of infringing uses of sound recordings. While the record labels did not admit liability, the massive settlement spoke for itself.

The Canadian case has now settled, but Universal Music has filed its own lawsuit, this time against its insurer, who it expects to pay for the costs of the settlement. National Union Fire Insurance Company has refused, understandably taking the position that the liability reflects Universal Music's own use of copyright works for which it promised to set aside money for future payment. As the Hollywood Reporter notes:

UMG put out albums without artist permission, held back royalties from these artists, and then finally paid out when faced with a much bigger legal threat. Now, even though the settlement money seems to cover what was claimed and acknowledged to be owed to artists, UMG is using the guise of a copyright claim to recover the money from its insurer.

Perhaps this represents an innovative new business model - profit from infringing on tens of thousands of copyrights and then look to an insurance policy to cover the expense. Needless to say, if Universal Music is successful, this will presumably encourage infringing activities for anyone with insurance policies (ie. businesses, universities, even some homeowner policies) that could engage in risk-free conduct secure in the knowledge that an insurer would cover potential liability.
http://www.michaelgeist.ca/content/view/6131/125/





Artists Call CBS the Chief Copyright Pirate
Iulia Filip

Dozens of recording artists accuse CBS Interactive and its subsidiary CNET Networks of promoting "massive infringement" of copyright by offering free downloads of file-sharing software specifically designed for media piracy. They claim CBS and CNET were the main distributors of the "infringement engines," and made a fortune in ad revenue from their "pay per download" screens.

The artists compare CBS' and CNET's inducement to violate copyright with LimeWire and Napster, which were "sued into oblivion" for their copyright violations.

"Over the last decade, countless websites and 'file sharing' or peer-to-peer ('P2P') software programs - from Napster, in 2001, to LimeWire in 2010 - have been sued into oblivion because a multitude of courts have found that they were essentially engines of infringement, designed with the specific aim of knowingly encouraging, inducing and/or assisting others in direct copyright infringement of artists' works, and profiting thereby," the complaint states.

"As a result of these lawsuits, an overwhelming number of these file-sharing sites are now completely inactive and their founding companies are bankrupt. Yet, for most if not all of this time, one particular group of businesses - led by defendants CBS Interactive and CNET - have knowingly and willingly participated in and profited mightily from the same massive infringement that engendered large copyright suits against Napster and LimeWire and that ultimately crippled them financially. And they have done so with impunity.

"In fact, because they owned a number of the most heavily visited sites in the world for downloading software of all types, defendants did more to further this massive infringement than Napster or LimeWire ever could by falsely legitimizing it and popularizing it to the masses.

"As recently as 2010, one could access a legitimate portion of defendants' sites and download non-infringing, licensed software such as Quickbooks accounting software or Adobe Acrobat, and could during the same shopping session download the LimeWire infringement engine, which was clearly intended to be downloaded for infringing purposes. This ambiguity worked even further to defendants' advantage by making it seem to the casual consumer that a LimeWire download had the same legitimacy as a download of licensed office software.

"In essence, defendants have taken music piracy from the dorm room to the board room. Thus, while other companies faced heavy statutory penalties and went bankrupt, and music labels banded together to levy practically unconscionable penalties on unemployed college students and housewives, defendants quietly made billions by inducing those same individuals to break the law, by providing them the software to do it, and then by giving even the least computer-savvy a step-by-step guide as to how to do it."

For more than 10 years, the plaintiffs say, CBS, through its website CNET, has offered free downloads of several peer-to-peer software programs (also called clients), such as BitComet, Morpheus, KaZaa and Frostwire, which were designed primarily for copyright infringement, with built-in features that allow users to search for media on websites dedicated to piracy. The file-sharing networks let users transfer files from one another's hard drives and locate music and video files by artist name, album, genre and other criteria.

The complaint states: "Defendants furthered the massive infringement carried out through the P2P applications they distributed and popularized by providing detailed reviews that included information regarding the suitability of the clients for copyright infringement as well as instructions and tips on how to use the P2P software to infringe. On cnet.com, Download.com, and other CBS interactive-owner websites, the defendants offered videos, articles, and other media that instructed how to use P2P software to locate pirated copies of copyrighted works and remove electronic protections placed on digital music files in order to prevent infringement."

The artists say CBS and CNET actively encouraged copyright infringement, in web postings, videos and radio shows, and offered infringement tools to "users that they knew to be actively and unlawfully copying plaintiffs' works," such as Napster's former customers.

"Far from being innocent purveyors of 'sharing' technologies co-opted by an international piracy community, defendants were in fact among the architects and developers of that international piracy community and received billions in profits from their efforts," the artists say.

They add: "The underlying irony in this case is that, despite its endemic inducement of the infringement of plaintiffs' songs, defendants' parent, CBS, does not hesitate to cast itself as a defender of intellectual property rights when it concerns its own financial interests. For example, defendants' parent company, CBS, routinely harasses individuals and small websites which post small portions of its own programming with 'cease and desist' letters threatening crushing litigation. When that does not work, it does not hesitate to sue."

The artists say the defendants' hypocrisy is evident in the conduct of CNET's co-founder and former CEO Shelby Bonnie, who served on the Board of Directors of Warner Music Corporation, a prominent member of the RIAA (Recording Industry Association of America), while the RIAA sued LimeWire for copyright infringement.

At the same time, the plaintiffs say, "CNET made a fortune distributing millions of copies of LimeWire and other file-sharing software designed to infringe."

After a federal judge shut down LimeWire for massive copyright infringement in May 2010, the defendants stopped distributing LimeWire and similar Gnutella applications, but continued to promote and distribute newer, even harder to detect infringing technology, such as BitTorrent applications.

The complaint adds that BitTorrent, which has been downloaded about 100 million times from the defendants' websites, has become a popular means of transferring files online and "one of the preferred means of digital piracy."

The artists say CBS and CNET made billions from their pay-per-download program and from ads on popular download websites that encourage copyright infringement.

What's more, they say, the defendants discouraged users from downloading applications that prevented infringement.

The artists add: "Defendants' activities vis a vis P2P software is especially egregious, given that CBS defendants own the rights to a massive catalog of television programming and other intellectual property that has been and continues to be persistently infringed over the same P2P networks it helped assemble and grow through CNET and Download.com. Defendants made a cynical decision to attempt to recapture whatever profits were lost through the infringement arising from P2P networks by profiting from the popularity of those networks through Download.com and CNET P2P revenues. By helping construct, expand and preserve the P2P networks, defendants did much more than 'recoup' their (self-inflicted) losses from digital piracy, but rather directly and massively profited from the infringement of all the artists whose work was illegally shared on P2P networks. Defendants never offered to share any of the income made from their promotion of infringement with plaintiffs or any other copyright owners whose work was persistently infringed by P2P systems distributed and promoted by defendants." (Parentheses in complaint.)

The artists seek an injunction and damages for inducement of copyright infringement and contributory and vicarious copyright infringement.

Plaintiffs include film producer Alkiviades David, record company Sugar Hill Music, and various hip-hop and R&B artists.

They are represented by Jaime Marquart with Baker Marquart.
http://www.courthousenews.com/2011/11/16/41492.htm





Is Boxee's Live TV Dongle Enough to Kill Cable?
John Paul Titlow

The capability to watch live TV that was rumored to be coming to the Boxee Box last week is indeed real and the $50 USB dongle required to do it will start shipping early next year, the company confirmed today.

The Live TV stick, as they're calling it, is simply a way to build a bridge between your Boxee Box and an HD antenna (sold separately), which of course can pick up all the basic local channels in HD for free. This allows viewers to enjoy their Web-based streaming content and jump over to live TV broadcasts without fiddling with different inputs on their TV sets.

Is This Enough to Challenge Cable?

Boxee is very deliberately marketing this move by framing it as a call-to-arms against cable companies and their high-priced subscriptions. As Boxee CEO Avner Ronen points out, nearly 90% of the most-watched shows from last year were broadcast on networks like NBC, Fox, CBS and ABC. For the few popular shows that are only available on cable, Ronen argues, consumers are paying way too much.

Is the Live TV stick enough to make the Boxee Box palatable for mainstream consumers? It certainly makes it a more attractive option, but it probably won't kill the cable subscription anytime soon. Sports fanatics, for instance, will probably stick with the myriad viewing options cable offers them.

Plus, there's still a bunch of content that isn't readily available outside the cable box. Take HBO. The premium channel offers a way to watch online, and it even works on set top boxes like Boxee's. But in order to use HBO Go, one needs to subscribe to a cable or satellite provider.

It's worth noting that Google TV set-top boxes support live TV viewing as well, and the first generation of those devices haven't exactly flown off the shelves.
Consumers Are Moving Away From Cable, But Slowly

Still, the number of U.S. cable subscribers has begun to slowly erode, and that trend is expected to continue. Part of the reason may be a tight economy, but as Ronen points out, it's also because viewer's habits and expectations have changed significantly, thanks in large part to services like Hulu, Netflix, Vudu and YouTube. No longer can many consumers justify paying as much as $100 per month for a selection of content in which they're mostly disinterested.

So, things are certainly moving toward a world in which bloated cable packages are less of a must-have for consumers, and the Web offers an increasingly viable alternative, perhaps coupled with broadcast content and maybe even basic cable. We'll see what Apple has to offer in this space, probably next year. If their track record with tablets, smartphones and MP3 players is any indication, Apple could turn television on its head, depending on how they disruptive they are in designing and marketing the product.

For a certain segment of consumers, solutions like Boxee are a great fit, and upgrades like this only make them more attractive. It may not wreck the cable business overnight, but we suspect that as long as the set-top box and smart TV manufacturers keep innovating and making the cord easier to cut, the cable TV business as we know it won't be around forever.
https://www.readwriteweb.com/archive...kill_cable.php





Stanton: Steve Jobs Wanted Own Network with Unlicensed Spectrum

Apple's Steve Jobs wanted his own network that would use unlicensed spectrum rather than rely on mobile operators
Nancy Gohring

Steve Jobs initially hoped to create his own network with the unlicensed spectrum that Wi-Fi uses rather than work with the mobile operators, said wireless industry legend John Stanton.

Stanton, currently chairman at venture capital firm Trilogy Partners, said he spent a fair amount of time with Jobs between 2005 and 2007. "He wanted to replace carriers," Stanton said of Jobs, the Apple founder and CEO who passed away recently after a battle with cancer. "He and I spent a lot of time talking about whether synthetically you could create a carrier using Wi-Fi spectrum. That was part of his vision."

Stanton spoke late in the day on Monday at the Law Seminars International event in Seattle.

He said that after around 2007, Jobs gave up on the idea. But Jobs still managed to have a major impact on wireless operators, Stanton said.

"If I were a carrier, I'd be concerned about the dramatic shift in power that occurred," he said.

Companies like Apple and Google, which develops Android, sell a variety of software and services that capture revenue streams that might have otherwise gone to the operators.

He advised operators to take some chances with new phones and services rather than invest too heavily in established offerings. Sprint, for instance, has been criticized for making a $15.5 billion four-year deal with Apple to sell the iPhone.

U.S. Cellular, however, has revealed that it decided that it would not be a good investment to similarly take on the iPhone.

When Stanton was head of Voicestream, the operator that became T-Mobile, his company invested in Danger, the company that invented the Sidekick and whose developers went on to build Android. It also had a small investment in Research In Motion. "We had investments in those spaces because in part we were the little guy and we wanted access to unique devices," he said. The Sidekick had a very dedicated following.

Stanton was the first employee at McCaw Cellular, the first nationwide mobile phone company that became AT&T Wireless. He later started Western Wireless, a rural mobile operator that started Voicestream, which was purchased by Deutsche Telekom to become T-Mobile. Western Wireless was purchased by Altel.
http://www.itworld.com/networking/22...ensed-spectrum





Internet Architects Warn of Risks as Ultrafast Networks Mushroom
Quentin Hardy

If nothing else, Arista Networks proves that two people can make more than $1 billion each building the Internet and still be worried about its reliability.

David Cheriton, a computer science professor at Stanford known for his skills in software design, and Andreas Bechtolsheim, one of the founders of Sun Microsystems, have committed $100 million of their money, and spent half that, to shake up the business of connecting computers in the Internet’s big computing centers.

As the Arista founders say, the promise of having access to mammoth amounts of data instantly, anywhere, is matched by the threat of catastrophe. People are creating more data and moving it ever faster on computer networks. The fast networks allow people to pour much more of civilization online, including not just Facebook posts and every book ever written, but all music, live video calls, and most of the information technology behind modern business, into a worldwide “cloud” of data centers. The networks are designed so it will always be available, via phone, tablet, personal computer or an increasing array of connected devices.

Statistics dictate that the vastly greater number of transactions among computers in a world 100 times faster than today will lead to a greater number of unpredictable accidents, with less time in between them. Already, Amazon’s cloud for businesses failed for several hours in April, when normal computer routines faltered and the system overloaded. Google’s cloud of e-mail and document collaboration software has been interrupted several times.

“We think of the Internet as always there. Just because we’ve become dependent on it, that doesn’t mean it’s true,” Mr. Cheriton says. Mr. Bechtolsheim says that because of the Internet’s complexity, the global network is impossible to design without bugs. Very dangerous bugs, as they describe them, capable of halting commerce, destroying financial information or enabling hostile attacks by foreign powers.

Both were among the first investors in Google, which made them billionaires, and, before that, they created and sold a company to the networking giant Cisco Systems for $220 million. Wealth and reputations as technology seers give their arguments about the risks of faster networks rare credibility.

More transactions also mean more system attacks. Even though he says there is no turning back on the online society, Mr. Cheriton worries most about security hazards. “I’ve made the claim that the Chinese military can take it down in 30 seconds, no one can prove me wrong,” he said. By building a new way to run networks in the cloud era, he says, “we have a path to having software that is more sophisticated, can be self-defending, and is able to detect more problems, quicker.”

The common connection among computer servers, one gigabit per second, is giving way to 10-gigabit connections, because of improvements in semiconductor design and software. Speeds of 40 gigabits, even 100 gigabits, are now used for specialty purposes like consolidating huge data streams among hundreds of thousands of computers across the globe, and that technology is headed into the mainstream. An engineering standard for a terabit per second, 1,000 gigabits, is expected in about seven years.

Arista, which is based here, was built with the 10-gigabit world in mind. It now has 250 employees, 167 of them engineers, building a fast data-routing switch that could isolate problems and fix them without ever shutting down the network. It is intended to run on inexpensive mass-produced chips. In terms of software and hardware, it was a big break from the way things had been done in networking for the last quarter-century.

“Companies like Cisco had to build their own specialty chips to work at high speed for the time,” Mr. Bechtolsheim said. Because of improvements in the quality and capability of the kind of chips used in computers, phones and cable television boxes, “we could build a network that is a lot more software-enabled, something that is a lot easier to defend and modify,” he said.

For Mr. Cheriton, who cuts his own hair despite his great wealth, Arista was an opportunity to work on a new style of software he said he had been thinking about since 1989.

No matter how complex, software is essentially a linear system of commands: Do this, and then do that. Sometimes it is divided into “objects” or modules, but these tend to operate sequentially.

From 2004 to 2008, when Arista shipped its first product, Mr. Cheriton developed a five million-line system that breaks operations into a series of tasks, which when completed, other parts of the program can check on and pick up if everything seems fine. If it does not, the problem is rapidly isolated and addressed. Mr. Bechtolsheim worked with him to make the system operate with chips that were already on the market.

The first products were sold to financial traders looking to shave 100 nanoseconds off their high-frequency trades. Arista has more than 1,000 customers now, including telecommunications companies and university research laboratories.

“They have created something that is architecturally unique in networking, with a lot of value for the industry,” says Nicholas Lippis, who tests and evaluates switching equipment. “They built something fast that has a unique value for the industry.”

Kenneth Duda, another founder, said, “What drives us here is finding a new way to do software.” Mr. Duda also worked with Mr. Cheriton and Mr. Bechtolsheim at Granite Systems, the company they sold to Cisco. “The great enemy is complexity, measured in lines of code, or interactions,” he said. In the world of cloud computing, “there is no person alive who can understand 10 percent of the technology involved in my writing and printing out an online shopping list.”

Not surprisingly, Cisco, which dominates the $5 billion network switching business, disagrees.

“You don’t have to reinvent the Internet,” says Ram Velaga, vice president for product management in Cisco’s core technology group. “These protocols were designed to work even if Washington is taken out. That is in the architecture.”

Still, Cisco’s newest data center switches have rewritten software in a way more like Arista’s. A few products are using so-called merchant silicon, instead of its typical custom chips. “Andy made a bet that Cisco would never use merchant silicon,” Mr. Velaga says.

Mr. Cheriton and Mr. Bechtolsheim have known each other since 1981, when Mr. Cheriton arrived from his native Canada to teach at Stanford. Mr. Bechtolsheim, a native of Germany, was studying electrical engineering and building what became Sun’s first product, a computer workstation.

The two became friends and intellectual compatriots, and in 1994 began Granite Networks, which made one of the first gigabit switches. Cisco bought the company two years later.

With no outside investors in Arista, they could take as long as they wanted on the product, Mr. Bechtolsheim said.

“Venture capitalists have no patience for a product to develop.” he said. “Pretty soon they want to bring in their best buddy as the C.E.O. Besides, this looked like a good investment.”

Mr. Cheriton said, “Not being venture funded was definitely a competitive advantage.” Besides, he said, “Andy never told me it would be $100 million.”
https://www.nytimes.com/2011/11/14/t...nnect.html?hpw





Putting the Brakes on Web-Surfing Speeds
Kevin J. O'Brien

State-of-the-art Web surfing, for all of its breathtaking speed, can be baffling. A favorite page gets hung up. A data-intensive application, like playing a video or downloading large files, stutters or stops. Is it the telecommunications operator? Is it the Web site? Is it the smartphone or the computer? Or just a sign of Internet thrombosis?

Krishna Gummadi, the head of the Networked Systems Research Group at the Max Planck Institute for Software Systems, in Saarbrücken, Germany, says the blame often lies with the telecom operator, which is selectively slowing broadband speeds to keep traffic flowing on its network, using a sorting technique called throttling.

In 2008, Mr. Gummadi and a graduate student, Marcel Dischinger, developed a free software gauge that detected whether broadband service was being throttled by a network operator. The software, called Glasnost after the Russian word for “openness,” has been downloaded and used by 1.5 million people around the world since then.

Glasnost mimics data transfers using the Bit Torrent file-sharing protocol, and then measures whether operators are slowing uploads and downloads. Consumers around the world have used it to test the service of landline broadband operators. Glasnost only works on a few smartphones so far.

The latest results, based on 121,247 tests run from January through October, suggest that throttling is being done everywhere in the world. The results for each operator may not be representative, for several reasons. The sample sizes for each operator vary, from 36,000 in the case of NTT Docomo of Japan, to just a hundred for smaller ones. There is also a 4 percent to 5 percent chance of “false positives” — indications that throttling is being done when it is not.

But that aside, Glasnost cast light on the practice of throttling, which operators are reluctant to discuss in detail beyond confirming, in standard service contracts, that they use it.

In the United States, throttling was detected in 23 percent of tests on telecom and cable-television broadband networks, less than the global average of 32 percent. The U.S. operators with higher levels of detected throttling included Insight Communications, a cable-television operator in New York, Kentucky, Indiana and Ohio, where throttling was detected in 38 percent of tests; and Clearwire Communications, where throttling was detected in 35 percent of the tests.

Throttling was detected in 18 percent of tests on Verizon’s landline network and in 30 percent of tests run on AT&T WorldNet Services, the company’s consumer broadband network. Throttling on AT&T’s business network, SBIS-AS AT&T Internet Service, was 18 percent.

In Europe, throttling appeared to be most common in Britain. Slowing was detected on 74 percent of tests done on BT’s British regional network. Positive tests for throttling also exceeded 50 percent for six other British operators: NTL, Opal Telecom, Telewest Broadband, Carphone Warehouse Broadband Service, Tiscali U.K. and Pipex.

In France, throttling appeared to be less common. Positive tests didn’t exceed 21 percent among France Télécom’s Orange service, Neuf Cegetel, Numericable and Proxad. In Germany, it was even rarer, at levels of less than 16 percent for almost every operator including Deutsche Telekom. (I tested Glasnost on my Deutsche Telekom network in Berlin and it showed no throttling.) The one exception: Kabel Deutschland, the biggest’s domestic cable TV operator, showed throttling detected in 44 percent of 393 tests.

In Japan, NTT Docomo employed throttling in 49 percent of 471 tests, according to Glasnost. GigaInfra Broadband and Vectant had positive tests in 30 percent and 38 percent of tests, respectively. In Canada, where the population is much more spread out, and networks must cover vast territory, throttling appeared more common. It was measured in 85 percent of tests on Rogers Communications’ network and 64 percent of tests on Bell Canada.

In other parts of the world, frequent throttling was detected in smaller operators, which often have less money to build high-capacity networks. Those included: the Dubai-based Emirates Integrated Telecommunications, operator of the Du network, with 90 percent; Toya, a cable operator in Lodz, Poland, with 88 percent; TeleCentro of Argentina, with 87 percent; RLE Elisa in Estonia, with 85 percent; ASN AtHome, a Hong Kong-based cable TV operator, with 83 percent; TM Net of Malaysia, with 78 percent; Magix of Singapore, 63 percent; Cabo TVM of Portugal, 62 percent; and Bezeq of Israel, 59 percent.

Former monopolies like Telefónica of Spain, Telecom Italia, KPN of Netherlands, Telstra of Australia, Telia of Sweden, Belgacom of Belgium and Eircom of Ireland, which all still operate the largest landline networks in their countries, generally used throttling less frequently — perhaps because they didn’t have to, on their extensive networks.

Their rates of detected throttling, respectively, according to Glasnost, were: 19 percent for Telefónica and Telecom Italia, 18 percent for KPN, 34 percent for Telstra, 14 percent for Telia, 13 percent for Belgacom and 15 percent for Eircom.

In general, the Glasnost results suggest that telecom and cable TV operators, when they do use throttling, do so mostly to suppress bandwidth hogs and ensure a reasonable experience for all of their customers. Mr. Dischinger, now a computer engineer in Innsbruck, Austria, said throttling was much more commonly used by operators of mobile phone networks, which have much less capacity than landline grids.

But with operators starting to sell superfast landline broadband service for heavy data users, such as Deutsche Telekom’s high-speed fiber-to-the-home service, the competition for bandwidth — and the need for throttling — will only increase, Mr. Dischinger said.

“I highly doubt it can go on forever,” Mr. Dischinger said. “I cannot envision with the current network infrastructure they have that operators can continue to support people in the long term without more investment.”
https://www.nytimes.com/2011/11/14/t...ng-speeds.html





Anti-Hacking Law Criminalizes Most Computer Users, Former Prosecutor Says
Kim Zetter

The nation’s premier anti-hacking law poses a threat to the civil liberties of millions of Americans who use computers and the internet and could lead to the arrest and prosecution of many users who violate the law on a regular basis, says a former federal prosecutor who wants the Computer Fraud and Abuse Act revised.

“In the Justice Department’s view, the CFAA criminalizes conduct as innocuous as using a fake name on Facebook or lying about your weight in an online dating profile. That situation is intolerable,” says Orin Kerr, George Washington University law professor and a former federal prosecutor in the Justice Department’s Computer Crime and Intellectual Property Section in the Criminal Division.

Currently, the law punishes anyone who “intentionally … exceeds authorized access, and thereby obtains information from any protected computer.”

Kerr is testifying on Tuesday before the House Judiciary Committee’s Subcommittee on Crime, Terrorism, and Homeland Security, and is asking Congress to amend the law to narrow how prosecutors can interpret what it means to exceed authorized access on a computer.

When the legislation was first enacted in the 1980s, it specifically targeted computer hacking and other computer misuse, Kerr argues in a written version of the testimony (.pdf) he plans to give. But since then, Congress has broadened the statute significantly four times, expanding the law’s reach and rendering it “unconstitutionally vague.”

The law as it currently stands allows prosecutors to criminally prosecute users for violating an internet service provider’s terms of service agreement, something that would normally be a breach of contract issue handled in civil court rather than through criminal prosecution.

In 2008, federal prosecutors used this exact interpretation of the CFAA when they charged Missouri resident Lori Drew under the law in order to punish her for her role in a cyberbullying incident that led a teenage girl to commit suicide.

Prosecutors argued that Drew was guilty under the CFAA for violating MySpace’s terms-of-service agreement in setting up a fraudulent account that was used to bully the teenage girl. The government argued that violating MySpace’s terms of service was the legal equivalent of computer hacking.

Drew was convicted on misdemeanor charges, but a judge subsequently threw out the verdict on grounds that the CFAA was constitutionally vague and that upholding the verdict would set a precedent for anyone who breaches similar contracts to be criminally prosecuted.

Kerr was part of Drew’s defense team as pro-bono co-counsel.

Prosecutors also used the CFAA last year to charge a ring of online ticketbrokers who wrote a script to circumvent CAPTCHA challenges used by TicketMaster and other ticket vendors to detect and slow down computers attempting to purchase large numbers of tickets.

Prosecutors asserted that bypassing CAPTCHA constituted unauthorized access of ticket-seller servers. U.S. District Judge Katharine S. Hayden allowed the case to proceed, saying, “The Court is satisfied that the indictment sufficiently alleges the elements of unauthorized access and exceeding authorized access under the CFAA, and sufficiently alleges conduct demonstrating defendants’ knowledge and intent to gain unauthorized access.”

The defendants ultimately pleaded guilty to one count of conspiracy to commit wire fraud and hacking.

In arguing that the statute needs to be revised, Kerr is calling on Congress to follow the Senate’s lead. The Senate Judiciary Committee recently approved an amendment to a pending bill that would limit the interpretation of exceeding authorized access under the CFAA. Per the amendment, it would ‘‘not include access in violation of a contractual obligation or agreement, such as an acceptable use policy or terms of service agreement, with an Internet service provider, Internet website, or non-government employer, if such violation constitutes the sole basis for determining that access to a protected computer is unauthorized.”

Kerr says this would still allow prosecutors to pursue cases against government employees for misusing sensitive government databases, but would not sweep in an entire class of other people for merely violating a contractual agreement with a web site or their ISP.
http://www.wired.com/threatlevel/201...law-too-broad/





CommBank Wants to Cash in on Your Social Networking
Nate Cochrane

Would you allow your bank to guard your social gate?

How much do you like or trust your bank? Enough to let it hold the key to your online life?

What you share online, plus your spending, investing and saving habits, are the new currency in the battle for your loyalty if the chief information officer of the Commonwealth Bank is any guide.

Speaking at the Australian Information Security Association's annual conference in Sydney last week, Michael Harte said Australia's biggest deposits holder was shaping up for a showdown with Facebook, Amazon, Apple, eBay, Google and other non-traditional and emerging financial providers.

In a hypothetical future world, Harte says the bank will offer a futures market by way of discounts in return for more investment in its products. The catch is customers' social media and other online transactions would transit the bank's portal.

The offer is financially seductive. Harte says the bank will use any savings it extracts from providers and from its own products to pay up front in cash into customers' accounts.

This will increase "liquidity", Harte says, which benefits the bank.

Presumably, such a system also relies on providers such as utilities and rival financial institutions signing on as channel partners, and the bank taking a clip on each product it sells.

At the same time, by having greater access to your Facebook and other social media interactions, it can sell or use that information for marketing purposes.

Owning such a huge chunk of an online persona - the bank will charge higher fees to those who don't accept its offer or who have money elsewhere - creates huge switching costs should the customer wish to defect.

But US-based security analyst Bruce Schneier warns that organisations that create big switching costs are less interested in their customers' wellbeing. He says that phone number portability, which was bitterly fought by US telcos (and was resisted in Australia for years), was an example of providers seeking to extract monopoly rents. Australian banks have also thrown up barriers to account-number portability.

Security specialists IT Pro spoke to at the AISA conference were also unconvinced by the Commonwealth Bank's thinking.

But Harte may be on to something, after all. There is no doubt that social media interactions are emerging as a powerful currency. Qualitative analysis of social data - such as television viewing preferences and content sharing habits, when aggregated over a big-enough base provides quantitative, statistical insights that can be used to improve marketing.

"If you share that personal data you can create enormous value," Harte says. "And that's what we're trying to do in financial services, we're trying to understand in a very intimate way the relationship - loyalty, risk, behaviour and preference data so that we can create value ... for commercial or private consumers."

He says that information allows the bank to offer "in every single transaction the best price to that person or entity more accurately than anybody else".

"And offer something that's specific to their needs rather than offer them something vanilla and generalised."

All this data and the estimated growth over the next few years causes its own problems - how to store and secure it? That's a huge cost to the bank and a fear as great as upstarts squeezing the bank out of its customers' affections.

Harte says the bank spends $2 billion a year to operate its back office, $1.3 billion on IT and $650 million on "capital equipment that doesn't confer any competitive advantage".

Harte laments that people will "sacrifice their privacy for convenience", especially younger customers just starting their careers. He can get this loyalty back that was once the province of the banks by offering smarter, real-time services, he says.

"We've invested over $5 billion in the last five years on upgrading most of our infrastructure, applications and network capability to ensure all those transactions are performed in real time," he says.

"Our modernisation project will finish next year to offer real-time banking across commercial and consumer products. We're increasingly trying to move more of that infrastructure investment to third parties (cloud providers)."

The issue of a bank or any company - be that Google, PayPal, Facebook and so on - owning customer interactions is that they don't work for the customer; customers are a commodity they trade with other indifferent organisations on a global futures market.
But it opens the door for a new breed of financial adviser to work for the customer, providing much the same services, presumably for the benefit of their customer. At least in theory.

The solution may lie in an open-source project to "eavesdrop" on your online activities, you choosing to provide only as much information as you wish and retaining rights to all the data held locally or in a cloud repository that you own and control.

Already, social networks provide programming "hooks" - known in boffin parlance as application programming interfaces (API). These, and website scraping, could be the building blocks for such a personalised broking service to generate a new type of credit score.

Then it would be a matter of going to market with your score and soliciting bids for your business.

In that universe, Commonwealth Bank becomes just another customer of your services. Imagine a legion of individuals all trading their own worth on global futures markets, being rent takers instead of rent givers?

And that would likely be the banks' worst nightmares come true.
http://www.smh.com.au/it-pro/busines...111-1nasr.html





Rushdie Runs Afoul of Web’s Real-Name Police
Somini Sengupta

The writer Salman Rushdie hit Twitter on Monday morning with a flurry of exasperated posts. Facebook, he wrote, had deactivated his account, demanded proof of identity and then turned him into Ahmed Rushdie, which is how he is identified on his passport. He had never used his first name, Ahmed, he pointed out; the world knows him as Salman.

Would Facebook, he scoffed, have turned J. Edgar Hoover into John Hoover?

“Where are you hiding, Mark?” he demanded of Mark Zuckerberg, Facebook’s chief executive, in one post. “Come out here and give me back my name!”

The Twitterverse took up his cause. Within two hours, Mr. Rushdie gleefully declared victory: “Facebook has buckled! I’m Salman Rushdie again. I feel SO much better. An identity crisis at my age is no fun.”

Mr. Rushdie’s predicament points to one of the trickiest notions about life in the digital age: Are you who you say you are online? Whose business is it — and why?

As the Internet becomes the place for all kinds of transactions, from buying shoes to overthrowing despots, an increasingly vital debate is emerging over how people represent and reveal themselves on the Web sites they visit. One side envisions a system in which you use a sort of digital passport, bearing your real name and issued by a company like Facebook, to travel across the Internet. Another side believes in the right to don different hats — and sometimes masks — so you can consume and express what you want, without fear of offline repercussions.

The argument over pseudonyms — known online as the “nym wars” — goes to the heart of how the Internet might be organized in the future. Major Internet companies like Google, Facebook and Twitter have a valuable stake in this debate — and, in some cases, vastly different corporate philosophies on the issue that signal their own ambitions.

Facebook insists on what it calls authentic identity, or real names. And it is becoming a de facto passport vendor of sorts, allowing its users to sign into seven million other sites and applications with their Facebook user names and passwords.

Google’s social network, Google+, which opened up to all comers in September, likewise wants the real names its users are known by offline, and it has frozen the accounts of some perceived offenders.

But Google has indicated more recently that it will eventually allow some use of aliases. Vic Gundotra, the Google executive responsible for the social network, said at a conference last month that he wanted to make sure its “atmosphere” remained comfortable even with people using fake names. “It’s complicated to get this right,” he said.

Twitter, by sharp contrast, follows a laissez-faire approach, allowing the use of pseudonyms by WikiLeaks supporters and a prankster using the name @FakeSarahPalin, among many others. It does consider deceitful impersonation to be grounds for suspension.

The debate over identity has material consequences. Data that is tied to real people is valuable for businesses and government authorities alike. Forrester Research recently estimated that companies spent $2 billion a year for personal data, as Internet users leave what the company calls “an exponentially growing digital footprint.”

And then there are the political consequences. Activists across the Arab world and in Britain have learned this year that social media sites can be effective in mobilizing uprisings, but using a real name on those sites can lead authorities right to an activist’s door.

“The real risk to the world is if information technology pivots to a completely authentic identity for everyone,” said Joichi Ito, head of the Media Lab at the Massachusetts Institute of Technology. “In the U.S., maybe you don’t mind. If every kid in Syria, every time they used the Internet, their identity was visible, they would be dead.”

Of course, people have always used pseudonyms. Some, like Mark Twain, are better known by their fake names. Some use online pseudonyms to protect themselves, like victims of abuse. Still others use fake names to harass people.

Facebook has consistently argued for real identity on the grounds that it promotes more civil conversations.

“Facebook has always been based on a real-name culture,” said Elliot Schrage, vice president of public policy at Facebook. “We fundamentally believe this leads to greater accountability and a safer and more trusted environment for people who use the service.”

Real identity is also good for Facebook’s business, particularly as it moves into brokering transactions for things like airline tickets on its site.

Company executives are aware of the difficulties of policing a site with 800 million active users. Plenty of people get away with using fanciful names. And enforcing the real-name policy can present real-life complications. Wael Ghonim, the celebrated Egyptian blogger, used a fake name to set up a popular anti-Mubarak Facebook page. That led Facebook to briefly shut its Arabic version in the middle of the Tahrir Square demonstrations, until a woman in the United States agreed to take it over.

Twitter, on the other hand, has vigorously defended the use of pseudonyms, bucking demands most recently from British government officials who pressed for a real-names policy in the aftermath of the civil unrest across Britain.

“Other services may be declaring you have to use your real name because they think they can monetize that better,” said Twitter’s chief executive, Dick Costolo. “We are more interested in serving our users first.”

At the same time, Twitter is vying with Google and Facebook to be something of a passport authority on the Web. Facebook has the widest reach, offering easy access to sites that deliver things like instant messaging and news. Spotify and MOG, two music sites, require new users to log in with their Facebook identities. This allows those sites to show users what their Facebook friends are listening to.

For consumers, this approach can be a mixed blessing. It means not having to keep track of different passwords for different sites. It also means sharing data about what they are doing online with these emerging “identity intermediaries,” as Chris Hoofnagle, a law professor at the University of California, Berkeley, calls them.

“It’s convenient,” Mr. Hoofnagle said. “But do you want Facebook and Google to know where you’re going?”

As for Facebook’s crackdown on Mr. Rushdie, the company would not explain how it happened but admitted it was a mistake. “We apologize for the inconvenience this caused him,” Facebook said in a statement.

Mr. Rushdie, who once lived incognito because of death threats, has more recently been busy revealing himself on Twitter. He had to fight for his online name there as well. An imposter was using the Twitter handle @SalmanRushdie earlier this year, and Mr. Rushdie had to ask the company for help reclaiming it. Now his page bears Twitter’s blue “Verified Account” checkmark and quotes Popeye: “I yam what I yam and that’s all that I yam.”
https://www.nytimes.com/2011/11/15/t...o-decides.html





Andy Baio: Think You Can Hide, Anonymous Blogger? Two Words: Google Analytics
Andy Baio

Last month, an anonymous blogger popped up on WordPress and Twitter, aiming a giant flamethrower at Mac-friendly writers like John Gruber, Marco Arment and MG Siegler. As he unleashed wave after wave of spittle-flecked rage at “Apple puppets” and “Cupertino douchebags,” I was reminded again of John Gabriel’s theory about the effects of online anonymity.

Out of curiosity, I tried to see who the mystery blogger was.

He was using all the ordinary precautions for hiding his identity — hiding personal info in the domain record, using a different IP address from his other sites, and scrubbing any shared resources from his WordPress install.

Nonetheless, I found his other blog in under a minute — a thoughtful site about technology and local politics, detailing his full name, employer, photo, and family information. He worked for the local government, and if exposed, his anonymous blog could have cost him his job.

I didn’t identify him publicly, but let him quietly know that he wasn’t as anonymous as he thought he was. He stopped blogging that evening, and deleted the blog a week later.

So, how did I do it? The unlucky blogger slipped up and was ratted out by an unlikely source: Google Analytics.

Reverse Lookups

Typically, Google will only reveal a user’s identity with a federal court order, as they did with a Blogger user who harassed a Vogue model in 2009.

But anonymous bloggers are at serious risk of outing themselves, simply by sharing their Google’s Analytics ID across the sites they own.

If you’re watching your pageviews, odds are you’re using Google to do it. Launched in 2005, Analytics is the most popular web statistics service online, in use by half of Alexa’s top million domains.

For the last few years, online SEO tools have published Analytics and AdSense IDs for the domains they crawl publicly, typically for competitive intelligence, such as ferreting out your competitor’s other websites.

But in the last year, several free services such as eWhois and Statsie have started offering reverse lookup of Analytics IDs. (Most also allow searching on the Google AdSense ID, though I wasn’t able to find an anonymous blogger sharing an AdSense ID across two sites.)

Finding anonymous bloggers from Analytics is less likely than other methods. It’s still more likely that someone would slip up and leave their personal info in their domain or share a server IP than to share a Google Analytics account. But it’s also more accurate. Hundreds or thousands of people can share an IP address on a single server and domain information can be faked, but a shared Google Analytics is solid evidence that both sites are run by the same person.

And unlike any other method, it can unmask people using hosted blogging services. Tumblr, Typepad and Blogger all have built-in support for Google Analytics, though reverse lookup services haven’t comprehensively indexed them. (Note that Wordpress.com doesn’t support Analytics or custom Javascript, so their users aren’t affected.)

Just to be clear, this technique isn’t new. The first Google Analytics reverse lookup services started in 2009, so the technique’s been possible for at least two years. My concern is that it isn’t nearly well-known enough. It’s not mentioned in any guide to anonymous blogging I could find and several established bloggers, engineers, and entrepreneurs I spoke to were unaware of it.

Unmasking an anti-Mac blogger may not be life-changing, but if you’re an anonymous blogger writing about Chinese censorship or Mexican drug cartels, the consequences could be dire.

I decided to see how pervasive this problem is. Using a sample of 50 anonymous blogs pulled from discussion forums and Google news, only 14 were using Google Analytics, much less than the average. Half of those, about 15% of the total, were sharing an analytics ID with one or more other domains.

In about 30 minutes of searching, using only Google and eWhois, I was able to discover the identities of seven of the anonymous or pseudonymous bloggers, and in two cases, their employers. One blog about Anonymous’ hacking operations could easily be tracked to the founder’s consulting firm, while another tracking Mexican cartels was tied to a second domain with the name and address of a San Diego man.

I’ve contacted each to let them know their potential exposure.

Protecting Yourself

Some of the most important and vital voices online are anonymous, and it’s important to understand how you’re exposed. Forgetting any of these can lead to lawsuits, firings, or even death.

If you’re aware of the problem, it’s very easy to avoid getting discovered this way. Here are my recommendations for making sure you stay anonymous.

1. Don’t use Google Analytics or any other third-party embed system. If you have to, create a new account with an anonymous email. At the very least, create a separate Analytics account to track the new domain. (From the “My Analytics Accounts” dropdown, select “Create New Account.”)
2. Turn on domain privacy with your registrar. Better, use a hosted service to avoid domain payments entirely.
3. If you’re hosting your own blog, don’t share IP addresses with any of your existing websites. Ideally, use a completely different host; it’s easy to discover sites on neighboring IPs.
4. Watch your history. Sites like Whois Source track your history of domain and nameserver changes permanently, and Archive.org may archive old versions of your site. Being the first person to follow your anonymous Twitter account or promote the link could also be a giveaway.
5. Is your anonymity a life-or-death situation? Be aware that any service you use, including your own ISP, could be forced to reveal your IP address and account details under a court order. Use shared computers and an anonymous proxy or Tor when blogging to mask your IP address. Here’s a good guide.

Stay safe.

http://www.wired.com/epicenter/2011/...nony-bloggers/





DOJ: Lying on Match.com Needs to be a Crime
Declan McCullagh

The U.S. Department of Justice is defending computer hacking laws that make it a crime to use a fake name on Facebook or lie about your weight in an online dating profile at a site like Match.com.

In a statement obtained by CNET that's scheduled to be delivered tomorrow, the Justice Department argues that it must be able to prosecute violations of Web sites' often-ignored, always-unintelligible "terms of service" policies.

The law must allow "prosecutions based upon a violation of terms of service or similar contractual agreement with an employer or provider," Richard Downing, the Justice Department's deputy computer crime chief, will tell the U.S. Congress tomorrow.

Scaling back that law "would make it difficult or impossible to deter and address serious insider threats through prosecution," and jeopardize prosecutions involving identity theft, misuse of government databases, and privacy invasions, according to Downing.

The law in question, the Computer Fraud and Abuse Act, has been used by the Justice Department to prosecute a woman, Lori Drew, who used a fake MySpace account to verbally attack a 13-year old girl who then committed suicide. Because MySpace's terms of service prohibit impersonation, Drew was convicted of violating the CFAA. Her conviction was later thrown out.

What makes this possible is a section of the CFAA that was never intended to be used that way: a general-purpose prohibition on any computer-based act that "exceeds authorized access." To the Justice Department, this means that a Web site's terms of service define what's "authorized" or not, and ignoring them can turn you into a felon.

On the other hand, because millions of Americans likely violate terms of service agreements every day, you'd have a lot of company.

A letter sent to the Senate in August by a left-right coalition including the ACLU, Americans for Tax Reform, the Electronic Frontier Foundation, and FreedomWorks warns of precisely that. "If a person assumes a fictitious identity at a party, there is no federal crime," the letter says. "Yet if they assume that same identity on a social network that prohibits pseudonyms, there may again be a CFAA violation. This is a gross misuse of the law."

Orin Kerr, a former Justice Department computer crime prosecutor who's now a professor of law at George Washington University, says the government's arguments are weak.

Kerr, who is also testifying tomorrow before a House Judiciary subcommittee, told CNET today that:

The Justice Department claims to have an interest in enforcing Terms of Use and computer use policies under the CFAA, but its examples mostly consist of cases in which the conduct described has already been criminalized by statutes other than the CFAA. Further, my proposed statutory fix (see the second proposal in my testimony) would preserve the government's ability to prosecute the remaining cases DOJ mentions while not raising the civil liberties problems of the current statute.

Kerr's testimony gives other examples of terms of service violations that would become criminal. Google says you can't use its services if "you are not of legal age to form a binding contract," which implies that millions of teenagers would be unindicted criminals. Match.com, meanwhile, says you can't lie about your age, criminalizing the profile of anyone not a model of probity.

"I do not see any serious argument why such conduct should be criminal," Kerr says.

The Justice Department disagrees. In fact, as part of a broader push to rewrite cybersecurity laws, the White House has proposed (PDF) broadening, not limiting, CFAA's reach.

Stewart Baker, an attorney at Steptoe and Johnson who was previously a Homeland Security assistant secretary and general counsel at the National Security Agency, has suggested that the administration's proposals to expand CFAA are Draconian. Uploading copyrighted YouTube videos twice "becomes a pattern of racketeering," with even more severe criminal penalties, "at least if Justice gets its way," Baker wrote.

In a kind of pre-emptive attack against Kerr's proposed fixes, the Justice Department's Downing says the CFAA properly criminalizes "improper" online activities.

"Businesses should have confidence that they can allow customers to access certain information on the business's servers, such as information about their own orders and customer information, but that customers who intentionally exceed those limitations and obtain access to the business's proprietary information and the information of other customers can be prosecuted," Downing's prepared remarks say.
http://news.cnet.com/8301-31921_3-57...to-be-a-crime/





Ilya Zhitomirskiy Dies at 22; Co-Founded Social Network
Paul Vitello

Ilya Zhitomirskiy, a co-founder of the start-up social network Diaspora*, which has been described as the “anti-Facebook” for its emphasis on personal privacy and decentralized data collection, died on Saturday at his home in San Francisco. He was 22.

The San Francisco police, in confirming his death, did not give the cause. Friends and associates of Mr. Zhitomirskiy said there were indications of suicide.

Mr. Zhitomirskiy was a student at New York University’s Courant Institute of Mathematical Sciences in 2010 when he and three fellow undergraduates conceived the idea for a Web-based community that would give users, rather than the Web site itself, control of the information they shared.

Instead of creating a central database like Facebook’s, where information about hundreds of millions of members is stored and mined for advertising and marketing purposes, their idea was to develop freely shared software that would allow every member of the network to “own” his or her personal information.

Mr. Zhitomirskiy, an impish self-styled radical, unicyclist and competitive ballroom dancer, was a member of the nascent liberation technology movement, which views the conglomeration of personal information by large corporate and government bodies as a threat to civil liberties and human rights.

He and his partners were inspired to start their project after attending a lecture in February 2010 by Eben Moglen, a Columbia Law School professor and an advocate of liberation technology, about the threat to privacy and social justice in Internet commerce.

Professor Moglen, who became acquainted with the Diaspora* founders, said Mr. Zhitomirskiy was the most idealistic of the group.

“He was an immensely talented and intent young mathematician,” Mr. Moglen said in an interview on Tuesday. “He had a choice between graduate school and this project, and he chose to do the project because he wanted to do something with his time that would make freedom.”

Ilya Alekseevich Zhitomirskiy was born on Oct. 12, 1989, in Moscow to Alexei and Inna Zhitomirskiy. His father and his grandfather Garri Zhitomirskiy are mathematicians. After the family moved to the United States in 2000, Mr. Zhitomirskiy attended public schools in Massachusetts, Louisiana and Pennsylvania, where his father found work teaching and later in business.

In addition to his parents and grandfather, Mr. Zhitomirskiy is survived by his grandmother Galina Fillippuk Zhitomirskiy, and a sister, Maria.

He attended college at Tulane University, the University of Maryland and N.Y.U. He was a semester shy of graduation when he and three friends at N.Y.U. — Maxwell Salzberg, Daniel Grippi and Raphael Sofaer — floated their idea for what they called a “personally controlled, do-it-all, open-source social network” on an Internet fund-raising platform called Kickstarter.

The concept for Diaspora* (the asterisk represents a seed from a dandelion seed head) struck a chord. Though they had originally intended to raise a modest sum, the partners received a flood of contributions, eventually totaling $200,000, from about 6,000 donors.

They moved to San Francisco, starting a prototype of the site (diasporafoundation.org) in the summer of 2010. The site was scheduled to become fully operational in the next few weeks.

In a September 2010 interview in New York magazine, Mr. Zhitomirskiy said the open platform model for Diaspora* would not make him and his partners rich.

“There’s something deeper than making money off stuff,” he said. “Being part of creating stuff for the universe is awesome.”
https://www.nytimes.com/2011/11/16/t...ies-at-22.html





Hiding Messages in VoIP Packets
Zeljka Zorz

A group of researchers from the Institute of Telecommunications of the Warsaw University of Technology have devised a relatively simple way of hiding information within VoIP packets exchanged during a phone conversation.

The called the method TranSteg, and they have proved its effectiveness by creating a proof-of-concept implementation that allowed them to send 2.2MB (in each direction) during a 9-minute call.

IP telephony allows users to make phone calls through data networks that use an IP protocol. The actual conversation consists of two audio streams, and the Real-Time Transport Protocol (RTP) is used to transport the voice data required for the communication to succeed.

But, RTP can transport different kinds of data, and the TranSteg method takes advantage of this fact.

"Typically, in steganographic communication it is advised for covert data to be compressed in order to limit its size. In TranSteg it is the overt data that is compressed to make space for the steganogram," explain the researchers. "The main innovation of TranSteg is to, for a chosen voice stream, find a codec that will result in a similar voice quality but smaller voice payload size than the originally selected."

In fact, this same approach can - in theory - be successfully used with video streaming and other services where is possible to compress the overt data without making its quality suffer much.

To effect the undetected sending of the data through VoIP communication, both the machine that sends it and the one that receives it must be previously configured to know that data packets marked as carrying payload encoded with one codec are actually carrying data encoded with another one that compresses the voice data more efficiently and leaves space for the steganographic message (click on the screenshot to enlarge it):

The method is efficient in sending and receiving the data, but in order to be considered good enough to use, it must be undetectable by outside observers.

According to the paper, the first thing can be accomplished whether VoIP phones or intermediate network nodes are used by one or both participant in the conversation, but the second one only if two VoIP phones are the sending and receiving nodes, since there is no change of format of voice payloads during the traversing of the network.
https://www.net-security.org/secworld.php?id=11952





Nations Could Cripple U.S. with Retaliatory Cyberattack

Last week Richard Clarke, a top adviser to three presidents, sounded a dire warning that the United States should avoid going to war with other nations because its computer networks systems are so vulnerable to attack.

The former top cybersecurity advisor to President George W. Bush, said he would advise the president from attacking other countries like China, North Korea, Iran, or Russia because they could all retaliate by launching a crippling cyberattack, destroying financial institutions, power grids, and transportation systems.

According to Clarke, a good national security advisor would tell the president that while the United States could launch a conventional attack, several countries have the capability to strike with a cyberattack and “the entire U.S. economic system could be crashed in retaliation … because we can’t defend it today.”

In addition, Clarke said the U.S. military is so reliant on computer systems that in a future conflict troops could reach the battlefield and realize “nothing works.”

“I really don’t know to what extent the weapon systems that have been developed over the last ten years have been penetrated, to what extent the chips are compromised, to what extent the code is compromised,” he said. “I can’t assure you that as you go to war with a cybersecurity-conscious, cybersecurity-capable enemy that any of our stuff is going to work.”

In recent years, Clarke has aggressively pushed the government in becoming more proactive in securing critical infrastructure and government networks from cyberattacks.
http://www.homelandsecuritynewswire....ry-cyberattack





U.S. Investigates Cyber Attack On Water System
Jim Finkle

Federal investigators are looking into a report that hackers managed to remotely shut down a utility's water pump in central Illinois last week, in what could be the first known foreign cyber attack on an industrial system on U.S. soil.

The November 8 incident was described in a one-page report from the Illinois Statewide Terrorism and Intelligence Center, according to Joe Weiss, a prominent expert on protecting infrastructure from cyber attacks.

State police investigators believe the hackers broke into the water utility's network by using credentials stolen from an undisclosed U.S. company that produces software to control industrial systems, said Weiss, who read excerpts from the report to Reuters over the phone.

"An information technology services and computer repair company checked the computer logs of the system and determined the computer had been hacked into from a computer located in Russia," Weiss said, quoting the report.

Illinois State police spokeswoman Monique Bond declined to comment.

The U.S. Department of Homeland Security and the Federal Bureau of Investigation are examining the matter, said DHS spokesman Peter Boogaard.

"At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety," he said, declining to elaborate further.

Several media reports identified the location of the attack as Springfield, the Illinois state capital. City officials said that was inaccurate but would not say where the water pump was located. The FBI spokesman handling the matter could not be reached.
Quoting from the one-page report, Weiss said it was not yet clear whether other networks had been hacked as a result of the breach at the U.S. software maker.

He said the manufacturer of that software keeps login credentials to the networks of its customers so that its staff can help them support those systems.

Workers at the targeted utility in central Illinois on November 8 noticed problems with the Supervisory Control and Data Acquisition System (SCADA), which manages the water supply system, and discovered that a water pump had been damaged, said Weiss, managing partner of Applied Control Solutions in Cupertino, California.

"It is unknown at this time the number of SCADA user names and passwords acquired from the software company's database and if any other additional SCADA systems have been attacked as a result of this theft," Weiss cited the report as saying.

(Reporting by Jim Finkle in Boston; Additional reporting by Jim Wolf, Andrew Stern and Diane Bartz; Editing by Steve Orlofsky)
http://www.reuters.com/article/2011/...7AH2C320111118





Glitches in Nationwide Emergency Alert Test

Last Wednesday the United States conducted its first ever nationwide test of its emergency alert system, but based on reports the test did not go smoothly.

Every radio station and television channel was to be interrupted for thirty seconds at exactly 2 PM EST, but that was not exactly the case. Instead of hearing the alert tone as the emergency alert title card was being displayed, some DirectTV subscribers were treated to Lady Gaga’s “Paparazzi.” Meanwhile some Comcast subscribers in Northern Virginia had their televisions switched to QVC during the test.

In New York the test never played for some Time Warner Cable subscribers, while for many in Los Angeles the test lasted nearly thirty minutes. Additionally, some channels like MTV never ran the test, while various local stations across the country were several minutes late.

After the emergency broadcasts, a Federal Emergency Management Agency officials speaking anonymously to the New York Times acknowledged the glitches explaining the point of the nationwide test was to find and fix such problems.

“We always knew that there would probably be some things that didn’t work and some things that did,” the official said.

In an official joint statement made forty minutes after the test was concluded, FEMA and the Federal Communications Commission said, “This initial test was the first time we have tested the reach and scope of this technology and additional improvements that should be made to the system as we move forward.”

“Only through comprehensively testing, analyzing and improving these technologies can we ensure an effective and reliable national emergency alert and warning system,” they added.

The agencies said they will work with media companies to “improve this current technology and build a robust, resilient and fully accessible next generation alerting system that can provide timely and accurate alerts to the American people.”
http://www.homelandsecuritynewswire....ncy-alert-test





The Rootkit Of All Evil – CIQ
egzthunder1

And the spy and invasion of privacy saga continues, but this time XDA Recognized Developer TrevE seems to have hit the very core of most of what is happening with devices. You may recall from a few articles back that we started talking about something called CIQ or Carrier iQ. This is, essentially, a piece of software that is embedded into most mobile devices, not just Android but Nokia, Blackberry, and likely many more. According to TrevE, the software is installed as a rootkit software in the RAM of devices where it resides. This software basically is completely hidden from view and in it virtually invisible, and worst of all, rather complicated to kill (some devices more so than others and you will see why in a few minutes). This is given root like rights over the device, which means that it can do everything it pleases and you will have nothing to say about it.

Why do we go into this? Well, a while back I was having some conversations back and forth with TrevE regarding all the HTC’s PoCs that he has been working on, and he started wondering about CIQ, as according to him, was one of the worst things that he had found in HTC’s code. So, he decided to start digging a little into this and found out that there is much more to be said regarding this software than even manufacturers will dare say. It turns out that CIQ is not exactly what many people don’t see (as it is hidden), but it is rather a very useful tool for system and network administrators. The tools is used to provide feedback and relevant data on several metrics that can help one of the aforementioned admins to troubleshoot and improve system and network performance. Point and case, the app seems to run in such a way that it allows the user to provide the input needed via surveys and other things. To put things in a more visual way, this is what CIQ should look like

And here is what CIQ actually looks like both in Samsung and HTC devices respectively

See the difference? Oh, and in case you are wondering, the first image is from a “virgin” copy of CIQ. Our beloved dev found a pristine copy of this along with a ton of information, including training videos, guides, and a whole bunch of material that will essentially make your hair stand straight up. There far more than just cosmetic changes in the versions above. The menus and surveys are completely stripped out in the HTC version and partially in the Samsung one, making it impossible to understand unless you truly know what you are looking at. For instance, the so called option to opt out of this is not present either at all in HTC devices and it is very difficult to turn off in Samsung devices. On top of that, you can see some events or triggers that will basically allow this app to collect data (thanks XDA Recognized Developer k0nane for your work on Samsung devices)

Known triggers found on HTC Phones:

Key in HTCDialer Pressed or Keyboard Keys pressed:
Intent – com.htc.android.iqagent.action.ui01
App Opened –
Intent – com.htc.android.iqagent.action.ui15

Sms Received –
Intent – com.htc.android.iqagent.action.smsnotify

Screen Off/On –
Intent – com.htc.android.iqagent.action.ui02

Call Received –
Intent – com.htc.android.iqagent.action.ui15

Media Statistics –
Intent – com.htc.android.iqagent.action.mp03

Location Statistics –
Intent – com.htc.android.iqagent.action.lc30
Known Samsung triggers provided by XDA member k0nane :
UI01: screen tapped in any location, or InputMethod (any soft keyboard) key pressed.
NT10: HTTP request read.
NT0F: HTTP request send.
UI11: unknown, located in the View class, which has its own IQClientThreadRunnable subclass.
AL34: loading started in a browser frame – URL.
AL35: loading started in a browser frame – data receive begin and end, page render begin and end.
AL36: data length.
(The above two are also found in LoadListener and WebViewCore classes. Web metrics are not found on the Skyrocket, but are on the Epic 4G and Epic 4G Touch.)
HW03: battery status changed. (Also not found on Skyrocket.)

Want more? The kind of “metrics” or data that this app can collect. In the original version of the app, the app is set to collect things such as network status, equipment ID and manufacturer, and much more. All this data is then pushed to a “portal” where the administrator can see, filter, accommodate, and virtually arrange all the metrics reported by the app in any way he/she sees fit. What is more, according to some of the training documents, CIQ can virtually consider anything as a metric, and record it. For instance (great example by TrevE), lets say a network admin is recording data for people with dropped calls in California at 5 pm. Because of all the metrics that could be obtained via the different triggers, that same network admin will not just know that you got a dropped call at 5 pm in California, but he/she will also know where in California you were located, what you were doing with your phone at that given time, how many times you accessed your apps until that time, and even what you have typed in your device (no, this last one is not an exaggeration, this thing can act as a key logger as well). Scared already? If not, here is a snippet of some of the metrics that this thing can gather

Since we have already presented enough facts, let us dive straight into the core of the issue. We have no voice at all on this issue. There is little that we can do about this data being collected without us rooting the device and breaking the warranties on them (not that we usually care about doing this anyways). But the problem is that all this data, all this information about you, how you use your device, your every day activities, everything you do with your device is logged and sold. Not too long ago, Verizon came forth (probably as they saw this coming) and decided to provide its customers with the option to opt out of this activity. Basically, preventing Big Red from selling your data (but not from collecting it). Sprint, on the other hand, has gone as far as denying its existence at one point. Now, we know that this is all part of the contract that you go into when you buy a phone from them, right? Wrong! According to Sprint, even if you were to buy a device straight out of eBay and have no service on Sprint (use it as a Wifi media player if you will), Sprint can still collect this data from you. You are bound and chained with them, even if you never planned on doing this.

Another point is the legality of the issues being raised with the kind of information that they collect. Some data can be meaningful for network performance and even for advertising purposes, but to monitor everything down to what you type, that is a little too much in this writer’s opinion. I mean, what kind of permissible purpose is out there that can allow a company to legally place a key logger on something and use it when you are not even getting service out of them? This is far beyond, at this point, the fact that the data could potentially be accessed, intercepted, or even loop holes being present in the code. This is a matter of our rights to privacy as consumers.

Protecting yourself from unfair practices will likely be frowned upon if you were to call Sprint right now and ask them for a way out. However, TrevE does provide a way to manually remove this stuff from some HTC devices while k0nane provides a full removal toolkit for several Samsung devices . Alternatively, there are custom roms out there that have the CIQ and other “services” removed. Please try those out if you are not too comfortable with manually editing stuff in your device.

This is a clear infringement of consumer rights in down to its core. Not being able to opt out is downright ridiculous and we would like to request that this is fixed in upcoming devices and software updates. Remember, we may not be the vast majority of your users/customers, but unfortunately for you, our communities are the ones who can make your sales efforts into a living nightmare. Consumers are the ultimate key holders and we suggest that you stop looking at us as dollar signs and more like people and customers. All in all, I am not for sale and my privacy is priceless.
http://www.xda-developers.com/androi...-all-evil-ciq/





More on Carrier IQ
azrienoch

This article intends to extrapolate the implications of egzthunder1’s article on Carrier IQ, and to comment on the responses by Carrier IQ, HTC, and Sprint, given in Russell Holly’s article on Geek.com.

The point–short, sweet, and at the beginning of the article–is that we do not get to choose whether this information is collected. Or who sees it. Authorized employees only? Marketing and polling firms? Law enforcement? All rhetorical questions, because we don’t know.

To be clear, the “information” I’m talking about are the Android intents logged by Carrier IQ, discovered by TrevE, which include your location, when you open an app and what app you open, what media you play and when you play it, when you receive an SMS, when you receive a call, when your screen turns off or on, and what keys you press in your phone dialer.

Assuming the best, these companies want to know every detail about you so that they can update services to bring you the best products possible. Note, however, that there is no log to show that the best product possible is one in which data about me is not collected.

If this data collection means little to you, think about this: If Google’s vision of Android@Home comes true, these companies will know when you eat, when you sleep, when your house is empty. They will know when you buy food by your refrigerator temperature, when and how you cook that food, and when you wash the dishes. They will know how long you spend in each room of your house, based on when you flip the light switch. And so on. That’s only the uses Google presented at Google I/O 2011.

Nevermind the very real possibility of exploits that would give criminals all this information. And still assuming the best, it’s not that we think Sprint employees would rob us based on all that information. The question is, who needs information like that, anyway? And who needs all the information currently gathered? Nobody with good intentions. While each of these companies may have good intentions, that’s still the impression. It’s also not that I think I, personally, would be incriminated by that data. It’s simply my life. Mine. No company has any excuse for stealing that. No matter the reason.

So I find it interesting that each company’s response blames someone else as an excuse for our data being collected. Carrier IQ says they provide a service that collects data, and what is done with that data is up to the manufacturers and carriers. HTC says they put it on their phones because the carriers tell them to. Sprint says it’s on their phones because we, their customers, obligate them to do so. And if there’s one certainty in any blame game, it’s that blame is used to minimize your own guilt.

Carrier IQ, you sound like J. Robert Oppenheimer on the day Hiroshima was bombed. HTC, if you refused to let it on your phones, you may get less money from carriers, but at least you won’t betray the people who want so desperately to fall in love with your work. (Though, based on your implementation of HTCLogger and TellHTC, I doubt you have the heartstrings to pull.) And Sprint, do not blame us. Not when you don’t give us the option to opt out. We gave you no obligation, because we gave you no permission.

Here is a list of options you have to begin regaining our trust, in order from most to least acceptable:

1) Discontinue automatic data collection and publicly apologize for abusing your customers.

2) Give us full–and I mean full–development access to our devices, including proprietary source codes, so we may offer people the best alternatives to your invasion of privacy.

3) Publicly disclose every single customer you sold our information to, what you sold them, and give us the names and business addresses of every person with access, current or past, to your Carrier IQ Portal.

4) Publicly disclose all the information gathered, in detail, and explain the exact methods used to keep our data anonymous. Oh, and make it anonymous, whether we opt in or not.*

5) Adopt a policy that allows anyone who cites privacy concerns to terminate their contract, no matter how far they are into the contract term, without any fees or payments outside what is owed up to that point.
http://www.xda-developers.com/androi...on-carrier-iq/





Stolen Government Certificate Used to Sign Malware
Paul Roberts

Certificate PDFF-Secure researchers claim that malware spreading via malicious PDF files is signed with a valid certificate stolen from the Government of Malaysia, in just the latest evidence that scammers are using gaps in the security of digital certificates to help spread malicious code.

The malware,identified by F-Secure as a Trojan horse program dubbed Agent.DTIW, was detected in a signed Adobe PDF file by the company's virus researchers recently. The malicious PDF was signed using a valid digital certificate for mardi.gov.my, the Agricultural Research and Development Institute of the Government of Malaysia. According to F-Secure, the Government of Malaysia confirmed that the certificate was legitimate and had been stolen "quite some time ago."

Valid digital certificates can be used to authenticate malicious programs and bypass operating system warnings designed to appear when users attempt to run the application.

According to F-Secure, the Agent.DTIW malware exploits a known vulnerability in Adobe Reader 8 to gain a foothold on a vulnerable system, then downloads additional malicious modules from a server at the domain worldnewsmagazines.org. Some of those malicious objects were also found to be signed, though using a certificate from a commercial Web site.

Stolen digital certifiicates are a more and more common element of malicious software, security researchers say. The Stuxnet malware famously used stolen digital certificates to bypass security protections on systems it infected. (). Recent months have also seen attacks leveraged at certificate authorities and their affiliates, presumably by attackers who want the ability to generate valid certificates for high profiile domains that might later be used in man-in-the-middle type attacks. Certificates like the Dutch firms Diginotar and KPN were compromised in such attacks, as was the CA Comodo. Certificate authorities and forged digital certificates have figured prominently in the news recently.

You can read more on F-Secure's blog here.
https://threatpost.com/en_us/blogs/s...malware-111411





Judge Declares Law Governing Warrantless Cellphone Tracking Unconstitutional
Julia Angwin

In a succinct one-page ruling, U.S. District Court Judge Lynn N. Hughes of the Southern District of Texas declared that the law authorizing the government to obtain cellphone records without a search warrant was unconstitutional.

“The records would show the date, time, called number, and location of the telephone when the call was made,” Judge Hughes wrote in the decision, dated Nov. 11. “These data are constitutionally protected from this intrusion.”

Judge Hughes’ decision comes as the U.S. government is facing increasing judicial challenges to its practice of obtaining information about the location of individuals without a search warrant. Last week, the Supreme Court heard oral arguments in a case where the government placed a GPS tracking device under a vehicle and monitored the driver’s movements for a month without a search warrant.

During the argument, Chief Justice John Roberts said to Michael Dreeben, deputy solicitor general of the Justice Department: “If you win this case then there is nothing to prevent the police or the government from monitoring 24 hours a day the public movement of every citizen of the United States.” The Justice Department argues that people have no expectation of privacy on public roads.

Cellphone records are governed by the Electronic Communications Privacy Act, a 1986 law that permits law enforcement officers to obtain certain digital records – such as some e-mail and cellphone records – without a search warrant. A coalition of technology companies—including Google Inc., Microsoft Corp. and AT&T Corp.—is lobbying Congress to update the law to require search warrants in more digital investigations.

At the same time, judges in lower courts have been questioning the constitutionality of the law, which only requires officers to show “specific and articulable facts” the electronic records sought are “relevant and material” to an ongoing investigation. For physical searches of a person’s home, the government is required to show probable cause that a crime was committed and obtain a search warrant.

Since 2005, more than a dozen magistrate judges have written opinions denying applications for court orders to track cellphones without search warrants. The nation’s roughly 500 magistrate judges handle applications for search warrants and other types of electronic surveillance in federal courts.

Of course, some have upheld warrantless searches. Last week, U.S. District Court Judge Liam O’Grady ruled that the government could obtain data from the Twitter accounts of three WikiLeaks without a search warrant.

Last year, Magistrate Judge Stephen Smith of U.S. District Court in the Southern District of Texas issued an opinion denying the government access to 60 days worth of information about a cellphone subscriber’s location and phone calls, without a search warrant.

Magistrate Judge Smith wrote that although cellphone tracking wasn’t envisioned by the writers of the Constitution, it had become so precise and pervasive that “for a cellphone user born in 1984, however, it is now conceivable that every movement of his adult life can be imperceptibly captured, compiled, and retrieved from a digital dossier somewhere in a computer cloud. Now as then, the Fourth Amendment remains our polestar.”

The government appealed, saying that the Fourth Amendment, which protects against unreasonable searches and seizures, does not apply because “a customer has no privacy interest in business records held by a cell phone provider, as they are not the customer’s private papers.” The government also challenged Judge Smith’s description of the accuracy of location tracking as “inaccurate or misleading,” and submitted an affidavit from cellular provider MetroPCS Wireless Inc. stating that the average coverage radius of its cellular towers was about “one or two miles.”

The district court ruling was short, but declarative. It affirmed Magistrate Judge Smith’s decision on constitutional grounds. “When the government requests records from cellular services, data disclosing the location of the telephone at the time of particular calls may be acquired only by a warrant issued on probable cause,” Judge Hughes wrote. “The standard under the [existing law] is below that required by the Constitution.”
http://blogs.wsj.com/digits/2011/11/...onstitutional/





Pirate Bay Lawyer to Take Over Assange Defence

Julian Assange has dumped his Swedish lawyer in favour of a new defence team which includes an attorney involved in the Pirate Bay trial, as the WikiLeaks founder continues to fight his extradition to Sweden to face questioning over sex crimes accusations.

In a petition filed with the Stockholm District Court on Thursday, Assange said he wanted to work with attorneys Per E. Samuelson and Thomas Olsson rather than Björn Hurtig, who has representated Assange since September 2010.

Olsson told the TT news agency that he's only had contact with Assange for a short period of time.

“He'll have to explain his motivation behind changing defenders,” said Olsson.

Olsson has now begun reviewing Assange's case, including the details of the sex crimes allegations against him – and plans to provide his view on the case at the beginning of next week.

He refused to speculate, however, on whether the decision to changes attorneys had any connection to plans Assange may have to come to Sweden.

On Tuesday, Assange applied for Britain's Supreme Court to hear his appeal against a decision by the High Court in London ruling that the 40-year-old Australian could be sent to Sweden to face questioning over claims of rape and sexual assault made by two women.

Hurtig said that there is “absolutely no” conflict between him and Assange that lies behind the decision to change lawyers.

“You'll have to ask him why he's decided to change. But it's not unusual that someone change lawyers and he's chosen two superb new representatives. I wish him the best of luck,” Hurtig told TT.

Hurtig was also unaware as to whether the change of attorneys had anything do to with the possibility that Assange may be coming to Sweden before the expected December 5th decision by the Supreme Court in Britain about whether or not it will take up Assange's case.

Hurtig took over the Assange case in September 2010 after the WikiLeaks founder dropped Leif Silbersky due to difficulties staying in contact with the attorney.

Samuelson previously represented financier Carl Lundström, one of the four defendants in the 2009 Pirate Bay trial, all of whom were found guilty of being an "accessory to breaching copyright law".

Olsson has previously represented Thomas Quick, a convicted Swedish serial killer currently serving a life term in a psychiatric institution after being convicted of eight murders committed between 1976 and 1988.

However, after withdrawing his confessions in 2008 he has been granted several retrials and been acquitted of two of the killings.
http://www.thelocal.se/37426/20111118/





Former Presidential Nominee Calls for Abolishment of TSA and DHS

George McGovern, the former Senator from South Dakota and the Democratic presidential candidate in 1972, is calling for the abolishment of the Transportation Security Administration (TSA) as well as DHS.

In his new book, “What It Means to be a Democrat,” McGovern describes existing airport security measures as “ridiculous.” He writes, “We live with too much fear and not enough common sense.”

“The whole silliness of our response is exemplified by what has happened at our airports,” he argues. “Once sources of architectural pride, air terminals are now barricaded behind concrete. Inside we are required to remove our shoes and belts, hand over our gels and liquids and submit to body scans — with the ante being raised each time there’s a new scare.”

With the tenth anniversary of the creation of TSA approaching on 19 November, McGovern is not the only one criticizing the agency. Representative John Mica (R – Florida), one of the authors of the bill that created TSA and a vocal critic of the agency, released a report on Wednesday that argues TSA needs to be drastically reformed.

The Congressional report, titled “A Decade Later: A Call for TSA Reform,” blasted TSA calling it “bloated” and “inefficient.”

In unveiling the report, Mica said Congress never intended the agency to balloon into an organization with 65,000 employees, “top heavy” with bureaucrats.”

“I can tell you, in our wildest dreams … no one ever envisioned 4,000 administrative personnel in Washington, D.C., making on average … almost $104,000, and then nearly another 10,000 out in the field,” Mica said.

McGovern expressed similar distaste for TSA in his book writing, “What upsets me the most is when I see an elderly woman trying her darnedest to comply with these ridiculous rules. As if she could possibly be harboring an explosive in her suitcase.”

“Now that our initial distress over 9/11 has dissipated, I suggest that we stop this needless hassle, a palliative that costs $7 billion a year and rising,” he said.

In his book, McGovern also blasted DHS.

“To my mind, in fact, the entire Homeland Security department — with its more than 200,000 employees and more than $42 billion budget — ought to be dissolved,” he argued. “The third largest Cabinet department, it sprang from 9/11’s shock waves to put the agencies that deal with counterterrorism, including airport safety, under one roof.”

“I believe we should leave the business of protecting the American public from terrorist attacks to the FBI, the CIA and our police departments,” McGovern continued. “The FBI has a vibrant counterterrorism branch but somehow manages to stay independent.”

In response to Mica’s congressional report, Greg Soule, a spokesman for TSA defended the agency, calling the report “an unfortunate disservice to the dedicated men and women of TSA who are on the front lines every day protecting the traveling public.”

Soule added that the U.S. aviation system is now “safer, stronger, and more secure than it was 10 years ago.”
http://www.homelandsecuritynewswire....of-tsa-and-dhs





Full Disk Encryption is Too Good, Says US Intelligence Agency
Sebastian Anthony

You might be shocked to learn this, but when a quivering-lipped Chloe from 24 cracks the encryption on a terrorist’s hard drive in 30 seconds, the TV show is faking it. “So what? It’s just a TV show.” Well, yes, but it turns out that real federal intelligence agencies, like the FBI, CIA, and NSA, also have a problem cracking encrypted hard disks — and according to a new research paper, this is a serious risk to national security.

The study, titled “The growing impact of full disk encryption on digital forensics,” illustrates the difficulty that CSI teams have in obtaining enough digital data to build a solid case against criminals. According to the researchers, one of which is a member of US-CERT — the US government’s primary defense against internet and digital threats — there are three main problems with full disk encryption (FDE): First, evidence-gathering goons can turn off a computer (for transportation) without realizing it’s encrypted, and thus can’t get back at the data (unless the arrestee gives up his password, which he doesn’t have to do); second, if the analysis team doesn’t know that the disk is encrypted, it can waste hours trying to read something that’s ultimately unreadable; and finally, in the case of hardware-level disk encryption, tampering with the device can trigger self-destruction of the data.

The paper does go on to suggest some ways to ameliorate these issues, though: Better awareness at the evidence-gathering stage would help, but it also suggests “on-scene forensic acquisition” of data, which involves ripping unencrypted data from volatile, live memory (with the cryogenic RAM freezing technique, presumably). Ultimately, though, the researchers aren’t hopeful: “Research is needed to develop new techniques and technology for breaking or bypassing full disk encryption,” concludes the paper.

It’s a tough situation: On the one hand, being able to crack full disk encryption is vital for the prosecution of white-collar criminals, child porn ringleaders, pharmaceutical spam barons, and the curtailment of terrorism — but on the other, it’s quite satisfying to know that, perhaps at long last, we have a way of escaping the ireful eye of Big Brother.
http://www.extremetech.com/computing...ligence-agency





Rambus Defeat Raises Doubts, Challenges Loyalty
Noel Randewich

Long-time Rambus investors licked their wounds and pondered their loyalty on Thursday after a crushing legal defeat that underscores the risks companies face when they rely heavily on litigation.

Retiree Jim Rockwell lost 80 percent of his savings on Wednesday when Rambus was defeated in a $4 billion antitrust lawsuit against Micron Technology and Hynix Semiconductor.

"I thought 80 percent that Rambus would win something. I didn't think they'd win nothing," said Rockwell, who lives in Orange. Connecticut and has invested in Rambus for more than a decade. "I don't know what I'm going to do now."

Nearly two thirds of Rambus' stock value evaporated after jurors emerged from over eight weeks of deliberation and rejected claims by Rambus that Micron and Hynix colluded to fix memory chip prices and discourage the adoption of its technology in the late 1990s, which they would have had to pay to use.

Shares of Rambus bounced back somewhat on Thursday with a 23 percent gain to $8.78, leaving them at about half their pre-verdict price.

The Sunnyvale, California company's goal has been to generate revenue by licensing its intellectual property to other memory chip companies rather than manufacturing chips itself.

The importance of patents has heated up this year, with tech giants like Apple, Samsung and Sony spending billions of dollars to acquire patents related to smartphones and other gadgets or suing rivals over intellectual property.

Companies that specialize in acquiring patents and then licensing them out are also attracting more attention. Some are seen as potentially lucrative, like Acacia Research. But Rambus' defeat underscores the volatile nature of that sort of business.

"Companies that make money off of patents rather than products face significant risks to their business model as each important case, in a sense, is a bet-the-company litigation," said Colleen Chien, a professor at Santa Clara Law.

"This case shows me that a business model built on litigation and licensing is anything but a sure thing," Chien said.

David And Goliath

Rambus has run up more than $300 million in legal bills since it was founded by two professors in 1990, equivalent to $1 million per employee. It has sued the biggest names in the business for infringing some of its more than 1,000 patents.

Rockwell and other supporters over the years have seen Rambus as a David battling semiconductor Goliaths. During the trial, shareholders chipped in to pay for the lunches of members who attended the trial and posted progress reports.

Wednesday's verdict, which may be appealed, was the culmination of years legal fighting and the loss leaves Rambus with a smattering of lower-profile patent cases and ongoing revenue of about $100 million a quarter from licensing agreements.

It was the second major defeat for the Silicon Valley semiconductor designer this year. In May, a court ruled it had been wrong to shred hundreds of boxes of documents relevant to two patent-infringement lawsuits involving Micron and Hynix.

Hamed Khorsand, one of a handful of analysts who follows Rambus, still recommends its shares, saying he expects more licensing revenues, including through the recent acquisition of security technology firm Cryptography Research.

"The (jury) decision clears out investors scavenging for a court mandated windfall. Now that the lotto ticket has come up empty, the focus of remaining investors will turn to the core operating business at Rambus," said Khorsand, who works at BWS Financial.

Capstone Investments analyst Jeff Schreiner dropped coverage of Rambus within minutes of Wednesday's verdict, saying there was no point continuing to follow the company he dedicated 10 years to.

(Reporting by Noel Randewich. Additional reporting by Dan Levine)
http://www.reuters.com/article/2011/...7AG2JB20111117





Patent Trolls Cost Businesses $80 Billion Per Year, Study Finds
Katherine Noyes

For those of us who follow the tech industry closely, patents are a touchy subject lately thanks to all the litigation going on over software patents.

This is particularly true in the mobile arena, where companies including Apple and Microsoft have been especially enthusiastic in their use of patents as leverage over their competitors.

Of course, it's one thing for a company with products to protect to begin asserting patents against others; it's quite another, however, for companies to buy and assert patents without producing any goods of their own.

“Patent troll” is the name typically given to firms in this latter category, and--according to a new study--they're depriving technology businesses of more than $80 billion per year, to the detriment of small inventors and society as a whole.

Half a Trillion Dollars

“Non-practicing entities” (NPEs) is the polite name given to patent trolls by Boston University School of Law researchers James Bessen, Jennifer Ford, and Michael Meurer, whose paper, “The Private and Social Costs of Patent Trolls” (PDF), will soon be published in the journal Regulation.

Whereas such firms once helped enable technology markets and boost the profits small inventors could earn from their inventions, that's no longer the case, the authors argue. Rather, today's NPEs assert patents “on an unprecedented scale,” they write, involving thousands of defendants every year in hundreds of lawsuits.

The researchers studied the effect of patent lawsuits on defendants' wealth by examining the stock price of those companies around the time the lawsuits in question were filed. After factoring out market trends and random factors, they found that between 1990 and 2010, NPE lawsuits are associated with half a trillion dollars in lost wealth to defendants.

'They Decrease Incentives for Innovation'

Over the past four years, in fact, that lost wealth averaged more than $80 billion per year--primarily at the expense of technology companies that invest heavily in R&D.

Such litigation typically focuses on software and related technologies, the authors note; most often, it targets firms that have already developed technology. Particularly telling is that “the loss of incentives to the defendant firms is not matched by an increase in incentives to other inventors,” they write.

The bottom line is that patent trolls are simply exploiting weaknesses in the patent system without adding value, the study concludes. In fact, they harm society by doing so: “While the lawsuits increase incentives to acquire vague, over-reaching patents, they decrease incentives for real innovation overall,” the researchers explain.

'Fuzzy Boundaries'

It's easy to lay blame at the feet of the patent trolls themselves, of course, but the authors of this study point squarely at the “fuzzy boundaries” and unclear scope of patents on software and business methods, in particular.

I couldn't agree more. We're all paying a heavy price for this broken patent system. It's long past time to abolish software patents, once and for all.
https://www.pcworld.com/businesscent...y_find s.html





Sitting At Computer Healthier Than Sitting At TV

Study says watching TV leads to cardio-metabolic problems
William Weir

Sedentary behavior is bad for you, science tells us, but not all sedentary behavior is equally bad.

Sitting at a computer for long periods of time isn't particularly healthy, but it's not as bad as watching TV, according to a new study in BMC Public Health. http://bit.ly/lHPTYr

Researchers at Queen's University in Ontario, Canada, found that children who watch a lot of TV have a higher risk of cardio-metabolic problems. Computer use, however, didn't have any effect in this regard.

Valerie Carson, a doctoral candidate in the School of Kinesiology and Health Studies at Queen's, said one possibility for the differences in health impact is that TV watching is close to the bottom of energy- expending activities. Another is that it encourages between-meal snacking.
http://www.courant.com/health/connec...,1775166.story





Swedish Toddlers Surf the Internet in Droves: Report

Every other Swedish 3-year-old uses the internet, more than 50 percent of Swedes use Facebook, and there are more computers than people in Sweden, according to a new study.

“It is clear that specific services totally dominate certain areas. Take for example Google, where 97 percent of internet users at some point use the service,” said Janne Elvelid, project manager for the report at the Internet Infrastructure Foundation (Stiftelsen för Internetinfrastruktur -.SE).

"It will be exciting to see if these dominant services manage to keep hold of their position," he said.

Young Swedes are especially keen on music streaming platform Spotify, which almost 90 percent of 16-25-year-olds use on a daily basis. YouTube is also popular, with 99 percent of internet users under 25 using the site.

Since the year 2000, the World Internet Institute has gathered information about people’s use of information and communication technology around the globe.

In Sweden, the main contribution to this data is the study "Svenskarna och Internet" (Swedes and the Internet), which is based on 2000 phone interviews with randomly selected Swedes, age 16 and older.

Some 46 percent of Swedes also reported that they are regular readers of blogs, with the practice more popular among women than men.

Many of those keeping blogs are in the younger age groups, with a third of girls aged 12-15 writing their own blog.

The study shows a general trend towards internet use among Swedes at an increasing young age. Half of Swedish three-year-olds use the internet and almost a fifth of 4 and 5-year-olds use the internet on a daily basis.

The number of Swedes using mobile internet has furthermore doubled over the year, something that Janne Elvelid had been anticipating.

“Finally we see the awaited breakthrough of internet usage in the mobile phone,” he said in a statement.

The study showed that 36 percent of the population over the age of 12 use the internet in mobile devices, compared to around 20 percent previously.

Generally, Swedes use the internet about 20 hours a week, and mainly for looking up addresses and for general searches for information and facts.

External link: Full study as PDF (summary in English) »
http://www.thelocal.se/37384/20111116/

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

November 12th, November 5th, October 29th, October 22nd

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public." - Hugo Black
__________________
Thanks For Sharing
JackSpratts is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 09:20 AM.

Contact Us - www.p2p-zone.com - Top

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)